[Pdns-users] Is it possible to filter tsig-key dnsupdate access?

Aki Tuomi cmouse at cmouse.fi
Fri Apr 29 04:51:52 UTC 2022


To contradict Kevin, there is at least something

https://doc.powerdns.com/authoritative/dnsupdate.html#update-policy

Aki

> On 04/28/2022 10:34 PM Kevin P. Fleming via Pdns-users <pdns-users at mailman.powerdns.com> wrote:
> 
>  
> There is no existing mechanism to do that.
> 
> On Thu, Apr 28, 2022 at 2:32 PM Djerk Geurts via Pdns-users
> <pdns-users at mailman.powerdns.com> wrote:
> >
> > Hi all,
> >
> > I’m in the process of setting up DNS-01 Let’s Encrypt verification and have generated the tsig-key, added it to the zone as TSIG-ALLOW-DNSUPDATE. But I’d like to restrict the updates to hostname "_acme-challenge" and record type TXT.
> >
> > Will I have to write a LUA script for this or is there a better way of doing this?
> >
> > --
> > Best regards,
> > Djerk Geurts
> > m: +44-7535-674620
> >
> > Maizymoo Ltd
> > VAT No: GB192 1529 07
> > Registration Number: 6638104 (registered in England and Wales)
> >
> > _______________________________________________
> > Pdns-users mailing list
> > Pdns-users at mailman.powerdns.com
> > https://mailman.powerdns.com/mailman/listinfo/pdns-users
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> https://mailman.powerdns.com/mailman/listinfo/pdns-users


More information about the Pdns-users mailing list