BIND 10 #772: Update xfrout to use ACL checking library
BIND 10 Development
do-not-reply at isc.org
Wed Jul 13 12:55:45 UTC 2011
#772: Update xfrout to use ACL checking library
-------------------------------------+-------------------------------------
Reporter: | Owner: UnAssigned
stephen | Status: reviewing
Type: | Milestone:
enhancement | Sprint-20110712
Priority: major | Resolution:
Component: | Sensitive: 0
xfrout | Sub-Project: DNS
Keywords: | Estimated Difficulty: 3.0
Defect Severity: N/A | Total Hours: 0
Feature Depending on Ticket: |
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
Changes (by vorner):
* owner: vorner => UnAssigned
* status: accepted => reviewing
* milestone: Sprint-20110802 => Sprint-20110712
Comment:
This should be ready for review. It is based on today snapshot of #983,
which should be quite close to completion. There are few minor cleanups in
it as well.
It provides the ACL configuration option to put the global ACL for xfrout.
There's no per-zone configuration currently (I believe we didn't yet
decide where we put per-zone configs, if into each module separately or
globally) and it would need the map with any names to implement it, so
there's no way to configure ACLs per zone.
The changelog entry could be:
{{{
[func] vorner
It is possible to specify ACL for the xfrout module. It is in the ACL
configuration key and has the usual ACL syntax. It currently supports
only the source address currently. Default ACL rejects everything.
}}}
--
Ticket URL: <http://bind10.isc.org/ticket/772#comment:4>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list