allow-users with list of IP's and key
Mark Andrews
marka at isc.org
Tue Aug 14 03:08:08 UTC 2012
In message <CAHu+3Ox-tnyuqGUXtZCDTbPf14jihxA6DDtreL26LMFSiT2YRw at mail.gmail.com>
, Red Cricket writes:
> Hi,
>
> I am running bind 9.9.1-P1 and I have in my named.conf this zone ...
>
> zone "example.com" {
> ...
> allow-update {
> 192.168.1.32;
> 192.168.1.33;
> key example.com.key;
> };
> };
allow-update { !{ !192.168.1.32; !192.168.1.33; any; }; key example.com.key; };
> I was hoping that this meant that only hosts 192.168.1.32 and
> 192.168.1.33 with the key example.com.key
> could update example.com, but after doing some test it appears that I
> can update example.com from
> 192.168.1.32 and 192.168.1.33 without the key and that any host that
> uses the key can update example.com.
>
> What sort of config do I need to use to restrict updates to
> 192.168.1.32 or 192.168.1.33 AND the key?
>
> Thanks
> Red
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list