Bo's Oracle Station

查看: 1856|回复: 0

课程第22次

[复制链接]
匿名
匿名  发表于 2019-8-27 21:38:44 |阅读模式
如果要靠unbound自己解析,不转发:


server:
verbosity: 1
statistics-interval: 0

statistics-cumulative: no
extended-statistics: yes
num-threads: 4
interface: 192.168.0.3
interface-automatic: no





so-reuseport: yes
ip-transparent: yes














access-control:   192.168.0.0/24   allow


access-control-view: 192.168.0.0/24  abc
chroot: ""
username: "unbound"
directory: "/etc/unbound"

log-time-ascii: yes

pidfile: "/var/run/unbound/unbound.pid"





harden-glue: yes
harden-dnssec-stripped: yes
harden-below-nxdomain: yes
harden-referral-path: yes




unwanted-reply-threshold: 10000000

prefetch: yes
prefetch-key: yes
rrset-roundrobin: yes
minimal-responses: yes

module-config: "ipsecmod validator iterator"

trust-anchor-signaling: yes


trusted-keys-file: /etc/unbound/keys.d/*.key
auto-trust-anchor-file: "/var/lib/unbound/root.key"
domain-insecure: "example.com"
domain-insecure: "0.168.192.in-addr.arpa"


val-clean-additional: yes
val-permissive-mode: no

val-log-level: 1







include: /etc/unbound/local.d/*.conf






ipsecmod-enabled: no
ipsecmod-hook: "/usr/libexec/ipsec/_unbound-hook"
python:
remote-control:
control-enable: yes


server-key-file: "/etc/unbound/unbound_server.key"
server-cert-file: "/etc/unbound/unbound_server.pem"
control-key-file: "/etc/unbound/unbound_control.key"
control-cert-file: "/etc/unbound/unbound_control.pem"
include: /etc/unbound/conf.d/*.conf




view:
        name: "abc"
        local-zone: "0.168.192.in-addr.arpa."  nodefault
        local-zone: "example.com." nodefault
        local-data: "alading.example.com. IN A 192.168.0.3"  
        local-data: "dog.example.com. IN A 192.168.0.4"  
        local-data: "cat.example.com. IN A 192.168.0.5"  
        local-data-ptr: "192.168.0.3  alading.example.com"
        local-data-ptr: "192.168.0.4  dog.example.com"
        local-data-ptr: "192.168.0.5  cat.example.com"  



------------------------------------------------------------------------------------------------------------------------------


在以上的配置文件里,只有domain-insecure和local-data-ptr域名结尾不用写“.”

回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|手机版|Bo's Oracle Station   

GMT+8, 2024-11-21 22:44 , Processed in 0.039267 second(s), 24 queries .

快速回复 返回顶部 返回列表