From owner-freebsd-current@FreeBSD.ORG Thu Jun 8 05:35:21 2006 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 549E316DCA2 for ; Thu, 8 Jun 2006 02:56:26 +0000 (UTC) (envelope-from lyndon@orthanc.ca) Received: from orthanc.ca (orthanc.ca [209.89.70.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id D873343D6A for ; Thu, 8 Jun 2006 02:56:25 +0000 (GMT) (envelope-from lyndon@orthanc.ca) Received: from [192.168.15.2] (d154-5-28-131.bchsia.telus.net [154.5.28.131]) (authenticated bits=0) by orthanc.ca (8.13.4/8.13.4) with ESMTP id k582uMbp077460; Wed, 7 Jun 2006 20:56:22 -0600 (MDT) (envelope-from lyndon@orthanc.ca) In-Reply-To: <20060608015022.Y52876@mp2.macomnet.net> References: <20060608015022.Y52876@mp2.macomnet.net> Mime-Version: 1.0 (Apple Message framework v750) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <6F58AE0B-7A48-4675-96C3-92899A4DF8AD@orthanc.ca> Content-Transfer-Encoding: 7bit From: Lyndon Nerenberg Date: Wed, 7 Jun 2006 19:56:20 -0700 To: Maxim Konovalov X-Mailer: Apple Mail (2.750) X-Spam-Status: No, score=0.1 required=5.0 tests=AWL,BAYES_00, RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL autolearn=no version=3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on orthanc.ca Cc: current@freebsd.org Subject: Re: named recursive queries X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jun 2006 05:35:21 -0000 > I think we need to stop spread misconfigured named's too. Any > objections? I like OpenBSD's way a bit better: acl clients { localnets; ::1; 127.0.0.1; }; options { allow-recursion { clients; }; }; It's the same as you propose, but also allows hosts on directly connected networks to query.