Hi Eshaffer,

TCP header need to supply destination IP address information in order for gateway to know where to route packet, apply translation if needed, and perform similar tasks. Since there is no ip address defined, there is no way for packet to even reach your interface, therefore socket cannot be opened to communicate with your system at application level.

But in case i missed something, this should do the job.

iptables -A INPUT -i eth1 -j DROP
iptables -A OUTPUT -i eth1 -j DROP

Hi,

How do you handle your file writes? Have you considered using O_DIRECT within your output file handle? It is going to bypass linux buffering and cache and force DMA directly to physical memory.

Hi,

Apart from standard Bind9 query log, is it possible to log actual response returned to a client?
If someone queries forward zone, how can i put actual forwarder response in log and eventually match that response with original data for analytical purposes.

Thanks,