[BlueOnyx:11636] Re: BIND config
Gerald Waugh
gwaugh at frontstreetnetworks.com
Sat Oct 27 06:47:22 -05 2012
On 10/26/2012 08:07 PM, George F. Nemeyer wrote:
> On Fri, 26 Oct 2012, Gerald Waugh wrote:
>
>> I have used this on several servers and it works, the gui does not help,
>> tried it.
>>
>> In /etc/maned.conf
>> options {
>> recursion no;
>> };
> I hope you meant "named.conf", not "maned".. which was the point of my
> poor attempt at humor from the first message
;-)
> If the BX GUI isn't making the proper recursion on/off entries, or isn't
> showing the actual state of the settings, then it really needs to be
> fixed.
>
On the servers I changed, I actually made changes to;
/usr/sausalito/handlers/base/dns/dns_generate.pl
always noted in the admin server log I maintain.
WAS
# set up recursion access
my $recursionInet = "// recursion access denied\n";
# $recursionInet .= " allow-recursion { none; };";
if ($obj->{recursion_inetaddr}) {
$recursionInet = "allow-recursion { "
. join("; ", $main::cce->scalar_to_array($obj->{recursion_inetaddr}))
. "; };";
}
IS
# set up recursion access
my $recursionInet = "recursion no;\n";
# $recursionInet .= " allow-recursion { none; };";
# if ($obj->{recursion_inetaddr}) {
# $recursionInet = "allow-recursion { "
# . join("; ",
$main::cce->scalar_to_array($obj->{recursion_inetaddr}))
# . "; };";
# }
I assume if /usr/sausalito/handlers/base/dns/dns_generate.pl is updated
it will be gone.
Worth the risk???
--
Gerald
More information about the Blueonyx
mailing list