[dns-operations] simple dns rebinding protection with dnsmasq (fwd)

Stephane Bortzmeyer bortzmeyer at nic.fr
Thu Feb 28 09:17:03 UTC 2008


> dnsmasq (http://www.thekelleys.org.uk/dnsmasq/doc.html) a popular
> DHCP and DNS forwarder and cache server used on many DSL/Cable
> routers now has a simple DNS Rebinding protection mechanism. When
> executed with the --stop-dns-rebind option the DNS resolver in
> dnsmasq will filter out private IP addresses (127.0.0.0/8,
> 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12 and 169.254.0.0/16).  This
> should be sufficient for most private/home users.

Is there a way to configure this list (there was not with dnswall -
http://code.google.com/p/google-dnswall/)?






More information about the dns-operations mailing list