Question on DNS "options allow-query"
Steve Snyder
swsnyder at home.com
Sun Jun 20 15:12:47 UTC 1999
In the book "DNS and BIND" (3rd edition), there's an example of the
allow-query statement on page 250. The example shows BIND being instructed
to accept queries from only a single IP address. Following that example, I
added this to the options section of my /etc/named.conf:
allow-query { 192.168.0\24; };
The addition of this line (after restarting named) causes many logged
messages of this nature:
unapproved query from [127.0.0.1].1076
Hmm. To me this seems like reasonable behavior even if it is not what I
want. After all, 127.0.0.1 is not 192.168.0.12.
So what is the correct way to allow only queries from the local subnet?
(My goal here is to preclude the acceptance of queries from the Internet
but to answer those from local machines.)
Thank you.
***** Steve Snyder *****
More information about the bind-users
mailing list