DNS-RPZ
DNS-RPZ
Author : Michael Hornung; Expeditors International of Washington, Inc. License : AGPL-V3 Version : 1.0 Supported data types :Registration required : N/A Subscription required : N/A Free subscription : N/A Third party service : N/A
Description
Add a dynamic DNS entry to a Response Policy Zone, blackholing or redirecting a FQDN.
Configuration
bind_server IP or FQDN of RPZ master BIND server
Default value if not configured 127.0.0.1
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
tsig_keyname Name of TSIG key to access BIND server
Default value if not configured cortex.
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
tsig_keyval TSIG key value to access BIND server
Default value if not configured updateme
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
tsig_hashalg TSIG hash algorithm to use
Default value if not configured HMAC-SHA512
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
rpz_zonename Fully qualified RPZ zone name (don't forget the trailing dot)
Default value if not configured rpz.
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
remediation_ip IP to resolve RPZ names to
Default value if not configured 127.0.0.1
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
November 8, 2024 10:11:38