From: Otto Moerbeek Date: Fri, 6 May 2022 09:54:23 +0000 (+0200) Subject: Document meaning of empty allow-from X-Git-Tag: rec-4.6.3~3^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F11633%2Fhead;p=thirdparty%2Fpdns.git Document meaning of empty allow-from (cherry picked from commit a75c8e8019462827dae4599b6a24ef7a0645c30c) --- diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst index 0bb4de78d7..0aa80cfda3 100644 --- a/pdns/recursordist/docs/settings.rst +++ b/pdns/recursordist/docs/settings.rst @@ -42,6 +42,7 @@ To use this, DNSSEC processing or validation must be enabled by setting `dnssec` Netmasks (both IPv4 and IPv6) that are allowed to use the server. The default allows access only from :rfc:`1918` private IP addresses. +An empty value means no checking is done, all clients are allowed. Due to the aggressive nature of the internet these days, it is highly recommended to not open up the recursor for the entire internet. Questions from IP addresses not listed here are ignored and do not get an answer.