Re: Verisign fun.
From: Sean Chittenden (sean_at_chittenden.org)
Date: 09/18/03
- Previous message: Sean Chittenden: "Re: Re[2]: Verisign fun."
- In reply to: Ted Cabeen: "Re: Verisign fun."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 18 Sep 2003 11:45:08 -0700 To: Ted Cabeen <secabeen@pobox.com>
> If you want to do something like this, here's the official ISC patch:
>
> http://www.isc.org/products/BIND/delegation-only.html
And for those that don't know how to use the patch, add the following
to your config once you recompile:
zone "com" in { type delegation-only; };
zone "net" in { type delegation-only; };
zone "cc" in { type delegation-only; };
zone "cx" in { type delegation-only; };
zone "io" in { type delegation-only; };
zone "mp" in { type delegation-only; };
zone "nu" in { type delegation-only; };
zone "ph" in { type delegation-only; };
zone "td" in { type delegation-only; };
zone "tk" in { type delegation-only; };
zone "tv" in { type delegation-only; };
zone "ws" in { type delegation-only; };
And actually, if you're using the bind9 port, here's the patch
suitable for inclusion in the dns/bind9 port:
cd /usr/ports/dns/bind9
mkdir files
fetch -o files/patch-delegation http://people.freebsd.org/~seanc/patches/patch-HEAD-ports::dns::bind9::patch-delegation
And you can rebuild/upgrade from there.
-sc
-- Sean Chittenden _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
- Previous message: Sean Chittenden: "Re: Re[2]: Verisign fun."
- In reply to: Ted Cabeen: "Re: Verisign fun."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
