 StreetSpiritThis spot reserved for Xenu.Premium
join:2002-08-13
Roslyn, NY
kudos:3
 ·Optimum Online
 ·Optimum Voice
1 edit | Hi - I'm sorry you had trouble. I did not write Treewalk nor BIND, but am simply a user. You might wish to ask for some support in the forums @ »ntcanuck.com or on Steve Gibson's news server which hosts the Treewalk newsgroup.
While I'm not familiar with Peerguardian from personal experience, I know what the program does. I am, however, quite familiar with BIND (Treewalk). The only ports BIND and by extension Treewalk should use out of the box, so to speak is the privileged ports TCP 53, UDP 53, and TCP 953. UDP packets over 512 bytes will usually be resent over TCP; the reply DNS data packets will be received over UDP or TCP on an ephemeral (>1024) port(s).
This is all very normal DNS server/resolver message behavior.
»treewalkdns.com/faq.htm#a-tw_ports
You can control which ports it uses by stopping the service, editing named.conf and restarting the service (although it's hard to imagine a conflict since these are standard.)
It should use no ephemeral ports at all in use unless a long DNS reply is being sent from a DNS server over a high port.
In any case, here's the area of named.conf that controls ports BIND listens to (and by extension holds):
a) edit %windir%\system32\dns\etc\named.conf
b) look for:
controls {
inet 127.0.0.1 port 953 <-- Control Port
allow { 127.0.0.1; } keys { "rndc-key"; };
};
// and
options {
listen-on port 53 { 127.0.0.1; }; <-- Exposed DNS port.
};
--
HTH,
Dave |
