Blocking reverse lookup queries for private ips

/dev/rob0 rob0 at gmx.co.uk
Tue Nov 22 18:13:33 UTC 2016


On Tue, Nov 22, 2016 at 10:57:00AM +0000, Tony Finch wrote:
> Sachin Patil <04sachin at gmail.com> wrote:
> 
> > I want to return nxdomain for any private ip reverse lookup.
> 
> BIND does this by default. Look for "built-in empty zones" in
> https://ftp.isc.org/isc/bind9/cur/9.11/doc/arm/Bv9ARM.ch06.html

Please note however: empty zones change per minor version, so users 
of BIND 9.9 would need:
  https://ftp.isc.org/isc/bind9/cur/9.9/doc/arm/Bv9ARM.ch06.html
and users of 9.10 would need:
  https://ftp.isc.org/isc/bind9/cur/9.10/doc/arm/Bv9ARM.ch06.html

(Users of BIND 9.8 and earlier versions would need to contact their 
distributor for support.)
-- 
  http://rob0.nodns4.us/
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:


More information about the bind-users mailing list