API tools faq
paste
Advertisement
coco_nk4l

bind9

coco_nk4l
Mar 29th, 2015
290
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.32 KB | None | 0 0
raw download clone embed print report
  1. // acl dari semua network kita
  2. acl "my_network" {
  3. 127.0.0.0/8;
  4. 10.0.0.0/8;
  5. 172.16.0.0/12;
  6. 192.168.0.0/16;
  7. };
  8.  
  9. // acl network yang kita blacklist agar tidak query ke dns cache dan filter
  10. acl "my_network_non_dns" {
  11. 192.168.128.0/21;
  12. 10.255.254.0/23;
  13. };
  14.  
  15. //acl dari network server
  16. acl "servers" {
  17. 10.1.1.0/28;
  18. 10.10.10.0/24;
  19. 127.0.0.1/32;
  20. };
  21. // End of acl zone
  22.  
  23. options {
  24. directory "/etc/bind/data";
  25. dump-file "/var/log/named/named_dump.db";
  26. statistics-file "/var/log/named/named.stats";
  27.  
  28. rate-limit {
  29. responses-per-second 10;
  30. ipv4-prefix-length 32;
  31. exempt-clients { servers; };
  32. };
  33.  
  34. max-cache-size 768M;
  35. dnssec-enable yes;
  36. dnssec-validation no;
  37. dnssec-lookaside auto;
  38. recursive-clients 1000;
  39. tcp-clients 1000;
  40. bindkeys-file "/etc/bind/bind.keys";
  41.  
  42. auth-nxdomain no; # conform to RFC1035
  43. listen-on-v6 { any; };
  44. };
  45.  
  46. logging {
  47. channel default_debug {
  48. file "/var/log/named/bind.log" versions 3 size 5m;
  49. severity dynamic;
  50. print-time yes;
  51. };
  52. };
  53.  
  54. view "cache" {
  55. query-source address 192.168.74.69 port 53;
  56. match-clients { my_network; };
  57. match-destinations { 192.168.74.69; };
  58. allow-query { my_network;};
  59. recursion yes;
  60. notify no;
  61. // # dikomen maksudnya ngambil langsung dari root
  62. // forward first;
  63. // forwarders {
  64. // 103.10.121.34;
  65. // 103.10.121.35;
  66. // };
  67.  
  68. include "/etc/bind/zones.rfc1918";
  69.  
  70. };
  71.  
  72. view "filter" {
  73. attach-cache "cache";
  74. query-source address 192.168.74.70 port 53;
  75. match-clients { my_network; };
  76. match-destinations { 192.168.74.70; };
  77. allow-query { my_network;};
  78. recursion yes;
  79. notify no;
  80.  
  81. dlz "Mysql zone" {
  82. database "mysql
  83. {host=127.0.0.1 dbname=bind9 user=bind9 pass=qweqwe}
  84. {select zone from dns_records where zone = '$zone$'}
  85. {select ttl, type, mx_priority, case when lower(type)='TXT' then concat('\"', data, '\"') when lower(type) = 'SOA' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end from dns_records where zone = '$zone$' and host = '$record$'}";
  86. };
  87.  
  88. };
  89.  
  90. view "auth" {
  91. query-source address 192.168.74.71 port 53;
  92. match-clients { any; };
  93. match-destinations { 192.168.74.71; };
  94. recursion no;
  95. zone "jaringanku.net" {
  96. type master;
  97. file "/etc/bind/data/jaringanku.net";
  98. allow-transfer { 192.168.74.75; };
  99. };
  100. };
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!