Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

named.conf

By: synthnassizer on Aug 1st, 2013  |  syntax: None  |  size: 4.55 KB  |  views: 58  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. root@stargaze:~# cat /etc/named.conf
  2.  
  3. include "/etc/rndc.key";
  4.  
  5. acl skails_dns {
  6.         192.168.26.1/32;
  7.         192.168.112.118/32;
  8.         };
  9. acl synthnassizer_dns {
  10.         192.168.26.6/32;
  11.         192.168.114.4/32;
  12.         };
  13. acl dsa_dns {
  14.         192.168.26.18/32;
  15.         192.168.18.10/32;
  16.         };
  17. acl m2g_dns {
  18.         192.168.26.14/32;
  19.         };
  20. acl vpn_my_self {
  21.         192.168.26.1/32;
  22.         };
  23. acl outbound_subnet {
  24.         192.168.231.0/24;
  25.         };
  26. acl dsa_office_subnet {
  27.         192.168.18.0/24;
  28.         };
  29. acl skails_subnet {
  30.         192.168.112.0/24;
  31.         };
  32. acl synthnassizer_subnet {
  33.         192.168.114.0/24;
  34.         };
  35. acl local_host {
  36.         127.0.0.1/32;
  37.         };
  38. acl local_nets {
  39.         local_host;
  40.         skails_subnet;
  41.         };
  42. acl vpn_subnet {
  43.         192.168.26.0/24;
  44.         };
  45. acl other_subnets {
  46.         outbound_subnet;
  47.         };
  48. acl trusted_subnets {
  49.         local_nets;
  50.         vpn_subnet;
  51.         synthnassizer_subnet;
  52.         dsa_office_subnet;
  53.         skails_dns;
  54.         synthnassizer_dns;
  55.         dsa_dns;
  56.         m2g_dns;
  57.         };
  58. acl all_my_nets {
  59.         trusted_subnets;
  60.         other_subnets;
  61.         };
  62.  
  63. options {
  64.         directory "/var/named";
  65.         /*
  66.          * If there is a firewall between you and nameservers you want
  67.          * to talk to, you might need to uncomment the query-source
  68.          * directive below.  Previous versions of BIND always asked
  69.          * questions using port 53, but BIND 8.1 uses an unprivileged
  70.          * port by default.
  71.          */
  72.         // query-source address * port 53;
  73.         forwarders {
  74. //              192.168.231.117;        //modem
  75.                 62.169.194.17;          //Tellas primary
  76.                 62.169.194.18;          //Tellas secondary
  77. //              195.170.0.1;            //otenet
  78. //              193.92.150.3;           // ForthnetDNS For Attiki
  79.                 208.67.222.222;         //openDNS primary
  80.                 8.8.8.8;                //googleDNS1
  81.                 212.70.194.244;         //TEE primary
  82.                 208.67.220.220;         //openDNS secondary
  83.                 8.8.4.4;                //googleDNS2
  84.                 212.70.194.250;         //TEE secondary
  85.                 };
  86.         forward first;
  87.  
  88.         allow-recursion { trusted_subnets; }; //for whom will bind go the extra mile to find the final address
  89.         listen-on { trusted_subnets; }; //ifs on which bind listens for queries
  90.         allow-transfer { trusted_subnets; };
  91.         allow-query { trusted_subnets; };
  92. };
  93.  
  94. logging {
  95.         channel "notice_log" {
  96.                 file "/var/log/named/notice.log" versions 5 size 2m;
  97.                 severity warning;
  98.                 print-category yes;
  99.                 print-severity yes;
  100.                 print-time yes;
  101.                 };
  102.         category default { notice_log; };
  103.         channel "queries_log" {
  104.                 file "/var/log/named/queries.log" versions 5 size 2m;
  105.                 severity warning;
  106.                 print-category yes;
  107.                 print-severity yes;
  108.                 print-time yes;
  109.                 };
  110.         category queries { queries_log; };
  111. };
  112.  
  113. controls {
  114.         inet 127.0.0.1 port 953 allow { local_host; } keys { rndc-key; };
  115. };
  116.  
  117. //
  118. // a caching only nameserver config
  119. //
  120. zone "." IN {
  121.         type hint;
  122.         file "caching-example/named.root";
  123. };
  124.  
  125. zone "localhost" IN {
  126.         type master;
  127.         file "caching-example/localhost.zone";
  128.         allow-update { none; };
  129. };
  130.  
  131. zone "0.0.127.in-addr.arpa" IN {
  132.         type master;
  133.         file "caching-example/named.local";
  134.         allow-update { none; };
  135. };
  136. zone "skails.home" {
  137.         type master;
  138.         file "/var/named/skails.home.hosts";
  139.         notify yes;
  140.         allow-update { key rndc-key; };
  141. };
  142. zone "112.168.192.in-addr.arpa" {
  143.         type master;
  144.         file "/var/named/192.168.112.rev";
  145.         notify yes;
  146.         allow-update { key rndc-key; };
  147. };
  148. zone "dsaconsultants.office" {
  149.         type slave;
  150.         file "/var/named/dsaconsultants.office.hosts";
  151.         masters { 192.168.18.10; };
  152. };
  153. zone "18.168.192.in-addr.arpa" {
  154.         type slave;
  155.         file "/var/named/192.168.18.rev";
  156.         masters { 192.168.18.10; };
  157. };
  158. zone "synthnassizer.home" {
  159.         type slave;
  160.         file "/var/named/synthnassizer.home.hosts";
  161.         masters { 192.168.114.4; };
  162. };
  163. zone "114.168.192.in-addr.arpa" {
  164.         type slave;
  165.         file "/var/named/192.168.114.rev";
  166.         masters { 192.168.114.4; };
  167. };