[Pdns-users] AXFR ACL by Domain
Derrik Pates
demon at devrandom.net
Mon Sep 19 02:16:27 UTC 2005
David Levy wrote:
> I am aware that you can restrict AXFR based on a list of network
> addresses, but I am curious as to if it is possible to do the same on a
> per-domain basis and in the backend instead of config. >From reading
> the powerdns documentation, it seems like this is not possible at this
> time. I suppose if I am correct, and there is no way to do this
> presently, this message can also be considered a feature request, thanks.
There's not support for it in the mainline code, but I do have a patch
that I roll into my own PowerDNS packages that I use on my employers'
DNS servers. Let me know if you want me to forward it to you. I've made
a few improvements to it to add support to the gsqlite module as well,
and fix up a bug with multiple ACL entries for a single domain. The
tuples allow specific IPs to AXFR specific domains. It doesn't support
CIDR blocks or anything like that, but it works well enough.
--
Derrik Pates
demon at devrandom.net
More information about the Pdns-users
mailing list