chiark
/
gitweb
/
~mdw
/
zones
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
distorted.lisp: Fix `eggle' nameserver entries.
[zones]
/
distorted.lisp
diff --git
a/distorted.lisp
b/distorted.lisp
index 8147a62e363f9e10f50b27a041a2417e1bf351c3..739069267b6d091c31d5a1e4f9b74df5d80aa36d 100644
(file)
--- a/
distorted.lisp
+++ b/
distorted.lisp
@@
-71,6
+71,7
@@
(defzone distorted.org.uk
(precision.ns :ip precision)
(telecaster.ns :ip telecaster)
(national.ns :ip national)
(precision.ns :ip precision)
(telecaster.ns :ip telecaster)
(national.ns :ip national)
+ (eggle.ns :ip eggle)
#-view/inside (mythic-beasts-1.ns :ip mythic-ns1)
#-view/inside (mythic-beasts-2.ns :ip mythic-ns2)
#-view/inside (mythic-beasts-3.ns :ip mythic-ns3)
#-view/inside (mythic-beasts-1.ns :ip mythic-ns1)
#-view/inside (mythic-beasts-2.ns :ip mythic-ns2)
#-view/inside (mythic-beasts-3.ns :ip mythic-ns3)
@@
-84,8
+85,17
@@
(defzone distorted.org.uk
((@ mail blackhole) :mx mail :srv ((:smtp mail)))
(bugs :mx lists :srv ((:smtp bugs)))
(lists :mx lists :srv ((:smtp lists)))
((@ mail blackhole) :mx mail :srv ((:smtp mail)))
(bugs :mx lists :srv ((:smtp bugs)))
(lists :mx lists :srv ((:smtp lists)))
+ (_dmarc :dmarc (:v "DMARC1"
+ :p "quarantine" :sp "quarantine"
+ :adkim "s" :aspf "s"))
((_domainkey _domainkey.mail) :dname stratocaster.dkim)
((_domainkey _domainkey.mail) :dname stratocaster.dkim)
+ ((stratocaster @ mail) :spf ((:version "spf1")
+ (:pass :ip stratocaster.dmz)
+ (:soft :all)))
((_domainkey.bugs _domainkey.lists) :dname telecaster.dkim)
((_domainkey.bugs _domainkey.lists) :dname telecaster.dkim)
+ ((telecaster bugs lists) :spf ((:version "spf1")
+ (:pass :ip telecaster.dmz)
+ (:soft :all)))
;; Anycast services.
(dns0 :anycast ((any dns0.any) (dmz radius.dmz)
;; Anycast services.
(dns0 :anycast ((any dns0.any) (dmz radius.dmz)
@@
-202,8
+212,9
@@
(defzone distorted.org.uk
;; Virtual hosts.
(national :abbrev n (linode :abbrev nl) (upn :abbrev ny))
;; Virtual hosts.
(national :abbrev n (linode :abbrev nl) (upn :abbrev ny))
- (national (linode :addr national.linode)
- (upn :addr national.upn))
+ (national (linode :addr national.linode) (upn :addr national.upn))
+ (eggle :abbrev e (jump :abbrev ej) (upn :abbrev ey))
+ (eggle (jump :addr eggle.jump) (upn :addr eggle.upn))
(mdwdev (upn :addr mdwdev.upn))
;; Nicko's servers.
(mdwdev (upn :addr mdwdev.upn))
;; Nicko's servers.
@@
-224,9
+235,11
@@
(defzone distorted.org.uk
(lunch :alias ap1)
(lunch (safe :addr lunch.safe))
(lunch :alias ap1)
(lunch (safe :addr lunch.safe))
- ;; Printer.
+ ;; Printer
and scanner
.
(burntaxe :alias lp0)
(burntaxe (safe :addr burntaxe.safe))
(burntaxe :alias lp0)
(burntaxe (safe :addr burntaxe.safe))
+ (unicorn :alias scan0)
+ (unicorn (safe :addr unicorn.safe))
;; Switches.
(grigsby :alias tp0)
;; Switches.
(grigsby :alias tp0)
@@
-313,7
+326,8
@@
(defzone distorted.org.uk
(dhcp :ns ((radius.ns.dhcp :ip radius)
(precision.ns.dhcp :ip precision)
(telecaster.ns.dhcp :ip telecaster)
(dhcp :ns ((radius.ns.dhcp :ip radius)
(precision.ns.dhcp :ip precision)
(telecaster.ns.dhcp :ip telecaster)
- (national.ns.dhcp :ip national))
+ (national.ns.dhcp :ip national)
+ (eggle.ns.dhcp :ip eggle))
:ds ((55966 :rsasha256 :sha1
"95b05c1f4e84f950f29630004bac447f8a87ca33")
(55966 :rsasha256 :sha256
:ds ((55966 :rsasha256 :sha1
"95b05c1f4e84f950f29630004bac447f8a87ca33")
(55966 :rsasha256 :sha256
@@
-322,7
+336,8
@@
(defzone distorted.org.uk
(dyn :ns ((radius.ns.dyn :ip radius)
(precision.ns.dyn :ip precision)
(telecaster.ns.dyn :ip telecaster)
(dyn :ns ((radius.ns.dyn :ip radius)
(precision.ns.dyn :ip precision)
(telecaster.ns.dyn :ip telecaster)
- (national.ns.dyn :ip national))
+ (national.ns.dyn :ip national)
+ (eggle.ns.dyn :ip eggle))
:ds ((11335 :rsasha256 :sha1
"7ed2b843b0bfb38ceca68617dfacbeafab1d1ea9")
(11335 :rsasha256 :sha256
:ds ((11335 :rsasha256 :sha1
"7ed2b843b0bfb38ceca68617dfacbeafab1d1ea9")
(11335 :rsasha256 :sha256
@@
-331,7
+346,8
@@
(defzone distorted.org.uk
(dnserr :ns ((radius.ns.dnserr :ip radius.dmz)
(precision.ns.dnserr :ip precision.dmz)
(telecaster.ns.dnserr :ip telecaster.dmz)
(dnserr :ns ((radius.ns.dnserr :ip radius.dmz)
(precision.ns.dnserr :ip precision.dmz)
(telecaster.ns.dnserr :ip telecaster.dmz)
- (national.ns.dnserr :ip national.linode))
+ (national.ns.dnserr :ip national.linode)
+ (eggle.ns.dnserr :ip eggle.jump))
:ds ((40945 :rsasha256 :sha1
"f35b5d0b877b940e63ad1b3afc21d6ba83cd1b3b")
(40945 :rsasha256 :sha256
:ds ((40945 :rsasha256 :sha1
"f35b5d0b877b940e63ad1b3afc21d6ba83cd1b3b")
(40945 :rsasha256 :sha256
@@
-342,6
+358,7
@@
(defzone distorted.org.uk
(precision.ns.stratocaster.dkim :ip precision.dmz)
(telecaster.ns.stratocaster.dkim :ip telecaster.dmz)
(national.ns.stratocaster.dkim :ip national.linode)
(precision.ns.stratocaster.dkim :ip precision.dmz)
(telecaster.ns.stratocaster.dkim :ip telecaster.dmz)
(national.ns.stratocaster.dkim :ip national.linode)
+ (eggle.ns.stratocaster.dkim :ip eggle.jump)
(mythic-beasts-1.ns.stratocaster.dkim :ip mythic-ns1)
(mythic-beasts-2.ns.stratocaster.dkim :ip mythic-ns2)
(mythic-beasts-3.ns.stratocaster.dkim :ip mythic-ns3))
(mythic-beasts-1.ns.stratocaster.dkim :ip mythic-ns1)
(mythic-beasts-2.ns.stratocaster.dkim :ip mythic-ns2)
(mythic-beasts-3.ns.stratocaster.dkim :ip mythic-ns3))
@@
-355,6
+372,7
@@
(defzone distorted.org.uk
(precision.ns.telecaster.dkim :ip precision.dmz)
(telecaster.ns.telecaster.dkim :ip telecaster.dmz)
(national.ns.telecaster.dkim :ip national.linode)
(precision.ns.telecaster.dkim :ip precision.dmz)
(telecaster.ns.telecaster.dkim :ip telecaster.dmz)
(national.ns.telecaster.dkim :ip national.linode)
+ (eggle.ns.telecaster.dkim :ip eggle.jump)
(mythic-beasts-1.ns.telecaster.dkim :ip mythic-ns1)
(mythic-beasts-2.ns.telecaster.dkim :ip mythic-ns2)
(mythic-beasts-3.ns.telecaster.dkim :ip mythic-ns3))
(mythic-beasts-1.ns.telecaster.dkim :ip mythic-ns1)
(mythic-beasts-2.ns.telecaster.dkim :ip mythic-ns2)
(mythic-beasts-3.ns.telecaster.dkim :ip mythic-ns3))
@@
-364,17
+382,18
@@
(defzone distorted.org.uk
#.(concatenate 'string "66997571c7d47f912caa65f2154ecd37"
"5b9d391e3ed44d79ac35eef59264e521"))))
(io :ns ((ns.io :ip jazz.dmz)))
#.(concatenate 'string "66997571c7d47f912caa65f2154ecd37"
"5b9d391e3ed44d79ac35eef59264e521"))))
(io :ns ((ns.io :ip jazz.dmz)))
- (play :ns (radius.ns precision.ns telecaster.ns national.ns)))
+ (play :ns (radius.ns precision.ns telecaster.ns national.ns
eggle.jump
)))
;;;--------------------------------------------------------------------------
;;; Other subsidiary zones.
#+view/outside
(defzone dhcp.distorted.org.uk
;;;--------------------------------------------------------------------------
;;; Other subsidiary zones.
#+view/outside
(defzone dhcp.distorted.org.uk
- :ns ((radius.ns :ip radius.dmz)
- (precision.ns :ip precision.dmz)
- (telecaster.ns :ip telecaster.dmz)
- (national.ns :ip national.linode))
+ :ns ((radius.ns :ip radius)
+ (precision.ns :ip precision)
+ (telecaster.ns :ip telecaster)
+ (national.ns :ip national)
+ (eggle.ns :ip eggle))
(gibson :addr gibson.unsafe)
(crybaby :addr crybaby.unsafe)
(lespaul :addr lespaul.unsafe)
(gibson :addr gibson.unsafe)
(crybaby :addr crybaby.unsafe)
(lespaul :addr lespaul.unsafe)
@@
-389,7
+408,8
@@
(defzone (dyn.distorted.org.uk :source telecaster.distorted.org.uk.)
:ns ((radius.ns :ip radius)
(precision.ns :ip precision)
(telecaster.ns :ip telecaster)
:ns ((radius.ns :ip radius)
(precision.ns :ip precision)
(telecaster.ns :ip telecaster)
- (national.ns :ip national)))
+ (national.ns :ip national)
+ (eggle.ns :ip eggle)))
#+view/outside
(defzone nicko.org
#+view/outside
(defzone nicko.org
@@
-397,19
+417,21
@@
(defzone nicko.org
#+view/outside
(defzone stratocaster.dkim.distorted.org.uk
#+view/outside
(defzone stratocaster.dkim.distorted.org.uk
- :ns ((radius.ns :ip radius.dmz)
- (precision.ns :ip precision.dmz)
- (telecaster.ns :ip telecaster.dmz)
- (national.ns :ip national.linode)
+ :ns ((radius.ns :ip radius)
+ (precision.ns :ip precision)
+ (telecaster.ns :ip telecaster)
+ (national.ns :ip national)
+ (eggle.ns :ip eggle)
(mythic-beasts-1.ns :ip mythic-ns1)
(mythic-beasts-2.ns :ip mythic-ns2)
(mythic-beasts-3.ns :ip mythic-ns3)))
#+view/outside
(defzone telecaster.dkim.distorted.org.uk
(mythic-beasts-1.ns :ip mythic-ns1)
(mythic-beasts-2.ns :ip mythic-ns2)
(mythic-beasts-3.ns :ip mythic-ns3)))
#+view/outside
(defzone telecaster.dkim.distorted.org.uk
- :ns ((radius.ns :ip radius.dmz)
- (precision.ns :ip precision.dmz)
- (telecaster.ns :ip telecaster.dmz)
- (national.ns :ip national.linode)
+ :ns ((radius.ns :ip radius)
+ (precision.ns :ip precision)
+ (telecaster.ns :ip telecaster)
+ (national.ns :ip national)
+ (eggle.ns :ip eggle)
(mythic-beasts-1.ns :ip mythic-ns1)
(mythic-beasts-2.ns :ip mythic-ns2)
(mythic-beasts-3.ns :ip mythic-ns3)))
(mythic-beasts-1.ns :ip mythic-ns1)
(mythic-beasts-2.ns :ip mythic-ns2)
(mythic-beasts-3.ns :ip mythic-ns3)))
@@
-418,7
+440,8
@@
(defrevzone trusted
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
- national.distorted.org.uk.)
+ national.distorted.org.uk.
+ eggle.distorted.org.uk.)
:reverse unsafe
:reverse vpn
:reverse its
:reverse unsafe
:reverse vpn
:reverse its
@@
-434,19
+457,22
@@
(defzone dhcp.199.29.172.in-addr.arpa
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
- national.distorted.org.uk.))
+ national.distorted.org.uk.
+ eggle.distorted.org.uk.))
(defrevzone untrusted
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
(defrevzone untrusted
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
- national.distorted.org.uk.))
+ national.distorted.org.uk.
+ eggle.distorted.org.uk.))
(defzone 128-143.238.187.81.in-addr.arpa
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
national.distorted.org.uk.
(defzone 128-143.238.187.81.in-addr.arpa
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
national.distorted.org.uk.
+ eggle.distorted.org.uk.
secondary-dns.co.uk.)
:reverse ((((:ipv4 dmz)))))
secondary-dns.co.uk.)
:reverse ((((:ipv4 dmz)))))
@@
-455,6
+481,7
@@
(defzone 64-79.12.169.217.in-addr.arpa
precision.distorted.org.uk.
telecaster.distorted.org.uk.
national.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
national.distorted.org.uk.
+ eggle.distorted.org.uk.
secondary-dns.co.uk.)
:reverse ((((:ipv4 dmz1)))))
secondary-dns.co.uk.)
:reverse ((((:ipv4 dmz1)))))
@@
-463,6
+490,7
@@
(defzone 195.113.2.81.in-addr.arpa
precision.distorted.org.uk.
telecaster.distorted.org.uk.
national.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
national.distorted.org.uk.
+ eggle.distorted.org.uk.
secondary-dns.co.uk.)
:reverse ((((:ipv4 gw)))))
secondary-dns.co.uk.)
:reverse ((((:ipv4 gw)))))
@@
-471,18
+499,29
@@
(defrevzone (distorted.org.uk-aaisp :family :ipv6)
precision.distorted.org.uk.
telecaster.distorted.org.uk.
national.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
national.distorted.org.uk.
+ eggle.distorted.org.uk.
secondary-dns.co.uk.)
(0.7.3.6.8.6.4.6.1.0.0.0 :ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
secondary-dns.co.uk.)
(0.7.3.6.8.6.4.6.1.0.0.0 :ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
- national.distorted.org.uk.))
+ national.distorted.org.uk.
+ eggle.distorted.org.uk.))
:reverse ((((:ipv6 distorted.org.uk-aaisp)))))
:reverse ((((:ipv6 distorted.org.uk-aaisp)))))
+(defrevzone jump-ipv6
+ :ns (radius.distorted.org.uk.
+ precision.distorted.org.uk.
+ telecaster.distorted.org.uk.
+ national.distorted.org.uk.
+ eggle.distorted.org.uk.)
+ :reverse ((((:ipv6 jump-ipv6)))))
+
(defrevzone (dhcp :family :ipv6)
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
(defrevzone (dhcp :family :ipv6)
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
- national.distorted.org.uk.))
+ national.distorted.org.uk.
+ eggle.distorted.org.uk.))
#+view/outside
(defzone io.distorted.org.uk
#+view/outside
(defzone io.distorted.org.uk
~mdw / zones / blobdiff