[Pdns-users] Is it possible to block all ANY queries?
Josh Sanders
facil77 at gmail.com
Wed Dec 16 21:59:21 UTC 2015
Hello,
I just set up PowerDNS and it works faultlessly:
pdns-static_3.4.7-1_amd64.deb
But It keeps receiving 100s of ANY queries.
PowerDNS/Bind Backend has zone: mydomain.com but It keeps receiving ANY
queries like those:
Remote xxx.xxx.xxx.xxx wants 'domainA.com|ANY', do = 0, bufsize = 1680:
packetcache MISS
Remote xxx.xxx.xxx.yyy wants 'domainB.com|ANY', do = 0, bufsize = 1680:
packetcache MISS
Remote xxx.xxx.xxx.zzz wants 'domainC.com|ANY', do = 0, bufsize = 1680:
packetcache MISS
Remote xxx.xxx.xxx.www wants 'domainD.com|ANY', do = 0, bufsize = 1680:
packetcache MISS
I know how to block those ips with fail2ban but I would not like to have
100s of iptables rules.
Is there a way to block ANY queries?
I mean like CloudFlare does: Please stop asking for ANY / See
draft-jabley-dnsop-refuse-any
Also, I tried any-to-tcp=yes but it seems not working.
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20151216/18154197/attachment.html>
More information about the Pdns-users
mailing list