stream_getlen(...): request too small

Mark_Andrews at iengines.com Mark_Andrews at iengines.com
Wed Nov 10 04:29:19 UTC 1999


> I've had quite a few messages logged by one of my servers like:
> Nov 9 02:05:48 mercury named[14461]: stream_getlen([207.82.61.10].2200):
> request too small
> 
> Anyone give me a quick lesson in the ramifications of this?  This mean
> someone is firing broken packets at me?  The address logged is outside our
> perimeter...
> 
	DNS TCP has a 2 octet header saying how big the follwoing query is. 
	The received size is less than the minimum of a query hence bogus.

> Unrelated but related:  I see "allow-query"... but is there a mechanism in
> BIND that can do the opposite (kind of like a "reject-query acl")?

	You can do this with the existing acls, you can negate a list.

	Mark
> 
> BIND 8.2.1.  Thanks in advance.
> -Alan
> 
> =============
> Alan Sparks, Principal Network Analyst       <asparks at cpd.harris.com>
> Harris Corporation, Camarillo CA                   (805) 389-2430
> 
> 
--
Mark Andrews, Internet Engines Inc. / Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at iengines.com


More information about the bind-users mailing list