1 # Buildsheet autogenerated by ravenadm tool -- Do not edit.
8 SDESC[standard]= Berkeley Internet Name Domain (Domain Name Server)
9 HOMEPAGE= https://www.isc.org/downloads/bind/
13 SITES[main]= ISC/bind9/9.16.24
14 DISTFILE[1]= bind-9.16.24.tar.xz:main
16 SPKGS[standard]= complete
21 OPTIONS_AVAILABLE= FILTER_AAAA FIXED_RRSET GEOIP LARGE_FILE QUERYTRACE
22 OPTIONS_STANDARD= FILTER_AAAA FIXED_RRSET GEOIP LARGE_FILE QUERYTRACE
24 BUILD_DEPENDS= idnkit:single:standard
25 BUILDRUN_DEPENDS= libxml2:single:standard
26 json-c:primary:standard
27 libedit:single:standard
30 EXRUN[tools]= idnkit:single:standard
32 USES= cclibs:server,tools cpe iconv pkgconfig ssl
34 DISTNAME= bind-9.16.24
37 LICENSE_FILE= MPL:{{WRKSRC}}/COPYRIGHT
41 FPC_EQUIVALENT= dns/bind916
44 CONFIGURE_ARGS= --localstatedir=/var
45 --sysconfdir={{ETCDIR}}
49 --disable-native-pkcs11
53 --with-randomdev=/dev/random
54 --with-readline="-L{{LOCALBASE}}/lib -ledit"
55 --with-openssl={{OPENSSLBASE}}
57 --with-idn={{LOCALBASE}}
60 --with-dlz-filesystem=yes
65 {{ICONV_CONFIGURE_ARG}}
66 STD_CDEFINES="-DDIG_SIGCHASE=1"
70 PLIST_SUB= ETCDIR={{BIND_ETCDIR}}
72 SUB_FILES= pkg-message-server
75 [FIXED_RRSET].DESCRIPTION= Enable fixed rrset ordering
76 [FIXED_RRSET].CONFIGURE_ENABLE_BOTH= fixed-rrset
78 [FILTER_AAAA].DESCRIPTION= Enable filtering of AAAA records
79 [FILTER_AAAA].CONFIGURE_ENABLE_BOTH= filter-aaaa
81 [QUERYTRACE].DESCRIPTION= Enable the very verbose query tracelogging
82 [QUERYTRACE].CONFIGURE_ENABLE_BOTH= querytrace
84 [GEOIP].DESCRIPTION= Allow geographically based ACL
85 [GEOIP].BUILDRUN_DEPENDS_ON= GeoIP:single:standard
86 [GEOIP].CONFIGURE_WITH_BOTH= geoip
88 [LARGE_FILE].DESCRIPTION= 64-bit file support
89 [LARGE_FILE].CONFIGURE_ENABLE_BOTH= largefile
92 ${REINPLACE_CMD} -e "s|/opt/local|${PREFIX}|g" \
96 ${MKDIR} ${STAGEDIR}${ETCDIR} ${STAGEDIR}${STD_DOCDIR}/arm
97 . for i in dynamic master slave working
98 ${MKDIR} ${STAGEDIR}${ETCDIR}/$i
100 ${INSTALL_DATA} ${WRKDIR}/named.conf \
101 ${STAGEDIR}${ETCDIR}/named.conf.sample
102 ${INSTALL_DATA} ${FILESDIR}/named.root \
104 ${INSTALL_DATA} ${FILESDIR}/empty.db \
105 ${STAGEDIR}${ETCDIR}/master
106 ${INSTALL_DATA} ${FILESDIR}/localhost-forward.db \
107 ${STAGEDIR}${ETCDIR}/master
108 ${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db \
109 ${STAGEDIR}${ETCDIR}/master
110 ${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \
111 ${STAGEDIR}${ETCDIR}/rndc.conf.sample
112 ${RM} -r ${STAGEDIR}/var
114 ${INSTALL_DATA} ${WRKSRC}/doc/arm/*.rst ${STAGEDIR}${STD_DOCDIR}/arm
115 ${INSTALL_DATA} ${WRKSRC}/CHANGES \
116 ${WRKSRC}/HISTORY* ${WRKSRC}/README* ${STAGEDIR}${STD_DOCDIR}
118 ${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/named/filter-aaaa.so
120 [FILE:743:descriptions/desc.server]
121 BIND is open source software that enables you to publish your Domain Name
122 System (DNS) information on the Internet, and to resolve DNS queries for
123 your users. The name BIND stands for "Berkeley Internet Name Domain",
124 because the software originated in the early 1980s at the University of
125 California at Berkeley.
127 BIND is by far the most widely used DNS software on the Internet,
128 providing a robust and stable platform on top of which organizations can
129 build distributed computing systems with the knowledge that those systems
130 are fully compliant with published DNS standards.
132 The BIND software distribution has three parts:
133 1. Domain Name Resolver
134 2. Domain Name Authority server
137 This package contains parts 1 and 2.
140 [FILE:357:descriptions/desc.tools]
141 BIND is open source software that enables you to publish your Domain Name
142 System (DNS) information on the Internet, and to resolve DNS queries for
143 your users. The name BIND stands for "Berkeley Internet Name Domain",
144 because the software originated in the early 1980s at the University of
145 California at Berkeley.
147 This package contains the BIND tools.
151 5582f3734bd6232284f93f14206b8a46d1f819dea4797ae157066f6963b08507 5070180 bind-9.16.24.tar.xz
154 [FILE:3611:manifests/plist.server]
155 @sample %%ETCDIR%%/named.conf.sample
433 include/pkcs11/pkcs11.h
442 lib/named/filter-aaaa.so
466 named-compilezone.8.gz
467 named-journalprint.8.gz
473 @dir(bind,bind,) %%ETCDIR%%/dynamic
474 @dir(bind,bind,) %%ETCDIR%%/slave
475 @dir(bind,bind,) %%ETCDIR%%/working
478 [FILE:580:manifests/plist.tools]
509 dnssec-dsfromkey.8.gz
510 dnssec-importkey.8.gz
511 dnssec-keyfromlabel.8.gz
520 [FILE:3093:patches/patch-configure]
521 --- configure.orig 2021-12-07 12:24:49 UTC
523 @@ -17769,27 +17769,9 @@ done
524 # problems start to show up.
528 - "-lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err" \
529 - "-lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lresolv" \
531 - "-lgssapi -lkrb5 -ldes -lcrypt -lasn1 -lroken -lcom_err" \
532 - "-lgssapi -lkrb5 -lcrypt -lasn1 -lroken -lcom_err" \
533 - "-lgssapi -lkrb5 -lgssapi_krb5 -lcrypt -lasn1 -lroken -lcom_err" \
534 - "-lgssapi -lkrb5 -lhx509 -lcrypt -lasn1 -lroken -lcom_err" \
536 + "$($KRB5CONFIG gssapi --libs)"; \
538 - # Note that this does not include $saved_libs, because
539 - # on FreeBSD machines this configure script has added
540 - # -L/usr/local/lib to LIBS, which can make the
541 - # -lgssapi_krb5 test succeed with shared libraries even
542 - # when you are trying to build with KTH in /usr/lib.
543 - if test "/usr" = "$use_gssapi"
545 - LIBS="$TRY_LIBS $ISC_OPENSSL_LIBS"
547 - LIBS="-L$use_gssapi/lib $TRY_LIBS $ISC_OPENSSL_LIBS"
550 { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
551 $as_echo_n "checking linking as $TRY_LIBS... " >&6; }
552 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
553 @@ -17832,47 +17814,7 @@ $as_echo "no" >&6; } ;;
554 no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
558 - # XXXDCL Major kludge. Tries to cope with KTH in /usr/lib
559 - # but MIT in /usr/local/lib and trying to build with KTH.
560 - # /usr/local/lib can end up earlier on the link lines.
561 - # Like most kludges, this one is not only inelegant it
562 - # is also likely to be the wrong thing to do at least as
563 - # many times as it is the right thing. Something better
564 - # needs to be done.
566 - if test "/usr" = "$use_gssapi" -a \
567 - -f /usr/local/lib/libkrb5.a; then
571 - case "$FIX_KTH_VS_MIT" in
573 - case "$enable_static_linking" in
574 - yes) gssapi_lib_suffix=".a" ;;
575 - *) gssapi_lib_suffix=".so" ;;
578 - for lib in $LIBS; do
583 - new_lib=`echo $lib |
584 - sed -e s%^-l%$use_gssapi/lib/lib% \
585 - -e s%$%$gssapi_lib_suffix%`
586 - NEW_LIBS="$NEW_LIBS $new_lib"
589 - as_fn_error $? "KTH vs MIT Kerberos confusion!" "$LINENO" 5
597 - DST_GSSAPI_INC="-I$use_gssapi/include"
598 + DST_GSSAPI_INC="$($KRB5CONFIG gssapi --cflags)"
599 DNS_GSSAPI_LIBS="$LIBS"
601 { $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
602 @@ -23320,7 +23262,7 @@ $as_echo "" >&6; }
603 # Check other locations for includes.
604 # Order is important (sigh).
606 - bdb_incdirs="/db53 /db51 /db48 /db47 /db46 /db45 /db44 /db43 /db42 /db41 /db4 /db"
607 + bdb_incdirs="/db6 /db5 /db48"
608 # include a blank element first
609 for d in "" $bdb_incdirs
613 [FILE:148:files/empty.db]
615 @ SOA @ nobody.localhost. 42 1d 12h 1w 3h
616 ; Serial, Refresh, Retry, Expire, Neg. cache TTL
620 ; Silence a BIND warning
624 [FILE:158:files/localhost-forward.db]
626 localhost. SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
627 ; Serial, Refresh, Retry, Expire, Neg. cache TTL
635 [FILE:226:files/localhost-reverse.db]
637 @ SOA localhost. nobody.localhost. 42 1d 12h 1w 3h
638 ; Serial, Refresh, Retry, Expire, Neg. cache TTL
644 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR localhost.
648 [FILE:19802:files/named.conf.in]
649 // Refer to the named.conf(5) and named(8) man pages, and the documentation
650 // in /usr/local/share/doc/bind for more details.
652 // If you are going to set up an authoritative server, make sure you
653 // understand the hairy details of how DNS works. Even with
654 // simple mistakes, you can break connectivity for affected parties,
655 // or cause huge amounts of useless Internet traffic.
658 // All file and path names are relative to the chroot directory,
659 // if any, and should be fully qualified.
660 directory "%%ETCDIR%%/working";
661 pid-file "/var/run/named/pid";
662 dump-file "/var/dump/named_dump.db";
663 statistics-file "/var/stats/named.stats";
665 // If named is being used only as a local resolver, this is a safe default.
666 // For named to be accessible to the network, comment this option, specify
667 // the proper IP address, or delete this option.
668 listen-on { 127.0.0.1; };
670 // If you have IPv6 enabled on this system, uncomment this option for
671 // use as a local resolver. To give access to the network, specify
672 // an IPv6 address, or the keyword "any".
673 // listen-on-v6 { ::1; };
675 // These zones are already covered by the empty zones listed below.
676 // If you remove the related empty zones below, comment these lines out.
677 disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
678 disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
679 disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
681 // If you've got a DNS server around at your upstream provider, enter
682 // its IP address here, and enable the line below. This will make you
683 // benefit from its cache, thus reduce overall DNS traffic in the Internet.
690 // If the 'forwarders' clause is not empty the default is to 'forward first'
691 // which will fall back to sending a query from your local server if the name
692 // servers in 'forwarders' do not have the answer. Alternatively you can
693 // force your name server to never initiate queries of its own by enabling the
697 // If you wish to have forwarding configured automatically based on
698 // the entries in /etc/resolv.conf, uncomment the following line and
699 // set named_auto_forward=yes in /etc/rc.conf. You can also enable
700 // named_auto_forward_only (the effect of which is described above).
701 // include "%%ETCDIR%%/auto_forward.conf";
704 Modern versions of BIND use a random UDP port for each outgoing
705 query by default in order to dramatically reduce the possibility
706 of cache poisoning. All users are strongly encouraged to utilize
707 this feature, and to configure their firewalls to accommodate it.
709 AS A LAST RESORT in order to get around a restrictive firewall
710 policy you can try enabling the option below. Use of this option
711 will significantly reduce your ability to withstand cache poisoning
712 attacks, and should be avoided if at all possible.
714 Replace NNNNN in the example with a number between 49160 and 65530.
716 // query-source address * port NNNNN;
719 // If you enable a local name server, don't forget to enter 127.0.0.1
720 // first in your /etc/resolv.conf so this server will be queried.
721 // Also, make sure to enable it in /etc/rc.conf.
723 // The traditional root hints mechanism. Use this, OR the slave zones below.
724 zone "." { type hint; file "%%ETCDIR%%/named.root"; };
726 /* Slaving the following zones from the root name servers has some
727 significant advantages:
728 1. Faster local resolution for your users
729 2. No spurious traffic will be sent from your network to the roots
730 3. Greater resilience to any potential root server failure/DDoS
732 On the other hand, this method requires more monitoring than the
733 hints file to be sure that an unexpected failure mode has not
734 incapacitated your server. Name servers that are serving a lot
735 of clients will benefit more from this approach than individual
736 hosts. Use with caution.
738 To use this mechanism, uncomment the entries below, and comment
741 As documented at http://dns.icann.org/services/axfr/ these zones:
742 "." (the root), ARPA, IN-ADDR.ARPA, IP6.ARPA, and a few others
743 are available for AXFR from these servers on IPv4 and IPv6:
744 xfr.lax.dns.icann.org, xfr.cjr.dns.icann.org
749 file "%%ETCDIR%%/slave/root.slave";
751 192.0.32.132; // lax.xfr.dns.icann.org
752 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
753 192.0.47.132; // iad.xfr.dns.icann.org
754 2620:0:2830:202::132; // iad.xfr.dns.icann.org
760 file "%%ETCDIR%%/slave/arpa.slave";
762 192.0.32.132; // lax.xfr.dns.icann.org
763 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
764 192.0.47.132; // iad.xfr.dns.icann.org
765 2620:0:2830:202::132; // iad.xfr.dns.icann.org
769 zone "in-addr.arpa" {
771 file "%%ETCDIR%%/slave/in-addr.arpa.slave";
773 192.0.32.132; // lax.xfr.dns.icann.org
774 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
775 192.0.47.132; // iad.xfr.dns.icann.org
776 2620:0:2830:202::132; // iad.xfr.dns.icann.org
782 file "%%ETCDIR%%/slave/ip6.arpa.slave";
784 192.0.32.132; // lax.xfr.dns.icann.org
785 2620:0:2d0:202::132; // lax.xfr.dns.icann.org
786 192.0.47.132; // iad.xfr.dns.icann.org
787 2620:0:2830:202::132; // iad.xfr.dns.icann.org
793 /* Serving the following zones locally will prevent any queries
794 for these zones leaving your network and going to the root
795 name servers. This has two significant advantages:
796 1. Faster local resolution for your users
797 2. No spurious traffic will be sent from your network to the roots
799 // RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
800 zone "localhost" { type master; file "%%ETCDIR%%/master/localhost-forward.db"; };
801 zone "127.in-addr.arpa" { type master; file "%%ETCDIR%%/master/localhost-reverse.db"; };
802 zone "255.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
804 // RFC 1912-style zone for IPv6 localhost address (RFC 6303)
805 zone "0.ip6.arpa" { type master; file "%%ETCDIR%%/master/localhost-reverse.db"; };
807 // "This" Network (RFCs 1912, 5735 and 6303)
808 zone "0.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
810 // Private Use Networks (RFCs 1918, 5735 and 6303)
811 zone "10.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
812 zone "16.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
813 zone "17.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
814 zone "18.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
815 zone "19.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
816 zone "20.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
817 zone "21.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
818 zone "22.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
819 zone "23.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
820 zone "24.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
821 zone "25.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
822 zone "26.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
823 zone "27.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
824 zone "28.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
825 zone "29.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
826 zone "30.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
827 zone "31.172.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
828 zone "168.192.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
830 // Shared Address Space (RFC 6598)
831 zone "64.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
832 zone "65.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
833 zone "66.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
834 zone "67.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
835 zone "68.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
836 zone "69.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
837 zone "70.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
838 zone "71.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
839 zone "72.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
840 zone "73.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
841 zone "74.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
842 zone "75.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
843 zone "76.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
844 zone "77.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
845 zone "78.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
846 zone "79.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
847 zone "80.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
848 zone "81.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
849 zone "82.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
850 zone "83.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
851 zone "84.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
852 zone "85.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
853 zone "86.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
854 zone "87.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
855 zone "88.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
856 zone "89.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
857 zone "90.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
858 zone "91.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
859 zone "92.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
860 zone "93.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
861 zone "94.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
862 zone "95.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
863 zone "96.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
864 zone "97.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
865 zone "98.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
866 zone "99.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
867 zone "100.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
868 zone "101.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
869 zone "102.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
870 zone "103.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
871 zone "104.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
872 zone "105.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
873 zone "106.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
874 zone "107.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
875 zone "108.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
876 zone "109.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
877 zone "110.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
878 zone "111.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
879 zone "112.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
880 zone "113.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
881 zone "114.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
882 zone "115.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
883 zone "116.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
884 zone "117.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
885 zone "118.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
886 zone "119.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
887 zone "120.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
888 zone "121.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
889 zone "122.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
890 zone "123.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
891 zone "124.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
892 zone "125.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
893 zone "126.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
894 zone "127.100.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
896 // Link-local/APIPA (RFCs 3927, 5735 and 6303)
897 zone "254.169.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
899 // IETF protocol assignments (RFCs 5735 and 5736)
900 zone "0.0.192.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
902 // TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303)
903 zone "2.0.192.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
904 zone "100.51.198.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
905 zone "113.0.203.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
907 // IPv6 Example Range for Documentation (RFCs 3849 and 6303)
908 zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
910 // Router Benchmark Testing (RFCs 2544 and 5735)
911 zone "18.198.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
912 zone "19.198.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
914 // IANA Reserved - Old Class E Space (RFC 5735)
915 zone "240.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
916 zone "241.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
917 zone "242.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
918 zone "243.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
919 zone "244.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
920 zone "245.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
921 zone "246.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
922 zone "247.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
923 zone "248.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
924 zone "249.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
925 zone "250.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
926 zone "251.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
927 zone "252.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
928 zone "253.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
929 zone "254.in-addr.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
931 // IPv6 Unassigned Addresses (RFC 4291)
932 zone "1.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
933 zone "3.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
934 zone "4.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
935 zone "5.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
936 zone "6.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
937 zone "7.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
938 zone "8.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
939 zone "9.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
940 zone "a.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
941 zone "b.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
942 zone "c.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
943 zone "d.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
944 zone "e.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
945 zone "0.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
946 zone "1.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
947 zone "2.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
948 zone "3.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
949 zone "4.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
950 zone "5.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
951 zone "6.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
952 zone "7.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
953 zone "8.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
954 zone "9.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
955 zone "a.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
956 zone "b.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
957 zone "0.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
958 zone "1.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
959 zone "2.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
960 zone "3.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
961 zone "4.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
962 zone "5.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
963 zone "6.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
964 zone "7.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
966 // IPv6 ULA (RFCs 4193 and 6303)
967 zone "c.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
968 zone "d.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
970 // IPv6 Link Local (RFCs 4291 and 6303)
971 zone "8.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
972 zone "9.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
973 zone "a.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
974 zone "b.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
976 // IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303)
977 zone "c.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
978 zone "d.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
979 zone "e.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
980 zone "f.e.f.ip6.arpa" { type master; file "%%ETCDIR%%/master/empty.db"; };
982 // IP6.INT is Deprecated (RFC 4159)
983 zone "ip6.int" { type master; file "%%ETCDIR%%/master/empty.db"; };
985 // NB: Do not use the IP addresses below, they are faked, and only
986 // serve demonstration/documentation purposes!
988 // Example slave zone config entries. It can be convenient to become
989 // a slave at least for the zone your own domain is in. Ask
990 // your network administrator for the IP address of the responsible
991 // master name server.
993 // Do not forget to include the reverse lookup zone!
994 // This is named after the first bytes of the IP address, in reverse
995 // order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
997 // Before starting to set up a master zone, make sure you fully
998 // understand how DNS and BIND work. There are sometimes
999 // non-obvious pitfalls. Setting up a slave zone is usually simpler.
1001 // NB: Don't blindly enable the examples below. :-) Use actual names
1002 // and addresses instead.
1004 /* An example dynamic zone
1005 key "exampleorgkey" {
1007 secret "sf87HJqjkqh8ac87a02lla==";
1009 zone "example.org" {
1012 key "exampleorgkey";
1014 file "%%ETCDIR%%/dynamic/example.org";
1018 /* Example of a slave reverse zone
1019 zone "1.168.192.in-addr.arpa" {
1021 file "%%ETCDIR%%/slave/1.168.192.in-addr.arpa";
1029 [FILE:11623:files/named.in]
1034 # REQUIRE: %%NAMED_REQUIRE%%
1035 # BEFORE: %%NAMED_BEFORE%%
1039 # Add the following lines to /etc/rc.conf to enable BIND:
1040 # named_enable (bool): Run named, the DNS server (or NO).
1041 # named_program (str): Path to named, if you want a different one.
1042 # named_conf (str): Path to the configuration file
1043 # named_flags (str): Use this for flags OTHER than -u and -c
1044 # named_uid (str): User to run named as
1045 # named_chrootdir (str): Chroot directory (or "" not to auto-chroot it)
1046 # Historically, was /var/named
1047 # named_chroot_autoupdate (bool): Automatically install/update chrooted
1048 # components of named.
1049 # named_symlink_enable (bool): Symlink the chrooted pid file
1050 # named_wait (bool): Wait for working name service before exiting
1051 # named_wait_host (str): Hostname to check if named_wait is enabled
1052 # named_auto_forward (str): Set up forwarders from /etc/resolv.conf
1053 # named_auto_forward_only (str): Do "forward only" instead of "forward first"
1059 desc="named BIND startup script"
1062 load_rc_config ${name}
1064 extra_commands=reload
1066 start_precmd=named_prestart
1067 start_postcmd=named_poststart
1068 reload_cmd=named_reload
1070 stop_postcmd=named_poststop
1072 named_enable=${named_enable:-"NO"}
1073 named_program=${named_program:-"%%PREFIX%%/sbin/named"}
1074 named_conf=${named_conf:-"%%ETCDIR%%/named.conf"}
1075 named_flags=${named_flags:-""}
1076 named_uid=${named_uid:-"bind"}
1077 named_chrootdir=${named_chrootdir:-""}
1078 named_chroot_autoupdate=${named_chroot_autoupdate:-"YES"}
1079 named_symlink_enable=${named_symlink_enable:-"YES"}
1080 named_wait=${named_wait:-"NO"}
1081 named_wait_host=${named_wait_host:-"localhost"}
1082 named_auto_forward=${named_auto_forward:-"NO"}
1083 named_auto_forward_only=${named_auto_forward_only:-"NO"}
1085 # Not configuration variables but having them here keeps rclint happy
1086 required_dirs="${named_chrootdir}"
1087 _named_confdirroot="${named_conf%/*}"
1088 _named_confdir="${named_chrootdir}${_named_confdirroot}"
1089 _named_program_root="${named_program%/sbin/named}"
1090 _openssl_engines="%%LOCALBASE%%/lib/engines"
1092 # Needed if named.conf and rndc.conf are moved or if rndc.conf is used
1093 rndc_conf=${rndc_conf:-"$_named_confdir/rndc.conf"}
1094 rndc_key=${rndc_key:-"$_named_confdir/rndc.key"}
1096 # If running in a chroot cage, ensure that the appropriate files
1097 # exist inside the cage, as well as helper symlinks into the cage
1100 # As this is called after the is_running and required_dir checks
1101 # are made in run_rc_command(), we can safely assume ${named_chrootdir}
1102 # exists and named isn't running at this point (unless forcestart
1109 # If it's the first time around, fiddle with things and move the
1110 # current configuration to the chroot.
1111 if [ -d ${_named_confdirroot} -a ! -d ${_named_confdir} ]; then
1112 warn "named chroot: Moving current configuration in the chroot!"
1113 install -d ${_named_confdir%/*}
1114 mv ${_named_confdirroot} ${_named_confdir}
1117 # Create (or update) the chroot directory structure
1119 if [ -r %%PREFIX%%/etc/mtree/BIND.chroot.dist ]; then
1120 mtree -deU -f %%PREFIX%%/etc/mtree/BIND.chroot.dist \
1121 -p ${named_chrootdir}
1123 warn "%%PREFIX%%/etc/mtree/BIND.chroot.dist missing,"
1124 warn "${named_chrootdir} directory structure not updated"
1126 if [ -r %%PREFIX%%/etc/mtree/BIND.chroot.local.dist ]; then
1127 mkdir -p ${named_chrootdir}%%PREFIX%%
1128 mtree -deU -f %%PREFIX%%/etc/mtree/BIND.chroot.local.dist \
1129 -p ${named_chrootdir}%%PREFIX%%
1131 warn "%%PREFIX%%/etc/mtree/BIND.chroot.local.dist missing,"
1132 warn "${named_chrootdir}%%PREFIX%% directory structure not updated"
1135 # Create (or update) the configuration directory symlink
1137 if [ ! -L "${_named_confdirroot}" ]; then
1138 if [ -d "${_named_confdirroot}" ]; then
1139 warn "named chroot: ${_named_confdirroot} is a directory!"
1140 elif [ -e "${_named_confdirroot}" ]; then
1141 warn "named chroot: ${_named_confdirroot} exists!"
1143 ln -s ${_named_confdir} ${_named_confdirroot}
1146 # Make sure it points to the right place.
1147 ln -shf ${_named_confdir} ${_named_confdirroot}
1150 # Mount a devfs in the chroot directory if needed
1152 if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
1153 umount ${named_chrootdir}/dev 2>/dev/null
1154 devfs_domount ${named_chrootdir}/dev devfsrules_hide_all
1155 devfs -m ${named_chrootdir}/dev rule apply path null unhide
1156 devfs -m ${named_chrootdir}/dev rule apply path random unhide
1158 if [ -c ${named_chrootdir}/dev/null -a \
1159 -c ${named_chrootdir}/dev/random ]; then
1160 info "named chroot: using pre-mounted devfs."
1162 err 1 "named chroot: devfs cannot be mounted from " \
1163 "within a jail. Thus a chrooted named cannot " \
1164 "be run from within a jail. Either mount the " \
1165 "devfs with null and random from the host, or " \
1166 "run named without chrooting it, set " \
1167 "named_chrootdir=\"\" in /etc/rc.conf."
1171 # If OpenSSL from ports, then the engines should be present in the
1172 # chroot, named loads them after chrooting.
1173 if [ -d ${_openssl_engines} ]; then
1174 # FIXME when 8.4 is gone see if
1175 # security.jail.param.allow.mount.nullfs can be used.
1176 if [ `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ]; then
1177 mkdir -p ${named_chrootdir}${_openssl_engines}
1178 mount -t nullfs ${_openssl_engines} ${named_chrootdir}${_openssl_engines}
1180 warn "named chroot: cannot nullfs mount OpenSSL" \
1181 "engines into the chroot, will copy the shared" \
1182 "libraries instead."
1183 mkdir -p ${named_chrootdir}${_openssl_engines}
1184 cp -f ${_openssl_engines}/*.so ${named_chrootdir}${_openssl_engines}
1188 # Copy and/or update key files to the chroot /etc
1190 for file in localtime protocols services; do
1191 if [ -r /etc/${file} ] && \
1192 ! cmp -s /etc/${file} "${named_chrootdir}/etc/${file}"; then
1193 cp -p /etc/${file} "${named_chrootdir}/etc/${file}"
1198 # Make symlinks to the correct pid file
1202 checkyesno named_symlink_enable &&
1203 ln -fs "${named_chrootdir}${pidfile}" ${pidfile}
1210 if checkyesno named_wait; then
1211 until ${_named_program_root}/bin/host ${named_wait_host} >/dev/null 2>&1; do
1212 echo " Waiting for nameserver to resolve ${named_wait_host}"
1220 # This is a one line function, but ${named_program} is not defined early
1221 # enough to be there when the reload_cmd variable is defined up there.
1227 if get_pidfile_from_conf pid-file ${named_conf}; then
1228 pidfile="${_pidfile_from_conf}"
1230 pidfile="/var/run/named/pid"
1238 # This duplicates an undesirably large amount of code from the stop
1239 # routine in rc.subr in order to use rndc to shut down the process,
1240 # and to give it a second chance in case rndc fails.
1241 rc_pid=$(check_pidfile ${pidfile} ${command})
1242 if [ -z "${rc_pid}" ]; then
1243 [ -n "${rc_fast}" ] && return 0
1247 echo 'Stopping named.'
1249 wait_for_pids ${rc_pid}
1251 echo -n 'rndc failed, trying kill: '
1252 kill -TERM ${rc_pid}
1253 wait_for_pids ${rc_pid}
1259 if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then
1260 # if using OpenSSL from ports, unmount OpenSSL engines, if they
1261 # were not mounted but only copied, do nothing.
1262 if [ -d ${_openssl_engines} -a \( `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 \) ]; then
1263 umount ${named_chrootdir}${_openssl_engines}
1266 if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
1267 umount ${named_chrootdir}/dev 2>/dev/null || true
1269 warn "named chroot:" \
1270 "cannot unmount devfs from inside jail!"
1277 if [ -e "$1" ]; then
1280 install -o root -g wheel -m 0644 /dev/null $1
1285 if [ -z "${rndc_flags}" ]; then
1286 if [ -s "${rndc_conf}" ] ; then
1287 rndc_flags="-c ${rndc_conf}"
1288 elif [ -s "${rndc_key}" ] ; then
1289 rndc_flags="-k ${rndc_key}"
1295 ${_named_program_root}/sbin/rndc ${rndc_flags} "$@"
1302 if [ -n "${named_pidfile}" ]; then
1303 warn 'named_pidfile: now determined from the conf file'
1306 piddir=`/usr/bin/dirname ${pidfile}`
1307 if [ ! -d ${piddir} ]; then
1308 install -d -o ${named_uid} -g ${named_uid} ${piddir}
1311 command_args="-u ${named_uid:=root} -c ${named_conf} ${command_args}"
1313 local line nsip firstns
1315 # Is the user using a sandbox?
1317 if [ -n "${named_chrootdir}" ]; then
1318 rc_flags="${rc_flags} -t ${named_chrootdir}"
1319 checkyesno named_chroot_autoupdate && chroot_autoupdate
1321 named_symlink_enable=NO
1324 # Create an rndc.key file for the user if none exists
1326 confgen_command="${_named_program_root}/sbin/rndc-confgen -a -b256 -u ${named_uid} \
1327 -c ${_named_confdir}/rndc.key"
1328 if [ -s "${_named_confdir}/rndc.conf" ]; then
1329 unset confgen_command
1331 if [ -s "${_named_confdir}/rndc.key" ]; then
1332 case `stat -f%Su ${_named_confdir}/rndc.key` in
1333 root|${named_uid}) ;;
1334 *) ${confgen_command} ;;
1342 checkconf="${_named_program_root}/sbin/named-checkconf"
1343 if ! checkyesno named_chroot_autoupdate && [ -n "${named_chrootdir}" ]; then
1344 checkconf="${checkconf} -t ${named_chrootdir}"
1347 # Create a forwarder configuration based on /etc/resolv.conf
1348 if checkyesno named_auto_forward; then
1349 if [ ! -s /etc/resolv.conf ]; then
1350 warn "named_auto_forward enabled, but no /etc/resolv.conf"
1352 # Empty the file in case it is included in named.conf
1353 [ -s "${_named_confdir}/auto_forward.conf" ] &&
1354 create_file ${_named_confdir}/auto_forward.conf
1356 ${checkconf} ${named_conf} ||
1357 err 3 'named-checkconf for ${named_conf} failed'
1361 create_file /var/run/naf-resolv.conf
1362 create_file /var/run/auto_forward.conf
1364 echo ' forwarders {' > /var/run/auto_forward.conf
1368 'nameserver '*|'nameserver '*)
1369 nsip=${line##nameserver[ ]}
1371 if [ -z "${firstns}" ]; then
1372 if [ ! "${nsip}" = '127.0.0.1' ]; then
1373 echo 'nameserver 127.0.0.1'
1374 echo " ${nsip};" >> /var/run/auto_forward.conf
1379 [ "${nsip}" = '127.0.0.1' ] && continue
1380 echo " ${nsip};" >> /var/run/auto_forward.conf
1386 done < /etc/resolv.conf > /var/run/naf-resolv.conf
1388 echo ' };' >> /var/run/auto_forward.conf
1389 echo '' >> /var/run/auto_forward.conf
1390 if checkyesno named_auto_forward_only; then
1391 echo " forward only;" >> /var/run/auto_forward.conf
1393 echo " forward first;" >> /var/run/auto_forward.conf
1396 if cmp -s /etc/resolv.conf /var/run/naf-resolv.conf; then
1397 unlink /var/run/naf-resolv.conf
1399 [ -e /etc/resolv.conf ] && unlink /etc/resolv.conf
1400 mv /var/run/naf-resolv.conf /etc/resolv.conf
1403 if cmp -s ${_named_confdir}/auto_forward.conf \
1404 /var/run/auto_forward.conf; then
1405 unlink /var/run/auto_forward.conf
1407 [ -e "${_named_confdir}/auto_forward.conf" ] &&
1408 unlink ${_named_confdir}/auto_forward.conf
1409 mv /var/run/auto_forward.conf \
1410 ${_named_confdir}/auto_forward.conf
1413 # Empty the file in case it is included in named.conf
1414 [ -s "${_named_confdir}/auto_forward.conf" ] &&
1415 create_file ${_named_confdir}/auto_forward.conf
1418 ${checkconf} ${named_conf} || err 3 "named-checkconf for ${named_conf} failed"
1424 [FILE:3289:files/named.root]
1425 ; This file holds the information on root name servers needed to
1426 ; initialize cache of Internet domain name servers
1427 ; (e.g. reference this file in the "cache . <file>"
1428 ; configuration file of BIND domain name servers).
1430 ; This file is made available by InterNIC
1431 ; under anonymous FTP as
1432 ; file /domain/named.cache
1433 ; on server FTP.INTERNIC.NET
1434 ; -OR- RS.INTERNIC.NET
1436 ; last update: April 11, 2017
1437 ; related version of root zone: 2017041101
1439 ; formerly NS.INTERNIC.NET
1441 . 3600000 NS A.ROOT-SERVERS.NET.
1442 A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
1443 A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30
1445 ; FORMERLY NS1.ISI.EDU
1447 . 3600000 NS B.ROOT-SERVERS.NET.
1448 B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
1449 B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b
1451 ; FORMERLY C.PSI.NET
1453 . 3600000 NS C.ROOT-SERVERS.NET.
1454 C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
1455 C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c
1457 ; FORMERLY TERP.UMD.EDU
1459 . 3600000 NS D.ROOT-SERVERS.NET.
1460 D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
1461 D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d
1463 ; FORMERLY NS.NASA.GOV
1465 . 3600000 NS E.ROOT-SERVERS.NET.
1466 E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
1467 E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e
1469 ; FORMERLY NS.ISC.ORG
1471 . 3600000 NS F.ROOT-SERVERS.NET.
1472 F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
1473 F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
1475 ; FORMERLY NS.NIC.DDN.MIL
1477 . 3600000 NS G.ROOT-SERVERS.NET.
1478 G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
1479 G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d
1481 ; FORMERLY AOS.ARL.ARMY.MIL
1483 . 3600000 NS H.ROOT-SERVERS.NET.
1484 H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53
1485 H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53
1487 ; FORMERLY NIC.NORDU.NET
1489 . 3600000 NS I.ROOT-SERVERS.NET.
1490 I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
1491 I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53
1493 ; OPERATED BY VERISIGN, INC.
1495 . 3600000 NS J.ROOT-SERVERS.NET.
1496 J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
1497 J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30
1499 ; OPERATED BY RIPE NCC
1501 . 3600000 NS K.ROOT-SERVERS.NET.
1502 K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
1503 K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
1507 . 3600000 NS L.ROOT-SERVERS.NET.
1508 L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
1509 L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:9f::42
1513 . 3600000 NS M.ROOT-SERVERS.NET.
1514 M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
1515 M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
1519 [FILE:1637:files/pkg-message-server.in]
1520 **********************************************************************
1521 * _ _____ _____ _____ _ _ _____ ___ ___ _ _ *
1522 * / \|_ _|_ _| ____| \ | |_ _|_ _/ _ \| \ | | *
1523 * / _ \ | | | | | _| | \| | | | | | | | | \| | *
1524 * / ___ \| | | | | |___| |\ | | | | | |_| | |\ | *
1525 * /_/ \_\_| |_| |_____|_| \_| |_| |___\___/|_| \_| *
1527 * BIND requires configuration of rndc, including a "secret" key. *
1528 * The easiest, and most secure way to configure rndc is to run *
1529 * 'rndc-confgen -a' to generate the proper conf file, with a new *
1530 * random key, and appropriate file permissions. *
1532 * The %%PREFIX%%/etc/rc.d/named script will do that for you. *
1534 * If using syslog to log the BIND9 activity, and using a *
1535 * chroot'ed installation, you will need to tell syslog to *
1536 * install a log socket in the BIND9 chroot by running: *
1538 * # sysrc altlog_proglist+=named *
1540 * And then restarting syslogd with: service syslogd restart *
1542 **********************************************************************
1545 [FILE:59:files/special.mk]
1546 BIND_ETCDIR?= etc/namedb
1547 ETCDIR= ${PREFIX}/${BIND_ETCDIR}