X-Git-Url: https://git.distorted.org.uk/~mdw/zones/blobdiff_plain/b9b55bea28191c862075fe4a5aedecddcfd30f3e..6d5194acf102a511339aa504039cf71479622cc6:/distorted.lisp diff --git a/distorted.lisp b/distorted.lisp index 2161036..aa3a375 100644 --- a/distorted.lisp +++ b/distorted.lisp @@ -84,10 +84,8 @@ ((@ mail blackhole) :mx mail :srv ((:smtp mail))) ((bugs) :ttl 300 :mx lists :srv ((:smtp bugs))) ((lists) :ttl 300 :mx lists :srv ((:smtp lists))) - - (stratocaster.20140403._domainkey - :dkim ("stratocaster-20140403" - :v "DKIM1" :k "rsa" :h "sha256" :s "email")) + ((_domainkey _domainkey.mail) :dname stratocaster.dkim) + ((_domainkey.bugs _domainkey.lists) :dname telecaster.dkim) ;; Anycast services. (dns0 :anycast ((any dns0.any) (dmz radius.dmz) @@ -339,11 +337,39 @@ (40945 :rsasha256 :sha256 #.(concatenate 'string "fb171d206d4d64c5a7a6c290ce6e20df" "44f1db7f41e2260f1fe8d7c55d524c11")))) - (io :ns ((ns.io :ip jazz.dmz)))) + (stratocaster.dkim + :ns ((radius.ns.stratocaster.dkim :ip radius.dmz) + (precision.ns.stratocaster.dkim :ip precision.dmz) + (telecaster.ns.stratocaster.dkim :ip telecaster.dmz) + (national.ns.stratocaster.dkim :ip national.linode) + (mythic-beasts-1.ns.stratocaster.dkim :ip mythic-ns1) + (mythic-beasts-2.ns.stratocaster.dkim :ip mythic-ns2) + (mythic-beasts-3.ns.stratocaster.dkim :ip mythic-ns3)) + :ds ((24577 :rsasha256 :sha1 + "d06847c01e19098509a8d07a9aafaceff532c9c7") + (24577 :rsasha256 :sha256 + #.(concatenate 'string "a40cdb1c633041cfbc1b80a400cff527" + "2cad051915fc0cd40296a2d4590b9d2b")))) + (telecaster.dkim + :ns ((radius.ns.telecaster.dkim :ip radius.dmz) + (precision.ns.telecaster.dkim :ip precision.dmz) + (telecaster.ns.telecaster.dkim :ip telecaster.dmz) + (national.ns.telecaster.dkim :ip national.linode) + (mythic-beasts-1.ns.telecaster.dkim :ip mythic-ns1) + (mythic-beasts-2.ns.telecaster.dkim :ip mythic-ns2) + (mythic-beasts-3.ns.telecaster.dkim :ip mythic-ns3)) + :ds ((38896 :rsasha256 :sha1 + "2c2daea658784e22c46bf9e86da67def1e34cf40") + (38896 :rsasha256 :sha256 + #.(concatenate 'string "66997571c7d47f912caa65f2154ecd37" + "5b9d391e3ed44d79ac35eef59264e521")))) + (io :ns ((ns.io :ip jazz.dmz))) + (play :ns (radius.ns precision.ns telecaster.ns national.ns))) ;;;-------------------------------------------------------------------------- ;;; Other subsidiary zones. +#+view/outside (defzone dhcp.distorted.org.uk :ns ((radius.ns :ip radius.dmz) (precision.ns :ip precision.dmz) @@ -358,15 +384,36 @@ (invader :addr invader.safe) (marauder :addr marauder.safe)) -(defzone dyn.distorted.org.uk +#+view/outside +(defzone (dyn.distorted.org.uk :source telecaster.distorted.org.uk.) :ns ((radius.ns :ip radius) (precision.ns :ip precision) (telecaster.ns :ip telecaster) (national.ns :ip national))) +#+view/outside (defzone nicko.org (richmond :addr richmond.dmz)) +#+view/outside +(defzone stratocaster.dkim.distorted.org.uk + :ns ((radius.ns :ip radius.dmz) + (precision.ns :ip precision.dmz) + (telecaster.ns :ip telecaster.dmz) + (national.ns :ip national.linode) + (mythic-beasts-1.ns :ip mythic-ns1) + (mythic-beasts-2.ns :ip mythic-ns2) + (mythic-beasts-3.ns :ip mythic-ns3))) +#+view/outside +(defzone telecaster.dkim.distorted.org.uk + :ns ((radius.ns :ip radius.dmz) + (precision.ns :ip precision.dmz) + (telecaster.ns :ip telecaster.dmz) + (national.ns :ip national.linode) + (mythic-beasts-1.ns :ip mythic-ns1) + (mythic-beasts-2.ns :ip mythic-ns2) + (mythic-beasts-3.ns :ip mythic-ns3))) + (defrevzone trusted :ns (radius.distorted.org.uk. precision.distorted.org.uk. @@ -382,6 +429,7 @@ national.distorted.org.uk.)) :multi (((dhcp safe) :family :ipv4 :suffix "199.29.172.dhcp") :cname *)) +#+view/outside (defzone dhcp.199.29.172.in-addr.arpa :ns (radius.distorted.org.uk. precision.distorted.org.uk. @@ -436,6 +484,7 @@ telecaster.distorted.org.uk. national.distorted.org.uk.)) +#+view/outside (defzone io.distorted.org.uk :ns ((ns :ip jazz.dmz)) (about :txt "Fake zone used for IP-over-DNS tunnelling."))