Chris Buxton wrote:
On Dec 2, 2009, at 6:40 AM, Dmitry Rybin wrote:
Hello!
I can't find in docs how disable answer (Refused), if recursion for IP is not
allowed?
Something like this should work:
_________________________________
options {
directory "/var/named";
};
acl authorized-clients {
192.0.2.1;
};
view caching-server {
match-recursive-only yes;
blackhole { ! authorized-clients; any; };
// any other resolution configuration goes here
};
view auth-server {
// zones go here
};
"This should work" <--- one of the scariest phrases in the computing
field :-)
Unfortunately, "blackhole" can only appear the (global) "options" clause:
% cat /tmp/buxton.example
options {
directory "/tmp";
};
acl authorized-clients {
192.0.2.1;
};
view caching-server {
match-recursive-only yes;
// any other resolution configuration goes here
blackhole { ! authorized-clients; any; };
};
% ./named-checkconf /tmp/buxton.example
/tmp/buxton.example:12: unknown option 'blackhole'
% ed /tmp/buxton.example
218
12m2
1,$p
options {
directory "/tmp";
blackhole { ! authorized-clients; any; };
};
acl authorized-clients {
192.0.2.1;
};
view caching-server {
match-recursive-only yes;
// any other resolution configuration goes here
};
w
218
q
% ./named-checkconf /tmp/buxton.example
%
- Kevin
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
