There is no code written to add reasons for rpz blocks. Feel free to add an
issue
via https://gitlab.isc.org/.
> On 13 Aug 2024, at 00:06, Robert Paolucci via bind-users
> <bind-users@lists.isc.org> wrote:
>
> Hello All,
> I’m currently working with BIND 9.19.24 and have successfully implemented
> EDNS EDE (Extended DNS Error) with the following configuration:
>
> response-policy {
> zone "rpz.example.com" ede blocked; }
> add-soa false
>
> This correctly returns the OPT code 15 for a blocked response:
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ; OPT=15: 00 0f ("..")
>
> I would like to add some additional text to the EDE response, such as a
> reason for the block (e.g., "Blocked because – REASON").
> According to RFC 5198, it should be possible to use an extra-text field:
> EXTRA-TEXT:
> A variable-length, UTF-8-encoded [RFC5198] text field that may hold
> additional textual information. This information is intended for human
> consumption (not automated parsing). The EDE text may be null terminated but
> MUST NOT be assumed to be; the length MUST be derived from the OPTION-LENGTH
> field. The EXTRA-TEXT field may be zero octets in length, indicating that
> there is no EXTRA-TEXT included. Care should be taken not to include private
> information in the EXTRA-TEXT field that an observer would not otherwise have
> access to, such as account numbers.
> However, I haven’t been able to find an option for extra-text in the BIND
> configuration. Is this feature not supported yet, or is there a different
> approach I should be using?
> Thanks for your help!
>
> This email and any files transmitted with it are confidential and intended
> solely for the use of the individual or entity to whom they are addressed. If
> you have received this email in error please notify the system manager. This
> message contains confidential information and is intended only for the
> individual named. If you are not the named addressee you should not
> disseminate, distribute or copy this e-mail. Please notify the sender
> immediately by e-mail if you have received this e-mail by mistake and delete
> this e-mail from your system. If you are not the intended recipient you are
> notified that disclosing, copying, distributing or taking any action in
> reliance on the contents of this information is strictly prohibited.
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
> this list
>
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
