[zones] / distorted.lisp

;;; Zone file for distorted.org.uk

(load "hosts.lisp" :verbose nil)

;;;--------------------------------------------------------------------------
;;; Network allocations
;;; (RFC1918 addresses are allocated from Cambridge G-RIN.)

(defnet inet 62.49.204.144/28)

(defnet distorted.org.uk 172.29.198.0/23
  (untrusted 256
    (wireless 128)
    (iodine 16))
  (trusted 256
    (fretwank 128
      (unsafe 32)
      (dhcp 32)
      (safe 32))
    (virtual 32)
    (its 4)))

;;;--------------------------------------------------------------------------
;;; Host allocations

;; External addresses.
(defhost guvnor.inet (inet 1))
(defhost radius.inet (inet 2))
(defhost roadstar.inet (inet 3))
(defhost jem.inet (inet 4))
(defhost artist.inet (inet 5))
(defhost vampire.inet (inet 6))
(defhost ibanez.inet (inet 9))
(defhost gate.inet (inet 13))
(defhost nat.inet (inet 14))

;; Unsafe network.
(defhost radius (unsafe 1))
(defhost roadstar (unsafe 2))
(defhost jem (unsafe 3))
(defhost artist (unsafe 4))
(defhost vampire (unsafe 5))
(defhost ibanez (unsafe 14))

;; Safe network.
(defhost tubescreamer (safe 1))
(defhost obsidian (safe 2))

;; Wireless network.
(defhost radius.untrusted (untrusted 1))
(defhost evolution (untrusted 2))
(defhost vampire.untrusted (untrusted 3))

;; Virtual private network.
(defhost crybaby (virtual 1))
(defhost terror (virtual 2))

;; Iodine network.
(defhost vampire.iodine (iodine 1))

;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(defhost gw (its 1))
(defhost mz (its 2))

;;;--------------------------------------------------------------------------
;;; Other definitions.

(setf *default-zone-admin* "hostmaster@distorted.org.uk")

(setf *default-zone-source* 'vampire.distorted.org.uk.)
(preferred-subnet-case
  (fretwank
   (defhost www-frontend vampire)
   (defhost dns-frontend vampire))
  (t
   (defhost www-frontend vampire.inet)
   (defhost dns-frontend vampire.inet)))

;;;--------------------------------------------------------------------------
;;; Main zone definition.

(defzone distorted.org.uk
  ;;
  ;; Nameservers.
  :ns #+subnet/fretwank ((vampire.ns :ip vampire))
      #-subnet/fretwank ((mythic-beasts-1.ns :ip mythic-ns1)
			 (mythic-beasts-2.ns :ip mythic-ns2)
			 (chiark.ns :ip chiark.greenend.org.uk)
			 (radius.ns :ip radius.inet)
			 (vampire.ns :ip vampire.inet))
  ;;
  ;; Mail servers.
  ((@ mail lists bugs cryptomail)
   :mx mail
   :srv ((:smtp mail)))
  ;;
  ;; Other services.
  :srv ((:http www)
	(:ftp ftp))
  ;;
  ;; Entry is via little router box.
  (inet :net inet)
  (guvnor (inet :a guvnor.inet) (fretwank :svc gate.inet))
  (gate (inet :a gate.inet))
  (nat (inet :a nat.inet))
  ;;
  ;; Wireless gateway.
  (untrusted :net untrusted)
  (evolution (untrusted :a evolution))
  ;;
  ;; Local services.
  (@ :svc www-frontend)
  ((www ftp wiki git bugs mail db tor i2p rawk vox www-cache)
   (inet :svc vampire.inet)
   (fretwank :svc vampire))
  ;;
  ;; Internal services.
  ((ntp) (fretwank :svc ibanez))
  ((wpad ntp1 news) (fretwank :svc vampire))
  ;;
  ;; Wired ethernet.
  (fretwank :net fretwank)
  (vampire (fretwank :a vampire)
	   (inet :a vampire.inet)
	   (untrusted :a vampire.untrusted)
	   (iodine :a vampire.iodine))
  (obsidian (fretwank :a obsidian))
  (ibanez (fretwank :a ibanez)
	  (inet :a ibanez.inet))
  (radius (fretwank :a radius)
	  (inet :a radius.inet)
	  (untrusted :a radius.untrusted))
  (roadstar (fretwank :a roadstar)
	    (inet :a roadstar.inet))
  (jem (fretwank :a jem)
       (inet :a jem.inet))
  (artist (fretwank :a artist)
	  (inet :a artist.inet))
  (gibson :cname gibson.dhcp)
  (lespaul :cname lespaul.dhcp)
  (firebird :cname firebird.dhcp)
  (marauder :cname marauder.dhcp)
  (invader :cname invader.dhcp)
  ;;
  ;; Virtual network.
  (virtual :net virtual)
  (crybaby (virtual :a crybaby))
  (terror (virtual :a terror))
  (iodine :net iodine)
  ;;
  ;; ITS.
  (its :net its)
  (gw (its :a gw))
  (mz (its :a mz))
  ;;
  ;; Delegations.
  #+subnet/fretwank (dhcp :ns (vampire.ns))
  (io :ns ((ns.io :ip dns-frontend))))

;;;--------------------------------------------------------------------------
;;; Other subsidiary zones.

(defrevzone trusted
  :ns ((vampire.ns :ip vampire))
  :reverse trusted
  #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
  #+subnet/fretwank (@ :cidr-delegation
		       (dhcp
			(dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))

(defrevzone untrusted
  :ns ((vampire.ns :ip vampire))
  :reverse untrusted)

(defrevzone inet
  :reverse inet)

(defzone dhcp.distorted.org.uk
  :ns ((vampire.ns :ip vampire))
  :net dhcp)

(defzone io.distorted.org.uk
  :ns ((ns :ip dns-frontend))
  (about :txt "Fake zone used for IP-over-DNS tunnelling."))

(defzone dhcp.199.29.172.in-addr.arpa
  :ns ((vampire.ns :ip vampire)))

;;;----- That's all, folks --------------------------------------------------
Commit	Line	Data
e80b4c2d MW	1	;;; Zone file for distorted.org.uk
e80b4c2d MW	2
b4d4c18b	3	(load "hosts.lisp" :verbose nil)
e80b4c2d	4
b1d5c6c2 MW	5	;;;--------------------------------------------------------------------------
	6	;;; Network allocations
	7	;;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
	8
92e99247 MW	9	(defnet inet 62.49.204.144/28)
92e99247 MW	10
e80b4c2d	11	(defnet distorted.org.uk 172.29.198.0/23
fc0ce2ed MW	12	(untrusted 256
	13	(wireless 128)
	14	(iodine 16))
e80b4c2d MW	15	(trusted 256
	16	(fretwank 128
	17	(unsafe 32)
	18	(dhcp 32)
	19	(safe 32))
b1d5c6c2 MW	20	(virtual 32)
	21	(its 4)))
	22
	23	;;;--------------------------------------------------------------------------
	24	;;; Host allocations
e80b4c2d	25
b1d5c6c2	26	;; External addresses.
92e99247 MW	27	(defhost guvnor.inet (inet 1))
	28	(defhost radius.inet (inet 2))
	29	(defhost roadstar.inet (inet 3))
	30	(defhost jem.inet (inet 4))
	31	(defhost artist.inet (inet 5))
	32	(defhost vampire.inet (inet 6))
	33	(defhost ibanez.inet (inet 9))
	34	(defhost gate.inet (inet 13))
	35	(defhost nat.inet (inet 14))
2bc217e8	36
b1d5c6c2	37	;; Unsafe network.
92e99247 MW	38	(defhost radius (unsafe 1))
	39	(defhost roadstar (unsafe 2))
	40	(defhost jem (unsafe 3))
	41	(defhost artist (unsafe 4))
	42	(defhost vampire (unsafe 5))
2667dd1c	43	(defhost ibanez (unsafe 14))
2bc217e8	44
b1d5c6c2	45	;; Safe network.
2bc217e8 MW	46	(defhost tubescreamer (safe 1))
	47	(defhost obsidian (safe 2))
	48
b1d5c6c2	49	;; Wireless network.
92e99247	50	(defhost radius.untrusted (untrusted 1))
e07781f9	51	(defhost evolution (untrusted 2))
92e99247	52	(defhost vampire.untrusted (untrusted 3))
2bc217e8	53
b1d5c6c2	54	;; Virtual private network.
8ca446b5	55	(defhost crybaby (virtual 1))
9afe85bf	56	(defhost terror (virtual 2))
b1d5c6c2	57
fc0ce2ed MW	58	;; Iodine network.
	59	(defhost vampire.iodine (iodine 1))
	60
b1d5c6c2 MW	61	;; Special network for ITS.
	62	;; It doesn't understand point-to-point links, so we need a little net.
	63	(defhost gw (its 1))
	64	(defhost mz (its 2))
	65
	66	;;;--------------------------------------------------------------------------
	67	;;; Other definitions.
e80b4c2d MW	68
e80b4c2d MW	69	(setf default-zone-admin "hostmaster@distorted.org.uk")
2bc217e8	70
92e99247	71	(setf default-zone-source 'vampire.distorted.org.uk.)
2bc217e8 MW	72	(preferred-subnet-case
2bc217e8 MW	73	(fretwank
92e99247	74	(defhost www-frontend vampire)
995d75b4	75	(defhost dns-frontend vampire))
2bc217e8	76	(t
92e99247 MW	77	(defhost www-frontend vampire.inet)
92e99247 MW	78	(defhost dns-frontend vampire.inet)))
e80b4c2d	79
b1d5c6c2 MW	80	;;;--------------------------------------------------------------------------
	81	;;; Main zone definition.
	82
e80b4c2d MW	83	(defzone distorted.org.uk
e80b4c2d MW	84	;;
6ef39f28	85	;; Nameservers.
92e99247	86	:ns #+subnet/fretwank ((vampire.ns :ip vampire))
3dfd711e MW	87	#-subnet/fretwank ((mythic-beasts-1.ns :ip mythic-ns1)
3dfd711e MW	88	(mythic-beasts-2.ns :ip mythic-ns2)
cddf1fa1	89	(chiark.ns :ip chiark.greenend.org.uk)
92e99247 MW	90	(radius.ns :ip radius.inet)
92e99247 MW	91	(vampire.ns :ip vampire.inet))
e80b4c2d	92	;;
6ef39f28	93	;; Mail servers.
96c2a692 MW	94	((@ mail lists bugs cryptomail)
	95	:mx mail
	96	:srv ((:smtp mail)))
	97	;;
6ef39f28	98	;; Other services.
96c2a692 MW	99	:srv ((:http www)
96c2a692 MW	100	(:ftp ftp))
e80b4c2d	101	;;
92e99247 MW	102	;; Entry is via little router box.
	103	(inet :net inet)
	104	(guvnor (inet :a guvnor.inet) (fretwank :svc gate.inet))
	105	(gate (inet :a gate.inet))
	106	(nat (inet :a nat.inet))
985aff77	107	;;
6ef39f28	108	;; Wireless gateway.
8ca446b5	109	(untrusted :net untrusted)
8ef3dea5	110	(evolution (untrusted :a evolution))
e80b4c2d	111	;;
6ef39f28	112	;; Local services.
a060fed3	113	(@ :svc www-frontend)
95eac836	114	((www ftp wiki git bugs mail db tor i2p rawk vox www-cache)
92e99247	115	(inet :svc vampire.inet)
0ac996f4	116	(fretwank :svc vampire))
a060fed3	117	;;
6ef39f28	118	;; Internal services.
95eac836 MW	119	((ntp) (fretwank :svc ibanez))
95eac836 MW	120	((wpad ntp1 news) (fretwank :svc vampire))
e80b4c2d	121	;;
6ef39f28	122	;; Wired ethernet.
b1d5c6c2	123	(fretwank :net fretwank)
fc0ce2ed	124	(vampire (fretwank :a vampire)
92e99247	125	(inet :a vampire.inet)
fc0ce2ed MW	126	(untrusted :a vampire.untrusted)
fc0ce2ed MW	127	(iodine :a vampire.iodine))
4acd4890	128	(obsidian (fretwank :a obsidian))
92e99247 MW	129	(ibanez (fretwank :a ibanez)
92e99247 MW	130	(inet :a ibanez.inet))
938f6c79	131	(radius (fretwank :a radius)
92e99247	132	(inet :a radius.inet)
938f6c79	133	(untrusted :a radius.untrusted))
92e99247 MW	134	(roadstar (fretwank :a roadstar)
	135	(inet :a roadstar.inet))
	136	(jem (fretwank :a jem)
	137	(inet :a jem.inet))
	138	(artist (fretwank :a artist)
	139	(inet :a artist.inet))
4b5e05ad MW	140	(gibson :cname gibson.dhcp)
	141	(lespaul :cname lespaul.dhcp)
	142	(firebird :cname firebird.dhcp)
aa4d55b1 MW	143	(marauder :cname marauder.dhcp)
aa4d55b1 MW	144	(invader :cname invader.dhcp)
b1d5c6c2	145	;;
6ef39f28	146	;; Virtual network.
b1d5c6c2	147	(virtual :net virtual)
8ca446b5	148	(crybaby (virtual :a crybaby))
9afe85bf	149	(terror (virtual :a terror))
fc0ce2ed	150	(iodine :net iodine)
e80b4c2d	151	;;
6ef39f28	152	;; ITS.
b1d5c6c2 MW	153	(its :net its)
	154	(gw (its :a gw))
	155	(mz (its :a mz))
b3f75214	156	;;
6ef39f28	157	;; Delegations.
92e99247	158	#+subnet/fretwank (dhcp :ns (vampire.ns))
995d75b4	159	(io :ns ((ns.io :ip dns-frontend))))
b1d5c6c2 MW	160
	161	;;;--------------------------------------------------------------------------
	162	;;; Other subsidiary zones.
e80b4c2d MW	163
e80b4c2d MW	164	(defrevzone trusted
92e99247	165	:ns ((vampire.ns :ip vampire))
b3f75214 MW	166	:reverse trusted
	167	#+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
	168	#+subnet/fretwank (@ :cidr-delegation
	169	(dhcp
	170	(dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))
	171
e80b4c2d	172	(defrevzone untrusted
92e99247	173	:ns ((vampire.ns :ip vampire))
8ca446b5	174	:reverse untrusted)
b3f75214	175
92e99247 MW	176	(defrevzone inet
	177	:reverse inet)
	178
b3f75214	179	(defzone dhcp.distorted.org.uk
92e99247	180	:ns ((vampire.ns :ip vampire))
b3f75214 MW	181	:net dhcp)
b3f75214 MW	182
995d75b4 MW	183	(defzone io.distorted.org.uk
	184	:ns ((ns :ip dns-frontend))
	185	(about :txt "Fake zone used for IP-over-DNS tunnelling."))
	186
b3f75214	187	(defzone dhcp.199.29.172.in-addr.arpa
92e99247	188	:ns ((vampire.ns :ip vampire)))
5094e793	189
b1d5c6c2	190	;;;----- That's all, folks --------------------------------------------------