From owner-freebsd-stable Fri Nov 19 9:33:22 1999 Delivered-To: freebsd-stable@freebsd.org Received: from misha.cisco.com (misha.cisco.com [171.69.206.50]) by hub.freebsd.org (Postfix) with ESMTP id 3E10B14CE0 for ; Fri, 19 Nov 1999 09:33:00 -0800 (PST) (envelope-from mi@misha.cisco.com) Received: (from mi@localhost) by misha.cisco.com (8.9.3/8.9.1) id MAA08589; Fri, 19 Nov 1999 12:32:54 -0500 (EST) (envelope-from mi) Message-Id: <199911191732.MAA08589@misha.cisco.com> Subject: Re: Bind in a sandbox (was: Anticipated release date for 3.4) In-Reply-To: <6C37EE640B78D2118D2F00A0C90FCB4401105D9E@site2s1> from Christopher Michaels at "Nov 19, 1999 12:19:58 pm" To: Christopher Michaels Date: Fri, 19 Nov 1999 12:32:54 -0500 (EST) Cc: stable@freebsd.org Reply-To: mi@aldan.algebra.com From: Mikhail Teterin X-Mailer: ELM [version 2.4ME+ PL60 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Christopher Michaels once wrote: > After reading that I was hoping someone could give me some assistance. > I would like to run bind in a sandbox. > > My problem is that I am on a dynamic IP and when I run it in a > sandbox, it complains about not being able to bind to port 53 for the > new address on the interface. > > Does anyone know of a way around this? (does bind need to listen to > port 53 on the outside interface)? No it does not. In fact, it should not, because this way it can be abused by people outside your lan. May be, we can patch our bind to automaticly detect dynamic interfaces and not listen on them by default? You want to add something like: listen-on { 127.0.0.1; 10.10.0.1; // list your other interfaces here }; to the options-section of your named.conf. This, actually, belongs to the questions@freebsd.org mailing list. -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message