named-checkzone fail
Lee
ler762 at gmail.com
Tue Sep 10 17:55:06 UTC 2024
I had a few typos in an RPZ file where I had a comma instead of a dot.
I tried using named-checkzone to find all the typos but it didn't
complain about anything!? Is that expected behavior?
And a related question.. can anyone recommend a vim syntax file
checker for bind files?
$ named-checkzone rpz.mozilla /etc/bind/db.rpz-mozilla
zone rpz.mozilla/IN: loaded serial 2024091001
OK
$ cat /etc/bind/db.rpz-mozilla
$ORIGIN rpz.mozilla.
; https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https
; return NXDOMAIN for use-application-dns.net name lookup
; https://kb.isc.org/docs/using-response-policy-zones-to-disable-mozilla-doh-by-default
$TTL 604800
@ IN SOA localhost. root.home.net. (
2024091001 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Minimum
IN NS localhost.
; tell Firefox to not use DOH (Dns Over Https)
use-application-dns.net CNAME .
broken-cname.net CNAME , <=============
COMMA not a period
; --- end ---
$ dig broken-cname.net
; <<>> DiG 9.16.50-Debian <<>> broken-cname.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62006
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1432
; COOKIE: ad32c4ae2224c66d0100000066e082286d1625c0e8f2160c (good)
;; QUESTION SECTION:
;broken-cname.net. IN A
;; ANSWER SECTION:
broken-cname.net. 5 IN CNAME ,.rpz.mozilla.
;; AUTHORITY SECTION:
rpz.mozilla. 604800 IN SOA localhost.
root.home.net. 2024091001 604800 86400 2419200 604800
;; ADDITIONAL SECTION:
rpz.mozilla. 1 IN SOA localhost.
root.home.net. 2024091001 604800 86400 2419200 604800
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 10 13:30:16 EDT 2024
;; MSG SIZE rcvd: 194
More information about the bind-users
mailing list