Sophie: bind-9.3.2-8.4mdv2007.0 src

bind-9.3.2-8.4mdv2007.0.src.rpm

// 
// NOTE: This list is changing all the time (naturally) and serves as an
// example only. It is up to you to keep this list up-to-date. In Mandriva
// Linux we allow the 192.168.0.0/16 network to do recursive lookups per
// default. If you don't like this you need to change this now.
//
// http://qa.mandriva.com/en/show_bug.cgi?id=27981
// 
// The list was taken from http://www.cymru.com/Documents/secure-bind-template.html
// Secure BIND Template Version 5.7 26 JUL 2007
//
// You should keep an eye on http://www.iana.org/assignments/ipv4-address-space in 
// order to stay up to date.
// 
// $Id$
// $HeadURL$

acl "bogon" {
    // Filter out the bogon networks.  These are networks
    // listed by IANA as test, RFC1918, Multicast, experi-
    // mental, etc.  If you see DNS queries or updates with
    // a source address within these networks, this is likely
    // of malicious origin. CAUTION: If you are using RFC1918
    // netblocks on your network, remove those netblocks from
    // this list of blackhole ACLs!
    0.0.0.0/8;
    1.0.0.0/8;
    2.0.0.0/8;
    5.0.0.0/8;
    10.0.0.0/8;
    23.0.0.0/8;
    27.0.0.0/8;
    31.0.0.0/8;
    36.0.0.0/8;
    37.0.0.0/8;
    39.0.0.0/8;
    42.0.0.0/8;
    46.0.0.0/8;
    49.0.0.0/8;
    50.0.0.0/8;
    100.0.0.0/8;
    101.0.0.0/8;
    102.0.0.0/8;
    103.0.0.0/8;
    104.0.0.0/8;
    105.0.0.0/8;
    106.0.0.0/8;
    107.0.0.0/8;
    108.0.0.0/8;
    109.0.0.0/8;
    110.0.0.0/8;
    111.0.0.0/8;
    112.0.0.0/8;
    113.0.0.0/8;
    114.0.0.0/8;
    115.0.0.0/8;
    169.254.0.0/16;
    172.16.0.0/12;
    173.0.0.0/8;
    174.0.0.0/8;
    175.0.0.0/8;
    176.0.0.0/8;
    177.0.0.0/8;
    178.0.0.0/8;
    179.0.0.0/8;
    180.0.0.0/8;
    181.0.0.0/8;
    182.0.0.0/8;
    183.0.0.0/8;
    184.0.0.0/8;
    185.0.0.0/8;
    186.0.0.0/8;
    187.0.0.0/8;
    192.0.2.0/24;
//    192.168.0.0/16;
    197.0.0.0/8;
    198.18.0.0/15;
    223.0.0.0/8;
    224.0.0.0/3;
};