AW: block ddns by name
Melbinger Christian
Christian.Melbinger at wienit.at
Thu Feb 23 11:41:16 UTC 2012
Hi
Thank you, i think this will do the trick... just have to make sure if the dhcp uses signed updates or by ip - because it only works with signed updates. I think it's by ip, since there's no such key config in dhcpd.conf :(
Thanks!
---
Ing. Christian Melbinger
Netzwerk & Security
WienIT EDV Dienstleistungsgesellschaft mbH & Co KG
A-1030 Wien, Thomas-Klestil-Platz 6
tel: +43 (1) 90405 47188
fax: +43 (1) 90405 88 47188
mailto:christian.melbinger at wienit.at
-----Ursprüngliche Nachricht-----
Von: Tony Finch [mailto:fanf2 at hermes.cam.ac.uk] Im Auftrag von Tony Finch
Gesendet: Donnerstag, 16. Februar 2012 14:37
An: Melbinger Christian
Cc: bind-users at lists.isc.org
Betreff: Re: block ddns by name
Melbinger Christian <Christian.Melbinger at wienit.at> wrote:
>
> Does anyone know if there is a way to prevent the creation of certain
> records - by name?
http://ftp.isc.org/isc/bind9/cur/9.7/doc/arm/Bv9ARM.ch06.html#dynamic_update_policies
Based on that, something the following should do what you want:
update-policy {
deny "*" name "internal.example.com";
# ...
};
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Shannon: Westerly or southwesterly 5 or 6, but 4 until later in far south.
Moderate or rough. Occasional rain or drizzle. Moderate or good.
____________________________________________________________________________
WienIT EDV Dienstleistungsgesellschaft mbH & Co KG, A-1030 Wien, Thomas-Klestil-Platz 6,
FN 255974h, Handelsgericht Wien, DVR: 2109667, UID-Nr. ATU61260824
Persönlich haftender Gesellschafter:
WienIT EDV Dienstleistungsgesellschaft mbH, A-1030 Wien, Thomas-Klestil-Platz 6,
FN 255649f, Handelsgericht Wien, UID-Nr. ATU61296118
More information about the bind-users
mailing list