From owner-freebsd-current@FreeBSD.ORG Thu Jun 8 06:10:06 2006 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 235A616D0F0 for ; Thu, 8 Jun 2006 03:30:57 +0000 (UTC) (envelope-from maxim@macomnet.ru) Received: from mp2.macomnet.net (mp2.macomnet.net [195.128.64.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 736B843D49 for ; Thu, 8 Jun 2006 03:30:56 +0000 (GMT) (envelope-from maxim@macomnet.ru) Received: from localhost (localhost [127.0.0.1]) by mp2.macomnet.net (8.13.4/8.13.3) with ESMTP id k583UsRo006283; Thu, 8 Jun 2006 07:30:54 +0400 (MSD) (envelope-from maxim@macomnet.ru) Date: Thu, 8 Jun 2006 07:30:54 +0400 (MSD) From: Maxim Konovalov To: Lyndon Nerenberg In-Reply-To: <6F58AE0B-7A48-4675-96C3-92899A4DF8AD@orthanc.ca> Message-ID: <20060608072636.C6097@mp2.macomnet.net> References: <20060608015022.Y52876@mp2.macomnet.net> <6F58AE0B-7A48-4675-96C3-92899A4DF8AD@orthanc.ca> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Cc: current@freebsd.org Subject: Re: named recursive queries X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jun 2006 06:10:06 -0000 On Wed, 7 Jun 2006, 19:56-0700, Lyndon Nerenberg wrote: > >I think we need to stop spread misconfigured named's too. Any > >objections? > > I like OpenBSD's way a bit better: > > acl clients { > localnets; > : :1; 127.0.0.1; > }; > > options { > allow-recursion { clients; }; > }; > > It's the same as you propose, but also allows hosts on directly connected > networks to query. Yep, agreed. NetBSD's allow-recursion { localhost; localnets; }; looks like a good compromise. -- Maxim Konovalov