On 08 Sep 2018, at 09:59, Niall O'Reilly <niall.orei...@ucd.ie> wrote: > On 8 Sep 2018, at 14:58, @lbutlr wrote: > >> so I think there must be something else. > > You might need to so some other housekeeping: > > https://zonemaster.net/domain_check > http://dnsviz.net/d/covisp.net/dnssec/
Oh, well, that is interesting. I though Bind always listened on port 53 for both TCP/UDP. # sockstat -4 -l | grep :53 bind named 48714 21 tcp4 65.121.55.42:53 *:* bind named 48714 23 tcp4 127.0.0.1:53 *:* bind named 48714 512 udp4 65.121.55.42:53 *:* bind named 48714 513 udp4 65.121.55.42:53 *:* bind named 48714 514 udp4 65.121.55.42:53 *:* bind named 48714 518 udp4 127.0.0.1:53 *:* bind named 48714 519 udp4 127.0.0.1:53 *:* bind named 48714 520 udp4 127.0.0.1:53 *:* And there’s nothing interesting in pfctl # pfctl -s rules block drop in quick on em0 from <sshguard> to any label "sshguardblock" block drop in quick on em0 from <badguys> to any pass in quick on em0 proto tcp from <goodguys> to (em0) port = ssh flags S/SA keep state pass in on em0 proto tcp from any to (em0) port = ssh flags S/SA keep state (source-track rule, max-src-conn 5, max-src-conn-rate 4/300, overload <badguys> flush global, src.track 300) -- Man is born free, but is everywhere in chains. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users