[Fwd: cvs commit: ports/dns/bind9 Makefile
distinfo ports/dns/bind94
Makefile distinfo ports/dns/bind95 Makefile distinfo]
Alan Clegg
alan at clegg.com
Fri Jul 11 20:38:54 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matthew Seaman wrote:
> Probably what Brett is looking for are the avoid-v4-udp-ports and
> avoid-v6-udp-ports options -- these just contain lists of UDP ports
> to avoid as the source of any DNS traffic. Details are available here
> (for bind95) http://www.isc.org/sw/bind/arm95/Bv9ARM.ch06.html#options
> but it's the same for all 9.x versions of BIND.
This is fine as long as you are not defining large numbers of "don't
touch" ports.
The added functionality of 9.5.1b1:
use-v4-udp-ports { range 1024 65535; };
use-v6-udp-ports { range 1024 65535; };
Is what I was pointing people towards.
AlanC
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFId8TacKpYUrUDCYcRAhmHAJoCkQ3dxLfQhw1EamBJfNrLqwVZLwCfcfRg
VTWMnJEfymL8TH7AV2MQ7y4=
=mIl7
-----END PGP SIGNATURE-----
More information about the freebsd-security
mailing list