0e762fcbde
Ignore-this: 775c2b6fb0004ac5a91eae977bdc387f darcs-hash:20130207235911-3a55a-a27bff377befd7c7839f659e286d0686e885724d.gz
118 lines
2.8 KiB
Python
118 lines
2.8 KiB
Python
# -*- mode: python; encoding: utf-8 -*-
|
|
|
|
info["owner"] = "root"
|
|
info["group"] = "bind"
|
|
info["perms"] = 0644
|
|
|
|
import config
|
|
from gen_confs.bind import netv4_to_arpa, netv6_to_arpa
|
|
|
|
comment_start = "//"
|
|
|
|
header("Conf locale de Bind9")
|
|
|
|
def forward_zone(zone,forwarders):
|
|
print """zone "%s" {
|
|
type forward;
|
|
forward only;
|
|
forwarders { %s; };
|
|
};
|
|
""" % (zone,'; '.join(forwarders))
|
|
|
|
def reverse_crans():
|
|
for net in set(config.dns.zones_reverse):
|
|
for zone in netv4_to_arpa(net):
|
|
forward_zone(zone, [config.dns.master] + config.dns.slaves)
|
|
|
|
for net in set(config.dns.zones_reverse_v6):
|
|
forward_zone(netv6_to_arpa(net), [config.dns.master] + config.dns.slaves)
|
|
|
|
def direct_crans():
|
|
for zone in config.dns.zones_direct:
|
|
forward_zone(zone, [config.dns.master] + config.dns.slaves)
|
|
|
|
if has("vlan-accueil"):
|
|
@view "accueilview" {
|
|
@ match-clients { "accueil"; };
|
|
@
|
|
@// On ment pour tout sauf quelques ips crans
|
|
@ zone "." {
|
|
@ type master;
|
|
@ file "/etc/bind/db.fake";
|
|
@ };
|
|
@
|
|
@ recursion no;
|
|
@};
|
|
|
|
@view "others" {
|
|
@ match-clients { any; };
|
|
@ recursion yes;
|
|
if has("dns-secondary-no-forward") or has("dns-secondary") or has("dns-primary"):
|
|
@include "/etc/bind/zones.rfc1918";
|
|
|
|
@// zones crans
|
|
@include "/etc/bind/generated/zones_crans";
|
|
|
|
@// la tele
|
|
@zone "tv.crans.org" {
|
|
@ type slave;
|
|
@ file "/etc/bind/generated/db.tv.crans.org";
|
|
print" masters { %s; };" % config.dns.master_tv
|
|
@};
|
|
|
|
@zone "239.in-addr.arpa" {
|
|
@ type slave;
|
|
@ file "/etc/bind/generated/db.239.in-addr.arpa";
|
|
print" masters { %s; };" % config.dns.master_tv
|
|
@};
|
|
|
|
elif has("dns-tv"):
|
|
@// La zone TV
|
|
@zone "tv.crans.org" {
|
|
@ type master;
|
|
@ file "/etc/bind/generated/db.tv.crans.org";
|
|
@};
|
|
|
|
@zone "239.in-addr.arpa" {
|
|
@ type master;
|
|
@ file "/etc/bind/generated/db.239.in-addr.arpa";
|
|
@};
|
|
|
|
@// reduce log verbosity on issues outside our control
|
|
@logging {
|
|
@ category lame-servers { null; };
|
|
@};
|
|
|
|
elif has("dns-recursif"):
|
|
@zone "239.in-addr.arpa" {
|
|
@ type slave;
|
|
@ file "/etc/bind/generated/db.239.in-addr.arpa";
|
|
print" masters { %s; };" % config.dns.master_tv
|
|
@};
|
|
|
|
reverse_crans()
|
|
|
|
elif has("dns-forward-only"):
|
|
@forward only;
|
|
print "forwarders { %s; };" % '; '.join(config.dns.recursiv)
|
|
|
|
@// anti SPAM
|
|
@// Rajout pour generer le forward vers ariane pour la zone rbl-plus.mail-abuse.org --Nico 21/04/02
|
|
@zone "rbl-plus.mail-abuse.org" {
|
|
@ type forward;
|
|
@ forward only;
|
|
print" forwarders { %s ; }; " % config.dns.parent
|
|
@};
|
|
@
|
|
|
|
|
|
if has("vlan-accueil"):
|
|
@};
|
|
|
|
@// bricoles de config en plus
|
|
@include "/etc/bind/rndc.key";
|
|
@
|
|
@controls {
|
|
@ inet 127.0.0.1 allow { 127.0.0.1; } keys { "key"; };
|
|
@};
|
|
|