You may want to consider how to trigger removal of this blocking when the problem has gone away and the address is again used responsibly.
Maybe add a log statement with a limitation of one per day and checking that this is no longer seen for some time? IPTABLES can do the logging. On 04/08/10 11:00, Denis BUCHER wrote: > Le 03.08.2010 21:25, Kevin Darcy a écrit : >>>>> I would like to know if I can block hosts doing that at the level of >>>>> /etc/hosts.allow or should I do it at the level of Bind itself ? >>>> Use IPTables or add rules to your firewall. I don't believe that BIND >>>> pays any attention to /etc/hosts.allow >>> >>> Yes I tried iptables, it is working perfectly, and /etc/hosts.allow >>> does not look to be working. This was pefect : >>> >>> iptables -I INPUT 3 -p tcp -s 202.152.172.4 --dport 53 -j DROP >>> >> I'm no iptables experts, but doesn't that only apply to TCP packets? > > Dear Kevin, > > Yes sorry, in fact I also should add a rule for UDP : > >> iptables -I INPUT 3 -p udp -s 202.152.172.4 --dport 53 -j DROP > > Or : (all ports) > >> iptables -I INPUT 3 -s 202.152.172.4 -j DROP > > Thanks a lot ! > > Denis > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Best regards Sten Carlsen No improvements come from shouting: "MALE BOVINE MANURE!!!"
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users