Am 06.10.2014 um 19:47 schrieb Ian Zimmerman:
On Fri, 03 Oct 2014 00:08:49 +0200, Axb <axb.li...@gmail.com> wrote: Axb> What's wrong with running rbldnsd? It's the tool all BLs use for Axb> mirroring BL data. It's so stable and simple to use nothing can Axb> beat it. From the website:There is no config file, rbldnsd accepts all configuration in command line.A bit too simple, I'd say. What about kernel argv limits?
what has this to do with the kernel and how does it matter if you specify the few RBLs you have local in one line or 10?
it is that efficient *because* it is that simple designed [root@localhost:~]$ cat /etc/sysconfig/rbldnsdRBLDNSD="-f -n -r/var/lib/rbldnsd -c 60s -t 600:300:600 -e -v -a -q -4 -b 127.0.0.1/1053 dnsbl.example.com:ip4set:dnsbl.example.com dnswl-aggregate.example.com:ip4set:dnswl-aggregate.example.com dnsbl-ix.example.com:ip4set:dnsbl-ix.example.com dnsbl-backscatterer.example.com:ip4set:dnsbl-backscatterer.example.com dnswl-whitelisted-org.example.com:ip4set:dnswl-whitelisted-org.example.com dnsbl-uce.example.com:ip4set:dnsbl-uce.example.com dnsbl-uce-2.example.com:ip4set:dnsbl-uce-2.example.com dnsbl-surriel.example.com:ip4set:dnsbl-surriel.example.com"
[root@localhost:~]$ cat /etc/systemd/system/rbldnsd.service [Unit] Description=DNSBL/DNSWL Daemon After=network.service systemd-networkd.service network-online.target Before=unbound.service [Service] Type=simple EnvironmentFile=/etc/sysconfig/rbldnsd ExecStart=/usr/sbin/rbldnsd $RBLDNSD ExecReload=/usr/bin/kill -HUP $MAINPID Restart=always RestartSec=1 PrivateTmp=yes NoNewPrivileges=yesCapabilityBoundingSet=CAP_DAC_OVERRIDE CAP_IPC_LOCK CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_KILL
ReadOnlyDirectories=/etc ReadOnlyDirectories=/usr ReadOnlyDirectories=/var/lib [Install] WantedBy=multi-user.target
signature.asc
Description: OpenPGP digital signature
