[ Bikeshed zone ] I think we need to stop spread misconfigured named's too. Any objections? Index: named.conf =================================================================== RCS file: /home/ncvs/src/etc/namedb/named.conf,v retrieving revision 1.22 diff -u -p -r1.22 named.conf --- named.conf 5 Sep 2005 13:42:22 -0000 1.22 +++ named.conf 7 Jun 2006 21:56:26 -0000 _at__at_ -30,6 +30,13 _at__at_ options { // // forward only; +// Prevent external networks from using us to query domains we are not +// authoritative for. +// + allow-recursion { + localhost; + }; + // If you've got a DNS server around at your upstream provider, enter // its IP address here, and enable the line below. This will make you // benefit from its cache, thus reduce overall DNS traffic in the Internet. -- Maxim Konovalov ---------- Forwarded message ---------- Date: Wed, 17 May 2006 07:25:47 -0700 (PDT) From: Sascha Wildner <swildner_at_crater.dragonflybsd.org> To: commits_at_crater.dragonflybsd.org Subject: cvs commit: src/etc/namedb named.conf swildner 2006/05/17 07:25:47 PDT DragonFly src repository Modified files: etc/namedb named.conf Log: Per default, restrict recursive queries to 127.0.0.1. Submitted-by: Gary <gary_at_velocity-servers.net> OK-by: corecode, joerg Revision Changes Path 1.4 +9 -1 src/etc/namedb/named.conf http://www.dragonflybsd.org/cvsweb/src/etc/namedb/named.conf.diff?r1=1.3&r2=1.4&f=uReceived on Wed Jun 07 2006 - 22:30:07 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:56 UTC