Restricting Zone Transfers
Barry Margolin
barmar at bbnplanet.com
Mon Feb 7 22:33:06 UTC 2000
In article <389F30A3.B14E5FA5 at oregontrail.net>,
Tom Hutchison <tomhutch at oregontrail.net> wrote:
>*This message was transferred with a trial version of CommuniGate(tm) Pro*
>I am trying to stop all zone transfers except to my secondary name server. I
>have the following in my /etc/named.conf:
>
>options {
> directory "/var/named";
> allow-transfer { 192.168.1.2; none; };
>};
>
>After reading and re-reading the docs. I understand the ACL will read the list
>from left to right. Allowing 192.168.1.2 and then disallowing everyone else
>with "none;". I have also tried "!none;" I still see strange boxes out there
>getting zone transfers in my logs.
You shouldn't even need the "none" -- if you have allow-transfer, it only
allows the addresses you specifically list.
Maybe you're misunderstanding the log messages. Post the messages that you
think say that transfers are being allowed.
--
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list