distorted.lisp: Refactor the nameserver stanza.

[zones] / distorted.lisp

diff --git a/distorted.lisp b/distorted.lisp
index 56f19eb..5464bdf 100644 (file)
--- a/distorted.lisp
+++ b/distorted.lisp
@@ -67,16 +67,13 @@
 (defzone distorted.org.uk
 
   ;; Nameservers.
-  :ns #+view/inside ((radius.ns :ip radius)
-                    (precision.ns :ip precision)
-                    (telecaster.ns :ip telecaster)
-                    (vampire.ns :ip vampire))
-      #-view/inside ((radius.ns :ip radius)
-                    (precision.ns :ip precision)
-                    (telecaster.ns :ip telecaster)
-                    (mythic-beasts-1.ns :ip mythic-ns1)
-                    (mythic-beasts-2.ns :ip mythic-ns2)
-                    (chiark.ns :ip chiark.greenend.org.uk))
+  :ns ((radius.ns :ip radius)
+       (precision.ns :ip precision)
+       (telecaster.ns :ip telecaster)
+       #+view/inside (vampire.ns :ip vampire)
+       #-view/inside (mythic-beasts-1.ns :ip mythic-ns1)
+       #-view/inside (mythic-beasts-2.ns :ip mythic-ns2)
+       #-view/inside (chiark.ns :ip chiark.greenend.org.uk))
 
   ;; Mail servers.
   ((@ mail blackhole) :mx mail :srv ((:smtp mail)))
@@ -165,8 +162,7 @@
   (cabal :svc stratocaster.colo :sshfp "stratocaster")
 
   ;; Local services.
-  ((rawk pifi) (unsafe :svc artist.unsafe)
-              (dmz :svc artist.dmz))
+  ((rawk pifi) (unsafe :svc artist.unsafe) (dmz :svc artist.dmz))
   (mirror (dmz :svc roadstar.dmz :sshfp "roadstar")
          (unsafe :svc roadstar.unsafe :sshfp "roadstar"))
 
@@ -371,27 +367,32 @@
             vampire.distorted.org.uk.))
   :multi (((dhcp safe) :family :ipv4 :suffix "199.29.172.dhcp") :cname *))
 
-(defrevzone (dmz :family :ipv6)
+(defzone dhcp.199.29.172.in-addr.arpa
   :ns (radius.distorted.org.uk.
        precision.distorted.org.uk.
        telecaster.distorted.org.uk.
-       vampire.distorted.org.uk.)
-  :reverse dmz)
+       vampire.distorted.org.uk.))
 
-(defrevzone (dmz :family :ipv4)
-  (144-159 :ns (radius.distorted.org.uk.
-               precision.distorted.org.uk.
-               telecaster.distorted.org.uk.
-               vampire.distorted.org.uk.))
-  :multi ((dmz :suffix "144-159") :cname *))
+(defrevzone untrusted
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.))
 
-(defzone 144-159.204.49.62.in-addr.arpa
+(defzone 128-143.238.187.81.in-addr.arpa
   :ns (radius.distorted.org.uk.
        precision.distorted.org.uk.
        telecaster.distorted.org.uk.
        vampire.distorted.org.uk.)
   :reverse ((((:ipv4 dmz)))))
 
+(defzone 195.113.2.81.in-addr.arpa
+  :ns (radius.distorted.org.uk.
+       precision.distorted.org.uk.
+       telecaster.distorted.org.uk.
+       vampire.distorted.org.uk.)
+  :reverse ((((:ipv4 gw)))))
+
 (defrevzone (jump :family :ipv6)
   :ns (radius.distorted.org.uk.
        precision.distorted.org.uk.
@@ -413,12 +414,12 @@
        vampire.distorted.org.uk.)
   :reverse ((((:ipv4 jump)))))
 
-(defrevzone distorted.org.uk-he
+(defrevzone (distorted.org.uk-aaisp :family :ipv6)
   :ns (radius.distorted.org.uk.
        precision.distorted.org.uk.
        telecaster.distorted.org.uk.
        vampire.distorted.org.uk.)
-  :reverse distorted.org.uk-he)
+  :reverse ((((:ipv6 distorted.org.uk-aaisp)))))
 
 (defrevzone distorted.org.uk-jump
   :ns (radius.distorted.org.uk.