%def gen_match_clients(%%agriates, %%forward) %if %%nombre_interfaces >= "2" %if (%%dns_rvp_eth1 == %%agriates or %%agriates == 'force') and \ (%%dns_forward_eth1 == %%forward or %%forward == 'force') %%adresse_network_eth1/%%calc_classe(%%adresse_netmask_eth1); %end if %if %%alias_eth1 == "oui" %for %%alias_ip in %%alias_ip_eth1 %if (%%alias_ip.dns_rvp_alias_eth1 == %%agriates or %%agriates == 'force') and \ (%%alias_ip.dns_forward_alias_eth1 == %%forward or %%forward == 'force') %%alias_ip.alias_network_eth1/%%calc_classe(%%alias_ip.alias_netmask_eth1); %end if %end for %end if %if %%vlan_eth1 == "oui" %for %%vlan in %%id_vlan_eth1 %if (%%vlan.dns_rvp_vlan_eth1 == %%agriates or %%agriates == 'force') and \ (%%vlan.dns_forward_vlan_eth1 == %%forward or %%forward == 'force') %%vlan.adresse_network_vlan_eth1/%%calc_classe(%%vlan.adresse_netmask_vlan_eth1); %end if %end for %end if %end if %if %%nombre_interfaces >= "3" %if (%%dns_rvp_eth2 == %%agriates or %%agriates == 'force') and \ (%%dns_forward_eth2 == %%forward or %%forward == 'force') %%adresse_network_eth2/%%calc_classe(%%adresse_netmask_eth2); %end if %if %%alias_eth2 == "oui" %for %%alias_ip in %%alias_ip_eth2 %if (%%alias_ip.dns_rvp_alias_eth2 == %%agriates or %%agriates == 'force') and \ (%%alias_ip.dns_forward_alias_eth2 == %%forward or %%forward == 'force') %%alias_ip.alias_network_eth2/%%calc_classe(%%alias_ip.alias_netmask_eth2); %end if %end for %end if %if %%vlan_eth2 == "oui" %for %%vlan in %%id_vlan_eth2 %if (%%vlan.dns_rvp_vlan_eth2 == %%agriates or %%agriates == 'force') and \ (%%vlan.dns_forward_vlan_eth2 == %%forward or %%forward == 'force') %%vlan.adresse_network_vlan_eth2/%%calc_classe(%%vlan.adresse_netmask_vlan_eth2); %end if %end for %end if %end if %if %%nombre_interfaces >= "4" %if (%%dns_rvp_eth3 == %%agriates or %%agriates == 'force') and \ (%%dns_forward_eth3 == %%forward or %%forward == 'force') %%adresse_network_eth3/%%calc_classe(%%adresse_netmask_eth3); %end if %if %%alias_eth3 == "oui" %for %%alias_ip in %%alias_ip_eth3 %if (%%alias_ip.dns_rvp_alias_eth3 == %%agriates or %%agriates == 'force') and \ (%%alias_ip.dns_forward_alias_eth3 == %%forward or %%forward == 'force') %%alias_ip.alias_network_eth3/%%calc_classe(%%alias_ip.alias_netmask_eth3); %end if %end for %end if %if %%vlan_eth3 == "oui" %for %%vlan in %%id_vlan_eth3 %if (%%vlan.dns_rvp_vlan_eth3 == %%agriates or %%agriates == 'force') and \ (%%vlan.dns_forward_vlan_eth3 == %%forward or %%forward == 'force') %%vlan.adresse_network_vlan_eth3/%%calc_classe(%%vlan.adresse_netmask_vlan_eth3); %end if %end for %end if %end if %if %%nombre_interfaces >= "5" %if (%%dns_rvp_eth4 == %%agriates or %%agriates == 'force') and \ (%%dns_forward_eth4 == %%forward or %%forward == 'force') %%adresse_network_eth4/%%calc_classe(%%adresse_netmask_eth4); %end if %if %%alias_eth4 == "oui" %for %%alias_ip in %%alias_ip_eth4 %if (%%alias_ip.dns_rvp_alias_eth4 == %%agriates or %%agriates == 'force') and \ (%%alias_ip.dns_forward_alias_eth4 == %%forward or %%forward == 'force') %%alias_ip.alias_network_eth4/%%calc_classe(%%alias_ip.alias_netmask_eth4); %end if %end for %end if %if %%vlan_eth4 == "oui" %for %%vlan in %%id_vlan_eth4 %if (%%vlan.dns_rvp_vlan_eth4 == %%agriates or %%agriates == 'force') and \ (%%vlan.dns_forward_vlan_eth4 == %%forward or %%forward == 'force') %%vlan.adresse_network_vlan_eth4/%%calc_classe(%%vlan.adresse_netmask_vlan_eth4); %end if %end for %end if %end if %if %%activer_route == "oui" %for %%indirectnet in %%route_adresse %if (%%indirectnet.dns_rvp_route == %%agriates or %%agriates == 'force') and \ (%%indirectnet.dns_forward_route == %%forward or %%forward == 'force') %%indirectnet/%%calc_classe(%%indirectnet.route_netmask); %end if %end for %end if %end def options { directory "/etc/bind"; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ version "MyVersion"; // query-source address * port 53; // *** DNS EXTERNE %if not %%is_empty(%%adresse_ip_dns) forwarders { %for %%variable_iter in %%adresse_ip_dns %%variable_iter; %end for }; forward only; %end if listen-on {intra;}; allow-notify {none;}; allow-recursion {allnets;}; allow-transfer {none;}; allow-query {allnets;}; }; acl "allnets" { localnets; %for %%indirectnet in %%route_adresse %if %%indirectnet.dns_route == "oui" %%indirectnet/%%calc_classe(%%indirectnet.route_netmask); %end if %end for }; acl "intra" { 127.0.0.1; %if %%mode_conteneur_actif == 'oui' // mode avec conteneur %if %%activer_dns_eth0 == 'oui' %if %%is_defined('adresse_ip_eth0_proxy_link') and %%adresse_ip_eth0_proxy_link != '' %%adresse_ip_eth0_proxy_link; %end if %end if %%adresse_ip_conteneur_dns; %if %%nombre_interfaces > 1 and %%is_defined('adresse_ip_eth1_proxy_link') and %%adresse_ip_eth1_proxy_link != '' %%adresse_ip_eth1_proxy_link; %end if %if %%nombre_interfaces > 2 and %%is_defined('adresse_ip_eth2_proxy_link') and %%adresse_ip_eth2_proxy_link != '' %%adresse_ip_eth2_proxy_link; %end if %if %%nombre_interfaces > 3 and %%is_defined('adresse_ip_eth3_proxy_link') and %%adresse_ip_eth3_proxy_link != '' %%adresse_ip_eth3_proxy_link; %end if %else // mode sans conteneur %if %%activer_dns_eth0 == 'oui' %%adresse_ip_eth0; %end if %if %%nombre_interfaces >= "2" %%adresse_ip_eth1; %if %%alias_eth1 == "oui" %for %%alias_ip in %%alias_ip_eth1 %%alias_ip; %end for %end if %if %%vlan_eth1 == "oui" %for %%id_vlan1 in %%id_vlan_eth1 %%id_vlan1.adresse_ip_vlan_eth1; %end for %end if %end if %if %%nombre_interfaces >= "3" %%adresse_ip_eth2; %if %%alias_eth2 == "oui" %for %%alias_ip in %%alias_ip_eth2 %%alias_ip; %end for %end if %if %%vlan_eth2 == "oui" %for %%id_vlan2 in %%id_vlan_eth2 %%id_vlan2.adresse_ip_vlan_eth2; %end for %end if %end if %if %%nombre_interfaces >= "4" %%adresse_ip_eth3; %if %%alias_eth3 == "oui" %for %%alias_ip in %%alias_ip_eth3 %%alias_ip; %end for %end if %if %%vlan_eth3 == "oui" %for %%id_vlan3 in %%id_vlan_eth3 %%id_vlan3.adresse_ip_vlan_eth3; %end for %end if %end if %if %%nombre_interfaces >= "5" %%adresse_ip_eth4; %if %%alias_eth4 == "oui" %for %%alias_ip in %%alias_ip_eth4 %%alias_ip; %end for %end if %if %%vlan_eth4 == "oui" %for %%id_vlan4 in %%id_vlan_eth4 %%id_vlan4.adresse_ip_vlan_eth4; %end for %end if %end if %if %%vlan_eth0 == "oui" %for %%id_vlan0 in %%id_vlan_eth0 %%id_vlan0.adresse_ip_vlan_eth0; %end for %end if // fin mode sans conteneur %end if }; %if %%install_rvp == "oui" and %%agriates_member == "oui" and not %%is_empty(%%adresse_dns_agriates) and not %%is_empty(%%ip_dns_zone_forward) view "Zones AGRIATES-FORWARD" { match-clients { 127.0.0.1; %if %%mode_conteneur_actif == 'oui' 192.0.2.0/24; %end if %%gen_match_clients('oui', 'oui') }; include "/etc/bind/agriates.zones"; include "/etc/bind/forward.zones"; include "/etc/bind/local.zones"; }; %end if %if %%install_rvp == "oui" and %%agriates_member == "oui" and not %%is_empty(%%adresse_dns_agriates) view "Reseau Agriates" { match-clients { 127.0.0.1; %if %%mode_conteneur_actif == 'oui' 192.0.2.0/24; %end if %if not %%is_empty(%%ip_dns_zone_forward) %%gen_match_clients('oui', 'non') %else %%gen_match_clients('oui', 'force') %end if }; include "/etc/bind/agriates.zones"; include "/etc/bind/local.zones"; }; %end if %if not %%is_empty(%%ip_dns_zone_forward) view "Zones forward" { match-clients { 127.0.0.1; %if %%mode_conteneur_actif == 'oui' 192.0.2.0/24; %end if %if %%install_rvp == "oui" and %%agriates_member == "oui" and not %%is_empty(%%adresse_dns_agriates) %%gen_match_clients('non', 'oui') %else %%gen_match_clients('force', 'oui') %end if }; include "/etc/bind/forward.zones"; include "/etc/bind/local.zones"; }; %end if view "tous" { match-clients { any; }; include "/etc/bind/local.zones"; include "/etc/bind/named.conf.local"; };