In message <56a3e6c7.5020...@schinagl.nl>, Olliver Schinagl writes: > Hi list, > > recently I updated to bind-9.10 and noticed that an illegal setup was > finally disallowed. Good things, but I (and others I'm sure) kind of > miss-used this ability. With the change however, I am now looking for > help on restoring similar behavior. Let me explain. > > As we all know, ads are everywhere and can be quite troublesome. Because > of this I block many known adservers internally via bind. To obtain this > list of adservers, I use http://pgl.yoyo.org/adservers/ which generates > a file with the following syntax: zone "example.com" { type master; > notify no; file "pri/null.zone"; }; The Null zone looks as follows: > > ; BIND db file for ad servers - point all addresses to an invalid IP > $TTL 864000 ; ten days > > @ IN SOA ns0.example.net. hostmaster.example.net. ( > 2008032800 ; serial number YYMMDDNN > 288000 ; refresh 80 hours > 72000 ; retry 20 hours > 8640000 ; expire 100 days > 864000 ) ; min ttl 10 day > NS ns0.example.net. > > A 0.0.0.0 > > * IN A 0.0.0.0 > > Obviously with this and the many (generated) zones having 1 dummy zone > sounds reasonable logically. > > These adservers are included in my 'internal' view as such: > > view "internal" { > match-clients { internal; trusted; }; > recursion yes; > > include "/etc/bind/dlz_internal.conf"; > > # include "/etc/bind/adservers.conf"; > }; > > Adservers.conf being commented here as bind now fails on this. > > My question is, what is a good method to do this with the latest bind. I > tried to find some way to disable updates or mark the view/include as > 'read-only' but have not found this out as of yet. > > Any tips and tricks appreciated! > > Olliver > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users
Presumably you have a zone which which has pri/null.zone as a slave or you have a global/view level dynamic updating of all master zones turned on as just sharing a read-only master zone is still permitted. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
