Antwort: Secure Bind DNS server problem
holger.honert at signal-iduna.de
holger.honert at signal-iduna.de
Tue Apr 19 08:01:06 UTC 2005
Hello Arthur,
your log-file says
Apr 18 13:46:11 daffy named[24498]: client 71.4.246.96#32770: query
'ptera.net/IN' denied
which is correctly handled due to your statement
allow-query {
// Accept queries from our "trusted" ACL. We will
// allow anyone to query our master zones below.
// This prevents us from becoming a free DNS server
// to the masses.
trusted;
};
... snip
acl "trusted" {
// Place our internal and DMZ subnets in here so that
// intranet and DMZ clients may send DNS queries. This
// also prevents outside hosts from using our name server
// as a resolver for other domains.
216.229.171.0/24;
69.28.32.0/20;
localhost;
};
... snip
you are allowing only queries clients listed in your acl.
Maybe you check this out!
Kind Regards/Freundlichen Gruß
Holger Honert
KOMN-97851
SIGNAL IDUNA Gruppe
Joseph-Scherer-Str. 3
44139 Dortmund
Phone: +49 231/135-4043
FAX: +49 231/135-2959
mailto: holger.honert at signal-iduna.de
More information about the bind-users
mailing list