configpolicy

dustin

History

Dustin 84313601ef roles/named: Implement response policy zones BIND response policy zones (RPZ) support provides a mechanism for overriding the responses to DNS queries based on a wide range of criteria. In the simplest form, a response policy zone can be used to provide different responses to different clients, or "block" some DNS names. For the Pyrocufflink and related networks, I plan to use an RPZ to implement ad/tracker blocking. The goal will be to generate an RPZ definition from a collection of host lists (e.g. those used by uBlock Origin) periodically. This commit introduces basic support for RPZ configuration in the named role. It can be activated by providing a list of "response policy" definitions (e.g. `zone "name"`) in the `named_response_policy` variable, and defining the corresponding zones in `named_zones`.		2020-09-06 10:40:01 -05:00
..
gw0	gw0: Set dhcpcd_nodev	2018-07-20 17:47:04 -05:00
smtp1.pyrocufflink.blue	smtp1: Allow relay from Management network	2018-10-13 11:50:31 -05:00
build0-amd64.pyrocufflink.blue.yml	hosts: Add build0-amd64	2019-09-19 19:50:35 -05:00
bw0.pyrocufflink.blue.yml	hosts: bw0: Use Lego cert	2020-03-17 08:45:34 -05:00
cloud0.pyrocufflink.blue.yml	hosts: cloud0: Configure backups with BURP	2020-08-29 14:22:17 -05:00
dc0.pyrocufflink.blue.yml	hosts: Add new domain controllers	2018-02-19 22:46:27 -06:00
dns0.pyrocufflink.blue.yml	roles/named: Implement response policy zones	2020-09-06 10:40:01 -05:00
dns1.pyrocufflink.blue.yml	hosts: Add dns1.pyrocufflink.blue	2018-08-12 17:24:37 -05:00
file0.pyrocufflink.blue.yml	hosts: Add file0.p.b to burp-client	2018-08-08 22:07:32 -05:00
git0.pyrocufflink.blue.yml	hosts: git0: Switch to Lego wildcard cert	2020-02-22 16:43:46 -06:00
hass0.pyrocufflink.blue.yml	hosts: hass0: Add untracked host_vars file	2019-09-19 19:50:35 -05:00
hass1.pyrocufflink.blue.yml	hosts: hass1: Configure backups with BURP	2020-08-29 14:22:17 -05:00
hassdb0.pyrocufflink.blue.yml	hosts: hassdb0: Add missing vars file	2020-08-29 14:01:50 -05:00
jenkins0.pyrocufflink.blue	jenkins0: Bind Samba to real interface only	2019-01-06 12:24:52 -06:00
logs0.pyrocufflink.blue.yml	hosts: Add logs0.p.b	2019-10-28 18:47:09 -05:00
vmhost0.pyrocufflink.blue.yml	hosts: Add vmhost{0,1}.p.b	2018-07-23 17:35:10 -05:00
vmhost1.pyrocufflink.blue.yml	hosts: Add vmhost{0,1}.p.b	2018-07-23 17:35:10 -05:00
zbx0.pyrocufflink.blue.yml	hosts: Add zbx0.p.b to smtp-server	2018-04-15 13:28:45 -05:00