From 7975eed9e05b20e15024ca67034bb41399f625ca Mon Sep 17 00:00:00 2001 From: Sascha Wildner Date: Wed, 17 May 2006 14:25:47 +0000 Subject: [PATCH] Per default, restrict recursive queries to 127.0.0.1. Submitted-by: Gary OK-by: corecode, joerg --- etc/namedb/named.conf | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/etc/namedb/named.conf b/etc/namedb/named.conf index ce64ec62e6..f92328b5a3 100644 --- a/etc/namedb/named.conf +++ b/etc/namedb/named.conf @@ -1,5 +1,5 @@ // $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.7 2003/02/13 13:16:51 keramida Exp $ -// $DragonFly: src/etc/namedb/named.conf,v 1.3 2004/05/27 18:15:40 dillon Exp $ +// $DragonFly: src/etc/namedb/named.conf,v 1.4 2006/05/17 14:25:47 swildner Exp $ // // Refer to the named.conf(5) and named(8) man pages for details. If // you are ever going to set up a primary server, make sure you @@ -31,7 +31,15 @@ options { // // forward only; -// If you've got a DNS server around at your upstream provider, enter + +// Prevent external networks from using us to query domains we are not +// authoritative for. +// + allow-recursion { + 127.0.0.1; + }; + +// If you've got a DNS server around at your upstream provider, enter // its IP address here, and enable the line below. This will make you // benefit from its cache, thus reduce overall DNS traffic in the Internet. // -- 2.41.0