prevent DNS attack

[pangj]

> define "fake" -- if you mean rfc1918, you can block the ranges at ingress,
> or with iptables or similar to avoid letting it hit bind at all.

Yes I mean source-spoofed DDoS attack and I am reading this document:
http://en.wikipedia.org/wiki/Ingress_filtering

Is there a sample iptables script for that?

-- 
Email/Jabber/Gtalk: pangj at riseup.net
Free DNS Hosting with www.DNSbed.com