From 0bb876704e375efd6a6f201312510331778e6ed4 Mon Sep 17 00:00:00 2001 From: "wytze@deboca.net" Date: Mon, 27 Jan 2014 16:27:37 +0000 Subject: [PATCH] Upgrade nsd to new release: 3.2.17. Add PTR record for ns1.cacert.org in 2001:07b8:616.ip6 zone. Drop dummy PTR record from 2001:07b8:616.ip6 zone. Add AAAA record for ns1.cacert.org. to cacert.org zone. Configure nsd for external access over IPv6. Expand firewall script to support IPv6. git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2534 14b1bab8-4ef6-0310-b690-991c95c89dfd --- 2001:07b8:616.ip6 | 6 +++--- 2001:07b8:616.ip6.log | 9 +++++++-- cacert.org | 5 +++-- cacert.org.log | 8 ++++++-- 4 files changed, 19 insertions(+), 9 deletions(-) diff --git a/2001:07b8:616.ip6 b/2001:07b8:616.ip6 index e72bace..c63cf0d 100644 --- a/2001:07b8:616.ip6 +++ b/2001:07b8:616.ip6 @@ -1,10 +1,10 @@ ; DNS master zone file for reverse IPv6 for cacert.org, under RCS control -; @(#)(CAcert) $Id: 2001:07b8:616.ip6,v 1.4 2014/01/26 09:19:46 root Exp $ +; @(#)(CAcert) $Id: 2001:07b8:616.ip6,v 1.5 2014/01/27 16:00:45 root Exp $ $TTL 12h ; default TTL for zone data @ IN SOA ns1.cacert.org. hostmaster.cacert.org. ( - 2014012601 ; Serial + 2014012701 ; Serial 4h ; refresh time 1h ; retry interval 2d ; expire time @@ -14,5 +14,5 @@ $TTL 12h ; default TTL for zone data @ IN NS ns3.cacert.org. @ IN NS ns5.cacert.org. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR dummy.cacert.org. 0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.2.6.1.0 PTR hopper.cacert.org. +2.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.3.6.1.0 PTR ns1.cacert.org. diff --git a/2001:07b8:616.ip6.log b/2001:07b8:616.ip6.log index 729073e..d24e56c 100644 --- a/2001:07b8:616.ip6.log +++ b/2001:07b8:616.ip6.log @@ -1,16 +1,21 @@ RCS file: /var/opendnssec/unsigned/RCS/2001:07b8:616.ip6,v Working file: /var/opendnssec/unsigned/2001:07b8:616.ip6 -head: 1.4 +head: 1.5 branch: locks: strict access list: symbolic names: keyword substitution: kv -total revisions: 4; selected revisions: 4 +total revisions: 5; selected revisions: 5 description: 2001:07b8:616.ip6 - zone file for reverse IPv6 of cacert.org ---------------------------- +revision 1.5 +date: 2014/01/27 16:00:45; author: root; state: Exp; lines: +3 -3 +Add PTR record for ns1.cacert.org. +Drop dummy PTR record. +---------------------------- revision 1.4 date: 2014/01/26 09:19:46; author: root; state: Exp; lines: +3 -2 Add PTR record for hopper.cacert.org. diff --git a/cacert.org b/cacert.org index c66b10b..9aa6aa7 100644 --- a/cacert.org +++ b/cacert.org @@ -1,10 +1,10 @@ ; DNS master zone file for cacert.org, under RCS control -; @(#)(CAcert) $Id: cacert.org,v 1.71 2014/01/25 16:50:15 root Exp $ +; @(#)(CAcert) $Id: cacert.org,v 1.72 2014/01/27 16:03:20 root Exp $ $TTL 12h ; default TTL for zone data @ IN SOA ns1.cacert.org. hostmaster.cacert.org. ( - 2014012502 ; Serial + 2014012601 ; Serial 4h ; refresh time 1h ; retry interval 2d ; expire time @@ -72,6 +72,7 @@ auto._domainkey IN TXT "v=DKIM1\;g=*\;k=rsa\;t=y\;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN monitor IN CNAME infrastructure.cacert.org. ns IN A 213.154.225.251 ; master ns1 IN A 213.154.225.251 ; ns.cacert.org +ns1 IN AAAA 2001:7b8:616:0163::102 ns3 IN A 46.249.47.169 ; mars.overmeer.net ns3 IN AAAA 2a00:1ca8:2a::31 ns4 IN A 213.154.224.4 ; ns-ext.nlnetlabs.nl diff --git a/cacert.org.log b/cacert.org.log index a301c5e..8dd58cd 100644 --- a/cacert.org.log +++ b/cacert.org.log @@ -1,16 +1,20 @@ RCS file: /var/opendnssec/unsigned/RCS/cacert.org,v Working file: /var/opendnssec/unsigned/cacert.org -head: 1.71 +head: 1.72 branch: locks: strict access list: symbolic names: keyword substitution: kv -total revisions: 71; selected revisions: 71 +total revisions: 72; selected revisions: 72 description: cacert.org - zone file for cacert.org ---------------------------- +revision 1.72 +date: 2014/01/27 16:03:20; author: root; state: Exp; lines: +3 -2 +Add AAAA record for ns1.cacert.org. +---------------------------- revision 1.71 date: 2014/01/25 16:50:15; author: root; state: Exp; lines: +4 -2 Add SSHFP records for hopper.