NEED A BIT OF NAMED EXPERIENCE
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Wed Oct 8 01:57:33 UTC 2003
> Oct 08 02:25:57.442 security: info: client 202.188.1.25#45382: query
> 'mail.eziekiel.com/IN' denied
> Oct 08 02:25:57.452 security: info: client 202.188.1.25#45382: query
> 'NS.eziekiel.com/IN' denied
> Oct 08 02:25:57.452 security: info: client 202.188.1.25#45382: query
> 'NS.eziekiel.com/IN' denied
> Oct 08 02:25:58.632 security: info: client 216.240.152.4#1205: query
> 'mail.eziekiel.com/IN' denied
> Oct 08 02:26:00.591 security: info: client 216.240.152.4#1205: query
> 'NS.eziekiel.com/IN' denied
> Oct 08 02:26:00.592 security: info: client 216.240.152.4#1205: query
> 'NS.eziekiel.com/IN' denied
> Oct 08 02:26:00.672 security: info: client 216.240.152.4#1205: query
> 'NS.eziekiel.com/IN' denied
> Oct 08 02:26:00.681 security: info: client 216.240.152.4#1205: query
> 'NS.eziekiel.com/IN' denied
> Oct 08 02:26:01.032 security: info: client 216.240.152.3#1601: query
> 'mail.eziekiel.com/IN' denied
> Oct 08 02:26:02.391 security: info: client 216.240.152.3#1601: query
> 'NS.eziekiel.com/IN' denied
> Oct 08 02:26:02.401 security: info: client 216.240.152.3#1601: query
> 'NS.eziekiel.com/IN' denied
>
> Now on this last one a nameserver lookup gives me
>
>
> 216.240.152.3
> Server: 203.2.75.2
> Address: 203.2.75.2#53
>
> Non-authoritative answer:
> 3.152.240.216.in-addr.arpa name = ns3.calpop.com.
>
> Authoritative answers can be found from:
> 152.240.216.in-addr.arpa nameserver = ns1.calpop.com.
> 152.240.216.in-addr.arpa nameserver = ns2.calpop.com.
> ns1.calpop.com internet address = 216.240.130.2
> ns2.calpop.com internet address = 216.240.150.2
>
> Can some please explain if i have set my named.conf file to restrictivly or
> is this that someone is trying to use my nameserver to get information for
> them ??
>
> Sorry but i am kind of new to this
>
> Kind regards
>
> Andrew
>
>
>
NS.EZIEKIEL.COM is a listed nameserver for EZIEKIEL.COM as
such it should be configured to answer questions about
EZIEKIEL.COM for everybody.
I would have helped if you had posted your current named.conf.
Anyway the effective allow-query for EZIEKIEL.COM should be
"any;". If you have a allow-query at the options/view level
you need to override it at the zone level.
zone "EZIEKIEL.COM" {
...
allow-query { any; };
};
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list