; config options server: module-config: "respip validator iterator" target-fetch-policy: "0 0 0 0 0" qname-minimisation: no rrset-roundrobin: no access-control: 192.0.0.0/8 allow rpz: name: "rpz.example.com" rpz-log: yes rpz-log-name: "rpz.example.com" zonefile: TEMPFILE_NAME rpz.example.com TEMPFILE_CONTENTS rpz.example.com rpz.example.com. 3600 IN SOA ns.rpz.example.com. hostmaster.rpz.example.com. 1 3600 900 86400 3600 rpz.example.com. 3600 IN NS ns.rpz.example.net. a.foo.rpz.example.com. 120 IN A 10.99.99.99 TEMPFILE_END stub-zone: name: "." stub-addr: 10.20.30.40 CONFIG_END SCENARIO_BEGIN Test RPZ with cached CNAME to A record RANGE_BEGIN 0 100 ADDRESS 10.20.30.40 ENTRY_BEGIN MATCH opcode qname qtype ADJUST copy_id REPLY QR NOERROR AA SECTION QUESTION . IN NS SECTION ANSWER . IN NS ns. SECTION ADDITIONAL ns. IN NS 10.20.30.40 ENTRY_END ENTRY_BEGIN MATCH opcode qname qtype ADJUST copy_id REPLY QR NOERROR AA SECTION QUESTION b.foo. IN A SECTION ANSWER b.foo. 30 CNAME a.foo. a.foo. 30 A 1.2.3.4 ENTRY_END ENTRY_BEGIN MATCH opcode qname qtype ADJUST copy_id REPLY QR NOERROR AA SECTION QUESTION a.foo. IN A SECTION ANSWER a.foo. A 1.2.3.4 ENTRY_END RANGE_END STEP 10 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION a.foo. IN A ENTRY_END STEP 20 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA AA NOERROR SECTION QUESTION a.foo. IN A SECTION ANSWER a.foo. 120 A 10.99.99.99 ENTRY_END STEP 30 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION b.foo. IN A ENTRY_END STEP 40 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA AA NOERROR SECTION QUESTION b.foo. IN A SECTION ANSWER b.foo. 30 CNAME a.foo. a.foo. 120 A 10.99.99.99 ENTRY_END STEP 50 TIME_PASSES ELAPSE 3 STEP 60 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION b.foo. IN A ENTRY_END STEP 70 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA AA NOERROR SECTION QUESTION b.foo. IN A SECTION ANSWER b.foo. 30 CNAME a.foo. a.foo. 120 A 10.99.99.99 ENTRY_END SCENARIO_END