On 04/18/2018 11:37 PM, Blason R wrote:
I need to wall garden the malicious Domain request and instead route to that server itself.
I assume that you are saying that you need to 1) filter malicious domains and 2) you want requests for them to be resolved to your (DNS?) server.
e.g. my DNS server IP is 192.168.5.47 and would like to wall-garden the request and provide the IP 192.168.5.47 since I have 0.3 million domains specifying IP in front of them would not be a good option.
What do you mean by "specifying IP in front of them would not be a good option"? Are you saying that you don't want to have "$domain A 192.168.5.47" entries for all 300k domains?
Without doing anything, BIND will resolve the domains normally. So you will need to do something to each of the domains to cause the RPZ to not resolve the domains normally. This usually means that you will need to specify an alternate IP or CNAME for each and every one of them. I don't see a way around this.
Can you please suggest me the way to do that?
Please elaborate on what you are wanting to do and not do. -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
