Strangely unapproved queries
furio ercolessi
furioae at spin.it
Sat Jul 10 00:03:25 UTC 1999
Hello all,
I run BIND 8.1.2 and I limited generic queries to hosts in my network:
allow-query { 127.0.0.1/32; 147.123.0.0/16; };
but of course with exceptions for all the zone I am authoritative for,
and in particular
zone "123.147.in-addr.arpa" { type master; file "[...]"; allow-query {
any; }; };
This is a standard setup and it works as expected.
However, I am puzzled by the observation that a few queries for
123.147.in-addr.arpa
are being refused:
Jul 10 00:26:02 up named[3075]: unapproved query from
[206.184.139.150].1024 for "132.25.123.147.in-addr.arpa"
Jul 10 00:56:52 up named[3075]: unapproved query from
[206.184.139.145].1024 for "111.1.123.147.in-addr.arpa"
Jul 10 01:19:10 up named[3075]: unapproved query from
[206.184.139.142].1024 for "18.8.123.147.in-addr.arpa"
Jul 10 01:36:04 up named[3075]: unapproved query from
[206.184.139.134].1024 for "18.8.123.147.in-addr.arpa"
Jul 10 01:55:25 up named[3075]: unapproved query from
[206.184.139.13].2693 for "111.1.123.147.in-addr.arpa"
Jul 10 01:55:25 up named[3075]: unapproved query from [206.86.0.21].4152
for "111.1.123.147.in-addr.arpa"
Jul 10 01:55:33 up named[3075]: unapproved query from
[206.184.139.12].2261 for "111.1.123.147.in-addr.arpa"
Jul 10 01:55:33 up named[3075]: unapproved query from
[206.184.139.14].1024 for "111.1.123.147.in-addr.arpa"
Jul 10 01:55:34 up named[3075]: unapproved query from
[206.184.139.14].1024 for "111.1.123.147.in-addr.arpa"
Jul 10 01:55:35 up named[3075]: unapproved query from [206.86.0.21].4152
for "111.1.123.147.in-addr.arpa"
I triggered myself the last bunch just by accessing http://www.best.com/
, and
147.123.1.111 is my proxy server that requested the pages.
So the question is: why are these queries refused, given that they refer
to a zone
with allow-query {any; } ?
Thanks
furio ercolessi
Spin - Trieste (Italy)
More information about the bind-users
mailing list