filtering results to subnets

Sat Jul 19 03:05:42 UTC 2008

In article <g5rjuf$1a1u$1 at sf1.isc.org>,
 Jerome Haltom <wasabi at larvalstage.net> wrote:

> I have a desire to filter A records returned to clients that are outside
> of certain subnets. Basically my zone has a lot of private addresses in
> it. I'm cool with this.
> 
> I'd like those private addresses to only be sent to other private
> addresses. Any non private address should not receive them.
> 
> I know views is an option for this. The problem there is I actually have
> to maintain two zones. This is actually a slave zone from an Active
> Directory server, where host records come and go all the time,
> automatically, and which I'm not going to manipulate into a view by
> hand. I also don't mind AXFR's and IXFR's returning the private
> addresses.
> 
> If such a feature does not exist, does anybody have any opinions about
> the potential to add such a feature? I'd envision a syntax like
> sortlist:
> 
> filter
> {
> 	{
> 		0/0;
> 		{
> 			!192.168.0.0/16;
> 		};
> 	};
> 	{
> 		192.168.0.0/16;
> 		{
> 			192.168.0.0/16;
> 		};
> 	};
> };
> 
> Or something. 

How would a syntax like this deal with anything other than A records?  
For instance, how would it know to filter out MX records?

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***