Is there a way to block a specific query type on bind

Asked Jun 02 '21 at 08:05

Active Jun 02 '21 at 08:05

Viewed 75 times

I've been trying to find a way to block the WKS query type from our bind servers.

We have found that is is extensively used by tunneling software.

I tried using RPZ but i'm not sure on how to block a query type instead of domain.

However there seems to be no formal way of disabling a specific type.

Any ideas?

PS, i could use iptables but i'm unsure about the load on the systems

asked Jun 02 '21 at 08:05

There is no [trigger](https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-dns-rpz-00#section-4) in RPZ syntax for specific DNS record types so AFAIK setting up a RPZ is indeed not a solution. - Older but somewhat relevant and related: https://serverfault.com/q/744613/546643 – Bob Jun 02 '21 at 10:08

0 Answers0