Denying AXFR on Freebsd
markus.heimhilcher at univie.ac.at
Tue May 10 16:49:42 CEST 2005
I have problems denying AXFRs with nsd.
This topic has been discussed here once, but the solutions don't work
I am using nsd 2.3 compiled with --with-libwrap on Freebsd 5.3.
I tried all variations of deny statemens in hosts.allow / hosts.deny like:
axfr: ALL : deny
axfr-zone.: ALL : deny
ALL : ALL : deny
When testing the tcp wrapper rules with tcpdmatch everything seems ok.
The nsd log is also very quiet about AXFRs taking place.
The only working option to deny AXFRs is to compile nsd without AXFR
Could this be a bug of nsd on this platform?
Besides, when will there be the possibility to configure the AXFR
permissions in a seperate file?
According to Bugzilla this feature should already be included in the 2.3
release of nsd.
More information about the nsd-users