Declaring and using ACLs in named.conf
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Sun Oct 7 23:03:58 UTC 2001
I'm sure that the mailservers for "thanks.com" enjoy the extra
load. If "nospam at thanks.com" is your real address then you
confuse people who are trying to help you. We can't not send
to nospam at thanks.com because the only way we can tell if it
is a invalid address is to try it. Yes there are users who
use the names "nospam" and "spam".
>
> I'm just beginning to learn to configure BIND 8.2.5 on a Windows NT4
> server, having used only 4.9.x until now. I've got a few questions
> regarding correct (or acceptable) syntax when declaring and using
> ACLs.
>
> When declaring an ACL, are dobule quotes around the name required?
>
> acl localservers { 206.168.43.1; 206.168.47.2; 206.168.47.3; };
>
> or
>
> acl "localservers" { 206.168.43.1; 206.168.47.2; 206.168.47.3; };
If the name of the acl is a reserved word then it needs to be
quoted otherwise no.
>
>
> What about when using the above, say in the options block. Are
> double-quotes needed?
>
> allow-transfers { localservers; };
>
> or
>
> allow-transfers { "localservers"; };
ditto.
>
>
> When using the predefined ACLSs - quotes, no quotes, or either way?
>
> allow-transfers { none; };
Either way.
>
>
> Can ACLs be mixed with IP match lists? As in:
>
> allow-query { localservers; 208.154.162/24; };
Yes.
>
>
> Thanks!
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list