> The documentation for `match-clients' isn't comprehensive enough... Can
> I add all host from, for example 172.16/16 except a single host? Does:
>
> match-clients { 172.16.0.0/16;!172.16.1.1; }
BIND checks the ACL in the order you specify. In your example,
172.16.1.1 will be allowed by the first rule. Change the order:
match-clients {
!172.16.1.1;
172.16.0.0/16;
}
This disallows 172.16.1.1 first, which will work as you expect it to.
-JP
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users
