[Pdns-users] AXFR ACL by Domain

José Luis Tallón jltallon at adv-solutions.net
Wed Sep 28 00:46:19 UTC 2005


Derrik Pates wrote:

>David Levy wrote:
>  
>
>>        I am aware that you can restrict AXFR based on a list of network
>>addresses, but I am curious as to if it is possible to do the same on a
>>per-domain basis and in the backend instead of config.  >From reading
>>the powerdns documentation, it seems like this is not possible at this
>>time. I suppose if I am correct, and there is no way to do this
>>presently, this message can also be considered a feature request, thanks.
>>    
>>
>
>There's not support for it in the mainline code, but I do have a patch
>that I roll into my own PowerDNS packages that I use on my employers'
>DNS servers. Let me know if you want me to forward it to you. I've made
>a few improvements to it to add support to the gsqlite module as well,
>and fix up a bug with multiple ACL entries for a single domain. The
>tuples allow specific IPs to AXFR specific domains. It doesn't support
>CIDR blocks or anything like that, but it works well enough.
>  
>
Bert, could you possibly consider this or a variation thereof for
inclusion in mainline PowerDNS?
Maybe if someone (either me or someone else) volunteered the time to
adapt, test and document this code for you? (votes_for_feature_request++)


Best,
    J.L.





More information about the Pdns-users mailing list