
Here are the patches to bind-4.9.4-REL to support 
the 'noforward' directive and instructions for
building and using a modified bind.

1.  You must '#define NOFORWARD' for the modifications 
to be enabled.  The best way to do this is to add it to 
conf/options.h, but you have to do that yourself, by hand.
You can also edit the main Makefile and add '-DNOFORWARD'
to the CPPFLAGS for your platform.

2.  Apply the patches to the files in the 'named' sub-
directory.  The syntax might be:

  patch -i xxx.patch

It will, of course, depend on your platform's version of 
the patch utility.  The man pages are highly recommended.

3.  Move to the top level directory and run make.  After
it builds correctly, do a 'make install' or whatever
you need to do to get the modified 'named' executable
put in the right place.

4.  Add one or more 'noforward' directives to named.boot
as required.  For instance, if you wanted to prevent
forwarding for domain 'nutsnbolts.com' (and everything
under it), add the following line to named.boot:

	noforward	nutsnbolts.com

You might also want to exclude address->name maps.  For
example, if nutsnbolts.com corresponds to network 
192.168.0.0, you might add the following:

	noforward	168.192.in-addr.arpa

Note that you can list multiple domains in a single
'noforward' directive:

	noforward	nutsnbolts.com 168.192.in-addr.arpa

5.  Restart your server to load the new config.

That's all there is to it (in a perfect world)!

Todd.Aven@BankersTrust.Com
26 July 1996
