Tree @fresh-releases/main (Download .tar.gz)
- ..
- 00-lint.tdir
- 01-doc.tdir
- 02-unittest.tdir
- 03-testbound.tdir
- 04-checkconf.tdir
- 05-asynclook.tdir
- 06-ianaports.tdir
- 07-confroot.tdir
- 08-host-lib.tdir
- 09-unbound-control.tdir
- 10-unbound-anchor.tdir
- auth_axfr.tdir
- auth_https.tdir
- clang-analysis.tdir
- ctrl_itr.tdir
- ctrl_pipe.tdir
- dnscrypt_cert.tdir
- dnscrypt_cert_chacha.tdir
- dnstap.tdir
- dnstap_reconnect.tdir
- dnstap_tcp.tdir
- dnstap_tls.tdir
- dnstap_tls_badcert.tdir
- dnstap_tls_badname.tdir
- dnstap_tls_clientauth.tdir
- dnstap_tls_peername.tdir
- doh_downstream.tdir
- doh_downstream_buffer_size.tdir
- doh_downstream_endpoint.tdir
- doh_downstream_notls.tdir
- doh_downstream_post.tdir
- dynlibmod.tdir
- edns_cache.tdir
- fwd_ancil.tdir
- fwd_bogus.tdir
- fwd_capsid.tdir
- fwd_capsid_fallback.tdir
- fwd_capsid_strip.tdir
- fwd_capsid_white.tdir
- fwd_compress_c00c.tdir
- fwd_edns_bksec.tdir
- fwd_edns_probe.tdir
- fwd_malformed.tdir
- fwd_no_edns.tdir
- fwd_oneport.tdir
- fwd_tcp.tdir
- fwd_tcp_tc.tdir
- fwd_tcp_tc6.tdir
- fwd_three.tdir
- fwd_three_service.tdir
- fwd_ttlexpire.tdir
- fwd_udp.tdir
- fwd_udp_with_tcp_upstream.tdir
- fwd_udptmout.tdir
- fwd_waitudp.tdir
- fwd_zero.tdir
- hostsfileosx.tdir
- http_user_agent.tdir
- local_nodefault.tdir
- local_norec.tdir
- local_nosnoop.tdir
- nss_compile.tdir
- padding.tdir
- pylib.tdir
- pymod.tdir
- pymod_thread.tdir
- ratelimit.tdir
- remote-threaded.tdir
- root_anchor.tdir
- root_hints.tdir
- speed_cache.tdir
- speed_local.tdir
- ssl_req_order.tdir
- ssl_req_timeout.tdir
- stat_timer.tdir
- stat_values.tdir
- stream_ssl.tdir
- stream_tcp.tdir
- stub_udp.tdir
- stub_udp6.tdir
- stub_udp_with_tcp_upstream.tdir
- svcb.tdir
- tcp_conn_limit.tdir
- tcp_idle_timeout.tdir
- tcp_req_order.tdir
- tcp_req_size.tdir
- tcp_req_timeout.tdir
- tcp_reuse.tdir
- tcp_sigpipe.tdir
- tls_reuse.tdir
- zonemd_reload.tdir
- acl.rpl
- auth_nsec3_ent.rpl
- auth_nsec3_wild.rpl
- auth_xfr.rpl
- auth_xfr_host.rpl
- auth_xfr_ixfr.rpl
- auth_xfr_ixfrisaxfr.rpl
- auth_xfr_ixfrnotimpl.rpl
- auth_xfr_notify.rpl
- auth_xfr_probesoa.rpl
- auth_zonefile.rpl
- auth_zonefile_dnssec_fail.rpl
- auth_zonefile_down.rpl
- auth_zonefile_noup.rpl
- auth_zonefile_root.rpl
- auth_zonemd_anchor.rpl
- auth_zonemd_anchor_fail.rpl
- auth_zonemd_chain.rpl
- auth_zonemd_chain_fail.rpl
- auth_zonemd_file.rpl
- auth_zonemd_file_fail.rpl
- auth_zonemd_insecure.rpl
- auth_zonemd_insecure_absent.rpl
- auth_zonemd_insecure_absent_reject.rpl
- auth_zonemd_insecure_fail.rpl
- auth_zonemd_nokey.rpl
- auth_zonemd_permissive_mode.rpl
- auth_zonemd_xfr.rpl
- auth_zonemd_xfr_anchor.rpl
- auth_zonemd_xfr_anchor_fail.rpl
- auth_zonemd_xfr_chain.rpl
- auth_zonemd_xfr_chain_fail.rpl
- auth_zonemd_xfr_chain_keyinxfr.rpl
- auth_zonemd_xfr_fail.rpl
- autotrust_10key.rpl
- autotrust_addpend_2exceed.rpl
- autotrust_addpend_early.rpl
- autotrust_addpend_nosign.rpl
- autotrust_addpend_nosignnew.rpl
- autotrust_addpend_once.rpl
- autotrust_addpend_twice.rpl
- autotrust_init.rpl
- autotrust_init_ds.rpl
- autotrust_init_fail.rpl
- autotrust_init_failsig.rpl
- autotrust_init_legacy.rpl
- autotrust_init_sigs.rpl
- autotrust_init_zsk.rpl
- autotrust_missing.rpl
- autotrust_missing_all.rpl
- autotrust_missing_returns.rpl
- autotrust_probefail.rpl
- autotrust_probefailsig.rpl
- autotrust_revoked_use.rpl
- autotrust_revoked_with_invalid.rpl
- autotrust_revtp.rpl
- autotrust_revtp_read.rpl
- autotrust_revtp_use.rpl
- autotrust_rollalgo.rpl
- autotrust_rollalgo_unknown.rpl
- autotrust_rollover.rpl
- autotrust_valid_use.rpl
- black_data.rpl
- black_dnskey.rpl
- black_ds.rpl
- black_ds_entry.rpl
- black_ent.rpl
- black_key_entry.rpl
- black_prime.rpl
- black_prime_entry.rpl
- chaos_trustanchor.rpl
- common.sh
- dns64_lookup.rpl
- domain_insec_ds.rpl
- edns_attached_once_per_upstream.rpl
- edns_client_string.rpl
- edns_client_string_opcode.rpl
- edns_keepalive.rpl
- fetch_glue.rpl
- fetch_glue_cname.rpl
- fwd.rpl
- fwd_0ttlservfail.rpl
- fwd_any.rpl
- fwd_cached.rpl
- fwd_droptoomany.rpl
- fwd_error.rpl
- fwd_error_retries.rpl
- fwd_jostle.rpl
- fwd_jostle_out.rpl
- fwd_lrudrop.rpl
- fwd_minimal.rpl
- fwd_no_cache.rpl
- fwd_notcached.rpl
- fwd_timeout.rpl
- fwd_two.rpl
- host_file.template
- ipsecmod_bogus_ipseckey.crpl
- ipsecmod_enabled.crpl
- ipsecmod_hook.sh
- ipsecmod_ignore_bogus_ipseckey.crpl
- ipsecmod_max_ttl.crpl
- ipsecmod_strict.crpl
- ipsecmod_whitelist.crpl
- iter_class_any.rpl
- iter_cname_cache.rpl
- iter_cname_double.rpl
- iter_cname_nx.rpl
- iter_cname_qnamecopy.rpl
- iter_cycle.rpl
- iter_cycle_noh.rpl
- iter_dname_insec.rpl
- iter_dname_yx.rpl
- iter_dnsseclame_bug.rpl
- iter_dnsseclame_ds.rpl
- iter_dnsseclame_ds_ok.rpl
- iter_dnsseclame_ta.rpl
- iter_dnsseclame_ta_ok.rpl
- iter_domain_sale.rpl
- iter_domain_sale_nschange.rpl
- iter_donotq127.rpl
- iter_dp_turnsuseless.rpl
- iter_ds_locate_ns.rpl
- iter_ds_locate_ns_cname.rpl
- iter_ds_locate_ns_detach.rpl
- iter_ds_locate_ns_nosoa.rpl
- iter_ds_referral.rpl
- iter_ds_reply.rpl
- iter_emptydp.rpl
- iter_emptydp_for_glue.rpl
- iter_fwdfirst.rpl
- iter_fwdfirstequal.rpl
- iter_fwdstub.rpl
- iter_fwdstubroot.rpl
- iter_got6only.rpl
- iter_hint_lame.rpl
- iter_lame_aaaa.rpl
- iter_lame_noaa.rpl
- iter_lame_nosoa.rpl
- iter_lamescrub.rpl
- iter_mod.rpl
- iter_ns_badip.rpl
- iter_ns_spoof.rpl
- iter_pc_a.rpl
- iter_pc_aaaa.rpl
- iter_pcdiff.rpl
- iter_pcdirect.rpl
- iter_pclame.rpl
- iter_pcname.rpl
- iter_pcnamech.rpl
- iter_pcnamechrec.rpl
- iter_pcnamerec.rpl
- iter_pcttl.rpl
- iter_prefetch.rpl
- iter_prefetch_change.rpl
- iter_prefetch_change2.rpl
- iter_prefetch_childns.rpl
- iter_prefetch_fail.rpl
- iter_prefetch_ns.rpl
- iter_primenoglue.rpl
- iter_privaddr.rpl
- iter_ranoaa_lame.rpl
- iter_reclame_one.rpl
- iter_reclame_two.rpl
- iter_recurse.rpl
- iter_req_qname.rpl
- iter_resolve.rpl
- iter_resolve_minimised.rpl
- iter_resolve_minimised_nx.rpl
- iter_resolve_minimised_refused.rpl
- iter_resolve_minimised_timeout.rpl
- iter_scrub_cname_an.rpl
- iter_scrub_dname_insec.rpl
- iter_scrub_dname_rev.rpl
- iter_scrub_dname_sec.rpl
- iter_scrub_ns.rpl
- iter_scrub_ns_fwd.rpl
- iter_scrub_ns_side.rpl
- iter_soamin.rpl
- iter_stub_leak.rpl
- iter_stub_noroot.rpl
- iter_stubfirst.rpl
- iter_stublastresort.rpl
- iter_timeout_ra_aaaa.rpl
- Kexample.com.+003+02854.ds
- Kexample.com.+003+02854.key
- Kexample.com.+003+02854.private
- Kexample.com.+005+16486.ds
- Kexample.com.+005+16486.key
- Kexample.com.+005+16486.private
- Kexample.com.+005+30899.ds
- Kexample.com.+005+30899.key
- Kexample.com.+005+30899.private
- Kexample.com.+005+55582.ds
- Kexample.com.+005+55582.key
- Kexample.com.+005+55582.private
- Kexample.com.+005+60946.ds
- Kexample.com.+005+60946.key
- Kexample.com.+005+60946.private
- Kexample.com.+007+57024.ds
- Kexample.com.+007+57024.key
- Kexample.com.+007+57024.private
- Kexample.com.+008+01443.ds
- Kexample.com.+008+01443.key
- Kexample.com.+008+01443.private
- Kexample.com.+008+29332.ds
- Kexample.com.+008+29332.key
- Kexample.com.+008+29332.private
- Kexample.com.+008+55566.ds
- Kexample.com.+008+55566.key
- Kexample.com.+008+55566.private
- Kexample.com.+009+48886.ds
- Kexample.com.+009+48886.key
- Kexample.com.+009+48886.private
- Kexample.com.+012+60385.ds
- Kexample.com.+012+60385.key
- Kexample.com.+012+60385.private
- local_acl_override.rpl
- local_acl_taglist.rpl
- local_acl_taglist_action.rpl
- local_cname.rpl
- local_ds.rpl
- local_nodefault.rpl
- local_transparent_sametype.rpl
- local_typetransparent.rpl
- localdata.rpl
- net_signed_servfail.rpl
- nomem_cnametopos.rpl
- nsid_ascii.rpl
- nsid_bogus.rpl
- nsid_hex.rpl
- nsid_not_set.rpl
- refuse_xfr.rpl
- root_key_sentinel.rpl
- rpz_axfr.rpl
- rpz_clientip.rpl
- rpz_ixfr.rpl
- rpz_nsdname.rpl
- rpz_nsip.rpl
- rpz_qname.rpl
- rpz_qname_override.rpl
- rpz_qname_tcponly.rpl
- rpz_respip.rpl
- rpz_respip_override.rpl
- rpz_respip_tcponly.rpl
- rpz_rootwc.rpl
- rpz_signal_nxdomain_ra.rpl
- rrset_rettl.rpl
- rrset_untrusted.rpl
- rrset_updated.rpl
- serve_expired.rpl
- serve_expired_client_timeout.rpl
- serve_expired_reply_ttl.rpl
- serve_expired_servfail.rpl
- serve_expired_ttl.rpl
- serve_expired_ttl_client_timeout.rpl
- serve_expired_zerottl.rpl
- serve_original_ttl.rpl
- stop_nxdomain.rpl
- stop_nxdomain_minimised.rpl
- subnet_cached.crpl
- subnet_derived.crpl
- subnet_format_ip4.crpl
- subnet_max_source.crpl
- subnet_not_whitelisted.crpl
- subnet_val_positive.crpl
- subnet_val_positive_client.crpl
- subnet_without_validator.crpl
- test_ds.sha1
- test_ds.sha384
- test_ldnsrr.1
- test_ldnsrr.2
- test_ldnsrr.3
- test_ldnsrr.4
- test_ldnsrr.5
- test_ldnsrr.c1
- test_ldnsrr.c2
- test_ldnsrr.c3
- test_ldnsrr.c4
- test_ldnsrr.c5
- test_nsec3_hash.1
- test_packets.1
- test_packets.2
- test_packets.3
- test_packets.4
- test_packets.5
- test_packets.6
- test_packets.7
- test_packets.8
- test_packets.9
- test_signatures.1
- test_signatures.2
- test_signatures.3
- test_signatures.4
- test_signatures.5
- test_signatures.6
- test_signatures.7
- test_signatures.8
- test_signatures.9
- test_sigs.ecdsa_p256
- test_sigs.ecdsa_p384
- test_sigs.ed25519
- test_sigs.ed448
- test_sigs.gost
- test_sigs.hinfo
- test_sigs.revoked
- test_sigs.rsasha256
- test_sigs.rsasha256_draft
- test_sigs.rsasha512_draft
- test_sigs.sha1_and_256
- trust_cname_chain.rpl
- ttl_max.rpl
- ttl_min.rpl
- ttl_msg.rpl
- val_adbit.rpl
- val_adcopy.rpl
- val_anchor_nx.rpl
- val_anchor_nx_nosig.rpl
- val_ans_dsent.rpl
- val_ans_nx.rpl
- val_any.rpl
- val_any_cname.rpl
- val_any_dname.rpl
- val_cname_loop1.rpl
- val_cname_loop2.rpl
- val_cname_loop3.rpl
- val_cnameinsectopos.rpl
- val_cnamenx_dblnsec.rpl
- val_cnamenx_rcodenx.rpl
- val_cnameqtype.rpl
- val_cnametocloser.rpl
- val_cnametocloser_nosig.rpl
- val_cnametocnamewctoposwc.rpl
- val_cnametodname.rpl
- val_cnametodnametocnametopos.rpl
- val_cnametoinsecure.rpl
- val_cnametonodata.rpl
- val_cnametonodata_nonsec.rpl
- val_cnametonsec.rpl
- val_cnametonx.rpl
- val_cnametooptin.rpl
- val_cnametooptout.rpl
- val_cnametopos.rpl
- val_cnametoposnowc.rpl
- val_cnametoposwc.rpl
- val_cnamewctonodata.rpl
- val_cnamewctonx.rpl
- val_cnamewctoposwc.rpl
- val_deleg_nons.rpl
- val_dnametoolong.rpl
- val_dnametopos.rpl
- val_dnametoposwc.rpl
- val_dnamewc.rpl
- val_ds_afterprime.rpl
- val_ds_cname.rpl
- val_ds_cnamesub.rpl
- val_ds_gost.crpl
- val_ds_gost_downgrade.crpl
- val_ds_sha2.crpl
- val_ds_sha2_downgrade.crpl
- val_ds_sha2_lenient.crpl
- val_dsnsec.rpl
- val_entds.rpl
- val_faildnskey.rpl
- val_faildnskey_ok.rpl
- val_fwdds.rpl
- val_keyprefetch.rpl
- val_keyprefetch_verify.rpl
- val_mal_wc.rpl
- val_negcache_ds.rpl
- val_negcache_dssoa.rpl
- val_negcache_nodata.rpl
- val_negcache_nta.rpl
- val_negcache_nxdomain.rpl
- val_noadwhennodo.rpl
- val_nodata.rpl
- val_nodata_ent.rpl
- val_nodata_entnx.rpl
- val_nodata_entwc.rpl
- val_nodata_failsig.rpl
- val_nodata_failwc.rpl
- val_nodata_hasdata.rpl
- val_nodata_zonecut.rpl
- val_nodatawc.rpl
- val_nodatawc_badce.rpl
- val_nodatawc_nodeny.rpl
- val_nodatawc_one.rpl
- val_nokeyprime.rpl
- val_nsec3_b1_nameerror.rpl
- val_nsec3_b1_nameerror_noce.rpl
- val_nsec3_b1_nameerror_nonc.rpl
- val_nsec3_b1_nameerror_nowc.rpl
- val_nsec3_b21_nodataent.rpl
- val_nsec3_b21_nodataent_wr.rpl
- val_nsec3_b2_nodata.rpl
- val_nsec3_b2_nodata_nons.rpl
- val_nsec3_b3_optout.rpl
- val_nsec3_b3_optout_negcache.rpl
- val_nsec3_b3_optout_noce.rpl
- val_nsec3_b3_optout_nonc.rpl
- val_nsec3_b4_wild.rpl
- val_nsec3_b4_wild_wr.rpl
- val_nsec3_b5_wcnodata.rpl
- val_nsec3_b5_wcnodata_noce.rpl
- val_nsec3_b5_wcnodata_nonc.rpl
- val_nsec3_b5_wcnodata_nowc.rpl
- val_nsec3_cname_ds.rpl
- val_nsec3_cname_par.rpl
- val_nsec3_cname_sub.rpl
- val_nsec3_cnametocnamewctoposwc.rpl
- val_nsec3_entnodata_optout.rpl
- val_nsec3_entnodata_optout_badopt.rpl
- val_nsec3_entnodata_optout_match.rpl
- val_nsec3_iter_high.rpl
- val_nsec3_nodatawccname.rpl
- val_nsec3_nods.rpl
- val_nsec3_nods_badopt.rpl
- val_nsec3_nods_badsig.rpl
- val_nsec3_nods_negcache.rpl
- val_nsec3_nods_soa.rpl
- val_nsec3_optout_ad.rpl
- val_nsec3_optout_cache.rpl
- val_nsec3_wcany.rpl
- val_nsec3_wcany_nodeny.rpl
- val_nx.rpl
- val_nx_failwc.rpl
- val_nx_nodeny.rpl
- val_nx_nowc.rpl
- val_nx_nsec3_collision.rpl
- val_nx_nsec3_params.rpl
- val_nx_overreach.rpl
- val_pos_truncns.rpl
- val_positive.rpl
- val_positive_nosigs.rpl
- val_positive_wc.rpl
- val_positive_wc_nodeny.rpl
- val_qds_badanc.rpl
- val_qds_oneanc.rpl
- val_qds_twoanc.rpl
- val_refer_unsignadd.rpl
- val_referd.rpl
- val_referglue.rpl
- val_rrsig.rpl
- val_secds.rpl
- val_secds_nosig.rpl
- val_spurious_ns.rpl
- val_stub_noroot.rpl
- val_stubds.rpl
- val_ta_algo_dnskey.rpl
- val_ta_algo_dnskey_dp.rpl
- val_ta_algo_missing.rpl
- val_ta_algo_missing_dp.rpl
- val_twocname.rpl
- val_unalgo_anchor.rpl
- val_unalgo_ds.rpl
- val_unsec_cname.rpl
- val_unsecds.rpl
- val_unsecds_negcache.rpl
- val_unsecds_qtypeds.rpl
- val_wild_pos.rpl
- version_bind.rpl
- version_bind_hide.rpl
- views.rpl
- zonemd.example1.zone
- zonemd.example10.zone
- zonemd.example11.zone
- zonemd.example12.zone
- zonemd.example13.zone
- zonemd.example14.zone
- zonemd.example15.zone
- zonemd.example16.zone
- zonemd.example17.zone
- zonemd.example2.zone
- zonemd.example3.zone
- zonemd.example4.zone
- zonemd.example5.zone
- zonemd.example6.zone
- zonemd.example7.zone
- zonemd.example8.zone
- zonemd.example9.zone
- zonemd.example_a1.zone
- zonemd.example_a2.zone
- zonemd.example_a3.zone
- zonemd.example_a4.zone
- zonemd.example_a5.zone
rpz_rootwc.rpl @fresh-releases/main — raw · history · blame
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 | ; config options server: module-config: "respip validator iterator" target-fetch-policy: "0 0 0 0 0" qname-minimisation: no rpz: name: "rpz.example.com." zonefile: TEMPFILE_NAME rpz.example.com TEMPFILE_CONTENTS rpz.example.com $ORIGIN example.com. rpz 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( 1379078166 28800 7200 604800 7200 ) 3600 IN NS ns1.rpz.example.com. 3600 IN NS ns2.rpz.example.com. $ORIGIN rpz.example.com. a CNAME . a CNAME *. ; duplicate CNAME here on purpose *.a TXT "wildcard local data" * CNAME . b.a CNAME *. c.a CNAME rpz-passthru. TEMPFILE_END rpz: name: "rpz2.example.com." zonefile: TEMPFILE_NAME rpz2.example.com TEMPFILE_CONTENTS rpz2.example.com $ORIGIN example.com. rpz2 3600 IN SOA ns1.rpz.example.com. hostmaster.rpz.example.com. ( 1379078166 28800 7200 604800 7200 ) 3600 IN NS ns1.rpz.example.com. 3600 IN NS ns2.rpz.example.com. $ORIGIN rpz2.example.com. a TXT "local data 2nd zone" d TXT "local data 2nd zone" e CNAME *.a.example. *.e CNAME *.b.example. drop CNAME rpz-drop. TEMPFILE_END stub-zone: name: "a." stub-addr: 10.20.30.40 stub-zone: name: "example." stub-addr: 10.20.30.50 CONFIG_END SCENARIO_BEGIN Test RPZ QNAME trigger for root wildcard. ; a. RANGE_BEGIN 0 100 ADDRESS 10.20.30.40 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION a. IN NS SECTION ANSWER a. IN NS ns.a. SECTION ADDITIONAL ns.a IN A 10.20.30.40 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION c.a. IN TXT SECTION ANSWER c.a. IN TXT "answer from upstream ns" ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION x.b.a. IN TXT SECTION ANSWER x.b.a. IN TXT "answer from upstream ns" ENTRY_END RANGE_END ; example. RANGE_BEGIN 0 100 ADDRESS 10.20.30.50 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION example. IN NS SECTION ANSWER example. IN NS ns.example. SECTION ADDITIONAL ns.example IN A 10.20.30.50 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION e.a.example. IN TXT SECTION ANSWER e.a.example. IN TXT "e.a.example. answer from upstream ns" ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION something.e.b.example. IN TXT SECTION ANSWER something.e.b.example. IN TXT "*.b.example. answer from upstream ns" ENTRY_END RANGE_END STEP 10 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION x. IN TXT ENTRY_END ; wildcard deny all STEP 20 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA AA NXDOMAIN SECTION QUESTION x. IN TXT SECTION ANSWER ENTRY_END STEP 30 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION y.tld. IN TXT ENTRY_END ; wildcard deny all STEP 40 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA AA NXDOMAIN SECTION QUESTION y.tld. IN TXT SECTION ANSWER ENTRY_END SCENARIO_END |