Filter dns update requests?
Jeff Sadowski
jeff.sadowski at gmail.com
Fri Jan 30 18:48:17 UTC 2015
On Thu, Jan 29, 2015 at 10:02 AM, Tony Finch <dot at dotat.at> wrote:
> Jeff Sadowski <jeff.sadowski at gmail.com> wrote:
>
>> Is there a way to setup bind to use an external filtering script to
>> filter out requests?
>
> Have you read the ARM's section on dynamic update policies? The built-in
> facilities are quite flexible, and there is also an "external" policy
> which you can implement yourself.
>
> http://ftp.isc.org/isc/bind9/9.10.2b1/doc/arm/Bv9ARM.ch06.html#dynamic_update_policies
>
Nice I setup
zone "my.test" {
type master;
update-policy { grant any external local:2525; };
file "updateable/db.test";
};
Now I'll have to write my own program to take the input and process it.
I pretty sure I'll want to deny just about everything rewrite it in my
own program and resubmit with the names I want.
Is there any way to get requests for all domains?
Or can I only process domains I am a master for?
> Tony.
> --
> f.anthony.n.finch <dot at dotat.at> http://dotat.at/
> Fair Isle, Faeroes: Northwest 5 to 7 veering north 7 to severe gale 9,
> occasionally storm 10 later in Faeroes. Very rough or high, becoming high or
> very high except in east Fair Isle. Rain or squally wintry showers. Moderate
> or poor, occasionally good in east Fair Isle.
More information about the bind-users
mailing list