Hello,
I have a basic question regarding RPZ on Bind 9.11.x.
Is it possible to re-write a response on a reverse lookup ? For instance, if I
considered example.com a “bad domain”, can I write a RPZ policy so that a
reverse lookup of IP’s that map to example.com fails or is blocked ?
I know I can do this with a forward lookup to generate NXDOMAIN:
; Forward resolution of: example.com and subdomains generates: NXDOMAIN
example.com IN CNAME .
*.example.com IN CNAME .
…but can this also be done on reverse lookups ?
Thanks,
- J
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users