--- /dev/null
+; -*- zone -*-
+$TTL 30
+@ IN SOA cmc.b8.nz. postmaster.iankelling.org. (
+ 2021030716 ; serial
+ 1d 1d 4w 1M ; refresh retry expire minimum
+ )
+@ NS cmc.b8.nz.
+;; systemd overrides 1 with _gateway, when its the gateway. laaame.
+1 PTR cmc.b8.nz.
+2 PTR kd.b8.nz.
+3 PTR sy.b8.nz.
+4 PTR wrt2.b8.nz.
+5 PTR x2.b8.nz.
+6 PTR x2w.b8.nz.
+7 PTR syw.b8.nz.
+8 PTR amy.b8.nz.
+9 PTR bb8.b8.nz.
+12 PTR demohost.b8.nz.
+14 PTR wrt3.b8.nz.
+19 PTR brother.b8.nz.
+23 PTR amyw.b8.nz.
+25 PTR hp.b8.nz.
+;; todo: add transmission
--- /dev/null
+// This is the primary configuration file for the BIND DNS server named.
+
+// deploy with:
+// named-checkconf named.conf && named-checkzone 0.2.10.in-addr db.0.2.10.in-addr.arpa && scp named.conf db.0.2.10.in-addr.arpa 10.2.0.1:/etc/bind; ssh 10.2.0.1 /etc/init.d/named restart
+
+
+options {
+
+ listen-on { localnets; localhost; };
+ listen-on-v6 { localnets; localhost; };
+ directory "/tmp";
+
+ // If your ISP provided one or more IP addresses for stable
+ // nameservers, you probably want to use them as forwarders.
+ // Uncomment the following block, and insert the addresses replacing
+ // the all-0's placeholder.
+
+
+ auth-nxdomain no; # conform to RFC1035
+};
+
+#acl trusted { 10.2.0.7; 10.2.0.3; 10.2.0.2; };
+acl "trusted" { 10.2.0.7; };
+view "trusted" {
+ match-clients { "trusted"; };
+ forwarders {
+ 1.1.1.1 ;
+ 1.0.0.1 ;
+ 2606:4700:4700::1111 ;
+ 2606:4700:4700::1001 ;
+ };
+ forward only ;
+
+ // prime the server with knowledge of the root servers
+ zone "." {
+ type hint;
+ file "/etc/bind/db.root";
+ };
+
+ // be authoritative for the localhost forward and reverse zones, and for
+ // broadcast zones as per RFC 1912
+
+ zone "localhost" {
+ type master;
+ file "/etc/bind/db.local";
+ };
+
+ zone "127.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.127";
+ };
+
+ zone "0.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.0";
+ };
+
+ zone "255.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.255";
+ };
+
+ zone "0.2.10.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.0.2.10.in-addr.arpa";
+ };
+};
+
+
+acl "guest" { localnets; localhost; };
+view "guest" {
+ match-clients { "guest"; };
+
+ forwarders {
+ 1.1.1.3 ;
+ 1.0.0.3 ;
+ 2606:4700:4700::1113 ;
+ 2606:4700:4700::1003 ;
+ };
+ forward only ;
+ // prime the server with knowledge of the root servers
+ zone "." {
+ type hint;
+ file "/etc/bind/db.root";
+ };
+
+ // be authoritative for the localhost forward and reverse zones, and for
+ // broadcast zones as per RFC 1912
+
+ zone "localhost" {
+ type master;
+ file "/etc/bind/db.local";
+ };
+
+ zone "127.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.127";
+ };
+
+ zone "0.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.0";
+ };
+
+ zone "255.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.255";
+ };
+
+ zone "0.2.10.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.0.2.10.in-addr.arpa";
+ };
+};
--- /dev/null
+// This is the primary configuration file for the BIND DNS server named.
+
+options {
+ directory "/tmp";
+
+ // If your ISP provided one or more IP addresses for stable
+ // nameservers, you probably want to use them as forwarders.
+ // Uncomment the following block, and insert the addresses replacing
+ // the all-0's placeholder.
+
+ // forwarders {
+ // 0.0.0.0;
+ // };
+
+ auth-nxdomain no; # conform to RFC1035
+};
+
+// prime the server with knowledge of the root servers
+zone "." {
+ type hint;
+ file "/etc/bind/db.root";
+};
+
+// be authoritative for the localhost forward and reverse zones, and for
+// broadcast zones as per RFC 1912
+
+zone "localhost" {
+ type master;
+ file "/etc/bind/db.local";
+};
+
+zone "127.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.127";
+};
+
+zone "0.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.0";
+};
+
+zone "255.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.255";
+};
# if you delete it, it goes back to the default. this seems
# to be a decent workaround.
# todo: setup /etc/resolv.conf to point to 127.0.0.1
-uset dhcp.@dnsmasq[0].resolvfile=/dev/null
+uset dhcp.@dnsmasq[0].resolvfile /dev/null
+
+# by default it will send out ipv6 dns, like this
+# NetworkManager[953]: <info> [1614982580.5192] dhcp6 (wlan0): option dhcp6_name_servers => 'fd58:5801:8e02::1'
+# but i dont want ipv6 dns, just keep it simple to ipv4.
+uset dhcp.@odhcpd[0].dns 10.2.0.1
+
# disabled for now. i want to selectively enable it
# for specific hosts.
# to start.
mkdir -p /mnt/usb/tftpboot
v cedit /etc/dnsmasq.conf <<EOF || dnsmasq_restart=true
+# no dns
+port=0
server=/b8.nz/#
ptr-record=1.0.2.10.in-addr.arpa.,cmc.b8.nz
-ptr-record=2.0.2.10.in-addr.arpa.,kd.b8.nz
-ptr-record=3.0.2.10.in-addr.arpa.,sy.b8.nz
-ptr-record=4.0.2.10.in-addr.arpa.,wrt2.b8.nz
-ptr-record=5.0.2.10.in-addr.arpa.,x2.b8.nz
-ptr-record=6.0.2.10.in-addr.arpa.,xw2.b8.nz
-ptr-record=7.0.2.10.in-addr.arpa.,syw.b8.nz
-ptr-record=8.0.2.10.in-addr.arpa.,amy.b8.nz
-ptr-record=9.0.2.10.in-addr.arpa.,bb8.b8.nz
-ptr-record=12.0.2.10.in-addr.arpa.,demohost.b8.nz
-ptr-record=14.0.2.10.in-addr.arpa.,wrt3.b8.nz
-ptr-record=19.0.2.10.in-addr.arpa.,brother.b8.nz
-ptr-record=23.0.2.10.in-addr.arpa.,amyw.b8.nz
-ptr-record=25.0.2.10.in-addr.arpa.,hp.b8.nz
-ptr-record=.0.2.10.in-addr.arpa.,transmission.b8.nz
# https://ret2got.wordpress.com/2018/01/19/how-your-ethereum-can-be-stolen-using-dns-rebinding/
stop-dns-rebind
iankelling.org / git / automated-distro-installer / commitdiff