[CentOS] Wildcard DNS
Peter Farrow
peter at farrows.org
Fri Aug 19 20:35:30 UTC 2005
on some of my name servers I use entries like this to generate generic
reverse lookups
$generate 69-254 $ PTR ip-195-206-108-$.soundnetworks.net.
* PTR generic.soundnetworks.net.
you can do the same for forward lookups,
But a better way is to use iptables: in iptables if you have a linux
box as your default gateway, you can use it to say trap port 80 out
bound and redirect to port 80 on the local box itself or any other local
box, that way you can avoid the DNS stuff eg:
iptables -t nat -A PREROUTING -i $INT_IFACE -p tcp --dport 80 -j
REDIRECT --to-port 80
This will redirect ALL port 80 requests to any remote ip to port 80 on
the local box, you can check it works if you doubt it by starting up
sendmail on the same box making sure sendmail is not running on
127.0.0.1 only and changing the 80s above to 25.
Then from inside the LAN telnet to ANY remote ip address on port 25 and
your firewall sendmail will trap it, in the same way change it port 80
and whatever url you type your local webserver will serve it....make
sure your local webserver is not set to serve virtual hosts.....that way
it does not look at the actual url requested in the http header..
Regards
Pete
Alan Hodgson wrote:
>On Fri, Aug 19, 2005 at 10:54:05AM -0500, Mike Kercher wrote:
>
>
>>>Setup your server to be authoritative for root (.) and serve
>>>up a *. A record in there. Some of the alternate root
>>>network sites (ie. OpenNIC) have instructions for setting up
>>>BIND to be authoritative for .
>>>
>>>
>>Thanks Alan. I'm googling now. If you have a link, I'd appreciate it :)
>>
>>
>>
>
>Something like:
>
>zone "." in
>{
> type master;
> file "root.zone";
>};
>
>... instead of the type hint section for .
>
>It's been a long time since I used BIND, so this is just a suggestion.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20050819/1a1de22d/attachment.html>
More information about the CentOS
mailing list