[RPZ] Getting distros to enable RPZ in Bind packages?
Augie Schwer
augie.schwer at gmail.com
Thu Jan 17 00:31:43 UTC 2013
Oh, my apologies -- I thought Bind had to be built with
" --enable-rpz-nsip --enable-rpz-nsdname" to enable RPZ; I just tested the
stock named that ships with RH6 and RPZ does indeed work.
On Wed, Jan 16, 2013 at 2:10 PM, Vernon Schryver <vjs at rhyolite.com> wrote:
> > From: Augie Schwer <augie.schwer at gmail.com>
>
> > Has anyone had any success in convincing package maintainers for the
> major
> > Linux distributions to enable RPZ in their Bind packages?
> >
> > Red Hat 6 for example has Bind 9.8 but still does not build named with
> RPZ
> > support.
>
> RPZ has been standard in BIND since 9.8.1 in 2011 according to
>
> https://kb.isc.org/article/AA-00525/110/Building-DNS-Firewalls-with-Response-Policy-Zones-RPZ.html
>
> Patches with unreleased changes that speed up RPZ for 9.8.4-P1
> and 9.9.2-P1 can be found with the RRL patches by following the
> link on http://www.redbarn.org/dns/ratelimits
>
>
> Vernon Schryver vjs at rhyolite.com
> _______________________________________________
> dnsrpz-interest mailing list
> dnsrpz-interest at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dnsrpz-interest
>
--
Augie Schwer - Augie at Schwer.us - http://schwer.us
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.redbarn.org/pipermail/dnsfirewalls/attachments/20130116/a3f5508c/attachment.htm>
More information about the DNSfirewalls
mailing list