BIND NXDOMAIN
Mark Andrews
marka at isc.org
Mon Sep 22 23:49:09 UTC 2014
You just have to break the wildcard matching.
*. IN A 10.100.100.4
*.au. IN A 10.100.100.4
*.com.au. IN A 10.100.100.4
nooverride.com.au. TXT "break wildcard matching"
nxreturn.com.au. TXT "break wildcard matching"
Mark
In message <00ab01cfd60d$1365a0a0$3a30e1e0$@iprimus.com.au>, "Neil" writes:
>
> Hi,
>
> We are investigating the features of NXDOMAIN redirect as explained in
> https://kb.isc.org/article/AA-00376/0/BIND-9.9-redirect-zones-for-NXDOMAIN-r
> edirection.html
>
>
>
> We are running BIND 9.9 stream.
>
>
>
> My question is, Is it possible to "whitelist" particular domains?, The ARM
> does
>
> Not refer to any form of whitelisting
>
>
>
>
>
> zone "." {
> type redirect;
> file "db.redirect" ;
> };
>
>
>
> So if my db.redirect has the below for Status=NXDOMAIN to return the below
> RR A
>
>
>
> *. IN A 10.100.100.4
>
>
>
>
>
> But I want to return status:NXDOMAIN for only the below domains
>
>
>
> *.nooverride.com.au
>
> *.nxreturn.com.au
>
>
>
> Is this possible? If not a modification to query.c is the only option.
>
> Has anyone got a src patch for this feature?
>
>
>
> Thanks
>
> Neil
>
>
>
>
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list