[Pdns-users] Are queries towards RPZ domains supposed to use the packet cache?
sthaug at nethelp.no
sthaug at nethelp.no
Mon Feb 24 07:41:15 UTC 2020
>> > Thank you, that got me a bit further. But I'm not where I want to be
>> > yet. DNSQuestion.variable will let me decide whether an answer should
>> > be inserted into the packet cache or not. But using this in the prerpz
>> > hook I have (so far) not found a way to make insertion in the packet
>> > cache dependent on the *policy name* - which is what I'm trying to
>> > achieve here.
>>
>> in preresolve(dq) dq.appliedPolicy.policyName should be available.
>> prerpz(dq) is too early in the process.
>
> To elaborate: name or client ip based policies will be set in
> preresolve(dq). For policies that are applied post resolve, you can
> add code in postresolve(dq).
Excellent, got that working. Thanks! Now a related question: How can
I give some queries an extra RPZ policy, based on for instance IP of
the querier?
Steinar Haug, AS2116
More information about the Pdns-users
mailing list