From owner-svn-ports-all@FreeBSD.ORG  Tue Nov 12 10:59:22 2013
Return-Path: <owner-svn-ports-all@FreeBSD.ORG>
Delivered-To: svn-ports-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 4C65ED68;
 Tue, 12 Nov 2013 10:59:22 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 3A7D7223B;
 Tue, 12 Nov 2013 10:59:22 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id rACAxM7H097985;
 Tue, 12 Nov 2013 10:59:22 GMT (envelope-from erwin@svn.freebsd.org)
Received: (from erwin@localhost)
 by svn.freebsd.org (8.14.7/8.14.5/Submit) id rACAxKwM097976;
 Tue, 12 Nov 2013 10:59:20 GMT (envelope-from erwin@svn.freebsd.org)
Message-Id: <201311121059.rACAxKwM097976@svn.freebsd.org>
From: Erwin Lansing <erwin@FreeBSD.org>
Date: Tue, 12 Nov 2013 10:59:20 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r333563 - in head/dns/bind99: . files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Nov 2013 10:59:22 -0000

Author: erwin
Date: Tue Nov 12 10:59:20 2013
New Revision: 333563
URL: http://svnweb.freebsd.org/changeset/ports/333563

Log:
  Support FreeBSD 10.0.
  
  On FreeBSD 10.0, all configuration is installed under
  /usr/local/etc/namedb and installs its own rc script in
  $PREFIX, which no longer support chroot installations.
  
  LINKS and REPLACE_BASE options are not supported on 10.0
  for obvious reasons.
  
  Note for FreeBSD 9.x and earlier users, LINKS is no longer
  the default option, though still supported.

Added:
  head/dns/bind99/files/
  head/dns/bind99/files/empty.db   (contents, props changed)
  head/dns/bind99/files/localhost-forward.db   (contents, props changed)
  head/dns/bind99/files/localhost-reverse.db   (contents, props changed)
  head/dns/bind99/files/named   (contents, props changed)
  head/dns/bind99/files/named.conf   (contents, props changed)
  head/dns/bind99/files/named.root   (contents, props changed)
Modified:
  head/dns/bind99/Makefile
  head/dns/bind99/pkg-plist

Modified: head/dns/bind99/Makefile
==============================================================================
--- head/dns/bind99/Makefile	Tue Nov 12 10:51:38 2013	(r333562)
+++ head/dns/bind99/Makefile	Tue Nov 12 10:59:20 2013	(r333563)
@@ -26,7 +26,7 @@ CONFIGURE_ARGS=	--localstatedir=/var --d
 
 CONFLICTS=	bind9*-9.[45678].* bind9*-sdb-9.[45678].* bind-tools-9.*
 
-OPTIONS_DEFAULT=	IPV6 SSL LINKS XML THREADS
+OPTIONS_DEFAULT=	IPV6 SSL XML THREADS
 OPTIONS_DEFINE=		SSL IDN REPLACE_BASE LARGE_FILE \
 			FIXED_RRSET SIGCHASE IPV6 THREADS GSSAPI FILTER_AAAA
 .if !defined(BIND_TOOLS_SLAVE)
@@ -175,14 +175,24 @@ IGNORE=		REPLACE_BASE option is not supp
 PKGNAMESUFFIX=	-base
 PREFIX=		/usr
 BIND_DESTETC=	/etc/namedb
-CONFIGURE_ARGS+=	--prefix=${PREFIX} \
-			--sysconfdir=${BIND_DESTETC}
+.else
+.if ${OSVERSION} >= 1000500
+BIND_DESTETC=	${PREFIX}/etc/namedb
 .else
 BIND_DESTETC=	${PREFIX}/etc
 .endif
+.endif
 
+CONFIGURE_ARGS+=	--prefix=${PREFIX} \
+			--sysconfdir=${BIND_DESTETC}
 PLIST_SUB+=	BIND_DESTETC="${BIND_DESTETC}"
 
+.if ${OSVERSION} >= 1000500
+PLIST_SUB+=	NOBASE=""
+.else
+PLIST_SUB+=	NOBASE="@comment "
+.endif
+
 MAN1?=	arpaname.1 dig.1 host.1 isc-config.sh.1 nslookup.1 nsupdate.1
 .if !defined(BIND_TOOLS_SLAVE)
 MAN3=	lwres.3 lwres_addr_parse.3 lwres_buffer.3 lwres_buffer_add.3 \
@@ -250,8 +260,6 @@ post-patch:
 PORTDOCS=	*
 .endif
 post-install:
-	${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \
-		${BIND_DESTETC}/rndc.conf.sample
 .if ${PORT_OPTIONS:MDOCS}
 	${MKDIR} ${DOCSDIR}/arm ${DOCSDIR}/misc
 	${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${DOCSDIR}/arm
@@ -260,10 +268,31 @@ post-install:
 	${CP} ${WRKSRC}/CHANGES ${WRKSRC}/COPYRIGHT ${WRKSRC}/FAQ \
 		${WRKSRC}/HISTORY ${WRKSRC}/README ${DOCSDIR}/
 .endif
-.if ${PORT_OPTIONS:MLINKS} && empty(PORT_OPTIONS:MREPLACE_BASE)
+.if ${OSVERSION} >= 1000500
+.for FILE in named named.conf
+	${SED} -e 's#%%PREFIX%%#${PREFIX}#g' \
+		-e 's#%%BIND_DESTETC%%#${BIND_DESTETC}#g' \
+		${FILESDIR}/${FILE} > ${WRKDIR}/${FILE}
+.endfor
+	${INSTALL_SCRIPT} ${WRKDIR}/named ${PREFIX}/etc/rc.d
+	${MKDIR} ${BIND_DESTETC}
+.for DIR in dynamic master slave working
+	${MKDIR} ${BIND_DESTETC}/${DIR}
+.endfor
+.for DIR in dynamic slave working
+	${CHOWN} bind:bind ${BIND_DESTETC}/${DIR}
+.endfor
+	${INSTALL_DATA} ${WRKDIR}/named.conf ${BIND_DESTETC}
+	${INSTALL_DATA} ${FILESDIR}/named.root ${BIND_DESTETC}
+	${INSTALL_DATA} ${FILESDIR}/empty.db ${BIND_DESTETC}/master
+	${INSTALL_DATA} ${FILESDIR}/localhost-forward.db ${BIND_DESTETC}/master
+	${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db ${BIND_DESTETC}/master
+.elif ${PORT_OPTIONS:MLINKS} && empty(PORT_OPTIONS:MREPLACE_BASE)
 	PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
 .endif
 
+	${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \
+		${BIND_DESTETC}/rndc.conf.sample
 	@${CAT} ${PKGMESSAGE}
 
 .endif	# BIND_TOOLS_SLAVE

Added: head/dns/bind99/files/empty.db
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/bind99/files/empty.db	Tue Nov 12 10:59:20 2013	(r333563)
@@ -0,0 +1,11 @@
+
+; $FreeBSD$
+
+$TTL 3h
+@ SOA @ nobody.localhost. 42 1d 12h 1w 3h
+	; Serial, Refresh, Retry, Expire, Neg. cache TTL
+
+@	NS	@
+
+; Silence a BIND warning
+@	A	127.0.0.1

Added: head/dns/bind99/files/localhost-forward.db
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/bind99/files/localhost-forward.db	Tue Nov 12 10:59:20 2013	(r333563)
@@ -0,0 +1,11 @@
+
+; $FreeBSD$
+
+$TTL 3h
+localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
+	; Serial, Refresh, Retry, Expire, Neg. cache TTL
+
+	NS	localhost.
+
+	A	127.0.0.1
+	AAAA	::1

Added: head/dns/bind99/files/localhost-reverse.db
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/bind99/files/localhost-reverse.db	Tue Nov 12 10:59:20 2013	(r333563)
@@ -0,0 +1,13 @@
+
+; $FreeBSD$
+
+$TTL 3h
+@ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
+	; Serial, Refresh, Retry, Expire, Neg. cache TTL
+
+	NS	localhost.
+
+1.0.0	PTR	localhost.
+
+1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost.
+

Added: head/dns/bind99/files/named
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/bind99/files/named	Tue Nov 12 10:59:20 2013	(r333563)
@@ -0,0 +1,204 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: named
+# REQUIRE: SERVERS FILESYSTEMS
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name="named"
+rcvar=named_enable
+
+extra_commands="reload"
+
+start_precmd="named_prestart"
+start_postcmd="named_poststart"
+reload_cmd="named_reload"
+stop_cmd="named_stop"
+
+named_enable="NO"		# Run named, the DNS server (or NO).
+named_program="%%PREFIX%%/sbin/named"	# Path to named, if you want a different one.
+named_conf="%%BIND_DESTETC%%/named.conf"	# Path to the configuration file
+#named_flags=""			# Use this for flags OTHER than -u and -c
+named_uid="bind"		# User to run named as
+named_wait="NO"			# Wait for working name service before exiting
+named_wait_host="localhost"	# Hostname to check if named_wait is enabled
+named_auto_forward="NO"		# Set up forwarders from /etc/resolv.conf
+named_auto_forward_only="NO"	# Do "forward only" instead of "forward first"
+
+named_poststart() {
+	if checkyesno named_wait; then
+		until ${command%/sbin/named}/bin/host $named_wait_host >/dev/null 2>&1; do
+			echo "	Waiting for nameserver to resolve $named_wait_host"
+			sleep 1
+		done
+	fi
+}
+
+named_reload()
+{
+	${command%/named}/rndc reload
+}
+
+find_pidfile()
+{
+	if get_pidfile_from_conf pid-file $named_conf; then
+		pidfile="$_pidfile_from_conf"
+	else
+		pidfile="/var/run/named/pid"
+	fi
+}
+
+named_stop()
+{
+	find_pidfile
+
+	# This duplicates an undesirably large amount of code from the stop
+	# routine in rc.subr in order to use rndc to shut down the process,
+	# and to give it a second chance in case rndc fails.
+	rc_pid=$(check_pidfile $pidfile $command)
+	if [ -z "$rc_pid" ]; then
+		[ -n "$rc_fast" ] && return 0
+		_run_rc_notrunning
+		return 1
+	fi
+	echo 'Stopping named.'
+	if ${command%/named}/rndc stop 2>/dev/null; then
+		wait_for_pids $rc_pid
+	else
+		echo -n 'rndc failed, trying kill: '
+		kill -TERM $rc_pid
+		wait_for_pids $rc_pid
+  	fi
+}
+
+create_file() {
+	if [ -e "$1" ]; then
+		unlink $1
+	fi
+	> $1
+	chown root:wheel $1
+	chmod 644 $1
+}
+
+named_prestart()
+{
+	find_pidfile
+
+	if [ -n "$named_pidfile" ]; then
+		warn 'named_pidfile: now determined from the conf file'
+	fi
+
+	command_args="-u ${named_uid:=root}"
+
+	if [ ! "$named_conf" = '/etc/namedb/named.conf' ]; then
+		case "$named_flags" in
+		-c*|*' -c'*) ;;		# No need to add it
+		*) command_args="-c $named_conf $command_args" ;;
+		esac
+	fi
+
+	local line nsip firstns
+
+	# Create an rndc.key file for the user if none exists
+	#
+	confgen_command="${command%/named}/rndc-confgen -a -b256 -u $named_uid \
+	    -c ${named_confdir}/rndc.key"
+	if [ -s "${named_confdir}/rndc.conf" ]; then
+		unset confgen_command
+	fi
+	if [ -s "${named_confdir}/rndc.key" ]; then
+		case `stat -f%Su ${named_confdir}/rndc.key` in
+		root|$named_uid) ;;
+		*) $confgen_command ;;
+		esac
+	else
+		$confgen_command
+	fi
+
+	local checkconf
+
+	checkconf="${command%/named}/named-checkconf"
+
+	# Create a forwarder configuration based on /etc/resolv.conf
+	if checkyesno named_auto_forward; then
+		if [ ! -s /etc/resolv.conf ]; then
+			warn "named_auto_forward enabled, but no /etc/resolv.conf"
+
+			# Empty the file in case it is included in named.conf
+			[ -s "${named_confdir}/auto_forward.conf" ] &&
+			    create_file ${named_confdir}/auto_forward.conf
+
+			$checkconf $named_conf ||
+			    err 3 'named-checkconf for $named_conf failed'
+			return
+		fi
+
+		create_file /var/run/naf-resolv.conf
+		create_file /var/run/auto_forward.conf
+
+		echo '	forwarders {' > /var/run/auto_forward.conf
+
+		while read line; do
+			case "$line" in
+			'nameserver '*|'nameserver	'*)
+				nsip=${line##nameserver[         ]}
+
+				if [ -z "$firstns" ]; then
+					if [ ! "$nsip" = '127.0.0.1' ]; then
+						echo 'nameserver 127.0.0.1'
+						echo "		${nsip};" >> /var/run/auto_forward.conf
+					fi
+
+					firstns=1
+				else
+					[ "$nsip" = '127.0.0.1' ] && continue
+					echo "		${nsip};" >> /var/run/auto_forward.conf
+				fi
+				;;
+			esac
+
+			echo $line
+		done < /etc/resolv.conf > /var/run/naf-resolv.conf
+
+		echo '	};' >> /var/run/auto_forward.conf
+		echo '' >> /var/run/auto_forward.conf
+		if checkyesno named_auto_forward_only; then
+			echo "	forward only;" >> /var/run/auto_forward.conf
+		else
+			echo "	forward first;" >> /var/run/auto_forward.conf
+		fi
+
+		if cmp -s /etc/resolv.conf /var/run/naf-resolv.conf; then
+			unlink /var/run/naf-resolv.conf
+		else
+			[ -e /etc/resolv.conf ] && unlink /etc/resolv.conf
+			mv /var/run/naf-resolv.conf /etc/resolv.conf
+		fi
+
+		if cmp -s ${named_confdir}/auto_forward.conf \
+		    /var/run/auto_forward.conf; then
+			unlink /var/run/auto_forward.conf
+		else
+			[ -e "${named_confdir}/auto_forward.conf" ] &&
+			    unlink ${named_confdir}/auto_forward.conf
+			mv /var/run/auto_forward.conf \
+			    ${named_confdir}/auto_forward.conf
+		fi
+	else
+		# Empty the file in case it is included in named.conf
+		[ -s "${named_confdir}/auto_forward.conf" ] &&
+		    create_file ${named_confdir}/auto_forward.conf
+	fi
+
+	$checkconf $named_conf || err 3 'named-checkconf for $named_conf failed'
+}
+
+load_rc_config $name
+
+named_confdir="${named_conf%/*}"
+
+run_rc_command "$1"

Added: head/dns/bind99/files/named.conf
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/bind99/files/named.conf	Tue Nov 12 10:59:20 2013	(r333563)
@@ -0,0 +1,360 @@
+// $FreeBSD$
+//
+// Refer to the named.conf(5) and named(8) man pages, and the documentation
+// in /usr/share/doc/bind9 for more details.
+//
+// If you are going to set up an authoritative server, make sure you
+// understand the hairy details of how DNS works.  Even with
+// simple mistakes, you can break connectivity for affected parties,
+// or cause huge amounts of useless Internet traffic.
+
+options {
+	// All file and path names are relative to the chroot directory,
+	// if any, and should be fully qualified.
+	directory	"%%BIND_DESTETC%%/working";
+	pid-file	"/var/run/named/pid";
+	dump-file	"/var/dump/named_dump.db";
+	statistics-file	"/var/stats/named.stats";
+
+// If named is being used only as a local resolver, this is a safe default.
+// For named to be accessible to the network, comment this option, specify
+// the proper IP address, or delete this option.
+	listen-on	{ 127.0.0.1; };
+
+// If you have IPv6 enabled on this system, uncomment this option for
+// use as a local resolver.  To give access to the network, specify
+// an IPv6 address, or the keyword "any".
+//	listen-on-v6	{ ::1; };
+
+// These zones are already covered by the empty zones listed below.
+// If you remove the related empty zones below, comment these lines out.
+	disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
+	disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
+	disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
+
+// If you've got a DNS server around at your upstream provider, enter
+// its IP address here, and enable the line below.  This will make you
+// benefit from its cache, thus reduce overall DNS traffic in the Internet.
+/*
+	forwarders {
+		127.0.0.1;
+	};
+*/
+
+// If the 'forwarders' clause is not empty the default is to 'forward first'
+// which will fall back to sending a query from your local server if the name
+// servers in 'forwarders' do not have the answer.  Alternatively you can
+// force your name server to never initiate queries of its own by enabling the
+// following line:
+//	forward only;
+
+// If you wish to have forwarding configured automatically based on
+// the entries in /etc/resolv.conf, uncomment the following line and
+// set named_auto_forward=yes in /etc/rc.conf.  You can also enable
+// named_auto_forward_only (the effect of which is described above).
+//	include "/etc/namedb/auto_forward.conf";
+
+	/*
+	   Modern versions of BIND use a random UDP port for each outgoing
+	   query by default in order to dramatically reduce the possibility
+	   of cache poisoning.  All users are strongly encouraged to utilize
+	   this feature, and to configure their firewalls to accommodate it.
+
+	   AS A LAST RESORT in order to get around a restrictive firewall
+	   policy you can try enabling the option below.  Use of this option
+	   will significantly reduce your ability to withstand cache poisoning
+	   attacks, and should be avoided if at all possible.
+
+	   Replace NNNNN in the example with a number between 49160 and 65530.
+	*/
+	// query-source address * port NNNNN;
+};
+
+// If you enable a local name server, don't forget to enter 127.0.0.1
+// first in your /etc/resolv.conf so this server will be queried.
+// Also, make sure to enable it in /etc/rc.conf.
+
+// The traditional root hints mechanism. Use this, OR the slave zones below.
+zone "." { type hint; file "%%BIND_DESTETC%%/named.root"; };
+
+/*	Slaving the following zones from the root name servers has some
+	significant advantages:
+	1. Faster local resolution for your users
+	2. No spurious traffic will be sent from your network to the roots
+	3. Greater resilience to any potential root server failure/DDoS
+
+	On the other hand, this method requires more monitoring than the
+	hints file to be sure that an unexpected failure mode has not
+	incapacitated your server.  Name servers that are serving a lot
+	of clients will benefit more from this approach than individual
+	hosts.  Use with caution.
+
+	To use this mechanism, uncomment the entries below, and comment
+	the hint zone above.
+
+	As documented at http://dns.icann.org/services/axfr/ these zones:
+	"." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and ROOT-SERVERS.NET
+	are available for AXFR from these servers on IPv4 and IPv6:
+	xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
+*/
+/*
+zone "." {
+	type slave;
+	file "/etc/namedb/slave/root.slave";
+	masters {
+		192.5.5.241;	// F.ROOT-SERVERS.NET.
+	};
+	notify no;
+};
+zone "arpa" {
+	type slave;
+	file "/etc/namedb/slave/arpa.slave";
+	masters {
+		192.5.5.241;	// F.ROOT-SERVERS.NET.
+	};
+	notify no;
+};
+*/
+
+/*	Serving the following zones locally will prevent any queries
+	for these zones leaving your network and going to the root
+	name servers.  This has two significant advantages:
+	1. Faster local resolution for your users
+	2. No spurious traffic will be sent from your network to the roots
+*/
+// RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
+zone "localhost"	{ type master; file "%%BIND_DESTETC%%/master/localhost-forward.db"; };
+zone "127.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/localhost-reverse.db"; };
+zone "255.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// RFC 1912-style zone for IPv6 localhost address (RFC 6303)
+zone "0.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/localhost-reverse.db"; };
+
+// "This" Network (RFCs 1912, 5735 and 6303)
+zone "0.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// Private Use Networks (RFCs 1918, 5735 and 6303)
+zone "10.in-addr.arpa"	   { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "16.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "17.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "18.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "19.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "20.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "21.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "22.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "23.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "24.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "25.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "26.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "27.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "28.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "29.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "30.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "31.172.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "168.192.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// Shared Address Space (RFC 6598)
+zone "64.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "65.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "66.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "67.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "68.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "69.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "70.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "71.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "72.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "73.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "74.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "75.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "76.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "77.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "78.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "79.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "80.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "81.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "82.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "83.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "84.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "85.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "86.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "87.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "88.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "89.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "90.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "91.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "92.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "93.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "94.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "95.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "96.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "97.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "98.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "99.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "100.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "101.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "102.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "103.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "104.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "105.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "106.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "107.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "108.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "109.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "110.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "111.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "112.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "113.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "114.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "115.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "116.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "117.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "118.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "119.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "120.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "121.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "122.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "123.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "124.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "125.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "126.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "127.100.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// Link-local/APIPA (RFCs 3927, 5735 and 6303)
+zone "254.169.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// IETF protocol assignments (RFCs 5735 and 5736)
+zone "0.0.192.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303)
+zone "2.0.192.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "100.51.198.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "113.0.203.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// IPv6 Example Range for Documentation (RFCs 3849 and 6303)
+zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// Domain Names for Documentation and Testing (BCP 32)
+zone "test" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "example" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "invalid" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "example.com" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "example.net" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "example.org" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// Router Benchmark Testing (RFCs 2544 and 5735)
+zone "18.198.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "19.198.in-addr.arpa" { type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// IANA Reserved - Old Class E Space (RFC 5735)
+zone "240.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "241.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "242.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "243.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "244.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "245.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "246.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "247.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "248.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "249.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "250.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "251.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "252.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "253.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "254.in-addr.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// IPv6 Unassigned Addresses (RFC 4291)
+zone "1.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "3.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "4.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "5.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "6.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "7.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "8.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "9.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "a.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "b.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "c.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "d.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "e.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "0.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "1.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "2.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "3.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "4.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "5.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "6.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "7.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "8.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "9.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "a.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "b.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "0.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "1.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "2.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "3.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "4.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "5.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "6.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "7.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// IPv6 ULA (RFCs 4193 and 6303)
+zone "c.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "d.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// IPv6 Link Local (RFCs 4291 and 6303)
+zone "8.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "9.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "a.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "b.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303)
+zone "c.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "d.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "e.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+zone "f.e.f.ip6.arpa"	{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// IP6.INT is Deprecated (RFC 4159)
+zone "ip6.int"		{ type master; file "%%BIND_DESTETC%%/master/empty.db"; };
+
+// NB: Do not use the IP addresses below, they are faked, and only
+// serve demonstration/documentation purposes!
+//
+// Example slave zone config entries.  It can be convenient to become
+// a slave at least for the zone your own domain is in.  Ask
+// your network administrator for the IP address of the responsible
+// master name server.
+//
+// Do not forget to include the reverse lookup zone!
+// This is named after the first bytes of the IP address, in reverse
+// order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
+//
+// Before starting to set up a master zone, make sure you fully
+// understand how DNS and BIND work.  There are sometimes
+// non-obvious pitfalls.  Setting up a slave zone is usually simpler.
+//
+// NB: Don't blindly enable the examples below. :-)  Use actual names
+// and addresses instead.
+
+/* An example dynamic zone
+key "exampleorgkey" {
+	algorithm hmac-md5;
+	secret "sf87HJqjkqh8ac87a02lla==";
+};
+zone "example.org" {
+	type master;
+	allow-update {
+		key "exampleorgkey";
+	};
+	file "/etc/namedb/dynamic/example.org";
+};
+*/
+
+/* Example of a slave reverse zone
+zone "1.168.192.in-addr.arpa" {
+	type slave;
+	file "/etc/namedb/slave/1.168.192.in-addr.arpa";
+	masters {
+		192.168.1.1;
+	};
+};
+*/

Added: head/dns/bind99/files/named.root
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/bind99/files/named.root	Tue Nov 12 10:59:20 2013	(r333563)
@@ -0,0 +1,92 @@
+;
+; $FreeBSD$
+;
+
+;       This file holds the information on root name servers needed to
+;       initialize cache of Internet domain name servers
+;       (e.g. reference this file in the "cache  .  <file>"
+;       configuration file of BIND domain name servers).
+;
+;       This file is made available by InterNIC 
+;       under anonymous FTP as
+;           file                /domain/named.cache
+;           on server           FTP.INTERNIC.NET
+;       -OR-                    RS.INTERNIC.NET
+;
+;       last update:    Jan 3, 2013
+;       related version of root zone:   2013010300
+;
+; formerly NS.INTERNIC.NET
+;
+.                        3600000  IN  NS    A.ROOT-SERVERS.NET.
+A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
+A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:BA3E::2:30
+;
+; FORMERLY NS1.ISI.EDU
+;
+.                        3600000      NS    B.ROOT-SERVERS.NET.
+B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201
+;
+; FORMERLY C.PSI.NET
+;
+.                        3600000      NS    C.ROOT-SERVERS.NET.
+C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
+;
+; FORMERLY TERP.UMD.EDU
+;
+.                        3600000      NS    D.ROOT-SERVERS.NET.
+D.ROOT-SERVERS.NET.      3600000      A     199.7.91.13
+D.ROOT-SERVERS.NET.	 3600000      AAAA  2001:500:2D::D
+;
+; FORMERLY NS.NASA.GOV
+;
+.                        3600000      NS    E.ROOT-SERVERS.NET.
+E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
+;
+; FORMERLY NS.ISC.ORG
+;
+.                        3600000      NS    F.ROOT-SERVERS.NET.
+F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
+F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2F::F
+;
+; FORMERLY NS.NIC.DDN.MIL
+;
+.                        3600000      NS    G.ROOT-SERVERS.NET.
+G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
+;
+; FORMERLY AOS.ARL.ARMY.MIL
+;
+.                        3600000      NS    H.ROOT-SERVERS.NET.
+H.ROOT-SERVERS.NET.      3600000      A     128.63.2.53
+H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::803F:235
+;
+; FORMERLY NIC.NORDU.NET
+;
+.                        3600000      NS    I.ROOT-SERVERS.NET.
+I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
+I.ROOT-SERVERS.NET.      3600000      AAAA  2001:7FE::53
+;
+; OPERATED BY VERISIGN, INC.
+;
+.                        3600000      NS    J.ROOT-SERVERS.NET.
+J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
+J.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:C27::2:30
+;
+; OPERATED BY RIPE NCC
+;
+.                        3600000      NS    K.ROOT-SERVERS.NET.
+K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
+K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7FD::1
+;
+; OPERATED BY ICANN
+;
+.                        3600000      NS    L.ROOT-SERVERS.NET.
+L.ROOT-SERVERS.NET.      3600000      A     199.7.83.42
+L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:3::42
+;
+; OPERATED BY WIDE
+;
+.                        3600000      NS    M.ROOT-SERVERS.NET.
+M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
+M.ROOT-SERVERS.NET.      3600000      AAAA  2001:DC3::35
+; End of File

Modified: head/dns/bind99/pkg-plist
==============================================================================
--- head/dns/bind99/pkg-plist	Tue Nov 12 10:51:38 2013	(r333562)
+++ head/dns/bind99/pkg-plist	Tue Nov 12 10:59:20 2013	(r333563)
@@ -230,6 +230,17 @@ sbin/rndc-confgen
 %%LINKS%%@unexec rm -rf /var/named/%D
 %%LINKS%%@unexec rmdir /var/named/usr 2>/dev/null || true
 @unexec rm -f %%BIND_DESTETC%%/rndc.conf.sample
+%%NOBASE%%etc/rc.d/named
+%%NOBASE%%%%BIND_DESTETC%%/named.conf
+%%NOBASE%%%%BIND_DESTETC%%/named.root
+%%NOBASE%%%%BIND_DESTETC%%/master/empty.db
+%%NOBASE%%%%BIND_DESTETC%%/master/localhost-forward.db
+%%NOBASE%%%%BIND_DESTETC%%/master/localhost-reverse.db
+%%NOBASE%%@dirrm %%BIND_DESTETC%%/dynamic
+%%NOBASE%%@dirrm %%BIND_DESTETC%%/master
+%%NOBASE%%@dirrm %%BIND_DESTETC%%/slave
+%%NOBASE%%@dirrm %%BIND_DESTETC%%/working
+%%NOBASE%%@dirrm %%BIND_DESTETC%%
 @dirrm include/bind9
 @dirrm include/dns
 @dirrm include/dst