o.open/Office_Networks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Christoph
2018-05-08 03:01:03 +02:00
commit 1c4c595cd6
3256 changed files with 417972 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
SPR-BE/bind/bind.keys Normal file
View File

@ -0,0 +1,69 @@
# The bind.keys file is used to override the built-in DNSSEC trust anchors
# which are included as part of BIND 9. As of the current release, the only
# trust anchors it contains are those for the DNS root zone ("."), and for
# the ISC DNSSEC Lookaside Validation zone ("dlv.isc.org"). Trust anchors
# for any other zones MUST be configured elsewhere; if they are configured
# here, they will not be recognized or used by named.
#
# The built-in trust anchors are provided for convenience of configuration.
# They are not activated within named.conf unless specifically switched on.
# To use the built-in root key, set "dnssec-validation auto;" in
# named.conf options. To use the built-in DLV key, set
# "dnssec-lookaside auto;". Without these options being set,
# the keys in this file are ignored.
#
# This file is NOT expected to be user-configured.
#
# These keys are current as of Feburary 2017. If any key fails to
# initialize correctly, it may have expired. In that event you should
# replace this file with a current version. The latest version of
# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys.
managed-keys {
# ISC DLV: See https://www.isc.org/solutions/dlv for details.
#
# NOTE: The ISC DLV zone is being phased out as of February 2017;
# the key will remain in place but the zone will be otherwise empty.
# Configuring "dnssec-lookaside auto;" to activate this key is
# harmless, but is no longer useful and is not recommended.
dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2
brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+
1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5
ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk
Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM
QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt
TDN0YUuWrBNh";
# ROOT KEYS: See https://data.iana.org/root-anchors/root-anchors.xml
# for current trust anchor information.
#
# These keys are activated by setting "dnssec-validation auto;"
# in named.conf.
#
# This key (19036) is to be phased out starting in 2017. It will
# remain in the root zone for some time after its successor key
# has been added. It will remain this file until it is removed from
# the root zone.
. initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF
FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX
bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD
X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz
W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS
Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq
QxA+Uk1ihz0=";
# This key (20326) is to be published in the root zone in 2017.
# Servers which were already using the old key (19036) should
# roll seamlessly to this new one via RFC 5011 rollover. Servers
# being set up for the first time can use the contents of this
# file as initializing keys; thereafter, the keys in the
# managed key database will be trusted and maintained
# automatically.
. initial-key 257 3 8 "AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3
+/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv
ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF
0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+e
oZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfd
RUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwN
R1AkUTV74bU=";
};

12
SPR-BE/bind/db.0 Normal file
View File

@ -0,0 +1,12 @@
;
; BIND reverse data file for broadcast zone
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.

13
SPR-BE/bind/db.127 Normal file
View File

@ -0,0 +1,13 @@
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
1.0.0 IN PTR localhost.

59
SPR-BE/bind/db.192.168.92.0 Normal file
View File

@ -0,0 +1,59 @@
;
; BIND reverse data file for local sprachenatelier.netz zone
;
$TTL 43600
@ IN SOA ns.sprachenatelier.netz. ckubu.oopen.de. (
2017060301 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns-spr.sprachenatelier.netz.
; - Gateway/Firewall
254 IN PTR gw-spr.sprachenatelier.netz.
; - (Caching ) Nameserver
1 IN PTR ns-spr.sprachenatelier.netz.
; - Fileserver
10 IN PTR file-spr.sprachenatelier.netz.
11 IN PTR file-spr-alt.sprachenatelier.netz.
; - IPMI
15 IN PTR file-ipmi.sprachenatelier.netz.
202 IN PTR file-ipmi-alt.sprachenatelier.netz.
; - Drucker
5 IN PTR hp-cp1515n.sprachenatelier.netz.
6 IN PTR kyocera-p2040dn.sprachenatelier.netz.
7 IN PTR br-mfc-jw5910dw.sprachenatelier.netz.
8 IN PTR kyocera-p2135dn.sprachenatelier.netz.
; - Accesspoint
50 IN PTR wlan-spr.sprachenatelier.netz.
; - Buero PC's
101 IN PTR cl101.sprachenatelier.netz.
102 IN PTR cl102.sprachenatelier.netz.
103 IN PTR cl103.sprachenatelier.netz.
104 IN PTR cl104.sprachenatelier.netz.
105 IN PTR cl105.sprachenatelier.netz.
106 IN PTR cl106.sprachenatelier.netz.
107 IN PTR cl107.sprachenatelier.netz.
108 IN PTR cl108.sprachenatelier.netz.
109 IN PTR cl109.sprachenatelier.netz.
110 IN PTR cl110.sprachenatelier.netz.
;111 IN PTR cl111.sprachenatelier.netz.
;112 IN PTR cl112.sprachenatelier.netz.
137 IN PTR cl107-alt.sprachenatelier.netz.
138 IN PTR cl108-alt.sprachenatelier.netz.

12
SPR-BE/bind/db.255 Normal file
View File

@ -0,0 +1,12 @@
;
; BIND reverse data file for broadcast zone
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.

14
SPR-BE/bind/db.empty Normal file
View File

@ -0,0 +1,14 @@
; BIND reverse data file for empty rfc1918 zone
;
; DO NOT EDIT THIS FILE - it is used for multiple zones.
; Instead, copy it, edit named.conf, and use that copy.
;
$TTL 86400
@ IN SOA localhost. root.localhost. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
86400 ) ; Negative Cache TTL
;
@ IN NS localhost.

14
SPR-BE/bind/db.local Normal file
View File

@ -0,0 +1,14 @@
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
@ IN A 127.0.0.1
@ IN AAAA ::1

90
SPR-BE/bind/db.root Normal file
View File

@ -0,0 +1,90 @@
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.cache
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: February 17, 2016
; related version of root zone: 2016021701
;
; formerly NS.INTERNIC.NET
;
. 3600000 NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30
;
; FORMERLY NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b
;
; FORMERLY C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c
;
; FORMERLY TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
;
; FORMERLY NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; FORMERLY NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
;
; FORMERLY NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; FORMERLY AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53
H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53
;
; FORMERLY NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53
;
; OPERATED BY VERISIGN, INC.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30
;
; OPERATED BY RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
;
; OPERATED BY ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
;
; OPERATED BY WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
; End of file

148
SPR-BE/bind/db.sprachenatelier.netz Normal file
View File

@ -0,0 +1,148 @@
;
; BIND data file for local sprachenatelier.netz zone
;
$TTL 43600
@ IN SOA ns.sprachenatelier.netz. ckubu.oopen.de. (
2017060301 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns-spr.sprachenatelier.netz.
; Gateway/Firewall
gw-spr IN A 192.168.92.254
gate IN CNAME gw-spr
gw IN CNAME gw-spr
; (Caching ) Nameserver
ns-spr IN A 192.168.92.1
ns IN CNAME ns-spr
nscache IN CNAME ns-spr
; - Fileserver
file-spr IN A 192.168.92.10
file IN CNAME file-spr
www IN CNAME file-spr
file-spr-alt IN A 192.168.92.11
; - IPMI
gw-ipmi IN A 172.16.92.15
file-ipmi IN A 192.168.92.15
file-ipmi-alt IN A 192.168.92.202
; - HP Color LaserJet CP1515DN
;
hp-cp1515n IN A 192.168.92.5
hp-color IN CNAME hp-cp1515n
; - Kyocera ECOSYS P3040DN
;
kyocera-p2040dn IN A 192.168.92.6
km-p2040dn IN CNAME kyocera-p2040dn
; Brother MFC-J5910DW
;
br-mfc-jw5910dw IN A 192.168.92.7
brother IN CNAME br-mfc-jw5910dw
; - KyoceraA P2035D
; - Gibt es nicht mehr -
;
;kyocera-p2135dn IN A 192.168.92.8
;kyocera IN CNAME kyocera-p2135dn
; - Kyocera ECOSYS P2135DN
;
kyocera-p2035d IN A 192.168.92.9
km29df05 IN CNAME kyocera-p2035d
; - Accesspoint
wlan-spr IN A 192.168.92.50
wlan IN CNAME wlan-spr
accesspoint IN CNAME wlan-spr
; PC's
cl101-spr IN A 192.168.92.101
cl101 IN CNAME cl101-spr
cl102-spr IN A 192.168.92.102
cl102 IN CNAME cl102-spr
cl103-spr IN A 192.168.92.103
cl103 IN CNAME cl103-spr
cl104-spr IN A 192.168.92.104
cl104 IN CNAME cl104-spr
cl105-spr IN A 192.168.92.105
cl105 IN CNAME cl105-spr
cl106-spr IN A 192.168.92.106
cl106 IN CNAME cl106-spr
cl107-spr IN A 192.168.92.107
cl107 IN CNAME cl107-spr
cl108-spr IN A 192.168.92.108
cl108 IN CNAME cl108-spr
cl109-spr IN A 192.168.92.109
cl109 IN CNAME cl109-spr
cl110-spr IN A 192.168.92.110
cl110 IN CNAME cl110-spr
cl111-spr IN A 192.168.92.111
cl111 IN CNAME cl111-spr
cl112-spr IN A 192.168.92.112
cl112 IN CNAME cl112-spr
cl101-alt-spr IN A 192.168.92.131
cl101-alt IN CNAME cl101-alt-spr
cl102-alt-spr IN A 192.168.92.132
cl102-alt IN CNAME cl102-alt-spr
cl103-alt-spr IN A 192.168.92.133
cl103-alt IN CNAME cl103-alt-spr
cl105-alt-spr IN A 192.168.92.135
cl105-alt IN CNAME cl105-alt-spr
cl106-alt-spr IN A 192.168.92.136
cl106-alt IN CNAME cl106-alt-spr
cl107-alt-spr IN A 192.168.92.137
cl107-alt IN CNAME cl107-alt-spr
cl108-alt-spr IN A 192.168.92.138
cl108-alt IN CNAME cl108-alt-spr
; Lancom 1781VAW - Router (von der Telekom)
;
lancome-router IN A 172.16.92.254
lancom IN CNAME lancome-router
router IN CNAME lancome-router
; Lancom L-322agn dual Wireless (R2)
; 2 * Accespoint (HotSpot)
;
lancom-ap1 IN A 192.168.150.11
ap1 IN CNAME lancom-ap1
lancom-ap2 IN A 192.168.150.12
ap2 IN CNAME lancom-ap2

11
SPR-BE/bind/named.conf Normal file
View File

@ -0,0 +1,11 @@
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

30
SPR-BE/bind/named.conf.default-zones Normal file
View File

@ -0,0 +1,30 @@
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};

18
SPR-BE/bind/named.conf.local Normal file
View File

@ -0,0 +1,18 @@
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "sprachenatelier.netz" {
type master;
file "/etc/bind/db.sprachenatelier.netz";
};
zone "92.168.192.in-addr.arpa" {
type master;
file "/etc/bind/db.192.168.92.0";
};

8
SPR-BE/bind/named.conf.local.ORIG Normal file
View File

@ -0,0 +1,8 @@
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

92
SPR-BE/bind/named.conf.options Normal file
View File

@ -0,0 +1,92 @@
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
// Security options
listen-on port 53 {
127.0.0.1;
192.168.92.1;
};
allow-query {
127.0.0.1;
192.168.0.0/16;
10.0.0.0/8;
};
// caching name services
recursion yes;
allow-recursion {
127.0.0.1;
192.168.0.0/16;
10.0.0.0/16;
};
allow-transfer { none; };
listen-on-v6 { any; };
};
logging {
channel simple_log {
file "/var/log/named/bind.log" versions 3 size 5m;
//severity warning;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
channel queries_log {
file "/var/log/named/query.log" versions 10 size 5m;
severity debug;
//severity notice;
print-time yes;
print-severity yes;
print-category no;
};
channel log_zone_transfers {
file "/var/log/named/axfr.log" versions 5 size 2m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
category resolver {
queries_log;
};
category queries {
queries_log;
};
category xfer-in {
log_zone_transfers;
};
category xfer-out {
log_zone_transfers;
};
category notify {
log_zone_transfers;
};
category default{
simple_log;
};
};

26
SPR-BE/bind/named.conf.options.ORIG Normal file
View File

@ -0,0 +1,26 @@
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};

4
SPR-BE/bind/rndc.key Normal file
View File

@ -0,0 +1,4 @@
key "rndc-key" {
algorithm hmac-md5;
secret "O65aHnnePKHRNgUJM4eoLA==";
};

20
SPR-BE/bind/zones.rfc1918 Normal file
View File

@ -0,0 +1,20 @@
zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };