107 lines
2.7 KiB
Python
107 lines
2.7 KiB
Python
# -*- mode: python; encoding: utf-8 -*-
|
|
|
|
info["owner"] = "root"
|
|
info["group"] = "bind"
|
|
info["perms"] = 0644
|
|
|
|
import config
|
|
import config.dns
|
|
from gen_confs.bind import netv4_to_arpa, netv6_to_arpa
|
|
|
|
comment_start = "//"
|
|
|
|
header("Conf locale de Bind9")
|
|
|
|
def forward_zone(zone,forwarders):
|
|
print """zone "%s" {
|
|
type forward;
|
|
forward only;
|
|
forwarders { %s; };
|
|
};
|
|
""" % (zone,'; '.join(forwarders))
|
|
|
|
def reverse_crans():
|
|
for net in set([ net for net in config.dns.zones_reverse if net not in config.NETs['multicast']]):
|
|
for zone in netv4_to_arpa(net):
|
|
forward_zone(zone, [config.dns.master] + config.dns.slaves)
|
|
|
|
for net in set(config.dns.zones_reverse_v6):
|
|
forward_zone(netv6_to_arpa(net), [config.dns.master] + config.dns.slaves)
|
|
|
|
def direct_crans():
|
|
for zone in config.dns.zones_direct:
|
|
forward_zone(zone, [config.dns.master] + config.dns.slaves)
|
|
|
|
if has("vlan-accueil"):
|
|
@view "accueilview" {
|
|
@ match-clients { "accueil"; };
|
|
@
|
|
@// On ment pour tout sauf quelques ips crans
|
|
@ zone "." {
|
|
@ type master;
|
|
@ file "/etc/bind/db.fake";
|
|
@ };
|
|
@
|
|
@ recursion no;
|
|
@};
|
|
|
|
@view "others" {
|
|
@ match-clients { any; };
|
|
@ recursion yes;
|
|
if has("dns-secondary-no-forward") or has("dns-secondary") or has("dns-primary"):
|
|
@include "/etc/bind/zones.rfc1918";
|
|
|
|
@// zones crans
|
|
@include "/etc/bind/generated/zones_crans";
|
|
|
|
if has("dns-tv"):
|
|
@// La zone TV
|
|
@zone "tv.crans.org" {
|
|
@ type master;
|
|
if not "tv.crans.org" in config.dns.zones_dnssec:
|
|
@ file "/etc/bind/generated/db.tv.crans.org";
|
|
else:
|
|
@ file "/etc/bind/signed/db.tv.crans.org";
|
|
@};
|
|
|
|
@zone "239.in-addr.arpa" {
|
|
@ type master;
|
|
@ file "/etc/bind/generated/db.239.in-addr.arpa";
|
|
@};
|
|
|
|
|
|
if has("dns-recursif") and not has("dns-secondary-no-forward"):
|
|
@zone "239.in-addr.arpa" {
|
|
@ type slave;
|
|
@ file "/etc/bind/generated/db.239.in-addr.arpa";
|
|
print" masters { %s; };" % config.dns.master_tv
|
|
@};
|
|
|
|
reverse_crans()
|
|
|
|
elif has("dns-forward-only"):
|
|
@forward only;
|
|
print "forwarders { %s; };" % '; '.join(config.dns.recursiv)
|
|
|
|
@// anti SPAM
|
|
@// Rajout pour generer le forward vers ariane pour la zone rbl-plus.mail-abuse.org --Nico 21/04/02
|
|
@zone "rbl-plus.mail-abuse.org" {
|
|
@ type forward;
|
|
@ forward only;
|
|
print " forwarders { "
|
|
print " %s;" % "; \n ".join(config.dns.parents)
|
|
print " }; "
|
|
@};
|
|
@
|
|
|
|
|
|
if has("vlan-accueil"):
|
|
@};
|
|
|
|
@// bricoles de config en plus
|
|
@include "/etc/bind/rndc.key";
|
|
@
|
|
@controls {
|
|
@ inet 127.0.0.1 allow { 127.0.0.1; } keys { "key"; };
|
|
@};
|
|
|