[Unbound-users] Unbound Logging
Mark Felder
feld at feld.me
Wed Feb 1 23:24:50 UTC 2012
On 01.02.2012 10:49, Dominick Rivard wrote:
>
> I am using Unbound to serve a public DNS server and I am looking for
> a way
> to prevent bot or server degrading my service by requesting the same
> domain
> name like 10 times per seconds. I thought of using fail2ban but for
> that I
> need to get the ip of the requester somewhere in the log, so I tried
> analyzing the log and changed the verbosity of the logging with
> unbound-control, but still I don’t find anything yet that I could use
> for
> this purpose.
>
>
On BSD I'd say use a pf rule to block the IP for a time period if X
many concurrent states to port 53. Is something like that possible with
iptables on Linux?
More information about the Unbound-users
mailing list