Fwd: Fwd: disabling "Any" requests

Dns Administrator dnsadmdns at gmail.com
Wed Jul 18 06:37:56 UTC 2012


Hi
I though that it was a bit drastic removing the requests with iptables
I altered the code slightly - it appears to have the desired effect

ns_query_start() from query.c

  if (dns_rdatatype_ismeta(qtype)) {
                switch (qtype) {
                case dns_rdatatype_any:
                        /* break; Let query_find handle it. */
                        ns_client_next(client, ISC_R_NOTIMPLEMENTED);
                        return;
                case dns_rdatatype_ixfr:
                case dns_rdatatype_axfr:
                        ns_xfr_start(client, rdataset->type);
                        return;
                case dns_rdatatype_maila:
                case dns_rdatatype_mailb:
                        query_error(client, DNS_R_NOTIMP, __LINE__);
                        return;
                case dns_rdatatype_tkey:
                        result = dns_tkey_processquery(client->message,
                                                ns_g_server->tkeyctx,
                                                client->view->dynamickeys);
                        if (result == ISC_R_SUCCESS)
                                query_send(client);
                        else
                                query_error(client, result, __LINE__);
                        return;
                default: /* TSIG, etc. */
                        query_error(client, DNS_R_FORMERR, __LINE__);
                        return;
                }
        }



---------- Forwarded message ----------
From: <WBrown at e1b.org>
Date: Fri, Jul 13, 2012 at 2:55 PM
Subject: Re: Fwd: disabling "Any" requests
To: Dns Administrator <dnsadmdns at gmail.com>


Peter wrote on 07/13/2012 04:26:55 AM:

> ps I haven't stumbled across any coax cabling since the last millenium

Wirecutters work on twisted pair just as well.  And as a extra bonus, they
work on fiber cables too!



Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for the individual or entity
identified above as the addressee. If you are not the addressee (or the
employee or agent responsible to deliver it to the addressee), or if this
message has been addressed to you in error, you are hereby notified that
you may not copy, forward, disclose or use any part of this message or any
attachments. Please notify the sender immediately by return e-mail or
telephone and delete this message from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120718/b269bb5c/attachment.html>


More information about the bind-users mailing list