From owner-freebsd-questions@FreeBSD.ORG Tue Oct 19 19:54:02 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B1BC316A4CE for ; Tue, 19 Oct 2004 19:54:02 +0000 (GMT) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 7BD0C43D53 for ; Tue, 19 Oct 2004 19:54:01 +0000 (GMT) (envelope-from krylon@gmx.net) Received: (qmail 30106 invoked by uid 65534); 19 Oct 2004 19:53:59 -0000 Received: from i53874B22.versanet.de (EHLO [192.168.0.13]) (83.135.75.34) by mail.gmx.net (mp005) with SMTP; 19 Oct 2004 21:53:59 +0200 X-Authenticated: #685629 Message-ID: <417570D2.3010109@gmx.net> Date: Tue, 19 Oct 2004 21:53:54 +0200 From: Benjamin Walkenhorst User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040926) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <20041019201733.E79192@gaff.hhhr.ision.net> <417568D4.5000309@pilar-ciudad.com.ar> In-Reply-To: <417568D4.5000309@pilar-ciudad.com.ar> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Private (only) DNS server setup? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Oct 2004 19:54:02 -0000 Hi, Ezequiel O. Block wrote: > The allow-recursion option would limit queries only to your lan. like > this > > options { > > allow-recursion { 192.168.1.0/24; 127.0.0.1; }; > > }; > > You can also say: options { ... listen-on { 192.168.0.1; 127.0.0.1; }; }; ^^^^^^^^^^^ (Or whatever your server's local IP is) This way it will only listen on those interfaces. Also, there's allow-query and blackhole... _Plus_ you can just use a packet filter to protect your DNS-server from the internet. Possibilities are endless... =) Kind regards, Benjamin