walldns - a reverse DNS wall server
walldns is a reverse DNS wall. It accepts iterative DNS queries for
in-addr.arpa domains from hosts around the Internet, and supplies
generic responses that avoid revealing local host information.
For example, walldns provides a PTR record for 22.214.171.124.in-addr.arpa
showing 126.96.36.199.in-addr.arpa as the name of IP address 188.8.131.52, and a
matching A record showing 184.108.40.206 as the IP address of
220.127.116.11.in-addr.arpa. IPv6 addresses are treated similarly, but now
using ip6.arpa as reverse IPv6 address suffix.
Normally walldns is set up by the walldns-conf program.
walldns runs chrooted in the directory specified by the $ROOT
environment variable, under the uid and gid specified by the $UID and
$GID environment variables.
walldns listens for incoming UDP packets addressed to port 53 of $IP.
It does not listen for TCP queries. Specifying 0.0.0.0 or :: results
in listing to all available IP addresses and interfaces (for IPv6)
respectively. In case $IP is specified as the pseudo IP address :0
walldns will bind to all available IPv4 and IPv6 addresses
walldns rejects inverse queries, non-Internet-class queries, truncated
packets, packets that contain anything other than a single question,
queries for domains outside in-addr.arpa, and request types other than
A, PTR, and *.
walldns does not include NS or SOA records with its responses.
walldns uses TTLs slightly over one week.
Man(1) output converted with