Test Policy
Pre-requisites
Ensure that you are connected to a network that has DNS Firewall configured as per insrtuctions in Deploy Network. Alternatively, if you are testing a policy from a device ensure the roaming client is configured as per instructions in Deploy Roaming clients.
Test a policy
For testing purposes, let's create a policy to block example.com. Add example.com to block list from Domain Management
- Open your terminal.
- Type dig example.com (nslookup example.com if you are using Windows) and press Enter.
- If the block page is enabled you should see the block page IP in the response and the DNS server should be that of DNS Firewall.
; <<>> DiG 9.10.6 <<>> @dns.oryxlabs.com example.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8197
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 80541 IN A 93.184.216.34
;; AUTHORITY SECTION:
example.com. 80541 IN NS a.iana-servers.net.
example.com. 80541 IN NS b.iana-servers.net.
;; Query time: 22 msec
;; SERVER: 45.152.135.135#53(45.152.135.135)
;; WHEN: Tue Oct 03 11:26:51 +04 2023
;; MSG SIZE rcvd: 153
dig @dns.oryxlabs.com example.com
; <<>> DiG 9.10.6 <<>> @dns.oryxlabs.com example.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4926
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 0 IN A 54.225.5.19
;; Query time: 30 msec
;; SERVER: 45.152.135.135#53(45.152.135.135)
;; WHEN: Tue Oct 03 11:28:32 +04 2023
;; MSG SIZE rcvd: 56