How to return REFUSED

[Axel Rau]

> Am 05.05.2021 um 22:06 schrieb Kevin Darcy via bind-users <bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>>:
> 
> I just checked the ARM, and it denotes that "match-recursive-only" (boolean) still exists for views. So, you might be able to set up a special view with that, as well as a negated match-clients, specifying allow-query { none; }. Put it as the first view, and both non-recursive queries, and queries from your "recursive-users" ACL, will fall through to subsequent views.
> 
> P.S. ISC's "understanding views" knowledgebase article doesn't mention match-recursive-only, so there is a discrepancy there. Either the feature has been removed, and the ARM documentation hasn't been updated to reflect it, or the knowledgebase article only focuses on the most common view-matching criteria, omitting match-recursive-only, since the use cases for that are very rare.


Thanks, Kevin for your quick response, which let me start converting to views,

Axel
---
PGP-Key: CDE74120  ☀  computing @ chaos claudius

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210506/0268937f/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210506/0268937f/attachment-0001.bin>