Maintained by: NLnet Labs

[Unbound-users] Log deny client

Lorenzo Mainardi
Wed Apr 15 12:44:05 CEST 2015


Hello to everyone, 

I mantain a list of domains used for DNS amplification attack in
/etc/unbound/local.d/blacklist.conf 

This file contains lines like this one:

 

local-zone: "9222hh.com" deny

 

Can I log this to identify the client sending the request?

I see on the new release the inform feature, but the inform will reply
anyway to query.

Do you have any suggestions?

 

 

digitel

 

Ing. Lorenzo Mainardi

 

Via della Fortezza 6 - 50129 Firenze

 <http://www.digitelitalia.com/> www.digitelitalia.com - 800 901 669

 

Tel +39 055 4624933

Fax +39 055 4624 947

lom at digitelitalia.com <mailto:lom at digitelitalia.com> 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20150415/51d9542e/attachment.html>