DNS and SQUID - Question from Newbie
T. Esting
t_esting at excite.com
Thu Jun 10 22:17:32 UTC 1999
One mostly non-intrusive way to do this is to take advantage Squid
version 2 configuration file option that allows squid to use a different
name server than the one your system uses:
# TAG: dns_nameservers
# Use this if you want to specify a list of DNS name servers
# (IP addresses) to use instead of those given in your
# /etc/resolv.conf file.
#
# Example: dns_nameservers 10.0.0.1 192.172.0.4
#
#dns_nameservers none
This should allow you to point squid's resolver to something in the outside
world (at your ISP?) and your Linux resolver to your internal DNS. Then
again, if you want to be able to resolve Internet names on your private
network, BIND and the forwarders option is a good place to start. You might
want to consider using the listen-on config file option for BIND if you're
extra paranoid (careful, paranoid, what's the difference? :-) and want to
keep BIND from listening on your public interface.
Good luck.
Erick.
On Thu, 10 Jun 1999 21:04:00 +0200, Robert E. Daumann wrote:
> Hi
> i have an internal network with 10 Clients (diffrent OS). The server is
> al Linux machine. The clients get their IP from a DHCP-Server.
> On the internal net are sensitive files, so i have to protect them
> against attacks from outside. With the linux server I make the contact
> to
> the Internet.
> To protect the system I install SQUID, but squid won't run, cause at
> boot time he looks for a nameserver. The first choice is, putting the
> outside nameserverlist at the resolv.conf. But during boot, linux server
> make a connect to the Internet. Now I want't to run my own DNS with BIND
> 8.
> The question is, do I need a master.zone or a slave.zone, or a master
> and a slave, or a slave an a forward??
>
> please help me
>
> Robert
>
_______________________________________________________
Get your free, private email at http://mail.excite.com/
More information about the bind-users
mailing list