Re: bind9 allow-query
On Sat Jul 20 12:59:52 2013
Artem Chuprina wrote:
> allow-query
>
> Specifies which hosts are allowed to ask ordinary DNS
> questions. allow-query may also be specified in the zone statement,
> in which case it overrides the options allow-query statement. If not
> specified, the default is to allow queries from all hosts.
>
> Note
>
> allow-query-cache is now used to specify access to the cache.
>
> Как же так, дорогая редакция? Такое, гм, недокументированное поведение
> вообще где-то документировано, или как?
HISTORY:
New option "allow-query-cache". This lets "allow-query"
be used to specify the default zone access level rather
than having to have every zone override the global value.
"allow-query-cache" can be set at both the options and view
levels. If "allow-query-cache" is not set then "allow-recursion"
is used if set, otherwise "allow-query" is used if set
unless "recursion no;" is set in which case "none;" is used,
otherwise the default (localhost; localnets;) is used.
bin/named/server.c:
* "allow-query-cache" inherits from "allow-recursion" if set,
* otherwise from "allow-query" if set.
* "allow-recursion" inherits from "allow-query-cache" if set,
* otherwise from "allow-query" if set.
Michael
Reply to: