These are chat archives for CZ-NIC/knot-resolver

17th
Jan 2019
micah
@micah
Jan 17 18:55
I have a policy for ipv4 that allows my network to query knot-resolver, but nobody outside the network. I added ipv6 addresses, and I tried to add these lines to the policy, but I'm still refused:
view:addr('[2620:13:4000::]/48', function (req, qry) return policy.PASS end)
view:addr('[::0]/0', function (req, qry) return policy.DROP end)
I tried to put the /48 and /0 inside of the [] but it didn't seem to change anything
micah
@micah
Jan 17 20:37
seems I should not use [] -- but I do need it in the systemd override files... confusing