Hi folks
I am in the process of setting up 2 DNS server using debian and configuring it using webmin.
I have reached the stage when I am securing the servers and I am having diffculties in restricting zone transfers to only the servers I have.
I edit the named.conf file and add the following:
acl trusted-servers {
172.16.0.1; //ns2
};
zone test.com {
type master;
file "zones/test.com";
allow-transfer { trusted-servers; };
};
This does seem to work as I can no longer do a ls -d test.com in nslookup.
However if I attempt to make any other DNS / zone record update using webmin the following error is shown when I click apply.
NDC command failed : rndc: connect failed: 127.0.0.1#953: connection refused
I have also tried adding 127.0.0.1 to the trusted-servers ACL, but i still get the error.
I have also tried doing the rule agains the server rather than just the zone as follows
options {
allow-transfer { 172.16.0.1; 127.0.0.1 };
}
How can I enable the zone transfer restriction and still use webmin?
Cheers
I am in the process of setting up 2 DNS server using debian and configuring it using webmin.
I have reached the stage when I am securing the servers and I am having diffculties in restricting zone transfers to only the servers I have.
I edit the named.conf file and add the following:
acl trusted-servers {
172.16.0.1; //ns2
};
zone test.com {
type master;
file "zones/test.com";
allow-transfer { trusted-servers; };
};
This does seem to work as I can no longer do a ls -d test.com in nslookup.
However if I attempt to make any other DNS / zone record update using webmin the following error is shown when I click apply.
NDC command failed : rndc: connect failed: 127.0.0.1#953: connection refused
I have also tried adding 127.0.0.1 to the trusted-servers ACL, but i still get the error.
I have also tried doing the rule agains the server rather than just the zone as follows
options {
allow-transfer { 172.16.0.1; 127.0.0.1 };
}
How can I enable the zone transfer restriction and still use webmin?
Cheers