Dropping request packets
Barry Margolin
barmar at alum.mit.edu
Tue Apr 20 02:52:34 UTC 2004
In article <c61imk$30gh$1 at sf1.isc.org>,
Kevin Darcy <kcd at daimlerchrysler.com> wrote:
> Barry Margolin wrote:
>
> >In article <c616pf$2iub$1 at sf1.isc.org>,
> > "Soraia Zlatkovic (sopaz)" <sopaz at cisco.com> wrote:
> >
> >
> >
> >>Is there a way to configure BIND (doesn't matter which version) to drop
> >>packets or refuse requests
> >>coming from a particular client?
> >>
> >>
> >
> >Yes, the "allow-query" option.
> >
> allow-query can refuse requests, i.e. send back a REFUSED response.
He said "drop packets or refuse request", so I think this should be
sufficient for his needs.
A firewall can be used to block all packets from a particular address to
port 53 on the nameserver.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list