[rbldnsd] Problems configuring BIND 9 with rbldnsd
Bob Apthorpe
cbfgfgbfcnzy at cynistar.net
Mon Jun 12 08:05:41 MSD 2006
Hi,
Michael Tokarev wrote:
> Aaron K. Moore wrote:
>> I'm new to some of this and am having a few problems.
>>
>> I have rbldnsd configured and running on port 530 as per the directions
>> at http://www.tqmcube.com/rbldnsd.php .
>
> They're talking about linux there. On linux, the whole 127.0.0.0/8
> range (all IP addresses from it) is available as local addresses.
> Instead of using non-standard port, I'd recommend to use 'spare'
> IP address for rbldnsd in that range, in case both BIND and rbldnsd
> are on the same machine. Use eg 127.1.2.3 address for rbldnsd (and
> standard port 53), and use that same address in named.conf. So the
> two cases are collapsing into one. This way, you will be able to
> easily query rbldnsd alone, by specifying just an appropriate IP
> address (not all dns tools allows you to specify alternative port
> number). But ok.
FWIW, here's how I'm forwarding from BIND 9.2.3 to rbldnsd on a SuSE
linux box:
=== /etc/init.d/rbldnsd ===
....
start() {
if [ ! "$pid" ]; then
report Starting
/sbin/ifconfig lo:4 127.0.0.4;
runit
fi
}
....
=== /etc/sysconfig/rbldnsd ===
RBLDNSD="
absrc \
-r /var/lib/rbldns \
-b 127.0.0.4 \
-l absrc_lookup.log \
-s absrc_stats.log \
absrc.blacklist:ip4set:absrc.zone \
"
=== /var/lib/rbldns/absrc.zone ===
$SOA 3000 absrc.blacklist hostmaster.example.com 0 600 300 86400 300
$NS 3000 absrc.blacklist
#
:127.0.0.2:Source address of abusive traffic
#
# Blacklist
#
12.172.137.13
# __END__
=== /etc/named.conf ===
....
zone "absrc.blacklist" IN {
type forward;
forward first;
forwarders {
127.0.0.4;
};
};
....
hth,
-- Bob
More information about the rbldnsd
mailing list