; config options server: module-config: "respip validator iterator" target-fetch-policy: "0 0 0 0 0" qname-minimisation: no access-control: 192.0.0.0/8 allow rpz: name: "rpz.example.com." rpz-log: yes rpz-log-name: "rpz.example.com" rpz-action-override: passthru zonefile: TEMPFILE_NAME rpz.example.com TEMPFILE_CONTENTS rpz.example.com $ORIGIN example.com. rpz 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( 1379078166 28800 7200 604800 7200 ) 3600 IN NS ns1.rpz.example.com. 3600 IN NS ns2.rpz.example.com. $ORIGIN rpz.example.com. c.a TXT "local data 1st zone" d.a A 127.0.0.1 TEMPFILE_END rpz: name: "wl.example.com." rpz-log: yes rpz-log-name: "wl.example.com" zonefile: TEMPFILE_NAME wl.example.com TEMPFILE_CONTENTS wl.example.com $ORIGIN example.com. wl 3600 IN SOA ns1.wl.example.com. hostmaster.wl.example.com. ( 1379078166 28800 7200 604800 7200 ) 3600 IN NS ns1.wl.example.com. 3600 IN NS ns2.wl.example.com. $ORIGIN wl.example.com. e.a CNAME rpz-passthru. TEMPFILE_END rpz: name: "rpz2.example.com." rpz-log: yes rpz-log-name: "rpz2.example.com" rpz-action-override: nxdomain zonefile: TEMPFILE_NAME rpz2.example.com TEMPFILE_CONTENTS rpz2.example.com $ORIGIN example.com. rpz2 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( 1379078166 28800 7200 604800 7200 ) 3600 IN NS ns1.rpz.example.com. 3600 IN NS ns2.rpz.example.com. $ORIGIN rpz2.example.com. c.a TXT "local data 2nd zone" 24.0.5.0.192.rpz-client-ip A 127.0.0.1 24.0.5.0.192.rpz-client-ip TXT "clientip 2nd zone" 24.0.3.2.1.rpz-ip A 127.0.0.2 TEMPFILE_END stub-zone: name: "a." stub-addr: 10.20.30.40 CONFIG_END SCENARIO_BEGIN Test RPZ passthru ends processing for later triggers. ; a. RANGE_BEGIN 0 1000 ADDRESS 10.20.30.40 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION c.a. IN TXT SECTION ANSWER c.a. IN TXT "answer from upstream ns" ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION d.a. IN A SECTION ANSWER d.a. IN A 1.2.3.4 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION e.a. IN A SECTION ANSWER e.a. IN A 1.2.3.4 ENTRY_END RANGE_END STEP 10 QUERY ADDRESS 192.0.5.1 ENTRY_BEGIN REPLY RD SECTION QUESTION c.a. IN TXT ENTRY_END STEP 11 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA NOERROR SECTION QUESTION c.a. IN TXT SECTION ANSWER c.a. IN TXT "answer from upstream ns" ENTRY_END STEP 20 QUERY ADDRESS 192.0.2.1 ENTRY_BEGIN REPLY RD SECTION QUESTION d.a. IN A ENTRY_END STEP 21 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA NOERROR SECTION QUESTION d.a. IN A SECTION ANSWER d.a. IN A 1.2.3.4 ENTRY_END STEP 30 QUERY ADDRESS 192.0.2.1 ENTRY_BEGIN REPLY RD SECTION QUESTION e.a. IN A ENTRY_END STEP 31 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA NOERROR SECTION QUESTION e.a. IN A SECTION ANSWER e.a. IN A 1.2.3.4 ENTRY_END SCENARIO_END