Reply
Highlighted
Accepted Solution

Inconsistent RPZ Results

gleeson
Techie
Posts: 5
816     0

I configured some test local RPZ rules, however it seems it only works for some of the sites listed.

 

For example, I set it to block cnn.com, facebook.com, and boardgames.com.

But the only one that's blocked effectively is boardgames.com.

 

If I attempt an nslookup for any of the blocked sites it comes back "Non-existent domain".

But I'm able to browse to facebook and cnn.  I did an ipconfig /flushdns and cleared the browser cache, as well.  No change.

 

 

Any ideas?

Re: Inconsistent RPZ Results

Adviser
Posts: 76
817     0

If you make a packet trace what do you see there?

Re: Inconsistent RPZ Results

TTiscareno Community Manager
Community Manager
Posts: 297
817     0

RPZ can be a little confusing because it gives you control over whether to act on the domain name, or everything that falls underneath the domain. In the example that you provided, your policy is set to act on the domain name only and to block everything else underneath, you would add a second rule with a wildcard character- *.boardgames.com.

 

As a result, you will have two rules for every domain name. Doing this through the GUI is fine for small updates but if you are setting a large number of rules, I would recommend using the CSV import feature. This would allow you to simplify the process using your standard spreadsheet application before uploading it into NIOS.

 

Regards,

Tony

Re: Inconsistent RPZ Results

gleeson
Techie
Posts: 5
817     0

Looks like that did the trick. (adding *.site.com)

 

Thanks Tony.

 

 

Showing results for 
Search instead for 
Do you mean 

Recommended for You