pdns
pdns copied to clipboard
PowerDNS
Config many RPZ Policies flexibly
- Program: Recursor
- Issue type: Feature request
Short description
At the moment, we can load many rpz policy files through lua-config-file. And all the rpz files are enabled as default, we can discard the special one policy by policyName. It is sufficient when most policies are useful and little policy are useless. But in the opposite condition, it is difficult to config.
Usecase
Description
According to the example described in https://doc.powerdns.com/recursor/lua-scripting/hooks.html#modifyingpolicydecisions dq:discardPolicy. function prerpz(dq) -- disable the RPZ policy named 'malware' for example.com if dq.qname:equal('example.com') then dq:discardPolicy('malware') end return false end
the possible expected example is as follows: function prerpz(dq) if dq.localaddr:toString():equal("192.168.1.2") then dq:applyPolicy('192.168.1.2.rpz') elseif dq.localaddr:toString():equal("192.168.2.2") then dq:applyPolicy('192.168.2.2.rpz') elseif dq.localaddr:toString():equal("192.168.3.2") then dq:applyPolicy('192.168.3.2.rpz') elseif dq.localaddr:toString():equal("172.16.1.2") then dq:applyPolicy('172.16.1.2.rpz') end return false end
More internal ips are here in example, this feature request is more valuable.
