CyberMind-FR
ff8f4944ea
- Add named.conf and named.conf.zones from router - Add all zone files (maegia.tv, ganimed.fr, secubox.in, etc.) - Include README with sync instructions - Fixed zone path in named.conf.zones for LuCI DNS Master compatibility - Added ganimed.fr zone declaration to BIND config Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
48 lines
1.2 KiB
Plaintext
48 lines
1.2 KiB
Plaintext
options {
|
|
directory "/var/cache/bind";
|
|
listen-on port 53 { any; };
|
|
listen-on-v6 port 53 { any; };
|
|
allow-query { any; };
|
|
|
|
// Enable recursion for LAN clients
|
|
recursion yes;
|
|
allow-recursion { 127.0.0.0/8; 192.168.0.0/16; 172.16.0.0/12; 10.0.0.0/8; };
|
|
|
|
// Forward external queries to upstream DNS
|
|
forwarders {
|
|
9.9.9.9; // Quad9 (threat-blocking)
|
|
149.112.112.112; // Quad9 secondary
|
|
1.1.1.1; // Cloudflare
|
|
};
|
|
forward only;
|
|
|
|
allow-transfer { none; };
|
|
pid-file "/var/run/named/named.pid";
|
|
|
|
// Security
|
|
dnssec-validation auto;
|
|
|
|
// Rate limiting (DDoS protection)
|
|
rate-limit {
|
|
responses-per-second 10;
|
|
window 5;
|
|
};
|
|
response-policy { zone "rpz.vortex"; };
|
|
};
|
|
|
|
// Authoritative zone - secubox.in
|
|
|
|
include "/etc/bind/named.conf.local";
|
|
include "/etc/bind/named.conf.logging";
|
|
// Authoritative zone - secubox.in
|
|
zone "secubox.in" {
|
|
type master;
|
|
file "/etc/bind/zones/secubox.in.zone";
|
|
allow-query { any; };
|
|
allow-transfer { 217.70.177.40; }; // ns6.gandi.net
|
|
also-notify { 217.70.177.40; };
|
|
notify yes;
|
|
};
|
|
include "/etc/bind/named.conf.vortex";
|
|
include "/etc/bind/named.conf.zones";
|