> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Constantine A. Murenin > Sent: Tuesday, June 20, 2006 11:44 AM > To: Gilles Chehade > Cc: misc@openbsd.org > Subject: Re: named on udp ports only > > On 20/06/06, Gilles Chehade <[EMAIL PROTECTED]> wrote: > > On Tue, 20 Jun 2006 16:28:28 +0100 > > "Constantine A. Murenin" <[EMAIL PROTECTED]> wrote: > > > > > On 20/06/06, Gilles Chehade <[EMAIL PROTECTED]> wrote: > > > > On Tue, 20 Jun 2006 16:07:25 +0100 > > > > "Constantine A. Murenin" <[EMAIL PROTECTED]> wrote: > > > > > > > > > Hello, > > > > > > > > > > I'm running an sshd on port 53 (domain) as there is some > > > > > convenient wireless hot-spot that allows for both udp and tcp > > > > > connection on this port without any authentication. :) > > > > > > > > > > (Yes, there is not even a need for NSTX!) > > > > > > > > > > How do I tell my named(8) to only listen on udp ports, and leave > > > > > tcp ports for sshd(8)? Is this at all possible with named.conf > > > > > alone? I've glanced through named.conf(5), but didn't find the > > > > > desired option there... > > > > > > > > > > Thanks, > > > > > Constantine. > > > > > > > > > > > > > can't you just use PF to redirect ? > > > > > > I was thinking about that, but I wanted to make it more "proper". :) > > > > > > > well, you are trying to do something quite disgusting, pf is probably > > the most elegant way to do that ;) > > The machine in question doesn't run pf, and the DSL router that it is > connected to doesn't have the option to change ports... :( > > So I'd like to settle this with named alone. :) > > Thanks, > Constantine.
Correct me if I'm wrong (and I usually am) but I thought DNS (and named specifically) only used tcp connections for zone transfers. If you only allow resolution and not zone transfers, named should only communicate via UDP... no need for nasty pf work. Dan Farrell Applied Innovations [EMAIL PROTECTED]
