Fima Leshinsky wrote:
>
> It seems like setting the TC flag is what I'm after but curious if there's
> a way to do this via configuration rather than a patch.
You can do this by setting the rate-limit slip parameter to 1. This might
be the right answer if you want to use an ACL to identify when t
As already noted, allow-query will cause you to send back a REFUSED response.
That’s sort of the whole point of the REFUSED RCODE.
If you want to not send back any response *whatsoever*, then take a look at the
“blackhole” statement, but, honestly, this kind of “drop” function may,
depending on
On 08/08/2016 18:43, Darcy Kevin (FCA) wrote:
> As already noted, allow-query will cause you to send back a REFUSED
> response. That’s sort of the whole point of the REFUSED RCODE.
>
>
>
> If you want to not send back any response **whatsoever**, then take a
> look at the “blackhole” statement,
Thanks for the info. Also I'll have to note that I completely missed that
the "offending IP" is one of the .uk root servers so the next logical
conclusion is I've probably got a box in one of my environments driving an
amplification attack of some sort or something at those IPs that I need to
figu
On 08/08/2016 20:59, Frank Even wrote:
> Thanks for the info. Also I'll have to note that I completely missed
> that the "offending IP" is one of the .uk root servers so the next
> logical conclusion is I've probably got a box in one of my environments
> driving an amplification attack of some sor
5 matches
Mail list logo