BIND9 Feature Request: inheritance-policy

JW λ John Woodworth jw at pcthink.com
Thu May 27 17:52:11 UTC 2021


Greetings, I would like to request a new feature which I hope will make management of the 'allow' match-lists a tad easier.In short, an option such as 'allow-transfer' in view or zone contexts could extend the match-list as defined in the options section.  This would flow from options->view->zone.This could minimize some of the duplication when the same set of servers are used at lower levels in the config.Additionally, a 'reset' flag would set the policy within its context, while clearing the accumulated list prior to setting the match-list in that context.Below is a proposed ABNF:inheritance-policy "{" 1*policy "};"reset      =  "reset"rule       =  "allow-query"rule       =/ "allow-query-cache"rule       =/ "allow-notify"rule       =/ "allow-transfer"rule       =/ "allow-update"rule       =/ "allow-update-forwarding"rule       =/ "also-notify"policy     =  rule "replace" *1reset ";"policy     =/ rule "extend" *1reset ";"Best regards, John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210527/26465be5/attachment-0001.htm>


More information about the bind-users mailing list