|
|
@@ -2109,8 +2109,9 @@ what is XfroutClient xfr_client??
|
|
|
Multiple rules can be specified in the ACL, and an ACL rule
|
|
|
can consist of multiple constraints, such as a combination of
|
|
|
IP address and TSIG.
|
|
|
- The following configuration sequence will add to the previous
|
|
|
- ACL a rule that allows update requests sent from a client
|
|
|
+ The following configuration sequence will add a new rule to
|
|
|
+ ACL created in the above example. This additional rule
|
|
|
+ allows update requests sent from a client
|
|
|
using TSIG key name of "key.example" and has an IPv6 address of ::1.
|
|
|
<screen>
|
|
|
> <userinput>config add DDNS/zones[0]/update_acl {"action": "ACCEPT", "from": "::1", "key": "key.example"}</userinput>
|
|
|
@@ -2119,6 +2120,12 @@ DDNS/zones[0]/update_acl[0] {"action": "ACCEPT", "key": "key.example.org"} a
|
|
|
DDNS/zones[0]/update_acl[1] {"action": "ACCEPT", "from": "::1", "key": "key.example"} any (modified)
|
|
|
> <userinput>config commit</userinput>
|
|
|
</screen>
|
|
|
+ (Note the "add" in the first line. Before this sequence, we
|
|
|
+ have had only entry in zones[0]/update_acl. The "add" command
|
|
|
+ with a value (rule) adds a new entry and sets it to the given rule.
|
|
|
+ Due to a limitation of the current implementation, it doesn't
|
|
|
+ work if you first try to just add a new entry and then set it to
|
|
|
+ a given rule).
|
|
|
</para>
|
|
|
|
|
|
<note><simpara>
|
JINMEI Tatuya