Zonefiles & CIDR
Darin
derwood at naebunny.net
Mon Mar 9 03:38:48 UTC 2009
Stephen Ward wrote:
> Just a quick silly question.
>
> Running BIND9 (someone kindly raped to get it to work on windows) but it
> does not seem to support CIDR ranges. I mostly use it to block unwanted
> email by connecting IP (glorified reverse DNS).
>
> Rather than have to enter loads of lines to match up wide spans of ranges
> I would like to define them using CIDR, but it seems it does not support
> it.
>
> I'm probably being really thick - but is this so?!
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
>
I do a similar thing with BIND in my network I take IP ranges for
certain countries and set up a blocklist using reverse format. BIND
will work with CIDR but in a very limited way. Heres an example from my
list:
*.82.77 IN A 127.0.0.3
The stetment above will block a whole /16
*.191.79.77 IN A 127.0.0.3
The statement above will block a whole /24
So, you just have to set up your script to break things down by /8, /16,
or /24. Thats about the best you can do.
Darin -
More information about the bind-users
mailing list