> In message <20100225123134.gb2...@fantomas.sk>, Matus UHLAR - fantomas writes: > > On 25.02.10 12:01, Matus UHLAR - fantomas wrote: > > > I see that hosts that are not allowed to recurse are often generating > > > check-named errors. > > > > check-names it is. > > > > I apparently too often use "named" so I do this king of mistypes. > > > > > I wonder if it wouldn't be better to check ACL's first and check-names > > > just > > > after it?
On 26.02.10 13:08, Mark Andrews wrote: > It really depends what's more important for you to see. Whether > you got a recursive query that didn't match a acl or a query that > failed check-names. Both get REFUSED so the client can't tell the > difference. I personally don't care about broken requests from unknown IPs and would like to log them as unauthorized, not invalid requests. My question is if this is acceptable and doable. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Quantum mechanics: The dreams stuff is made of. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users