forked from infra/ansible
dns_intern: make compatiable with Debian 12
This commit is contained in:
parent
7ba5813e39
commit
d0429f9984
@ -10,11 +10,11 @@ newServer({address='127.0.0.1:5353', pool='resolve'})
|
||||
|
||||
{% if dns_secondary is defined %}
|
||||
-- allow AXFR/IXFR only from slaves
|
||||
addAction(AndRule({OrRule({QTypeRule(dnsdist.AXFR), QTypeRule(dnsdist.IXFR)}), NotRule(makeRule("{{ dns_secondary }}"))}), RCodeAction(dnsdist.REFUSED))
|
||||
addAction(AndRule({OrRule({QTypeRule(DNSQType.AXFR), QTypeRule(DNSQType.IXFR)}), NotRule(makeRule("{{ dns_secondary }}"))}), RCodeAction(DNSRCode.REFUSED))
|
||||
{% endif %}
|
||||
|
||||
-- allow NOTIFY only from master
|
||||
addAction(AndRule({OpcodeRule(DNSOpcode.Notify), NotRule(makeRule("{{ dns_primary }}"))}), RCodeAction(dnsdist.REFUSED))
|
||||
addAction(AndRule({OpcodeRule(DNSOpcode.Notify), NotRule(makeRule("{{ dns_primary }}"))}), RCodeAction(DNSRCode.REFUSED))
|
||||
|
||||
-- use auth servers for own zones
|
||||
addAction('binary.kitchen', PoolAction('authdns'))
|
||||
|
Loading…
Reference in New Issue
Block a user