Is it possible to filter (*.)wpad.* with RPZ?

Grant Taylor gtaylor at
Thu Nov 30 18:34:03 UTC 2017

On 11/30/2017 12:04 AM, Daniel Stirnimann wrote:
> I doubt you can use RPZ for that.

The testing that I did made me think that RPZ wouldn't be able to do it.

I wonder if Response Policy Service (DNSRPS) can do it.

> We use for that, our rule:
> -- WPAD Name Collission Vulnerability
> -- US-CERT TA16-144A. Redirect to landing page
> addAction(RegexRule("^wpad\\."),SpoofAction("", "2001:DB8::2"))

Thank you for the information.  I'll check that out.

Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the bind-users mailing list