Import RPZ lists

the import rpz lists service allows personal rpz lists (e g , https //threatfox abuse ch/downloads/threatfox rpz https //threatfox abuse ch/downloads/threatfox rpz ) to be imported to the dns proxy file change control and eventual import is performed every 30 minutes to manage the service access the admin panel under a advanced configuration » \[z] import rpz lists it is advisable to block proxy & bypass filters on the cloud panel for proper operation of rpz policies 1 1 first configuration first configuration 1 1 access the import rpz list menu 2 2 activate the service by typing y and pressing enter 3 3 on the next screen, type y and press enter to create the fsupload user (wait for the procedure to run) 4 4 on the next screen, type y and press enter to proceed to enter the password on the fsupload user it is always possible to change the password from the change fsupload password menu 2 2 how to import an rpz list how to import an rpz list to import an rpz list, an sftp client (e g , filezilla or linux/windows sftp) must be used 3 3 sftp access parameters sftp access parameters standard access mode with any sftp client connect with the listed parameters and the password chosen during configuration ssh key access mode enable the access mode from the change configuration menu and enter the ssh keys of the machines enabled to access via the manage ssh keys » add key 4 4 supported list formats supported list formats the following formats are supported standard rpz zone files list domains standard rpz zone files standard rpz files with policy triggers and policy actions example rpz zones domain list it is possible to import a list of domains to be blocked and define policies for the list the policy definition must be entered in the first line respecting the following format variables definition block type indicates the block type, enter one of these values block the domain is blocked with not existent domain error send to ip the domain is resolved with the ip given in destination send to domain the domain is resolved with the domain specified in destination destination mandatory if block type is send to ip or send to domain, indicates the ip or domain to resolve example file with resolution to the domain example com entering rpz into the configuration log in sftp to the machine with the user fsupload access the fsupload/rpz/ folder upload the file with the extension load wait for the timing of the procedure or, to perform the import immediately, access the check rpz lists now menu 5 5 removing rpz from the configuration removing rpz from the configuration log in sftp to the machine with the user fsupload access the fsupload/rpz/ folder remove the file with the db extension wait for the timing of the procedure or, to perform the removal immediately, access the check rpz lists now menu 6 6 check import errors check import errors log in sftp to the machine access the fsupload/rpz/ folder download the files with the extension error and remove it from the folder open the file with a text editor and move to the end of the file to check the error correct the file and retry rpz insertion in the configuration 7 7 list import example the example below shows the import of an rpz file using the sftp command, available on both windows and linux, in ssh key access mode notes the first time you log in you will be asked for permission to log in, type yes and press enter 8 8 menu import rpz list 9 9 disable service / enable service disable service / enable service access the menu to disable or enable the rpz import service disable service 1 1 access the \[d] disable service menu 2 2 type y and press enter to confirm deactivation (wait for the procedure to run) access the menu to disable or enable the rpz import service enable service 1 1 go to the main menu import rzp lists 2 2 type y and press enter to confirm activation (wait for the procedure to be executed) notes if the fsupload user was not present it will be created and configured 10 10 change configuration enable access via public ssh key 1 1 access the \[c] change configuration menu 2 2 type y and press enter to set up access 3 3 type y and press enter to immediately manage the enabled ssh keys, or type n and press enter to return to the import rpz lists menu it is possible to manage ssh enabled keys from the menu 11 11 manage ssh keys through this menu you can manage the ssh keys authorized for access 1 1 access the \[m] manage ssh keys menu view authorized keys 1 1 access the \[v] view authorized keys menu 2 2 if there are multiple ssh keys, the system divides the view into blocks, press the space bar to display the next block add key 1 1 access the \[a] add key menu 2 2 enter an identifying name for the key and press enter, only letters, numbers and character are allowed this name will be used when deleting the key 3 3 enter/copy the ssh key of the machine authorized to access and press enter ( wait for the procedure to be executed ) delete key to delete an ssh key you need to know the idenfiticative name given to the chive when entering it if you do not remember the name à you can view it through the manage ssh keys » view authorized keys menu 1 1 access the \[d] delete single key menu 2 2 enter the idenficative name of the key to be deleted and press enter ( wait for the procedure to run ) clear all keys through this menu all ssh keys will be cleared 1 1 access the \[c] clear all keys menu 2 2 type y and press enter to confirm the deletion ( wait for the procedure to run ) 12 12 change fsupload password change fsupload password 1 1 access the \[p] change fsupload password menu 2 2 type y and press enter to proceed to enter the password on the fsupload user 13 13 check rpz lists now checking the lists to be imported is done automatically every 30 minutes if execution is needed access this menu 1 1 access the \[i] check rpz lists now menu 2 2 type y and press enter to confirm the check ( wait for the procedure to run ) 3 3 when finished, the system will show the current import status 14 14 view rpz lists import status 1 1 access the \[s] view rpz lists import status menu 2 2 type y and press enter to confirm ( wait for the procedure to run ) 15 15 legend last check/last import » last check performed last check indicates that the check was performed but no changes were present last import indicates that the check was performed and changes were made loaded » rpz lists successfully loaded into the file configuration with db extension to be parsed » rpz lists that need to be checked by the system files with load extension to be removed » rpz lists to be removed, they are loaded in the configuration but no longer have db files in the folder error » rpz lists that were checked but generated error and were not loaded into the configuration files with extension erro other ways to ask the import rpz lists service allows personal rpz lists how to import rpz lists