Freeware DVD-CD PuTTY FLV-Flash Video WP Plugin
UPSRATE RSI Stock Blog Remember the code?

August 23, 2006

[named] allowing query for only local domains

Filed under: Unix Admin — HanaDaddy @ 10:43 pm

Rule:
1. Block all query
2. Allow query for each local zone


// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
allow-query {
none; //By default, block query for all domain
};
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; }; // Block update
allow-query { any; }; // Allow query

};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; }; // Block update
allow-query { any; }; // Allow query
};

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

 

43 queries. 0.359 seconds. Powered by WordPress