Commit | Line | Data |
---|---|---|
b4588d5c GP |
1 | .TH walldns 8 |
2 | ||
3 | .SH NAME | |
4 | walldns \- a reverse DNS wall | |
5 | ||
6 | .SH DESCRIPTION | |
7 | .B walldns | |
8 | is a reverse DNS wall. | |
9 | It accepts iterative DNS queries for | |
10 | .I in-addr.arpa | |
11 | domains | |
12 | from hosts around the Internet, | |
13 | and supplies generic responses that avoid revealing local host information. | |
14 | ||
15 | For example, | |
16 | .B walldns | |
17 | provides a PTR record for | |
18 | .I 4.3.2.1.in-addr.arpa | |
19 | showing | |
20 | .I 4.3.2.1.in-addr.arpa | |
21 | as the name of IP address | |
22 | .IR 1.2.3.4 , | |
23 | and a matching A record showing | |
24 | .I 1.2.3.4 | |
25 | as the IP address of | |
26 | .IR 4.3.2.1.in-addr.arpa . | |
27 | ||
28 | .SH Configuration | |
29 | Normally | |
30 | .B walldns | |
31 | is set up by the | |
32 | .BR walldns-conf (8) | |
33 | program. | |
34 | ||
35 | .B walldns | |
36 | runs chrooted in the directory | |
37 | specified by the | |
38 | .I $ROOT | |
39 | environment variable, | |
40 | under the uid and gid | |
41 | specified by the | |
42 | .I $UID | |
43 | and | |
44 | .I $GID | |
45 | environment variables. | |
46 | ||
47 | .B walldns | |
48 | listens for incoming UDP packets | |
49 | addressed to port 53 of | |
50 | .IR $IP . | |
51 | It does not listen for TCP queries. | |
52 | ||
53 | .SH Further details | |
54 | ||
55 | .B walldns | |
56 | rejects | |
57 | inverse queries, non-Internet-class queries, truncated packets, | |
58 | packets that contain anything other than a single question, | |
59 | queries for domains outside | |
60 | .IR in-addr.arpa , | |
61 | and request types other than A, PTR, and *. | |
62 | ||
63 | .B walldns | |
64 | does not include NS or SOA records with its responses. | |
65 | ||
66 | .B walldns | |
67 | uses TTLs slightly over one week. | |
68 | ||
69 | .SH SEE ALSO | |
70 | walldns-conf(8) | |
71 | ||
72 | http://cr.yp.to/djbdns.html |