diff options
Diffstat (limited to 'bin/tests/system/transport-acl/ns1/named.conf.in')
| -rw-r--r-- | bin/tests/system/transport-acl/ns1/named.conf.in | 129 |
1 files changed, 129 insertions, 0 deletions
diff --git a/bin/tests/system/transport-acl/ns1/named.conf.in b/bin/tests/system/transport-acl/ns1/named.conf.in new file mode 100644 index 0000000..cf0ccd5 --- /dev/null +++ b/bin/tests/system/transport-acl/ns1/named.conf.in @@ -0,0 +1,129 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +include "../../common/rndc.key"; + +controls { + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +tls self-signed { + cert-file "../self-signed-cert.pem"; + key-file "../self-signed-key.pem"; +}; + +options { + pid-file "named.pid"; + ## + # generic test + listen-on port @PORT@ { 10.53.0.1; }; + listen-on port @TLSPORT@ tls self-signed { 10.53.0.1; }; + # test #1 + listen-on port @EXTRAPORT1@ { 10.53.0.1; }; + listen-on port @EXTRAPORT1@ tls self-signed { 10.53.0.2; }; + listen-on port @EXTRAPORT2@ { 10.53.0.1; }; + listen-on port @EXTRAPORT2@ tls self-signed { 10.53.0.2; }; + # test #2 + listen-on port @EXTRAPORT1@ { 10.53.0.3; }; + listen-on port @EXTRAPORT2@ { 10.53.0.3; }; + listen-on port @EXTRAPORT1@ tls self-signed { 10.53.0.4; }; + listen-on port @EXTRAPORT2@ tls self-signed { 10.53.0.4; }; + # test #3 + listen-on port @EXTRAPORT3@ tls self-signed { 10.53.0.3; }; + listen-on port @EXTRAPORT4@ tls self-signed { 10.53.0.3; }; + listen-on port @EXTRAPORT3@ { 10.53.0.4; }; + listen-on port @EXTRAPORT4@ { 10.53.0.4; }; + # test #4 + listen-on port @EXTRAPORT1@ { 10.53.0.5; }; + listen-on port @EXTRAPORT2@ { 10.53.0.5; }; + listen-on port @EXTRAPORT1@ tls self-signed { 10.53.0.6; }; + # test #5 + listen-on port @EXTRAPORT3@ tls self-signed { 10.53.0.1; }; + listen-on port @EXTRAPORT4@ tls self-signed { 10.53.0.1; }; + listen-on port @EXTRAPORT3@ { 10.53.0.2; }; + # test #6 + listen-on port @EXTRAPORT5@ { 10.53.0.1; }; + # test #7 + listen-on port @EXTRAPORT6@ tls self-signed { 10.53.0.1; }; + # test #7 + listen-on port @EXTRAPORT7@ tls self-signed { 10.53.0.1; }; + # test #8 + listen-on port @EXTRAPORT8@ { 10.53.0.1; }; + ## + listen-on-v6 { none; }; + recursion no; + notify explicit; + statistics-file "named.stats"; + dnssec-validation yes; + tcp-initial-timeout 1200; +}; + +zone "example0" { + type primary; + file "example.db"; + allow-transfer port @TLSPORT@ transport tls { any; }; +}; + +zone "example1" { + type primary; + file "example.db"; + allow-transfer port @EXTRAPORT1@ { any; }; +}; + +zone "example2" { + type primary; + file "example.db"; + allow-transfer transport tcp { any; }; +}; + +zone "example3" { + type primary; + file "example.db"; + allow-transfer transport tls { any; }; +}; + +zone "example4" { + type primary; + file "example.db"; + allow-transfer port @EXTRAPORT1@ transport tcp { any; }; +}; + +zone "example5" { + type primary; + file "example.db"; + allow-transfer port @EXTRAPORT3@ transport tls { any; }; +}; + +zone "example6" { + type primary; + file "example.db"; + allow-transfer port @EXTRAPORT5@ transport tcp { 10.53.0.7; 10.53.0.8; 10.53.0.9; }; +}; + +zone "example7" { + type primary; + file "example.db"; + allow-transfer port @EXTRAPORT6@ transport tls { 10.53.0.7; 10.53.0.8; 10.53.0.9; }; +}; + +zone "example8" { + type primary; + file "example.db"; + allow-transfer port @EXTRAPORT7@ transport tls { 10.53.0.1; 10.53.0.2; 10.53.0.3; }; +}; + +zone "example9" { + type primary; + file "example.db"; + allow-transfer port @EXTRAPORT8@ transport tcp { 10.53.0.7; !10.53.0.8; 10.53.0.9; }; +}; |