aboutsummaryrefslogtreecommitdiffstats
path: root/config/bind/bind.inc
diff options
context:
space:
mode:
Diffstat (limited to 'config/bind/bind.inc')
-rw-r--r--config/bind/bind.inc17
1 files changed, 15 insertions, 2 deletions
diff --git a/config/bind/bind.inc b/config/bind/bind.inc
index d1ff106f..4e01214a 100644
--- a/config/bind/bind.inc
+++ b/config/bind/bind.inc
@@ -72,7 +72,20 @@ $bind_conf .= <<<EOD
max-cache-size $ram_limit;\n
EOD;
-
+ // check response rate limit option
+ //https://kb.isc.org/article/AA-01000/0/A-Quick-Introduction-to-Response-Rate-Limiting.html
+ //http://ss.vix.su/~vjs/rl-arm.html
+ if ($bind['rate_enabled']=="on"){
+ $rate_limit=($bind['rate_limit']?$bind['rate_limit']:"15");
+ $log_only=($bind['log_only']=="no"?"no":"yes");
+ $bind_conf .= <<<EOD
+ rate-limit {
+ responses-per-second {$rate_limit};
+ log-only {$log_only};
+ };
+
+EOD;
+ }
//check ips to listen on
if (preg_match("/All/",$bind['listenon'])){
$bind_listenonv6="Any;";
@@ -97,7 +110,7 @@ EOD;
}
$bind_listenonv6=($bind_listenonv6==""?"none;":$bind_listenonv6);
$bind_listenon=($bind_listenon==""?"none;":$bind_listenon);
- print "<PRE>$bind_listenonv6 $bind_listenon";
+ //print "<PRE>$bind_listenonv6 $bind_listenon";
if (key_exists("ipv6allow",$config['system'])){
$bind_conf .="\t\tlisten-on-v6 { $bind_listenonv6 };\n";
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 05:10:15 +0000