Patch for djbdns-1.05 to avoid Verisign DNS abuse

Andrew J Caines A.J.Caines at
Fri Sep 19 13:19:11 PDT 2003

The patch on[1] applies cleanly and works as advertised:

	# nslookup
	Server:  localhost

	Non-authoritative answer:
	# nslookup
	Server:  localhost

	*** No address (A) records available for

To fix the records pointing to the Verisign IP:

# echo > /service/dnscache/root/ignoreip
# svc -t /service/dnscache

I extracted the patch from the page[1] and put it in files/patch-ignoreip2
and ran the above by hand. I considered trying to patch the port, but was
unable to resolve issues such as at what stage to create the ignoreip,
where to reliably locate the service directory and what the relevant
service names would be (eg. There are references to dnscache as "D" as
well as "dnscache"). Also, the service stuff is in the daemontools port.

So, to DIY for (at least) dnscache, this should do the trick:

# cd /usr/ports/dns/djbdns
# fetch -o files/patch-ignoreip2
# make
# SERVICE=/service/dnscache  # Adjust accordingly
# echo > $SERVICE/root/ignoreip
# svc -d $SERVICE
# make reinstall
# svc -u $SERVICE


| -Andrew J. Caines-   Unix Systems Engineer   A.J.Caines at  |
| "They that can give up essential liberty to obtain a little temporary |
|  safety deserve neither liberty nor safety" - Benjamin Franklin, 1759 |

More information about the freebsd-ports mailing list