Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # /etc/bind/named.conf
- include "/etc/bind/named.conf.log";
- include "/etc/bind/named.conf.acl";
- include "/etc/bind/named.conf.options";
- include "/etc/bind/named.conf.controls";
- include "/etc/bind/named.conf.local";
- include "/etc/bind/named.conf.default-zones";
- include "/etc/bind/bind.keys";
- # /etc/bind/named.conf.log
- logging {
- channel default {
- file "/var/log/bind/bind.log" size 5m;
- severity warning;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
- channel security_channel {
- file "/var/log/bind/security.log";
- severity debug;
- print-time yes;
- print-category yes;
- print-severity yes;
- };
- channel xfer_log {
- file "/var/log/bind/xfer.log";
- severity info;
- print-time yes;
- print-category yes;
- print-severity yes;
- };
- channel dnssec {
- file "/var/log/bind/dnssec.log";
- severity info;
- print-time yes;
- print-category yes;
- print-severity yes;
- };
- channel query_log {
- file "/var/log/bind/bind9-query.log";
- severity debug 3;
- print-time yes;
- print-category yes;
- print-severity yes;
- };
- category default { default; };
- category dnssec { dnssec; };
- category security { security_channel; default; };
- category update-security { security_channel; default; };
- category queries { query_log; };
- category xfer-in { xfer_log; };
- category xfer-out { xfer_log; };
- category notify { xfer_log; };
- category lame-servers { null; };
- };
- # /etc/bind/named.conf.acl
- acl locals {
- localhost;
- ::1;
- 127.0.0.1;
- 127.0/8;
- };
- acl mynetworks {
- 192.168.210.0/23; // Static+Dyn LAN via IPv4
- 192.168.220.0/24; // Static+Dyn LAN via IPv4
- 2001:16d8:ddde:10::/63; // Sixxs /48 range
- 2001:16d8:ddde:20::/64; // Sixxs /48 range
- // 2001:X:Y::/48; // routed IPv6 /48
- fe80::/16; // Link-Local IPv6
- };
- acl guestnetwork {
- 192.168.230.0/24; // Guest routed IPv4
- 2001:16d8:ddde:30::/64; // Sixxs /48 range
- };
- acl testnetwork {
- 192.168.240.0/24; // Guest routed IPv4
- 2001:16d8:ddde:40::/64; // Sixxs /48 range
- };
- acl bgp-vpn {
- 192.168.1.11; // cvs on Semark network
- 2001:470:ded5:88::11/128; // cvs on Semark network
- 192.168.1.14;
- 2001:470:ded5:88::14/128;
- };
- acl semark {
- 192.168.0.0/23;
- };
- acl blocked {
- // Put blocked addresses here
- };
- # /etc/bind/named.conf.options
- options {
- directory "/var/cache/bind";
- statistics-file "/var/bind/data/bind_stats.txt";
- memstatistics-file "/var/bind/data/bind_mem_stats.txt";
- forwarders {
- 8.8.8.8;
- 8.8.4.4;
- 2001:4860:4860::8888;
- 2001:4860:4860::8844;
- };
- dnssec-enable yes;
- dnssec-validation yes;
- dnssec-lookaside auto;
- auth-nxdomain no; # conform to RFC1035
- listen-on { any; };
- listen-on-v6 { any; };
- query-source address * ;
- query-source-v6 address * ;
- recursion yes;
- version "REFUSED";
- # provide-ixfr yes;
- # ixfr-from-differences yes;
- allow-query-cache {
- locals;
- mynetworks;
- guestnetwork;
- };
- allow-query {
- locals;
- mynetworks;
- guestnetwork;
- bgp-vpn;
- semark;
- };
- allow-transfer {
- locals;
- bgp-vpn;
- };
- allow-recursion {
- locals;
- mynetworks;
- guestnetwork;
- bgp-vpn;
- };
- blackhole {
- blocked;
- };
- tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
- };
- # /etc/bind/named.conf.controls
- controls {
- inet 127.0.0.1 port 953
- allow { locals; } keys { "rndc-key"; };
- inet ::1 port 953
- allow { locals; } keys { "rndc-key"; };
- };
- # /etc/bind/named.conf.local (only parts of it, but it's the same deal for the rest)
- include "/etc/bind/rndc.key";
- include "/etc/bind/transfer.key";
- include "/etc/bind/zones.rfc1918";
- zone "semarkit.net" {
- type master;
- allow-transfer {
- locals;
- bgp-vpn;
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11;
- };
- file "/etc/bind/master/semarkit.net";
- // DNSSEC
- key-directory "/var/cache/bind";
- update-policy {
- grant "rndc-key" name ANY;
- };
- auto-dnssec maintain;
- inline-signing yes;
- };
- [...]
- zone "dyn.semarkit.net" {
- type master;
- allow-transfer {
- locals;
- bgp-vpn;
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11;
- };
- file "/etc/bind/master/dyn.semarkit.net";
- // DNSSEC
- key-directory "/var/cache/bind";
- update-policy {
- grant "rndc-key" name ANY;
- };
- auto-dnssec maintain;
- inline-signing yes;
- };
- zone "211.168.192.in-addr.arpa" {
- type master;
- allow-transfer {
- locals;
- bgp-vpn;
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11;
- };
- file "/etc/bind/master/db.192.168.255";
- // DNSSEC
- key-directory "/var/cache/bind";
- update-policy {
- grant "rndc-key" tcp-self ANY;
- };
- auto-dnssec maintain;
- inline-signing yes;
- };
- zone "1.1.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
- type master;
- allow-transfer {
- locals;
- bgp-vpn;
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11;
- };
- file "/etc/bind/master/db.2001.470.dd5b.fe.1";
- // DNSSEC
- key-directory "/var/cache/bind";
- update-policy {
- grant "rndc-key" tcp-self ANY;
- };
- auto-dnssec maintain;
- inline-signing yes;
- };
- [...]
- zone "semark.dk" {
- type slave;
- masters { 2001:470:ded5:88::11; };
- file "/etc/bind/slave/semark.dk";
- };
- # /etc/bind/named.conf.default-zones
- // prime the server with knowledge of the root servers
- zone "." {
- type hint;
- file "/etc/bind/db.root";
- };
- zone "localhost" {
- type master;
- file "/etc/bind/db.local";
- };
- zone "127.in-addr.arpa" {
- type master;
- file "/etc/bind/db.127";
- };
- zone "0.in-addr.arpa" {
- type master;
- file "/etc/bind/db.0";
- };
- zone "255.in-addr.arpa" {
- type master;
- file "/etc/bind/db.255";
- };
- # ls -la /etc/bind/
- -rw-r--r-- 1 bind bind 2389 Jan 1 2015 bind.keys
- -rw-r--r-- 1 bind bind 237 Jan 1 2015 db.0
- -rw-r--r-- 1 bind bind 271 Jan 1 2015 db.127
- -rw-r--r-- 1 bind bind 237 Jan 1 2015 db.255
- -rw-r--r-- 1 bind bind 353 Jan 1 2015 db.empty
- -rw-r--r-- 1 bind bind 270 Jan 1 2015 db.local
- -rw-r--r-- 1 bind bind 3171 Jul 2 12:41 db.root
- lrwxrwxrwx 1 root bind 15 Nov 21 12:29 keys -> /var/cache/bind
- drwxrwsrwx 2 bind bind 4096 Nov 21 12:52 master
- -rw-r--r-- 1 bind bind 607 Nov 21 12:43 named.conf
- -rw-r--r-- 1 bind bind 985 Nov 21 09:50 named.conf.acl
- -rw-r--r-- 1 bind bind 141 Nov 21 11:05 named.conf.controls
- -rw-r--r-- 1 bind bind 490 Jan 1 2015 named.conf.default-zones
- -rw-r--r-- 1 bind bind 8299 Nov 21 10:50 named.conf.local
- -rw-r--r-- 1 bind bind 1071 Aug 9 10:47 named.conf.log
- -rw-r--r-- 1 bind bind 1034 Nov 21 12:43 named.conf.options
- -rwxrwxrwx 1 bind bind 77 Jan 27 2015 rndc.key
- drwxr-sr-x 2 bind bind 4096 Nov 19 10:17 slave
- -rw-r----- 1 bind bind 101 Jun 8 2015 transfer.key
- -rw-r--r-- 1 bind bind 1317 Jan 1 2015 zones.rfc1918
- # /etc/bind/rndc.key
- key "rndc-key" {
- algorithm hmac-md5;
- secret "RemovedForSomeReasonOFC";
- };
- # /etc/bind/master/dyn.semarkit.net (before signed)
- $ORIGIN .
- $TTL 86400 ; 1 day
- dyn.semarkit.net IN SOA ns1.static.semarkit.net. zonemaster.static.semarkit.net. (
- 2016112111 ; serial
- 14400 ; refresh (4 hours)
- 7200 ; retry (2 hours)
- 2419200 ; expire (4 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns1.static.semarkit.net.
- NS ns2.static.semarkit.net.
- $ORIGIN dyn.semarkit.net.
- $TTL 3600 ; 1 hour
- somehostname1 A 192.168.211.53
- TXT "029f0efce9cf5ca63568d9a132f26cc86e"
- somehostname2 A 192.168.211.91
- TXT "022699ab2d36dee71a9d8591093e452294"
- # ls -la /etc/bind/master/
- -rw-r--r-- 1 bind bind 4016 Nov 21 01:45 dyn.semarkit.net
- -rw-r--r-- 1 bind bind 512 Nov 21 13:13 dyn.semarkit.net.jbk
- -rw-r--r-- 1 bind bind 3986 Nov 21 13:36 dyn.semarkit.net.signed.jnl
- -rw-r--r-- 1 bind bind 2725 Nov 21 01:45 semarkit.net
- -rw-r--r-- 1 bind bind 512 Nov 21 13:13 semarkit.net.jbk
- -rw-r--r-- 1 bind bind 1666 Nov 21 13:36 semarkit.net.signed.jnl
- # /var/log/syslog
- Nov 21 12:34:10 hds-lenovo named[4361]: starting BIND 9.10.3-P4-Debian <id:ebd72b3> -f -u bind
- Nov 21 12:34:10 hds-lenovo named[4361]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--libdir=/usr/lib/x86_64-linux-gnu' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' '--enable-native-pkcs11' '--with-pkcs11=/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so' 'CFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE' 'LDFLAGS=-fPIE -pie -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2 -DDIG_SIGCHASE'
- Nov 21 12:34:10 hds-lenovo named[4361]: ----------------------------------------------------
- Nov 21 12:34:10 hds-lenovo named[4361]: BIND 9 is maintained by Internet Systems Consortium,
- Nov 21 12:34:10 hds-lenovo named[4361]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
- Nov 21 12:34:10 hds-lenovo named[4361]: corporation. Support and training for BIND 9 are
- Nov 21 12:34:10 hds-lenovo named[4361]: available at https://www.isc.org/support
- Nov 21 12:34:10 hds-lenovo named[4361]: ----------------------------------------------------
- Nov 21 12:34:10 hds-lenovo named[4361]: adjusted limit on open files from 4096 to 1048576
- Nov 21 12:34:10 hds-lenovo named[4361]: found 2 CPUs, using 2 worker threads
- Nov 21 12:34:10 hds-lenovo named[4361]: using 2 UDP listeners per interface
- Nov 21 12:34:10 hds-lenovo named[4361]: using up to 4096 sockets
- Nov 21 12:34:10 hds-lenovo named[4361]: loading configuration from '/etc/bind/named.conf'
- Nov 21 12:34:10 hds-lenovo named[4361]: reading built-in trusted keys from file '/etc/bind/bind.keys'
- Nov 21 12:34:10 hds-lenovo named[4361]: initializing GeoIP Country (IPv4) (type 1) DB
- Nov 21 12:34:10 hds-lenovo named[4361]: GEO-106FREE 20150810 Build
- Nov 21 12:34:10 hds-lenovo named[4361]: initializing GeoIP Country (IPv6) (type 12) DB
- Nov 21 12:34:10 hds-lenovo named[4361]: GEO-106FREE 20150810 Build
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP City (IPv4) (type 2) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP City (IPv4) (type 6) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP City (IPv6) (type 30) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP City (IPv6) (type 31) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP Region (type 3) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP Region (type 7) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP ISP (type 4) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP Org (type 5) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP AS (type 9) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP Domain (type 11) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: GeoIP NetSpeed (type 10) DB not available
- Nov 21 12:34:10 hds-lenovo named[4361]: using default UDP/IPv4 port range: [32768, 61000]
- Nov 21 12:34:10 hds-lenovo named[4361]: using default UDP/IPv6 port range: [32768, 61000]
- Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv6 interfaces, port 53
- Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface lo, 127.0.0.1#53
- Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface vlan10, 192.168.210.5#53
- Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface vlan20, 192.168.220.5#53
- Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface vlan30, 192.168.230.5#53
- Nov 21 12:34:10 hds-lenovo named[4361]: listening on IPv4 interface vlan40, 192.168.240.5#53
- Nov 21 12:34:10 hds-lenovo named[4361]: generating session key for dynamic DNS
- Nov 21 12:34:10 hds-lenovo named[4361]: sizing zone task pool based on 52 zones
- Nov 21 12:34:10 hds-lenovo named[4361]: using built-in DLV key for view _default
- Nov 21 12:34:10 hds-lenovo named[4361]: set up managed keys zone for view _default, file 'managed-keys.bind'
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 64.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 65.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 66.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 67.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 68.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 69.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 70.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 71.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 72.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 73.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 74.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 75.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 76.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 77.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 78.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 79.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 80.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 81.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 82.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 83.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 84.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 85.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 86.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 87.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 88.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 89.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 90.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 91.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 92.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 93.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 94.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 95.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 96.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 97.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 98.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 99.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 100.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 101.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 102.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 103.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 104.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 105.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 106.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 107.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 108.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 109.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 110.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 111.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 112.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 113.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 114.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 115.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 116.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 117.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 118.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 119.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 120.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 121.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 122.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 123.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 124.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 125.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 126.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 127.100.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 254.169.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: D.F.IP6.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 8.E.F.IP6.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 9.E.F.IP6.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: A.E.F.IP6.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: B.E.F.IP6.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: automatic empty zone: EMPTY.AS112.ARPA
- Nov 21 12:34:10 hds-lenovo named[4361]: command channel listening on 127.0.0.1#953
- Nov 21 12:34:10 hds-lenovo named[4361]: command channel listening on ::1#953
- # /var/log/bind/bind.log
- 21-Nov-2016 12:34:10.202 general: warning: /etc/bind/master/semarkit.org:5: ignoring out-of-zone data (semarkit.dk)
- 21-Nov-2016 12:34:10.202 general: warning: /etc/bind/master/semarkit.org:11: ignoring out-of-zone data (semarkit.org)
- 21-Nov-2016 12:34:10.208 general: warning: /etc/bind/master/semarkit.org:8: ignoring out-of-zone data (semarkit.eu)
- 21-Nov-2016 12:34:10.208 general: warning: /etc/bind/master/semarkit.org:11: ignoring out-of-zone data (semarkit.org)
- 21-Nov-2016 12:34:10.208 general: warning: /etc/bind/master/semarkit.org:5: ignoring out-of-zone data (semarkit.dk)
- 21-Nov-2016 12:34:10.208 general: warning: /etc/bind/master/semarkit.org:8: ignoring out-of-zone data (semarkit.eu)
- 21-Nov-2016 12:34:10.214 general: error: zone printers.semarkit.net/IN (signed): journal rollforward failed: journal out of sync with zone
- 21-Nov-2016 12:34:10.214 general: error: zone printers.semarkit.net/IN (signed): not loaded due to errors.
- 21-Nov-2016 12:34:10.214 general: error: zone printers.semarkit.net/IN (signed): receive_secure_db: out of range
- 21-Nov-2016 12:34:10.219 general: error: zone 210.168.192.in-addr.arpa/IN (signed): receive_secure_serial: unchanged
- 21-Nov-2016 12:34:10.219 general: error: zone 230.168.192.in-addr.arpa/IN (signed): receive_secure_serial: unchanged
- 21-Nov-2016 12:34:10.219 general: error: zone 0.1.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa/IN (signed): receive_secure_serial: unchanged
- 21-Nov-2016 12:34:10.229 general: error: zone 200.168.192.in-addr.arpa/IN (signed): receive_secure_serial: unchanged
- # dig -x wiki.semarkit.net @192.168.210.5
- ; <<>> DiG 9.9.5-11-Debian <<>> -x wiki.semarkit.net @192.168.210.5
- ;; global options: +cmd
- ;; connection timed out; no servers could be reached
- # named-checkconf -px
- options {
- blackhole {
- "blocked";
- };
- directory "/var/cache/bind";
- listen-on {
- "any";
- };
- listen-on-v6 {
- "any";
- };
- memstatistics-file "/var/bind/data/bind_mem_stats.txt";
- statistics-file "/var/bind/data/bind_stats.txt";
- tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
- version "REFUSED";
- allow-query-cache {
- "locals";
- "mynetworks";
- "guestnetwork";
- };
- allow-recursion {
- "locals";
- "mynetworks";
- "guestnetwork";
- "bgp-vpn";
- };
- auth-nxdomain no;
- dnssec-enable yes;
- dnssec-lookaside auto;
- dnssec-validation yes;
- query-source address 0.0.0.0 port 0;
- query-source-v6 address :: port 0;
- recursion yes;
- allow-query {
- "locals";
- "mynetworks";
- "guestnetwork";
- "bgp-vpn";
- "semark";
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- };
- forwarders {
- 8.8.8.8;
- 8.8.4.4;
- 2001:4860:4860::8888;
- 2001:4860:4860::8844;
- };
- };
- controls {
- inet 127.0.0.1 port 953 allow {
- "locals";
- } keys {
- "rndc-key";
- };
- inet ::1 port 953 allow {
- "locals";
- } keys {
- "rndc-key";
- };
- };
- acl "locals" {
- "localhost";
- ::1/128;
- 127.0.0.1/32;
- 127.0.0.0/8;
- };
- acl "mynetworks" {
- 192.168.210.0/23;
- 192.168.220.0/24;
- 2001:16d8:ddde:10::/63;
- 2001:16d8:ddde:20::/64;
- fe80::/16;
- };
- acl "guestnetwork" {
- 192.168.230.0/24;
- 2001:16d8:ddde:30::/64;
- };
- acl "testnetwork" {
- 192.168.240.0/24;
- 2001:16d8:ddde:40::/64;
- };
- acl "bgp-vpn" {
- 192.168.1.11/32;
- 2001:470:ded5:88::11/128;
- 192.168.1.14/32;
- 2001:470:ded5:88::14/128;
- };
- acl "semark" {
- 192.168.0.0/23;
- };
- acl "blocked" {
- };
- logging {
- channel "default" {
- file "/var/log/bind/bind.log" size 5242880;
- severity warning;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
- channel "security_channel" {
- file "/var/log/bind/security.log";
- severity debug 1;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
- channel "xfer_log" {
- file "/var/log/bind/xfer.log";
- severity info;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
- channel "dnssec" {
- file "/var/log/bind/dnssec.log";
- severity info;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
- channel "query_log" {
- file "/var/log/bind/bind9-query.log";
- severity debug 3;
- print-time yes;
- print-severity yes;
- print-category yes;
- };
- category "default" {
- "default";
- };
- category "dnssec" {
- "dnssec";
- };
- category "security" {
- "security_channel";
- "default";
- };
- category "update-security" {
- "security_channel";
- "default";
- };
- category "queries" {
- "query_log";
- };
- category "xfer-in" {
- "xfer_log";
- };
- category "xfer-out" {
- "xfer_log";
- };
- category "notify" {
- "xfer_log";
- };
- category "lame-servers" {
- "null";
- };
- };
- key "rndc-key" {
- algorithm "hmac-md5";
- secret "????????????????????????";
- };
- key "transfer-key" {
- algorithm "hmac-md5";
- secret "????????????????????????????????????????????";
- };
- zone "10.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "16.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "17.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "18.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "19.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "20.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "21.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "22.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "23.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "24.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "25.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "26.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "27.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "28.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "29.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "30.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "31.172.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "168.192.in-addr.arpa" {
- type master;
- file "/etc/bind/db.empty";
- };
- zone "semarkit.net" {
- type master;
- file "/etc/bind/master/semarkit.net";
- update-policy {
- grant "rndc-key" name "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "static.semarkit.net" {
- type master;
- file "/etc/bind/master/static.semarkit.net";
- update-policy {
- grant "rndc-key" name "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "210.168.192.in-addr.arpa" {
- type master;
- file "/etc/bind/master/db.192.168.254";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "0.1.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
- type master;
- file "/etc/bind/master/db.2001.470.dd5b.fe.0";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "printers.semarkit.net" {
- type master;
- file "/etc/bind/master/printers.semarkit.net";
- update-policy {
- grant "rndc-key" name "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "220.168.192.in-addr.arpa" {
- type master;
- file "/etc/bind/master/db.192.168.220";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "0.2.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
- type master;
- file "/etc/bind/master/db.2001.470.dd5b.fc";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "management.semarkit.net" {
- type master;
- file "/etc/bind/master/management.semarkit.net";
- update-policy {
- grant "rndc-key" name "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "200.168.192.in-addr.arpa" {
- type master;
- file "/etc/bind/master/db.192.168.200";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "0.0.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
- type master;
- file "/etc/bind/master/db.2001.16d8.ddde.00";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "dyn.semarkit.net" {
- type master;
- file "/etc/bind/master/dyn.semarkit.net";
- update-policy {
- grant "rndc-key" name "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "211.168.192.in-addr.arpa" {
- type master;
- file "/etc/bind/master/db.192.168.255";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "1.1.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
- type master;
- file "/etc/bind/master/db.2001.470.dd5b.fe.1";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- 2001:470:ded5:88::11 ;
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "guest.semarkit.net" {
- type master;
- file "/etc/bind/master/guest.semarkit.net";
- update-policy {
- grant "rndc-key" name "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "230.168.192.in-addr.arpa" {
- type master;
- file "/etc/bind/master/db.192.168.230";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "0.3.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
- type master;
- file "/etc/bind/master/db.2001.470.dd5b.fd";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "test.semarkit.net" {
- type master;
- file "/etc/bind/master/test.semarkit.net";
- update-policy {
- grant "rndc-key" name "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "240.168.192.in-addr.arpa" {
- type master;
- file "/etc/bind/master/db.192.168.240";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "0.4.0.0.e.d.d.d.8.d.6.1.1.0.0.2.ip6.arpa" {
- type master;
- file "/etc/bind/master/db.2001.16d8.ddde.40";
- update-policy {
- grant "rndc-key" tcp-self "ANY" ;
- };
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- also-notify {
- };
- auto-dnssec maintain;
- inline-signing yes;
- key-directory "/var/cache/bind";
- };
- zone "semarkit.dk" {
- type master;
- file "/etc/bind/master/semarkit.org";
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- };
- zone "semarkit.eu" {
- type master;
- file "/etc/bind/master/semarkit.org";
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- };
- zone "semarkit.org" {
- type master;
- file "/etc/bind/master/semarkit.org";
- allow-transfer {
- "locals";
- "bgp-vpn";
- key "transfer-key";
- };
- };
- zone "semark.dk" {
- type slave;
- file "/etc/bind/slave/semark.dk";
- masters {
- 2001:470:ded5:88::11 ;
- };
- };
- zone "static.semark.dk" {
- type slave;
- file "/etc/bind/slave/static.semark.dk";
- masters {
- 2001:470:ded5:88::11 ;
- };
- };
- zone "dyn.semark.dk" {
- type slave;
- file "/etc/bind/slave/dyn.semark.dk";
- masters {
- 2001:470:ded5:88::11 ;
- };
- };
- zone "1.168.192.in-addr.arpa" {
- type slave;
- file "/etc/bind/slave/192.168.1";
- masters {
- 2001:470:ded5:88::11 ;
- };
- };
- zone "0.168.192.in-addr.arpa" {
- type slave;
- file "/etc/bind/slave/192.168.0";
- masters {
- 2001:470:ded5:88::11 ;
- };
- };
- zone "0.0.0.0.8.8.0.0.5.d.e.d.0.7.4.0.1.0.0.2.ip6.arpa" {
- type slave;
- file "/etc/bind/slave/2001:470:ded5:88";
- masters {
- 2001:470:ded5:88::11 ;
- };
- };
- zone "1.0.0.0.8.8.0.0.5.d.e.d.0.7.4.0.1.0.0.2.ip6.arpa" {
- type slave;
- file "/etc/bind/slave/2001.470.ded5.88.0";
- masters {
- 2001:470:ded5:88::11 ;
- };
- };
- zone "." {
- type hint;
- file "/etc/bind/db.root";
- };
- zone "localhost" {
- type master;
- file "/etc/bind/db.local";
- };
- zone "127.in-addr.arpa" {
- type master;
- file "/etc/bind/db.127";
- };
- zone "0.in-addr.arpa" {
- type master;
- file "/etc/bind/db.0";
- };
- zone "255.in-addr.arpa" {
- type master;
- file "/etc/bind/db.255";
- };
- managed-keys {
- "dlv.isc.org." initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2
- brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+
- 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5
- ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk
- Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM
- QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt
- TDN0YUuWrBNh";
- "." initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF
- FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX
- bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD
- X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz
- W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS
- Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq
- QxA+Uk1ihz0=";
- };
- # lsof -nPi | grep -iF named
- named 5766 bind 21u IPv6 44904334 0t0 TCP *:53 (LISTEN)
- named 5766 bind 22u IPv4 44904338 0t0 TCP 127.0.0.1:53 (LISTEN)
- named 5766 bind 23u IPv4 44904340 0t0 TCP 192.168.210.5:53 (LISTEN)
- named 5766 bind 24u IPv4 44904342 0t0 TCP 192.168.220.5:53 (LISTEN)
- named 5766 bind 25u IPv4 44904344 0t0 TCP 192.168.230.5:53 (LISTEN)
- named 5766 bind 26u IPv4 44904346 0t0 TCP 192.168.240.5:53 (LISTEN)
- named 5766 bind 27u IPv4 44904349 0t0 TCP 127.0.0.1:953 (LISTEN)
- named 5766 bind 28u IPv6 44904350 0t0 TCP [::1]:953 (LISTEN)
- named 5766 bind 512u IPv6 44904333 0t0 UDP *:53
- named 5766 bind 513u IPv6 44904333 0t0 UDP *:53
- named 5766 bind 514u IPv4 44904337 0t0 UDP 127.0.0.1:53
- named 5766 bind 515u IPv4 44904337 0t0 UDP 127.0.0.1:53
- named 5766 bind 516u IPv4 44904339 0t0 UDP 192.168.210.5:53
- named 5766 bind 517u IPv4 44904339 0t0 UDP 192.168.210.5:53
- named 5766 bind 518u IPv4 44904341 0t0 UDP 192.168.220.5:53
- named 5766 bind 519u IPv4 44904341 0t0 UDP 192.168.220.5:53
- named 5766 bind 520u IPv4 44904343 0t0 UDP 192.168.230.5:53
- named 5766 bind 521u IPv4 44904343 0t0 UDP 192.168.230.5:53
- named 5766 bind 522u IPv4 44904345 0t0 UDP 192.168.240.5:53
- named 5766 bind 523u IPv4 44904345 0t0 UDP 192.168.240.5:53
- named 5766 bind 524u IPv6 44904352 0t0 UDP [2001:16d8:ddde:10::5]:49082->[2001:4860:4860::8844]:53
- named 5766 bind 525u IPv6 44904353 0t0 UDP [2001:16d8:ddde:10::5]:48415->[2001:4860:4860::8844]:53
- named 5766 bind 526u IPv6 44904354 0t0 UDP [2001:16d8:ddde:10::5]:47717->[2001:4860:4860::8844]:53
- # iptables -vnL --lin
- Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
- num pkts bytes target prot opt in out source destination
- 1 12M 992M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
- num pkts bytes target prot opt in out source destination
- 1 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
- Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
- num pkts bytes target prot opt in out source destination
- 1 5977K 53G ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Add Comment
Please, Sign In to add comment