Hello,
This is 5.2 on sparc64.
Both in BIND9 admin guide and in man named.conf the option "blackhole" is
present.
Nevertheless, this is the story:
# named-checkconf -t /var/named/
/etc/named.conf:111: unknown option 'blackhole'
Now, the idea is to create an acl of possible fake IPs of spoofers and deny
them any query to the DNS.
The right command would in fact be "blackhole". Any try with:
allow-query { !spooferz-acl; };
results just in queries being rejected from anywhere. So I really miss
blackhole.
Is it missing in OpenBSD implementation? Is there any way out of this? Like
adding "anyone else" to allow-query structure?
Thanks in advance
