9.7.0a2 - deny-answer-addresses
Jeremy C. Reed
jreed at isc.org
Fri Aug 21 15:42:31 UTC 2009
On Fri, 21 Aug 2009, clemens fischer wrote:
> BIND 9.7.0a2 built with '--prefix=/opt/bind/9.7.0a2'
> '--with-openssl=yes' '--disable-linux-caps'
> '--sysconfdir=/usr/local/etc' '--localstatedir=/var' 'CFLAGS=-O'
Thank you very much for testing the alpha release.
> deny-answer-addresses {
> 127/8; 192.168/16; 10/8; 172.16/12;
> } except-from {
> "zen.spamhaus.org";
> "dnsbl-1.uceprotect.net";
> "dnsbl-1.uceprotect.net";
This is repeated, resulting in "already exists" (via the RBT code).
Maybe we can improve the configuration failure logging for this.
> "ix.dnsbl.manitu.net";
> };
>
> I get:
>
> received SIGHUP signal to reload zones
> loading configuration from '/usr/local/etc/named.conf'
> ...
> reloading configuration failed: already exists
>
> Putting a suitably modified version of "deny-answer-addresses" into
> a forwarder zone returns:
Not supported in a type forward zone.
More information about the bind-users
mailing list