;;; Zone file for distorted.org.uk (load "hosts.lisp" :verbose nil) ;;;-------------------------------------------------------------------------- ;;; Network allocations ;;; (RFC1918 addresses are allocated from Cambridge G-RIN.) (defnet distorted.org.uk 172.29.198.0/23 (untrusted 256 (wireless 128) (iodine 16)) (trusted 256 (fretwank 128 (unsafe 32) (dhcp 32) (safe 32)) (virtual 32) (its 4))) ;;;-------------------------------------------------------------------------- ;;; Host allocations ;; External addresses. (defhost guvnor.demon 80.177.3.76) ;; Unsafe network. (defhost guvnor (unsafe 1)) (defhost metalzone (unsafe 2)) ;;(defhost evolution.fretwank (unsafe 3)) (defhost vampire (unsafe 4)) ;; Safe network. (defhost tubescreamer (safe 1)) (defhost obsidian (safe 2)) ;; Wireless network. (defhost vampire.untrusted (untrusted 1)) (defhost evolution (untrusted 2)) ;; Virtual private network. (defhost crybaby (virtual 1)) (defhost terror (virtual 2)) ;; Iodine network. (defhost vampire.iodine (iodine 1)) ;; Special network for ITS. ;; It doesn't understand point-to-point links, so we need a little net. (defhost gw (its 1)) (defhost mz (its 2)) ;;;-------------------------------------------------------------------------- ;;; Other definitions. (setf *default-zone-admin* "hostmaster@distorted.org.uk") (preferred-subnet-case (fretwank (setf *default-zone-source* 'vampire.distorted.org.uk.) (defhost www-frontend metalzone) (defhost dns-frontend vampire)) (t (setf *default-zone-source* 'guvnor.distorted.org.uk.) (defhost www-frontend guvnor.demon) (defhost dns-frontend guvnor.demon))) ;;;-------------------------------------------------------------------------- ;;; Main zone definition. (defzone distorted.org.uk ;; ;; Nameservers :ns #+subnet/fretwank ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)) #-subnet/fretwank ((boyle.ns :ip boyle.nsict.org) (chiark.ns :ip chiark.greenend.org.uk) (guvnor.ns :ip guvnor.demon)) ;; ;; Mail servers ((@ mail lists bugs cryptomail) :mx mail :srv ((:smtp mail))) ;; ;; Other services :srv ((:http www) (:ftp ftp)) ;; ;; Colocated services ;;((www ftp git) (inet :svc boyle.nsict.org) (fretwank :svc metalzone)) ;; ;; Entry is via little port-forwarding box (guvnor (inet :a guvnor.demon) (fretwank :a guvnor)) ;; ;; Wireless gateway (untrusted :net untrusted) (evolution (untrusted :a evolution)) ;; ;; Local services (@ :svc www-frontend) ((www ftp wiki git bugs mail) (inet :svc guvnor.demon) (fretwank :svc metalzone)) ((db tor i2p rawk) (inet :svc guvnor.demon) (fretwank :svc vampire)) (vox (inet :svc guvnor.demon) (fretwank :svc vampire)) ;; ;; Internal services ((ntp1) (fretwank :svc metalzone)) ((www-cache wpad ntp news) (fretwank :svc vampire)) ;; ;; Wired ethernet (fretwank :net fretwank) (metalzone (inet :a guvnor.demon) (fretwank :a metalzone)) (vampire (fretwank :a vampire) (untrusted :a vampire.untrusted) (iodine :a vampire.iodine)) (obsidian (fretwank :a obsidian)) ;; ;; Virtual network (virtual :net virtual) (crybaby (virtual :a crybaby)) (terror (virtual :a terror)) (iodine :net iodine) ;; ;; ITS (its :net its) (gw (its :a gw)) (mz (its :a mz)) ;; ;; Delegations #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns)) (io :ns ((ns.io :ip dns-frontend)))) ;;;-------------------------------------------------------------------------- ;;; Other subsidiary zones. (defrevzone trusted :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)) :reverse trusted #+subnet/fretwank (dhcp :ns (metalzone.ns vampire.ns)) #+subnet/fretwank (@ :cidr-delegation (dhcp (dhcp 199.29.172.dhcp.199.29.172.in-addr.arpa)))) (defrevzone untrusted :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)) :reverse untrusted) (defzone dhcp.distorted.org.uk :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire)) :net dhcp) (defzone io.distorted.org.uk :ns ((ns :ip dns-frontend)) (about :txt "Fake zone used for IP-over-DNS tunnelling.")) (defzone dhcp.199.29.172.in-addr.arpa :ns ((metalzone.ns :ip metalzone) (vampire.ns :ip vampire))) ;;;----- That's all, folks --------------------------------------------------