crans/crans_bcfg2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[dns] Blocage de teredo.ipv6.microsoft.com pour empêcher windows de lancer un tunnel ipv6 teredo

Browse source
This commit is contained in:
Valentin Samir 2014-02-13 09:30:28 +01:00
parent bc98d3accc
commit af1a27b520
4 changed files with 35 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Python/etc/bind/db.loppsi.crans.org
View file

@ -19,7 +19,9 @@ print """ 2386410401 ; serial
3600 ; minimum (1 hour)
)
NS sable.crans.org.
archive.ubuntu.com CNAME charybde.crans.org.
*.archive.ubuntu.com CNAME charybde.crans.org.
"""
print "archive.ubuntu.com CNAME charybde.crans.org."
print "*.archive.ubuntu.com CNAME charybde.crans.org."
print "teredo.ipv6.microsoft.com CNAME ."

24
Python/etc/bind/db.rpz.crans.org Normal file
View file

@ -0,0 +1,24 @@
# -*- mode: python; encoding: utf-8 -*-
info["owner"] = "root"
info["group"] = "bind"
info["perms"] = 0644
import config
comment_start = ";"
header("Zone pour la response policy pour les utilisateur courant")
@$TTL 3600 ; 1 hour
@@ IN SOA sable.crans.org. root.crans.org. (
print """ 2386410401 ; serial
21600 ; refresh (6 hours)
3600 ; retry (1 hour)
1209600 ; expire (2 weeks)
3600 ; minimum (1 hour)
)
NS sable.crans.org.
"""
print "teredo.ipv6.microsoft.com CNAME ."

5
Python/etc/bind/named.conf.local
View file

@ -97,6 +97,11 @@ with view("default-view", "any") as v:
v.p('include "/etc/bind/generated/zones_crans";')
if has("dns-recursif") and not has("dns-secondary-no-forward"):
v.p('response-policy { zone "rpz.crans.org"; };')
with zone("rpz.crans.org", "master") as z:
z.p('file "/etc/bind/db.rpz.crans.org";')
z.p('allow-query {none;};')
with zone("239.in-addr.arpa", "slave") as z:
z.p('file "/etc/bind/generated/db.239.in-addr.arpa";')
z.p('masters { %s; };' % config.dns.master_tv)