can't get acl to work!
Mathias Körber
mathias at staff.singnet.com.sg
Sun Jul 16 22:39:09 UTC 2000
> -----Original Message-----
> From: andreas at ig.com.br [mailto:andreas at ig.com.br]On Behalf Of Andreas
> Hasenack
> > Well first of all you should have shown *everything* that was in the
> > options{} statement, *exactly* as it was printed there. Luckily for
> > you it doesn't look there were any errors in the stuff you decided =
to
> > hide from us, but who knows for sure? Amongst other things, showing
>=20
> sorry, didn't mean to upset anyone. I should also have mentioned that
> if I remove the acl statement (a // in front of it is enough) =
everything
> works as expected.
>=20
> I took that acl statement right out of the named.conf sample in the =
source
> tree, the named.conf one used to check the parser.
>=20
> Here is the complete file:
>=20
> options {
> directory "/var/named";
> pid-file "/var/run/named.pid";
> notify no;
> acl can_query { !1.2.3/24; any; };
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The acl statement belongs *outside* the options statement!
> allow-query { 127.0.0.1; 192.168.1.0/24; };
> allow-transfer {
> 127.0.0.1;
> 192.168.1.2;
> };
> allow-recursion { 127.0.0.1; 192.168.1.0/24; };
> check-names response warn;
> check-names master warn;
> listen-on {
> 127.0.0.1;
> 192.168.1.2;
> };
> };
More information about the bind-users
mailing list