Blocking private addresses with a optionq
Tony Finch
dot at dotat.at
Thu Mar 14 10:29:59 UTC 2013
King, Harold Clyde (Hal) <hck at utk.edu> wrote:
> Is there an option for bind like the allow-recursion { <network-acl> }
> For blocking out going records of 10.0.0.0/8 and 192.168.0.0/16 so I could do a view like:
I'm not sure what you mean by "blocking out going records" but there are a
couple of options that might do what you want:
There is the "blackhole" acl which makes named ignore all requests and
never send queries to a particular address range.
There is the server ... { bogus yes; }; clause which stops named from
sending queries to a particular address range.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.
More information about the bind-users
mailing list