From: Andreas Gustafsson Date: Thu, 29 Nov 2001 22:55:52 +0000 (+0000) Subject: pullup: clarified the meaning of * in an inet controls clause [RT #2073] X-Git-Tag: v9.2.0^2~84 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=6b53351ce233eb4909dd2b31118d3b08a6623e9c;p=thirdparty%2Fbind9.git pullup: clarified the meaning of * in an inet controls clause [RT #2073] --- diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml index 708a2943d9e..c0752060e1c 100644 --- a/doc/arm/Bv9ARM-book.xml +++ b/doc/arm/Bv9ARM-book.xml @@ -2,7 +2,7 @@ - + BIND 9 Administrator Reference Manual @@ -2209,12 +2209,20 @@ complete set of local IPv6 addresses for a host. used by the rndc utility to send commands to and retrieve non-DNS results from a nameserver. - An inet control channel is a TCP/IP - socket accessible to the Internet, created at the specified + An inet control channel is a TCP + socket listening at the specified ip_port on the specified - ip_addr. If no port is specified, port 953 - is used by default. "*" cannot be used for - ip_port. + ip_addr, which can be an IPv4 or IPv6 + address. An ip_addr + of * is interpreted as the IPv4 wildcard + address; connections will be accepted on any of the system's + IPv4 addresses. To listen on the IPv6 wildcard address, + use an ip_addr of ::. + If you will only use rndc on the local host, + using the loopback address (127.0.0.1 + or ::1) is recommended for maximum + security. + The ability to issue commands over the control channel is restricted by the allow and