DNS control
Michael Kearey
mutk at iprimus.com.au
Tue Sep 23 07:08:51 UTC 2003
Nicholas Yau wrote:
> hi folks :
> I have a dns up in my redhat 8.0 linux box.
>
> -running bind-9.2.1-9.
> -manually assign IP
>
> actually i provide the service for my LAN user.
> in network 192.168.42.x subnet mask 255.255.255.0
>
> what i wanted to do is,
> Only user and IP listed in the /var/named/named.xxx
> can do the query from their machine to my linux box then
> only out to the internet.
>
>
> So that user cannot simply assign their own ip from the range
> 192.168.42.x as they like without informing the administrator.
>
>
> help me folks !
I am quite sure this question should not belong here in redhat-beta or
in fedora-test-list
ANyway, once we figure out a good place to ask this question I will
have a go answering it.
Read www.redhat.com Redhat guides, they still have excellent reference
on this sort of thing..
I have done this in /etc/named.conf:
Add a acl not-welcome
acl not-welcome {
!192.168.0.0/24;
};
Add a welcome acl:
acl welcome {
192.168.0.0/24;
127.0.0.1;
};
Then in options put this:
options {
..,
..,
blackhole { not-welcome; };
allow-query { welcome; };
allow-recursion { welcome; };
..,
..,
};
Test it out to see if it works for you. You can specify a list of IP's
or a range in CIDR form as far as I know. 'man named.conf' also gives
details on what you can do.
Cheers,
Michael
More information about the fedora-test-list
mailing list