RPZ stands for RESPONSE POLICY ZONE. It does NOT block queries. It modifies replies. 
-- 
Mark Andrews

On 17 Nov 2024, at 17:28, Blason R <blaso...@gmail.com> wrote:


Nah even that didn't work.

If I directly query to bind it blocks or wall garden the request but if I send it through windows AD or any other server bind just forwards the request to forwarders.

On Sat, Nov 16, 2024, 23:55 Lee <ler...@gmail.com> wrote:
Hi

On Fri, Nov 15, 2024 at 10:24 PM Blason R wrote:
>
> Where is that exactly to be added? I added in response-policy
> statement then I tired adding in options stanza but rndc fails
> everytime.
>
  <.. snip ..>

> > > > response-policy {
> > > > zone "custom.block";
> > > > ...
> > > > ..
> > > > }
> > >
> > > Try adding
> > >
> > >      break-dnssec yes
> > >      recursive-only no
> > >      qname-wait-recurse no;
> > >
> > > after the closing }

Which would be

 response-policy {
   zone "custom.block";
   ...
   ..
 }
 break-dnssec yes
 recursive-only no
 qname-wait-recurse no;

Regards,
Lee
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to