About Bind Plugin development

Chunhui Ouyang jack9603301 at 163.com
Sun Nov 23 06:33:48 UTC 2025 

Thank you, I'll take a look.

* Greg Choules <gregchoules+bindusers at googlemail.com> [2025-11-22 :39:31]:

> Here is the RPZ draft:
> https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-dns-rpz-00
> Here are references in the ARM showing how to use it in BIND:
> https://bind9.readthedocs.io/en/stable/chapter6.html#enter-rpz
> https://bind9.readthedocs.io/en/stable/reference.html#response-policy-zone-rpz-rewriting
> 
> I hope that helps.
> Cheers, Greg
> 
> On Sat, 22 Nov 2025 at 17:16, Chunhui Ouyang <jack9603301 at 163.com> wrote:
> 
> > I know, so I'm just hoping for some introductory examples, like some
> > simple configurations, but that's okay, I'll find them myself. Thanks. I
> > originally wanted to write a plugin, but for plugins, I'd like some
> > introductory examples, like how I should build the most basic project
> > without depending on config.h or... If it must be compiled within the tree,
> > how should I build a tree-based plugin that can compile correctly? Because
> > it currently throws an error without including config.h.
> >
> > * Ondřej Surý <ondrej at isc.org> [2025-11-22 :08:39]:
> >
> > > I think you are mistaking open source with free labor.
> > >
> > > It’s your client and your commercial contract, I gave you pointers, how
> > you handle these it is entire up to you, but don’t expect people here to do
> > this proprietary job for you for free.
> > >
> > > Ondrej
> > > --
> > > Ondřej Surý — ISC (He/Him)
> > >
> > > My working hours and your working hours may be different. Please do not
> > feel obligated to reply outside your normal working hours.
> > >
> > > > On 22. 11. 2025, at 17:15, Chunhui Ouyang <jack9603301 at 163.com> wrote:
> > > >
> > > > I see it, but I still have two questions:
> > > >
> > > > 1. The client says there might be hundreds of thousands of IPs that
> > need to be matched, so I need a convenient process to match these addresses.
> > > >
> > > > 2. Can you tell me how to write RPG entries?
> > > >
> > > > * Ondřej Surý <ondrej at isc.org> [2025-11-22 :38:03]:
> > > >
> > > >> I already gave you the links to the documentation and the tutorial
> > below. Have you looked at these?
> > > >>
> > > >> --
> > > >> Ondřej Surý (He/Him)
> > > >> ondrej at isc.org
> > > >>
> > > >> My working hours and your working hours may be different. Please do
> > not feel obligated to reply outside your normal working hours.
> > > >>
> > > >>>> On 22. 11. 2025, at 15:40, Chunhui Ouyang <jack9603301 at 163.com>
> > wrote:
> > > >>>
> > > >>> Can you give me an example?
> > > >>>
> > > >>> * Ondřej Surý <ondrej at isc.org> [2025-11-22 :34:48]:
> > > >>>
> > > >>>> RPZ already has the functionality that you’ve described below.
> > There’s no need to write a new plugin for this.
> > > >>>>
> > > >>>> Ondrej
> > > >>>> --
> > > >>>> Ondřej Surý — ISC (He/Him)
> > > >>>>
> > > >>>> My working hours and your working hours may be different. Please do
> > not feel obligated to reply outside your normal working hours.
> > > >>>>
> > > >>>>> On 22. 11. 2025, at 14:43, Chunhui Ouyang <jack9603301 at 163.com>
> > wrote:
> > > >>>>>
> > > >>>>> What's the meaning?
> > > >>>>>
> > > >>>>> * Ondřej Surý <ondrej at isc.org> [2025-11-22 :25:08]:
> > > >>>>>
> > > >>>>>> Sorry, actually, not RPZ-CLIENT-IP, it is just RPZ-IP triggering
> > rule.
> > > >>>>>>
> > > >>>>>> Ondrej
> > > >>>>>> --
> > > >>>>>> Ondřej Surý (He/Him)
> > > >>>>>> ondrej at isc.org
> > > >>>>>>
> > > >>>>>> My working hours and your working hours may be different. Please
> > do not feel obligated to reply outside your normal working hours.
> > > >>>>>>
> > > >>>>>>>> On 22. 11. 2025, at 14:22, Ondřej Surý <ondrej at isc.org> wrote:
> > > >>>>>>>
> > > >>>>>>>> It will filter DNS resolution requests and match the IP record
> > of any domain name against a given list; if a match is found, it will force
> > the return of the given IP.
> > > >>>>>>>
> > > >>>>>>>
> > > >>>>>>> You mean like RPZ-CLIENT-IP?
> > > >>>>>>>
> > > >>>>>>> https://www.isc.org/rpz/
> > > >>>>>>> and
> > > >>>>>>> https://www.isc.org/docs/BIND_RPZ.pdf
> > > >>>>>>>
> > > >>>>>>> ?
> > > >>>>>>>
> > > >>>>>>> Ondrej
> > > >>>>>>> --
> > > >>>>>>> Ondřej Surý (He/Him)
> > > >>>>>>> ondrej at isc.org
> > > >>>>>>>
> > > >>>>>>> My working hours and your working hours may be different. Please
> > do not feel obligated to reply outside your normal working hours.
> > > >>>>>>>
> > > >>>>>>
> > > >>>>> <signature.asc>
> > > >>>>
> > > >>
> > > > <signature.asc>
> > >
> > --
> > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> > from this list.
> >
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20251123/db82e5e0/attachment.sig>

More information about the bind-users mailing list