2 rules aren't needed if you don't specify protocol and port in the first one. It simply drops ALL traffic from that IP.
-----Original Message----- From: bind-users-bounces+jlightner=water....@lists.isc.org [mailto:bind-users-bounces+jlightner=water....@lists.isc.org] On Behalf Of Lyle Giese Sent: Tuesday, August 03, 2010 4:18 PM To: bind-users@lists.isc.org Subject: Re: Script-kiddie / client <IP> query (cache) '<host>/MX/IN' denied Kevin Darcy wrote: > On 8/3/2010 3:03 PM, Denis BUCHER wrote: >> Dear Lyle, >> >> Le 03.08.2010 18:17, Lyle Giese a écrit : >>>> I would like to know if I can block hosts doing that at the level of >>>> /etc/hosts.allow or should I do it at the level of Bind itself ? >>> Use IPTables or add rules to your firewall. I don't believe that BIND >>> pays any attention to /etc/hosts.allow >> >> Yes I tried iptables, it is working perfectly, and /etc/hosts.allow >> does not look to be working. This was pefect : >> >> iptables -I INPUT 3 -p tcp -s 202.152.172.4 --dport 53 -j DROP >> > I'm no iptables experts, but doesn't that only apply to TCP packets? > > > - > Kevin > Good catch, Kevin! You are right, he should add two rules, one for tcp and one for udp. Lyle Giese LCR Computer Services, Inc. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Proud partner. Susan G. Komen for the Cure. Please consider our environment before printing this e-mail or attachments. ---------------------------------- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. ---------------------------------- _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
