allow-users with list of IP's and key
Red Cricket
red.cricket.blog at gmail.com
Tue Aug 14 04:35:36 UTC 2012
Thank you Sir!
On Mon, Aug 13, 2012 at 8:08 PM, Mark Andrews <marka at isc.org> wrote:
>
> In message <CAHu+3Ox-tnyuqGUXtZCDTbPf14jihxA6DDtreL26LMFSiT2YRw at mail.gmail.com>
> , Red Cricket writes:
>> Hi,
>>
>> I am running bind 9.9.1-P1 and I have in my named.conf this zone ...
>>
>> zone "example.com" {
>> ...
>> allow-update {
>> 192.168.1.32;
>> 192.168.1.33;
>> key example.com.key;
>> };
>> };
>
> allow-update { !{ !192.168.1.32; !192.168.1.33; any; }; key example.com.key; };
>
>> I was hoping that this meant that only hosts 192.168.1.32 and
>> 192.168.1.33 with the key example.com.key
>> could update example.com, but after doing some test it appears that I
>> can update example.com from
>> 192.168.1.32 and 192.168.1.33 without the key and that any host that
>> uses the key can update example.com.
>>
>> What sort of config do I need to use to restrict updates to
>> 192.168.1.32 or 192.168.1.33 AND the key?
>>
>> Thanks
>> Red
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
>> from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list