On 2012-12-06, Paolo Aglialoro <paol...@gmail.com> wrote: > > Now, the idea is to create an acl of possible fake IPs of spoofers and deny > them any query to the DNS.
BTW...if you're dealing with spoofed DNS problems, you might also be interested in dnsfilter (recently added to ports) or the ratelimit flavour of the up-to-date version of BIND 9 which is in ports (both of these were added after 5.2 i.e. you'll need -current).
