[Pdns-dev] Re: BIND backend support for allow-query in
named.conf
Leen Besselink
leen at wirehub.nl
Fri Sep 12 15:06:31 CEST 2008
On Mon, Sep 08, 2008 at 10:52:01AM -0700, Brendan Oakley wrote:
> Hi Leen,
>
> On Sat, Sep 6, 2008 at 5:10 AM, Leen Besselink wrote:
> > My take would be, should this not be a general option instead of just for the
> > bind-backend ?
>
> Interesting thought. Because this is done on a zone basis, it has to
> be in the backend, as opposed to the front-end. But these are simple
> enough methods that better OO form might be to put them in the base
> DomainInfo class rather than the BIND BB2DomainInfo class. It might
> even be more efficient, then, to check the IP in a base class before
> even calling lookup().
>
I was thinking maybe in /etc/powerdns/pdns.conf add an extra entry:
acl-from=/etc/powerdns/acl
in acl:
domain.tld { 192.168.1.0/24 };
That is what I meant with all backend's. :-)
> Even so, every backend would store the allowed IP list differently, so
> code would have to be added to each one to populate the ACL.
>
> I can re-do it this way (at least the base class part) if Bert is interested.
>
> Thanks.
> Brendan
More information about the Pdns-dev
mailing list