BIND 8.1.2 Release Notes
New and Changed Features
New Features
Chapter 122
You can restrict access to the server based on the IP address of the
requesting system.
allow-query { address_match_list };
The allow_query option specifies the hosts that are allowed to ask
ordinary questions. You can also specify the allow-query option in the
zone statement, which overrides the options allow-query statement.
By default, it allows queries from all hosts.
allow-transfer { address_match_list };
The allow-transfer option specifies the hosts that are allowed to
receive zone transfers from the server. You can also specify the
allow-transfer option in the zone statement, which overrides the
options allow-transfer statement. By default, it allows transfers
from all hosts.
Interfaces Option
The interface option is as follows:
listen-on [ port ip_port ] { address_match_list };
The listen-on option specifies the interfaces and ports from which the
server answers the queries. You can specify an optional port and
address_match_list in the listen-on option. The server listens on
all the interfaces allowed by the address_match_list.
You can specify multiple listen-on statements. For example,
listen-on { 5.6.7.8; };
listen-on port 1234 { !1.2.3.4; 1.2/16; };
If the listen-on option is not specified, the server listens on port 53 on
all the interfaces.
Query Address Option
The query address option is as follows:
query-source [address (ip_addr |*)] [port(ip_port|*)] ;
When a server is unaware of an answer to a question, it queries other
name servers for the answer. The query-source option specifies the
address and port that can be used for such queries. If an address is * or
is omitted, a wild card IP address (INADDR_ANY) is used. If port is*or
is omitted, a random unprivileged port is used. The default query
address option is: