| 1 |
idl0r 13/02/28 22:45:54 |
| 2 |
|
| 3 |
Modified: named.cache |
| 4 |
Added: named.conf-r6 |
| 5 |
Log: |
| 6 |
Add bind-9.8.4_p1, bug 459518. Update named.cache, bug 456396. Fix named.cache/root.cache symlink and include the real file instead of the symlink, bug 450406. |
| 7 |
|
| 8 |
(Portage version: 2.2.0_alpha163/cvs/Linux x86_64, signed Manifest commit with key B427ABC8) |
| 9 |
|
| 10 |
Revision Changes Path |
| 11 |
1.3 net-dns/bind/files/named.cache |
| 12 |
|
| 13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.cache?rev=1.3&view=markup |
| 14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.cache?rev=1.3&content-type=text/plain |
| 15 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.cache?r1=1.2&r2=1.3 |
| 16 |
|
| 17 |
Index: named.cache |
| 18 |
=================================================================== |
| 19 |
RCS file: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.cache,v |
| 20 |
retrieving revision 1.2 |
| 21 |
retrieving revision 1.3 |
| 22 |
diff -u -r1.2 -r1.3 |
| 23 |
--- named.cache 29 May 2012 10:37:50 -0000 1.2 |
| 24 |
+++ named.cache 28 Feb 2013 22:45:54 -0000 1.3 |
| 25 |
@@ -9,8 +9,8 @@ |
| 26 |
; on server FTP.INTERNIC.NET |
| 27 |
; -OR- RS.INTERNIC.NET |
| 28 |
; |
| 29 |
-; last update: Jun 8, 2011 |
| 30 |
-; related version of root zone: 2011060800 |
| 31 |
+; last update: Jan 3, 2013 |
| 32 |
+; related version of root zone: 2013010300 |
| 33 |
; |
| 34 |
; formerly NS.INTERNIC.NET |
| 35 |
; |
| 36 |
@@ -31,7 +31,7 @@ |
| 37 |
; FORMERLY TERP.UMD.EDU |
| 38 |
; |
| 39 |
. 3600000 NS D.ROOT-SERVERS.NET. |
| 40 |
-D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 |
| 41 |
+D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 |
| 42 |
D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D |
| 43 |
; |
| 44 |
; FORMERLY NS.NASA.GOV |
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
1.1 net-dns/bind/files/named.conf-r6 |
| 49 |
|
| 50 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.conf-r6?rev=1.1&view=markup |
| 51 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.conf-r6?rev=1.1&content-type=text/plain |
| 52 |
|
| 53 |
Index: named.conf-r6 |
| 54 |
=================================================================== |
| 55 |
/* |
| 56 |
* Refer to the named.conf(5) and named(8) man pages, and the documentation |
| 57 |
* in /usr/share/doc/bind-9 for more details. |
| 58 |
* Online versions of the documentation can be found here: |
| 59 |
* http://www.isc.org/software/bind/documentation |
| 60 |
* |
| 61 |
* If you are going to set up an authoritative server, make sure you |
| 62 |
* understand the hairy details of how DNS works. Even with simple mistakes, |
| 63 |
* you can break connectivity for affected parties, or cause huge amounts of |
| 64 |
* useless Internet traffic. |
| 65 |
*/ |
| 66 |
|
| 67 |
acl "xfer" { |
| 68 |
/* Deny transfers by default except for the listed hosts. |
| 69 |
* If we have other name servers, place them here. |
| 70 |
*/ |
| 71 |
none; |
| 72 |
}; |
| 73 |
|
| 74 |
/* |
| 75 |
* You might put in here some ips which are allowed to use the cache or |
| 76 |
* recursive queries |
| 77 |
*/ |
| 78 |
acl "trusted" { |
| 79 |
127.0.0.0/8; |
| 80 |
::1/128; |
| 81 |
}; |
| 82 |
|
| 83 |
options { |
| 84 |
directory "/var/bind"; |
| 85 |
pid-file "/var/run/named/named.pid"; |
| 86 |
|
| 87 |
/* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ |
| 88 |
//bindkeys-file "/etc/bind/bind.keys"; |
| 89 |
|
| 90 |
listen-on-v6 { ::1; }; |
| 91 |
listen-on { 127.0.0.1; }; |
| 92 |
|
| 93 |
allow-query { |
| 94 |
/* |
| 95 |
* Accept queries from our "trusted" ACL. We will |
| 96 |
* allow anyone to query our master zones below. |
| 97 |
* This prevents us from becoming a free DNS server |
| 98 |
* to the masses. |
| 99 |
*/ |
| 100 |
trusted; |
| 101 |
}; |
| 102 |
|
| 103 |
allow-query-cache { |
| 104 |
/* Use the cache for the "trusted" ACL. */ |
| 105 |
trusted; |
| 106 |
}; |
| 107 |
|
| 108 |
allow-recursion { |
| 109 |
/* Only trusted addresses are allowed to use recursion. */ |
| 110 |
trusted; |
| 111 |
}; |
| 112 |
|
| 113 |
allow-transfer { |
| 114 |
/* Zone tranfers are denied by default. */ |
| 115 |
none; |
| 116 |
}; |
| 117 |
|
| 118 |
allow-update { |
| 119 |
/* Don't allow updates, e.g. via nsupdate. */ |
| 120 |
none; |
| 121 |
}; |
| 122 |
|
| 123 |
/* |
| 124 |
* If you've got a DNS server around at your upstream provider, enter its |
| 125 |
* IP address here, and enable the line below. This will make you benefit |
| 126 |
* from its cache, thus reduce overall DNS traffic in the Internet. |
| 127 |
* |
| 128 |
* Uncomment the following lines to turn on DNS forwarding, and change |
| 129 |
* and/or update the forwarding ip address(es): |
| 130 |
*/ |
| 131 |
/* |
| 132 |
forward first; |
| 133 |
forwarders { |
| 134 |
// 123.123.123.123; // Your ISP NS |
| 135 |
// 124.124.124.124; // Your ISP NS |
| 136 |
// 4.2.2.1; // Level3 Public DNS |
| 137 |
// 4.2.2.2; // Level3 Public DNS |
| 138 |
8.8.8.8; // Google Open DNS |
| 139 |
8.8.4.4; // Google Open DNS |
| 140 |
}; |
| 141 |
|
| 142 |
*/ |
| 143 |
|
| 144 |
//dnssec-enable yes; |
| 145 |
//dnssec-validation yes; |
| 146 |
|
| 147 |
/* |
| 148 |
* As of bind 9.8.0: |
| 149 |
* "If the root key provided has expired, |
| 150 |
* named will log the expiration and validation will not work." |
| 151 |
*/ |
| 152 |
//dnssec-validation auto; |
| 153 |
|
| 154 |
/* if you have problems and are behind a firewall: */ |
| 155 |
//query-source address * port 53; |
| 156 |
}; |
| 157 |
|
| 158 |
/* |
| 159 |
logging { |
| 160 |
channel default_log { |
| 161 |
file "/var/log/named/named.log" versions 5 size 50M; |
| 162 |
print-time yes; |
| 163 |
print-severity yes; |
| 164 |
print-category yes; |
| 165 |
}; |
| 166 |
|
| 167 |
category default { default_log; }; |
| 168 |
category general { default_log; }; |
| 169 |
}; |
| 170 |
*/ |
| 171 |
|
| 172 |
include "/etc/bind/rndc.key"; |
| 173 |
controls { |
| 174 |
inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; |
| 175 |
}; |
| 176 |
|
| 177 |
zone "." in { |
| 178 |
type hint; |
| 179 |
file "/var/bind/named.cache"; |
| 180 |
}; |
| 181 |
|
| 182 |
zone "localhost" IN { |
| 183 |
type master; |
| 184 |
file "pri/localhost.zone"; |
| 185 |
notify no; |
| 186 |
}; |
| 187 |
|
| 188 |
zone "127.in-addr.arpa" IN { |
| 189 |
type master; |
| 190 |
file "pri/127.zone"; |
| 191 |
notify no; |
| 192 |
}; |
| 193 |
|
| 194 |
/* |
| 195 |
* Briefly, a zone which has been declared delegation-only will be effectively |
| 196 |
* limited to containing NS RRs for subdomains, but no actual data beyond its |
| 197 |
* own apex (for example, its SOA RR and apex NS RRset). This can be used to |
| 198 |
* filter out "wildcard" or "synthesized" data from NAT boxes or from |
| 199 |
* authoritative name servers whose undelegated (in-zone) data is of no |
| 200 |
* interest. |
| 201 |
* See http://www.isc.org/software/bind/delegation-only for more info |
| 202 |
*/ |
| 203 |
|
| 204 |
//zone "COM" { type delegation-only; }; |
| 205 |
//zone "NET" { type delegation-only; }; |
| 206 |
|
| 207 |
//zone "YOUR-DOMAIN.TLD" { |
| 208 |
// type master; |
| 209 |
// file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; |
| 210 |
// allow-query { any; }; |
| 211 |
// allow-transfer { xfer; }; |
| 212 |
//}; |
| 213 |
|
| 214 |
//zone "YOUR-SLAVE.TLD" { |
| 215 |
// type slave; |
| 216 |
// file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; |
| 217 |
// masters { <MASTER>; }; |
| 218 |
|
| 219 |
/* Anybody is allowed to query but transfer should be controlled by the master. */ |
| 220 |
// allow-query { any; }; |
| 221 |
// allow-transfer { none; }; |
| 222 |
|
| 223 |
/* The master should be the only one who notifies the slaves, shouldn't it? */ |
| 224 |
// allow-notify { <MASTER>; }; |
| 225 |
// notify no; |
| 226 |
//}; |
Archives