1 ; config options 2 server: 3 module-config: "respip validator iterator" 4 target-fetch-policy: "0 0 0 0 0" 5 qname-minimisation: no 6 rrset-roundrobin: no 7 8 rpz: 9 name: "rpz.example.com." 10 master: 10.20.30.40 11 zonefile: 12 TEMPFILE_NAME rpz.example.com 13 TEMPFILE_CONTENTS rpz.example.com 14 $ORIGIN rpz.example.com. 15 a IN CNAME *. 16 c IN TXT "hello from initial RPZ" 17 c IN TXT "another hello from initial RPZ" 18 d IN CNAME . 19 32.1.123.0.10.rpz-ip CNAME *. 20 32.3.123.0.10.rpz-ip A 10.66.0.3 21 32.3.123.0.10.rpz-ip A 10.66.0.4 22 32.4.123.0.10.rpz-ip CNAME . 23 TEMPFILE_END 24 25 stub-zone: 26 name: "." 27 stub-addr: 10.20.30.40 28 29 CONFIG_END 30 31 SCENARIO_BEGIN Test RPZ QNAME trigger, loaded using AXFR 32 33 RANGE_BEGIN 0 100 34 ADDRESS 10.20.30.40 35 36 ENTRY_BEGIN 37 MATCH opcode qname qtype 38 ADJUST copy_id 39 REPLY QR NOERROR AA 40 SECTION QUESTION 41 . IN NS 42 SECTION ANSWER 43 . IN NS ns. 44 SECTION ADDITIONAL 45 ns. IN NS 10.20.30.40 46 ENTRY_END 47 48 ENTRY_BEGIN 49 MATCH opcode qname qtype 50 ADJUST copy_id 51 REPLY QR NOERROR AA 52 SECTION QUESTION 53 b. IN TXT 54 SECTION ANSWER 55 b. TXT "hello from upstream" 56 ENTRY_END 57 58 ENTRY_BEGIN 59 MATCH opcode qname qtype 60 ADJUST copy_id 61 REPLY QR NOERROR AA 62 SECTION QUESTION 63 d. IN TXT 64 SECTION ANSWER 65 d. TXT "hello from upstream" 66 ENTRY_END 67 68 ENTRY_BEGIN 69 MATCH opcode qname qtype 70 ADJUST copy_id 71 REPLY QR NOERROR AA 72 SECTION QUESTION 73 a.rpz-ip. IN A 74 SECTION ANSWER 75 a.rpz-ip. IN A 10.0.123.1 76 ENTRY_END 77 78 ENTRY_BEGIN 79 MATCH opcode qname qtype 80 ADJUST copy_id 81 REPLY QR NOERROR AA 82 SECTION QUESTION 83 c.rpz-ip. IN A 84 SECTION ANSWER 85 c.rpz-ip. IN A 10.0.123.3 86 ENTRY_END 87 88 ENTRY_BEGIN 89 MATCH opcode qname qtype 90 ADJUST copy_id 91 REPLY QR NOERROR AA 92 SECTION QUESTION 93 d.rpz-ip. IN A 94 SECTION ANSWER 95 d.rpz-ip. IN A 10.0.123.4 96 ENTRY_END 97 98 ENTRY_BEGIN 99 MATCH opcode qname qtype 100 ADJUST copy_id 101 REPLY QR AA NOERROR 102 SECTION QUESTION 103 rpz.example.com. IN SOA 104 SECTION ANSWER 105 rpz.example.com. IN SOA ns.rpz.example.com. hostmaster.rpz.example.com. 1 3600 900 86400 3600 106 ENTRY_END 107 108 ENTRY_BEGIN 109 MATCH opcode qname qtype 110 ADJUST copy_id 111 REPLY QR AA NOERROR 112 SECTION QUESTION 113 rpz.example.com. IN AXFR 114 SECTION ANSWER 115 rpz.example.com. IN SOA ns.rpz.example.com. hostmaster.rpz.example.com. 1 3600 900 86400 3600 116 b.rpz.example.com. TXT "hello from RPZ" 117 c.rpz.example.com. TXT "hello from RPZ" 118 a.rpz.example.com. CNAME . 119 32.1.123.0.10.rpz-ip.rpz.example.com. CNAME . 120 32.3.123.0.10.rpz-ip.rpz.example.com. A 10.66.0.5 121 32.3.123.0.10.rpz-ip.rpz.example.com. A 10.66.0.6 122 rpz.example.com. IN SOA ns.rpz.example.com. hostmaster.rpz.example.com. 1 3600 900 86400 3600 123 ENTRY_END 124 125 RANGE_END 126 127 STEP 1 QUERY 128 ENTRY_BEGIN 129 REPLY RD 130 SECTION QUESTION 131 b. IN TXT 132 ENTRY_END 133 134 STEP 2 CHECK_ANSWER 135 ENTRY_BEGIN 136 MATCH all 137 REPLY QR RD RA NOERROR 138 SECTION QUESTION 139 b. IN TXT 140 SECTION ANSWER 141 b. IN TXT "hello from upstream" 142 ENTRY_END 143 144 STEP 3 QUERY 145 ENTRY_BEGIN 146 REPLY RD 147 SECTION QUESTION 148 a. IN TXT 149 ENTRY_END 150 151 STEP 4 CHECK_ANSWER 152 ENTRY_BEGIN 153 MATCH all 154 REPLY QR RD RA AA NOERROR 155 SECTION QUESTION 156 a. IN TXT 157 SECTION ANSWER 158 ENTRY_END 159 160 STEP 5 QUERY 161 ENTRY_BEGIN 162 REPLY RD 163 SECTION QUESTION 164 a.rpz-ip. IN A 165 ENTRY_END 166 167 STEP 6 CHECK_ANSWER 168 ENTRY_BEGIN 169 MATCH all 170 REPLY QR RD RA NOERROR 171 SECTION QUESTION 172 a.rpz-ip. IN A 173 SECTION ANSWER 174 ENTRY_END 175 176 STEP 7 QUERY 177 ENTRY_BEGIN 178 REPLY RD 179 SECTION QUESTION 180 c. IN TXT 181 ENTRY_END 182 183 STEP 8 CHECK_ANSWER 184 ENTRY_BEGIN 185 MATCH all 186 REPLY QR RD RA AA NOERROR 187 SECTION QUESTION 188 c. IN TXT 189 SECTION ANSWER 190 c. IN TXT "another hello from initial RPZ" 191 c. IN TXT "hello from initial RPZ" 192 ENTRY_END 193 194 STEP 9 QUERY 195 ENTRY_BEGIN 196 REPLY RD 197 SECTION QUESTION 198 c.rpz-ip. IN A 199 ENTRY_END 200 201 STEP 10 CHECK_ANSWER 202 ENTRY_BEGIN 203 MATCH all 204 REPLY QR RD RA NOERROR 205 SECTION QUESTION 206 c.rpz-ip. IN A 207 SECTION ANSWER 208 c.rpz-ip. IN A 10.66.0.4 209 c.rpz-ip. IN A 10.66.0.3 210 ENTRY_END 211 212 STEP 11 QUERY 213 ENTRY_BEGIN 214 REPLY RD 215 SECTION QUESTION 216 d. IN TXT 217 ENTRY_END 218 219 STEP 12 CHECK_ANSWER 220 ENTRY_BEGIN 221 MATCH all 222 REPLY QR RD RA AA NXDOMAIN 223 SECTION QUESTION 224 d. IN TXT 225 ENTRY_END 226 227 STEP 13 QUERY 228 ENTRY_BEGIN 229 REPLY RD 230 SECTION QUESTION 231 d.rpz-ip. IN A 232 ENTRY_END 233 234 STEP 14 CHECK_ANSWER 235 ENTRY_BEGIN 236 MATCH all 237 REPLY QR RD RA NXDOMAIN 238 SECTION QUESTION 239 d.rpz-ip. IN A 240 ENTRY_END 241 242 STEP 30 TIME_PASSES ELAPSE 10 243 STEP 40 TRAFFIC 244 245 STEP 50 QUERY 246 ENTRY_BEGIN 247 REPLY RD 248 SECTION QUESTION 249 b. IN TXT 250 ENTRY_END 251 252 STEP 51 CHECK_ANSWER 253 ENTRY_BEGIN 254 MATCH all 255 REPLY QR RD RA AA NOERROR 256 SECTION QUESTION 257 b. IN TXT 258 SECTION ANSWER 259 b. IN TXT "hello from RPZ" 260 ENTRY_END 261 262 STEP 52 QUERY 263 ENTRY_BEGIN 264 REPLY RD 265 SECTION QUESTION 266 a. IN TXT 267 ENTRY_END 268 269 STEP 53 CHECK_ANSWER 270 ENTRY_BEGIN 271 MATCH all 272 REPLY QR RD RA AA NXDOMAIN 273 SECTION QUESTION 274 a. IN TXT 275 SECTION ANSWER 276 ENTRY_END 277 278 STEP 54 QUERY 279 ENTRY_BEGIN 280 REPLY RD 281 SECTION QUESTION 282 a.rpz-ip. IN A 283 ENTRY_END 284 285 STEP 55 CHECK_ANSWER 286 ENTRY_BEGIN 287 MATCH all 288 REPLY QR RD RA NXDOMAIN 289 SECTION QUESTION 290 a.rpz-ip. IN A 291 SECTION ANSWER 292 ENTRY_END 293 294 STEP 56 QUERY 295 ENTRY_BEGIN 296 REPLY RD 297 SECTION QUESTION 298 c. IN TXT 299 ENTRY_END 300 301 STEP 57 CHECK_ANSWER 302 ENTRY_BEGIN 303 MATCH all 304 REPLY QR RD RA AA NOERROR 305 SECTION QUESTION 306 c. IN TXT 307 SECTION ANSWER 308 c. IN TXT "hello from RPZ" 309 ENTRY_END 310 311 STEP 58 QUERY 312 ENTRY_BEGIN 313 REPLY RD 314 SECTION QUESTION 315 c.rpz-ip. IN A 316 ENTRY_END 317 318 STEP 59 CHECK_ANSWER 319 ENTRY_BEGIN 320 MATCH all 321 REPLY QR RD RA NOERROR 322 SECTION QUESTION 323 c.rpz-ip. IN A 324 SECTION ANSWER 325 c.rpz-ip. IN A 10.66.0.6 326 c.rpz-ip. IN A 10.66.0.5 327 ENTRY_END 328 329 STEP 60 QUERY 330 ENTRY_BEGIN 331 REPLY RD 332 SECTION QUESTION 333 d. IN TXT 334 ENTRY_END 335 336 STEP 61 CHECK_ANSWER 337 ENTRY_BEGIN 338 MATCH all 339 REPLY QR RD RA NOERROR 340 SECTION QUESTION 341 d. IN TXT 342 SECTION ANSWER 343 d. IN TXT "hello from upstream" 344 ENTRY_END 345 346 STEP 62 QUERY 347 ENTRY_BEGIN 348 REPLY RD 349 SECTION QUESTION 350 d.rpz-ip. IN A 351 ENTRY_END 352 353 STEP 63 CHECK_ANSWER 354 ENTRY_BEGIN 355 MATCH all 356 REPLY QR RD RA NOERROR 357 SECTION QUESTION 358 d.rpz-ip. IN A 359 SECTION ANSWER 360 d.rpz-ip. IN A 10.0.123.4 361 ENTRY_END 362 363 SCENARIO_END 364
Indexes created Fri Jun 26 00:24:39 UTC 2026