Unable to resolve the A records, not sure what is wrong

Blason R blason16 at gmail.com
Fri Jun 1 17:59:36 UTC 2018 

I guess this could be the issue

zone "malware.trap" {
        type master;
        file "/var/lib/bind/zones/malware.trap.db";
        allow-query { localhost;};


On Fri, Jun 1, 2018 at 11:28 PM, Blason R <blason16 at gmail.com> wrote:

> Well this is I am getting in network.log what could be the issue?
>
> 01-Jun-2018 23:27:42.274 client 192.168.5.103#58425 (wg.block.tld): query
> 'wg.block.tld/A/IN' denied
>
>
> On Fri, Jun 1, 2018 at 11:27 PM, Bob Harold <rharolde at umich.edu> wrote:
>
>>
>> On Fri, Jun 1, 2018 at 1:36 PM Blason R <blason16 at gmail.com> wrote:
>>
>>> Hi there,
>>>
>>> I am writing a RPZ zone and here is my zone file. RPZ is working fine
>>> but somehow A records are not getting resovled hence I am unable to do the
>>> wall-gardening.
>>>
>>> Can someone please help
>>>
>>>
>>> $TTL 3h
>>> @               IN      SOA     ns1.malware.trap. admin.malware.trap.
>>> (
>>>                         2006060301      ; Serial
>>>                         21600           ; Refresh
>>>                         3600            ; Retry
>>>                         604800          ; Expire
>>>                         3600 )          ; Minimum TTL
>>>
>>>             IN  NS    ns1.malware.trap.
>>> ns1.malware.trap.       A     172.16.3.48
>>> wg.malware.trap.        A     172.16.3.48
>>> baddomain.co   CNAME  wg.malware.trap.
>>> block.this    CNAME   wg.malware.trap.
>>>
>>> ###############################
>>>
>>> ;; ANSWER SECTION:
>>> block.this.            5       IN      CNAME   wg.malware.trap.
>>>
>>>
>>> ***********************************************
>>> ;; QUESTION SECTION:
>>> ;wg.malware.trap.               IN      A
>>>
>>> Answer not getting what could be wrong??
>>>
>>
>> Not sure what is a normal configuration, but on my servers users cannot
>> query the RPZ domain, it is only used for RPZ.
>> Try putting the A record in a normal zone, and CNAME to that, rather than
>> having the A record in the RPZ zone.
>> Or try doing a direct query for the A record and see if it resolves.
>>
>> --
>> Bob Harold
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180601/9dcd726e/attachment-0001.html>

More information about the bind-users mailing list