blob: 52a7482ac8dd8683a7abd466087829ce59992c22 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
/*
* Main rpz test DNS server.
*/
options {
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port @PORT@;
pid-file "named.pid";
statistics-file "named.stats";
session-keyfile "session.key";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };
notify no;
response-policy {
zone "bl" max-policy-ttl 100;
zone "bl-2";
zone "bl-given" policy given recursive-only yes;
zone "bl-passthru" policy passthru;
zone "bl-no-op" policy no-op; # obsolete for passthru
zone "bl-disabled" policy disabled;
zone "bl-nodata" policy nodata recursive-only no;
zone "bl-nxdomain" policy nxdomain;
zone "bl-cname" policy cname txt-only.tld2.;
zone "bl-wildcname" policy cname *.tld4.;
zone "bl-garden" policy cname a12.tld2.;
zone "bl-drop" policy drop;
zone "bl-tcp-only" policy tcp-only;
zone "bl.tld2";
}
min-ns-dots 0
qname-wait-recurse yes
;
};
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls {
inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "." { type hint; file "hints"; };
zone "bl." {type master; file "bl.db";
allow-update {any;};};
zone "bl-2." {type master; file "bl-2.db";
allow-update {any;};};
zone "bl-given." {type master; file "bl-given.db";
allow-update {any;};};
zone "bl-passthru." {type master; file "bl-passthru.db";
allow-update {any;};};
zone "bl-no-op." {type master; file "bl-no-op.db";
allow-update {any;};};
zone "bl-disabled." {type master; file "bl-disabled.db";
allow-update {any;};};
zone "bl-nodata." {type master; file "bl-nodata.db";
allow-update {any;};};
zone "bl-nxdomain." {type master; file "bl-nxdomain.db";
allow-update {any;};};
zone "bl-cname." {type master; file "bl-cname.db";
allow-update {any;};};
zone "bl-wildcname." {type master; file "bl-wildcname.db";
allow-update {any;};};
zone "bl-garden." {type master; file "bl-garden.db";
allow-update {any;};};
zone "bl-drop." {type master; file "bl-drop.db";
allow-update {any;};};
zone "bl-tcp-only." {type master; file "bl-tcp-only.db";
allow-update {any;};};
zone "bl.tld2." {type slave; file "bl.tld2.db"; masters {10.53.0.2;};
request-ixfr no; masterfile-format text;};
zone "crash1.tld2" {type master; file "crash1";};
zone "crash2.tld3." {type master; file "crash2";};
|
