|
|
|
|
|
|
by metalruler
5076 days ago
|
|
|
It really is a disgusting hack, and specific to FreeBSD. It does need to be a bit more sophisticated than "block an IP if it floods me" because as it is now someone can simply spoof the IP of an ISP's DNS server and effectively firewall them, blocking their users from being able to resolve the domain names I'm hosting. I can give you one tip to get you started: if you're running named, you can enable logging of every query, something like (hope this formats ok) : logging {
channel query_logging {
file "/var/log/named/querylog"
versions 3 size 100M;
print-time yes; // timestamp log entries
};
category queries {
query_logging;
};
}; |
|
|