[Pdns-dev] Preliminary ACL support in PowerDNS (AXFR for now)
davidu at everydns.net
davidu at everydns.net
Sun Mar 16 15:02:43 CET 2003
Hi,
With the help of Bert Hubert I was able to get a basic ACL system working
in PowerDNS today.
The current system been tested using the gpgsql backend but the other sql
backends should be trivial to add support for.
Attached is the patch which relies on a table in pgsql called "acls" with
the structure of:
CREATE TABLE "acls" (
"acl_id" int NOT NULL,
"acl_type" varchar(32) NOT NULL,
"key" varchar(250) NOT NULL,
"value" varchar(255) NOT NULL,
CONSTRAINT "acls_pkey" PRIMARY KEY ("acl_id")
);
An example ACL could be:
INSERT INTO "acls" ("acl_id", "acl_type", "key", "value")
VALUES (1, 'allow-axfr', 'example.com', '127.0.0.2');
To allow an AXFR of example.com FROM 127.0.0.2
The acl_type field allows this ACL system to be used for other purposes
besides just axfr. The system has not been tested with anything besides
AXFR however. This should patch into current CVS just fine. Please share
comments and questions. (One nice addition might be to add support for
netmasks)
The patch can also be found at
http://katie.everybox.com/~davidu/pdns_acls.diff
-davidu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pdns_acls.diff
Type: application/octet-stream
Size: 5858 bytes
Desc: not available
Url : http://mailman.powerdns.com/pipermail/pdns-dev/attachments/20030316/ee828e9f/pdns_acls.obj
More information about the Pdns-dev
mailing list