Feature #8188: Support response policy zones in bind package - pfSense Packages - pfSense bugtracker

Actions

Copy link

Feature #8188

closed

Support response policy zones in bind package

Added by Michael Newton over 6 years ago. Updated almost 4 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Category:

BIND

Target version:

Start date:

12/11/2017

Due date:

% Done:

Estimated time:

Plus Target Version:

Description

An RPZ "selectively intercepts DNS resolution for known-malicious network assets including domain names, IP addresses, and name servers. Interception can mean rewriting a DNS response to direct a web browser to a “walled garden”, or simply making the malicious network assets invisible and unreachable."

This PR (https://github.com/pfsense/FreeBSD-ports/pull/487) adds a checkbox to indicate if a master or slave zone is used in a response policy. It allows for users to add the appropriate CNAME records to filter based on query, response, or responding nameserver, but it does not give any GUI sugar to make this a "fill in the blanks" exercise.

More info on RPZs:
https://dnsrpz.info/
http://www.zytrax.com/books/dns/ch7/rpz.html
https://www.isc.org/rpz/

Actions

Copy link

Updated by Viktor Gurov almost 4 years ago

Status changed from New to Resolved

merged in 9.12

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Packages

Custom queries

Feature #8188

Support response policy zones in bind package

Updated by Viktor Gurov almost 4 years ago