[DNSfirewalls] rpz firewall + whitelisting

m3047 m3047 at m3047.net
Mon Aug 26 18:54:54 UTC 2019

I've always felt best practice was (listed in order of precedence / 

1) A local whitelist.

2) Any third party zones.

3) A local blacklist.


Fred Morris

On Mon, 26 Aug 2019, Lee wrote:
>> Yes, it's a pain, but that is how wildcards work.  Someone should write a
>> tool to manage them. :)
> [...] so it seemed like it'd be a nice option to be able to
> whitelist things to keep the site breakage down.

More information about the DNSfirewalls mailing list