You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current behavior
When RPZ kicks in, no related EDE is included.
Describe the desired feature
When RPZ kicks in, an appropriate (configurable?) EDE is included. In particular one of the codes 15 (blocked) , 16 (censored) , 17 (filtered).
Potential use-case
Users of an Unbound resolver don't get clear feedback of an RPZ-action. For example if a domain name is blocked due to EU sanctions, they might get an NXDOMAIN and nothing more. An EDE of 16 would greatly help them understand what is actually happening.
One suggestion for achieving this, is to introduce additional action options, like:
CNAME ede16. for NXDOMAIN with EDE16
CNAME *-ede16. for NODATA with EDE16
But there may be other ways to accomplish something similar, for example by adding configuration options, such as rpz-signal-nxdomain-ede16. Or perhaps something with tags?
I'd like to leave it to the developers to think of the best way to provide such a feature to Unbound.
The text was updated successfully, but these errors were encountered:
Current behavior
When RPZ kicks in, no related EDE is included.
Describe the desired feature
When RPZ kicks in, an appropriate (configurable?) EDE is included. In particular one of the codes 15 (blocked) , 16 (censored) , 17 (filtered).
Potential use-case
Users of an Unbound resolver don't get clear feedback of an RPZ-action. For example if a domain name is blocked due to EU sanctions, they might get an NXDOMAIN and nothing more. An EDE of 16 would greatly help them understand what is actually happening.
One suggestion for achieving this, is to introduce additional action options, like:
CNAME ede16.for NXDOMAIN with EDE16CNAME *-ede16.for NODATA with EDE16But there may be other ways to accomplish something similar, for example by adding configuration options, such as
rpz-signal-nxdomain-ede16. Or perhaps something with tags?I'd like to leave it to the developers to think of the best way to provide such a feature to Unbound.
The text was updated successfully, but these errors were encountered: