##----------------------------------------------------------------------------- ## fli4l __FLI4LVER__ - configuration for package "dns_dhcp" ## ## P L E A S E R E A D T H E D O C U M E N T A T I O N ! ## ## B I T T E U N B E D I N G T D I E D O K U M E N T A T I O N L E S E N ! ## ##----------------------------------------------------------------------------- ## Creation: 2007-01-01 lanspezi ## Last Update: $Id$ ## ## Copyright (c) 2001-2016 - Frank Meyer, fli4l-Team ## ## This program is free software; you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by ## the Free Software Foundation; either version 2 of the License, or ## (at your option) any later version. ##----------------------------------------------------------------------------- #------------------------------------------------------------------------------ # HOSTS #------------------------------------------------------------------------------ # # Do not add an entry for the router! It's added automatically. # If you need an alias please add HOSTNAME_ALIAS_N in the base.txt # HOST_N='0' # number of hosts in your domain # 1st host: HOST_1_NAME='client1' # name #HOST_1_DOMAIN='foo.lan' # different domain (optional) # as declared in DOMAIN_NAME (base.txt) HOST_1_IP4='192.168.6.10' # IP-Adress #HOST_1_IP6='2001:db8::10' # IPv6-Adress / optional HOST_1_ALIAS_N='0' # number of optional alias names HOST_1_ALIAS_1='mail.lan.fli4l' # 1st optional alias name HOST_1_ALIAS_2='printserver.lan.fli4l' #HOST_1_DHCPTYP='hostname' # set static dhcp-lease via [hostname] # or [mac] #HOST_1_MAC='de:ad:be:ef:08:15' # MAC-Adress - needed for static DHCP or # host based PXE #HOST_1_PXE_FILENAME='pxelinux' # Filename of PXE Netboot-Image #HOST_1_PXE_SERVERNAME='tftp.lan.fli4l' # Name of Netboot-Server - see OPT_TFTP #HOST_1_PXE_SERVERIP='192.168.6.1' # IP-Adress of Netboot-Server #HOST_1_PXE_OPTIONS='' # extra options for PXE-Boot # 2nd host: HOST_2_NAME='client2' HOST_2_IP4='192.168.6.11' #HOST_2_MAC='de:ad:be:ef:08:15' # 3rd host: HOST_3_NAME='client3' HOST_3_IP4='192.168.6.12' #HOST_3_MAC='de:ad:be:ef:08:15' # 4th host: HOST_4_NAME='client4' HOST_4_IP4='192.168.6.13' #HOST_4_MAC='de:ad:be:ef:08:15' #------------------------------------------------------------------------------ # HOST entries (Extra-Host with full FQDN): #------------------------------------------------------------------------------ HOST_EXTRA_N='0' # number of extra hosts HOST_EXTRA_1_NAME='host.foo.bar' # name HOST_EXTRA_1_IP4='10.0.0.1' # IP-Adress (ipv4) HOST_EXTRA_1_IP6='2001:db8::1' # IP-Adress (ipv6) / optional #------------------------------------------------------------------------------ # DNS configuration: #------------------------------------------------------------------------------ #OPT_DNS='no' # start dns server: yes or no DNS_LISTEN_N='0' # if 0 then listen on all interfaces #DNS_LISTEN_1='IP_NET_1_IPADDR' # This array contains the addresses the DNS # server should bind to. If the array is # empty, the DNS server binds itself to *all* # interfaces. Note that if your DNS server # needs to bind to dynamically created # interfaces (e.g. VPN tunnel devices), you # should leave this array empty. Otherwise # DNS name resolution will not work. DNS_BIND_INTERFACES='no' # If DNS_LISTEN is not empty, enabling this # option requests that the DNS server bind # itself to each relevant interface separately # instead of binding to all interfaces at once # and then discarding DNS queries from "wrong" # addresses. This allows to run some other # DNS server simultaneously on addresses not # listed in DNS_LISTEN. You very likely don't # want to run some other DNS server on your # fli4l router, so say 'no'. DNS_VERBOSE='no' # log queries into syslog DNS_MX_SERVER='' # fqdn of the mx for your DOMAIN DNS_FORBIDDEN_N='0' # number of forbidden domains DNS_FORBIDDEN_1='foo.bar' # 1st forbidden domain DNS_FORBIDDEN_2='bar.foo' # 2nd forbidden domain DNS_REDIRECT_N='0' # number of redirected domains DNS_REDIRECT_1='foo.bar.foo' # 1st redirected domain DNS_REDIRECT_1_IP='192.168.6.100' # IP of redirected domain DNS_BOGUS_PRIV='yes' # fake reverse lookups for RFC1918 # private address ranges DNS_FILTERWIN2K='no' # filters useless windows-originated DNS # requests and blocks all SRV requests, # when enabled DNS_LOCAL_HOST_CACHE_TTL='60' # TTL for entries in /etc/hosts or DHCP hosts #DNS_SUPPORT_IPV6='no' # enable/disable IPV6-support #------------------------------------------------------------------------------ # Special DNS configuration #--------------------------- # delegation of DNS-Request for Domains or/and reverse network lookup # zone delegation (domain and network) to upstream servers #------------------------------------------------------------------------------ DNS_ZONE_DELEGATION_N='0' # number of zone delegations #DNS_ZONE_DELEGATION_1_UPSTREAM_SERVER_N='3' # number of upstream servers #DNS_ZONE_DELEGATION_1_UPSTREAM_SERVER_1_IP='1.2.3.4:5353' # ip address or @hostname with optional port- # number used to query upstream server #DNS_ZONE_DELEGATION_1_UPSTREAM_SERVER_1_QUERYSOURCEIP='111.222.33.123' # ip adress or IP_NET_x_IPADDR with optional # portnumber used as query source #DNS_ZONE_DELEGATION_1_UPSTREAM_SERVER_2_IP='@dns-upstream' #DNS_ZONE_DELEGATION_1_UPSTREAM_SERVER_2_QUERYSOURCEIP='IP_NET_1_IPADDR' #DNS_ZONE_DELEGATION_1_UPSTREAM_SERVER_3_IP='192.168.3.12' #DNS_ZONE_DELEGATION_1_UPSTREAM_SERVER_3_QUERYSOURCEIP='IP_NET_1_IPADDR:5678' #DNS_ZONE_DELEGATION_1_DOMAIN_N='2' # number of domains to delegate #DNS_ZONE_DELEGATION_1_DOMAIN_1='firma.de.example.com' #DNS_ZONE_DELEGATION_1_DOMAIN_2='firma.com.example.com' #DNS_ZONE_DELEGATION_1_NETWORK_N='3' # number of networks to delegate #DNS_ZONE_DELEGATION_1_NETWORK_1='192.168.1.0/24' #DNS_ZONE_DELEGATION_1_NETWORK_2='172.16.1.0/24' #DNS_ZONE_DELEGATION_1_NETWORK_3='10.1.2.0/24' # domains which are allowed to return private ip addresses from upstream # DNS Servers DNS_REBINDOK_N='0' # Number of Domains DNS_REBINDOK_1_DOMAIN='rfc-ignorant.de' #------------------------------------------------------------------------------ # DHCP-Server configuration: #------------------------------------------------------------------------------ #OPT_DHCP='no' # activate DHCP server: yes or no DHCP_TYPE='dnsmasq' # use 'dnsmasq' or 'isc-dhcpd' DHCP_VERBOSE='no' # activate verbose dhcp-information DHCP_LS_TIME_DYN='3600' # default time for dynamic leases: 1 hour DHCP_MAX_LS_TIME_DYN='7200' # max time for dynamic leases: 2 hours DHCP_LS_TIME_FIX='86400' # default time for fix leases: 1 day DHCP_MAX_LS_TIME_FIX='604800' # max time for fix leases: 1 week DHCP_LEASES_DIR='auto' # don't touch this until you # have read the manual! DHCP_WINSSERVER_1='' # IP of 1st external wins-server # (don't use if OPT_NMBD='yes'!) DHCP_WINSSERVER_2='' # IP of 2nd external wins-server # (don't use if OPT_NMBD='yes'!) #------------------------------------------------------------------------------ # Parameters for local Networks #------------------------------------------------------------------------------ DHCP_RANGE_N='1' # number of dhcp-ranges DHCP_RANGE_1_NET='IP_NET_1' # reference to Network defined in base.txt DHCP_RANGE_1_START='192.168.6.100' # start-IP DHCP_RANGE_1_END='192.168.6.150' # end-IP DHCP_RANGE_1_DNS_SERVER1='' # if empty the IP of the router's # net-interface is used # if set to 'none' no # dns-server is transmitted DHCP_RANGE_1_DNS_SERVER2='' # second dns-server #DHCP_RANGE_1_DNS_DOMAIN='' # set a diffrent dns-domain for # the range (optional) DHCP_RANGE_1_NTP_SERVER='' # if empty and OPT_CHRONY='yes' # the IP of the router's net # interface is used; if set to 'none' no # ntp-server is transmitted DHCP_RANGE_1_GATEWAY='' # if empty the IP of the router's net # interface is used # if set to 'none' no # gateway is transmitted #DHCP_RANGE_1_PXE_FILENAME='pxelinux' # Filename of PXE Netboot-Image #DHCP_RANGE_1_PXE_SERVERNAME='srv.lan.fli4l' # Name of Netboot-Server - see OPT_TFTP #DHCP_RANGE_1_PXE_SERVERIP='192.168.6.2' # IP-Adress of Netboot-Server #DHCP_RANGE_1_PXE_OPTIONS='' # extra options for PXE-Boot #DHCP_RANGE_1_OPTION_N='0' # number of extra dhcp-options (optional) # n extra options for dhcp - see manual of dnsmasq # http://thekelleys.org.uk/dnsmasq/docs/dnsmasq.conf.example #DHCP_RANGE_1_OPTION_1='encap:175, 190, user' #------------------------------------------------------------------------------ # Parameters for extra Networks (via relay) #------------------------------------------------------------------------------ DHCP_EXTRA_RANGE_N='0' # number of extra ranges DHCP_EXTRA_RANGE_1_START='192.168.8.2' # start-IP of n'th extra range DHCP_EXTRA_RANGE_1_END='192.168.8.50' # end-IP of n'th extra range DHCP_EXTRA_RANGE_1_NETMASK='255.255.255.0' # netmask for extra range DHCP_EXTRA_RANGE_1_DNS_SERVER='192.168.8.1' # DNS Server for extra range DHCP_EXTRA_RANGE_1_NTP_SERVER='' # NTP Server for extra range DHCP_EXTRA_RANGE_1_GATEWAY='192.168.8.1' # default gateway for extra range DHCP_EXTRA_RANGE_1_DEVICE='eth0' # device used to reach extra network # Deny hosts from dhcp-Access # --------------------------- DHCP_DENY_MAC_N='0' # number of denied MAC addresses DHCP_DENY_MAC_1='00:01:02:03:04:05' # MAC address is denied from DHCP #------------------------------------------------------------------------------ # DHCPRELAY configuration: #------------------------------------------------------------------------------ #OPT_DHCPRELAY='no' # install DHCPRELAY: yes or no DHCPRELAY_SERVER='192.168.6.1' # which is the actual dhcp server? DHCPRELAY_IF_N='0' # no. of interfaces to listen on DHCPRELAY_IF_1='eth1' # first interface to listen on #------------------------------------------------------------------------------ # TFTP Server configuration: #------------------------------------------------------------------------------ #OPT_TFTP='no' # activate tftp-server: yes or no TFTP_PATH='/data/tftp' # basedir of tftp-server #------------------------------------------------------------------------------ # yadifa as slave DNS #------------------------------------------------------------------------------ #OPT_YADIFA='no' # activate yadifa as slave dns YADIFA_USE_DNSMASQ_ZONE_DELEGATION='yes' # use autoconfigure dnsmasq zone delegation # for every slave zone YADIFA_LISTEN_N='2' # number of interfaces to listen to YADIFA_LISTEN_1='IP_NET_1_IPADDR' # ip address or reference to network in base.txt YADIFA_LISTEN_2='IP_NET_2_IPADDR:1234' # with optional port number YADIFA_ALLOW_QUERY_N='3' # number of allowed IPs or networks YADIFA_ALLOW_QUERY_1='192.168.20.0/20' # host or network to allow query, or the keyword # 'any', may be negotiated with a prefixed '!' YADIFA_ALLOW_QUERY_2='127.0.0.0/8' # allow localhost YADIFA_ALLOW_QUERY_3='!192.168.99.0/24' # but not this network YADIFA_SLAVE_ZONE_N='2' # number of slave zones YADIFA_SLAVE_ZONE_1='sub.example.com' # name of slave zone YADIFA_SLAVE_ZONE_1_USE_DNSMASQ_ZONE_DELEGATION='no' # disable autoconfiguration dnsmasq # zone delegation for this zone YADIFA_SLAVE_ZONE_1_MASTER='192.168.1.1' # IP address of master dns server YADIFA_SLAVE_ZONE_1_ALLOW_QUERY_N='1' # allow query rules for this zone YADIFA_SLAVE_ZONE_1_ALLOW_QUERY_1='192.168.0.0/16' YADIFA_SLAVE_ZONE_2='testing.example.com' # name of slave zone YADIFA_SLAVE_ZONE_2_MASTER='192.168.1.1' # IP address of master dns server YADIFA_SLAVE_ZONE_2_ALLOW_QUERY_N='2' # allow query rules for this zone YADIFA_SLAVE_ZONE_2_ALLOW_QUERY_1='192.168.0.0/16' YADIFA_SLAVE_ZONE_2_ALLOW_QUERY_2='!any'