-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathnamed.conf
121 lines (104 loc) · 3.65 KB
/
named.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# Start of rndc.conf
key "rndc-key" {
algorithm hmac-sha256;
secret "sYsvWXPKeJzVg+hOvCCUxszn6XruyjPc/Qomc4D0iBI=";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
zone "." IN {
type hint;
file "/usr/local/bind/etc/named.root";
};
options {
tcp-clients 50000;
directory "/usr/local/bind/var";
pid-file "/usr/local/bind/var/bind.pid";
dump-file "/usr/local/bind/var/bind_dump.db";
statistics-file "/usr/local/bind/var/bind.stats";
rate-limit {
nxdomains-per-second 3;
window 1;
};
version "ooxx-bind:1.0.24";
notify yes;
recursion yes;
also-notify { nexusguard_dns_servers; };
allow-query { tbwhitelist; nexusguard_dns_servers; };
allow-transfer { tbwhitelist; nexusguard_dns_servers; };
};
acl nexusguard_dns_servers {
113.21.216.41;
113.21.217.41;
104.155.193.210;
113.21.192.0/19;
180.233.160.0/19;
27.126.192.0/18;
};
acl tbwhitelist {
180.232.85.26;
119.93.25.174;
122.54.211.105;
};
logging {
channel default_debug {
file "/usr/local/bind/log/debug.log";
severity dynamic;
print-category yes;
print-severity yes;
print-time yes;
};
channel query_info {
file "/usr/local/bind/log/query.log" versions 1 size 100m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category queries {
query_info;
default_debug;
};
channel notify_info {
file "/usr/local/bind/log/notify.log" versions 8 size 128m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category notify {
notify_info;
default_debug;
};
channel xfer_in_log {
file "/usr/local/bind/log/xfer_in.log" versions 100 size 10m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
channel xfer_out_log {
file "/usr/local/bind/log/xfer_out.log" versions 100 size 10m;
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category xfer-in { xfer_in_log; };
category xfer-out { xfer_out_log; };
};
dlz "mysql-dlz" {
database "mysql
{host=127.0.0.1 dbname=bind ssl=false port=3306 user=bind pass=kX&^!^V!Is}
{select name from bind_domain where name = '$zone$' limit 1}
{select ttl, type, mx, case when lower(type)='txt' then concat('\"', value, '\"')
else value end from bind_record where domain_id = (select id from bind_domain where name = '$zone$') and name = '$record$'
and not (type = 'SOA' or type = 'NS')}
{select ttl, type, mx, value, resp_person, serial, refresh, retry, expire, minimum
from bind_record where domain_id = (select id from bind_domain where name = '$zone$') and (type = 'SOA' or type='NS')}
{select ttl, type, name, mx, value, resp_person, serial, refresh, retry, expire,
minimum from bind_record where domain_id = (select id from bind_domain where name = '$zone$') and not (type = 'SOA' or type = 'NS')}
{select domain_id from bind_xfracl where domain_id = (select id from bind_domain where name = '$zone$') and client = '$client$' limit 1}";
};
#include "/usr/local/bind/etc/default.zones";