Verisign fun.
Sean Chittenden
sean at chittenden.org
Thu Sep 18 11:45:09 PDT 2003
> If you want to do something like this, here's the official ISC patch:
>
> http://www.isc.org/products/BIND/delegation-only.html
And for those that don't know how to use the patch, add the following
to your config once you recompile:
zone "com" in { type delegation-only; };
zone "net" in { type delegation-only; };
zone "cc" in { type delegation-only; };
zone "cx" in { type delegation-only; };
zone "io" in { type delegation-only; };
zone "mp" in { type delegation-only; };
zone "nu" in { type delegation-only; };
zone "ph" in { type delegation-only; };
zone "td" in { type delegation-only; };
zone "tk" in { type delegation-only; };
zone "tv" in { type delegation-only; };
zone "ws" in { type delegation-only; };
And actually, if you're using the bind9 port, here's the patch
suitable for inclusion in the dns/bind9 port:
cd /usr/ports/dns/bind9
mkdir files
fetch -o files/patch-delegation http://people.freebsd.org/~seanc/patches/patch-HEAD-ports::dns::bind9::patch-delegation
And you can rebuild/upgrade from there.
-sc
--
Sean Chittenden
More information about the freebsd-isp
mailing list