Version 1 (modified by AnonymousPoster, 3 weeks ago) ( diff )


Wiki's under this subject


    It is worth mentioning that Unbound have been working on supporting Response policy zone (RPZ), and they have finally merged the work. See this ​PullRequest at GH.

    According to there response on when they would like to release this, it should be witin February 2020.

    Setup Response Policy Zone

    The following setup guidance is based on doc/ in the above PR on GH

    # Response Policy Zones
    # RPZ policies. Applied in order of configuration. QNAME and Response IP
    # Address trigger are the only supported triggers. Supported actions are:
    # NXDOMAIN, NODATA, PASSTHRU, DROP and Local Data. Policies can be loaded from
    # file, using zone transfer, or using HTTP. The respip module needs to be added
    # to the module-config, e.g.: module-config: "respip validator iterator".
        name: ""
        zonefile: ""
        master: # IPv4
        master: # IPv6
        rpz-action-override: NXDOMAIN
        rpz-log: yes
        rpz-log-name: "example policy"
        tags: "example"

    Now save this in your conf dir as

    That should be about it :)

    Note: See TracWiki for help on using the wiki.