{"id":4134,"date":"2021-01-26T17:58:25","date_gmt":"2021-01-26T08:58:25","guid":{"rendered":"\/blog\/?p=4134"},"modified":"2023-09-21T09:26:35","modified_gmt":"2023-09-21T00:26:35","slug":"centos-%eb%82%b4%eb%b6%80-dns-%ec%84%9c%eb%b2%84-%ea%b5%ac%ec%b6%95","status":"publish","type":"post","link":"https:\/\/hasu0707.duckdns.org\/blog\/?p=4134","title":{"rendered":"[CentOS] \ub0b4\ubd80 DNS \uc11c\ubc84 \uad6c\ucd95"},"content":{"rendered":"\n<pre class=\"wp-block-syntaxhighlighter-code\">#!\/bin\/sh\nCURRENT_TIME=`date \"+%Y%m%d_%H%M%S\"`\nCURRENT_DIR=$(pwd)\n\nDOMAIN_NAME=\"example.com\"\nNETWORK_PREFIX=\"192.168.1\"\nREVERSE_NETWORK=\"1.168.192\"\n\n#####################################################################\n# bind \uc124\uce58\n#####################################################################\nfunction install_pkgs() {\n  yum -y update\n  yum install -y bind bind-utils\n\n  rm -rf \/var\/cache\/yum\/*\n  rm -f \/var\/lib\/rpm\/__*\n  rpm --rebuilddb -v -v\n  yum clean all\n}\n\n#####################################################################\n# \/etc\/named.conf \ubc31\uc5c5\n#####################################################################\nfunction backup_conf() {\n  cp -fv \/etc\/named.conf \/etc\/named.conf.${CURRENT_TIME}\n}\n\n#####################################################################\n# \/etc\/named.conf \ud3b8\uc9d1\n#####################################################################\nfunction edit_named_conf() {\n  sed -i \"s\/options {\/acl \\\"trusted\\\" {\\n\\t${NETWORK_PREFIX}.0\\\/24;\\n};\\n\\noptions {\/g\" \/etc\/named.conf\n  sed -i \"s\/allow-query     { localhost; };\/allow-transfer  { ${NETWORK_PREFIX}.254; };\\n\\tallow-query     { trusted; };\/g\" \/etc\/named.conf\n  sed -i \"s\/listen-on port 53 { 127.0.0.1; };\/listen-on port 53 { 127.0.0.1; ${NETWORK_PREFIX}.0\\\/24; };\/g\" \/etc\/named.conf\n  echo 'include \"\/etc\/named.conf.local\";' >> \/etc\/named.conf\n}\n\n#####################################################################\n# \/etc\/named.conf.local \ud3b8\uc9d1\n#####################################################################\nfunction edit_named_conf_local() {\n  echo \"zone \\\"${DOMAIN_NAME}\\\" {\" > \/etc\/named.conf.local\n  echo \"    type master;\" >> \/etc\/named.conf.local\n  echo \"    file \\\"\/var\/named\/zone_${DOMAIN_NAME}\\\"; # zone file path\" >> \/etc\/named.conf.local\n  echo \"};\" >> \/etc\/named.conf.local\n  echo \"\" >> \/etc\/named.conf.local\n  echo \"zone \\\"${REVERSE_NETWORK}.in-addr.arpa\\\" {\" >> \/etc\/named.conf.local\n  echo \"    type master;\" >> \/etc\/named.conf.local\n  echo \"    file \\\"\/var\/named\/zone_${REVERSE_NETWORK}\\\"; # ${NETWORK_PREFIX}.0\/24 subnet\" >> \/etc\/named.conf.local\n  echo \"};\" >> \/etc\/named.conf.local\n}\n\n#####################################################################\n# \/var\/named\/zone_${DOMAIN_NAME} \ud3b8\uc9d1\n#####################################################################\nfunction edit_zone1() {\n  echo \"\\$TTL    3H\" > \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"@       IN      SOA     ns1.${DOMAIN_NAME}. admin.${DOMAIN_NAME}. (\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"                        5          ; Serial\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"                        3H         ; Refresh\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"                        1H         ; Retry\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"                        1W         ; Expire\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"                        3H )       ; Negative Cache TTL\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \";\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"                IN      NS      ns1\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"                IN      A       ${NETWORK_PREFIX}.1\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"; name servers - A records\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"ns1             IN      A       ${NETWORK_PREFIX}.254\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"; ${NETWORK_PREFIX}.0\/24 - A records\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"ftp             IN      A       ${NETWORK_PREFIX}.2\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"imap            IN      A       ${NETWORK_PREFIX}.1\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"mail            IN      A       ${NETWORK_PREFIX}.1\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"pop             IN      A       ${NETWORK_PREFIX}.1\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"smtp            IN      A       ${NETWORK_PREFIX}.1\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"tech            IN      A       ${NETWORK_PREFIX}.1\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"www             IN      A       ${NETWORK_PREFIX}.1\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"local           IN      A       ${NETWORK_PREFIX}.254\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"nas             IN      A       ${NETWORK_PREFIX}.2\" >> \/var\/named\/zone_${DOMAIN_NAME}\n  echo \"seetrol         IN      A       ${NETWORK_PREFIX}.101\" >> \/var\/named\/zone_${DOMAIN_NAME}\n}\n\n#####################################################################\n# \/var\/named\/zone_${NETWORK_PREFIX} \ud3b8\uc9d1\n#####################################################################\nfunction edit_zone2() {\n  echo \"\\$TTL    3H\" > \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"@       IN      SOA     ${DOMAIN_NAME}. admin.${DOMAIN_NAME}. (\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"                        5          ; Serial\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"                        3H         ; Refresh\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"                        1H         ; Retry\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"                        1W         ; Expire\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"                        3H )       ; Negative Cache TTL\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"; name servers\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"                IN      NS      ns1.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"; PTR Records\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"254             IN      PTR     ns1.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"1               IN      PTR     imap.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"1               IN      PTR     mail.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"1               IN      PTR     nas.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"1               IN      PTR     pop.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"1               IN      PTR     smtp.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"1               IN      PTR     tech.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"1               IN      PTR     www.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"2               IN      PTR     ftp.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"101             IN      PTR     seetrol.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"2               IN      PTR     nas.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n  echo \"254             IN      PTR     local.${DOMAIN_NAME}.\" >> \/var\/named\/zone_${REVERSE_NETWORK}\n}\n\n#####################################################################\n# \ud37c\ubbf8\uc158 \uc870\uc815\n#####################################################################\nfunction set_perm() {\n  chown root:named \/var\/named\/*\n  chown named:named \/var\/named\/data\n  chown named:named \/var\/named\/dynamic\n  chown named:named \/var\/named\/slaves\n\n  chmod 640 \/var\/named\/*\n  chmod 770 \/var\/named\/data\n  chmod 770 \/var\/named\/dynamic\n  chmod 770 \/var\/named\/slaves\n\n  chown root:named \/etc\/named.*\n  chmod 640 \/etc\/named.*\n}\n\n#install_pkgs\ncp -fv \/etc\/named.conf.20210126_160000 \/etc\/named.conf\nbackup_conf\nedit_named_conf\nedit_named_conf_local\nedit_zone1\nedit_zone2\nset_perm\nnamed-checkzone esvali.com \/var\/named\/zone_${DOMAIN_NAME}\nnamed-checkzone ${REVERSE_NETWORK}.in-addr.arpa \/var\/named\/zone_${REVERSE_NETWORK}\nsystemctl restart named\n#systemctl enable named<\/pre>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<pre class=\"wp-block-syntaxhighlighter-code\">LAN_IF=\"enp2s0\"\nLAN_IP=\"10.10.10.254\"\n${IPTABLES_CMD} -t nat -A PREROUTING -i ${LAN_IF} ! -s ${LAN_IP} -p tcp --dport 53 -j DNAT --to ${LAN_IP}:53 -m comment --comment \"\ub0b4\ubd80 DNS \uc815\ucc45\/tcp\"\n${IPTABLES_CMD} -t nat -A PREROUTING -i ${LAN_IF} ! -s ${LAN_IP} -p udp --dport 53 -j DNAT --to ${LAN_IP}:53 -m comment --comment \"\ub0b4\ubd80 DNS \uc815\ucc45\/udp\"<\/pre>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[39],"tags":[],"class_list":["post-4134","post","type-post","status-publish","format-standard","hentry","category-os_linux_unix_macos"],"_links":{"self":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4134","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4134"}],"version-history":[{"count":0,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/4134\/revisions"}],"wp:attachment":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4134"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4134"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4134"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}