Re: multiple `zone' clauses for a single domain?

Jan-Piet Mens Fri, 25 Nov 2011 23:10:58 -0800

> The documentation for `match-clients' isn't comprehensive enough... Can
> I add all host from, for example 172.16/16 except a single host? Does:
> 
> match-clients { 172.16.0.0/16;!172.16.1.1; }


BIND checks the ACL in the order you specify. In your example,
172.16.1.1 will be allowed by the first rule. Change the order:

        match-clients {
                !172.16.1.1;
                172.16.0.0/16;
        }

This disallows 172.16.1.1 first, which will work as you expect it to.

        -JP
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: multiple `zone' clauses for a single domain?

Reply via email to