[Freeipa-devel] [PATCH] 195-199 New DNS features
Simo Sorce
simo at redhat.com
Tue Feb 14 13:25:58 UTC 2012
On Tue, 2012-02-14 at 12:09 +0100, Martin Kosek wrote:
> A new version of bind-dyndb-ldap has been released, sending fixed
> patches with the following major changes:
> - Since bind-dyndb-ldap supports only idnsForwarders global option at
> this time, all other global options were removed from the API. They
> were
> left in the schema though so that the schema is consistent with
> bind-dyndb-ldap supported schema and the support of these options in
> the
> future can be added more seamlessly
> - idnsAllowQuery and idnsAllowTransfer format has changed to follow
> BIND
> format (ACI elements separated with semicolon). An example of such
> element:
>
> ipa dnszone-mod example.com --allow-query="10.0.0.1;!10.0.0.0/8;any;"
>
> This ACI would forbid machine from any IP from 10.0.0.0/8 network
> besides 10.0.0.1 to query the name server. All other machines are
> allowed to issue queries.
Any good reason why this is not a multi-value attribute ?
Do these ACIs need to be ordered ? (that would be probably a good
reason).
Simo.
>
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list