As I indicated in the previous /etc/bind is symlinked to /var/lib/named/bind/, so...
Code:
root@wonder:/var/lib/named/etc/bind# ls -la
total 56
drwxr-sr-x 2 root root 4096 2008-12-21 13:51 .
drwx------ 3 root root 4096 2008-12-20 16:23 ..
-rw-r--r-- 1 bind bind 237 2008-04-09 15:44 db.0
-rw-r--r-- 1 bind bind 271 2008-04-09 15:44 db.127
-rw-r--r-- 1 bind bind 237 2008-04-09 15:44 db.255
-rw-r--r-- 1 bind bind 353 2008-04-09 15:44 db.empty
-rw-r--r-- 1 bind bind 270 2008-04-09 15:44 db.local
-rw-r--r-- 1 bind bind 2878 2008-04-09 15:44 db.root
-rw-r--r-- 1 bind bind 907 2008-04-09 15:44 named.conf
-rw-r--r-- 1 bind bind 165 2008-04-09 15:44 named.conf.local
-rw-r--r-- 1 bind bind 3041 2008-12-21 13:51 named.conf.options
-rw------- 1 root root 695 2008-12-21 13:51 named.conf.options~
-rw-r----- 1 bind bind 77 2008-05-26 17:26 rndc.key
-rw-r--r-- 1 bind bind 1317 2008-04-09 15:44 zones.rfc1918
named.conf is virgin:
Code:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
include "/etc/bind/named.conf.local";
I have not yet modified named.conf.local, but I have made mods to named.conf.options (using the bind acls/options from the current RH webserver which will be retired when I get this box up). However, bind9 is/was failing on this chrooted setup B4 I did anything to options, nevertheless:
Code:
// acls added TB 12.21.2008
acl "xfer" {
127.0.0.1; //localhost
localhost;
192.168.5.11; //temp new wonder IP
69.54.194.91; //wonder.what-if.com
69.54.194.92; //imagine.what-if.com
};
acl "trusted" {
127.0.0.1; //localhost
localhost;
192.168.5.11; //temp new wonder IP
66.255.223.103; //local IFI netw
69.54.194.91; //wonder.what-if.com
69.54.194.92; //imagine.what-if.com
};
acl "bogon" {
// Filter out the bogon networks. These are networks
// listed by IANA as test, RFC1918, Multicast, experi-
// mental, etc. If you see DNS queries or updates with
// a source address within these networks, this is likely
// of malicious origin. CAUTION: If you are using RFC1918
// netblocks on your network, remove those netblocks from
// this list of blackhole ACLs!
0.0.0.0/8;
1.0.0.0/8;
2.0.0.0/8;
5.0.0.0/8;
...
197.0.0.0/8;
223.0.0.0/8;
224.0.0.0/3;
};
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
// additional options TB 12.21.2008
check-names master ignore;
check-names response ignore;
check-names slave warn;
version "<Phhhhhbbt!>";
notify yes;
allow-recursion {
trusted;
};
allow-transfer {
xfer;
};
allow-query {
trusted;
};
blackhole {
bogon;
};
};
English | 
Deutsch
Threaded Mode
Recent comments
11 hours 47 min ago
18 hours 28 min ago
22 hours 19 min ago
23 hours 57 min ago
1 day 8 hours ago
1 day 17 hours ago
1 day 18 hours ago
1 day 22 hours ago
2 days 2 hours ago
2 days 3 hours ago