Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@stargaze:~# cat /etc/named.conf
- include "/etc/rndc.key";
- acl skails_dns {
- 192.168.26.1/32;
- 192.168.112.118/32;
- };
- acl synthnassizer_dns {
- 192.168.26.6/32;
- 192.168.114.4/32;
- };
- acl dsa_dns {
- 192.168.26.18/32;
- 192.168.18.10/32;
- };
- acl m2g_dns {
- 192.168.26.14/32;
- };
- acl vpn_my_self {
- 192.168.26.1/32;
- };
- acl outbound_subnet {
- 192.168.231.0/24;
- };
- acl dsa_office_subnet {
- 192.168.18.0/24;
- };
- acl skails_subnet {
- 192.168.112.0/24;
- };
- acl synthnassizer_subnet {
- 192.168.114.0/24;
- };
- acl local_host {
- 127.0.0.1/32;
- };
- acl local_nets {
- local_host;
- skails_subnet;
- };
- acl vpn_subnet {
- 192.168.26.0/24;
- };
- acl other_subnets {
- outbound_subnet;
- };
- acl trusted_subnets {
- local_nets;
- vpn_subnet;
- synthnassizer_subnet;
- dsa_office_subnet;
- skails_dns;
- synthnassizer_dns;
- dsa_dns;
- m2g_dns;
- };
- acl all_my_nets {
- trusted_subnets;
- other_subnets;
- };
- options {
- directory "/var/named";
- /*
- * If there is a firewall between you and nameservers you want
- * to talk to, you might need to uncomment the query-source
- * directive below. Previous versions of BIND always asked
- * questions using port 53, but BIND 8.1 uses an unprivileged
- * port by default.
- */
- // query-source address * port 53;
- forwarders {
- // 192.168.231.117; //modem
- 62.169.194.17; //Tellas primary
- 62.169.194.18; //Tellas secondary
- // 195.170.0.1; //otenet
- // 193.92.150.3; // ForthnetDNS For Attiki
- 208.67.222.222; //openDNS primary
- 8.8.8.8; //googleDNS1
- 212.70.194.244; //TEE primary
- 208.67.220.220; //openDNS secondary
- 8.8.4.4; //googleDNS2
- 212.70.194.250; //TEE secondary
- };
- forward first;
- allow-recursion { trusted_subnets; }; //for whom will bind go the extra mile to find the final address
- listen-on { trusted_subnets; }; //ifs on which bind listens for queries
- allow-transfer { trusted_subnets; };
- allow-query { trusted_subnets; };
- };
- logging {
- channel "notice_log" {
- file "/var/log/named/notice.log" versions 5 size 2m;
- severity warning;
- print-category yes;
- print-severity yes;
- print-time yes;
- };
- category default { notice_log; };
- channel "queries_log" {
- file "/var/log/named/queries.log" versions 5 size 2m;
- severity warning;
- print-category yes;
- print-severity yes;
- print-time yes;
- };
- category queries { queries_log; };
- };
- controls {
- inet 127.0.0.1 port 953 allow { local_host; } keys { rndc-key; };
- };
- //
- // a caching only nameserver config
- //
- zone "." IN {
- type hint;
- file "caching-example/named.root";
- };
- zone "localhost" IN {
- type master;
- file "caching-example/localhost.zone";
- allow-update { none; };
- };
- zone "0.0.127.in-addr.arpa" IN {
- type master;
- file "caching-example/named.local";
- allow-update { none; };
- };
- zone "skails.home" {
- type master;
- file "/var/named/skails.home.hosts";
- notify yes;
- allow-update { key rndc-key; };
- };
- zone "112.168.192.in-addr.arpa" {
- type master;
- file "/var/named/192.168.112.rev";
- notify yes;
- allow-update { key rndc-key; };
- };
- zone "dsaconsultants.office" {
- type slave;
- file "/var/named/dsaconsultants.office.hosts";
- masters { 192.168.18.10; };
- };
- zone "18.168.192.in-addr.arpa" {
- type slave;
- file "/var/named/192.168.18.rev";
- masters { 192.168.18.10; };
- };
- zone "synthnassizer.home" {
- type slave;
- file "/var/named/synthnassizer.home.hosts";
- masters { 192.168.114.4; };
- };
- zone "114.168.192.in-addr.arpa" {
- type slave;
- file "/var/named/192.168.114.rev";
- masters { 192.168.114.4; };
- };
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement