> Feb 22 09:14:52 kmdns1 named[2087]: client 62.109.4.89#59870: query
> (cache) './NS/IN' denied
>
> now in my firewall i tryied to block this ip but the messages
> dont stop
>
> i also upgraded bind to version bind-9.3.4-6.0.3.P1.el5_2 but
> no avail the problem still there
>
>
> i jus like to know whts this problem and how could i solve it
>
> is there a problem with my DNS server
>
> thnks and regards
>
> apprecite your kind help
>
>
> fabian
fabian,
you might try something like the bad-guys acl i setup a long time ago in
named.conf
change the ips as you see fit
// Default named.conf generated by install of bind-9.2.4-2
//
// r.initials August 29 2005
//
acl "bad-guys" {
201.114.231.0/24;
201.114.236.0/24;
};
logging {
category lame-servers { null; };
};
options {
version "Bind";
directory "/var/named"; // working directory
listen-on { 127.0.0.1; redactedx.y.z.a; };
listen-on-v6 { none; };
allow-transfer { redactedx.y.z.a; redactedx.y.z.b;};
blackhole { "bad-guys"; };
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
// pid-file "named.pid"; // Put pid file in working
dir
allow-query { any; }; // This is the default
recursion yes; // Do provide recursive service ???? or not???
};
include "/etc/rndc.key";