From 29d9971ed79519e64bfa207e8fffddb166064f6c Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zolt=C3=A1n=20Felleg?= Date: Fri, 1 Dec 2023 20:40:58 +0100 Subject: [PATCH] Updated ns{1,2}.in (added qqcs source name server to transfer from). --- .../postinstall/install-data/etc/named.conf | 98 ++++++++++--------- .../postinstall/install-data/etc/named.conf | 98 ++++++++++--------- 2 files changed, 108 insertions(+), 88 deletions(-) diff --git a/sources/ns1.in/c3d/postinstall/install-data/etc/named.conf b/sources/ns1.in/c3d/postinstall/install-data/etc/named.conf index 0eda238..3eeb5bc 100644 --- a/sources/ns1.in/c3d/postinstall/install-data/etc/named.conf +++ b/sources/ns1.in/c3d/postinstall/install-data/etc/named.conf @@ -114,20 +114,28 @@ logging { }; key "source_ns-internal_ns1" { - algorithm hmac-sha256; - secret "tFwMOb5GqnRAGnrXAJiY4JcCGfHi7V4Ut4POvNj2vnM="; + algorithm hmac-sha256; + secret "tFwMOb5GqnRAGnrXAJiY4JcCGfHi7V4Ut4POvNj2vnM="; +}; + +key "peep_bo_sns-user_ns" { + algorithm hmac-sha256; + secret "ZDQIulfHT8CzthiczGLOJBi6APAv4wBuT4ZCDaw5jiQ="; }; acl internal_networks { 2001:1aa1:000a:7dae::/64; 10.228.0.0/16; 192.168.42.0/24; 192.168.43.0/24; }; acl vpn_client_network { 172.24.232.0/24; }; acl source_ns_key_acl { key "source_ns-internal_ns1"; }; +acl peep_bo_sns_key_acl { key "peep_bo_sns-user_ns"; }; -masters source_ns_master { 10.228.109.11 key "source_ns-internal_ns1"; }; +primaries source_ns_primary { 10.228.109.11 key "source_ns-internal_ns1"; }; +primaries peep_bo_sns_primary { 10.162.109.11 key "peep_bo_sns-user_ns"; }; server 10.228.109.11 { keys { "source_ns-internal_ns1"; }; }; +server 10.162.109.11 { keys { "peep_bo_sns-user_ns"; }; }; view "internal" { - match-clients { internal_networks; vpn_client_network; localhost; source_ns_key_acl; }; + match-clients { internal_networks; vpn_client_network; localhost; source_ns_key_acl; peep_bo_sns_key_acl; }; recursion yes; @@ -135,7 +143,7 @@ view "internal" { allow-query-cache { internal_networks; vpn_client_network; localhost; }; allow-recursion { internal_networks; vpn_client_network; localhost; }; - allow-notify { source_ns_key_acl; }; + allow-notify { source_ns_key_acl; peep_bo_sns_key_acl; }; notify no; include "/etc/named.rfc1912.zones"; @@ -143,101 +151,103 @@ view "internal" { # internal zones zone "in.user.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/in.user.hu.zone"; }; zone "43.168.192.in-addr.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/43.168.192.in-addr.arpa.zone"; }; zone "in.useribm.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/in.useribm.hu.zone"; }; zone "228.10.in-addr.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/228.10.in-addr.arpa.zone"; }; zone "e.a.d.7.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/e.a.d.7.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa.zone"; }; - #zone "mlx1.useribm.hu" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/mlx1.useribm.hu.zone"; - #}; - #zone "131.16.172.in-addr.arpa" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/131.16.172.in-addr.arpa.zone"; - #}; - #zone "mlx2.useribm.hu" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/mlx2.useribm.hu.zone"; - #}; - #zone "132.16.172.in-addr.arpa" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/132.16.172.in-addr.arpa.zone"; - #}; + zone "10g.useribm.hu" IN { + type slave; + primaries { source_ns_primary; }; + file "slaves/10g.useribm.hu.zone"; + }; + zone "107.24.172.in-addr.arpa" IN { + type slave; + primaries { source_ns_primary; }; + file "slaves/107.24.172.in-addr.arpa.zone"; + }; + zone "b.6.0.0.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa" IN { + type slave; + primaries { source_ns_primary; }; + file "slaves/b.6.0.0.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa.zone"; + }; zone "sr.user.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/sr.user.hu.zone"; }; zone "42.168.192.in-addr.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/42.168.192.in-addr.arpa.zone"; }; - #zone "usr.user.hu" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/usr.user.hu.zone"; - #}; # perimeter zones zone "pm.useribm.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/pm.useribm.hu.zone"; }; zone "173.168.192.in-addr.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/173.168.192.in-addr.arpa.zone"; }; zone "c.0.c.7.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/c.0.c.7.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa.zone"; }; # external zones zone "mediacube.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/mediacube.hu.zone.signed"; }; zone "useredms.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/useredms.hu.zone.signed"; }; zone "useribm.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/useribm.hu.zone.signed"; }; zone "userrendszerhaz.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/userrendszerhaz.hu.zone.signed"; }; + + # peep-bo zones + zone "in.qqcs.org" IN { + type slave; + primaries { peep_bo_sns_primary; }; + file "slaves/in.qqcs.org.zone.signed"; + }; + zone "162.10.in-addr.arpa" IN { + type slave; + primaries { peep_bo_sns_primary; }; + file "slaves/162.10.in-addr.arpa.zone"; + }; }; diff --git a/sources/ns2.in/c3d/postinstall/install-data/etc/named.conf b/sources/ns2.in/c3d/postinstall/install-data/etc/named.conf index 54639a9..00374cd 100644 --- a/sources/ns2.in/c3d/postinstall/install-data/etc/named.conf +++ b/sources/ns2.in/c3d/postinstall/install-data/etc/named.conf @@ -114,20 +114,28 @@ logging { }; key "source_ns-internal_ns2" { - algorithm hmac-sha256; - secret "8GgA5QFCrn3rx0skQOoZH5kdqPOSyx87IJ7Cg1ocvyA="; + algorithm hmac-sha256; + secret "8GgA5QFCrn3rx0skQOoZH5kdqPOSyx87IJ7Cg1ocvyA="; +}; + +key "peep_bo_sns-user_ns" { + algorithm hmac-sha256; + secret "ZDQIulfHT8CzthiczGLOJBi6APAv4wBuT4ZCDaw5jiQ="; }; acl internal_networks { 2001:1aa1:000a:7dae::/64; 10.228.0.0/16; 192.168.42.0/24; 192.168.43.0/24; }; acl vpn_client_network { 172.24.232.0/24; }; acl source_ns_key_acl { key "source_ns-internal_ns2"; }; +acl peep_bo_sns_key_acl { key "peep_bo_sns-user_ns"; }; -masters source_ns_master { 10.228.109.11 key "source_ns-internal_ns2"; }; +primaries source_ns_primary { 10.228.109.11 key "source_ns-internal_ns2"; }; +primaries peep_bo_sns_primary { 10.162.109.11 key "peep_bo_sns-user_ns"; }; server 10.228.109.11 { keys { "source_ns-internal_ns2"; }; }; +server 10.162.109.11 { keys { "peep_bo_sns-user_ns"; }; }; view "internal" { - match-clients { internal_networks; vpn_client_network; localhost; source_ns_key_acl; }; + match-clients { internal_networks; vpn_client_network; localhost; source_ns_key_acl; peep_bo_sns_key_acl; }; recursion yes; @@ -135,7 +143,7 @@ view "internal" { allow-query-cache { internal_networks; vpn_client_network; localhost; }; allow-recursion { internal_networks; vpn_client_network; localhost; }; - allow-notify { source_ns_key_acl; }; + allow-notify { source_ns_key_acl; peep_bo_sns_key_acl; }; notify no; include "/etc/named.rfc1912.zones"; @@ -143,101 +151,103 @@ view "internal" { # internal zones zone "in.user.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/in.user.hu.zone"; }; zone "43.168.192.in-addr.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/43.168.192.in-addr.arpa.zone"; }; zone "in.useribm.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/in.useribm.hu.zone"; }; zone "228.10.in-addr.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/228.10.in-addr.arpa.zone"; }; zone "e.a.d.7.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/e.a.d.7.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa.zone"; }; - #zone "mlx1.useribm.hu" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/mlx1.useribm.hu.zone"; - #}; - #zone "131.16.172.in-addr.arpa" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/131.16.172.in-addr.arpa.zone"; - #}; - #zone "mlx2.useribm.hu" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/mlx2.useribm.hu.zone"; - #}; - #zone "132.16.172.in-addr.arpa" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/132.16.172.in-addr.arpa.zone"; - #}; + zone "10g.useribm.hu" IN { + type slave; + primaries { source_ns_primary; }; + file "slaves/10g.useribm.hu.zone"; + }; + zone "107.24.172.in-addr.arpa" IN { + type slave; + primaries { source_ns_primary; }; + file "slaves/107.24.172.in-addr.arpa.zone"; + }; + zone "b.6.0.0.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa" IN { + type slave; + primaries { source_ns_primary; }; + file "slaves/b.6.0.0.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa.zone"; + }; zone "sr.user.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/sr.user.hu.zone"; }; zone "42.168.192.in-addr.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/42.168.192.in-addr.arpa.zone"; }; - #zone "usr.user.hu" IN { - # type slave; - # masters { source_ns_master; }; - # file "slaves/usr.user.hu.zone"; - #}; # perimeter zones zone "pm.useribm.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/pm.useribm.hu.zone"; }; zone "173.168.192.in-addr.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/173.168.192.in-addr.arpa.zone"; }; zone "c.0.c.7.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/c.0.c.7.a.0.0.0.1.a.a.1.1.0.0.2.ip6.arpa.zone"; }; # external zones zone "mediacube.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/mediacube.hu.zone.signed"; }; zone "useredms.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/useredms.hu.zone.signed"; }; zone "useribm.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/useribm.hu.zone.signed"; }; zone "userrendszerhaz.hu" IN { type slave; - masters { source_ns_master; }; + primaries { source_ns_primary; }; file "slaves/userrendszerhaz.hu.zone.signed"; }; + + # peep-bo zones + zone "in.qqcs.org" IN { + type slave; + primaries { peep_bo_sns_primary; }; + file "slaves/in.qqcs.org.zone.signed"; + }; + zone "162.10.in-addr.arpa" IN { + type slave; + primaries { peep_bo_sns_primary; }; + file "slaves/162.10.in-addr.arpa.zone"; + }; }; -- 2.54.0