v9.12.1 RPZ 'map' format returns fatal error: incompatible masterfile-format or database for a response policy zone

Sun, 22 Apr 2018 17:27:55 -0700 

I run

named -v
 BIND 9.12.1 <id:b2307b2>

I use RPZ.  For a long time , I've used 'text' format zone files.

I want to switch to 'map' format.

these are my (testing) zonefiles, text format

        cat rpz.whitelist.local.zone 
                $TTL 300
                $ORIGIN rpz.whitelist.local.
                @    IN SOA localhost. soa.example.com. (
                        1524440808 ;
                        2H ;
                        1800 ;
                        7D ;
                        5 ;
                        )
                IN NS localhost.
                goodexample.net          CNAME .
                *.goodexample.net        CNAME .

        cat rpz.blacklist.local.zone 
                $TTL 300
                $ORIGIN rpz.whitelist.local.
                @    IN SOA localhost. soa.example.com. (
                        1524440808 ;
                        2H ;
                        1800 ;
                        7D ;
                        5 ;
                        )
                IN NS localhost.
                badexample.net          CNAME .
                *.badexample.net        CNAME .

I convert (no errors) the text zone files to map format with

        named-compilezone -f text -F map \
          -o rpz.whitelist.local.map rpz.whitelist.local 
rpz.whitelist.local.zone 

        named-compilezone -f text -F map \
          -o rpz.blacklist.local.map rpz.blacklist.local 
rpz.blacklist.local.zone 


In my bind conf,
        named.conf

                view "internal" {
                        ...
                        response-policy {
                            zone "rpz.whitelist.local" policy PASSTHRU;
                            zone "rpz.blacklist.local";
                        };

                        zone "rpz.whitelist.local" IN {
                                type master;
                                file "/namedb/master/rpz.whitelist.local.map";
                                masterfile-format map;
                                allow-query { localhost; };
                                allow-transfer { none; };
                                allow-update { none; };
                        };

                        zone "rpz.blacklist.local" IN {
                                type master;
                                file "/namedb/master/rpz.blacklist.local.map";
                                masterfile-format map;
                                allow-query { localhost; };
                                allow-transfer { none; };
                                allow-update { none; };
                        };
                        ...

When I restart my server, for each of the 2 rpz 'map' zones, I see in log

        Apr 22 16:45:06 katana named[42520]: 22-Apr-2018 16:45:06.504 general: 
error: zone 'rpz.blacklist.perm.local': incompatible masterfile-format or 
database for a response policy zone
        Apr 22 16:45:06 katana named[42520]: 22-Apr-2018 16:45:06.505 general: 
error: reloading configuration failed: not implemented

which is, apparently, fatal to server start.

Switch back to 'text' file & format, and all's good.

Searching, I'm finding nothing on the error.

Any help with figuring out the problem and a fix would be appreciated!

AC



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to