[DNSfirewalls] [cmikk at fsi.io: [dnstap] (PR) Adding response policy information in dnstap]

Andrew Fried afried at deteque.com
Mon Mar 15 20:15:55 UTC 2021

I'm assuming this logging feature would require each RPZ resolver vendor
to incorporate support for this.  Has ISC/NLnet Labs/PowerDNS indicated
that they were amenable to adding that support?


On 3/15/21 2:33 PM, Paul Vixie wrote:
> there's work afoot to support rpz triggers and actions as part of 'dnstap'.
> this was an active area of research for april lorenzen when rpz first came
> out, but using the name server's text-format log files made her path rocky.
> i'm very much hoping that the telemetry features described below will unlock
> a massive wave of innovation over what should be done about an rpz "hit".
> vixie
> re:
> ----- Forwarded message from Chris Mikkelson <cmikk at fsi.io> -----
> Date: Mon, 15 Mar 2021 12:47:50 -0500
> From: Chris Mikkelson <cmikk at fsi.io>
> To: dnstap at lists.redbarn.org
> User-Agent: NeoMutt/20170113 (1.7.2)
> Subject: [dnstap] (PR) Adding response policy information in dnstap
> Greetings,
> A pull request for the response policy information field and
> type proposed last month is up for review, at:
> 	https://github.com/dnstap/dnstap.pb/pull/12
> Feedback, questions, and requests for changes, clarifications,
> or edits are welcome, either on the PR or via this mailing list.
> If there are no objections, requests for more time to
> review, or requests for substantive changes requiring
> further discussion before this Friday (3/19, UTC-05:00),
> I will merge the change.
> Thanks,

Andrew Fried
afried at deteque.com

More information about the DNSfirewalls mailing list