Hello again,
while reading the manpage not all questions are answer to me...
# man unbound.conf
access-control:
...
By default only localhost is allowed ...
I read it like "if you do not configure any access-control at all, then localhost is allowed,
all other addresses are refused"
Imagin this line:
access-control: 192.0.2.0/24
Is access still allowed from localhost while not explicit declared?
Yes, I tried and it looks so.
- This should be added to the documentation.
- in this example 193.0.2.0/24 *is* refused
but I have to write an explizit rule to *disallow* localhost
The manpage could be more precise here ...
Andreas