Hello,
i have many entrys like this in my syslog.
19-Mar-2021 07:40:24.601 client @0x7f5d8c2445e0 154.244.190.192#8080 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.609 client @0x7f5d8c2445e0 99.117.95.102#80 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.616 client @0x7f5d8c235e50 73.19.51.149#3075 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.651 client @0x7f5d8c2276c0 96.52.156.243#3658 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.653 client @0x7f5d8c2276c0 184.101.148.232#80 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.657 client @0x7f5d8c2276c0 89.40.105.87#20 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.705 client @0x7f5d8c2276c0 154.244.190.192#8080 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.723 client @0x7f5d8c1ed880 162.201.221.101#3074 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.744 client @0x7f5d8c1ed880 154.244.190.192#8080 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.771 client @0x7f5d8c1ed880 99.117.95.102#80 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.775 client @0x7f5d8c1ed880 184.101.148.232#80 (sl): query (cache) 'sl/ANY/IN' denied
19-Mar-2021 07:40:24.809 client @0x7f5d8c1ed880 96.52.156.243#3658 (sl): query (cache) 'sl/ANY/IN' denied
i added the Fail2ban Filter but this won´t work for me.
Also modified my DNS Server like this and this and add the Nameserver from my Serviceprovider into the acl rule.
in the named.conf.options i added:
allow-query { any; };
allow-recursion { trusted; };
allow-query-cache { none; };
allow-transfer { none; };
additional-from-auth no;
additional-from-cache no;
minimal-responses yes;
But the log entries do not disappear.
Has anyone an idea to solve this?