[DNSfirewalls] Precedence order of PASSTRHU in RPZ
Francis Turner
francis at threatstop.com
Tue Jun 5 15:47:25 UTC 2018
All,
I've looked in various places and I want to make sure I'm correctly interpreting things
What happens if I have two RPZ lines in either the same or different zones?
precise.fqdn.example.com CNAME *.
*.example.com CNAME rpz-passthru.
Which one wins?
I think it is the more specific one (precise.fqdn.example.com ).
This is annoying if I want to whitelist the entire example.com domain from being blocked if it is in an RPZ zone that I get from somewhere else.
In that case is there a way to override the more specific matching rule?
Regards
Francis
Francis Turner
Threat STOP Global SE
Office: +1-760-542-1550 | Cell: +1-760-402-7676
francis at threatstop.com<mailto:francis at threatstop.com> | www.threatstop.com<http://www.threatstop.com/>
Weaponize Your Threat Intelligence
"If You Don't Build It, They Definitely Will Not Come" - P. Vixie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.redbarn.org/pipermail/dnsfirewalls/attachments/20180605/0e641520/attachment.html>
More information about the DNSfirewalls
mailing list