blocking a certain ip address *completely*
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Mon Jan 10 20:30:46 UTC 2000
See "options { blackhole { ...}; };".
Mark
>
> Jurgen,
>
> You got ipchains on your machine? If so why dont you just create an
> input policy that denies port 53 (or any) as a destination if the source
> is said machine.
>
> Thats how i'd do it.
>
> N
>
> > -----Original Message-----
> > From: Jurgen Philippaerts [mailto:jurgen at pophost.eunet.be]
> > Sent: 10 January 2000 09:22
> > To: comp-protocols-dns-bind at uunet.uu.net
> > Subject: blocking a certain ip address *completely*
> >
> >
> >
> > Hi,
> >
> > some client of another isp, seems to be running windows 2000
> > already :(
> > my nameserver is bombarded with unapproved updates every couple of
> > seconds.
> > i have tried to contact that company, i have tried though their isp.
> >
> > now i just want to block his ip completely.
> >
> > jus t one little problem; i don't really know where to start.
> > i thought it had something to do with the acl and deny.. but the
> > documentation of bind is not so clear on that topic.
> >
> > can anyone shed some light on this ?
> >
> > ps: running bind 8.2.2-p5
> >
> > thanks,
> > Jurgen.
> > --
> > Windows 2000: You want fries with that?
> > Linux anubis 2.2.13 #1 Thu Nov 4 10:19:55 CET 1999 i686 unknown
> > 11:23am up 60 days, 20:33, 1 user, load average: 1.05, 1.08, 1.11
> >
> >
>
>
--
Mark Andrews, Nominum Inc. / Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list