RPZ Question
Bob McDonald
bmcdonaldjr at gmail.com
Thu Apr 16 18:07:06 UTC 2015
Requested information:
options {
directory "/opt/incontrol/dns/db";
allow-query { 127.0.0.1; rfc1918-nets; };
also-notify { 172.26.100.10 port 5053 ; 172.26.100.11 ; };
listen-on { 127.0.0.1; };
listen-on { 172.26.99.160; };
listen-on-v6 { none; };
masterfile-format text;
empty-zones-enable no;
notify-source 172.26.99.160 ;
version none;
server-id hostname ;
query-source address 172.26.99.160 ;
forward only ;
forwarders { 172.26.1.9; 172.26.1.12; };
allow-notify { any ; };
allow-transfer { any; };
allow-update { any ; };
response-policy { zone "rpz-zone01"policy given max-policy-ttl 28800 ;
zone "rpz-zone02"policy given max-policy-ttl 28800 ;
};
notify explicit ;
transfer-source 172.26.99.160 ;
check-names master warn ;
check-names slave warn ;
pid-file "/opt/incontrol/etc/named.pid";
};
zone "rpz-zone01" {
type master;
file "db.rpz-zone01";
forwarders { };
};
zone "rpz-zone02" {
type master;
file "db.rpz-zone02";
forwarders { };
};
$TTL 28800
@ IN SOA sapphire-x5-agent.pcn.local. hostmaster.pcn-inc.com. (
9 ; Serial
86400 ; Refresh
900 ; Retry
3600000 ; Expire
300 ) ; Negative cache TTL
;-----------------------------
; NS Records
;-----------------------------
NS sapphire-x5-agent.pcn.local.
NS sapphire-agent-00.pcn.local.
sapphire-x5-agent.pcn.local. IN A 172.26.99.160
sapphire-agent-00.pcn.local. IN A 172.26.100.11
;-----------------------------
; Resource Records for rpz-zone02.
;-----------------------------
$ORIGIN rpz-zone02.
$TTL 28800
www.arqiva.com 28800 IN CNAME www.arqiva-integration.com.
www.arqiva-integration.com 28800 IN A 83.138.41.100
Let me know what else you need.
Regards,
Bob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150416/4e936d1b/attachment.html>
More information about the bind-users
mailing list