reverse DNS ok

2023-01-18 20:09:29 +01:00 · 2023-01-18 20:09:29 +01:00 · 1f63e688b3
commit 1f63e688b3
parent 2968582a74
3 changed files with 129 additions and 0 deletions
--- a/files/snster-kaz/isp-a/infra/dns.conf
+++ b/files/snster-kaz/isp-a/infra/dns.conf
@ -7,3 +7,9 @@ server:
  local-data: "mail.isp-a.sns. IN A 100.120.1.2"
  local-data: "ns.isp-a.sns. IN A 100.120.1.2"
  local-data: "isp-a.sns. IN MX 10 smtp.isp-a.sns."
+
+  local-zone: "120.100.in-addr.arpa." static
+  local-data: "2.1.120.100.in-addr.arpa. IN PTR smtp.isp-a.sns"
+  local-data: "2.0.120.100.in-addr.arpa. IN PTR home.isp-a.sns"
+  local-data: "1.1.120.100.in-addr.arpa. IN PTR router.isp-a.sns"
+  local-data: "1.0.120.100.in-addr.arpa. IN PTR router.isp-a.sns"
--- a/files/templates/debian/resolverns/provision.sh
+++ b/files/templates/debian/resolverns/provision.sh
@ -26,6 +26,15 @@ echo -e "server:
 	root-hints: root.hints
 " > /etc/unbound/unbound.conf.d/root.conf

+for i in {64..127}; do
+	echo -e "	local-zone: \"$i.100.in-addr.arpa.\" nodefault" >> /etc/unbound/unbound.conf.d/root.conf
+done
+
+
+#	local-zone: \"120.100.in-addr.arpa.\" nodefault
+#  local-zone: \"64.100.in-addr.arpa. to 127.100.in-addr.arpa.\" nodefault
+# for i in {64..127}; do echo $i; done
+
 # no DNSSEC validation for now
 sed -i "s/auto/\#auto/" /etc/unbound/unbound.conf.d/root-auto-trust-anchor-file.conf

--- a/files/templates/debian/rootns/provision.sh
+++ b/files/templates/debian/rootns/provision.sh
@ -39,4 +39,118 @@ echo -e "zone:
 	zonefile: \"root.zone\"
 " > /etc/nsd/nsd.conf

+# Reverse DNS
+#sed -i -e 's/^arpa.*//' /etc/nsd/root.zone
+#sed -i -e 's/^.\.ns\.arpa.*.*//' /etc/nsd/root.zone
+
+## Racine
+sed -i -e '/NSEC.*/d' /etc/nsd/root.zone
+sed -i -e '/RRSIG.*/d' /etc/nsd/root.zone
+sed -i -e '/DNSKEY.*/d' /etc/nsd/root.zone
+sed -i -e '/DS.*/d' /etc/nsd/root.zone
+sed -i -e '/^arpa.*/d' /etc/nsd/root.zone
+sed -i -e '/^.\.ns\.arpa.*.*/d' /etc/nsd/root.zone
+echo -e "arpa.	172800  IN      NS      p.ns.arpa.
+p.ns.arpa.              172800  IN      A       100.100.1.10
+p.ns.arpa.              172800  IN      AAAA     2001:db8:a001::10
+" >> /etc/nsd/root.zone
+
+## .arpa
+wget "https://www.internic.net/domain/arpa.zone" -O /etc/nsd/arpa.zone
+sed -i -e '/NSEC.*/d' /etc/nsd/arpa.zone
+sed -i -e '/RRSIG.*/d' /etc/nsd/arpa.zone
+sed -i -e '/DNSKEY.*/d' /etc/nsd/arpa.zone
+sed -i -e '/DS.*/d' /etc/nsd/arpa.zone
+sed -i -e '/^arpa\.\s.*NS.*[a-m].ns.arpa.*/d' /etc/nsd/arpa.zone
+sed -i -e '/^in-addr.*/d' /etc/nsd/arpa.zone
+sed -i -e '/^.\.in-addr.*/d' /etc/nsd/arpa.zone
+echo -e "arpa.	172800  IN      NS      p.ns.arpa.
+p.ns.arpa.              172800  IN      A       100.100.1.10
+p.ns.arpa.              172800  IN      AAAA     2001:db8:a001::10
+in-addr.arpa.		172800	IN	NS	p.in-addr-servers.arpa.
+p.in-addr-servers.arpa.              172800  IN      A       100.100.1.10
+p.in-addr-servers.arpa.              172800  IN      AAAA     2001:db8:a001::10
+" >> /etc/nsd/arpa.zone
+
+echo -e "zone:
+	name: \"arpa.\"
+	zonefile: \"arpa.zone\"
+" >> /etc/nsd/nsd.conf
+
+## .in-addr.arpa
+wget "https://www.internic.net/domain/in-addr.arpa.zone" -O /etc/nsd/in-addr.arpa.zone
+sed -i -e '/SOA.*/d' /etc/nsd/in-addr.arpa.zone
+sed -i -e '/NSEC.*/d' /etc/nsd/in-addr.arpa.zone
+sed -i -e '/RRSIG.*/d' /etc/nsd/in-addr.arpa.zone
+sed -i -e '/DNSKEY.*/d' /etc/nsd/in-addr.arpa.zone
+sed -i -e '/DS.*/d' /etc/nsd/in-addr.arpa.zone
+sed -i -e '/^in-addr\.arpa\.\s.*NS.*[a-m].in-addr-servers.arpa.*/d' /etc/nsd/in-addr.arpa.zone
+sed -i -e '/^100.*/d' /etc/nsd/in-addr.arpa.zone
+echo -e "in-addr.arpa.	172800  IN      NS      p.ns.in-addr.arpa.
+p.ns.in-addr.arpa.              172800  IN      A       100.100.1.10
+p.ns.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
+100.in-addr.arpa.		172800	IN	NS	p.100.in-addr.arpa.
+p.100.in-addr.arpa.              172800  IN      A       100.100.1.10
+p.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
+in-addr.arpa.           3600    IN      SOA     b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
+" >> /etc/nsd/in-addr.arpa.zone
+
+echo -e "zone:
+	name: \"in-addr.arpa.\"
+	zonefile: \"in-addr.arpa.zone\"
+" >> /etc/nsd/nsd.conf
+
+
+
+# 100.in-addr.arpa
+echo -e "100.in-addr.arpa.           3600    IN      SOA     b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
+100.in-addr.arpa.	172800  IN      NS      p.ns.100.in-addr.arpa.
+p.ns.100.in-addr.arpa.              172800  IN      A       100.100.1.10
+p.ns.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
+120.100.in-addr.arpa.		172800	IN	NS	p.120.100.in-addr.arpa.
+p.120.100.in-addr.arpa.              172800  IN      A       100.120.1.2
+p.120.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:120:1::2
+" > /etc/nsd/100.in-addr.arpa.zone
+
+echo -e "zone:
+	name: \"100.in-addr.arpa.\"
+	zonefile: \"100.in-addr.arpa.zone\"
+" >> /etc/nsd/nsd.conf
+
+#
+# # 120.100.in-addr.arpa
+# echo -e "120.100.in-addr.arpa.           3600    IN      SOA     b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
+# 120.100.in-addr.arpa.	172800  IN      NS      p.ns.120.100.in-addr.arpa.
+# p.ns.120.100.in-addr.arpa.              172800  IN      A       100.100.1.10
+# p.ns.120.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
+# 1.120.100.in-addr.arpa.		172800	IN	NS	p.1.120.100.in-addr.arpa.
+# p.1.120.100.in-addr.arpa.              172800  IN      A       100.100.1.10
+# p.1.120.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
+# " > /etc/nsd/120.100.in-addr.arpa.zone
+#
+# echo -e "zone:
+# 	name: \"120.100.in-addr.arpa.\"
+# 	zonefile: \"120.100.in-addr.arpa.zone\"
+# " >> /etc/nsd/nsd.conf
+#
+# # 1.120.100.in-addr.arpa
+# echo -e "1.120.100.in-addr.arpa.           3600    IN      SOA     b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
+# 1.120.100.in-addr.arpa.	172800  IN      NS      p.ns.1.120.100.in-addr.arpa.
+# p.ns.1.120.100.in-addr.arpa.              172800  IN      A       100.100.1.10
+# p.ns.1.120.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
+# 2.1.120.100.in-addr.arpa.		172800	IN	PTR  smtp.isp-a.sns.
+# " > /etc/nsd/1.120.100.in-addr.arpa.zone
+#
+# echo -e "zone:
+# 	name: \"1.120.100.in-addr.arpa.\"
+# 	zonefile: \"1.120.100.in-addr.arpa.zone\"
+# " >> /etc/nsd/nsd.conf
+
+
+
+# 2.1.120.100.in-addr.arpa.		172800  IN      PTR       smtp.isp-a.sns
+# 100.120.1.2
+
+
+
 #service nsd restart