Is it possible to filter (*.)wpad.* with RPZ?

Daniel Stirnimann daniel.stirnimann at
Thu Nov 30 07:04:22 UTC 2017

I doubt you can use RPZ for that.

We use for that, our rule:

-- WPAD Name Collission Vulnerability
-- US-CERT TA16-144A. Redirect to landing page
addAction(RegexRule("^wpad\\."),SpoofAction("", "2001:DB8::2"))


On 29.11.17 19:12, Grant Taylor via bind-users wrote:
> Is it possible to filter (*.)wpad.* with RPZ?  Or do I need to look into 
> Response Policy Service and try to filter that way?
> I've used RPZ for various different things over the years, but I don't 
> quite know how to match a wild card on the right hand side.
> Context:  I'd like to prevent ""misconfigurations like the following and 
> I was hoping that RPZ could be utilized:
> Link - Anybody else having issues with
>   - 
> Link - Alert (TA16-144A) WPAD Name Collision Vulnerability
>   -

More information about the bind-users mailing list