Include all other files, too

This commit is contained in:
root 2014-09-15 21:02:49 +02:00
parent b2c971db62
commit 7c1f7f8300
8 changed files with 242 additions and 1 deletions

9
.gitignore vendored
View file

@ -1,7 +1,14 @@
#alle Dateie ignorieren...
*
/secrets.conf
*.private
*.key
/bind.keys
db*
/slave/ffa.zone
/zones.rfc1918
#ausser...
!named.conf
!/master
!/master/*
!.gitignore

87
ffhh.conf Normal file
View file

@ -0,0 +1,87 @@
# Keys we allow for editing
include "/etc/bind/secrets.conf";
#Zones WE have authority over!
#Apperantly for ffhh.
zone "ffhh" IN {
type master;
file "/etc/bind/master/db.ffhh";
allow-transfer { any; };
also-notify {
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
};
allow-update { key srv01-zone-key.; key srv01-userdomain-key.; };
};
zone "hamburg.freifunk.net" IN {
type master;
allow-transfer {
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
81.7.15.101; # named.exosphere.de
78.47.49.236; # ns.ohrensessel.net
};
also-notify {
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
81.7.15.101; # named.exosphere.de
78.47.49.236; # ns.ohrensessel.net
};
file "/etc/bind/master/db.net.freifunk.hamburg";
};
#And the reverse Zone for our IPv4 subnet
zone "112.10.in-addr.arpa" IN {
type master;
file "/etc/bind/master/db.arpa.in-addr.10.112";
allow-transfer { any; };
also-notify {
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
};
allow-update { key srv01-zone-key.; };
};
#And the reverse Zone for our IPv6 prefix
zone "d.0.d.f.2.b.b.2.1.5.d.f.ip6.arpa" IN {
type master;
file "/etc/bind/master/db.arpa.ip6.f.d.5.1.2.b.b.2.f.d.0.d";
allow-transfer { any; };
also-notify {
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
};
allow-update { key srv01-zone-key.; };
};
include "/etc/bind/forward-zones.conf";
include "/etc/bind/mirror-zones.conf";

50
forward-zones.conf Normal file
View file

@ -0,0 +1,50 @@
## Freifunk Augsburg
zone "ffa" in {
type forward;
forwarders { 10.11.10.15; 10.11.0.8; };
};
#DN42
zone "dn42" {
type forward;
forwarders { 172.22.0.53; };
};
zone "22.172.in-addr.arpa" {
type forward;
forwarders { 172.22.0.53; };
};
zone "23.172.in-addr.arpa" {
type forward;
forwarders { 172.22.0.53; };
};
zone "hack" IN {
type static-stub;
server-addresses { 172.31.0.5; };
};
zone "31.172.in-addr.arpa" IN {
type static-stub;
server-addresses { 172.31.0.5; };
};
zone "100.10.in-addr.arpa" IN {
type static-stub;
server-addresses { 172.31.0.5; };
};
zone "101.10.in-addr.arpa" IN {
type static-stub;
server-addresses { 172.31.0.5; };
};
zone "102.10.in-addr.arpa" IN {
type static-stub;
server-addresses { 172.31.0.5; };
};
zone "103.10.in-addr.arpa" IN {
type static-stub;
server-addresses { 172.31.0.5; };
};
//Freifunk Chemnitz .ffc
zone "ffc" in {
type forward;
forwarders { 10.8.6.6; };
};

18
mirror-zones.conf Normal file
View file

@ -0,0 +1,18 @@
#Freifunk Luebeck
zone "ffhl" IN {
type slave;
file "/etc/bind/slave/db.ffhl";
masters { fdef:ffc0:3dd7::a01; fdef:ffc0:3dd7::c01; fdef:ffc0:3dd7::e01; 10.130.10.1; 10.130.12.1; 10.130.14.1; };
allow-transfer { any; };
forwarders { };
};
#Freifunk Kiel
zone "ffki" IN {
type slave;
file "/etc/bind/slave/db.ffki";
masters { fda1:384a:74de:4242::1; fda1:384a:74de:4242::2; };
allow-transfer { any; };
forwarders { };
};

12
named.conf Normal file
View file

@ -0,0 +1,12 @@
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
include "/etc/bind/ffhh.conf";

30
named.conf.default-zones Normal file
View file

@ -0,0 +1,30 @@
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};

8
named.conf.local Normal file
View file

@ -0,0 +1,8 @@
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
# Conflicts with DN42

29
named.conf.options Normal file
View file

@ -0,0 +1,29 @@
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation no;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
edns-udp-size 512;
max-udp-size 512;
};