From 709adbc60ecfe2ba992acfe680eaefe9ea7b7f8b Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Fri, 18 Oct 2013 19:41:06 -0300 Subject: bind - bump version and change acl field description --- config/bind/bind_zones.xml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'config') diff --git a/config/bind/bind_zones.xml b/config/bind/bind_zones.xml index 08acc7ae..09a5129f 100644 --- a/config/bind/bind_zones.xml +++ b/config/bind/bind_zones.xml @@ -273,7 +273,8 @@ Allow-update allowupdate - + + Allow-update defines a match list eg IP address(es) that are allowed to submit dynamic updates for 'master' zones ie it enables Dynamic DNS (DDNS).]]> select_source name @@ -284,7 +285,8 @@ Allow-query allowquery - Allow-query defines an match list of IP address(es) which are allowed to issue queries to the server. + + Allow-query defines an match list of IP address(es) which are allowed to issue queries to the server.]]> select_source name @@ -295,7 +297,8 @@ Allow-transfer allowtransfer - Allow-transfer defines a match list eg IP address(es) that are allowed to transfer (copy) the zone information from the server (master or slave for the zone). While on its face this may seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys can get all of it anyway. However if the thought of anyone being able to transfer your precious zone file is repugnant, or (and this is far more significant) you are concerned about possible DoS attack initiated by XFER requests, then use the following policy. + + Allow-transfer defines a match list eg IP address(es) that are allowed to transfer (copy) the zone information from the server (master or slave for the zone). While on its face this may seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys can get all of it anyway. However if the thought of anyone being able to transfer your precious zone file is repugnant, or (and this is far more significant) you are concerned about possible DoS attack initiated by XFER requests, then use the following policy.]]> select_source name -- cgit v1.2.3