Hi, RE: BIND 9.5.0-P2 on CentOS 5.2
I have an issue where I have an apparent mistake in the lock down of my name servers. I have limited what systems can send queries to a given server. Looking at packet captures, everything should be working. However, I keep getting 'REFUSED' returned for authoritative queries to this authoritative name server. Is there any way that I can get BIND to tell me: -- The IP addresses allowed to query each zone? -- The IP addresses allowed to query each view? -- The IP addresses allowed to query the server? Also, I have an apparent issue where I have something set up wrong in logging. Here is the config: logging { channel "file_debug" { file "/files/auth_debug.txt" ; severity dynamic ; print-category yes ; print-severity yes ; print-time yes ; } ; ... } ; category default { log_info ; file_debug ; } ; However, when I set the debug level up (I have gone as high as 9), I do not see anything logged in the file. The file exists and is owned by the chroot-ed user and has perms of 600. What I have done wrong here? Also, what category and at what debug level would log: -- Why client query was refused? -- What ACLs were applied to each view and zone? TIA for all help!! JonK -- Jon R. Kibler Chief Technical Officer A.S.E.T., Inc. Charleston, SC USA o: 843-849-8214