## ## unbound.conf -- Unbound DNS resolver configuration ## server: verbosity: 1 num-threads: 16 interface: 127.0.0.1 port: 53 access-control: 0.0.0.0/0 refuse access-control: 127.0.0.0/8 allow access-control: ::0/0 refuse access-control: ::1 allow access-control: ::ffff:127.0.0.1 allow chroot: "" do-daemonize: yes username: "@l_nusr@" pidfile: "@l_prefix@/var/unbound/run/unbound.pid" logfile: "@l_prefix@/var/unbound/log/unbound.log" use-syslog: no log-time-ascii: yes log-queries: yes root-hints: "unbound.root.zone" local-zone: "local." static remote-control: control-enable: yes control-interface: 127.0.0.1 control-interface: ::1 control-port: 8953 server-key-file: "@l_prefix@/etc/unbound/unbound_server.key" server-cert-file: "@l_prefix@/etc/unbound/unbound_server.pem" control-key-file: "@l_prefix@/etc/unbound/unbound_control.key" control-cert-file: "@l_prefix@/etc/unbound/unbound_control.pem" ;; ;; db.root -- Internet Root Nameservers ;; DO NOT EDIT, IT WAS AUTOMATICALLY CREATED ON 2014-08-22 BY db.root.sh! ;; . 99999999 IN NS A.ROOT-SERVERS.NET. . 99999999 IN NS B.ROOT-SERVERS.NET. . 99999999 IN NS C.ROOT-SERVERS.NET. . 99999999 IN NS D.ROOT-SERVERS.NET. . 99999999 IN NS E.ROOT-SERVERS.NET. . 99999999 IN NS F.ROOT-SERVERS.NET. . 99999999 IN NS G.ROOT-SERVERS.NET. . 99999999 IN NS H.ROOT-SERVERS.NET. . 99999999 IN NS I.ROOT-SERVERS.NET. . 99999999 IN NS J.ROOT-SERVERS.NET. . 99999999 IN NS K.ROOT-SERVERS.NET. . 99999999 IN NS L.ROOT-SERVERS.NET. . 99999999 IN NS M.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 99999999 IN A 198.41.0.4 A.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:503:ba3e::2:30 B.ROOT-SERVERS.NET. 99999999 IN A 192.228.79.201 B.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:500:84::b C.ROOT-SERVERS.NET. 99999999 IN A 192.33.4.12 C.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:500:2::c D.ROOT-SERVERS.NET. 99999999 IN A 199.7.91.13 D.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:500:2d::d E.ROOT-SERVERS.NET. 99999999 IN A 192.203.230.10 F.ROOT-SERVERS.NET. 99999999 IN A 192.5.5.241 F.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:500:2f::f G.ROOT-SERVERS.NET. 99999999 IN A 192.112.36.4 H.ROOT-SERVERS.NET. 99999999 IN A 128.63.2.53 H.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:500:1::803f:235 I.ROOT-SERVERS.NET. 99999999 IN A 192.36.148.17 I.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:7fe::53 J.ROOT-SERVERS.NET. 99999999 IN A 192.58.128.30 J.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:503:c27::2:30 K.ROOT-SERVERS.NET. 99999999 IN A 193.0.14.129 K.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:7fd::1 L.ROOT-SERVERS.NET. 99999999 IN A 199.7.83.42 L.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:500:3::42 M.ROOT-SERVERS.NET. 99999999 IN A 202.12.27.33 M.ROOT-SERVERS.NET. 99999999 IN AAAA 2001:dc3::35 #!/bin/sh ROOTFILE=./unbound.root.zone echo '@l_prefix@' | egrep '^@l_' | egrep 'prefix@$' >/dev/null if [ $? -eq 0 ]; then CURL='curl' DIG='dig' else CURL='@l_prefix@/bin/openpkg curl' DIG='@l_prefix@/bin/dig' fi date=`date '+%Y-%m-%d'` cat >$ROOTFILE <$ROOTFILE.raw for i in A B C D E F G H I J K L M; do ${DIG} @$i.ROOT-SERVERS.NET . NS >>$ROOTFILE.raw done [ -f $ROOTFILE.raw ] || exit 1 awk <$ROOTFILE.raw ' /[ ]NS[ ]/ { printf("%-20s 99999999 IN NS %s\n", $1, toupper($NF)); } /[ ]AAAA[ ]/ { printf("%-20s 99999999 IN AAAA %s\n", toupper($1), tolower($NF)); } /[ ]A[ ]/ { printf("%-20s 99999999 IN A %s\n", toupper($1), tolower($NF)); } ' |\ egrep -v '^;' |\ sort -u >>$ROOTFILE echo "" >>$ROOTFILE rm $ROOTFILE.raw