I am also curious about this.
If it's not possible to change this, is it possible to limit which
interface that the internal DNS resolver binds to? I've tried
udp_incoming_address, but it didn't prevent it from binding to all
interfaces.
Steve
On 18 Mar 2002, at 16:57, David Banz wrote:
> Hello!
>
> I am using Squid 2.3stable4 (configures so that Squid does DNS lookups
> itself), and I was wondering why the UDP port used by Squid for this purpose
> is constantly kept "open" until Squid is shut down.
> Wouldn't it be safer to use a separate UDP port for each new DNS query, which
> is closed after the query has been answered or a timeout has occurred?
> Personally, I don't like the idea of having a port accepting incomming data
> all the time, which I cannot hide behind a firewall.
> (Sorry if my terminology might be a bit incorrect, but I hope you still get
> the idea...)
>
> --
> David Banz
Received on Mon Mar 18 2002 - 09:04:33 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:58 MST