In some zones, I've setup this update-policy to prevent any DHCP server to create an A record called localhost (which has already happened for some reasons.) :

zone "somezone.domain.net" {
                type master;
                file "master/domain.net.zone";

                update-policy {
                        deny "*" name "localhost.domain.net";

And it's working nicely.

Now, I see that some hosts are registering into our DHCP then DNS db using some names we don't want.

Then I'm trying to create an update policy to deny such record creation but I don't understand the syntax :

I tried using :
deny "*" wildcard "badname.*.domain.net";
but named is telling me :
'*badname' is not a wildcard

I tried many combinations of this line, and the only allowed syntax so far is :
deny "*" wildcard "*";
which I guess means "No one won't update anything".

1 : It is doable to achieve such a filter?
2 : If yes, may someone suggest the correct syntax?

Thank you.

Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list

Reply via email to