upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2025-12-20 23:00:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

safer default interfaces.

Browse source 
git-svn-id: file:///svn/unbound/trunk@737 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards 2007-11-09 14:15:21 +00:00
parent 518e7511d7
commit d41f40b028
4 changed files with 8 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
doc/Changelog
View file

@ -3,6 +3,7 @@
- default config file is /etc/unbound/unbound.conf.
If it doesn't exist, it is installed with the doc/example.conf file.
The file is not deleted on uninstall.
- default listening is not all, but localhost interfaces.
8 November 2007: Wouter
- Fixup chroot and drop user privileges.

3
doc/example.conf
View file

@ -19,7 +19,8 @@ server:
# num-threads: 1
# specify the interfaces to answer queries from by ip-address.
# If you give none the default (all) interface is used.
# The default is to listen to localhost (127.0.0.1 and ::1).
# specify 0.0.0.0 and ::0 to bind to all available interfaces.
# specify every interface on a new 'interface:' labelled line.
# interface: 192.0.2.153
# interface: 192.0.2.154

6
doc/unbound.conf.5
View file

@ -78,7 +78,7 @@ The port number, default 53, on which the server responds to queries.
Interface to use to connect to the network. This interface is listened to
for queries from clients, and answers to clients are given from it.
Can be given multiple times to work on several interfaces. If none are
given the default (all) is used.
given the default is to listen to localhost.
.It \fBoutgoing-interface:\fR <ip address>
Interface to use to connect to the network. This interface is used to send
queries to authoritative servers and receive their replies. Can be given
@ -87,8 +87,8 @@ default (all) is used. You can specify the same interfaces in
.Ic interface:
and
.Ic outgoing-interface:
lines, the interfaces are then used for both purposes. Queries are sent
via a random interface to counter spoofing.
lines, the interfaces are then used for both purposes. Outgoing queries are
sent via a random outgoing interface to counter spoofing.
.It \fBoutgoing-port:\fR <port number>
The starting port number where the outgoing query port range is allocated.
Default is 1053.

4
services/listen_dnsport.c
View file

@ -409,7 +409,7 @@ listening_ports_open(struct config_file* cfg)
if(cfg->num_ifs == 0) {
if(do_ip6) {
hints.ai_family = AF_INET6;
if(!ports_create_if(NULL, cfg->do_udp, do_tcp,
if(!ports_create_if("::1", cfg->do_udp, do_tcp,
&hints, portbuf, &list)) {
listening_ports_free(list);
return NULL;
@ -417,7 +417,7 @@ listening_ports_open(struct config_file* cfg)
}
if(do_ip4) {
hints.ai_family = AF_INET;
if(!ports_create_if(NULL, cfg->do_udp, do_tcp,
if(!ports_create_if("127.0.0.1", cfg->do_udp, do_tcp,
&hints, portbuf, &list)) {
listening_ports_free(list);
return NULL;