blocking a certain ip address *completely*

Nick Bryant nick.bryant at ipcenta.com
Mon Jan 10 18:05:29 UTC 2000


Jurgen,

You got ipchains on your machine? If so why dont you just create an
input policy that denies port 53 (or any) as a destination if the source
is said machine.

Thats how i'd do it.

N

> -----Original Message-----
> From: Jurgen Philippaerts [mailto:jurgen at pophost.eunet.be]
> Sent: 10 January 2000 09:22
> To: comp-protocols-dns-bind at uunet.uu.net
> Subject: blocking a certain ip address *completely*
> 
> 
> 
> Hi,
> 
> some client of another isp, seems to be running windows 2000 
> already :(
> my nameserver is bombarded with unapproved updates every couple of
> seconds.
> i have tried to contact that company, i have tried though their isp.
> 
> now i just want to block his ip completely.
> 
> jus t one little problem; i don't really know where to start.
> i thought it had something to do with the acl and deny.. but the
> documentation of bind is not so clear on that topic.
> 
> can anyone shed some light on this ?
> 
> ps: running bind 8.2.2-p5
> 
> thanks,
> Jurgen.
> -- 
> Windows 2000: You want fries with that?
> Linux anubis 2.2.13 #1 Thu Nov 4 10:19:55 CET 1999 i686 unknown
>  11:23am  up 60 days, 20:33,  1 user,  load average: 1.05, 1.08, 1.11
> 
> 



More information about the bind-users mailing list