From owner-freebsd-security Sat Jan 29 17:37:13 2000 Delivered-To: freebsd-security@freebsd.org Received: from naiad.eclipse.net.uk (naiad.eclipse.net.uk [195.188.32.29]) by hub.freebsd.org (Postfix) with ESMTP id E1ED115888 for ; Sat, 29 Jan 2000 17:37:06 -0800 (PST) (envelope-from sh@octarine.org) Received: by naiad.eclipse.net.uk (Postfix, from userid 65534) id D52BD13264; Sun, 30 Jan 2000 01:37:00 +0000 (GMT) Message-ID: <949196220.389395bcb8f26@webmail.octarine.org> Date: Sun, 30 Jan 2000 01:37:00 +0000 To: Brett Glass From: Stuart Henderson Cc: Michael Bryan , Subject: Re: Continual DNS requests from mysterious IP References: <200001291634.IAA36101@floozy.zytek.com> <200001291634.IAA36101@floozy.zytek.com> <4.2.2.20000129173939.0410f700@localhost> In-Reply-To: <4.2.2.20000129173939.0410f700@localhost> MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP IMAP webmail program 2.2.0-cvs X-Complaints-To: abuse@eclipse.net.uk X-Trace: webmail.octarine.org/212.104.138.99/195.188.32.32/1.0 thebe.proxy.eclipse.net.uk:8080 (Squid/2.3.DEVEL2) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Quoting Brett Glass : > Which brings up a question I've had > for a long time. When I set up a > system as a NAT router, I would like > to assign names to the internal > machines (e.g. on 10.x.x.x) so that > the POP server and other programs > that do DNS queries are happy. (It > also makes the logs more readable.) > However, I don't want anyone OUTSIDE > to be able to do forward or reverse > DNS for those machines. Is there an > easy way to do this? Recent versions of BIND let you specify who may query, transfer, and update at a per-zone granularity. http://www.isc.org/products/BIND/docs/config/z one.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message