diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 07:24:22 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 07:24:22 +0000 |
commit | 45d6379135504814ab723b57f0eb8be23393a51d (patch) | |
tree | d4f2ec4acca824a8446387a758b0ce4238a4dffa /bin/tests/system/checkconf/good.conf | |
parent | Initial commit. (diff) | |
download | bind9-45d6379135504814ab723b57f0eb8be23393a51d.tar.xz bind9-45d6379135504814ab723b57f0eb8be23393a51d.zip |
Adding upstream version 1:9.16.44.upstream/1%9.16.44
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'bin/tests/system/checkconf/good.conf')
-rw-r--r-- | bin/tests/system/checkconf/good.conf | 289 |
1 files changed, 289 insertions, 0 deletions
diff --git a/bin/tests/system/checkconf/good.conf b/bin/tests/system/checkconf/good.conf new file mode 100644 index 0000000..0ecdb68 --- /dev/null +++ b/bin/tests/system/checkconf/good.conf @@ -0,0 +1,289 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +/* + * This is just a random selection of configuration options. + */ + +/* cut here */ +dnssec-policy "test" { + dnskey-ttl 3600; + keys { + ksk key-directory lifetime P1Y algorithm 13 256; + zsk key-directory lifetime P30D algorithm 13; + csk key-directory lifetime P30D algorithm 8 2048; + }; + max-zone-ttl 86400; + nsec3param ; + parent-ds-ttl 7200; + parent-propagation-delay PT1H; + publish-safety PT3600S; + purge-keys P90D; + retire-safety PT3600S; + signatures-refresh P3D; + signatures-validity P2W; + signatures-validity-dnskey P14D; + zone-propagation-delay PT5M; +}; +options { + avoid-v4-udp-ports { + 100; + }; + avoid-v6-udp-ports { + 100; + }; + blackhole { + 10.0.0.0/8; + }; + coresize 1073741824; + datasize 104857600; + directory "."; + dscp 41; + dump-file "named_dumpdb"; + files 1000; + heartbeat-interval 30; + hostname none; + interface-interval 30; + keep-response-order { + 10.0.10.0/24; + }; + listen-on port 90 { + "any"; + }; + listen-on port 100 dscp 33 { + 127.0.0.1/32; + }; + listen-on-v6 port 53 dscp 57 { + "none"; + }; + match-mapped-addresses yes; + memstatistics-file "named.memstats"; + pid-file none; + port 5300; + querylog yes; + recursing-file "named.recursing"; + recursive-clients 3000; + serial-query-rate 100; + server-id none; + update-quota 200; + check-names primary warn; + check-names secondary ignore; + max-cache-size 20000000000000; + nta-lifetime 604800; + nta-recheck 604800; + validate-except { + "corp"; + }; + dnssec-policy "test"; + max-ixfr-ratio 90%; + transfer-source 0.0.0.0 dscp 63; + zone-statistics none; +}; +parental-agents "parents" { + 10.10.10.11; + 10.10.10.12; +}; +view "first" { + match-clients { + "none"; + }; + zone "example1" { + type master; + file "xxx"; + update-policy local; + max-ixfr-ratio 20%; + notify-source 10.10.10.10 port 53 dscp 55; + }; + zone "clone" { + type master; + file "yyy"; + inline-signing yes; + max-ixfr-ratio unlimited; + }; + dnssec-validation auto; + zone-statistics terse; +}; +view "second" { + match-clients { + "any"; + }; + zone "example1" { + type master; + file "zzz"; + update-policy local; + zone-statistics yes; + }; + zone "example2" { + type static-stub; + forward only; + forwarders { + 10.53.0.4; + }; + zone-statistics no; + }; + zone "example3" { + type static-stub; + server-addresses { + 1.2.3.4; + }; + }; + zone "clone" { + in-view "first"; + }; + zone "." { + type redirect; + masters { + 1.2.3.4; + }; + }; + dnssec-validation auto; + zone-statistics full; +}; +view "third" { + match-clients { + "none"; + }; + zone "clone" { + in-view "first"; + forward only; + forwarders { + 10.0.0.100; + }; + }; + zone "dnssec" { + type master; + file "file"; + allow-update { + "any"; + }; + dnssec-policy "default"; + }; + zone "p" { + type primary; + file "pfile"; + inline-signing yes; + }; + zone "s" { + type secondary; + file "sfile"; + inline-signing yes; + masters { + 1.2.3.4; + }; + notify primary-only; + }; +}; +view "fourth" { + zone "dnssec-test" { + type master; + file "dnssec-test.db"; + inline-signing yes; + parental-agents { + 1.2.3.4; + 1.2.3.5; + }; + dnssec-policy "test"; + parental-source 10.10.10.10 port 53 dscp 55; + }; + zone "dnssec-default" { + type master; + file "dnssec-default.db"; + inline-signing yes; + parental-agents { + "parents"; + }; + dnssec-policy "default"; + }; + zone "dnssec-inherit" { + type master; + file "dnssec-inherit.db"; + inline-signing yes; + }; + zone "dnssec-none" { + type master; + file "dnssec-none.db"; + dnssec-policy "none"; + }; + zone "dnssec-view1" { + type master; + file "dnssec-view41.db"; + inline-signing yes; + dnssec-policy "test"; + }; + zone "dnssec-view2" { + type master; + file "dnssec-view42.db"; + inline-signing yes; + }; + zone "dnssec-view3" { + type master; + file "dnssec-view43.db"; + dnssec-policy "none"; + key-directory "keys"; + }; + zone "dnssec-view4" { + type master; + file "dnssec-view44.db"; + dnssec-policy "none"; + }; + dnssec-policy "default"; + key-directory "."; +}; +view "fifth" { + zone "dnssec-view1" { + type master; + file "dnssec-view51.db"; + inline-signing yes; + dnssec-policy "test"; + }; + zone "dnssec-view2" { + type master; + file "dnssec-view52.db"; + inline-signing yes; + dnssec-policy "test"; + key-directory "keys"; + }; + zone "dnssec-view3" { + type master; + file "dnssec-view53.db"; + inline-signing yes; + dnssec-policy "default"; + key-directory "keys"; + }; + zone "dnssec-view4" { + type master; + file "dnssec-view54.db"; + dnssec-policy "none"; + }; + key-directory "."; +}; +view "chaos" chaos { + zone "hostname.bind" chaos { + type master; + database "_builtin hostname"; + inline-signing yes; + }; +}; +dyndb "name" "library.so" { + this; + \}; + is a { + "test" { \{ of; the; }; + } bracketed; + "text \""; + system; +}; +key "mykey" { + algorithm "hmac-md5"; + secret "qwertyuiopasdfgh"; +}; |