Homas
commented
4 years ago Looks weird. Could you please also provide the source configuration?
Closed mk-git closed 4 years ago
Homas
commented
4 years ago Looks weird. Could you please also provide the source configuration?
mk-git
commented
4 years ago Source entry:
{source,{"local_blacklist_test","file:/opt/ioc2rpz/cfg/blacklist_test.txt","[:AXFR:]","^(?!#)(.*)$"}}.
content of source file:
cat cfg/blacklist_test.txt
example.com
example1.com
sub.example2.com
sub.example1.comHow the zone file looks on bind:
$ORIGIN .
$TTL 604800 ; 1 week
sXXXXX-test.ioc2rpz IN SOA ioc2rpz.intra.asXXXXX.net. noc.sXXXXX.ch. (
1597815180 ; serial
60 ; refresh (1 minute)
3600 ; retry (1 hour)
2592000 ; expire (4 weeks 2 days)
7200 ; minimum (2 hours)
)
NS ioc2rpz.intra.asXXXXX.net.
$ORIGIN com.sXXXXX-test.ioc2rpz.
$TTL 900 ; 15 minutes
example CNAME test\.ch.
$ORIGIN example.com.sXXXXX-test.ioc2rpz.
* CNAME test\.ch.
$ORIGIN com.sXXXXX-test.ioc2rpz.
example1 CNAME test\.ch.
$ORIGIN example1.com.sXXXXX-test.ioc2rpz.
* CNAME test\.ch.
sub CNAME test\.ch.
$ORIGIN sub.example1.com.sXXXXX-test.ioc2rpz.
* CNAME test\.ch.
$ORIGIN com.sXXXXX-test.ioc2rpz.
sub.example2 CNAME test\.ch.
$ORIGIN sub.example2.com.sXXXXX-test.ioc2rpz.
* CNAME test\.ch.I used your docker file and expanded it a bit. Build was from yesterday.
version: "2"
services:
# portainer docker management
portainer:
ports:
- '9000:9000'
- '8000:8000'
container_name: portainer
restart: always
volumes:
- '/var/run/docker.sock:/var/run/docker.sock'
- '/docker/portainer:/data'
image: portainer/portainer:latest
ioc2rpz:
build:
context: https://github.com/Homas/ioc2rpz.git
ports:
- "53:53/udp"
- "53:53/tcp"
- "853:853/tcp"
- "8443:8443/tcp"
volumes:
- /docker/rpz/cfg:/opt/ioc2rpz/cfg
- /docker/rpz/db:/opt/ioc2rpz/db
- /docker/rpz/include:/opt/ioc2rpz/include
restart: always
logging:
driver: syslog
network_mode: "bridge"
depends_on:
- ioc2rpz.gui
container_name: ioc2rpz.new
ioc2rpz.gui:
build:
context: https://github.com/Homas/ioc2rpz.gui.git
ports:
- "80:80/tcp"
- "443:443/tcp"
volumes:
- /docker/rpz/cfg:/opt/ioc2rpz.gui/export-cfg
- /docker/rpz/db:/opt/ioc2rpz.gui/www/io2cfg
- /docker/rpz/ssl:/etc/apache2/ssl
restart: always
logging:
driver: syslog
network_mode: "bridge"
container_name: ioc2rpz.gui.newI see the issue on my side. Trying to figure out where is a bug. Thanks for reporting!
Homas
commented
4 years ago I've identified and fixed the issue in the dev branch. I'll need to test it for a few days before pushing it to master (there were some other small changes for performance optimization).
If you want to try it just add "#dev" to the URL in the docker compose file:
context: https://github.com/Homas/ioc2rpz.git#dev
I'm using the dev branch on the community site.
mk-git
commented
4 years ago You're unbelievable! Thanks for the extremely fast bugfixing. I just rebuilt the image with #dev and tested it. Now it works.
Hi Homas
I have updated my ioc2rpz installation to the latest version (not dev, but master) Some parts of the configuration could be read again, some parts I had to rebuild.
But what I noticed: If I use "Local records" with "local_domain=test.ch" for a RPZ stream, the zones look like this:
A backslash is inserted before each point. Even if I do this with a target subdomain
refused.test.ch --> refused\.test\.chIs the problem already known?
Config line:
{rpz,{"xyz-test.ioc2rpz",60,3600,2592000,7200,"true","true",[{"local_cname","test.ch"}],["querykey"],"fqdn",60,60,["local_blacklist_test"],[],["whitelist_xyz_global"]}}.