Address match lists syntax, was Managing localhost
Petr Menšík
pemensik at redhat.com
Thu Jul 1 16:21:38 UTC 2021
No, there is no need to redefine localhost acl. It is built-in and
already specifies localhost IPv4 and IPv6 address. similar to localnets
(networks directly connected to the server), any or none names. Read a
great ARM documentation about BIND [1], it has section about ACLs
describing build-in names.
Just use localhost, whatever should not be served to outside network.
The best way to protect your service is to listen only to localhost
address however.
Cheers,
Petr
1. https://bind9.readthedocs.io/
On 6/25/21 1:04 PM, Alessandro Vesely wrote:
> Ooops, sorry. Please forget that.
>
> On Fri 25/Jun/2021 12:50:55 +0200 Alessandro Vesely wrote:
>> However, named-checkconf doesn't complain. I could fix that by
>> defining an acl named localhost. But do I need to?
>
>
> Now I tried to redefine and got:
>
> /etc/bind/named.conf.options:37: attempt to redefine builtin acl
> 'localhost'
>
>
>
>>
>> Best
>> Ale
--
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemensik at redhat.com
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
More information about the bind-users
mailing list