allow-query for non authoritative zones
David Botham
dns at botham.net
Thu Aug 21 13:11:36 UTC 2003
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Seme, Markus
> Sent: Wednesday, August 20, 2003 10:47 AM
> To: bind-users at isc.org
> Subject: allow-query for non authoritative zones
>
> Hi,
> i want block queries from several, different Source-IP's (spoofed) to
> the same domain ( DOS ).
> The domain is not under my authorization - for example microsoft.com
> !?
>
> It's easy to konfigure BIND9 with acl and allow-query for local zones
> ( in my authorization ) - for example:
>
> zone "local.com" {
> type master;
> file "local.com.zone";
> allow-query { none; };
> };
You could create a view for the offending source IP space and load the
zone(s) in question just as you have above in that view.
Dave...
More information about the bind-users
mailing list