[Opendnssec-user] ODS 1.4.0 trunk - ACL notify doesn't work
Daniel Salzman
daniel.salzman at nic.cz
Wed May 23 14:16:12 UTC 2012
Hi,
I don't understand how to set up
Adapter/DNS/Inbound/AllowNotify/Peer/Prefix.
It doesn't matter which address or prefix I use (for IPv4 with the same
result, I think). In all cases "no acl matches".
For <Prefix>2001:1488:ac14:1400::/24</Prefix>:
May 23 15:52:58 dsl-test ods-signerd: [socket] incoming udp message
May 23 15:52:58 dsl-test ods-signerd: [query] tsig ok
May 23 15:52:58 dsl-test ods-signerd: [query] incoming notify for zone
aaa.cz
May 23 15:52:58 dsl-test ods-signerd: [query] notify for zone aaa.cz
from client 2001:1488:ac14:1400:dd0e:13ae:a784:97da refused: no acl matches
May 23 15:52:58 dsl-test ods-signerd: [query] refused
May 23 15:52:58 dsl-test ods-signerd: [socket] query processed qstate=0
May 23 15:52:58 dsl-test ods-signerd: [socket] sending 162 bytes over udp
May 23 15:52:58 dsl-test ods-signerd: [dnshandler] netio dispatch
==============
For <Prefix>2001:1488:ac14:1400:dd0e:13ae:a784:97da</Prefix>:
May 23 15:50:35 dsl-test ods-signerd: [socket] incoming udp message
May 23 15:50:35 dsl-test ods-signerd: [query] tsig ok
May 23 15:50:35 dsl-test ods-signerd: [query] incoming notify for zone
aaa.cz
May 23 15:50:35 dsl-test ods-signerd: [acl] no match: tsig present but
no config
May 23 15:50:35 dsl-test ods-signerd: [query] notify for zone aaa.cz
from client 2001:1488:ac14:1400:dd0e:13ae:a784:97da refused: no acl matches
May 23 15:50:35 dsl-test ods-signerd: [query] refused
May 23 15:50:35 dsl-test ods-signerd: [socket] query processed qstate=0
May 23 15:50:35 dsl-test ods-signerd: [socket] sending 162 bytes over udp
May 23 15:50:35 dsl-test ods-signerd: [dnshandler] netio dispatch
Thanks
Dan
More information about the Opendnssec-user
mailing list