DNS::rpz_policy

Description

Returns the RPZ (Response Policy Zones) policy associated with the DNS cache.
The possible return values are:
  • “” (empty string) if RPZ is not configured.
  • “NXDOMAIN” if RPZ is configured to return an NXDOMAIN response on a match.
  • “WG <walled garden name>” if RPZ is configured to return a Walled Garden redirect on a match.
Note: This command functions only in the context of GTM/BIG-IP DNS iRules and requires the DNS Profile, which is only enabled as part of GTM/BIG-IP DNS or the DNS Services add-on.

Syntax

DNS::rpz_policy

Examples

when DNS_RESPONSE {
     if { [DNS::origin] eq "RPZ"} {
        log local0. "[DNS::question name] resulted in an RPZ [DNS::rpz_policy]"
     }
}