unbound-dns-firewall
unbound-dns-firewall copied to clipboard
Ability to define which record-types to filter or allow/disallow
Besides just the domain-name, having the ability to block a domain and which record-types makes sense in some situations.
Designate with '+' for "allow" and '-' for disallow. Asteriks (*) for all.
So syntax would be (white-space as sepperator):
<Domain> <Record-Types>
Something like (in the white/blacklists):
company.com # Without any additional arguments, all record-types supported will be filtered (like as it is now)
other.company.com +A,+PTR,-* # Only allow A and PTR
ftp.company.com +*,-SRV,-HINFO # Allow all except SRV and HINFO
weird.company.com +*,-ANY # Allow all except ANY
blah.company.com -*,+A # Allow only A
etc...