Hello Team,
I am encountering an unusual problem. I am using BIND version BIND
9.18.19-1+ubuntu22.04.1+isc+1-Ubuntu and have configured BIND RPZ. My
objective is to block access to app.hubspot.com, for which I have
established a zone.
response-policy {
zone "custom.block";
...
..
}
zone "custom.block" { type master; file "/var/lib/bind/zones/custom.block.db";};
And here is zone file
$TTL 180
@ IN SOA ns1.custom.block. ns1.custom.block.
( 2006060301 21600 3600 604800 3600 )
IN NS ns1.custom.block.
ns1.custom.block. IN A 172.1.xx.xx
wg.custom.block. IN A 172.1.xx.xx
app.hubspot.com CNAME wg.custom.block.
and then I have forwarders set forwarders {
1.1.1.1;9.9.9.9;
};
and unfortunately this setup is not working for only this entry I
tried capturing a packet and I see the packets are directly being
forwarded to forwarders not sure why?
11:47:01.025887 ens18 In IP 172.1.254.202.50163 > 172.1.254.243.53:
24135+ [1au] A? app.hubspot.com. (44)
11:47:01.026371 ens18 Out IP 172.1.254.243.47509 > 9.9.9.9.53: 42140+%
[1au] A? app.hubspot.com. (56)
11:47:50.909954 ens18 In IP 9.9.9.9.53 > 172.1.254.243.37937: 57192
1/0/1 PTR 4f2ows.notifybf1.hubspot.com. (98)
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
