Date: Thu, 8 Jun 2006 01:57:20 +0400 (MSD) From: Maxim Konovalov <maxim@macomnet.ru> To: current@freebsd.org Cc: dougb@freebsd.org Subject: named recursive queries Message-ID: <20060608015022.Y52876@mp2.macomnet.net>
next in thread | raw e-mail | index | archive | help
[ Bikeshed zone ]
I think we need to stop spread misconfigured named's too. Any
objections?
Index: named.conf
===================================================================
RCS file: /home/ncvs/src/etc/namedb/named.conf,v
retrieving revision 1.22
diff -u -p -r1.22 named.conf
--- named.conf 5 Sep 2005 13:42:22 -0000 1.22
+++ named.conf 7 Jun 2006 21:56:26 -0000
@@ -30,6 +30,13 @@ options {
//
// forward only;
+// Prevent external networks from using us to query domains we are not
+// authoritative for.
+//
+ allow-recursion {
+ localhost;
+ };
+
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
--
Maxim Konovalov
---------- Forwarded message ----------
Date: Wed, 17 May 2006 07:25:47 -0700 (PDT)
From: Sascha Wildner <swildner@crater.dragonflybsd.org>
To: commits@crater.dragonflybsd.org
Subject: cvs commit: src/etc/namedb named.conf
swildner 2006/05/17 07:25:47 PDT
DragonFly src repository
Modified files:
etc/namedb named.conf
Log:
Per default, restrict recursive queries to 127.0.0.1.
Submitted-by: Gary <gary@velocity-servers.net>
OK-by: corecode, joerg
Revision Changes Path
1.4 +9 -1 src/etc/namedb/named.conf
http://www.dragonflybsd.org/cvsweb/src/etc/namedb/named.conf.diff?r1=1.3&r2=1.4&f=u
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060608015022.Y52876>