Configuring bind not to use unprivileged ports?
Angel Tsankov
fn42551 at fmi.uni-sofia.bg
Wed May 31 21:29:45 UTC 2006
I'm using bind 9.3.1 on a linux system running kernel version 2.6.11.12. I added the following line to the options statement in the
named.conf file:
query-source address * port 53
After that, I restarted bind but it still performs queries using UDP on unprivileged ports (1024-65535).
I need is to configure bind to use well defiend ports so that I can then configure iptables to allow outgoing DNS queries and
incoming DNS replies. Besides, I prefer not to open all unprivileged ports so I tried the query-source option above but without
success. Can anyone help me?
P.S. I here's the complete named.conf file in case it is needed:
options {
directory "/etc/namedb";
pid-file "/var/run/named.pid";
statistics-file "/var/run/named.stats";
allow-query { 0/0; };
query-source address * port 53;
};
zone "." {
type hint;
file "root.hints";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "pz/127.0.0";
};
More information about the bind-users
mailing list