Hi,
is it possible to restrict the DNS client port to a specific interface or IP? netstat grep: udp 0 0 0.0.0.0:33076 0.0.0.0:* 3522/(squid)
i am aware that squids code is quite sane and only accepts DNS answers from servers it just send requests to, but still this could be forged, and i don't like lines as the above one which are not really needed.
at least in my setup, squid talks to two fixed DNS servers which are all reached via one interface (eth1, not the public one) - setting up a specific firewall rule is also tricky, because the listening port seems "randomly choosen"
so basically i am looking for options like this i cannot find: dns_incoming_address: ... dns_outgoing_address: which binds like http_port with IP or sth to specify the port, or to restrict the interface, whatever...
any help appreciated, martin koniczek
