plugin/bind: exclude interface or ip address (#4543)

* plugin/bind: exclude interface or ip address

Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>

* fix README.md

Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>

* Apply suggestions, Fix test

Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>

* Apply suggestions, move errs to setup

Signed-off-by: Mohammad Yosefpor <myusefpur@gmail.com>

plugin/bind/README.md

@@ -17,13 +17,25 @@ If the given argument is an interface name, and that interface has serveral IP a
 
 ## Syntax
 
+In its basic form, a simple bind uses this syntax:
+
 ~~~ txt
-bind ADDRESS  ...
+bind ADDRESS|IFACE  ...
 ~~~
 
-**ADDRESS** is an IP address to bind to.
-When several addresses are provided a listener will be opened on each of the addresses.
+You can also exclude some addresses with their IP address or interface name in expanded syntax:
 
+~~~
+bind ADDRESS|IFACE ... {
+    except ADDRESS|IFACE ...
+}
+~~~
+
+
+
+* **ADDRESS|IFACE** is an IP address or interface name to bind to.
+When several addresses are provided a listener will be opened on each of the addresses. Please read the *Description* for more details.
+* `except`, excludes interfaces or IP addresses to bind to. `except` option only excludes addresses for the current `bind` directive if multiple `bind` directives are used in the same server block.
 ## Examples
 
 To make your socket accessible only to that machine, bind to IP 127.0.0.1 (localhost):
@@ -60,6 +72,16 @@ The following server block, binds on localhost with its interface name (both "12
 }
 ~~~
 
+You can exclude some addresses by their IP or interface name (The following will only listen on `::1` or whatever addresses have been assigned to the `lo` interface):
+
+~~~ corefile
+. {
+    bind lo {
+        except 127.0.0.1
+    }
+}
+~~~
+
 ## Bugs
 
 When defining more than one server block, take care not to bind more than one server to the same
@@ -78,4 +100,4 @@ a.bad.example.com {
 bad.example.com {
     forward . 5.6.7.8
 }
-```
+```