+--On 12 septembre 2012 15:25:16 +0200 Laurent Frigault <l...@troll.free.org> wrote: | On Tue, Sep 11, 2012 at 09:29:53PM +0200, Mathieu Arnold wrote: |> +--On 10 septembre 2012 16:41:11 +0200 Laurent Frigault |> <l...@troll.free.org> wrote: |> | Instead of working on the DNS answer, I try a modified version based on |> | the query on one of my DNS servers : |> |> I did that to begin with, the problem is that libpcap sees the packets |> blocked by pf, so it never ends, on the other side, there is no answer if |> the packet is blocked. | | Yes, but pf tables handle duplicate well , so this is not a problem for | me.
It does, but I only sample like 200 queries every minute, so I ended up with always the same IP being blocked and many slipping through. -- Mathieu Arnold _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
