// /etc/named.conf - This file contains the BIND version 8.x // (and later) named configuration information for a secondary // name server. // // WARNING!! If running in chroot jail, be sure to copy /etc/named.conf // into your jail (usually /var/named/chroot/etc/named.conf) after // every change. See /etc/sysconfig/named to see if it is configured // to use a chroot jail. options { directory "/var/named"; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; listen-on port 53 { any; }; version "DNS Server"; // Hide real version info. allow-transfer ( none; }; // Set to no by default. notify no; allow-query { any; }; allow-recursion { localhost; }; // Only allow recursive queries from myself. allow-query-cache { localhost; }; // ibid. zone-statistics yes; empty-zones-enable yes; }; // Disable remote control: controls {inet 127.0.0.1 allow {127.0.0.1; }; }; // These logging rules send everything possible to syslog, allowing for // syslog to filter out unwanted log data. Alternatively, you could have // syslog log everything it gets, and only have this send what is wanted. logging { channel default_log { syslog local2; severity debug; // Send all log data to rsyslog facility local2. }; channel security_log { syslog local2; severity debug; // Send all log data to rsyslog facility local2. }; category default { default_log; }; category general { default_log; }; category security { security_log; }; category config { default_log; }; category resolver { security_log; }; category xfer-in { security_log; }; category xfer-out { security_log; }; category notify { security_log; }; category client { security_log; }; category network { security_log; }; category update { security_log; }; category queries { security_log; }; category lame-servers { null; }; }; zone "." { type hint; file "root.cache"; }; zone "gcaw.org" { type slave; file "gcaw.zone"; masters { 10.142.255.11; }; }; zone "255.142.10.in-addr.arpa" { type slave; file "gcaw-rev.zone"; masters { 10.142.255.11; }; }; include "/etc/named.rfc1912.zones"; include "/etc/rndc.key";