Specifications

DNS — Domain Name Service

allow-query 127.0.0.1; 192.168.1/24; ; deﬁnes the networks from which

clients can post DNS requests. The /24 at the end is an abbreviated

expression for the netmask, in this case 255.255.255.0.

allow-transfer ! *; ; controls which hosts can request zone transfers. This

example cuts them off completely due to the ! *. Without this entry,

zone transfers can be requested anywhere without restrictions.

statistics-interval 0; In the absence of this entry, BIND8 generates several

lines of statistical information in /var/log/messages. Specifying

0 suppresses these completely. Otherwise the time in minutes can be

given here.

cleaning-interval 720; This option deﬁnes at which time intervals BIND8

clears its cache. This triggers an entry in /var/log/messages each time

it occurs. The time speciﬁcation is in minutes. The default is 60 min-

utes.

interface-interval 0; BIND8 regularly searches the network interfaces for

new or no longer existing interfaces. If this value is set to 0, this will

not be carried out and BIND8 will only listen at the interfaces detected

at start-up. Otherwise, the interval can be deﬁned in minutes. The de-

fault is 60 minutes.

notify no; no prevents other name servers from being informed when

changes are made to the zone data or when the name server is

restarted.

The Conﬁguration Section “Logging”

What, how, and where archiving takes place can be extensively conﬁgured in

BIND8. Normally, the default settings should be sufﬁcient. File 10 represents

the simplest form of such an entry and will completely suppress any logging:

logging {

category default { null; };

};

File 10: Entry to Suppress Logging

161SuSE Linux – Firewall on CD2