[DNSfirewalls] Precedence order of PASSTRHU in RPZ

Francis Turner francis at threatstop.com
Tue Jun 5 15:47:25 UTC 2018


I've looked in various places and I want to make sure I'm correctly interpreting things

What happens if I have two RPZ lines in either the same or different zones?

precise.fqdn.example.com CNAME *.
*.example.com CNAME  rpz-passthru.

Which one wins?

I think it is the more specific one (precise.fqdn.example.com ).
This is annoying if I want to whitelist the entire example.com domain from being blocked if it is in an RPZ zone that I get from somewhere else.

In that case is there a way to override the more specific matching rule?



Francis Turner
Threat STOP Global SE
Office: +1-760-542-1550 | Cell: +1-760-402-7676
francis at threatstop.com<mailto:francis at threatstop.com> | www.threatstop.com<http://www.threatstop.com/>
Weaponize Your Threat Intelligence
"If You Don't Build It, They Definitely Will Not Come" - P. Vixie

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.redbarn.org/pipermail/dnsfirewalls/attachments/20180605/0e641520/attachment.html>

More information about the DNSfirewalls mailing list