Hi there,
Thanks for the update and here is my config and error I am getting. Can you
please suggest correct method that should be implemented?
**************************
zone "malware.trap" {
type master;
file "/var/lib/bind/zones/malware.trap.db";
notify explicit;
also-notify { 192.168.5.49; port 4444;};
allow-transfer {192.168.5.49; };
allow-query { localhost;};
};
zone "whitelist.allow" {
type master;
file "/var/lib/bind/zones/whitelist.allow";
notify explicit;
also-notify { 192.168.5.49; port 4444;};
allow-transfer {192.168.5.49; };
allow-query { localhost;};
};
zone "block.tld" {
type master;
file "/var/lib/bind/zones/block.tld.db";
notify explicit;
also-notify { 192.168.5.49; port 4444;};
allow-transfer {192.168.5.49; };
allow-query { localhost;};
};
**********************************
May 18 13:04:42 dnsfw named[1134]: using up to 4096 sockets
May 18 13:04:45 dnsfw named[1134]: loading configuration from
'/etc/bind/named.conf'
*May 18 13:04:46 dnsfw named[1134]: /etc/bind/named.conf.default-zones:34:
missing ';' before '4444'*
*May 18 13:04:46 dnsfw named[1134]: /etc/bind/named.conf.default-zones:43:
missing ';' before '4444'*
*May 18 13:04:46 dnsfw named[1134]: /etc/bind/named.conf.default-zones:52:
missing ';' before '4444'*
May 18 13:04:46 dnsfw systemd[1]: bind9.service: Main process exited,
code=exited, status=1/FAILURE
May 18 13:04:46 dnsfw rndc[1313]: rndc: connect failed: 127.0.0.1#953:
connection refused
May 18 13:04:46 dnsfw systemd[1]: bind9.service: Control process exited,
code=exited status=1
On Fri, May 18, 2018 at 12:08 AM, Matthew Pounsett <m...@conundrum.com>
wrote:
>
>
> On 17 May 2018 at 13:30, Blason R <blaso...@gmail.com> wrote:
>
>> Hi,
>>
>> I have RPZ installed on server and its acting as a master server but
>> somehow port setting is not working on master
>>
>> [...]
>
>>
>> So here I am sending notification to 192.168.5.49 on port 4545; my
>> queries are
>>
>> How do I configure port on slave 4545 so that slave server can start
>> listening on that port.
>>
>
> Your slave needs to be listening on the correct IP/port to receive the
> NOTIFY. In the current BIND Administrator's Reference Manual[0], the
> discussion on Interfaces starts at page 98.
>
>
>> And my master is failing after restarting the services due to
>> notify-them statement.
>>
>
> You don't indicate what the error is, but I'm willing to bet it's the fact
> that you're trying to specify a masters list by name as well as a port. If
> you look at the 'also-notify' statement definition, you can see that you're
> able to use a 'masters' list OR an IP address and port combination, but not
> both (ARM pp. 71). You should specify the port number as part of the
> definition of the masters list, not where you use the masters list.
>
> [0]: <https://www.isc.org/bind-9-11-arm/>
>
>
>
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
