Include all other files, too
This commit is contained in:
parent
b2c971db62
commit
7c1f7f8300
9
.gitignore
vendored
9
.gitignore
vendored
|
@ -1,7 +1,14 @@
|
|||
#alle Dateie ignorieren...
|
||||
*
|
||||
/secrets.conf
|
||||
*.private
|
||||
*.key
|
||||
/bind.keys
|
||||
db*
|
||||
/slave/ffa.zone
|
||||
/zones.rfc1918
|
||||
|
||||
#ausser...
|
||||
!named.conf
|
||||
!/master
|
||||
!/master/*
|
||||
!.gitignore
|
||||
|
|
87
ffhh.conf
Normal file
87
ffhh.conf
Normal file
|
@ -0,0 +1,87 @@
|
|||
# Keys we allow for editing
|
||||
|
||||
include "/etc/bind/secrets.conf";
|
||||
|
||||
#Zones WE have authority over!
|
||||
|
||||
#Apperantly for ffhh.
|
||||
zone "ffhh" IN {
|
||||
type master;
|
||||
file "/etc/bind/master/db.ffhh";
|
||||
allow-transfer { any; };
|
||||
also-notify {
|
||||
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
|
||||
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
|
||||
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
|
||||
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
|
||||
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
|
||||
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
|
||||
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
|
||||
};
|
||||
allow-update { key srv01-zone-key.; key srv01-userdomain-key.; };
|
||||
};
|
||||
|
||||
zone "hamburg.freifunk.net" IN {
|
||||
type master;
|
||||
allow-transfer {
|
||||
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
|
||||
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
|
||||
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
|
||||
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
|
||||
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
|
||||
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
|
||||
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
|
||||
81.7.15.101; # named.exosphere.de
|
||||
78.47.49.236; # ns.ohrensessel.net
|
||||
};
|
||||
also-notify {
|
||||
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
|
||||
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
|
||||
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
|
||||
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
|
||||
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
|
||||
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
|
||||
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
|
||||
81.7.15.101; # named.exosphere.de
|
||||
78.47.49.236; # ns.ohrensessel.net
|
||||
};
|
||||
file "/etc/bind/master/db.net.freifunk.hamburg";
|
||||
};
|
||||
|
||||
#And the reverse Zone for our IPv4 subnet
|
||||
zone "112.10.in-addr.arpa" IN {
|
||||
type master;
|
||||
file "/etc/bind/master/db.arpa.in-addr.10.112";
|
||||
allow-transfer { any; };
|
||||
also-notify {
|
||||
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
|
||||
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
|
||||
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
|
||||
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
|
||||
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
|
||||
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
|
||||
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
|
||||
};
|
||||
allow-update { key srv01-zone-key.; };
|
||||
};
|
||||
|
||||
#And the reverse Zone for our IPv6 prefix
|
||||
zone "d.0.d.f.2.b.b.2.1.5.d.f.ip6.arpa" IN {
|
||||
type master;
|
||||
file "/etc/bind/master/db.arpa.ip6.f.d.5.1.2.b.b.2.f.d.0.d";
|
||||
allow-transfer { any; };
|
||||
also-notify {
|
||||
10.112.14.1; fd51:2bb2:fd0d::e01; #gw01
|
||||
10.112.18.1; fd51:2bb2:fd0d::d01; #gw05
|
||||
10.112.16.1; fd51:2bb2:fd0d::a01; #gw07
|
||||
10.112.22.1; fd51:2bb2:fd0d::b01; #gw08
|
||||
10.112.24.1; fd51:2bb2:fd0d::901; #gw09
|
||||
10.112.30.1; fd51:2bb2:fd0d::501; #gw12
|
||||
10.112.32.1; fd51:2bb2:fd0d::401; #gw13
|
||||
};
|
||||
allow-update { key srv01-zone-key.; };
|
||||
};
|
||||
|
||||
include "/etc/bind/forward-zones.conf";
|
||||
include "/etc/bind/mirror-zones.conf";
|
||||
|
50
forward-zones.conf
Normal file
50
forward-zones.conf
Normal file
|
@ -0,0 +1,50 @@
|
|||
## Freifunk Augsburg
|
||||
zone "ffa" in {
|
||||
type forward;
|
||||
forwarders { 10.11.10.15; 10.11.0.8; };
|
||||
};
|
||||
|
||||
#DN42
|
||||
zone "dn42" {
|
||||
type forward;
|
||||
forwarders { 172.22.0.53; };
|
||||
};
|
||||
zone "22.172.in-addr.arpa" {
|
||||
type forward;
|
||||
forwarders { 172.22.0.53; };
|
||||
};
|
||||
zone "23.172.in-addr.arpa" {
|
||||
type forward;
|
||||
forwarders { 172.22.0.53; };
|
||||
};
|
||||
|
||||
zone "hack" IN {
|
||||
type static-stub;
|
||||
server-addresses { 172.31.0.5; };
|
||||
};
|
||||
zone "31.172.in-addr.arpa" IN {
|
||||
type static-stub;
|
||||
server-addresses { 172.31.0.5; };
|
||||
};
|
||||
zone "100.10.in-addr.arpa" IN {
|
||||
type static-stub;
|
||||
server-addresses { 172.31.0.5; };
|
||||
};
|
||||
zone "101.10.in-addr.arpa" IN {
|
||||
type static-stub;
|
||||
server-addresses { 172.31.0.5; };
|
||||
};
|
||||
zone "102.10.in-addr.arpa" IN {
|
||||
type static-stub;
|
||||
server-addresses { 172.31.0.5; };
|
||||
};
|
||||
zone "103.10.in-addr.arpa" IN {
|
||||
type static-stub;
|
||||
server-addresses { 172.31.0.5; };
|
||||
};
|
||||
//Freifunk Chemnitz .ffc
|
||||
zone "ffc" in {
|
||||
type forward;
|
||||
forwarders { 10.8.6.6; };
|
||||
};
|
||||
|
18
mirror-zones.conf
Normal file
18
mirror-zones.conf
Normal file
|
@ -0,0 +1,18 @@
|
|||
#Freifunk Luebeck
|
||||
zone "ffhl" IN {
|
||||
type slave;
|
||||
file "/etc/bind/slave/db.ffhl";
|
||||
masters { fdef:ffc0:3dd7::a01; fdef:ffc0:3dd7::c01; fdef:ffc0:3dd7::e01; 10.130.10.1; 10.130.12.1; 10.130.14.1; };
|
||||
allow-transfer { any; };
|
||||
forwarders { };
|
||||
};
|
||||
|
||||
#Freifunk Kiel
|
||||
zone "ffki" IN {
|
||||
type slave;
|
||||
file "/etc/bind/slave/db.ffki";
|
||||
masters { fda1:384a:74de:4242::1; fda1:384a:74de:4242::2; };
|
||||
allow-transfer { any; };
|
||||
forwarders { };
|
||||
};
|
||||
|
12
named.conf
Normal file
12
named.conf
Normal file
|
@ -0,0 +1,12 @@
|
|||
// This is the primary configuration file for the BIND DNS server named.
|
||||
//
|
||||
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
|
||||
// structure of BIND configuration files in Debian, *BEFORE* you customize
|
||||
// this configuration file.
|
||||
//
|
||||
// If you are just adding zones, please do that in /etc/bind/named.conf.local
|
||||
|
||||
include "/etc/bind/named.conf.options";
|
||||
include "/etc/bind/named.conf.local";
|
||||
include "/etc/bind/named.conf.default-zones";
|
||||
include "/etc/bind/ffhh.conf";
|
30
named.conf.default-zones
Normal file
30
named.conf.default-zones
Normal file
|
@ -0,0 +1,30 @@
|
|||
// prime the server with knowledge of the root servers
|
||||
zone "." {
|
||||
type hint;
|
||||
file "/etc/bind/db.root";
|
||||
};
|
||||
|
||||
// be authoritative for the localhost forward and reverse zones, and for
|
||||
// broadcast zones as per RFC 1912
|
||||
|
||||
zone "localhost" {
|
||||
type master;
|
||||
file "/etc/bind/db.local";
|
||||
};
|
||||
|
||||
zone "127.in-addr.arpa" {
|
||||
type master;
|
||||
file "/etc/bind/db.127";
|
||||
};
|
||||
|
||||
zone "0.in-addr.arpa" {
|
||||
type master;
|
||||
file "/etc/bind/db.0";
|
||||
};
|
||||
|
||||
zone "255.in-addr.arpa" {
|
||||
type master;
|
||||
file "/etc/bind/db.255";
|
||||
};
|
||||
|
||||
|
8
named.conf.local
Normal file
8
named.conf.local
Normal file
|
@ -0,0 +1,8 @@
|
|||
//
|
||||
// Do any local configuration here
|
||||
//
|
||||
|
||||
// Consider adding the 1918 zones here, if they are not used in your
|
||||
// organization
|
||||
//include "/etc/bind/zones.rfc1918";
|
||||
# Conflicts with DN42
|
29
named.conf.options
Normal file
29
named.conf.options
Normal file
|
@ -0,0 +1,29 @@
|
|||
options {
|
||||
directory "/var/cache/bind";
|
||||
|
||||
// If there is a firewall between you and nameservers you want
|
||||
// to talk to, you may need to fix the firewall to allow multiple
|
||||
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
|
||||
|
||||
// If your ISP provided one or more IP addresses for stable
|
||||
// nameservers, you probably want to use them as forwarders.
|
||||
// Uncomment the following block, and insert the addresses replacing
|
||||
// the all-0's placeholder.
|
||||
|
||||
// forwarders {
|
||||
// 0.0.0.0;
|
||||
// };
|
||||
|
||||
//========================================================================
|
||||
// If BIND logs error messages about the root key being expired,
|
||||
// you will need to update your keys. See https://www.isc.org/bind-keys
|
||||
//========================================================================
|
||||
dnssec-validation no;
|
||||
|
||||
auth-nxdomain no; # conform to RFC1035
|
||||
listen-on-v6 { any; };
|
||||
|
||||
edns-udp-size 512;
|
||||
max-udp-size 512;
|
||||
};
|
||||
|
Loading…
Reference in a new issue