This change tells unbound to only listen on the IPv4 address of the LAN (eth1) interface.
This will keep it from participating in a DNS amplification attack initiated by an outside attacker.
Unbound should only reply to requests coming from one of it's downstream networks.
This change tells unbound to only listen on the IPv4 address of the LAN (eth1) interface. This will keep it from participating in a DNS amplification attack initiated by an outside attacker. Unbound should only reply to requests coming from one of it's downstream networks.