HP-UX Reference (11i v3 07/02) - 4 File Formats (vol 8)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

231

232

233

234

235

236

237

238

239

240

named.conf(4) named.conf(4)

(BIND 9.3)

Comment Syntax

Comments in the BIND 9.3 conﬁguration ﬁle can be written in the following styles:

C: /* comment */

C++: // to end of line

UNIX: # to end of line

Note: Unlike a zone ﬁle, you cannot use a semicolon (

;) character to start a comment in the BIND 9.3

conﬁguration ﬁle. The semicolon indicates the end of a conﬁguration statement.

CONFIGURATION FILE GRAMMAR

A BIND 9.3 conﬁguration ﬁle consists of statements and comments. Statements end with a semicolon.

Statements and comments are the only elements that can appear without enclosing braces. Many state-

ments contain a block of substatements, which is terminated with a semicolon. The following statements

are supported:

acl Deﬁnes a named IP address matching list, for access control and other uses.

controls Declares control channels to be used by the rndc utility.

include Includes a ﬁle.

key Speciﬁes key information for use in authentication and authorization using TSIG.

logging Speciﬁes what data the server logs, and where the log messages are sent.

lwres Conﬁgures the name server to also act as a lightweight resolver server.

masters Deﬁnes a masters list for inclusion in masters clauses of stub and slave zone

statements

options Controls global server conﬁguration options and sets defaults for other statements.

server Sets certain conﬁguration options on a per-server basis.

trusted-keys

Deﬁnes trusted DNSSEC keys.

view Deﬁnes a view.

zone Deﬁnes a zone.

The logging and options statements may occur only once per conﬁguration.

The acl Statement

acl Statement Grammar

acl acl-name {

address_match_list

};

acl Statement Deﬁnition and Usage

The acl statement assigns a symbolic name to an address match list. It gets its name from the primary

use of address match lists for Access Control Lists (ACLs). Note that an address match list’s name must be

deﬁned with acl before it can be used elsewhere; no forward references are allowed. The following ACL

names are built-in:

any Matches all hosts.

none Matches no hosts.

localhost Matches the IPv4 addresses of all network interfaces on the system.

localnets Matches any host on an IPv4 network for which the system has an interface.

The localhost and localnets ACLs do not currently support IPv6 (that is, localhost does not

match the host’s IPv6 addresses, and localnets does not match the host’s attached IPv6 networks) due

to the lack of a standard method of determining the complete set of local IPv6 addresses for a host.

HP-UX 11i Version 3: February 2007 − 3 − Hewlett-Packard Company 235