1 ; config options 2 server: 3 module-config: "respip validator iterator" 4 target-fetch-policy: "0 0 0 0 0" 5 qname-minimisation: no 6 access-control: 192.0.0.0/8 allow 7 8 rpz: 9 name: "rpz.example.com." 10 rpz-log: yes 11 rpz-log-name: "rpz.example.com" 12 rpz-action-override: passthru 13 zonefile: 14 TEMPFILE_NAME rpz.example.com 15 TEMPFILE_CONTENTS rpz.example.com 16 $ORIGIN example.com. 17 rpz 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( 18 1379078166 28800 7200 604800 7200 ) 19 3600 IN NS ns1.rpz.example.com. 20 3600 IN NS ns2.rpz.example.com. 21 $ORIGIN rpz.example.com. 22 c.a TXT "local data 1st zone" 23 d.a A 127.0.0.1 24 TEMPFILE_END 25 26 rpz: 27 name: "wl.example.com." 28 rpz-log: yes 29 rpz-log-name: "wl.example.com" 30 zonefile: 31 TEMPFILE_NAME wl.example.com 32 TEMPFILE_CONTENTS wl.example.com 33 $ORIGIN example.com. 34 wl 3600 IN SOA ns1.wl.example.com. hostmaster.wl.example.com. ( 35 1379078166 28800 7200 604800 7200 ) 36 3600 IN NS ns1.wl.example.com. 37 3600 IN NS ns2.wl.example.com. 38 $ORIGIN wl.example.com. 39 e.a CNAME rpz-passthru. 40 TEMPFILE_END 41 42 rpz: 43 name: "rpz2.example.com." 44 rpz-log: yes 45 rpz-log-name: "rpz2.example.com" 46 rpz-action-override: nxdomain 47 zonefile: 48 TEMPFILE_NAME rpz2.example.com 49 TEMPFILE_CONTENTS rpz2.example.com 50 $ORIGIN example.com. 51 rpz2 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( 52 1379078166 28800 7200 604800 7200 ) 53 3600 IN NS ns1.rpz.example.com. 54 3600 IN NS ns2.rpz.example.com. 55 $ORIGIN rpz2.example.com. 56 c.a TXT "local data 2nd zone" 57 24.0.5.0.192.rpz-client-ip A 127.0.0.1 58 24.0.5.0.192.rpz-client-ip TXT "clientip 2nd zone" 59 24.0.3.2.1.rpz-ip A 127.0.0.2 60 TEMPFILE_END 61 62 stub-zone: 63 name: "a." 64 stub-addr: 10.20.30.40 65 CONFIG_END 66 67 SCENARIO_BEGIN Test RPZ passthru ends processing for later triggers. 68 69 ; a. 70 RANGE_BEGIN 0 1000 71 ADDRESS 10.20.30.40 72 ENTRY_BEGIN 73 MATCH opcode qtype qname 74 ADJUST copy_id 75 REPLY QR NOERROR 76 SECTION QUESTION 77 c.a. IN TXT 78 SECTION ANSWER 79 c.a. IN TXT "answer from upstream ns" 80 ENTRY_END 81 82 ENTRY_BEGIN 83 MATCH opcode qtype qname 84 ADJUST copy_id 85 REPLY QR NOERROR 86 SECTION QUESTION 87 d.a. IN A 88 SECTION ANSWER 89 d.a. IN A 1.2.3.4 90 ENTRY_END 91 92 ENTRY_BEGIN 93 MATCH opcode qtype qname 94 ADJUST copy_id 95 REPLY QR NOERROR 96 SECTION QUESTION 97 e.a. IN A 98 SECTION ANSWER 99 e.a. IN A 1.2.3.4 100 ENTRY_END 101 RANGE_END 102 103 STEP 10 QUERY ADDRESS 192.0.5.1 104 ENTRY_BEGIN 105 REPLY RD 106 SECTION QUESTION 107 c.a. IN TXT 108 ENTRY_END 109 110 STEP 11 CHECK_ANSWER 111 ENTRY_BEGIN 112 MATCH all 113 REPLY QR RD RA NOERROR 114 SECTION QUESTION 115 c.a. IN TXT 116 SECTION ANSWER 117 c.a. IN TXT "answer from upstream ns" 118 ENTRY_END 119 120 STEP 20 QUERY ADDRESS 192.0.2.1 121 ENTRY_BEGIN 122 REPLY RD 123 SECTION QUESTION 124 d.a. IN A 125 ENTRY_END 126 127 STEP 21 CHECK_ANSWER 128 ENTRY_BEGIN 129 MATCH all 130 REPLY QR RD RA NOERROR 131 SECTION QUESTION 132 d.a. IN A 133 SECTION ANSWER 134 d.a. IN A 1.2.3.4 135 ENTRY_END 136 137 STEP 30 QUERY ADDRESS 192.0.2.1 138 ENTRY_BEGIN 139 REPLY RD 140 SECTION QUESTION 141 e.a. IN A 142 ENTRY_END 143 144 STEP 31 CHECK_ANSWER 145 ENTRY_BEGIN 146 MATCH all 147 REPLY QR RD RA NOERROR 148 SECTION QUESTION 149 e.a. IN A 150 SECTION ANSWER 151 e.a. IN A 1.2.3.4 152 ENTRY_END 153 154 SCENARIO_END 155
Indexes created Mon Jun 01 00:24:59 UTC 2026