[RPZ] RPZ Findings.

Vernon Schryver vjs at rhyolite.com
Thu Dec 20 21:02:57 UTC 2012


> Date: Thu, 20 Dec 2012 21:44:52 +0100

> What do you mean with effective?
>
> No info about fp ratio so this personally doesnt tell me much.
>
> Is there more detail available?
> Just counting hits doesnt tell much.

Because a site's false and true positives are as unique as the site's
views about excessive false positives and sufficent true positives, I
wouldn't use someone else's counts or detailed data as more than vague
hints.

If the override policy for a response policy zone is set to "passthru",
then hits are only logged.  For example,
    response-policy { zone "rpz.example.com" policy passthru; };
would log hits by that policy zone in the "rpz" logging category but
not change responses from the DNS server.  One might use those log
entries to consider policy zone's false and true positives before
making the zone effective.


Vernon Schryver    vjs at rhyolite.com



More information about the DNSfirewalls mailing list