1 ; config options 2 server: 3 module-config: "respip validator iterator" 4 target-fetch-policy: "0 0 0 0 0" 5 qname-minimisation: no 6 7 rpz: 8 name: "rpz.example.com." 9 rpz-action-override: disabled 10 zonefile: 11 TEMPFILE_NAME rpz.example.com 12 TEMPFILE_CONTENTS rpz.example.com 13 $ORIGIN rpz.example.com. 14 32.1.113.0.203.rpz-ip A 192.0.2.1 15 TEMPFILE_END 16 17 rpz: 18 name: "rpz2.example.com." 19 zonefile: 20 TEMPFILE_NAME rpz2.example.com 21 TEMPFILE_CONTENTS rpz2.example.com 22 $ORIGIN rpz2.example.com. 23 32.1.113.0.203.rpz-ip A 192.0.2.2 24 TEMPFILE_END 25 26 rpz: 27 name: "rpz3.example.com." 28 rpz-action-override: nodata 29 zonefile: 30 TEMPFILE_NAME rpz3.example.com 31 TEMPFILE_CONTENTS rpz3.example.com 32 $ORIGIN rpz3.example.com. 33 32.3.113.0.203.rpz-ip CNAME . 34 TEMPFILE_END 35 36 rpz: 37 name: "rpz4.example.com." 38 rpz-action-override: nxdomain 39 zonefile: 40 TEMPFILE_NAME rpz4.example.com 41 TEMPFILE_CONTENTS rpz4.example.com 42 $ORIGIN rpz4.example.com. 43 32.4.113.0.203.rpz-ip CNAME *. 44 TEMPFILE_END 45 46 rpz: 47 name: "rpz5.example.com." 48 rpz-action-override: passthru 49 zonefile: 50 TEMPFILE_NAME rpz5.example.com 51 TEMPFILE_CONTENTS rpz5.example.com 52 $ORIGIN rpz5.example.com. 53 32.5.113.0.203.rpz-ip A 192.0.2.5 54 TEMPFILE_END 55 56 rpz: 57 name: "rpz6.example.com." 58 rpz-action-override: cname 59 rpz-cname-override: ns. 60 zonefile: 61 TEMPFILE_NAME rpz6.example.com 62 TEMPFILE_CONTENTS rpz6.example.com 63 $ORIGIN rpz6.example.com. 64 32.6.113.0.203.rpz-ip A 192.0.2.6 65 TEMPFILE_END 66 67 rpz: 68 name: "rpz7.example.com." 69 rpz-action-override: drop 70 zonefile: 71 TEMPFILE_NAME rpz7.example.com 72 TEMPFILE_CONTENTS rpz7.example.com 73 $ORIGIN rpz7.example.com. 74 32.7.113.0.203.rpz-ip A 192.0.2.7 75 TEMPFILE_END 76 77 stub-zone: 78 name: "." 79 stub-addr: 10.20.30.40 80 CONFIG_END 81 82 SCENARIO_BEGIN Test all supported RPZ action for response IP address trigger 83 84 ; c. 85 RANGE_BEGIN 0 100 86 ADDRESS 10.20.30.40 87 ENTRY_BEGIN 88 MATCH opcode qtype qname 89 ADJUST copy_id 90 REPLY QR NOERROR 91 SECTION QUESTION 92 . IN NS 93 SECTION ANSWER 94 . IN NS ns. 95 SECTION ADDITIONAL 96 ns. IN A 10.20.30.40 97 ENTRY_END 98 99 ENTRY_BEGIN 100 MATCH opcode qtype qname 101 ADJUST copy_id 102 REPLY QR NOERROR 103 SECTION QUESTION 104 ns. IN A 105 SECTION ANSWER 106 ns. IN A 10.20.30.40 107 ENTRY_END 108 109 ENTRY_BEGIN 110 MATCH opcode qtype qname 111 ADJUST copy_id 112 REPLY QR NOERROR 113 SECTION QUESTION 114 a. IN A 115 SECTION ANSWER 116 a. IN A 203.0.113.1 117 ENTRY_END 118 119 ENTRY_BEGIN 120 MATCH opcode qtype qname 121 ADJUST copy_id 122 REPLY QR NOERROR 123 SECTION QUESTION 124 b. IN A 125 SECTION ANSWER 126 b. IN A 203.0.113.3 127 ENTRY_END 128 129 ENTRY_BEGIN 130 MATCH opcode qtype qname 131 ADJUST copy_id 132 REPLY QR NOERROR 133 SECTION QUESTION 134 c. IN A 135 SECTION ANSWER 136 c. IN A 203.0.113.4 137 ENTRY_END 138 139 ENTRY_BEGIN 140 MATCH opcode qtype qname 141 ADJUST copy_id 142 REPLY QR NOERROR 143 SECTION QUESTION 144 d. IN A 145 SECTION ANSWER 146 d. IN A 203.0.113.5 147 ENTRY_END 148 149 ENTRY_BEGIN 150 MATCH opcode qtype qname 151 ADJUST copy_id 152 REPLY QR NOERROR 153 SECTION QUESTION 154 e. IN A 155 SECTION ANSWER 156 e. IN A 203.0.113.6 157 ENTRY_END 158 159 ENTRY_BEGIN 160 MATCH opcode qtype qname 161 ADJUST copy_id 162 REPLY QR NOERROR 163 SECTION QUESTION 164 f. IN A 165 SECTION ANSWER 166 f. IN A 203.0.113.7 167 ENTRY_END 168 169 RANGE_END 170 171 STEP 1 QUERY 172 ENTRY_BEGIN 173 REPLY RD 174 SECTION QUESTION 175 a. IN A 176 ENTRY_END 177 178 STEP 2 CHECK_ANSWER 179 ENTRY_BEGIN 180 MATCH all 181 REPLY QR RD RA NOERROR 182 SECTION QUESTION 183 a. IN A 184 SECTION ANSWER 185 a. IN A 192.0.2.2 186 ENTRY_END 187 188 STEP 3 QUERY 189 ENTRY_BEGIN 190 REPLY RD 191 SECTION QUESTION 192 b. IN A 193 ENTRY_END 194 195 STEP 4 CHECK_ANSWER 196 ENTRY_BEGIN 197 MATCH all 198 REPLY QR RD RA NOERROR 199 SECTION QUESTION 200 b. IN A 201 SECTION ANSWER 202 ENTRY_END 203 204 STEP 5 QUERY 205 ENTRY_BEGIN 206 REPLY RD 207 SECTION QUESTION 208 c. IN A 209 ENTRY_END 210 211 STEP 6 CHECK_ANSWER 212 ENTRY_BEGIN 213 MATCH all 214 REPLY QR RD RA NXDOMAIN 215 SECTION QUESTION 216 c. IN A 217 SECTION ANSWER 218 ENTRY_END 219 220 STEP 7 QUERY 221 ENTRY_BEGIN 222 REPLY RD 223 SECTION QUESTION 224 d. IN A 225 ENTRY_END 226 227 STEP 8 CHECK_ANSWER 228 ENTRY_BEGIN 229 MATCH all 230 REPLY QR RD RA NOERROR 231 SECTION QUESTION 232 d. IN A 233 SECTION ANSWER 234 d. IN A 203.0.113.5 235 ENTRY_END 236 237 STEP 9 QUERY 238 ENTRY_BEGIN 239 REPLY RD 240 SECTION QUESTION 241 e. IN A 242 ENTRY_END 243 244 STEP 10 CHECK_ANSWER 245 ENTRY_BEGIN 246 MATCH all 247 REPLY QR RD RA NOERROR 248 SECTION QUESTION 249 e. IN A 250 SECTION ANSWER 251 e. IN CNAME ns. 252 ns. IN A 10.20.30.40 253 ENTRY_END 254 255 STEP 11 QUERY 256 ENTRY_BEGIN 257 REPLY RD 258 SECTION QUESTION 259 f. IN A 260 ENTRY_END 261 ; no answer is checked at exit of testbound. 262 263 STEP 12 TIME_PASSES ELAPSE 10 264 265 SCENARIO_END 266
Indexes created Tue Jun 02 00:25:15 UTC 2026