# -*- mode: python; encoding: utf-8 -*-

info["owner"] = "root"
info["group"] = "bind"
info["perms"] = 0644

import config
import config.dns
from gen_confs.bind import netv4_to_arpa, netv6_to_arpa

comment_start = "//"

header("Conf locale de Bind9")

def forward_zone(zone,forwarders):
    print """zone "%s" {
  type forward;
  forward only;
  forwarders { %s; };
};
""" % (zone,'; '.join(forwarders))

def reverse_crans():
    for net in set([ net for net in config.dns.zones_reverse if net not in config.NETs['multicast']]):
        for zone in netv4_to_arpa(net):
            forward_zone(zone, [config.dns.master] + config.dns.slaves)

    for net in set(config.dns.zones_reverse_v6):
         forward_zone(netv6_to_arpa(net), [config.dns.master] + config.dns.slaves)

def direct_crans():
    for zone in config.dns.zones_direct:
        forward_zone(zone, [config.dns.master] + config.dns.slaves)

if has("vlan-accueil"):
    @view "accueilview" {
    @   match-clients { "accueil"; };
    @    
    @// On ment pour tout sauf quelques ips crans
    @    zone "." {
    @        type master;
    @        file "/etc/bind/db.fake";
    @    };
    @
    @    recursion no;
    @};

    @view "others" {
    @   match-clients { any; };
    @   recursion yes;
if has("dns-secondary-no-forward") or has("dns-secondary") or has("dns-primary"):
    @include "/etc/bind/zones.rfc1918";

    @// zones crans
    @include "/etc/bind/generated/zones_crans"; 
    
if has("dns-tv"):
    @// La zone TV
    @zone "tv.crans.org" {
    @   type master;
    if not "tv.crans.org" in config.dns.zones_dnssec:
        @   file "/etc/bind/generated/db.tv.crans.org";
    else:
        @   file "/etc/bind/signed/db.tv.crans.org";
    @};
    
    @zone "239.in-addr.arpa" {
    @	  type master;
    @	  file "/etc/bind/generated/db.239.in-addr.arpa";
    @};
    
    
if has("dns-recursif") and not has("dns-secondary-no-forward"):
    @zone "239.in-addr.arpa" {
    @   type slave;
    @   file "/etc/bind/generated/db.239.in-addr.arpa";
    print"   masters { %s; };" % config.dns.master_tv
    @};
    
    reverse_crans()
    
elif has("dns-forward-only"):
    @forward only;
    print "forwarders { %s; };"  % '; '.join(config.dns.recursiv)
    
@// anti SPAM
@// Rajout pour generer le forward vers ariane pour la zone rbl-plus.mail-abuse.org --Nico 21/04/02
@zone "rbl-plus.mail-abuse.org" {
@    type forward;
@    forward only;
print "    forwarders { "
print "                 %s;" % "; \n                 ".join(config.dns.parents)
print "               }; "
@};
@


if has("vlan-accueil"):
    @};

@// bricoles de config en plus
@include "/etc/bind/rndc.key";
@
@controls {
@    inet 127.0.0.1 allow { 127.0.0.1; } keys { "key"; };
@};