[thirdparty/pdns.git] / pdns / basic.rpz

$TTL 2h;
$ORIGIN domain.example.com.
@               SOA powerdns.example.net. hostmaster.example.com ( 1 12h 15m 3w 2h)
                NS powerdns.example.net.  
; begin RPZ RR definitions

;; QNAME Trigger

; QNAME Trigger NXDOMAIN Action
; kills whole domain
nxdomain.org        CNAME .
*.nxdomain.org      CNAME .

; QNAME Trigger PASSTHRU Action
; typically only used for bypass
mail.nxdomain.org        CNAME rpz-passthru.

; QNAME Trigger DROP Action
; kills whole domain
example.net        CNAME rpz-drop.
*.example.net      CNAME rpz-drop.

; QNAME Trigger Truncate Action
; kills whole domain
truncate.org        CNAME rpz-tcp-only.
*.truncate.org      CNAME rpz-tcp-only.

; QNAME Trigger Local-Data Action
; sends to a local website
; kills whole domain
local.org        CNAME explanation.example.com.
*.local.org      CNAME explanation.example.com.

local-a.org        A 192.168.2.5
*.local-a.org      A 192.168.2.5

; CLIENT-IP Trigger DROP Action
; kills all DNS activity from this client
24.0.0.0.127.rpz-client-ip CNAME rpz-drop.

; CLIENT-IP Trigger TCP-ONLY Action
; slows-up all DNS activity from this client
32.1.0.0.10.rpz-client-ip CNAME rpz-tcp-only.

; IP Trigger NXDOMAIN Action
; any answer containing IP range
32.2.0.0.10.rpz-ip CNAME .

;; NSDNAME Trigger
;; if ns1.example.org appears in the authority section
;; of any answer

; NSDNAME Trigger NXDOMAIN Action
; kills specific name server
dns-eu1.powerdns.net.rpz-nsdname CNAME .

; this will kill any name servers from example.org
*.powerdns.net.rpz-nsdname   CNAME .

; NSDNAME Trigger TCP-ONLY Action
; kills specific name server
*.gtld-servers.net.rpz-nsdname CNAME rpz-tcp-only.
Commit	Line	Data
644dd1da	1	$TTL 2h;
	2	$ORIGIN domain.example.com.
	3	@ SOA powerdns.example.net. hostmaster.example.com ( 1 12h 15m 3w 2h)
31343777	4	NS powerdns.example.net.
644dd1da	5	; begin RPZ RR definitions
	6
	7	;; QNAME Trigger
	8
	9	; QNAME Trigger NXDOMAIN Action
	10	; kills whole domain
	11	nxdomain.org CNAME .
44a6ceec	12	*.nxdomain.org CNAME .
644dd1da	13
	14	; QNAME Trigger PASSTHRU Action
	15	; typically only used for bypass
44a6ceec	16	mail.nxdomain.org CNAME rpz-passthru.
644dd1da	17
	18	; QNAME Trigger DROP Action
	19	; kills whole domain
	20	example.net CNAME rpz-drop.
	21	*.example.net CNAME rpz-drop.
	22
	23	; QNAME Trigger Truncate Action
	24	; kills whole domain
	25	truncate.org CNAME rpz-tcp-only.
44a6ceec	26	*.truncate.org CNAME rpz-tcp-only.
644dd1da	27
	28	; QNAME Trigger Local-Data Action
	29	; sends to a local website
	30	; kills whole domain
	31	local.org CNAME explanation.example.com.
	32	*.local.org CNAME explanation.example.com.
	33
	34	local-a.org A 192.168.2.5
44a6ceec	35	*.local-a.org A 192.168.2.5
644dd1da	36
	37	; CLIENT-IP Trigger DROP Action
	38	; kills all DNS activity from this client
	39	24.0.0.0.127.rpz-client-ip CNAME rpz-drop.
	40
	41	; CLIENT-IP Trigger TCP-ONLY Action
	42	; slows-up all DNS activity from this client
	43	32.1.0.0.10.rpz-client-ip CNAME rpz-tcp-only.
	44
	45	; IP Trigger NXDOMAIN Action
	46	; any answer containing IP range
	47	32.2.0.0.10.rpz-ip CNAME .
	48
	49	;; NSDNAME Trigger
	50	;; if ns1.example.org appears in the authority section
	51	;; of any answer
	52
	53	; NSDNAME Trigger NXDOMAIN Action
	54	; kills specific name server
	55	dns-eu1.powerdns.net.rpz-nsdname CNAME .
44a6ceec	56
644dd1da	57	; this will kill any name servers from example.org
	58	*.powerdns.net.rpz-nsdname CNAME .
	59
	60	; NSDNAME Trigger TCP-ONLY Action
	61	; kills specific name server
	62	*.gtld-servers.net.rpz-nsdname CNAME rpz-tcp-only.
	63