Geraldo Silva
(usa Outra)
Enviado em 30/04/2012 - 12:36h
depois da troca
voltou a dar esse erro
etc/named.conf:59: unknown option 'allow-trasfer'
/etc/named.conf:65: unknown option 'allow-trasfer
[root@localhost ~]# cat -n /etc/named.conf
1 //
2 // Sample named.conf BIND DNS server 'named' configuration file
3 // for the Red Hat BIND distribution.
4 //
5 // See the BIND Administrator's Reference Manual (ARM) for details, in:
6 // file:///usr/share/doc/bind-*/arm/Bv9ARM.html
7 // Also see the BIND Configuration GUI : /usr/bin/system-config-bind and
8 // its manual.
9 //
10 options
11 {
12 // Those options should be used carefully because they disable port
13 // randomization
14 // query-source port 53;
15 // query-source-v6 port 53;
16
17 // Put files that named is allowed to write in the data/ directory:
18 directory "/var/named"; // the default
19 dump-file "data/cache_dump.db";
20 statistics-file "data/named_stats.txt";
21 memstatistics-file "data/named_mem_stats.txt";
22
23 listen-on { 172.0.0.1; 41.223.0.0/25; };
24 allow-query { 172.0.0.1; };
25 recursion yes;
26 allow-recursion { 172.0.0.1; 41.223.0.0/25; };
27
28
29 };
30 logging
31 {
32 /* If you want to enable debugging, eg. using the 'rndc trace' command,
33 * named will try to write the 'named.run' file in the $directory (/var/named).
34 * By default, SELinux policy does not allow named to modify the /var/named directory,
35 * so put the default debug log file in data/ :
36 */
37 channel default_debug {
38 file "data/named.run";
39 severity dynamic;
40 };
41 };
42 //
43 // All BIND 9 zones are in a "view", which allow different zones to be served
44 // to different types of client addresses, and for options to be set for groups
45 // of zones.
46 //
47 // By default, if named.conf contains no "view" clauses, all zones are in the
48 // "default" view, which matches all clients.
49 //
50 // If named.conf contains any "view" clause, then all zones MUST be in a view;
51 // so it is recommended to start off using views to avoid having to restructure
52 // your configuration files in the future.
53 //
54 include "/etc/named.rfc1912.zones";
55
56 zone "acs.ao" {
57 type master;
58 file "acs.ao.zone";
59 allow-trasfer { 41.223.43.7; };
60 };
61
62 zone "43.223.41.iddr.arpa" {
63 type master;
64 file "acs.ao.rev";
65 allow-trasfer { 41.223.43.7; };
66
67 };
68
69
70 {
71 /* This view sets up named to be a localhost resolver ( caching only nameserver ).
72 * If all you want is a caching-only nameserver, then you need only define this view:
73 */
74 match-clients { localhost; };
75 match-destinations { localhost; };
76 recursion yes;
77 # all views must contain the root hints zone:
78 include "/etc/named.root.hints";
79
80 /* these are zones that contain definitions for all the localhost
81 * names and addresses, as recommended in RFC1912 - these names should
82 * ONLY be served to localhost clients:
83 */
84 include "/etc/named.rfc1912.zones";
85 };
86 view "internal"
87 {
88 /* This view will contain zones you want to serve only to "internal" clients
89 that connect via your directly attached LAN interfaces - "localnets" .
90 */
91 match-clients { localnets; };
92 match-destinations { localnets; };
93 recursion yes;
94 // all views must contain the root hints zone:
95 include "/etc/named.root.hints";
96
97 // include "named.rfc1912.zones";
98 // you should not serve your rfc1912 names to non-localhost clients.
99
100 // These are your "authoritative" internal zones, and would probably
101 // also be included in the "localhost_resolver" view above :
102
103 zone "my.internal.zone" {
104 type master;
105 file "my.internal.zone.db";
106 };
107 zone "my.slave.internal.zone" {
108 type slave;
109 file "slaves/my.slave.internal.zone.db";
110 masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
111 // put slave zones in the slaves/ directory so named can update them
112 };
113 zone "my.ddns.internal.zone" {
114 type master;
115 allow-update { key ddns_key; };
116 file "slaves/my.ddns.internal.zone.db";
117 // put dynamically updateable zones in the slaves/ directory so named can update them
118 };
119 };
120 key ddns_key
121 {
122 algorithm hmac-md5;
123 secret "jECUtiuPZOTeeu72gkIOTO7iDgBcWqoTdfOBNAIIo2YspSBPmKnAGlk63SQF";
124 };
125 view "external"
126 {
127 /* This view will contain zones you want to serve only to "external" clients
128 * that have addresses that are not on your directly attached LAN interface subnets:
129 */
130 match-clients { any; };
131 match-destinations { any; };
132
133 recursion no;
134 // you'd probably want to deny recursion to external clients, so you don't
135 // end up providing free DNS service to all takers
136
137 allow-query-cache { none; };
138 // Disable lookups for any cached data and root hints
139
140 // all views must contain the root hints zone:
141 include "/etc/named.root.hints";
142
143 // These are your "authoritative" external zones, and would probably
144 // contain entries for just your web and mail servers:
145
146 zone "my.external.zone" {
147 type master;
148 file "my.external.zone.db";
149 };
150 };
[root@localhost ~]#
