is there a also-allow-transfer

Sten Carlsen stenc at s-carlsen.dk
Thu Dec 13 09:00:09 UTC 2012 

On 13/12/12 9:46, Feng He wrote:
> Hello Mark,
>
> My named.conf looks as:
>
> acl "NAMESVR" { 74.81.81.82; };
NAMESVR is an acl, it could look like {74.81.0.0/16} or {any}

Essentially it is a kind of bitmask, not a list of IPs.
>
> options {
>       directory "/var/cache/bind";
>       recursion no;
>       version "unknown";
>       allow-transfer { NAMESVR; };
>       also-notify { NAMESVR; };
All notifys must have a list of IPs, if the acl was any, you would have
to notify the full internet. The mechanism is designed to accept only a
list of IPs. It can not accept an acl.
>       allow-update { 127.0.0.1; };
> };
>
>
> # zone begins
> zone "test.com" {
>       type master;
>       file "/var/cache/bind/test.com.db";
>       allow-transfer { NAMESVR; 74.81.81.81; };
>       also-notify { NAMESVR; 74.81.81.81; };
> };
>
>
> When I run named-checkconf I got the error:
>
> # named-checkconf
> /etc/bind/named.conf:8: expected IP address near 'NAMESVR'
>
> Please help. Thanks.
>
>
>
>
> 于 2012-12-13 15:23, Mark Andrews 写道:
>> In message <50C9818E.2060303 at nsbeta.info>, Feng He writes:
>>> Hello,
>>>
>>> I have the allow-transfer{} section in the global options{} block.
>>>
>>> But for a special zone, I want to include another IP to allow transfer
>>> besides the global IPs.
>>>
>>> Is there a also-allow-transfer option in BIND?
>>> If not how to control this?
>> acl xxx { };
>>
>> options {
>> 	allow-transfer { xxx; };
>> };
>>
>> zone "yyy" {
>> 	allow-transfer { xxx; extra; };
>> };
>>
>>> Thanks.
>>> _______________________________________________
>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this l
>>> ist
>>>
>>> bind-users mailing list
>>> bind-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Best regards

Sten Carlsen

No improvements come from shouting:
       "MALE BOVINE MANURE!!!"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20121213/a7164cc9/attachment.html>

More information about the bind-users mailing list