1 |
idl0r 13/02/28 22:45:54 |
2 |
|
3 |
Modified: named.cache |
4 |
Added: named.conf-r6 |
5 |
Log: |
6 |
Add bind-9.8.4_p1, bug 459518. Update named.cache, bug 456396. Fix named.cache/root.cache symlink and include the real file instead of the symlink, bug 450406. |
7 |
|
8 |
(Portage version: 2.2.0_alpha163/cvs/Linux x86_64, signed Manifest commit with key B427ABC8) |
9 |
|
10 |
Revision Changes Path |
11 |
1.3 net-dns/bind/files/named.cache |
12 |
|
13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.cache?rev=1.3&view=markup |
14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.cache?rev=1.3&content-type=text/plain |
15 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.cache?r1=1.2&r2=1.3 |
16 |
|
17 |
Index: named.cache |
18 |
=================================================================== |
19 |
RCS file: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.cache,v |
20 |
retrieving revision 1.2 |
21 |
retrieving revision 1.3 |
22 |
diff -u -r1.2 -r1.3 |
23 |
--- named.cache 29 May 2012 10:37:50 -0000 1.2 |
24 |
+++ named.cache 28 Feb 2013 22:45:54 -0000 1.3 |
25 |
@@ -9,8 +9,8 @@ |
26 |
; on server FTP.INTERNIC.NET |
27 |
; -OR- RS.INTERNIC.NET |
28 |
; |
29 |
-; last update: Jun 8, 2011 |
30 |
-; related version of root zone: 2011060800 |
31 |
+; last update: Jan 3, 2013 |
32 |
+; related version of root zone: 2013010300 |
33 |
; |
34 |
; formerly NS.INTERNIC.NET |
35 |
; |
36 |
@@ -31,7 +31,7 @@ |
37 |
; FORMERLY TERP.UMD.EDU |
38 |
; |
39 |
. 3600000 NS D.ROOT-SERVERS.NET. |
40 |
-D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 |
41 |
+D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 |
42 |
D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D |
43 |
; |
44 |
; FORMERLY NS.NASA.GOV |
45 |
|
46 |
|
47 |
|
48 |
1.1 net-dns/bind/files/named.conf-r6 |
49 |
|
50 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.conf-r6?rev=1.1&view=markup |
51 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-dns/bind/files/named.conf-r6?rev=1.1&content-type=text/plain |
52 |
|
53 |
Index: named.conf-r6 |
54 |
=================================================================== |
55 |
/* |
56 |
* Refer to the named.conf(5) and named(8) man pages, and the documentation |
57 |
* in /usr/share/doc/bind-9 for more details. |
58 |
* Online versions of the documentation can be found here: |
59 |
* http://www.isc.org/software/bind/documentation |
60 |
* |
61 |
* If you are going to set up an authoritative server, make sure you |
62 |
* understand the hairy details of how DNS works. Even with simple mistakes, |
63 |
* you can break connectivity for affected parties, or cause huge amounts of |
64 |
* useless Internet traffic. |
65 |
*/ |
66 |
|
67 |
acl "xfer" { |
68 |
/* Deny transfers by default except for the listed hosts. |
69 |
* If we have other name servers, place them here. |
70 |
*/ |
71 |
none; |
72 |
}; |
73 |
|
74 |
/* |
75 |
* You might put in here some ips which are allowed to use the cache or |
76 |
* recursive queries |
77 |
*/ |
78 |
acl "trusted" { |
79 |
127.0.0.0/8; |
80 |
::1/128; |
81 |
}; |
82 |
|
83 |
options { |
84 |
directory "/var/bind"; |
85 |
pid-file "/var/run/named/named.pid"; |
86 |
|
87 |
/* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ |
88 |
//bindkeys-file "/etc/bind/bind.keys"; |
89 |
|
90 |
listen-on-v6 { ::1; }; |
91 |
listen-on { 127.0.0.1; }; |
92 |
|
93 |
allow-query { |
94 |
/* |
95 |
* Accept queries from our "trusted" ACL. We will |
96 |
* allow anyone to query our master zones below. |
97 |
* This prevents us from becoming a free DNS server |
98 |
* to the masses. |
99 |
*/ |
100 |
trusted; |
101 |
}; |
102 |
|
103 |
allow-query-cache { |
104 |
/* Use the cache for the "trusted" ACL. */ |
105 |
trusted; |
106 |
}; |
107 |
|
108 |
allow-recursion { |
109 |
/* Only trusted addresses are allowed to use recursion. */ |
110 |
trusted; |
111 |
}; |
112 |
|
113 |
allow-transfer { |
114 |
/* Zone tranfers are denied by default. */ |
115 |
none; |
116 |
}; |
117 |
|
118 |
allow-update { |
119 |
/* Don't allow updates, e.g. via nsupdate. */ |
120 |
none; |
121 |
}; |
122 |
|
123 |
/* |
124 |
* If you've got a DNS server around at your upstream provider, enter its |
125 |
* IP address here, and enable the line below. This will make you benefit |
126 |
* from its cache, thus reduce overall DNS traffic in the Internet. |
127 |
* |
128 |
* Uncomment the following lines to turn on DNS forwarding, and change |
129 |
* and/or update the forwarding ip address(es): |
130 |
*/ |
131 |
/* |
132 |
forward first; |
133 |
forwarders { |
134 |
// 123.123.123.123; // Your ISP NS |
135 |
// 124.124.124.124; // Your ISP NS |
136 |
// 4.2.2.1; // Level3 Public DNS |
137 |
// 4.2.2.2; // Level3 Public DNS |
138 |
8.8.8.8; // Google Open DNS |
139 |
8.8.4.4; // Google Open DNS |
140 |
}; |
141 |
|
142 |
*/ |
143 |
|
144 |
//dnssec-enable yes; |
145 |
//dnssec-validation yes; |
146 |
|
147 |
/* |
148 |
* As of bind 9.8.0: |
149 |
* "If the root key provided has expired, |
150 |
* named will log the expiration and validation will not work." |
151 |
*/ |
152 |
//dnssec-validation auto; |
153 |
|
154 |
/* if you have problems and are behind a firewall: */ |
155 |
//query-source address * port 53; |
156 |
}; |
157 |
|
158 |
/* |
159 |
logging { |
160 |
channel default_log { |
161 |
file "/var/log/named/named.log" versions 5 size 50M; |
162 |
print-time yes; |
163 |
print-severity yes; |
164 |
print-category yes; |
165 |
}; |
166 |
|
167 |
category default { default_log; }; |
168 |
category general { default_log; }; |
169 |
}; |
170 |
*/ |
171 |
|
172 |
include "/etc/bind/rndc.key"; |
173 |
controls { |
174 |
inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; |
175 |
}; |
176 |
|
177 |
zone "." in { |
178 |
type hint; |
179 |
file "/var/bind/named.cache"; |
180 |
}; |
181 |
|
182 |
zone "localhost" IN { |
183 |
type master; |
184 |
file "pri/localhost.zone"; |
185 |
notify no; |
186 |
}; |
187 |
|
188 |
zone "127.in-addr.arpa" IN { |
189 |
type master; |
190 |
file "pri/127.zone"; |
191 |
notify no; |
192 |
}; |
193 |
|
194 |
/* |
195 |
* Briefly, a zone which has been declared delegation-only will be effectively |
196 |
* limited to containing NS RRs for subdomains, but no actual data beyond its |
197 |
* own apex (for example, its SOA RR and apex NS RRset). This can be used to |
198 |
* filter out "wildcard" or "synthesized" data from NAT boxes or from |
199 |
* authoritative name servers whose undelegated (in-zone) data is of no |
200 |
* interest. |
201 |
* See http://www.isc.org/software/bind/delegation-only for more info |
202 |
*/ |
203 |
|
204 |
//zone "COM" { type delegation-only; }; |
205 |
//zone "NET" { type delegation-only; }; |
206 |
|
207 |
//zone "YOUR-DOMAIN.TLD" { |
208 |
// type master; |
209 |
// file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; |
210 |
// allow-query { any; }; |
211 |
// allow-transfer { xfer; }; |
212 |
//}; |
213 |
|
214 |
//zone "YOUR-SLAVE.TLD" { |
215 |
// type slave; |
216 |
// file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; |
217 |
// masters { <MASTER>; }; |
218 |
|
219 |
/* Anybody is allowed to query but transfer should be controlled by the master. */ |
220 |
// allow-query { any; }; |
221 |
// allow-transfer { none; }; |
222 |
|
223 |
/* The master should be the only one who notifies the slaves, shouldn't it? */ |
224 |
// allow-notify { <MASTER>; }; |
225 |
// notify no; |
226 |
//}; |