Bind 9.11 question (ACL ecs )
Mark Andrews
marka at isc.org
Tue Oct 25 19:50:19 UTC 2016
You use the "ecs" key word like this.
acl example { ecs 10.0.0.0/8; };
view ecs-net-10-only {
match-clients { example; };
};
Also using colour or fonts is not a good way to highlight
what the issue is. Not everyone reads email on a display
which supports different colours or fonts.
Also acls are *first* *match* so
match-clients {
area02; ecs-area02;
!{!ecs-area02; any; };
key Area02.mydomain.idv.;
};
and
match-clients { area02; ecs-area02; };
are the *same* as all "ecs-area02;" addresses have already
been matched by the time you get to looking at "!{!ecs-area02;
any; };".
Bob,
!{!ecs-area01; any; }; is reject anything which
isn't in ecs-area01.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list