Thank you Henrik, that was the solution I was looking for.
Steve
On 26 Mar 2002, at 13:58, Henrik Nordstrom wrote:
> Squid really should be changed to use "connected" UDP sockets, one per
> configured DNS server, rather than an anonymously bound UDP socket.
>
> The udp_outgoing_address or (indirectly) udp_outgoing_address is meant
> to be able to control which IP Squid opens the DNS client port at.
>
> Regards
> Henrik Nordström
> Squid Developer
>
>
> David Banz wrote:
> >
> > Hello!
> >
> > I am using Squid 2.3stable4 (configures so that Squid does DNS lookups
> > itself), and I was wondering why the UDP port used by Squid for this purpose
> > is constantly kept "open" until Squid is shut down.
> > Wouldn't it be safer to use a separate UDP port for each new DNS query, which
> > is closed after the query has been answered or a timeout has occurred?
> > Personally, I don't like the idea of having a port accepting incomming data
> > all the time, which I cannot hide behind a firewall.
> > (Sorry if my terminology might be a bit incorrect, but I hope you still get
> > the idea...)
> >
> > --
> > David Banz
Received on Fri Mar 29 2002 - 10:35:41 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:12 MST