Problems with ACLs in BIND 8.2.3? What am I doing wrong?
Eivind Olsen
eivind.olsen at ttyl.com
Wed May 23 22:49:08 UTC 2001
Hm, seems like I messed up. The logfile I sent was from when I did indeed
have the ";" after the acl name, but the example config I sent was from
when I tried without ";".
I've made sure the current config has the ";" in it (that's the only change
from the config I sent earlier today), and I still get the entries in the
logfile:
May 24 00:46:06 dns01 named[28538]: [ID 295310 daemon.notice] starting
(/var/dns/PSNLbind8/external/external.conf). named 8.2.3-REL Thu Feb 1
21:05:18 MET 2001
May 24 00:46:06 dns01
paulz at seldoff:/home/paulz/src/sol26/bind-8.2.3/src/bin/named
May 24 00:46:06 dns01 named[28538]: [ID 295310 daemon.error]
/var/dns/PSNLbind8/external/external.conf:50: syntax error near
"externaldns"
May 24 00:46:06 dns01 named[28538]: [ID 295310 daemon.error]
/var/dns/PSNLbind8/external/external.conf:51: syntax error near '}'
May 24 00:46:06 dns01 named[28538]: [ID 295310 daemon.error]
/var/dns/PSNLbind8/external/external.conf:59: syntax error near
"externaldns"
May 24 00:46:06 dns01 named[28538]: [ID 295310 daemon.error]
/var/dns/PSNLbind8/external/external.conf:60: syntax error near '}'
May 24 00:46:06 dns01 named[28541]: [ID 295310 daemon.notice] Ready to
answer queries.
--
Talk To You Later
Eivind Olsen
--On 23. mai 2001 15:52 -0500 "Vigeant, Wayne" <Wayne.Vigeant at compaq.com>
wrote:
>
> You need a ";" after the acl name under the zone declarations in your
> named.conf (external.conf). This is true for both the allow-transfer and
> the also-notify and you do need the quotes around the acl names:
>
> zone "example.com" IN {
> type master;
> file "example.external.zone";
> check-names fail;
> allow-update { none; };
> allow-transfer { "externaldns"; };
> also-notify { "externaldns"; };
> };
>
> zone "232.70.10.in-addr.arpa" in {
> type master;
> file "217.70.10.zone";
> check-names fail;
> allow-update { none; };
> allow-transfer { "externaldns"; };
> also-notify { "externaldns"; };
> };
>
>
> - Wayne
>
>
>>
>>
>> When I start the DNS with this is what I get in the log:
>>
>> May 23 14:54:59 dns01 named[23570]: [ID 295310 daemon.notice] starting
>> (/var/dns/PSNLbind8/external/external.conf). named 8.2.3-REL Thu Feb
>> 1 21:05:18 MET 2001 May 23 14:54:59 dns01
>> paulz at seldoff:/home/paulz/src/sol26/bind-8.2.3/src/bin/named May 23
>> 14:54:59 dns01 named[23570]: [ID 295310 daemon.error]
>> /var/dns/PSNLbind8/external/external.conf:50: syntax error near
>> "externaldns" May 23 14:54:59 dns01 named[23570]: [ID 295310
>> daemon.error] /var/dns/PSNLbind8/external/external.conf:51: syntax
>> error near '}' May 23 14:54:59 dns01 named[23570]: [ID 295310
>> daemon.error] /var/dns/PSNLbind8/external/external.conf:59: syntax
>> error near "externaldns" May 23 14:54:59 dns01 named[23570]: [ID
>> 295310 daemon.error] /var/dns/PSNLbind8/external/external.conf:60:
>> syntax error near '}' May 23 14:54:59 dns01 named[23571]: [ID 295310
>> daemon.notice] Ready to answer queries.
>>
>> Here is a copy of the named.conf file (or, external.conf in this
>> case):
>>
>> -START-
>> // This is a configuration file for named (from BIND 8.1 or later). //
>> It would normally be installed as /etc/named.conf.
>>
>> acl "internaldns" {
>> 10.1.1.10; 10.1.1.11;
>> };
>>
>> acl "externaldns" {
>> 10.1.2.10; 10.1.2.11;
>> };
>>
>> options {
>> directory "/var/dns/PSNLbind8/external";
>> dump-file "external_dump.db";
>> pid-file "external_named.pid";
>> check-names master warn; /* default. */
>> datasize 20M;
>> recursion no;
>> fetch-glue no;
>> listen-on { 10.1.2.1; };
>> version "secret";
>> };
>>
>> controls {
>> unix "/var/run/PSNLbind8/ndc.d/external.ndc" perm 0770 owner
>> 210
>> group 40 ;
>> };
>>
>> zone "localhost" IN {
>> type master;
>> file "localhost.zone";
>> check-names fail;
>> allow-update { none; };
>> allow-transfer { none; };
>> };
>>
>> zone "0.0.127.in-addr.arpa" IN {
>> type master;
>> file "127.0.0.zone";
>> check-names fail;
>> allow-update { none; };
>> allow-transfer { none; };
>> };
>>
>> zone "example.com" IN {
>> type master;
>> file "example.external.zone";
>> check-names fail;
>> allow-update { none; };
>> allow-transfer { "externaldns" };
>> also-notify { "externaldns" };
>> };
>>
>> zone "232.70.10.in-addr.arpa" in {
>> type master;
>> file "217.70.10.zone";
>> check-names fail;
>> allow-update { none; };
>> allow-transfer { "externaldns" };
>> also-notify { "externaldns" };
>> };
>> -STOP-
>
>
More information about the bind-users
mailing list