diff options
Diffstat (limited to 'bin/named/config.c')
| -rw-r--r-- | bin/named/config.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/bin/named/config.c b/bin/named/config.c index fa349eea..92cf7bf7 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -98,7 +98,7 @@ options {\n\ statistics-file \"named.stats\";\n\ statistics-interval 60;\n\ tcp-clients 100;\n\ - tcp-listen-queue 3;\n\ + tcp-listen-queue 10;\n\ # tkey-dhkey <none>\n\ # tkey-gssapi-credential <none>\n\ # tkey-domain <none>\n\ @@ -227,8 +227,17 @@ view \"_bind\" chaos {\n\ recursion no;\n\ notify no;\n\ allow-new-zones no;\n\ -\n\ - zone \"version.bind\" chaos {\n\ +" +#ifdef USE_RRL +" # Prevent use of this zone in DNS amplified reflection DoS attacks\n\ + rate-limit {\n\ + responses-per-second 3;\n\ + slip 0;\n\ + min-table-size 10;\n\ + };\n\ +" +#endif /* USE_RRL */ +" zone \"version.bind\" chaos {\n\ type master;\n\ database \"_builtin version\";\n\ };\n\ |