Red Hat LINUX 7.2 Reference Manual page 226

226
Figure 14–2 Sample organization of /etc/named.conf
<statement-1> [" <statement-1-name> "] [ <statement-1-class> ] {
<option-1> ;
<option-2> ;
<option-N> ;
};
<statement-2> [" <statement-2-name> "] [ <statement-2-class> ] {
<option-1> ;
<option-2> ;
<option-N> ;
};
<statement-N> [" <statement-N-name> "] [ <statement-N-class> ] {
<option-1> ;
<option-2> ;
<option-N> ;
};
The " <statement-name> " is only needed with acl, include, server, view, and zone
statements. The <statement-N-class> may only be specified with the zone statement.
Comments may be placed in /etc/named in nested C-style characters /* */ or after // and #
characters.
The following statements may be used in /etc/named.conf:
• acl <acl-name> — Configures an access control list of IP addresses to be allowed or disal-
lowed certain named services. Most of the time, individual IP addresses or IP network notation
(such as 10.0.1.0/24) is used identify the exact IPs.
A few access control lists are already defined, so you do not have to configure an acl statement
to define them:
– any — Matches every IP address.
– localhost — Matches any IP address in use by the local system.
– localnets — Matches any IP address on any network that the local system connects to
with its interfaces.
– none — Matches no IP addresses.
When utilized with other /etc/named.conf statements and their options, acl statements can
be very useful in ensuring the proper use of your BIND nameserver. Consider the example in
Figure 14–3, Example of acl statements in use.
Chapter 14:Berkeley Internet Name Domain (BIND)