Date: Fri, 4 Apr 1997 15:17:02 -0600 (CST) From: Lars Jonas Olsson <ljo@Mcs.Net> To: questions@freebsd.org Subject: refusing DNS queries for internal net Message-ID: <199704042117.PAA02968@Jupiter.Mcs.Net>
next in thread | raw e-mail | index | archive | help
I asked about firewall for avoid outside people to find what's on our inside net. The solution was to use the secure zone handling in named. If you have a named running for both external and internal net (e.g. 10.0.0.x) you can add this to the file that describes the 10.0.0.x net (often called mydomain.hosts): secure_zone IN TXT 10.0.0.0:255.255.255.0 secure_zone IN TXT 127.0.0.1:H This will let people on the internal net and the machine itself do DNS queries. When people on outside does: nslookup server <your DNS server> ls <your internal net> They will get: [<your DNS server>] *** Can't list domain <your internal net>: Query refused Jonas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704042117.PAA02968>