Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src bind comes with a very helpful sample named.conf, so install...
details: https://anonhg.NetBSD.org/src/rev/6ea88344f833
branches: trunk
changeset: 474756:6ea88344f833
user: abs <abs%NetBSD.org@localhost>
date: Mon Jul 19 02:30:43 1999 +0000
description:
bind comes with a very helpful sample named.conf, so install it in
/usr/share/examples/named. I'm not overwhelmed about moving the file
into src/share/examples but there is prior art (amd).
diffstat:
etc/mtree/NetBSD.dist | 7 +-
share/examples/named/Makefile | 11 +
share/examples/named/named.conf | 431 ++++++++++++++++++++++++++++++++++++++++
usr.sbin/bind/named/named.conf | 431 ----------------------------------------
4 files changed, 448 insertions(+), 432 deletions(-)
diffs (truncated from 906 to 300 lines):
diff -r 1188f3629a20 -r 6ea88344f833 etc/mtree/NetBSD.dist
--- a/etc/mtree/NetBSD.dist Mon Jul 19 01:36:07 1999 +0000
+++ b/etc/mtree/NetBSD.dist Mon Jul 19 02:30:43 1999 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: NetBSD.dist,v 1.82 1999/04/03 09:36:04 fair Exp $
+# $NetBSD: NetBSD.dist,v 1.83 1999/07/19 02:30:43 abs Exp $
# @(#)4.4BSD.dist 8.1 (Berkeley) 6/13/93
/set type=dir uname=root gname=wheel mode=0755
@@ -809,6 +809,11 @@
# ./usr/share/examples/ipf
..
+# ./usr/share/examples/named
+named
+# ./usr/share/examples/named
+..
+
# ./usr/share/examples/supfiles
supfiles
# ./usr/share/examples/supfiles
diff -r 1188f3629a20 -r 6ea88344f833 share/examples/named/Makefile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/examples/named/Makefile Mon Jul 19 02:30:43 1999 +0000
@@ -0,0 +1,11 @@
+# $NetBSD: Makefile,v 1.1 1999/07/19 02:30:43 abs Exp $
+
+.include <bsd.own.mk>
+
+.if ${MKSHARE} != "no"
+FILES= named.conf
+FILESDIR=/usr/share/examples/named
+.endif
+MKOBJ= no
+
+.include <bsd.prog.mk>
diff -r 1188f3629a20 -r 6ea88344f833 share/examples/named/named.conf
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/share/examples/named/named.conf Mon Jul 19 02:30:43 1999 +0000
@@ -0,0 +1,431 @@
+/* $NetBSD: named.conf,v 1.1 1999/07/19 02:30:43 abs Exp $ */
+
+/*
+ * This is a worthless, nonrunnable example of a named.conf file that has
+ * every conceivable syntax element in use. We use it to test the parser.
+ * It could also be used as a conceptual template for users of new features.
+ */
+
+/*
+ * C-style comments are OK
+ */
+
+// So are C++-style comments
+
+# So are shell-style comments
+
+// watch out for ";" -- it's important!
+
+options {
+ directory "."; // use current directory
+ named-xfer "/usr/libexec/named-xfer"; // _PATH_XFER
+ dump-file "named_dump.db"; // _PATH_DUMPFILE
+ pid-file "/var/run/named.pid"; // _PATH_PIDFILE
+ statistics-file "named.stats"; // _PATH_STATS
+ memstatistics-file "named.memstats"; // _PATH_MEMSTATS
+ check-names master fail;
+ check-names slave warn;
+ check-names response ignore;
+ host-statistics no;
+ deallocate-on-exit no; // Painstakingly deallocate all
+ // objects when exiting instead of
+ // letting the OS clean up for us.
+ // Useful a memory leak is suspected.
+ // Final statistics are written to the
+ // memstatistics-file.
+ datasize default;
+ stacksize default;
+ coresize default;
+ files unlimited;
+ recursion yes;
+ fetch-glue yes;
+ fake-iquery no;
+ notify yes; // send NOTIFY messages. You can set
+ // notify on a zone-by-zone
+ // basis in the "zone" statement
+ // see (below)
+ auth-nxdomain yes; // always set AA on NXDOMAIN.
+ // don't set this to 'no' unless
+ // you know what you're doing -- older
+ // servers won't like it.
+ multiple-cnames no; // if yes, then a name my have more
+ // than one CNAME RR. This use
+ // is non-standard and is not
+ // recommended, but it is available
+ // because previous releases supported
+ // it and it was used by large sites
+ // for load balancing.
+ allow-query { any; };
+ allow-transfer { any; };
+ transfers-in 10; // DEFAULT_XFERS_RUNNING, cannot be
+ // set > than MAX_XFERS_RUNNING (20)
+ transfers-per-ns 2; // DEFAULT_XFERS_PER_NS
+ transfers-out 0; // not implemented
+ max-transfer-time-in 120; // MAX_XFER_TIME; the default number
+ // of minutes an inbound zone transfer
+ // may run. May be set on a per-zone
+ // basis.
+ /*
+ * The "transfer-format" option specifies the way outbound zone
+ * transfers (i.e. from us to them) are formatted. Two values are
+ * allowed:
+ *
+ * one-answer Each RR gets its own DNS message.
+ * This format is not very efficient,
+ * but is widely understood. All
+ * versions of BIND prior to 8.1 generate
+ * this format for outbound zone
+ * and require it on inbound transfers.
+ *
+ * many-answers As many RRs as will fit are put into
+ * each DNS message. This format is
+ * the most efficient, but is only known
+ * to work with BIND 8. Patches to
+ * BIND 4.9.5 named-xfer that enable it
+ * to understand 'many-answers' will be
+ * available.
+ *
+ * If you are going to be doing zone transfers to older servers, you
+ * shouldn't use 'many-answers'. 'transfer-format' may also be set
+ * on a host-by-host basis using the 'server' statement (see below).
+ */
+ transfer-format one-answer;
+ query-source address * port *;
+ /*
+ * The "forward" option is only meaningful if you've defined
+ * forwarders. "first" gives the normal BIND
+ * forwarding behavior, i.e. ask the forwarders first, and if that
+ * doesn't work then do the full lookup. You can also say
+ * "forward only;" which is what used to be specified with
+ * "slave" or "options forward-only". "only" will never attempt
+ * a full lookup; only the forwarders will be used.
+ */
+ forward first;
+ forwarders { }; // default is no forwarders
+ /*
+ * Here's a forwarders example that isn't trivial
+ */
+ /*
+ forwarders {
+ 1.2.3.4;
+ 5.6.7.8;
+ };
+ */
+ topology { localhost; localnets; }; // prefer local nameservers
+ /*
+ * Here's a more complicated topology example; it's commented out
+ * because only one topology block is allowed.
+ *
+ topology {
+ 10/8; // prefer network 10.0.0.0
+ // netmask 255.0.0.0 most
+ !1.2.3/24; // don't like 1.2.3.0 netmask
+ // 255.255.255.0 at all
+ { 1.2/16; 3/8; }; // like 1.2.0.0 netmask 255.255.0.0
+ // and 3.0.0.0 netmask 255.0.0.0
+ // equally well, but less than 10/8
+ };
+ */
+
+ listen-on port 53 { any; }; // listen for queries on port 53 on
+ // any interface on the system
+ // (i.e. all interfaces). The
+ // "port 53" is optional; if you
+ // don't specify a port, port 53
+ // is assumed.
+ /*
+ * Multiple listen-on statements are allowed. Here's a more
+ * complicated example:
+ */
+ /*
+ listen-on { 5.6.7.8; }; // listen on port 53 on interface
+ // 5.6.7.8
+ listen-on port 1234 { // listen on port 1234 on any
+ !1.2.3.4; // interface on network 1.2.3
+ 1.2.3/24; // netmask 255.255.255.0, except for
+ }; // interface 1.2.3.4.
+ */
+
+ /*
+ * Interval Timers
+ */
+ cleaning-interval 60; // clean the cache of expired RRs
+ // every 'cleaning-interval' minutes
+ interface-interval 60; // scan for new or deleted interfaces
+ // every 'interface-interval' minutes
+ statistics-interval 60; // log statistics every
+ // 'statistics-interval' minutes
+};
+
+zone "master.demo.zone" {
+ type master; // what used to be called "primary"
+ file "master.demo.zone";
+ check-names fail;
+ allow-update { none; };
+ allow-transfer { any; };
+ allow-query { any; };
+ // notify yes; // send NOTIFY messages for this
+ // zone? The global option is used
+ // if "notify" is not specified
+ // here.
+ also-notify { }; // don't notify any nameservers other
+ // than those on the NS list for this
+ // zone
+};
+
+zone "slave.demo.zone" {
+ type slave; // what used to be called "secondary"
+ file "slave.demo.zone";
+ masters {
+ 1.2.3.4; // where to zone transfer from
+ 5.6.7.8;
+ };
+ transfer-source 10.0.0.53; // fixes multihoming problems
+ check-names warn;
+ allow-update { none; };
+ allow-transfer { any; };
+ allow-query { any; };
+ max-transfer-time-in 120; // if not set, global option is used.
+ also-notify { }; // don't notify any nameservers other
+ // than those on the NS list for this
+ // zone
+};
+
+zone "stub.demo.zone" {
+ type stub; // stub zones are like slave zones,
+ // except that only the NS records
+ // are transferred.
+ file "stub.demo.zone";
+ masters {
+ 1.2.3.4; // where to zone transfer from
+ 5.6.7.8;
+ };
+ check-names warn;
+ allow-update { none; };
+ allow-transfer { any; };
+ allow-query { any; };
+ max-transfer-time-in 120; // if not set, global option is used.
+};
+
+zone "." {
+ type hint; // used to be specified w/ "cache"
+ file "cache.db";
+};
+
+acl can_query { !1.2.3/24; any; }; // network 1.2.3.0 mask 255.255.255.0
+ // is disallowed; rest are OK
+acl can_axfr { 1.2.3.4; can_query; }; // host 1.2.3.4 and any host allowed
+ // by can_query are OK
+
+zone "non-default-acl.demo.zone" {
+ type master;
+ file "foo";
+ allow-query { can_query; };
+ allow-transfer { can_axfr; };
+ allow-update {
+ 1.2.3.4;
+ 5.6.7.8;
+ };
+};
+
+key sample_key { // for TSIG; supported by parser
+ algorithm hmac-md5; // but not yet implemented in the
+ secret "your secret here"; // rest of the server
+};
+
+key key2 {
+ algorithm hmac-md5;
+ secret "ereh terces rouy";
+};
+
+server 1.2.3.4 {
+ bogus no; // if yes, we won't query or listen
+ // to this server
+ transfer-format one-answer; // set transfer format for this
+ // server (see the description of
+ // 'transfer-format' above)
+ // if not specified, the global option
+ // will be used
+ transfers 0; // not implemented
+ keys { sample_key; key2; }; // for TSIG; supported by the parser
+ // but not yet implemented in the
+ // rest of the server
+};
+
+logging {
+ /*
+ * All log output goes to one or more "channels"; you can make as
+ * many of them as you want.
+ */
+
Home |
Main Index |
Thread Index |
Old Index