Date: Tue, 12 Nov 2013 10:59:20 +0000 (UTC) From: Erwin Lansing <erwin@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r333563 - in head/dns/bind99: . files Message-ID: <201311121059.rACAxKwM097976@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: erwin Date: Tue Nov 12 10:59:20 2013 New Revision: 333563 URL: http://svnweb.freebsd.org/changeset/ports/333563 Log: Support FreeBSD 10.0. On FreeBSD 10.0, all configuration is installed under /usr/local/etc/namedb and installs its own rc script in $PREFIX, which no longer support chroot installations. LINKS and REPLACE_BASE options are not supported on 10.0 for obvious reasons. Note for FreeBSD 9.x and earlier users, LINKS is no longer the default option, though still supported. Added: head/dns/bind99/files/ head/dns/bind99/files/empty.db (contents, props changed) head/dns/bind99/files/localhost-forward.db (contents, props changed) head/dns/bind99/files/localhost-reverse.db (contents, props changed) head/dns/bind99/files/named (contents, props changed) head/dns/bind99/files/named.conf (contents, props changed) head/dns/bind99/files/named.root (contents, props changed) Modified: head/dns/bind99/Makefile head/dns/bind99/pkg-plist Modified: head/dns/bind99/Makefile ============================================================================== --- head/dns/bind99/Makefile Tue Nov 12 10:51:38 2013 (r333562) +++ head/dns/bind99/Makefile Tue Nov 12 10:59:20 2013 (r333563) @@ -26,7 +26,7 @@ CONFIGURE_ARGS= --localstatedir=/var --d CONFLICTS= bind9*-9.[45678].* bind9*-sdb-9.[45678].* bind-tools-9.* -OPTIONS_DEFAULT= IPV6 SSL LINKS XML THREADS +OPTIONS_DEFAULT= IPV6 SSL XML THREADS OPTIONS_DEFINE= SSL IDN REPLACE_BASE LARGE_FILE \ FIXED_RRSET SIGCHASE IPV6 THREADS GSSAPI FILTER_AAAA .if !defined(BIND_TOOLS_SLAVE) @@ -175,14 +175,24 @@ IGNORE= REPLACE_BASE option is not supp PKGNAMESUFFIX= -base PREFIX= /usr BIND_DESTETC= /etc/namedb -CONFIGURE_ARGS+= --prefix=${PREFIX} \ - --sysconfdir=${BIND_DESTETC} +.else +.if ${OSVERSION} >= 1000500 +BIND_DESTETC= ${PREFIX}/etc/namedb .else BIND_DESTETC= ${PREFIX}/etc .endif +.endif +CONFIGURE_ARGS+= --prefix=${PREFIX} \ + --sysconfdir=${BIND_DESTETC} PLIST_SUB+= BIND_DESTETC="${BIND_DESTETC}" +.if ${OSVERSION} >= 1000500 +PLIST_SUB+= NOBASE="" +.else +PLIST_SUB+= NOBASE="@comment " +.endif + MAN1?= arpaname.1 dig.1 host.1 isc-config.sh.1 nslookup.1 nsupdate.1 .if !defined(BIND_TOOLS_SLAVE) MAN3= lwres.3 lwres_addr_parse.3 lwres_buffer.3 lwres_buffer_add.3 \ @@ -250,8 +260,6 @@ post-patch: PORTDOCS= * .endif post-install: - ${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \ - ${BIND_DESTETC}/rndc.conf.sample .if ${PORT_OPTIONS:MDOCS} ${MKDIR} ${DOCSDIR}/arm ${DOCSDIR}/misc ${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${DOCSDIR}/arm @@ -260,10 +268,31 @@ post-install: ${CP} ${WRKSRC}/CHANGES ${WRKSRC}/COPYRIGHT ${WRKSRC}/FAQ \ ${WRKSRC}/HISTORY ${WRKSRC}/README ${DOCSDIR}/ .endif -.if ${PORT_OPTIONS:MLINKS} && empty(PORT_OPTIONS:MREPLACE_BASE) +.if ${OSVERSION} >= 1000500 +.for FILE in named named.conf + ${SED} -e 's#%%PREFIX%%#${PREFIX}#g' \ + -e 's#%%BIND_DESTETC%%#${BIND_DESTETC}#g' \ + ${FILESDIR}/${FILE} > ${WRKDIR}/${FILE} +.endfor + ${INSTALL_SCRIPT} ${WRKDIR}/named ${PREFIX}/etc/rc.d + ${MKDIR} ${BIND_DESTETC} +.for DIR in dynamic master slave working + ${MKDIR} ${BIND_DESTETC}/${DIR} +.endfor +.for DIR in dynamic slave working + ${CHOWN} bind:bind ${BIND_DESTETC}/${DIR} +.endfor + ${INSTALL_DATA} ${WRKDIR}/named.conf ${BIND_DESTETC} + ${INSTALL_DATA} ${FILESDIR}/named.root ${BIND_DESTETC} + ${INSTALL_DATA} ${FILESDIR}/empty.db ${BIND_DESTETC}/master + ${INSTALL_DATA} ${FILESDIR}/localhost-forward.db ${BIND_DESTETC}/master + ${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db ${BIND_DESTETC}/master +.elif ${PORT_OPTIONS:MLINKS} && empty(PORT_OPTIONS:MREPLACE_BASE) PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL .endif + ${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \ + ${BIND_DESTETC}/rndc.conf.sample @${CAT} ${PKGMESSAGE} .endif # BIND_TOOLS_SLAVE Added: head/dns/bind99/files/empty.db ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/bind99/files/empty.db Tue Nov 12 10:59:20 2013 (r333563) @@ -0,0 +1,11 @@ + +; $FreeBSD$ + +$TTL 3h +@ SOA @ nobody.localhost. 42 1d 12h 1w 3h + ; Serial, Refresh, Retry, Expire, Neg. cache TTL + +@ NS @ + +; Silence a BIND warning +@ A 127.0.0.1 Added: head/dns/bind99/files/localhost-forward.db ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/bind99/files/localhost-forward.db Tue Nov 12 10:59:20 2013 (r333563) @@ -0,0 +1,11 @@ + +; $FreeBSD$ + +$TTL 3h +localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h + ; Serial, Refresh, Retry, Expire, Neg. cache TTL + + NS localhost. + + A 127.0.0.1 + AAAA ::1 Added: head/dns/bind99/files/localhost-reverse.db ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/bind99/files/localhost-reverse.db Tue Nov 12 10:59:20 2013 (r333563) @@ -0,0 +1,13 @@ + +; $FreeBSD$ + +$TTL 3h +@ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h + ; Serial, Refresh, Retry, Expire, Neg. cache TTL + + NS localhost. + +1.0.0 PTR localhost. + +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost. + Added: head/dns/bind99/files/named ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/bind99/files/named Tue Nov 12 10:59:20 2013 (r333563) @@ -0,0 +1,204 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: named +# REQUIRE: SERVERS FILESYSTEMS +# KEYWORD: shutdown + +. /etc/rc.subr + +name="named" +rcvar=named_enable + +extra_commands="reload" + +start_precmd="named_prestart" +start_postcmd="named_poststart" +reload_cmd="named_reload" +stop_cmd="named_stop" + +named_enable="NO" # Run named, the DNS server (or NO). +named_program="%%PREFIX%%/sbin/named" # Path to named, if you want a different one. +named_conf="%%BIND_DESTETC%%/named.conf" # Path to the configuration file +#named_flags="" # Use this for flags OTHER than -u and -c +named_uid="bind" # User to run named as +named_wait="NO" # Wait for working name service before exiting +named_wait_host="localhost" # Hostname to check if named_wait is enabled +named_auto_forward="NO" # Set up forwarders from /etc/resolv.conf +named_auto_forward_only="NO" # Do "forward only" instead of "forward first" + +named_poststart() { + if checkyesno named_wait; then + until ${command%/sbin/named}/bin/host $named_wait_host >/dev/null 2>&1; do + echo " Waiting for nameserver to resolve $named_wait_host" + sleep 1 + done + fi +} + +named_reload() +{ + ${command%/named}/rndc reload +} + +find_pidfile() +{ + if get_pidfile_from_conf pid-file $named_conf; then + pidfile="$_pidfile_from_conf" + else + pidfile="/var/run/named/pid" + fi +} + +named_stop() +{ + find_pidfile + + # This duplicates an undesirably large amount of code from the stop + # routine in rc.subr in order to use rndc to shut down the process, + # and to give it a second chance in case rndc fails. + rc_pid=$(check_pidfile $pidfile $command) + if [ -z "$rc_pid" ]; then + [ -n "$rc_fast" ] && return 0 + _run_rc_notrunning + return 1 + fi + echo 'Stopping named.' + if ${command%/named}/rndc stop 2>/dev/null; then + wait_for_pids $rc_pid + else + echo -n 'rndc failed, trying kill: ' + kill -TERM $rc_pid + wait_for_pids $rc_pid + fi +} + +create_file() { + if [ -e "$1" ]; then + unlink $1 + fi + > $1 + chown root:wheel $1 + chmod 644 $1 +} + +named_prestart() +{ + find_pidfile + + if [ -n "$named_pidfile" ]; then + warn 'named_pidfile: now determined from the conf file' + fi + + command_args="-u ${named_uid:=root}" + + if [ ! "$named_conf" = '/etc/namedb/named.conf' ]; then + case "$named_flags" in + -c*|*' -c'*) ;; # No need to add it + *) command_args="-c $named_conf $command_args" ;; + esac + fi + + local line nsip firstns + + # Create an rndc.key file for the user if none exists + # + confgen_command="${command%/named}/rndc-confgen -a -b256 -u $named_uid \ + -c ${named_confdir}/rndc.key" + if [ -s "${named_confdir}/rndc.conf" ]; then + unset confgen_command + fi + if [ -s "${named_confdir}/rndc.key" ]; then + case `stat -f%Su ${named_confdir}/rndc.key` in + root|$named_uid) ;; + *) $confgen_command ;; + esac + else + $confgen_command + fi + + local checkconf + + checkconf="${command%/named}/named-checkconf" + + # Create a forwarder configuration based on /etc/resolv.conf + if checkyesno named_auto_forward; then + if [ ! -s /etc/resolv.conf ]; then + warn "named_auto_forward enabled, but no /etc/resolv.conf" + + # Empty the file in case it is included in named.conf + [ -s "${named_confdir}/auto_forward.conf" ] && + create_file ${named_confdir}/auto_forward.conf + + $checkconf $named_conf || + err 3 'named-checkconf for $named_conf failed' + return + fi + + create_file /var/run/naf-resolv.conf + create_file /var/run/auto_forward.conf + + echo ' forwarders {' > /var/run/auto_forward.conf + + while read line; do + case "$line" in + 'nameserver '*|'nameserver '*) + nsip=${line##nameserver[ ]} + + if [ -z "$firstns" ]; then + if [ ! "$nsip" = '127.0.0.1' ]; then + echo 'nameserver 127.0.0.1' + echo " ${nsip};" >> /var/run/auto_forward.conf + fi + + firstns=1 + else + [ "$nsip" = '127.0.0.1' ] && continue + echo " ${nsip};" >> /var/run/auto_forward.conf + fi + ;; + esac + + echo $line + done < /etc/resolv.conf > /var/run/naf-resolv.conf + + echo ' };' >> /var/run/auto_forward.conf + echo '' >> /var/run/auto_forward.conf + if checkyesno named_auto_forward_only; then + echo " forward only;" >> /var/run/auto_forward.conf + else + echo " forward first;" >> /var/run/auto_forward.conf + fi + + if cmp -s /etc/resolv.conf /var/run/naf-resolv.conf; then + unlink /var/run/naf-resolv.conf + else + [ -e /etc/resolv.conf ] && unlink /etc/resolv.conf + mv /var/run/naf-resolv.conf /etc/resolv.conf + fi + + if cmp -s ${named_confdir}/auto_forward.conf \ + /var/run/auto_forward.conf; then + unlink /var/run/auto_forward.conf + else + [ -e "${named_confdir}/auto_forward.conf" ] && + unlink ${named_confdir}/auto_forward.conf + mv /var/run/auto_forward.conf \ + ${named_confdir}/auto_forward.conf + fi + else + # Empty the file in case it is included in named.conf + [ -s "${named_confdir}/auto_forward.conf" ] && + create_file ${named_confdir}/auto_forward.conf + fi + + $checkconf $named_conf || err 3 'named-checkconf for $named_conf failed' +} + +load_rc_config $name + +named_confdir="${named_conf%/*}" + +run_rc_command "$1" Added: head/dns/bind99/files/named.conf ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/bind99/files/named.conf Tue Nov 12 10:59:20 2013 (r333563) @@ -0,0 +1,360 @@ +// $FreeBSD$ +// +// Refer to the named.conf(5) and named(8) man pages, and the documentation +// in /usr/share/doc/bind9 for more details. +// +// If you are going to set up an authoritative server, make sure you +// understand the hairy details of how DNS works. Even with +// simple mistakes, you can break connectivity for affected parties, +// or cause huge amounts of useless Internet traffic. + +options { + // All file and path names are relative to the chroot directory, + // if any, and should be fully qualified. + directory "%%BIND_DESTETC%%/working"; + pid-file "/var/run/named/pid"; + dump-file "/var/dump/named_dump.db"; + statistics-file "/var/stats/named.stats"; + +// If named is being used only as a local resolver, this is a safe default. +// For named to be accessible to the network, comment this option, specify +// the proper IP address, or delete this option. + listen-on { 127.0.0.1; }; + +// If you have IPv6 enabled on this system, uncomment this option for +// use as a local resolver. To give access to the network, specify +// an IPv6 address, or the keyword "any". +// listen-on-v6 { ::1; }; + +// These zones are already covered by the empty zones listed below. +// If you remove the related empty zones below, comment these lines out. + disable-empty-zone "255.255.255.255.IN-ADDR.ARPA"; + disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"; + disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA"; + +// If you've got a DNS server around at your upstream provider, enter +// its IP address here, and enable the line below. This will make you +// benefit from its cache, thus reduce overall DNS traffic in the Internet. +/* + forwarders { + 127.0.0.1; + }; +*/ + +// If the 'forwarders' clause is not empty the default is to 'forward first' +// which will fall back to sending a query from your local server if the name +// servers in 'forwarders' do not have the answer. Alternatively you can +// force your name server to never initiate queries of its own by enabling the +// following line: +// forward only; + +// If you wish to have forwarding configured automatically based on +// the entries in /etc/resolv.conf, uncomment the following line and +// set named_auto_forward=yes in /etc/rc.conf. You can also enable +// named_auto_forward_only (the effect of which is described above). +// include "/etc/namedb/auto_forward.conf"; + + /* + Modern versions of BIND use a random UDP port for each outgoing + query by default in order to dramatically reduce the possibility + of cache poisoning. All users are strongly encouraged to utilize + this feature, and to configure their firewalls to accommodate it. + + AS A LAST RESORT in order to get around a restrictive firewall + policy you can try enabling the option below. Use of this option + will significantly reduce your ability to withstand cache poisoning + attacks, and should be avoided if at all possible. + + Replace NNNNN in the example with a number between 49160 and 65530. + */ + // query-source address * port NNNNN; +}; + +// If you enable a local name server, don't forget to enter 127.0.0.1 +// first in your /etc/resolv.conf so this server will be queried. +// Also, make sure to enable it in /etc/rc.conf. + +// The traditional root hints mechanism. Use this, OR the slave zones below. +zone "." { type hint; file "%%BIND_DESTETC%%/named.root"; }; + +/* Slaving the following zones from the root name servers has some + significant advantages: + 1. Faster local resolution for your users + 2. No spurious traffic will be sent from your network to the roots + 3. Greater resilience to any potential root server failure/DDoS + + On the other hand, this method requires more monitoring than the + hints file to be sure that an unexpected failure mode has not + incapacitated your server. Name servers that are serving a lot + of clients will benefit more from this approach than individual + hosts. Use with caution. + + To use this mechanism, uncomment the entries below, and comment + the hint zone above. + + As documented at http://dns.icann.org/services/axfr/ these zones: + "." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and ROOT-SERVERS.NET + are available for AXFR from these servers on IPv4 and IPv6: + xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org +*/ +/* +zone "." { + type slave; + file "/etc/namedb/slave/root.slave"; + masters { + 192.5.5.241; // F.ROOT-SERVERS.NET. + }; + notify no; +}; +zone "arpa" { + type slave; + file "/etc/namedb/slave/arpa.slave"; + masters { + 192.5.5.241; // F.ROOT-SERVERS.NET. + }; + notify no; +}; +*/ + +/* Serving the following zones locally will prevent any queries + for these zones leaving your network and going to the root + name servers. This has two significant advantages: + 1. Faster local resolution for your users + 2. No spurious traffic will be sent from your network to the roots +*/ +// RFCs 1912, 5735 and 6303 (and BCP 32 for localhost) +zone "localhost" { type master; file "%%BIND_DESTETC%%/master/localhost-forward.db"; }; +zone "127.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/localhost-reverse.db"; }; +zone "255.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// RFC 1912-style zone for IPv6 localhost address (RFC 6303) +zone "0.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/localhost-reverse.db"; }; + +// "This" Network (RFCs 1912, 5735 and 6303) +zone "0.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// Private Use Networks (RFCs 1918, 5735 and 6303) +zone "10.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "16.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "17.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "18.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "19.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "20.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "21.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "22.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "23.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "24.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "25.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "26.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "27.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "28.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "29.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "30.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "31.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "168.192.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// Shared Address Space (RFC 6598) +zone "64.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "65.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "66.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "67.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "68.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "69.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "70.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "71.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "72.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "73.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "74.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "75.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "76.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "77.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "78.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "79.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "80.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "81.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "82.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "83.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "84.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "85.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "86.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "87.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "88.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "89.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "90.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "91.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "92.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "93.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "94.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "95.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "96.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "97.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "98.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "99.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "100.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "101.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "102.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "103.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "104.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "105.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "106.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "107.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "108.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "109.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "110.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "111.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "112.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "113.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "114.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "115.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "116.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "117.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "118.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "119.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "120.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "121.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "122.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "123.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "124.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "125.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "126.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "127.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// Link-local/APIPA (RFCs 3927, 5735 and 6303) +zone "254.169.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// IETF protocol assignments (RFCs 5735 and 5736) +zone "0.0.192.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303) +zone "2.0.192.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "100.51.198.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "113.0.203.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// IPv6 Example Range for Documentation (RFCs 3849 and 6303) +zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// Domain Names for Documentation and Testing (BCP 32) +zone "test" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "example" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "invalid" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "example.com" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "example.net" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "example.org" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// Router Benchmark Testing (RFCs 2544 and 5735) +zone "18.198.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "19.198.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// IANA Reserved - Old Class E Space (RFC 5735) +zone "240.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "241.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "242.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "243.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "244.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "245.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "246.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "247.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "248.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "249.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "250.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "251.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "252.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "253.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "254.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// IPv6 Unassigned Addresses (RFC 4291) +zone "1.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "3.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "4.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "5.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "6.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "7.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "8.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "9.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "a.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "b.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "c.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "d.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "e.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "0.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "1.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "2.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "3.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "4.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "5.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "6.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "7.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "8.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "9.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "a.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "b.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "0.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "1.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "2.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "3.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "4.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "5.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "6.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "7.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// IPv6 ULA (RFCs 4193 and 6303) +zone "c.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "d.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// IPv6 Link Local (RFCs 4291 and 6303) +zone "8.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "9.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "a.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "b.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303) +zone "c.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "d.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "e.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; +zone "f.e.f.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// IP6.INT is Deprecated (RFC 4159) +zone "ip6.int" { type master; file "%%BIND_DESTETC%%/master/empty.db"; }; + +// NB: Do not use the IP addresses below, they are faked, and only +// serve demonstration/documentation purposes! +// +// Example slave zone config entries. It can be convenient to become +// a slave at least for the zone your own domain is in. Ask +// your network administrator for the IP address of the responsible +// master name server. +// +// Do not forget to include the reverse lookup zone! +// This is named after the first bytes of the IP address, in reverse +// order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6. +// +// Before starting to set up a master zone, make sure you fully +// understand how DNS and BIND work. There are sometimes +// non-obvious pitfalls. Setting up a slave zone is usually simpler. +// +// NB: Don't blindly enable the examples below. :-) Use actual names +// and addresses instead. + +/* An example dynamic zone +key "exampleorgkey" { + algorithm hmac-md5; + secret "sf87HJqjkqh8ac87a02lla=="; +}; +zone "example.org" { + type master; + allow-update { + key "exampleorgkey"; + }; + file "/etc/namedb/dynamic/example.org"; +}; +*/ + +/* Example of a slave reverse zone +zone "1.168.192.in-addr.arpa" { + type slave; + file "/etc/namedb/slave/1.168.192.in-addr.arpa"; + masters { + 192.168.1.1; + }; +}; +*/ Added: head/dns/bind99/files/named.root ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/bind99/files/named.root Tue Nov 12 10:59:20 2013 (r333563) @@ -0,0 +1,92 @@ +; +; $FreeBSD$ +; + +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . <file>" +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: Jan 3, 2013 +; related version of root zone: 2013010300 +; +; formerly NS.INTERNIC.NET +; +. 3600000 IN NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35 +; End of File Modified: head/dns/bind99/pkg-plist ============================================================================== --- head/dns/bind99/pkg-plist Tue Nov 12 10:51:38 2013 (r333562) +++ head/dns/bind99/pkg-plist Tue Nov 12 10:59:20 2013 (r333563) @@ -230,6 +230,17 @@ sbin/rndc-confgen %%LINKS%%@unexec rm -rf /var/named/%D %%LINKS%%@unexec rmdir /var/named/usr 2>/dev/null || true @unexec rm -f %%BIND_DESTETC%%/rndc.conf.sample +%%NOBASE%%etc/rc.d/named +%%NOBASE%%%%BIND_DESTETC%%/named.conf +%%NOBASE%%%%BIND_DESTETC%%/named.root +%%NOBASE%%%%BIND_DESTETC%%/master/empty.db +%%NOBASE%%%%BIND_DESTETC%%/master/localhost-forward.db +%%NOBASE%%%%BIND_DESTETC%%/master/localhost-reverse.db +%%NOBASE%%@dirrm %%BIND_DESTETC%%/dynamic +%%NOBASE%%@dirrm %%BIND_DESTETC%%/master +%%NOBASE%%@dirrm %%BIND_DESTETC%%/slave +%%NOBASE%%@dirrm %%BIND_DESTETC%%/working +%%NOBASE%%@dirrm %%BIND_DESTETC%% @dirrm include/bind9 @dirrm include/dns @dirrm include/dst
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201311121059.rACAxKwM097976>