Cisco Cisco Prime IP Express 8.3 Technische Referenzen
cdns-firewall
cdns-firewall - Controls and configures DNS firewall processing in the DNS
Caching server
Caching server
Synopsis
cdns-firewall <name> create <attribute>=<value>
cdns-firewall <name> delete
cdns-firewall <name> show
cdns-firewall <name> get <attribute>
cdns-firewall <name> set <attribute>=<value>
cdns-firewall <name> unset <attribute>
cdns-firewall list
cdns-firewall listbrief
cdns-firewall listnames
cdns-firewall <name> delete
cdns-firewall <name> show
cdns-firewall <name> get <attribute>
cdns-firewall <name> set <attribute>=<value>
cdns-firewall <name> unset <attribute>
cdns-firewall list
cdns-firewall listbrief
cdns-firewall listnames
Description
The cdns-firewall command is used to control and manage DNS firewall processing
in the DNS Caching server. The DNS Caching server must be reloaded for changes
to take effect.
in the DNS Caching server. The DNS Caching server must be reloaded for changes
to take effect.
Examples
nrcmd> cdns-firewall HandleMissing create
nrcmd> cdns-firewall HandleMissing set action=drop aaaa-response=64:ff9b::10
nrcmd> cdns-firewall HandleMissing set action=drop aaaa-response=64:ff9b::10
Status
See Also
Attributes
Attributes
a-response
Specifies the IPv4 address to use as a response to a query for
an A resource record. Only applies to redirect and redirect-nxdomain
actions.
an A resource record. Only applies to redirect and redirect-nxdomain
actions.
Specifies the IPv6 address to use as a response to a query for
a AAAA resource record. Only applies to redirect and
redirect-nxdomain actions.
a AAAA resource record. Only applies to redirect and
redirect-nxdomain actions.
(refuse=1, redirect=2, drop=4, redirect-nxdomain=5, rpz=6) default = drop
Specifies what kind of action to take when this rule is executed.
drop - Ignore/drop this query completely.
refuse - Respond with no data and the REFUSED status.
redirect - Redirect A/AAAA queries to the specified IP address.
redirect-nxdomain - Redirect A/AAAA queries if the query domain
does not exist.
rpz - Use Response Policy Zone (RPZ) rules.
drop - Ignore/drop this query completely.
refuse - Respond with no data and the REFUSED status.
redirect - Redirect A/AAAA queries to the specified IP address.
redirect-nxdomain - Redirect A/AAAA queries if the query domain
does not exist.
rpz - Use Response Policy Zone (RPZ) rules.
client-acl
default = any
Lists the clients that will be redirected by this rule.