Forum Discussion
rule for blocking DNS/UDP 4.2.x
Hi there,
Can someone confirm that this would be the correct method to block DNS/UDP packets from a class of IP's. This is in addition to an existing rule.
else if (server_port == 53 and client_addr == one of DNS_BLOCK) {
discard
}
Any help would be great.
- A similar 9.x rule fragment would look like:
elseif { [TCP::local_port] == 53 and [matchclass [IP::remote_addr] equals $::DNS_BLOCK]} { discard }
