class named::primary inherits named::authoritative {
include dnsextras::entries
- @ferm::rule { '01-dsa-bind-4':
+ ferm::rule { '01-dsa-bind-4':
domain => '(ip ip6)',
description => 'Allow nameserver access',
rule => '&TCP_UDP_SERVICE_RANGE(53, ( $HOST_DNS_GEO $HOST_NAGIOS $HOST_RCODE0 $HOST_EASYDNS $HOST_NETNOD ) )',
dnsnodeapi-ACL;
};
also-notify {
+ rcode0-masters;
+ dnsnode-masters;
+ dnsnodeapi-masters;
};
key-directory "/srv/dns.debian.org/var/keys/_openpgpkey.debian.org";