Cisco Cisco Prime IP Express 8.3 기술 참조
A priority of 0 (the default) has the lowest
possible priority.
possible priority.
rpz-override
(none=0, drop=1, no-op=2, nodata=3, nxdomain=4, redirect=5) default = none
Specifies an override clause for responses matching RPZ rules.
Overrides cause the response to differ from that stated in the
RPZ zone.
none - No override (default).
drop - Overrides all RPZ rule matches by dropping the
request.
no-op - Overrides all RPZ rule matches by following normal
request processing (white listing RPZ rules).
nodata - Overrides all RPZ rule matches to return NODATA.
nxdomain - Overrides all RPZ rule matches to return NXDOMAIN.
redirect - Overrides all RPZ rule matches to be redirected
to FQDN specified in rpz-override-redirect.
Overrides cause the response to differ from that stated in the
RPZ zone.
none - No override (default).
drop - Overrides all RPZ rule matches by dropping the
request.
no-op - Overrides all RPZ rule matches by following normal
request processing (white listing RPZ rules).
nodata - Overrides all RPZ rule matches to return NODATA.
nxdomain - Overrides all RPZ rule matches to return NXDOMAIN.
redirect - Overrides all RPZ rule matches to be redirected
to FQDN specified in rpz-override-redirect.
rpz-override-redirect
Specifies an FQDN to use in conjunction with rpz-override when
the redirect override is selected. All RPZ rule matches will be
redirected to this FQDN.
the redirect override is selected. All RPZ rule matches will be
redirected to this FQDN.
(obj(0))
Specifies a list of one or more IP addresses (v4 and/or v6) of
the Response Policy Zone Authoritative DNS server(s). This attribute
only applies to rpz actions.
the Response Policy Zone Authoritative DNS server(s). This attribute
only applies to rpz actions.
(query-name=1, ip-answers=2, ns-name=3, ns-ip=4) default = query-name,ip-answers
Specifies which part of query processing should apply RPZ rules.
query-name - Apply RPZ rules to incoming query FQDN.
ip-answers - Apply RPZ rules to A/AAAA records in answer
section (rpz-ip).
ns-name - Apply RPZ rules to name server names used
in query processing (rpz-nsdname).
ns-ip - Apply RPZ rules to name server IPs used in
query processing (rpz-nsip).
query-name - Apply RPZ rules to incoming query FQDN.
ip-answers - Apply RPZ rules to A/AAAA records in answer
section (rpz-ip).
ns-name - Apply RPZ rules to name server names used
in query processing (rpz-nsdname).
ns-ip - Apply RPZ rules to name server IPs used in
query processing (rpz-nsip).
Specifies the zone name to use for Response Policy Zone rule
processing. Only applies to rpz actions.
processing. Only applies to rpz actions.
cdns-firewall
cdns-firewall - Controls and configures DNS firewall processing in the DNS
Caching server
Caching server
Synopsis
cdns-firewall <name> create <attribute>=<value>
cdns-firewall <name> delete
cdns-firewall <name> show
cdns-firewall <name> get <attribute>
cdns-firewall <name> set <attribute>=<value>
cdns-firewall <name> unset <attribute>
cdns-firewall list
cdns-firewall listbrief
cdns-firewall listnames
cdns-firewall <name> delete
cdns-firewall <name> show
cdns-firewall <name> get <attribute>
cdns-firewall <name> set <attribute>=<value>
cdns-firewall <name> unset <attribute>
cdns-firewall list
cdns-firewall listbrief
cdns-firewall listnames
Description
The cdns-firewall command is used to control and manage DNS firewall processing
in the DNS Caching server. The DNS Caching server must be reloaded for changes
to take effect.
in the DNS Caching server. The DNS Caching server must be reloaded for changes
to take effect.
Examples
nrcmd> cdns-firewall HandleMissing create