nouveau fichier : srv-admin/interfaces

nouveau fichier : srv-admin/nat.sh
	nouveau fichier : srv-dns2/bind/bind.keys
	nouveau fichier : srv-dns2/bind/db.0
	nouveau fichier : srv-dns2/bind/db.127
	nouveau fichier : srv-dns2/bind/db.255
	nouveau fichier : srv-dns2/bind/db.empty
	nouveau fichier : srv-dns2/bind/db.local
	nouveau fichier : srv-dns2/bind/db.monlabo.lan
	nouveau fichier : srv-dns2/bind/db.monlabo.lan.rev
	nouveau fichier : srv-dns2/bind/named.conf
	nouveau fichier : srv-dns2/bind/named.conf.default-zones
	nouveau fichier : srv-dns2/bind/named.conf.local
	nouveau fichier : srv-dns2/bind/named.conf.options
	nouveau fichier : srv-dns2/bind/rndc.key
	nouveau fichier : srv-dns2/bind/zones.rfc1918
	nouveau fichier : srv-service/bind/bind.keys
	nouveau fichier : srv-service/bind/db.0
	nouveau fichier : srv-service/bind/db.127
	nouveau fichier : srv-service/bind/db.255
	nouveau fichier : srv-service/bind/db.empty
	nouveau fichier : srv-service/bind/db.local
	nouveau fichier : srv-service/bind/db.monlabo.lan
	nouveau fichier : srv-service/bind/db.monlabo.lan.rev
	nouveau fichier : srv-service/bind/named.conf
	nouveau fichier : srv-service/bind/named.conf.default-zones
	nouveau fichier : srv-service/bind/named.conf.local
	nouveau fichier : srv-service/bind/named.conf.options
	nouveau fichier : srv-service/bind/rndc.key
	nouveau fichier : srv-service/bind/zones.rfc1918
	nouveau fichier : srv-service/dhcp/debug
	nouveau fichier : srv-service/dhcp/dhclient-enter-hooks.d/debug
	nouveau fichier : srv-service/dhcp/dhclient-exit-hooks.d/debug
	nouveau fichier : srv-service/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes
	nouveau fichier : srv-service/dhcp/dhclient-exit-hooks.d/timesyncd
	nouveau fichier : srv-service/dhcp/dhclient.conf
	nouveau fichier : srv-service/dhcp/dhcpd.conf
	nouveau fichier : srv-service/dhcp/dhcpd6.conf

siotp/sisr1/tp03/srv-dns2/bind/bind.keys

@@ -0,0 +1,49 @@
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+# The bind.keys file is used to override the built-in DNSSEC trust anchors
+# which are included as part of BIND 9.  The only trust anchors it contains
+# are for the DNS root zone (".").  Trust anchors for any other zones MUST
+# be configured elsewhere; if they are configured here, they will not be
+# recognized or used by named.
+#
+# To use the built-in root key, set "dnssec-validation auto;" in the
+# named.conf options, or else leave "dnssec-validation" unset.  If
+# "dnssec-validation" is set to "yes", then the keys in this file are
+# ignored; keys will need to be explicitly configured in named.conf for
+# validation to work.  "auto" is the default setting, unless named is
+# built with "configure --disable-auto-validation", in which case the
+# default is "yes".
+#
+# This file is NOT expected to be user-configured.
+#
+# Servers being set up for the first time can use the contents of this file
+# as initializing keys; thereafter, the keys in the managed key database
+# will be trusted and maintained automatically.
+#
+# These keys are current as of Mar 2019.  If any key fails to initialize
+# correctly, it may have expired.  In that event you should replace this
+# file with a current version.  The latest version of bind.keys can always
+# be obtained from ISC at https://www.isc.org/bind-keys.
+#
+# See https://data.iana.org/root-anchors/root-anchors.xml for current trust
+# anchor information for the root zone.
+
+trust-anchors {
+        # This key (20326) was published in the root zone in 2017.
+        . initial-key 257 3 8 "AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3
+                +/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv
+                ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF
+                0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+e
+                oZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfd
+                RUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwN
+                R1AkUTV74bU=";
+};

siotp/sisr1/tp03/srv-dns2/bind/db.0

@@ -0,0 +1,12 @@
+;
+; BIND reverse data file for "this host on this network" zone
+;
+$TTL	604800
+@	IN	SOA	localhost. root.localhost. (
+			      1		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.

siotp/sisr1/tp03/srv-dns2/bind/db.127

@@ -0,0 +1,13 @@
+;
+; BIND reverse data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	localhost. root.localhost. (
+			      1		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.
+1.0.0	IN	PTR	localhost.

siotp/sisr1/tp03/srv-dns2/bind/db.255

@@ -0,0 +1,12 @@
+;
+; BIND reverse data file for broadcast zone
+;
+$TTL	604800
+@	IN	SOA	localhost. root.localhost. (
+			      1		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.

siotp/sisr1/tp03/srv-dns2/bind/db.empty

@@ -0,0 +1,14 @@
+; BIND reverse data file for empty rfc1918 zone
+;
+; DO NOT EDIT THIS FILE - it is used for multiple zones.
+; Instead, copy it, edit named.conf, and use that copy.
+;
+$TTL	86400
+@	IN	SOA	localhost. root.localhost. (
+			      1		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			  86400 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.

siotp/sisr1/tp03/srv-dns2/bind/db.local

@@ -0,0 +1,14 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	localhost. root.localhost. (
+			      2		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.
+@	IN	A	127.0.0.1
+@	IN	AAAA	::1

siotp/sisr1/tp03/srv-dns2/bind/db.monlabo.lan

@@ -0,0 +1,26 @@
+$ORIGIN .
+$TTL 604800	; 1 week
+monlabo.lan		IN SOA	dns1.monlabo.lan. root.monlabo.lan. (
+				2          ; serial
+				604800     ; refresh (1 week)
+				86400      ; retry (1 day)
+				2419200    ; expire (4 weeks)
+				604800     ; minimum (1 week)
+				)
+			NS	srv-dns2.monlabo.lan.
+			NS	srv-service.monlabo.lan.
+			A	172.16.0.1
+$ORIGIN monlabo.lan.
+dhcp			CNAME	srv-service
+dns			CNAME	srv-service
+dns1			CNAME	srv-service
+dns2			CNAME	srv-dns2
+router			CNAME	srv-admin-jp
+srv-admin-jp		A	172.16.0.254
+srv-dns2		A	172.16.0.2
+srv-service		A	172.16.0.1
+srvadmin		CNAME	srv-admin-jp
+srvdhcp			CNAME	srv-service
+srvdns			CNAME	srv-service
+srvdns1			CNAME	srv-service
+srvdns2			CNAME	srv-dns2

siotp/sisr1/tp03/srv-dns2/bind/db.monlabo.lan.rev

@@ -0,0 +1,18 @@
+$ORIGIN .
+$TTL 604800	; 1 week
+0.16.172.in-addr.arpa	IN SOA	dns1.monlabo.lan. root.monlabo.lan. (
+				2          ; serial
+				604800     ; refresh (1 week)
+				86400      ; retry (1 day)
+				2419200    ; expire (4 weeks)
+				604800     ; minimum (1 week)
+				)
+			NS	srv-dns2.monlabo.lan.
+			NS	srv-service.monlabo.lan.
+			A	172.16.0.1
+$ORIGIN 0.16.172.in-addr.arpa.
+1			PTR	srv-service.monlabo.lan
+2			PTR	srv-dns2.monlabo.lan
+254			PTR	srv-admin-jp.monlabo.lan
+srv-dns2		A	172.16.0.2
+srv-service		A	172.16.0.1

siotp/sisr1/tp03/srv-dns2/bind/named.conf

@@ -0,0 +1,11 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian for information on the
+// structure of BIND configuration files in Debian, *BEFORE* you customize
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";

siotp/sisr1/tp03/srv-dns2/bind/named.conf.default-zones

@@ -0,0 +1,30 @@
+// prime the server with knowledge of the root servers
+zone "." {
+	type hint;
+	file "/usr/share/dns/root.hints";
+};
+
+// be authoritative for the localhost forward and reverse zones, and for
+// broadcast zones as per RFC 1912
+
+zone "localhost" {
+	type master;
+	file "/etc/bind/db.local";
+};
+
+zone "127.in-addr.arpa" {
+	type master;
+	file "/etc/bind/db.127";
+};
+
+zone "0.in-addr.arpa" {
+	type master;
+	file "/etc/bind/db.0";
+};
+
+zone "255.in-addr.arpa" {
+	type master;
+	file "/etc/bind/db.255";
+};
+
+

siotp/sisr1/tp03/srv-dns2/bind/named.conf.local

@@ -0,0 +1,24 @@
+//
+// Do any local configuration here
+//
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
+// zone directe
+zone "monlabo.lan" {
+      type slave;
+      file "/etc/bind/db.monlabo.lan";
+      masters { 172.16.0.1; };
+      masterfile-format text;
+};
+
+// zone inverse 
+zone "0.16.172.in-addr.arpa" {
+      type slave;
+      notify no;
+      file "/etc/bind/db.monlabo.lan.rev";
+      masters { 172.16.0.1; };
+      masterfile-format text;
+};

siotp/sisr1/tp03/srv-dns2/bind/named.conf.options

@@ -0,0 +1,25 @@
+options {
+	directory "/var/cache/bind";
+
+	// If there is a firewall between you and nameservers you want
+	// to talk to, you may need to fix the firewall to allow multiple
+	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+	// If your ISP provided one or more IP addresses for stable 
+	// nameservers, you probably want to use them as forwarders.  
+	// Uncomment the following block, and insert the addresses replacing 
+	// the all-0's placeholder.
+
+	forwarders {
+	 	10.121.38.7;
+		10.121.38.8;
+	};
+
+	//========================================================================
+	// If BIND logs error messages about the root key being expired,
+	// you will need to update your keys.  See https://www.isc.org/bind-keys
+	//========================================================================
+	dnssec-validation auto;
+
+	listen-on-v6 { any; };
+};

siotp/sisr1/tp03/srv-dns2/bind/rndc.key

@@ -0,0 +1,4 @@
+key "rndc-key" {
+	algorithm hmac-sha256;
+	secret "C/azJIH5/7/DBUhUhHEiAHwFRLq05tihHxBOwY/bnD8=";
+};

siotp/sisr1/tp03/srv-dns2/bind/zones.rfc1918

@@ -0,0 +1,20 @@
+zone "10.in-addr.arpa"      { type master; file "/etc/bind/db.empty"; };
+ 
+zone "16.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "17.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "18.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "19.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "20.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "21.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "22.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "23.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "24.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "25.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "26.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "27.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "28.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "29.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "30.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "31.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+
+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };