<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Reading unbound blog and RPZ draft I tried implementing rpm response IP address trigger.<div class=""><br class=""></div><div class="">My unbound.conf contains like "module-config: "respip validator iterator”.</div><div class="">As an example the rpz file has the following entry</div><div class=""><br class=""></div><div class=""><span style="font-family: CenturyGothic;" class="">16.205.251.0.0.rpz-ip CNAME *.</span></div><div class=""><font face="CenturyGothic" class=""><br class=""></font></div><div class=""><div class="">When I perform dig <a href="http://ns-1756.awsdns-27.co.uk" class="">ns-1756.awsdns-27.co.uk</a> it returns actual IP - which I think it should filter and return NODATA.</div><div class=""><br class=""></div><div class=""><div class=""><font face="CenturyGothic" class="">; <<>> DiG 9.17.11 <<>> <a href="http://ns-1756.awsdns-27.co.uk" class="">ns-1756.awsdns-27.co.uk</a></font></div><div class=""><font face="CenturyGothic" class="">;; global options: +cmd</font></div><div class=""><font face="CenturyGothic" class="">;; Got answer:</font></div><div class=""><font face="CenturyGothic" class="">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30242</font></div><div class=""><font face="CenturyGothic" class="">;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1</font></div><div class=""><font face="CenturyGothic" class=""><br class=""></font></div><div class=""><font face="CenturyGothic" class="">;; OPT PSEUDOSECTION:</font></div><div class=""><font face="CenturyGothic" class="">; EDNS: version: 0, flags:; udp: 1232</font></div><div class=""><font face="CenturyGothic" class="">;; QUESTION SECTION:</font></div><div class=""><font face="CenturyGothic" class="">;<a href="http://ns-1756.awsdns-27.co.uk" class="">ns-1756.awsdns-27.co.uk</a>.<span class="Apple-tab-span" style="white-space:pre"> </span>IN<span class="Apple-tab-span" style="white-space:pre"> </span>A</font></div><div class=""><font face="CenturyGothic" class=""><br class=""></font></div><div class=""><font face="CenturyGothic" class="">;; ANSWER SECTION:</font></div><div class=""><font face="CenturyGothic" class=""><a href="http://ns-1756.awsdns-27.co.uk" class="">ns-1756.awsdns-27.co.uk</a>. 14400<span class="Apple-tab-span" style="white-space:pre"> </span>IN<span class="Apple-tab-span" style="white-space:pre"> </span>A<span class="Apple-tab-span" style="white-space:pre"> </span>205.251.198.220</font></div><div class=""><font face="CenturyGothic" class=""><br class=""></font></div><div class=""><font face="CenturyGothic" class="">;; Query time: 450 msec</font></div><div class=""><font face="CenturyGothic" class="">;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)</font></div><div class=""><font face="CenturyGothic" class="">;; WHEN: Sun Jul 11 18:37:28 MDT 2021</font></div><div class=""><font face="CenturyGothic" class="">;; MSG SIZE rcvd: 68</font></div><div style="font-family: CenturyGothic;" class=""><br class=""></div></div><div class=""><span style="font-family: CenturyGothic;" class=""><br class=""></span></div><div class=""><span style="font-family: CenturyGothic;" class="">Am I doing it right?</span><br class="" style="font-family: CenturyGothic;"><div class="" style="font-family: CenturyGothic;"><div dir="auto" class="" style="font-family: "Century Gothic"; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;"><div dir="auto" class="" style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;"></div></div></div></div><div class="">
<div dir="auto" style="font-family: "Century Gothic"; font-size: 18px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div dir="auto" style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div><br class="Apple-interchange-newline"><br class=""></div><div>Marek Abram (Mark)</div><div><a href="mailto:marek.w.abram@gmail.com" class="">marek.w.abram@gmail.com</a></div><div class=""><br class=""></div></div><br class="Apple-interchange-newline"></div><br class="Apple-interchange-newline" style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0); font-family: "Century Gothic"; font-size: 18px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;"><br class="Apple-interchange-newline">
</div>
<br class=""></div></body></html>