[zones] / distorted.lisp

;;; Zone file for distorted.org.uk

(load "hosts.lisp" :verbose nil)

;;;--------------------------------------------------------------------------
;;; Network allocations
;;; (RFC1918 addresses are allocated from Cambridge G-RIN.)

(defnet distorted.org.uk 172.29.198.0/23
  (untrusted 256
    (wireless 128)
    (iodine 16))
  (trusted 256
    (fretwank 128
      (unsafe 32)
      (dhcp 32)
      (safe 32))
    (virtual 32)
    (its 4)))

;;;--------------------------------------------------------------------------
;;; Host allocations

;; External addresses.
(defhost guvnor.demon 80.177.3.76)

;; Unsafe network.
(defhost guvnor (unsafe 1))
(defhost metalzone (unsafe 2))
;;(defhost evolution.fretwank (unsafe 3))
(defhost vampire (unsafe 4))

;; Safe network.
(defhost tubescreamer (safe 1))
(defhost obsidian (safe 2))

;; Wireless network.
(defhost vampire.untrusted (untrusted 1))
(defhost evolution (untrusted 2))

;; Virtual private network.
(defhost crybaby (virtual 1))
(defhost terror (virtual 2))

;; Iodine network.
(defhost vampire.iodine (iodine 1))

;; Special network for ITS.
;; It doesn't understand point-to-point links, so we need a little net.
(defhost gw (its 1))
(defhost mz (its 2))

;;;--------------------------------------------------------------------------
;;; Other definitions.

(setf *default-zone-admin* "hostmaster@distorted.org.uk")

(preferred-subnet-case
  (fretwank
   (setf *default-zone-source* 'vampire.distorted.org.uk.)
   (defhost www-frontend metalzone)
   (defhost dns-frontend vampire))
  (t
   (setf *default-zone-source* 'guvnor.distorted.org.uk.)
   (defhost www-frontend guvnor.demon)
   (defhost dns-frontend guvnor.demon)))

;;;--------------------------------------------------------------------------
;;; Main zone definition.

(defzone distorted.org.uk
  ;;
  ;; Nameservers
  :ns #+subnet/fretwank ((metalzone.ns :ip metalzone)
			 (vampire.ns :ip vampire))
      #-subnet/fretwank ((boyle.ns :ip boyle.nsict.org)
			 (chiark.ns :ip chiark.greenend.org.uk)
			 (guvnor.ns :ip guvnor.demon))
  ;;
  ;; Mail servers
  ((@ mail lists bugs cryptomail)
   :mx mail
   :srv ((:smtp mail)))
  ;;
  ;; Other services
  :srv ((:http www)
	(:ftp ftp))
  ;;
  ;; Colocated services
  ;;((www ftp git) (inet :svc boyle.nsict.org) (fretwank :svc metalzone))
  ;;
  ;; Entry is via little port-forwarding box
  (guvnor (inet :a guvnor.demon) (fretwank :a guvnor))
  ;;
  ;; Wireless gateway
  (untrusted :net untrusted)
  (evolution (untrusted :a evolution))
  ;;
  ;; Local services
  (@ :svc www-frontend)
  ((www ftp wiki git bugs mail)
   (inet :svc guvnor.demon)
   (fretwank :svc metalzone))
  ((db tor i2p rawk)
   (inet :svc guvnor.demon)
   (fretwank :svc vampire))
  (vox (inet :svc guvnor.demon) (fretwank :svc vampire))
  ;;
  ;; Internal services
  ((ntp1) (fretwank :svc metalzone))
  ((www-cache wpad ntp news) (fretwank :svc vampire))
  ;;
  ;; Wired ethernet
  (fretwank :net fretwank)
  (metalzone (inet :a guvnor.demon)
	     (fretwank :a metalzone))
  (vampire (fretwank :a vampire)
	   (untrusted :a vampire.untrusted)
	   (iodine :a vampire.iodine))
  (obsidian (fretwank :a obsidian))
  ;;
  ;; Virtual network
  (virtual :net virtual)
  (crybaby (virtual :a crybaby))
  (terror (virtual :a terror))
  (iodine :net iodine)
  ;;
  ;; ITS
  (its :net its)
  (gw (its :a gw))
  (mz (its :a mz))
  ;;
  ;; Delegations
  #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
  (io :ns ((ns.io :ip dns-frontend))))

;;;--------------------------------------------------------------------------
;;; Other subsidiary zones.

(defrevzone trusted
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
  :reverse trusted
  #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
  #+subnet/fretwank (@ :cidr-delegation
		       (dhcp
			(dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))

(defrevzone untrusted
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
  :reverse untrusted)

(defzone dhcp.distorted.org.uk
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
  :net dhcp)

(defzone io.distorted.org.uk
  :ns ((ns :ip dns-frontend))
  (about :txt "Fake zone used for IP-over-DNS tunnelling."))

(defzone dhcp.199.29.172.in-addr.arpa
  :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)))

;;;----- That's all, folks --------------------------------------------------
Commit	Line	Data
e80b4c2d MW	1	;;; Zone file for distorted.org.uk
e80b4c2d MW	2
b4d4c18b	3	(load "hosts.lisp" :verbose nil)
e80b4c2d	4
b1d5c6c2 MW	5	;;;--------------------------------------------------------------------------
	6	;;; Network allocations
	7	;;; (RFC1918 addresses are allocated from Cambridge G-RIN.)
	8
e80b4c2d	9	(defnet distorted.org.uk 172.29.198.0/23
fc0ce2ed MW	10	(untrusted 256
	11	(wireless 128)
	12	(iodine 16))
e80b4c2d MW	13	(trusted 256
	14	(fretwank 128
	15	(unsafe 32)
	16	(dhcp 32)
	17	(safe 32))
b1d5c6c2 MW	18	(virtual 32)
	19	(its 4)))
	20
	21	;;;--------------------------------------------------------------------------
	22	;;; Host allocations
e80b4c2d	23
b1d5c6c2	24	;; External addresses.
4acd4890	25	(defhost guvnor.demon 80.177.3.76)
2bc217e8	26
b1d5c6c2	27	;; Unsafe network.
2bc217e8 MW	28	(defhost guvnor (unsafe 1))
2bc217e8 MW	29	(defhost metalzone (unsafe 2))
8ef3dea5	30	;;(defhost evolution.fretwank (unsafe 3))
2bc217e8 MW	31	(defhost vampire (unsafe 4))
2bc217e8 MW	32
b1d5c6c2	33	;; Safe network.
2bc217e8 MW	34	(defhost tubescreamer (safe 1))
	35	(defhost obsidian (safe 2))
	36
b1d5c6c2	37	;; Wireless network.
e07781f9 MW	38	(defhost vampire.untrusted (untrusted 1))
e07781f9 MW	39	(defhost evolution (untrusted 2))
2bc217e8	40
b1d5c6c2	41	;; Virtual private network.
8ca446b5	42	(defhost crybaby (virtual 1))
9afe85bf	43	(defhost terror (virtual 2))
b1d5c6c2	44
fc0ce2ed MW	45	;; Iodine network.
	46	(defhost vampire.iodine (iodine 1))
	47
b1d5c6c2 MW	48	;; Special network for ITS.
	49	;; It doesn't understand point-to-point links, so we need a little net.
	50	(defhost gw (its 1))
	51	(defhost mz (its 2))
	52
	53	;;;--------------------------------------------------------------------------
	54	;;; Other definitions.
e80b4c2d MW	55
e80b4c2d MW	56	(setf default-zone-admin "hostmaster@distorted.org.uk")
2bc217e8 MW	57
	58	(preferred-subnet-case
	59	(fretwank
e07781f9	60	(setf default-zone-source 'vampire.distorted.org.uk.)
995d75b4 MW	61	(defhost www-frontend metalzone)
995d75b4 MW	62	(defhost dns-frontend vampire))
2bc217e8 MW	63	(t
2bc217e8 MW	64	(setf default-zone-source 'guvnor.distorted.org.uk.)
995d75b4 MW	65	(defhost www-frontend guvnor.demon)
995d75b4 MW	66	(defhost dns-frontend guvnor.demon)))
e80b4c2d	67
b1d5c6c2 MW	68	;;;--------------------------------------------------------------------------
	69	;;; Main zone definition.
	70
e80b4c2d MW	71	(defzone distorted.org.uk
	72	;;
	73	;; Nameservers
cddf1fa1 MW	74	:ns #+subnet/fretwank ((metalzone.ns :ip metalzone)
	75	(vampire.ns :ip vampire))
	76	#-subnet/fretwank ((boyle.ns :ip boyle.nsict.org)
	77	(chiark.ns :ip chiark.greenend.org.uk)
	78	(guvnor.ns :ip guvnor.demon))
e80b4c2d MW	79	;;
e80b4c2d MW	80	;; Mail servers
96c2a692 MW	81	((@ mail lists bugs cryptomail)
	82	:mx mail
	83	:srv ((:smtp mail)))
	84	;;
	85	;; Other services
	86	:srv ((:http www)
	87	(:ftp ftp))
e80b4c2d MW	88	;;
e80b4c2d MW	89	;; Colocated services
a060fed3	90	;;((www ftp git) (inet :svc boyle.nsict.org) (fretwank :svc metalzone))
e80b4c2d MW	91	;;
e80b4c2d MW	92	;; Entry is via little port-forwarding box
a060fed3	93	(guvnor (inet :a guvnor.demon) (fretwank :a guvnor))
985aff77 MW	94	;;
985aff77 MW	95	;; Wireless gateway
8ca446b5	96	(untrusted :net untrusted)
8ef3dea5	97	(evolution (untrusted :a evolution))
e80b4c2d MW	98	;;
e80b4c2d MW	99	;; Local services
a060fed3	100	(@ :svc www-frontend)
fc0ce2ed	101	((www ftp wiki git bugs mail)
a060fed3 MW	102	(inet :svc guvnor.demon)
a060fed3 MW	103	(fretwank :svc metalzone))
995d75b4	104	((db tor i2p rawk)
0ac996f4 MW	105	(inet :svc guvnor.demon)
0ac996f4 MW	106	(fretwank :svc vampire))
8722942b	107	(vox (inet :svc guvnor.demon) (fretwank :svc vampire))
a060fed3 MW	108	;;
a060fed3 MW	109	;; Internal services
ca779f0a MW	110	((ntp1) (fretwank :svc metalzone))
ca779f0a MW	111	((www-cache wpad ntp news) (fretwank :svc vampire))
e80b4c2d MW	112	;;
e80b4c2d MW	113	;; Wired ethernet
b1d5c6c2	114	(fretwank :net fretwank)
fc0ce2ed MW	115	(metalzone (inet :a guvnor.demon)
	116	(fretwank :a metalzone))
	117	(vampire (fretwank :a vampire)
	118	(untrusted :a vampire.untrusted)
	119	(iodine :a vampire.iodine))
4acd4890	120	(obsidian (fretwank :a obsidian))
b1d5c6c2 MW	121	;;
	122	;; Virtual network
	123	(virtual :net virtual)
8ca446b5	124	(crybaby (virtual :a crybaby))
9afe85bf	125	(terror (virtual :a terror))
fc0ce2ed	126	(iodine :net iodine)
e80b4c2d	127	;;
b1d5c6c2 MW	128	;; ITS
	129	(its :net its)
	130	(gw (its :a gw))
	131	(mz (its :a mz))
b3f75214	132	;;
b1d5c6c2	133	;; Delegations
fc0ce2ed	134	#+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
995d75b4	135	(io :ns ((ns.io :ip dns-frontend))))
b1d5c6c2 MW	136
	137	;;;--------------------------------------------------------------------------
	138	;;; Other subsidiary zones.
e80b4c2d MW	139
e80b4c2d MW	140	(defrevzone trusted
2bc217e8	141	:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
b3f75214 MW	142	:reverse trusted
	143	#+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns))
	144	#+subnet/fretwank (@ :cidr-delegation
	145	(dhcp
	146	(dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa))))
	147
e80b4c2d	148	(defrevzone untrusted
2bc217e8	149	:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
8ca446b5	150	:reverse untrusted)
b3f75214 MW	151
b3f75214 MW	152	(defzone dhcp.distorted.org.uk
340f4f62	153	:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))
b3f75214 MW	154	:net dhcp)
b3f75214 MW	155
995d75b4 MW	156	(defzone io.distorted.org.uk
	157	:ns ((ns :ip dns-frontend))
	158	(about :txt "Fake zone used for IP-over-DNS tunnelling."))
	159
b3f75214	160	(defzone dhcp.199.29.172.in-addr.arpa
340f4f62	161	:ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)))
5094e793	162
b1d5c6c2	163	;;;----- That's all, folks --------------------------------------------------