157 lines
5.8 KiB
Bash
157 lines
5.8 KiB
Bash
#!/bin/bash
|
|
# Root NS template
|
|
set -e
|
|
if [ -z $SNSTERGUARD ] ; then exit 1; fi
|
|
DIR=`dirname $0`
|
|
cd `dirname $0`
|
|
|
|
# disable systemd-resolved which conflicts with nsd
|
|
echo "DNSStubListener=no" >> /etc/systemd/resolved.conf
|
|
systemctl stop systemd-resolved
|
|
|
|
apt-get update
|
|
DEBIAN_FRONTEND=noninteractive apt-get install -y nsd
|
|
|
|
# get root zone
|
|
wget "http://www.internic.net/domain/root.zone" -O /etc/nsd/root.zone
|
|
|
|
# customize root zone
|
|
# remove official roots
|
|
sed -i -e 's/^\.\s.*NS.*[a-m].root-servers.net.*//' /etc/nsd/root.zone
|
|
# add alternative milxc root
|
|
|
|
echo -e ". 518400 IN NS p.root-servers.net
|
|
p.root-servers.net 518400 IN A 100.100.1.10
|
|
p.root-servers.net 518400 IN AAAA 2001:db8:a001::10
|
|
" >> /etc/nsd/root.zone
|
|
|
|
|
|
# add .sns TLD served by 100.100.20.10
|
|
echo -e "sns. 518400 IN NS ns.sns.
|
|
ns.sns. 518400 IN A 100.100.20.10
|
|
ns.sns. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone
|
|
|
|
# customize nsd config
|
|
#echo -e "server:
|
|
# ip-address: 127.0.0.1
|
|
echo -e "zone:
|
|
name: \".\"
|
|
zonefile: \"root.zone\"
|
|
" > /etc/nsd/nsd.conf
|
|
|
|
# Reverse DNS
|
|
#sed -i -e 's/^arpa.*//' /etc/nsd/root.zone
|
|
#sed -i -e 's/^.\.ns\.arpa.*.*//' /etc/nsd/root.zone
|
|
|
|
## Racine
|
|
sed -i -e '/NSEC.*/d' /etc/nsd/root.zone
|
|
sed -i -e '/RRSIG.*/d' /etc/nsd/root.zone
|
|
sed -i -e '/DNSKEY.*/d' /etc/nsd/root.zone
|
|
sed -i -e '/DS.*/d' /etc/nsd/root.zone
|
|
sed -i -e '/^arpa.*/d' /etc/nsd/root.zone
|
|
sed -i -e '/^.\.ns\.arpa.*.*/d' /etc/nsd/root.zone
|
|
echo -e "arpa. 172800 IN NS p.ns.arpa.
|
|
p.ns.arpa. 172800 IN A 100.100.1.10
|
|
p.ns.arpa. 172800 IN AAAA 2001:db8:a001::10
|
|
" >> /etc/nsd/root.zone
|
|
|
|
## .arpa
|
|
wget "https://www.internic.net/domain/arpa.zone" -O /etc/nsd/arpa.zone
|
|
sed -i -e '/NSEC.*/d' /etc/nsd/arpa.zone
|
|
sed -i -e '/RRSIG.*/d' /etc/nsd/arpa.zone
|
|
sed -i -e '/DNSKEY.*/d' /etc/nsd/arpa.zone
|
|
sed -i -e '/DS.*/d' /etc/nsd/arpa.zone
|
|
sed -i -e '/^arpa\.\s.*NS.*[a-m].ns.arpa.*/d' /etc/nsd/arpa.zone
|
|
sed -i -e '/^in-addr.*/d' /etc/nsd/arpa.zone
|
|
sed -i -e '/^.\.in-addr.*/d' /etc/nsd/arpa.zone
|
|
echo -e "arpa. 172800 IN NS p.ns.arpa.
|
|
p.ns.arpa. 172800 IN A 100.100.1.10
|
|
p.ns.arpa. 172800 IN AAAA 2001:db8:a001::10
|
|
in-addr.arpa. 172800 IN NS p.in-addr-servers.arpa.
|
|
p.in-addr-servers.arpa. 172800 IN A 100.100.1.10
|
|
p.in-addr-servers.arpa. 172800 IN AAAA 2001:db8:a001::10
|
|
" >> /etc/nsd/arpa.zone
|
|
|
|
echo -e "zone:
|
|
name: \"arpa.\"
|
|
zonefile: \"arpa.zone\"
|
|
" >> /etc/nsd/nsd.conf
|
|
|
|
## .in-addr.arpa
|
|
wget "https://www.internic.net/domain/in-addr.arpa.zone" -O /etc/nsd/in-addr.arpa.zone
|
|
sed -i -e '/SOA.*/d' /etc/nsd/in-addr.arpa.zone
|
|
sed -i -e '/NSEC.*/d' /etc/nsd/in-addr.arpa.zone
|
|
sed -i -e '/RRSIG.*/d' /etc/nsd/in-addr.arpa.zone
|
|
sed -i -e '/DNSKEY.*/d' /etc/nsd/in-addr.arpa.zone
|
|
sed -i -e '/DS.*/d' /etc/nsd/in-addr.arpa.zone
|
|
sed -i -e '/^in-addr\.arpa\.\s.*NS.*[a-m].in-addr-servers.arpa.*/d' /etc/nsd/in-addr.arpa.zone
|
|
sed -i -e '/^100.*/d' /etc/nsd/in-addr.arpa.zone
|
|
echo -e "in-addr.arpa. 172800 IN NS p.ns.in-addr.arpa.
|
|
p.ns.in-addr.arpa. 172800 IN A 100.100.1.10
|
|
p.ns.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10
|
|
100.in-addr.arpa. 172800 IN NS p.100.in-addr.arpa.
|
|
p.100.in-addr.arpa. 172800 IN A 100.100.1.10
|
|
p.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10
|
|
in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
|
|
" >> /etc/nsd/in-addr.arpa.zone
|
|
|
|
echo -e "zone:
|
|
name: \"in-addr.arpa.\"
|
|
zonefile: \"in-addr.arpa.zone\"
|
|
" >> /etc/nsd/nsd.conf
|
|
|
|
|
|
|
|
# 100.in-addr.arpa
|
|
echo -e "100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
|
|
100.in-addr.arpa. 172800 IN NS p.ns.100.in-addr.arpa.
|
|
p.ns.100.in-addr.arpa. 172800 IN A 100.100.1.10
|
|
p.ns.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10
|
|
120.100.in-addr.arpa. 172800 IN NS p.120.100.in-addr.arpa.
|
|
p.120.100.in-addr.arpa. 172800 IN A 100.120.1.2
|
|
p.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:120:1::2
|
|
" > /etc/nsd/100.in-addr.arpa.zone
|
|
|
|
echo -e "zone:
|
|
name: \"100.in-addr.arpa.\"
|
|
zonefile: \"100.in-addr.arpa.zone\"
|
|
" >> /etc/nsd/nsd.conf
|
|
|
|
#
|
|
# # 120.100.in-addr.arpa
|
|
# echo -e "120.100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
|
|
# 120.100.in-addr.arpa. 172800 IN NS p.ns.120.100.in-addr.arpa.
|
|
# p.ns.120.100.in-addr.arpa. 172800 IN A 100.100.1.10
|
|
# p.ns.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10
|
|
# 1.120.100.in-addr.arpa. 172800 IN NS p.1.120.100.in-addr.arpa.
|
|
# p.1.120.100.in-addr.arpa. 172800 IN A 100.100.1.10
|
|
# p.1.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10
|
|
# " > /etc/nsd/120.100.in-addr.arpa.zone
|
|
#
|
|
# echo -e "zone:
|
|
# name: \"120.100.in-addr.arpa.\"
|
|
# zonefile: \"120.100.in-addr.arpa.zone\"
|
|
# " >> /etc/nsd/nsd.conf
|
|
#
|
|
# # 1.120.100.in-addr.arpa
|
|
# echo -e "1.120.100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
|
|
# 1.120.100.in-addr.arpa. 172800 IN NS p.ns.1.120.100.in-addr.arpa.
|
|
# p.ns.1.120.100.in-addr.arpa. 172800 IN A 100.100.1.10
|
|
# p.ns.1.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10
|
|
# 2.1.120.100.in-addr.arpa. 172800 IN PTR smtp.isp-a.sns.
|
|
# " > /etc/nsd/1.120.100.in-addr.arpa.zone
|
|
#
|
|
# echo -e "zone:
|
|
# name: \"1.120.100.in-addr.arpa.\"
|
|
# zonefile: \"1.120.100.in-addr.arpa.zone\"
|
|
# " >> /etc/nsd/nsd.conf
|
|
|
|
|
|
|
|
# 2.1.120.100.in-addr.arpa. 172800 IN PTR smtp.isp-a.sns
|
|
# 100.120.1.2
|
|
|
|
|
|
|
|
#service nsd restart
|