X-Git-Url: https://git.distorted.org.uk/~mdw/zones/blobdiff_plain/be5a78bf69376e5423909a568e805c18cbacb66e..aa4209550daaa475ad22fee854140c4178575cd0:/distorted.lisp diff --git a/distorted.lisp b/distorted.lisp index dd52e09..604e93d 100644 --- a/distorted.lisp +++ b/distorted.lisp @@ -71,7 +71,6 @@ (precision.ns :ip precision) (telecaster.ns :ip telecaster) (national.ns :ip national) - #+view/inside (vampire.ns :ip vampire) #-view/inside (mythic-beasts-1.ns :ip mythic-ns1) #-view/inside (mythic-beasts-2.ns :ip mythic-ns2) #-view/inside (mythic-beasts-3.ns :ip mythic-ns3) @@ -85,10 +84,8 @@ ((@ mail blackhole) :mx mail :srv ((:smtp mail))) ((bugs) :ttl 300 :mx lists :srv ((:smtp bugs))) ((lists) :ttl 300 :mx lists :srv ((:smtp lists))) - - (stratocaster.20140403._domainkey - :dkim ("stratocaster-20140403" - :v "DKIM1" :k "rsa" :h "sha256" :s "email")) + ((_domainkey _domainkey.mail) :dname stratocaster.dkim) + ((_domainkey.bugs _domainkey.lists) :dname telecaster.dkim) ;; Anycast services. (dns0 :anycast ((any dns0.any) (dmz radius.dmz) @@ -314,7 +311,6 @@ ;; Delegations. (dhcp :ns ((radius.ns.dhcp :ip radius) - (vampire.ns.dhcp :ip vampire) (precision.ns.dhcp :ip precision) (telecaster.ns.dhcp :ip telecaster) (national.ns.dhcp :ip national)) @@ -324,7 +320,6 @@ #.(concatenate 'string "31696bf54b577362b2eb75793adeb9ec" "2e8440ec671371b35d8d978cd9ca3007")))) (dyn :ns ((radius.ns.dyn :ip radius) - (vampire.ns.dyn :ip vampire) (precision.ns.dyn :ip precision) (telecaster.ns.dyn :ip telecaster) (national.ns.dyn :ip national)) @@ -342,11 +337,39 @@ (40945 :rsasha256 :sha256 #.(concatenate 'string "fb171d206d4d64c5a7a6c290ce6e20df" "44f1db7f41e2260f1fe8d7c55d524c11")))) - (io :ns ((ns.io :ip jazz.dmz)))) + (stratocaster.dkim + :ns ((radius.ns.stratocaster.dkim :ip radius.dmz) + (precision.ns.stratocaster.dkim :ip precision.dmz) + (telecaster.ns.stratocaster.dkim :ip telecaster.dmz) + (national.ns.stratocaster.dkim :ip national.linode) + #+later (mythic-beasts-1.ns.stratocaster.dkim :ip mythic-ns1) + #+later (mythic-beasts-2.ns.stratocaster.dkim :ip mythic-ns2) + #+later (mythic-beasts-3.ns.stratocaster.dkim :ip mythic-ns3)) + :ds ((24577 :rsasha256 :sha1 + "d06847c01e19098509a8d07a9aafaceff532c9c7") + (24577 :rsasha256 :sha256 + #.(concatenate 'string "a40cdb1c633041cfbc1b80a400cff527" + "2cad051915fc0cd40296a2d4590b9d2b")))) + (telecaster.dkim + :ns ((radius.ns.telecaster.dkim :ip radius.dmz) + (precision.ns.telecaster.dkim :ip precision.dmz) + (telecaster.ns.telecaster.dkim :ip telecaster.dmz) + (national.ns.telecaster.dkim :ip national.linode) + #+later (mythic-beasts-1.ns.telecaster.dkim :ip mythic-ns1) + #+later (mythic-beasts-2.ns.telecaster.dkim :ip mythic-ns2) + #+later (mythic-beasts-3.ns.telecaster.dkim :ip mythic-ns3)) + :ds ((38896 :rsasha256 :sha1 + "2c2daea658784e22c46bf9e86da67def1e34cf40") + (38896 :rsasha256 :sha256 + #.(concatenate 'string "66997571c7d47f912caa65f2154ecd37" + "5b9d391e3ed44d79ac35eef59264e521")))) + (io :ns ((ns.io :ip jazz.dmz))) + (play :ns (radius.ns precision.ns telecaster.ns national.ns))) ;;;-------------------------------------------------------------------------- ;;; Other subsidiary zones. +#+view/outside (defzone dhcp.distorted.org.uk :ns ((radius.ns :ip radius.dmz) (precision.ns :ip precision.dmz) @@ -361,19 +384,38 @@ (invader :addr invader.safe) (marauder :addr marauder.safe)) -(defzone dyn.distorted.org.uk +#+view/outside +(defzone (dyn.distorted.org.uk :source telecaster.distorted.org.uk.) :ns ((radius.ns :ip radius) - (vampire.ns :ip vampire) (precision.ns :ip precision) (telecaster.ns :ip telecaster) (national.ns :ip national))) +#+view/outside (defzone nicko.org (richmond :addr richmond.dmz)) +#+view/outside +(defzone stratocaster.dkim.distorted.org.uk + :ns ((radius.ns :ip radius.dmz) + (precision.ns :ip precision.dmz) + (telecaster.ns :ip telecaster.dmz) + (national.ns :ip national.linode) + #+later (mythic-beasts-1.ns :ip mythic-ns1) + #+later (mythic-beasts-2.ns :ip mythic-ns2) + #+later (mythic-beasts-3.ns :ip mythic-ns3))) +#+view/outside +(defzone telecaster.dkim.distorted.org.uk + :ns ((radius.ns :ip radius.dmz) + (precision.ns :ip precision.dmz) + (telecaster.ns :ip telecaster.dmz) + (national.ns :ip national.linode) + #+later (mythic-beasts-1.ns :ip mythic-ns1) + #+later (mythic-beasts-2.ns :ip mythic-ns2) + #+later (mythic-beasts-3.ns :ip mythic-ns3))) + (defrevzone trusted :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk.) @@ -382,29 +424,26 @@ :reverse its :reverse any (dhcp :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk.)) :multi (((dhcp safe) :family :ipv4 :suffix "199.29.172.dhcp") :cname *)) +#+view/outside (defzone dhcp.199.29.172.in-addr.arpa :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk.)) (defrevzone untrusted :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk.)) (defzone 128-143.238.187.81.in-addr.arpa :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk. @@ -413,7 +452,6 @@ (defzone 64-79.12.169.217.in-addr.arpa :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk. @@ -422,7 +460,6 @@ (defzone 195.113.2.81.in-addr.arpa :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk. @@ -431,13 +468,11 @@ (defrevzone (distorted.org.uk-aaisp :family :ipv6) :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk. secondary-dns.co.uk.) (0.7.3.6.8.6.4.6.1.0.0.0 :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk.)) @@ -445,11 +480,11 @@ (defrevzone (dhcp :family :ipv6) :ns (radius.distorted.org.uk. - vampire.distorted.org.uk. precision.distorted.org.uk. telecaster.distorted.org.uk. national.distorted.org.uk.)) +#+view/outside (defzone io.distorted.org.uk :ns ((ns :ip jazz.dmz)) (about :txt "Fake zone used for IP-over-DNS tunnelling."))