Date: Thu, 01 Jul 2010 15:33:34 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Chris Maness <chris@chrismaness.com> Cc: krad <kraduk@googlemail.com>, freebsd-questions@freebsd.org Subject: Re: BIND Refusing to Resolve for External Hosts Message-ID: <4C2CA73E.9010700@infracaninophile.co.uk> In-Reply-To: <AANLkTikp3KxZ3hwo5o5Zv2jS7Q9unVvXmXSVB0HBgkdZ@mail.gmail.com> References: <AANLkTimgwvEhu9gt-L9_apH_rnwsv3NHSBARpHJepsvy@mail.gmail.com> <AANLkTimWrBi3wxvkKR0tLabbI1nz7fU_7xu0QZFeJ8ep@mail.gmail.com> <AANLkTinhx0LuivXNQNQKz3g57OSWTScWIIyZlP_ngrdk@mail.gmail.com> <AANLkTikp3KxZ3hwo5o5Zv2jS7Q9unVvXmXSVB0HBgkdZ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/07/2010 15:05:37, Chris Maness wrote: > Can a sub block of IP address space be used, and if so, what is the > wild card? Yes. You can use lists of IPs or address-and-mask in BIND ACLs. See: http://www.isc.org/files/arm96.html#address_match_lists and http://www.isc.org/files/arm96.html#id2553419 So, for example, I use this in my own BIND configuration: acl public-nets { 127.0.0.1; ::1; 81.187.76.160/29; 81.187.220.164; 2001:8b0:151:1::/64; }; Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwspz4ACgkQ8Mjk52CukIwe+ACfUD9llW6qoIhgNRGYr63gYU87 geAAmwcYudxH5G6YHiYLTmZGlveTOB+6 =ltc+ -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C2CA73E.9010700>