Dustin
84313601ef
BIND response policy zones (RPZ) support provides a mechanism for overriding the responses to DNS queries based on a wide range of criteria. In the simplest form, a response policy zone can be used to provide different responses to different clients, or "block" some DNS names. For the Pyrocufflink and related networks, I plan to use an RPZ to implement ad/tracker blocking. The goal will be to generate an RPZ definition from a collection of host lists (e.g. those used by uBlock Origin) periodically. This commit introduces basic support for RPZ configuration in the *named* role. It can be activated by providing a list of "response policy" definitions (e.g. `zone "name"`) in the `named_response_policy` variable, and defining the corresponding zones in `named_zones`. |
||
|---|---|---|
| .. | ||
| named.conf.j2 | ||
| named.secrets.j2 | ||
| named.sysconfig.j2 | ||
| named.zones.j2 | ||
| zone.j2 | ||