Restrticting Zone Transfers
Joseph S D Yao
jsdy at cospo.osis.gov
Mon Jun 14 20:01:40 UTC 1999
> I was trying to restrict zone transfers from my primary DNS server. I used
> the allow-transfer {111.111.111.111 222.222.222.222}; line in the options
> section of named. I am running BIND 8. The nameserver still seems to do a
> zone transfer to machines on other ip addresses than the two listed in the
> allow-transfer option.
>
> Does this need to be placed in its own options{}; statement, or can I list
> it as I did in the opening options section in named.conf?
First, this option must appear in either the options{} statement or a
zone{} statement.
Second, the host names or addresses should be followed by ';'s:
options {
...
allow-transfer {111.111.111.111; 222.222.222.222; };
...
};
If you look at the 'syslogd' output, you should see an entry for this
error every time 'named' starts up or refreshes.
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list