named recursive queries
Maxim Konovalov
maxim at macomnet.ru
Thu Jun 8 00:30:08 UTC 2006
[ Bikeshed zone ]
I think we need to stop spread misconfigured named's too. Any
objections?
Index: named.conf
===================================================================
RCS file: /home/ncvs/src/etc/namedb/named.conf,v
retrieving revision 1.22
diff -u -p -r1.22 named.conf
--- named.conf 5 Sep 2005 13:42:22 -0000 1.22
+++ named.conf 7 Jun 2006 21:56:26 -0000
@@ -30,6 +30,13 @@ options {
//
// forward only;
+// Prevent external networks from using us to query domains we are not
+// authoritative for.
+//
+ allow-recursion {
+ localhost;
+ };
+
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the Internet.
--
Maxim Konovalov
---------- Forwarded message ----------
Date: Wed, 17 May 2006 07:25:47 -0700 (PDT)
From: Sascha Wildner <swildner at crater.dragonflybsd.org>
To: commits at crater.dragonflybsd.org
Subject: cvs commit: src/etc/namedb named.conf
swildner 2006/05/17 07:25:47 PDT
DragonFly src repository
Modified files:
etc/namedb named.conf
Log:
Per default, restrict recursive queries to 127.0.0.1.
Submitted-by: Gary <gary at velocity-servers.net>
OK-by: corecode, joerg
Revision Changes Path
1.4 +9 -1 src/etc/namedb/named.conf
http://www.dragonflybsd.org/cvsweb/src/etc/namedb/named.conf.diff?r1=1.3&r2=1.4&f=u
More information about the freebsd-current
mailing list