Fichier named.conf.

De Wiki iRENALA
Version du 21 juillet 2011 à 13:50 par Sambatramjn (discuter | contributions)

(diff) ← Version précédente | Voir la version courante (diff) | Version suivante → (diff)

sudo vim /var/named/chroot/etc/named.conf

  1. les interfaces qui ecoutes

acl INTERFACES { 127.0.0.1; 192.168.254.3;192.168.122.1; };

  1. le port par qui ecoute

options { listen-on port 53 { INTERFACES; };

  1. le répertoire de travail du DNS

directory "/var/named";

  1. masquer la version pour sécuité

version "Version indisponible";

  1. statistics-file "/var/log/stats.log";

};

controls {

       inet 127.0.0.1 allow { localhost; } keys { rndckey; };

};

logging {

       channel log_queries {
               file "/var/log/queries.log" versions 5 size 5m;
               print-time yes;
               print-category yes;
               print-severity yes;
               severity info;
               };
       category queries {
               log_queries;
               default_syslog;
               default_debug;
               default_stderr;
               null;
               };

};

  1. un view pour partie backbone

view "back" IN {


    match-clients {  192.168.254.0/24;127.0.0.1;10.240.24.0/24; };
    allow-query { 192.168.254.0/24;127.0.0.1;10.240.24.0/24;};
    recursion yes;
    allow-recursion {  192.168.254.0/24;127.0.0.1;10.240.24.0/24;};

zone "." IN {

       type hint;
       file "named.ca";

};


zone "localhost" IN {

       type master;
       file "named.local";
       allow-update { none; };

};

zone "0.0.127.in-addr.arpa" IN {

       type master;
       file "local";
       allow-update { none; };

};

zone "edu.mg" IN {

       type master;
       file "edu.mg";
       allow-update { none; };

};

zone "254.168.192.in-addr.arpa" IN {

       type master;
       file "edu.mg.rev";
       allow-update { none; };

};

};

  1. un view pour la DTIC encore en TEST

view "dtic" IN {

match-clients {  192.168.10.0/24; };
allow-query { 192.168.10.0/24; };
   recursion yes;
    allow-recursion {  192.168.10.0/24;  };

zone "edu.mg" IN {

       type master;
       file "edu.mg";
       allow-update { none; };

};


};

include "/etc/rndc.key";