X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/zones/blobdiff_plain/1605b924c16c9c5971bf48a80f1ab2ef58babddc..HEAD:/distorted.lisp

diff --git a/distorted.lisp b/distorted.lisp
index 18446ec..2f24778 100644
--- a/distorted.lisp
+++ b/distorted.lisp
@@ -203,7 +203,9 @@ (defzone distorted.org.uk
 		(dmz :alias strat.dmz :abbrev sd))
   (stratocaster (unsafe :addr stratocaster.unsafe :sshfp "stratocaster")
 		(dmz :addr stratocaster.dmz :sshfp "stratocaster"))
-  (jazz :abbrev z (unsafe :abbrev zu) (dmz :abbrev zd) (vpn :abbrev :zv))
+  (jazz :abbrev z
+	(unsafe :abbrev zu) (dmz :abbrev zd)
+	(vpn :abbrev :zv) (iodine :abbrev z53) (hippo :abbrev zh))
   (jazz (unsafe :addr jazz.unsafe :sshfp "jazz")
 	(dmz :addr jazz.dmz :sshfp "jazz")
 	(vpn :addr jazz.vpn :sshfp "jazz")
@@ -212,9 +214,11 @@ (defzone distorted.org.uk
 
   ;; Virtual hosts.
   (national :abbrev n (linode :abbrev nl) (upn :abbrev ny))
-  (national (linode :addr national.linode) (upn :addr national.upn))
+  (national (linode :addr national.linode :sshfp "national")
+	    (upn :addr national.upn :sshfp "national"))
   (eggle :abbrev e (jump :abbrev ej) (upn :abbrev ey))
-  (eggle (jump :addr eggle.jump) (upn :addr eggle.upn))
+  (eggle (jump :addr eggle.jump :sshfp "eggle")
+	 (upn :addr eggle.upn :sshfp "eggle"))
   (mdwdev (upn :addr mdwdev.upn))
 
   ;; Nicko's servers.
@@ -223,7 +227,7 @@ (defzone distorted.org.uk
 
   ;; Entry is via little router box.
   (dmz :net dmz)
-  (guvnor (dmz :addr guvnor.dmz))
+  (guvnor (dmz :addr guvnor.dmz :sshfp "radius"))
   (nat (dmz :addr nat.dmz))
 
   ;; Wireless access points.
@@ -286,8 +290,7 @@ (defzone distorted.org.uk
   (artist (unsafe :addr artist.unsafe :sshfp "artist")
 	  (dmz :addr artist.dmz :sshfp "artist")
 	  (untrusted :addr artist.untrusted :sshfp "artist"))
-  (groove :abbrev gr
-	  (vpn :abbrev grv) (unsafe :abbrev gru))
+  (groove :abbrev gr (vpn :abbrev grv) (unsafe :abbrev gru))
   (groove (vpn :addr groove.vpn :sshfp "groove")
 	  (unsafe :addr groove.unsafe :sshfp "groove"))
 
@@ -301,9 +304,10 @@ (defzone distorted.org.uk
 
   ;; Virtual network.
   (vpn :net vpn)
-  (crybaby :abbrev cb)
+  (crybaby :abbrev cb (vpn :abbrev cbv) (hippo :abbrev cbh))
   (crybaby (vpn :addr crybaby.vpn :sshfp "crybaby")
 	   (hippo :addr crybaby.hippo :sshfp "crybaby"))
+  (spirit :abbrev sp (vpn :abbrev spv) (hippo :abbrev sph))
   (spirit (vpn :addr spirit.vpn :sshfp "spirit")
 	  (hippo :addr spirit.hippo :sshfp "spirit"))
   (terror (vpn :addr terror.vpn :sshfp "terror"))
@@ -411,7 +415,6 @@ (defzone (dyn.distorted.org.uk :source telecaster.distorted.org.uk.)
        (national.ns :ip national)
        (eggle.ns :ip eggle)))
 
-#+view/outside
 (defzone nicko.org
   (richmond :addr richmond.dmz)
   (marshall :addr marshall.dmz))
@@ -444,6 +447,7 @@ (defrevzone trusted
        national.distorted.org.uk.
        eggle.distorted.org.uk.)
   :reverse unsafe
+  :reverse safe
   :reverse vpn
   :reverse its
   :reverse any
@@ -451,7 +455,8 @@ (defrevzone trusted
 	     precision.distorted.org.uk.
 	     telecaster.distorted.org.uk.
 	     national.distorted.org.uk.))
-  :multi (((dhcp safe) :family :ipv4 :suffix "199.29.172.dhcp") :cname *))
+  :multi (((unsafe-dhcp01 unsafe-dhcp1x safe-dhcp011 safe-dhcp1xx)
+	   :family :ipv4 :suffix "199.29.172.dhcp") :cname *))
 
 #+view/outside
 (defzone dhcp.199.29.172.in-addr.arpa
@@ -517,7 +522,14 @@ (defrevzone jump-ipv6
        eggle.distorted.org.uk.)
   :reverse ((((:ipv6 jump-ipv6)))))
 
-(defrevzone (dhcp :family :ipv6)
+(defrevzone (unsafe-dhcp :family :ipv6)
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       national.distorted.org.uk.
+       eggle.distorted.org.uk.))
+
+(defrevzone (safe-dhcp :family :ipv6)
   :ns (radius.distorted.org.uk.
        precision.distorted.org.uk.
        telecaster.distorted.org.uk.