ConfigServer Community Forum

ok, found the sollution.... in the #BIND section in /etc/csf/regex.pm original line: $line =~ /^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client (\S+)\#\d+\:( view external\:)? (update|zone transfer) \'.*\' denied$/)) { i've modified it to match my dns flood... $line =~ /^(\S+|\S+\s+\d+\s+\S+) [^...

Must have something todo with the code in: regex.pm #BIND if (($config{LF_BIND}) and ($lgfile eq $config{BIND_LOG}) and ($line =~ /^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ named\[\d+\]: client (\S+)\#\d+\:( view external\:)? (update|zone transfer) \'.*\' denied$/)) { $ip = $2; $acc = ""; $ip =~ s/^...

Hi Guys, in my /var/log/messages i found lots of entry's (about 20 requests a second): Aug 18 11:17:14 Player named[3706]: client 81.27.102.20#64048: query (cache) './NS/IN' denied Aug 18 11:17:14 Player named[3706]: client 81.27.102.20#32688: query (cache) './NS/IN' denied Aug 18 11:17:14 Player na...