From owner-freebsd-questions Wed Jul 21 12:57: 2 1999 Delivered-To: freebsd-questions@freebsd.org Received: from java.dpcsys.com (java.dpcsys.com [206.16.184.7]) by hub.freebsd.org (Postfix) with ESMTP id E55BE14D20 for ; Wed, 21 Jul 1999 12:56:56 -0700 (PDT) (envelope-from dan@dpcsys.com) Received: from localhost (dan@localhost) by java.dpcsys.com (8.9.1a/8.9.1) with SMTP id MAA24650; Wed, 21 Jul 1999 12:56:51 -0700 (PDT) Date: Wed, 21 Jul 1999 12:56:51 -0700 (PDT) From: Dan Busarow To: Kevin Weiss Cc: freebsd-questions@FreeBSD.ORG Subject: Re: DNS Config Question--named.conf file In-Reply-To: <19990721192144.D7F081556B@hub.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 21 Jul 1999, Kevin Weiss wrote: > IP#'s and so forth are fake. I have yet to go > back and shorten the db files, but I'll do that after I > get your opinions. I also want to make sure that I > don't allow zone transfers. > > > Here is my named.conf file: ... > options { > directory "/etc/namedb"; > recusrion no; > fetch-glue no; > }; > zone "example.com" in { > type master; > file "db.example"; > notify no; > allow-transfer { 149.7.13.3; }; > }; > zone "13.7.149.in-addr.arpa" in { > type master; > file "db.149.7.13"; > }; Move your allow-transfer to the options section. Then your currently unprotected in-addr.arpa zone will be covered too. Dan -- Dan Busarow 949 443 4172 Dana Point Communications, Inc. dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message