bind9 的 Response Policy Zone 不错

V2EX = way to explore

V2EX 是一个关于分享和探索的地方

现在注册

已注册用户请登录

DNS 参考资料

List of DNS Record Types

dig 使用说明

djbdns

DNS Parameters

dnslib for Python

这是一个创建于 3657 天前的主题，其中的信息可能已经有所发展或是发生改变。

named.conf

options { ...... response-policy { zone "rpz.zone" policy given; } max-policy-ttl 86400 qname-wait-recurse no ; }; zone "rpz.zone" { type master; file "zone\db.rpz.zone"; };

db.rpz.zone （可以把 gfwlist 或 hosts 里的域名 A 记录全放进来）

$TTL 1D @ IN SOA localhost. root.localhost. ( 2015112401 ; serial 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS localhost. localhost IN A 127.0.0.1 telemetry.microsoft.com CNAME rpz-drop. *.telemetry.microsoft.com CNAME rpz-drop. data.microsoft.com CNAME rpz-drop. *.data.microsoft.com CNAME rpz-drop. v2ex.com IN A 23.251.125.133 *.v2ex.com IN A 23.251.125.133 dns.v2ex.com IN A 178.79.131.110 v2ex.co IN A 23.251.96.133 *.v2ex.co IN A 23.251.96.133

dig cdn.v2ex.com

; <<>> DiG 9.10.3 <<>> cdn.v2ex.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55146 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;cdn.v2ex.com. IN A ;; ANSWER SECTION: cdn.v2ex.com. 86400 IN A 23.251.125.133 ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Nov 28 08:30:01 ?D1ú±ê×?ê±?? 2015 ;; MSG SIZE rcvd: 57

log

28-11 月-2015 8:20:14.770 client 127.0.0.1#60177 (www.v2ex.com): rpz QNAME Local-Data rewrite www.v2ex.com via www.v2ex.com.rpz.zone 28-11 月-2015 8:20:31.140 client 127.0.0.1#50308 (cdn.v2ex.com): rpz QNAME Local-Data rewrite cdn.v2ex.com via cdn.v2ex.com.rpz.zone 28-11 月-2015 8:20:31.186 client 127.0.0.1#64292 (cdn.v2ex.co): rpz QNAME Local-Data rewrite cdn.v2ex.co via cdn.v2ex.co.rpz.zone 28-11 月-2015 8:24:22.253 client 127.0.0.1#50452 (static.v2ex.com): rpz QNAME Local-Data rewrite static.v2ex.com via static.v2ex.com.rpz.zone 28-11 月-2015 8:27:05.577 client 127.0.0.1#60849 (i.v2ex.co): rpz QNAME Local-Data rewrite i.v2ex.co via i.v2ex.co.rpz.zone 28-11 月-2015 8:27:43.314 client 127.0.0.1#64795 (i.v2ex.co): rpz QNAME Local-Data rewrite i.v2ex.co via i.v2ex.co.rpz.zone 28-11 月-2015 8:28:24.558 client 127.0.0.1#60353 (i.v2ex.co): rpz QNAME Local-Data rewrite i.v2ex.co via i.v2ex.co.rpz.zone 28-11 月-2015 8:29:11.649 client 127.0.0.1#52932 (i.v2ex.co): rpz QNAME Local-Data rewrite i.v2ex.co via i.v2ex.co.rpz.zone 28-11 月-2015 8:30:01.127 client 127.0.0.1#59080 (i.v2ex.co): rpz QNAME Local-Data rewrite i.v2ex.co via i.v2ex.co.rpz.zone 28-11 月-2015 8:30:01.684 client 127.0.0.1#49178 (cdn.v2ex.com): rpz QNAME Local-Data rewrite cdn.v2ex.com via cdn.v2ex.com.rpz.zone

3 条回复 2016-03-07 14:05:55 +08:00

zyqf

2016-03-07 09:53:05 +08:00

配置后，查询别的域名时，返回为空信息

lenovo

2016-03-07 11:17:11 +08:00

r#1 @zyqf 在你原配置里加上 rpz 的部分，不是只有这一部分

zyqf

2016-03-07 14:05:55 +08:00

@lenovo 虚拟机依旧不行，同样的配置放在 vps 上就好了