anudeepND
commented
2 years ago @lfechne Thanks for your contribution and thanks to @spirillen for reviewing the changes
Open lfechne opened 2 years ago
anudeepND
commented
2 years ago @lfechne Thanks for your contribution and thanks to @spirillen for reviewing the changes
anudeepND
commented
2 years ago @spirillen Let mw know if the script needs any changes as I have never used bind9 before xD
spirillen
commented
2 years ago @spirillen Let mw know if the script needs any changes as I have never used bind9 before xD
The answer is, it depends... would you have full blown supper and actually optimize for integrating the RPZ (Response policy zone) then yes, the script need a lot of changes.
Until I know this, I suggest you try to compare the zone file between this one and my pirated zone file (it is the one most most RPZ tricks)
drill axfr pirated.mypdns.cloud @axfr.ipv4.mypdns.cloud -p 530 > pirated.mypdns.cloudThen there is the other question, what reply do the prefer? the RFC NXDOMAIN (Domain do not exist, stop asking) or a local ip like 127.0.0.1 which will generate a query to localhost:$port and wait for a timeout (usually 60 to 120 sec)
Here is a few issues on @ScriptTiger issue board that touches this topic and I suggest to read before deciding.
There is also another long thread at the unnamed issues marked something like good discussion in the closed issue section. (it is related to this https://mypdns.org/mypdns/support/-/wikis/dns/DnsHosts#hosts-file-vs-unbound-test) :smirk: :dog2:
I wrote this script for my own sakes, wanted to share.