# Example simplified mararc file.
# This only shows a subset of MaraDNS' features needed to be an
# authoritative and recursive name server. Look at
# detailed/example_full_mararc for an example showing most of
# the features that MaraDNS has.
# Note that this example mararc file will not actually do anything
# without modification.
# Look in the doc/en/examples directory for a working example
# authoritative nameserver, and a working recursive nameserver.
# The various zones we support
# When running in authoritative mode, we must initialize the csv1 hash,
# or MaraDNS will be unable to load any zone files
csv1 = {}
# This is just to show the format of the file
# Note the this is commented out. Any line that starts with
# a '#' is not read by the parser. Remove the leading '# ' to
# enable any line that is commented out
# csv1["example.com."] = "db.example.com"
# Naturally, we can have multiple zone files
# csv1["example.org."] = "db.example.org"
# The address this DNS server runs on. If you want to bind
# to all addresses a given machine has, use "0.0.0.0".
# Note that binding to all address can cause problems; please read
# the FAQ.
bind_address = "127.0.0.3"
# The directory with all of the zone files
chroot_dir = "/etc/maradns"
# The numeric UID MaraDNS will run as
maradns_uid = 99
# The maximum number of threads (or processes, with the zone server)
# MaraDNS is allowed to run
maxprocs = 96
# Most of the time, this can stay 3. However, when registering
# a domain under .de, .au, and possibly other top-level-domains,
# this needs to have a value of 15.
default_rrany_set = 3
# The number of messages we log to stdout
# 0: No messages except for fatal parsing errors and the legal
# disclaimer
# 1: Only startup messages logged (default)
# 2: Error queries logged
# 3: All queries logged (but not very verbosely right now)
verbose_level = 1
# Initialize the IP aliases, which are used by the list of root
# name servers, the ACL for zone transfers, and the ACL of who gets
# to perform recursive queries
ipv4_alias = {}
# Other root servers are in the full example mararc file
# Here is a ACL which restricts who is allowed to perform zone
# transfer from the zoneserver program
# VERY IMPORTANT: Do not put spaces in the zone_transfer_acl list
# Good: zone_transfer_acl = "10.2.3.4,10.2.3.6"
# Bad: zone_transfer_acl = "10.2.3.4, 10.2.3.6"
# Simplest form: 10.1.1.1/24 (IP: 10.1.1.1, 24 left bits in IP need
# to match) and 10.100.100.100/255.255.255.224 (IP: 10.100.100.100,
# netmask 255.255.255.224) are allowed to connect to the zone server
# NOTE: The "maradns" program does not serve zones. Zones are served
# by the "zoneserver" program.
# zone_transfer_acl = "10.1.1.1/24,10.100.100.100/255.255.255.224"
# If you want to enable recursion on the loopback interface, uncomment
# the relevent lines in the following section
# Recursive ACL: Who is allowd to perform recursive queries. The
# format is identical to that of "zone_transfer_acl", including
# ipv4_alias support
# ipv4_alias["localhost"] = "127.0.0.0/8"
# recursive_acl = "localhost"
# Random seed file: The file form which we read 16 bytes from to
# get the 128-bit random seed. This is ideally a file which is
# a good source of random numbers, but can also be a fixed file
# if your OS does not have a decent random number generator (make
# sure the contents of that file is # random and with 600 perms,
# owned by root, since we read the file *before* dropping root
# privledges)
# random_seed_file = "/dev/urandom"
# The maximum number of elements we can have in the cache. If we
# have more elements in the cache than this amount, the
# "custodian" kicks in to effect, removing elements not recently
# accessed from the cache (8 elements removed per query) until we
# are at the 99% level or so again.
# maximum_cache_elements = 1024
# The root servers which we use when making recursive queries.
# Various sets of root name servers
# Note: Netmasks can exist, but are ignored when specifying root
# name servers
# ICANN: the most common and most controversial root name server
# http://www.icann.org
ipv4_alias["icann"] = "198.41.0.4,128.9.0.107,192.33.4.12,128.8.10.90,192.203.230.10,192.5.5.241,192.112.36.4,128.63.2.53,192.36.148.17,192.58.128.30,193.0.14.129,198.32.64.12,202.12.27.33"
# OSRC: http://www.open-rsc.org/
ipv4_alias["osrc"] = "199.166.24.1,205.189.73.102,199.166.24.3,207.126.103.16,195.117.6.10,205.189.73.10,204.57.55.100,213.196.2.97"
# The following line must be uncommented to enable recursive
# queries when contacting the root name servers
# root_servers = {}
# You can choose which set of root servers to use. Current values
# (set above) are: icann, and osrc
# Other alternate registries are listed in the example_full_mararc file
# root_servers["."] = "osrc"
# The following line is uncommented to enable recursive queries
# when contacting upstream name servers (see below)
# upstream_servers = {}
# If one wishes to, instead of pointing to a list of actual root servers,
# have MaraDNS, in recursive mode, contact other recursive name servers
# which in turn perform recursion to process a given query, use
# the upstream_servers variable instead. Both upstream_servers and
# root servers can not be set.
# upstream_servers["."] = "usually_your_isps_dns_servers"
# We can also blacklist known spam-friendly DNS servers, so that
# MaraDNS refuses to query known spam-friendly DNS servers
# As of August 12, 2001, azmalink.net is a known spam-friendly DNS
# provider (see doc/en/misc/spammers/azmalink.net for details).
# Note that this is based on IPs, and azmalink.net constantly
# changes IPs (as they constantly have to change ISPs)
# Updated 2002/10/12 to reflect Azmalink's current ISP
ipv4_alias["azmalink"] = "12.164.194.0/24"
# As of September 20, 2001, hiddenonline.net is a known spam-friendly
# DNS provider (see doc/en/misc/spammers/hiddenonline for details).
ipv4_alias["hiddenonline"] = "65.107.225.0/24"
spammers = "azmalink,hiddenonline"
# And that does it for the caching at this point
