/* * this is a worthless, nonrunnable example of a named.conf file that has * every conceivable syntax element in use. we use it to test the parser. * it could also be used as a conceptual template for users of new features. */
/* * c-style comments are ok */
// so are c++-style comments
# so are shell-style comments
// watch out for ";" -- it's important!
options { directory "/var/named"; // use current directory named-xfer "/usr/libexec/named-xfer"; // _path_xfer dump-file "named_dump.db"; // _path_dumpfile pid-file "/var/run/named.pid"; // _path_pidfile statistics-file "named.stats"; // _path_stats memstatistics-file "named.memstats"; // _path_memstats check-names master fail; check-names slave warn; check-names response ignore; host-statistics no; deallocate-on-exit no; // painstakingly deallocate all // objects when exiting instead of // letting the os clean up for us. // useful a memory leak is suspected. // final statistics are written to the // memstatistics-file. datasize default; stacksize default; coresize default; files unlimited; recursion yes; fetch-glue yes; fake-iquery no; notify yes; // send notify messages. you can set // notify on a zone-by-zone // basis in the "zone" statement // see (below) serial-queries 4; // number of parallel soa queries // we can have outstanding for master // zone change testing purposes auth-nxdomain yes; // always set aa on nxdomain. // don't set this to 'no' unless // you know what you're doing -- older // servers won't like it. multiple-cnames no; // if yes, then a name my have more // than one cname rr. this use // is non-standard and is not // recommended, but it is available // because previous releases supported // it and it was used by large sites // for load balancing. allow-query { any; }; allow-transfer { any; }; transfers-in 10; // default_xfers_running, cannot be // set > than max_xfers_running (20) transfers-per-ns 2; // default_xfers_per_ns transfers-out 0; // not implemented max-transfer-time-in 120; // max_xfer_time; the default number // of minutes an inbound zone transfer // may run. may be set on a per-zone // basis. transfer-format one-answer; query-source address * port *; /* * the "forward" option is only meaningful if you've defined * forwarders. "first" gives the normal bind * forwarding behavior, i.e. ask the forwarders first, and if that * doesn't work then do the full lookup. you can also say * "forward only;" which is what used to be specified with * "slave" or "options forward-only". "only" will never attempt * a full lookup; only the forwarders will be used. */ forward first; forwarders { }; // default is no forwarders topology { localhost; localnets; }; // prefer local nameservers listen-on port 53 { any; }; // listen for queries on port 53 on // any interface on the system // (i.e. all interfaces). the // "port 53" is optional; if you // don't specify a port, port 53 // is assumed. /* * interval timers */ cleaning-interval 60; // clean the cache of expired rrs // every 'cleaning-interval' minutes interface-interval 60; // scan for new or deleted interfaces // every 'interface-interval' minutes statistics-interval 60; // log statistics every // 'statistics-interval' minutes maintain-ixfr-base no; // if yes, keep transaction log file for ixfr max-ixfr-log-size 20; // not implemented, maximum size the // ixfr transaction log file to grow };
/* * control listeners, for "ndc". every nameserver needs at least one. */ controls { inet * port 52 allow { any; }; // a bad idea unix "/var/run/ndc" perm 0600 owner 0 group 0; // the default };
zone "rd.xxx.com" in { type master; // what used to be called "primary" file "rd.xxx.com.db"; check-names fail; allow-update { none; }; allow-transfer { any; }; allow-query { any; }; // notify yes; // send notify messages for this // zone? the global option is used // if "notify" is not specified // here. also-notify { }; // don't notify any nameservers other // than those on the ns list for this // zone };
zone "223.99.211.in-addr.arpa" in { type master; // what used to be called "secondary" file "21.9.22.db"; };
zone "0.0.127.in-addr.arpa" in { type master; file "127.0.0.db"; };
zone "." in { type hint; // used to be specified w/ "cache" file "named.root"; };
logging { /* * all log output goes to one or more "channels"; you can make as * many of them as you want. */
channel syslog_errors { // this channel will send errors or syslog user; // or worse to syslog (user facility) severity error; };
category parser { syslog_errors; // you can log to as many channels default_syslog; // as you want };
category lame-servers { null; }; // don't log these at all
channel moderate_debug { severity debug 3; // level 3 debugging to file file "foo"; // foo print-time yes; // timestamp log entries print-category yes; // print category name print-severity yes; // print severity level /* * note that debugging must have been turned on either * on the command line or with a signal to get debugging * output (non-debugging output will still be written to * this channel). */ };
/* * if you don't want to see "zone xxxx loaded" messages but do * want to see any problems, you could do the following. */
13、在/var/named/中生成/etc/named.conf中标记的文件:rd.xxx.com.db,内容如下,需要修改和调整相应部分: ;authoriative data for rd.xxx.com ; $ttl 3600 @ in soa compaq.rd.xxx.com. tandongyu.rd.xxx.com. ( 20020101 ;serial 3600 ;refresh 1 hour 900 ;retry 15 mins 604800 ;expire 7 days 86400) ;mini 24 hours ;name server ns records @ in ns compaq.rd.xxx.com. ;mail exchange (mx) records rd.xxx.com. in mx 0 compaq ;address (a) records. localhost in a 127.0.0.1 compaq in a 21.9.22.9 tls65 in a 21.9.22.8 fbsd in a 21.9.22.7
; ; $ttl 3600 @ in soa compaq.rd.xxx.com. tandongyu.rd.xxx.com. ( 20020101 ;serial 3600 ;refresh 900 ;retry 15 mins 604800 ;expire 7 days 86400) ;mini 24 hours ;nameserver (ns) records @ in ns compaq.rd.xxx.com. ;address point to name (ptr) records 9 in ptr compaq.rd.xxx.com. 8 in ptr tls65.rd.xxx.com. 7 in ptr fbsd.rd.xxx.com.
divert(-1) dnl this is the macro config file used to generate the /etc/sendmail.cf dnl file. if you modify thei file you will have to regenerate the dnl /etc/sendmail.cf by running this macro config through the m4 dnl preprocessor: dnl m4 /etc/sendmail.mc > /etc/sendmail.cf dnl you will need to have the sendmail-cf pacage installed for this to work. include(`/usr/local/src/sendmail-8.12.2/cf') define(`confdef_user_id',`8:12') ostype(`linux') undefine(`uucp_relay') undefine(`bitnet_relay') define(`confto_connect', `1m') define(`conftry_null_mx_list',true) define(`confdont_probe_interfaces',true) define(`procmail_mailer_path',`/usr/bin/procmail') define(`smart_host',compaq.rd.xxx.com) <---这条用于(非hub)缺省使用hub发送邮件 masquerade_as(`rd.xxx.com') <------------------------- feature(`masquerade_entire_domain') <---这三条用于邮件地址伪装 feature(`masquerade_envelope') <------------------------- feature(`smrsh',`/usr/sbin/smrsh') feature(`mailertable',`hash -o /etc/mail/mailertable') feature(`virtusertable',`hash -o /etc/mail/virtusertable') feature(redirect) feature(always_add_domain) feature(use_cw_file) feature(local_procmail) feature(`access_db') feature(`blacklist_recipients') feature(`accept_unresolvable_domains') mailer(smtp) mailer(procmail) dnl we strongly recommend to comment this one out if you want to protect dnl yourself from spam. however, the laptop and users on computers that do dnl not hav 24x7 dns do need this. dnl feature(`relay_based_on_mx')