From 6092f80cb28744731971d938529faacf3354fa1f Mon Sep 17 00:00:00 2001 From: David Blacka Date: Sat, 25 Feb 2023 14:48:21 -0500 Subject: [PATCH] comment out "dead" zones; tweaks --- .gitignore | 2 + cfg/named.options.conf | 4 +- cfg/named.primary.conf | 287 +++++++++++++++++++++-------------------- run_bind.sh | 2 +- 4 files changed, 155 insertions(+), 140 deletions(-) diff --git a/.gitignore b/.gitignore index 6440bef..b6e3246 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,8 @@ cache log zones/secondary +zones/*.signed +zones/*.jnl # these were local development things reference diff --git a/cfg/named.options.conf b/cfg/named.options.conf index b469e4c..971d7e9 100644 --- a/cfg/named.options.conf +++ b/cfg/named.options.conf @@ -5,9 +5,9 @@ options { pid-file "/var/cache/bind/named.pid"; lock-file "/var/cache/bind/named.lock"; - listen-on { 127.0.0.1; 70.164.19.155; 70.164.19.156; }; + listen-on { any; }; listen-on-v6 { ::1; }; - allow-recursion { 127.0.0.1; ::1; }; + allow-recursion { 127.0.0.1; ::1; host.docker.internal; }; dnssec-validation yes; }; diff --git a/cfg/named.primary.conf b/cfg/named.primary.conf index 0d351bf..6271875 100644 --- a/cfg/named.primary.conf +++ b/cfg/named.primary.conf @@ -29,88 +29,96 @@ zone "ecotroph.net" { }; }; -zone "nortonbertram.com" { - type primary; - file "/var/lib/bind/nortonbertram.com"; - notify yes; - allow-transfer { - 127.0.0.1; - 202.157.185.115; - 202.157.182.142; - 64.151.105.12; - }; -}; +# Note: No longer registered +# zone "nortonbertram.com" { +# type primary; +# file "/var/lib/bind/nortonbertram.com"; +# notify yes; +# allow-transfer { +# 127.0.0.1; +# 202.157.185.115; +# 202.157.182.142; +# 64.151.105.12; +# }; +# }; -zone "hxr.us" { - type primary; - file "/var/lib/bind/hxr.us"; - notify yes; - allow-transfer { - 127.0.0.1; - 66.92.146.115; - 204.109.61.194; - 66.92.146.160; - 64.151.105.12; - }; -}; +# Note: hosted by directnic.com +# zone "hxr.us" { +# type primary; +# file "/var/lib/bind/hxr.us"; +# notify yes; +# allow-transfer { +# 127.0.0.1; +# 66.92.146.115; +# 204.109.61.194; +# 66.92.146.160; +# 64.151.105.12; +# }; +# }; -zone "fcdissident.us" { - type primary; - file "/var/lib/bind/fcdissident.us"; - notify yes; - allow-transfer { - 127.0.0.1; - 66.92.146.115; - 204.109.61.194; - 66.92.146.160; - 64.151.105.12; - }; -}; +# Note: no longer registered +# zone "fcdissident.us" { +# type primary; +# file "/var/lib/bind/fcdissident.us"; +# notify yes; +# allow-transfer { +# 127.0.0.1; +# 66.92.146.115; +# 204.109.61.194; +# 66.92.146.160; +# 64.151.105.12; +# }; +# }; +# Note: no longer registered zone "fallschurchdissident.us" { - type primary; - file "/var/lib/bind/fallschurchdissident.us"; - notify yes; - allow-transfer { - 127.0.0.1; - 66.92.146.115; - 204.109.61.194; - 66.92.146.160; - 64.151.105.12; - }; -}; +# type primary; +# file "/var/lib/bind/fallschurchdissident.us"; +# notify yes; +# allow-transfer { +# 127.0.0.1; +# 66.92.146.115; +# 204.109.61.194; +# 66.92.146.160; +# 64.151.105.12; +# }; +# }; +# Note: no longer registered zone "fallschurchdissident.com" { - type primary; - file "/var/lib/bind/fallschurchdissident.com"; - notify yes; - allow-transfer { - 127.0.0.1; - 66.92.146.115; - 204.109.61.194; - 66.92.146.160; - 64.151.105.12; - }; -}; +# type primary; +# file "/var/lib/bind/fallschurchdissident.com"; +# notify yes; +# allow-transfer { +# 127.0.0.1; +# 66.92.146.115; +# 204.109.61.194; +# 66.92.146.160; +# 64.151.105.12; +# }; +# }; -zone "t.hxr.us" { - type primary; - file "/var/lib/bind/t.hxr.us"; - allow-transfer { - 127.0.0.1; - 64.151.105.12; - }; -}; +# Note: not registered +# zone "t.hxr.us" { +# type primary; +# file "/var/lib/bind/t.hxr.us"; +# allow-transfer { +# 127.0.0.1; +# 64.151.105.12; +# }; +# }; + +# Note: not registered +# zone "dyn.hxr.us" { +# type primary; +# file "/var/lib/bind/dyn/dyn.hxr.us"; +# allow-transfer { +# 127.0.0.1; +# 64.151.105.12; +# }; +# update-policy { grant * self * A; }; +# }; -zone "dyn.hxr.us" { - type primary; - file "/var/lib/bind/dyn/dyn.hxr.us"; - allow-transfer { - 127.0.0.1; - 64.151.105.12; - }; - update-policy { grant * self * A; }; -}; zone "kosters.net" { type primary; @@ -160,70 +168,75 @@ zone "bjmk.com" { }; }; -zone "gracecrc.org" { - type primary; - file "/var/lib/bind/gracecrc.org"; - notify yes; - also-notify { - 65.201.175.12; - 66.92.146.115; - 204.109.61.194; - }; - allow-transfer { - 127.0.0.1; - 65.201.175.11; - 65.201.175.12; - 64.151.105.12; - 64.22.125.99; - 70.164.18.40; - 70.164.18.41; - 70.164.18.42; - 207.234.133.162; - key zeke-ogud2.; - key zeke-ogud3.; - }; -}; +# Note: hosted elsewhere +# zone "gracecrc.org" { +# type primary; +# file "/var/lib/bind/gracecrc.org"; +# notify yes; +# also-notify { +# 65.201.175.12; +# 66.92.146.115; +# 204.109.61.194; +# }; +# allow-transfer { +# 127.0.0.1; +# 65.201.175.11; +# 65.201.175.12; +# 64.151.105.12; +# 64.22.125.99; +# 70.164.18.40; +# 70.164.18.41; +# 70.164.18.42; +# 207.234.133.162; +# key zeke-ogud2.; +# key zeke-ogud3.; +# }; +# }; -zone "toscano.org" { - type primary; - file "/var/lib/bind/toscano.org"; - notify yes; - allow-transfer { - 127.0.0.1; - 202.157.185.115; - 202.157.182.142; - }; -}; +# Note: hosted by gkg.net +# zone "toscano.org" { +# type primary; +# file "/var/lib/bind/toscano.org"; +# notify yes; +# allow-transfer { +# 127.0.0.1; +# 202.157.185.115; +# 202.157.182.142; +# }; +# }; -zone "prevelige.org" { - type primary; - file "/var/lib/bind/prevelige.org"; - notify yes; - allow-transfer { - 127.0.0.1; - 202.157.185.115; - 202.157.182.142; - }; -}; +# Note: hosted by gkg.net +# zone "prevelige.org" { +# type primary; +# file "/var/lib/bind/prevelige.org"; +# notify yes; +# allow-transfer { +# 127.0.0.1; +# 202.157.185.115; +# 202.157.182.142; +# }; +# }; -zone "duffyfamily.me" { - type primary; - file "/var/lib/bind/duffyfamily.me"; - notify yes; - allow-transfer { - 127.0.0.1; - 202.157.185.115; - 202.157.182.142; - }; -}; +# Note: expired/directnic.com +# zone "duffyfamily.me" { +# type primary; +# file "/var/lib/bind/duffyfamily.me"; +# notify yes; +# allow-transfer { +# 127.0.0.1; +# 202.157.185.115; +# 202.157.182.142; +# }; +# }; -zone "littlebit.us" { - type primary; - file "/var/lib/bind/littlebit.us"; - notify yes; - allow-transfer { - 127.0.0.1; - 202.157.185.115; - 202.157.182.142; - }; -}; +# Note: hosted by worldnic(!).com +# zone "littlebit.us" { +# type primary; +# file "/var/lib/bind/littlebit.us"; +# notify yes; +# allow-transfer { +# 127.0.0.1; +# 202.157.185.115; +# 202.157.182.142; +# }; +# }; diff --git a/run_bind.sh b/run_bind.sh index 5ff5bd6..2ddda78 100755 --- a/run_bind.sh +++ b/run_bind.sh @@ -7,9 +7,9 @@ BASE_CONF_DIR=/etc/bind # shellcheck disable=SC2086 docker run $ARGS \ - -ti --entrypoint=/bin/bash \ --rm \ --name=bind9 \ + --add-host=host.docker.internal:host-gateway \ --publish "$RNDC_PORT:953/tcp" \ --publish "$DNS_PORT:53/udp" \ --publish "$DNS_PORT:53/tcp" \