RPZ and client matching

Chris Buxton clists at buxtonfamily.us
Sat May 9 18:43:28 UTC 2015


> On May 9, 2015, at 9:34 AM, Job <Job at colliniconsulting.it> wrote:
> 
> Hello,
> 
> i noticed i can write a RPZ file for blocking some websites resolution, as example, and excluse come Client IP from this policy.
> 
> I would like to do exactly the opposite: i want to define some blocking resolution policy and ASSIGN only to specific client.
> 
> Is it possible with RPZ?

Create a new view, with match-clients set to the client in question. Define the response policy in that view.

Have that view forward to the main view, using any of a variety of methods. For example, forward to the loopback address, which doesn't match the new view's match-clients ACL.

Chris



More information about the bind-users mailing list