Re: is there a also-allow-transfer
On 13/12/12 9:46, Feng He wrote:
acl NAMESVR { 74.81.81.82; };
On 13.12.12 10:00, Sten Carlsen wrote:
NAMESVR is an acl, it could look like {74.81.0.0/16} or {any}
Essentially it is a kind of bitmask, not a list of IPs.
options {
directory /var/cache/bind;
recursion no;
version unknown;
allow-transfer { NAMESVR; };
also-notify { NAMESVR; };
All notifys must have a list of IPs, if the acl was any, you would have
to notify the full internet. The mechanism is designed to accept only a
list of IPs. It can not accept an acl.
you can define master server via masters {} directive, and use it in
also-notify {} clause.
you will just have to define 74.81.81.82 two times - in both acl and masters
directives...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Save the whales. Collect the whole set.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: is there a also-allow-transfer
Hello Mark,
My named.conf looks as:
acl NAMESVR { 74.81.81.82; };
options {
directory /var/cache/bind;
recursion no;
version unknown;
allow-transfer { NAMESVR; };
also-notify { NAMESVR; };
allow-update { 127.0.0.1; };
};
# zone begins
zone test.com {
type master;
file /var/cache/bind/test.com.db;
allow-transfer { NAMESVR; 74.81.81.81; };
also-notify { NAMESVR; 74.81.81.81; };
};
When I run named-checkconf I got the error:
# named-checkconf
/etc/bind/named.conf:8: expected IP address near 'NAMESVR'
Please help. Thanks.
于 2012-12-13 15:23, Mark Andrews 写道:
In message 50c9818e.2060...@nsbeta.info, Feng He writes:
Hello,
I have the allow-transfer{} section in the global options{} block.
But for a special zone, I want to include another IP to allow transfer
besides the global IPs.
Is there a also-allow-transfer option in BIND?
If not how to control this?
acl xxx { };
options {
allow-transfer { xxx; };
};
zone yyy {
allow-transfer { xxx; extra; };
};
Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this l
ist
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: is there a also-allow-transfer
On 13/12/12 9:46, Feng He wrote:
Hello Mark,
My named.conf looks as:
acl NAMESVR { 74.81.81.82; };
NAMESVR is an acl, it could look like {74.81.0.0/16} or {any}
Essentially it is a kind of bitmask, not a list of IPs.
options {
directory /var/cache/bind;
recursion no;
version unknown;
allow-transfer { NAMESVR; };
also-notify { NAMESVR; };
All notifys must have a list of IPs, if the acl was any, you would have
to notify the full internet. The mechanism is designed to accept only a
list of IPs. It can not accept an acl.
allow-update { 127.0.0.1; };
};
# zone begins
zone test.com {
type master;
file /var/cache/bind/test.com.db;
allow-transfer { NAMESVR; 74.81.81.81; };
also-notify { NAMESVR; 74.81.81.81; };
};
When I run named-checkconf I got the error:
# named-checkconf
/etc/bind/named.conf:8: expected IP address near 'NAMESVR'
Please help. Thanks.
于 2012-12-13 15:23, Mark Andrews 写道:
In message 50c9818e.2060...@nsbeta.info, Feng He writes:
Hello,
I have the allow-transfer{} section in the global options{} block.
But for a special zone, I want to include another IP to allow transfer
besides the global IPs.
Is there a also-allow-transfer option in BIND?
If not how to control this?
acl xxx { };
options {
allow-transfer { xxx; };
};
zone yyy {
allow-transfer { xxx; extra; };
};
Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this l
ist
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Best regards
Sten Carlsen
No improvements come from shouting:
MALE BOVINE MANURE!!!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: is there a also-allow-transfer
Thanks.
So how to handle the case described as below?
We already have the also-notify{} section in the global options{} block.
But for a special zone, just want to include another IP to also-notify
besides the global IPs.
于 2012-12-13 17:00, Sten Carlsen 写道:
On 13/12/12 9:46, Feng He wrote:
Hello Mark,
My named.conf looks as:
acl NAMESVR { 74.81.81.82; };
NAMESVR is an acl, it could look like {74.81.0.0/16} or {any}
Essentially it is a kind of bitmask, not a list of IPs.
options {
directory /var/cache/bind;
recursion no;
version unknown;
allow-transfer { NAMESVR; };
also-notify { NAMESVR; };
All notifys must have a list of IPs, if the acl was any, you would have
to notify the full internet. The mechanism is designed to accept only a
list of IPs. It can not accept an acl.
allow-update { 127.0.0.1; };
};
# zone begins
zone test.com {
type master;
file /var/cache/bind/test.com.db;
allow-transfer { NAMESVR; 74.81.81.81; };
also-notify { NAMESVR; 74.81.81.81; };
};
When I run named-checkconf I got the error:
# named-checkconf
/etc/bind/named.conf:8: expected IP address near 'NAMESVR'
Please help. Thanks.
于 2012-12-13 15:23, Mark Andrews 写道:
In message50c9818e.2060...@nsbeta.info, Feng He writes:
Hello,
I have the allow-transfer{} section in the global options{} block.
But for a special zone, I want to include another IP to allow transfer
besides the global IPs.
Is there a also-allow-transfer option in BIND?
If not how to control this?
acl xxx { };
options {
allow-transfer { xxx; };
};
zone yyy {
allow-transfer { xxx; extra; };
};
Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: is there a also-allow-transfer
On 13/12/12 10:09, Feng He wrote:
Thanks.
So how to handle the case described as below?
We already have the also-notify{} section in the global options{} block.
But for a special zone, just want to include another IP to also-notify
besides the global IPs.
于 2012-12-13 17:00, Sten Carlsen 写道:
On 13/12/12 9:46, Feng He wrote:
Hello Mark,
My named.conf looks as:
acl NAMESVR { 74.81.81.82; };
NAMESVR is an acl, it could look like {74.81.0.0/16} or {any}
Essentially it is a kind of bitmask, not a list of IPs.
options {
directory /var/cache/bind;
recursion no;
version unknown;
allow-transfer { NAMESVR; };
also-notify { NAMESVR; };
All notifys must have a list of IPs, if the acl was any, you would have
to notify the full internet. The mechanism is designed to accept only a
list of IPs. It can not accept an acl.
also-notify{ 74.81.81.82;}
allow-update { 127.0.0.1; };
};
# zone begins
zone test.com {
type master;
file /var/cache/bind/test.com.db;
allow-transfer { NAMESVR; 74.81.81.81; };
also-notify { 74.81.81.82; 74.81.81.81; };
};
When I run named-checkconf I got the error:
# named-checkconf
/etc/bind/named.conf:8: expected IP address near 'NAMESVR'
Please help. Thanks.
于 2012-12-13 15:23, Mark Andrews 写道:
In message50c9818e.2060...@nsbeta.info, Feng He writes:
Hello,
I have the allow-transfer{} section in the global options{} block.
But for a special zone, I want to include another IP to allow transfer
besides the global IPs.
Is there a also-allow-transfer option in BIND?
If not how to control this?
acl xxx { };
options {
allow-transfer { xxx; };
};
zone yyy {
allow-transfer { xxx; extra; };
};
Thanks.
--
Best regards
Sten Carlsen
No improvements come from shouting:
MALE BOVINE MANURE!!!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: is there a also-allow-transfer
This would be easy by hand, but not by programming, since I have lots of
zones for updates :)
于 2012-12-13 17:35, Sten Carlsen 写道:
also-notify { 74.81.81.82; 74.81.81.81; };
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: is there a also-allow-transfer
Well, you can NOT use an ACL in any form of notify.
This topic has been discussed a number of times, look in the archives.
BTW: I would think programming a solution from e.g. a database would be
easy.
On 13/12/12 10:43, Feng He wrote:
This would be easy by hand, but not by programming, since I have lots of
zones for updates :)
于 2012-12-13 17:35, Sten Carlsen 写道:
also-notify { 74.81.81.82; 74.81.81.81; };
--
Best regards
Sten Carlsen
No improvements come from shouting:
MALE BOVINE MANURE!!!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
is there a also-allow-transfer
Hello,
I have the allow-transfer{} section in the global options{} block.
But for a special zone, I want to include another IP to allow transfer
besides the global IPs.
Is there a also-allow-transfer option in BIND?
If not how to control this?
Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: is there a also-allow-transfer
In message 50c9818e.2060...@nsbeta.info, Feng He writes:
Hello,
I have the allow-transfer{} section in the global options{} block.
But for a special zone, I want to include another IP to allow transfer
besides the global IPs.
Is there a also-allow-transfer option in BIND?
If not how to control this?
acl xxx { };
options {
allow-transfer { xxx; };
};
zone yyy {
allow-transfer { xxx; extra; };
};
Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this l
ist
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: is there a also-allow-transfer
于 2012-12-13 15:23, Mark Andrews 写道:
acl xxx { };
options {
allow-transfer { xxx; };
};
zone yyy {
allow-transfer { xxx; extra; };
}
cool. thanks!
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
