配置各个服务商的对应的ACL:
#cat cnc.txt (在此之举一个例子)
acl cnc{
202.85.216.0/22;
202.85.221.0/24;
202.85.222.0/23;
202.95.18.145/32;
202.95.18.146/31;
202.95.18.148/30;
202.95.18.152/29;
202.95.18.160/27;
202.95.18.192/26;
};
四、配置Bind-View-DLZ-MYSQL:
1、配置view.conf
vim /usr/local/bind/etc/view/view.conf
view "CMCC_view" {
match-clients { key cmcc;dns-ip-list;CMCC;};
allow-query-cache { none; };
allow-recursion { none; };
allow-transfer { none; };
recursion no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=pass%!#@larry }
{select zone from dnstb where zone = '%zone%' and view = 'CMCC' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from DNS_ALL where zone
= '%zone%' and host = '%record%' and (view = 'CMCC' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '%zone%' and view='CMCC'}
{select zone from xfr_table where zone = '%zone%' and client = '%client%' and
view='CMCC' limit 1}
{update data_count set count = count + 1 where zone ='%zone%' and view='CMCC'}";
};
};
view "CNC_view" {
match-clients { key cnc;dns-ip-list;CNC;};
allow-query-cache { none; };
allow-recursion { none; };
allow-transfer { none; };
recursion no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=pass%!#@larry }
{select zone from dnstb where zone = '%zone%' and view = 'CNC' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from DNS_ALL where zone
= '%zone%' and host = '%record%' and (view = 'CNC' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '%zone%' and view='CNC'}
{select zone from xfr_table where zone = '%zone%' and client = '%client%' and
view='CNC' limit 1}
{update data_count set count = count + 1 where zone ='%zone%' and view='CNC'}";
};
};
view "EDU_view" {
match-clients { key edu;dns-ip-list;EDU;};
allow-query-cache { none; };
allow-recursion { none; };
allow-transfer { none; };
recursion no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=pass%!#@larry }
{select zone from DNS_ALL where zone = '%zone%' and view = 'EDU' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from DNS_ALL where zone
= '%zone%' and host = '%record%' and (view = 'EDU' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '%zone%' and view='EDU'}
{select zone from xfr_table where zone = '%zone%' and client = '%client%' and
view='EDU' limit 1}
{update data_count set count = count + 1 where zone ='%zone%' and view='EDU'}";
};
};
view "CT_view" {
match-clients { key ct;dns-ip-list;CT;};
allow-query-cache { none; };
allow-recursion { none; };
allow-transfer { none; };
recursion no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=pass%!#@larry }
{select zone from DNS_ALL where zone = '%zone%' and view = 'CT' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from DNS_ALL where zone
= '%zone%' and host = '%record%' and (view = 'CT' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '%zone%' and view='CT'}
{select zone from xfr_table where zone = '%zone%' and client = '%client%' and
view='CT' limit 1}
{update data_count set count = count + 1 where zone ='%zone%' and view='CT'}";
};
};
view "any_view" {
match-clients { key any;dns-ip-list;ANY;};
allow-query-cache { none; };
allow-recursion { none; };
allow-transfer { none; };
recursion no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=pass%!#@larry }
{select zone from dnstb where zone = '%zone%' and view = 'ANY' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from DNS_ALL where zone
= '%zone%' and host = '%record%' and (view = 'ANY' or view='OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '%zone%' and view='ANY'}
{select zone from xfr_table where zone = '%zone%' and client = '%client%' and
view='ANY' limit 1}
{update data_count set count = count + 1 where zone ='%zone%' and view='ANY'}";
};
};
