[Pdns-users] Feature request: disable-any-meta-query-typ-e

Josh Sanders facil77 at gmail.com
Fri Dec 18 21:21:10 UTC 2015


Thanks for your reply Bert,

I am trying the iptables rules for stopping "questions"
-m string --hex-string "|0000ff0001|"  and not allowing
to overload my small DNSs.



On Fri, Dec 18, 2015 at 3:01 PM, bert hubert <bert.hubert at powerdns.com>
wrote:

> On Fri, Dec 18, 2015 at 02:50:22PM -0600, Josh Sanders wrote:
> > Remote xxx.xxx.xxx.www wants 'domainD.com|ANY', do = 0, bufsize = 1680:
> > packetcache MISS
> >
> > As you may see, 'any-to-tcp=yes' seems to be not working so far ...
>
> Can you tcpdump? They could simply be sking the question, doesn't mean they
> have to *respect* your TC=1 answer. Since that is all we can do, set TC=1.
> It does not stop the questions!
>
> We do provide a really small answer that way, which stops the amplification
> from working.
>
>         Bert
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20151218/aae8a282/attachment.html>


More information about the Pdns-users mailing list