On Monday 22 February 2010 19:26, Geoff Sweet wrote: > I have tried several different attempts to make this work, and the only > change that works is to set in the options allow-query{any;};. However the > problem with that is that it then permits anyone to make any query against > my nameservers and I don't want that.
That the purpose of having a public DNS server? So others can get your public DNS information? You want them to be able to query your server for your information but not allow recursion. By only allowing localhost, localnets and wemadenets, everyone else is blocked thus they cannot get your information. > Can anyone here offer me some advice as to what I am doing wrong? For reference here is my config file: > > acl wemadenets { 66.150.173.0/26; }; > > options { > directory "/var/named"; > dump-file "/var/named/data/cache_dump.db"; > statistics-file "/var/named/data/named_stats.txt"; > memstatistics-file "/var/named/data/named_mem_stats.txt"; > allow-query { localhost; localnets; wemadenets; }; > allow-recursion { wemadenets; }; > }; Edit allow-query and allow any. Then everyone can get your information and still not use your server for recursion I take it you are working off some sort of how-to for this. -- Regards Robert Linux User #296285 http://counter.li.org _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users