Create named.conf for lab environment

CERN-CERT · May 24, 2024 · 5a60b07 · 5a60b07
1 parent 9ef9c0f
commit 5a60b07
Showing 1 changed file with 55 additions and 0 deletions.
diff --git a/files/configuration/test_lab/named.conf b/files/configuration/test_lab/named.conf
@@ -0,0 +1,55 @@
+options {
+    directory "/var/named";
+    listen-on port 53 { any; };
+    listen-on-v6 { none; };
+    allow-query { any; };
+    recursion yes;
+    allow-recursion { any; };
+    forwarders {
+        IP_TO_FORWARDER; # i.e. 8.8.8.8
+    };
+    dnssec-validation no;
+    dnstap { all; };
+    dnstap-output file "/var/log/named/dnstap.log" size unlimited;
+    response-policy { zone "rpz.local"; };
+};
+
+zone "rpz.local" {
+    type master;
+    file "/var/named/zones/db.rpz";
+};
+
+logging {
+	channel update_debug {
+		file "/var/log/named/update_debug.log" versions 3 size 250k;
+		severity debug;
+		print-severity	yes;
+		print-time		yes;
+	};
+	channel security_info {
+		file "/var/log/named/security_info.log" versions 1 size 250k;
+		severity	info;
+		print-category	yes;
+		print-severity	yes;
+		print-time	yes;
+	};
+	channel bind_log {
+		file "/var/log/named/bind.log" versions 3 size 1m;
+		severity	info;
+		print-category	yes;
+		print-severity	yes;
+		print-time	yes;
+	};
+	channel rpzlog {
+		file "/var/log/named/rpz.log" versions unlimited size 1000m;
+		print-time yes;
+		print-category yes;
+		print-severity yes;
+		severity info;
+	};
+	category default { bind_log; };
+	category update { update_debug; };
+	category update-security { update_debug; };
+	category security { security_info; };
+	category rpz { rpzlog; };
+};