BIND ACL ranges and negations
Jim Reid
jim at rfc1035.com
Wed Oct 4 08:42:47 UTC 2000
>>>>> "John" == John Hernandez <John.Hernandez at noaa.gov> writes:
John> Is there a way to specify a range of /24 networks in a BIND
John> ACL without explicity listing them all?
Yes. If the nets are contiguous, just use a wider "netmask" like a /20
or whatever is appropriate. Each element of an ACL is just translated
into a bit mask that gets applied to the IP address making the request.
John> Also, can I negate a network in an ACL?
Yes. Did you read the documentation for address_match_list?
More information about the bind-users
mailing list