suggestion for feature
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Wed Jun 9 22:32:29 UTC 1999
> [Joe Pruett]
>
> | i was poking around the source the other day to try and see how hard it
> | might be to allow a nameserver to be setup so that recursive queries are
> | allowed from certain ips (internal users) and not allowed from the rest o
> f
> | the net. i was thinking that a simple acl with a fixed name
> | (allow_recursion or the like) could be used and just check for that as
> | well as looking at the global recursion flag (which would be off in this
> | scenario).
>
> This functionality will be available in 8.2.1. If you want a patch for
> 8.1.2 send me an email. Note that it only works with global recursion
> turned on (allow-recursion + ACL determines *who* is allowed recursive
> queries).
>
> Steinar Haug, Nethelp consulting, sthaug at nethelp.no
>
>
You can also get almost the same functionality by using
allow-query { <restricted set of address>; }; in options
and allow-query { any; }; in the zones you are servering.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list