Sunday, October 19, 2014

domain name system - dnsmasq - filter requests by source IP



It is not recommended to answer recursive DNS queries from outside the local network.



Is there a way to make dnsmasq answer queries about specified domains (part locally part forward to another DNS server) from anywhere, but answer all queries if the request comes from local networks?


Answer



I ended up running two instances of dnsmasq and doing the filtering in iptables.



-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...