Tuesday, June 9, 2009

Setting reverse DNS in Bind in Debian

If you have a simple DNS setting without Reverse DNS, this might help you to setup.

Step 1: Add Reverse zone entery in /etc/bind/named.conf
// add local zone definitions here

zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/yourdomain.rev";


zone "yourdomain.com" {
type master;
file "/etc/bind/yourdomain.com";
allow-query { any; };

Step 2: Create the /etc/bind/yourdomain.rev file

$TTL 3000
@ IN SOA ns.yourdomain.com. postmaster.yourdomain.com. (
1312 ; Serial
300 ; Refresh
150 ; Retry
4W ; Expire
1H ) ; Negative Cache TTL

;
; NS
;

IN NS ns.yourdomain.com.


1 IN PTR www.yourdomain.com.
2 IN PTR mail.yourdomain.com.


Step 3: Reload the configuration
/etc/init.d/bind force-reload


Step 4: Test the Reverse lookup
before doing that make sure your DNS is right one in /etc/resolve.conf file,

#dnslookup
> mail.yourdomain.com
Server: 192.168.0.1
Address: 192.168.0.1#53

Non-authoritative answer:
Name: mail.yourdomain.com
Address: 192.168.0.2
> 192.168.0.2
Server: 192.168.0.1
Address: 192.168.0.1#53

2.0.168.192.in-addr.arpa name = mail.yourdomain.com.

http://www.debuntu.org/2006/08/05/85-how-to-setting-up-a-dns-zone-with-bind9/2

Allow TFTP traffic Through IPCOP Firewall

It is weired that IPCOP block the tftp traffic from external server to internal. In order to work properly we have to add rule manually in the /etc/rc.d/

imran@imran-laptop:~$ ssh root@192.168.0.1 -p 222
root@10.47.0.1's password:
Last login: Mon Jun 8 16:21:12 2009 from imran-laptop.owera.com
root@firewall:~ # nano /etc/rc.d/rc.network


## add following for TFTP traffic

modprobe ip_conntrack_tftp
modprobe ip_nat_tftp



Reboot the Firewall to take effect or enter the above command in command line.

Further Info:

http://keystoneit.wordpress.com/2007/11/25/tftp-through-ipcop-or-other-iptables-firewalls/