- 论坛徽章:
- 0
|
下面只是大概的介绍了下操作步骤,具体的定制内核我就不介绍了,很多地方都有,写这篇文章主要是方便自己使用,
顺便贴出来请大家请大家斧正,我也初学,很多东西不懂,希望能对初学者有所帮助~~~~~
1、产生/etc/namedb/rndc.key文档
$rndc-confgen -a -c /etc/namedb/rndc.key
2、建立rndc.conf 从src中拷贝rndc.conf
$ cd /etc/namedb
$ cp /usr/src/contrib/bind9/bin/rndc/rndc.conf rndc.conf
3、修改rndc.con 改后如下
options {
default-server 127.0.0.1;
default-key "rndc-key";
};
server localhost {
key "rndc-key";
};
include "rndc.key";
4、修改named.conf文件,增加下面内容
include "rndc.key";
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
5、设定档案权限
$ chmod 600 /etc/namedb/rndc.key
$ chown bind:bind /etc/namedb/rndc.key
$ chmod 600 /etc/namedb/rndc.conf
$ chown bind:bind /etc/namedb/rndc.conf
6、建立log目录
$ mkdir /var/log/named
$ touch /var/log/named/lamer.log
$ touch /var/log/named/stat.log
$ touch /var/log/named/security.log
$ chown bind:bind /var/log/named
$ chown bind:bind /var/log/named/lamer.log
$ chown bind:bind /var/log/named/stat.log
$ chown bind:bind /var/log/named/security.log
7、修改named.conf文件,并建立相应的正反解析文件,可以参考下面的例子。
named.conf
-------------------------------
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
};
include "rndc.key";
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
zone "." IN {
type hint;
file "named.root";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
--------------------------------------------------
localhost.zone
--------------------------------------------------
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1
-------------------------------------------------------
named.local
------------------------------------------------------
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
---------------------------------------------------------
上面的例子也可以参考fb的handbook,地址如下
http://docs.freebsd.org/doc/5.3-RELEASE/usr/share/doc/zh_CN.GB2312/books/handbook/network-dns.html
8、启动bind
$ /usr/sbin/named -u bind -gc /etc/namedb/named.conf&
9、开机启动bind
在/etc/rc.conf中加入下面的语句
named_enable="YES"
named_program="/usr/sbin/named"
named_flags="-u bind -c /etc/namedb/named.conf"
named_pidfile="/var/run/named/pid"
10、你也可以在用下面的方法简单的察看DNS数据包
$Tcpdump -i eth0 port 53
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u/186/showart_137854.html |
|
免费注册
发表于 2006-07-08 01:13