[Dnsmasq-discuss] Is it possible to filter the allowed IP clients
?
Rune Kock
rune.kock at gmail.com
Thu Nov 6 17:38:37 GMT 2008
On Thu, Nov 6, 2008 at 17:45, Thierry Herbelot
<thierry.herbelot at netasq.com> wrote:
> Hello,
>
> I'm playing with dnsmasq and I wonder if it is possible to restrict the IP
> addresses of the clients allowed to use the DNS cache.
>
> example : on a 192.168.X.Y network, only allow clients on 192.168.1.Z to have
> DNS translations
Why not use a firewall for that?
For instance, in Shorewall (which is what I use), you could make a
general policy to reject all connections from clients (loc) to the
router (fw) itself:
loc fw REJECT
And then a rule to allow DNS anyway:
DNS/ACCEPT loc:192.168.1.0/24 fw
More information about the Dnsmasq-discuss
mailing list