named4.conf.in revision 1.1.1.2
1/* 2 * Copyright (C) Internet Systems Consortium, Inc. ("ISC") 3 * 4 * This Source Code Form is subject to the terms of the Mozilla Public 5 * License, v. 2.0. If a copy of the MPL was not distributed with this 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. 7 * 8 * See the COPYRIGHT file distributed with this work for additional 9 * information regarding copyright ownership. 10 */ 11 12key rndc_key { 13 secret "1234abcd8765"; 14 algorithm hmac-sha256; 15}; 16 17controls { 18 inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; 19}; 20 21options { 22 query-source address 10.53.0.2; 23 notify-source 10.53.0.2; 24 transfer-source 10.53.0.2; 25 port @PORT@; 26 pid-file "named.pid"; 27 listen-on { 10.53.0.2; }; 28 listen-on-v6 { none; }; 29 recursion no; 30 notify yes; 31 ixfr-from-differences yes; 32 check-integrity no; 33}; 34 35key one { 36 algorithm hmac-md5; 37 secret "1234abcd8765"; 38}; 39 40key two { 41 algorithm hmac-md5; 42 secret "1234abcd8765"; 43}; 44 45acl rejectkeys { 46 !key one; !key two; any; 47}; 48 49acl rejectaddrs { 50 !10.53.0.1; !10.53.0.2; any; 51}; 52 53acl check1 { !key one; 10.53.0.1; }; 54 55acl check2 { !key two; 10.53.0.2; }; 56 57zone "." { 58 type hint; 59 file "../../common/root.hint"; 60}; 61 62zone "example" { 63 type primary; 64 file "example.db"; 65}; 66 67zone "tsigzone" { 68 type primary; 69 file "tsigzone.db"; 70 allow-transfer { !rejectkeys; !rejectaddrs; !check1; !check2; any; }; 71}; 72