9.10.1 arm, response policy

Carl Byington carl at byington.org
Wed Sep 24 23:03:14 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The ARM says:

[ response-policy {
        zone zone_name ;
        [ policy given | disabled | passthru | drop | nxdomain | nodata
| cname domain ; ]
        [ recursive-only yes_or_no ; ]
        [ max-policy-ttl number ; ] ;
        [ recursive-only yes_or_no ; ]
        [ max-policy-ttl number ; ]
        [ break-dnssec yes_or_no ; ]
        [ min-ns-dots number ; ]
        [ qname-wait-recurse yes_or_no ; ]
    } ; ]


So this should work, but gets a syntax error:

    response-policy {
        zone "rpz.example.com";
        qname-wait-recurse no;
    };

but this works:

    response-policy { zone "rpz.example.com";}
        qname-wait-recurse no
    ;



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEARECAAYFAlQjTasACgkQL6j7milTFsFNWACeInmKGT5BSdpyYyqMGWg5RDbR
V/kAn2DtUM4HwmwSp59WDQ/zPckRZmfV
=qE8o
-----END PGP SIGNATURE-----




More information about the bind-users mailing list