i dont see different in the logs when using tags
tags is best for profile per device more control
ty
2 Likes
How and at what time do the rpz zones get updated if the âget_doh_rpz_shâ file is not needed to run daily?
If I underestand correctly, tags are only used for tagging client source address. I would think tagging outgoing addresses would be more useful
Hey! I was just working on RPZ! Quit peaking over my shoulder!
Take a look at this file:
See the second line:
@ SOA jpgpi250.github.io. hostmaster.jpgpi250.github.io. 2402060245 86400 1800 604800 30
That lines tells RPZ to check for new info every 86400 seconds.
Post 15 above will give you the âkeyâ
1 Like
Thatâs very slick 
1 Like
This is all very cool.
Waiting for the GUI button 
1 Like
Ha! me too!
I need to find someone to do the WebGUI. It is beyond my skills!
Let me know if you know of someone!
I am going to adapt this excellent guide to use RPZ Threatfox.
2 Likes
let us know how it works! There are lots of lines in Threatfox so I dont know if that will slow things down.
Iâve been experimenting with the Steven Black hosts list for bad domains.
Threatfox RPZ has the lines it needs so hopefully all will work OK
$TTL 30
@ SOA rpz.threatfox.abuse.ch. hostmaster.threatfox.abuse.ch. 2402061856 300 1800 604800 30
NS localhost.
;
; ThreatFox Response Policy Zones (RPZ)
1 Like
If you move beyond one single config file to multiple config files, then create a separate file and name it: /etc/unbound/local.d/rpz.conf
server:
module-config: "respip validator iterator"
NOTE: I have not tested if the order of config file loading matters. This file may need to be named something like /etc/unbound/local.d/01-rpz.conf
2 Likes
I have named the config files accordingly
`/etc/unbound/local.d/threatfox.confâ
`/etc/unbound/local.d/doh.confâ
new add for above!
touch /etc/unbound/zonefiles/block.[name].rpz.zone
chown nobody:nobody /etc/unbound/zonefiles/block.[name].rpz.zone
chmod 644 /etc/unbound/zonefiles/block.[name].rpz.zone
1 Like
Disable all of the zones for a few minutes
Need to disable all of the zones for a few minutes to access a blocked site? For example: unsubscribing from some email system that happens to be blocked?
This will shut-down the Zones for 2 minutes and then re-enable all of the Zones.
for zone in $( unbound-control list_auth_zones | awk '{print $1}' ) ; do printf "Disable $zone\t" ; unbound-control rpz_disable "$zone" ; done &&
sleep 2m &&
for zone in $( unbound-control list_auth_zones | awk '{print $1}' ) ; do printf "Enable $zone\t" ; unbound-control rpz_enable "$zone" ; done
1 Like
hi
If I underestand correctly, tags are only used for tagging client source address. I would think tagging outgoing addresses would be more useful
it is possible to define also interfaces such as eth0 for example
i dont have test
ty
1 Like
FYI about RPZ.
1 Like
31 posts were split to a new topic: I created a test version of a RPZ add-on and I am looking for feedback
Since this thread changed topics (move from blocking DoH to blocking different categories) I decided to create a new thread and close this thread.
3 Likes