How to stop listing though 'ls domainname'?
Kevin Darcy
kcd at daimlerchrysler.com
Wed Jan 5 00:26:43 UTC 2000
Azhar H. Chowdhury wrote:
> Hi!
>
> I am new to this mailing list and bind also. I am facing
> small problem and looking for your kind help.
>
> When I run 'ls <MYDOMAINNAME.COM>' from nslookup where
> server set to my DNS server which is running latest version
> of BIND at LINUX, it's show each entries. I want to stop
> it and implement such a way that only from fixed IP address
> can view listing of domain.
>
> Looking for your kind reply.
The "ls" command uses the same mechanism as zone transfers between
masters and slaves, so check out the "allow-transfer" option, which can
be set globally or for specific zones. To restrict this properly, don't
forget to set allow-transfer on your slaves as well as your master, and
also don't forget to add the addresses of your slaves to the
allow-transfer on your master, otherwise you'll break zone transfers.
- Kevin
More information about the bind-users
mailing list