How do I block DNS queries with ANY as header in Cisco 5510 or BIND?

I keep getting attacks on my DNS servers from China I am trying to formulate a rule on my Cisco 5510 with ADSM 6.3 to drop this malicious traffic. it is all udp traffic I have been blocking ip ranges but i know there is a better fix.

here is an example packet I am seeing in wireshark -- I will get 1,000s of connection from this one host (in this case the 115 addr but it will just change if I block it) the request always seems to be for any and will roll through all of the domains I host.

102      0.064022      10.137.2.2      115.238.236.6      DNS      345      Standard query response 0x2132  SOA ns1.xxxt.net NS ns1.xxxt.net NS ns2.xxxt.net MX 10 ALT1.ASPMX.L.GOOGLE.com MX 20 ALT2.ASPMX.L.GOOGLE.com MX 0 ASPMX.L.GOOGLE.com TXT A xxx.xxx.48.215

My DNS Server is running CENTOS 5.5 and BIND 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.1


I am not familiar with the Cisco platform as much so any guidance or if you need more info let me know.
or will this ACL rule on bind work for the named.conf

aclNotTheseIPs{
      !1.48.0.0/15;!1.50.0.0/16;!1.68.0.0/14;!1.80.0.0/13;!1.92.0.0/20;
};

Dont know if this helps but almost all the traffic comes from

CHINANET Zhejiang province network
No.31,jingrong street
CN
No.31 ,jingrong street,beijing
China Telecom