allowing queries from all IPv4 addresses but only a range of IPv6 addresses

David Forrest drf at maplepark.com
Tue May 31 10:54:34 UTC 2011


On Tue, 31 May 2011, Dennis Perisa wrote:

> Hello community,
>
> I have a requirement to configure BIND 9.7.3 to allow queries from any
> IPv4 address and only a specific IPv6 prefix.
>
> The allow-query statement takes an address match list as argument, but
> I'm not sure how I can specify 'any IPv4 host' without having to use
> the 'any' keyword (which matches on ALL IPv4 and IPv6 addresses).
>
> Hoping you can help,
> Dennis

Dennis, how about:

acl some-nets	{
 		0.0.0.0/0;		// all IPv4
 		2001:470:1f11:7d0::/64;	// our IPV6 prefix
 		};

...

match-clients	{ some-nets; };

...

Dave

-- 
David Forrest 
Maple Park Development Corporation 
St. Louis, Missouri



More information about the bind-users mailing list