Current File : //scripts/rebuilddnsconfig
#!/usr/local/cpanel/3rdparty/bin/perl

#                                      Copyright 2024 WebPros International, LLC
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited.

use strict;
use warnings;

use Cpanel::DNSLib                  ();
use Cpanel::OS                      ();
use Cpanel::FileUtils::Move         ();
use Cpanel::FileUtils::Copy         ();
use Cpanel::Path                    ();
use Cpanel::StringFunc::Count       ();
use Cpanel::StringFunc::Match       ();
use Cpanel::SafetyBits              ();
use Cpanel::NameServer::Conf        ();
use Cpanel::NameServer::Utils::BIND ();
use Cpanel::Validate::Domain::Tiny  ();
use Cpanel::DNSLib                  ();
use Cpanel::SafeDir::MK             ();

use Getopt::Std;
$Getopt::Std::STANDARD_HELP_VERSION = 1;

######[ declare some globals ]#####################################################################

# default location of zone files used for rebuilding named.conf
my $def_basedir;

# default location of named.conf
my $def_namedconf;

# default log directory for named
my $def_logdir;

# default location of pidfile
my $def_pidfile = '/var/run/named/named.pid';

# Verbose variable, if set to "1" actions are reported to STDOUT.
my $cpverbose = 0;

# We sent this to fixrndc, if it sends it back that means we've got a loop
my $selfcalled = 0;

my %options = ();
getopts( 'sfv', \%options );
if ( defined( $options{'v'} ) ) { $cpverbose  = 1; }
if ( defined( $options{'s'} ) ) { $selfcalled = 1; }

if ( $selfcalled == 1 ) {
    print "Loop detected, exiting.\n";
    exit;
}

######[ set defaults based on distro/OS ]##########################################################

$def_basedir   = Cpanel::OS::dns_named_basedir();    # /var/named
$def_namedconf = Cpanel::OS::dns_named_conf();       # /etc/named.conf
$def_logdir    = Cpanel::OS::dns_named_log();        # /var/log/named
my $perms_hr = Cpanel::OS::var_named_permissions();

######[ ensure base directory structure is created ]###############################################

my ( $chrootdir, $binduser, $bindgroup ) = Cpanel::NameServer::Utils::BIND::find_chrootbinddir();
my $binduid = getpwnam($binduser)  || die "$binduser not in passwd file";
my $bindgid = getgrnam($bindgroup) || die "$bindgroup not configured on the system";

# Set up directory structure
if ( !-d $def_basedir ) {
    if ( -e _ ) {
        Cpanel::FileUtils::Move::safemv( $def_basedir, $def_basedir . '.cpback' );
    }
    Cpanel::SafeDir::MK::safemkdir( $def_basedir, $perms_hr->{'mode'} );
}
else {
    chmod( $perms_hr->{'mode'}, $def_basedir ) or warn "Can't chmod $def_basedir to $perms_hr->{'mode'}: $!";
}
Cpanel::SafetyBits::safe_chown( $perms_hr->{'ownership'}->@*, $def_basedir );

# I would have added the above to iterator but for the differing owner on c9
my @dirs2create = ( "$def_basedir/data", $def_logdir, '/var/run/named' );
my @chrootdirs  = map { $chrootdir . $_ } qw{/etc /var /var/named /var/named/data /var/run /var/run/named};
push @dirs2create, @chrootdirs if $chrootdir;
foreach my $dir (@dirs2create) {
    Cpanel::SafeDir::MK::safemkdir_or_die( $dir, 0755 ) if !-e $dir;
    Cpanel::SafetyBits::safe_chown( $binduid, $bindgid, $dir );
}

my @rfc1912_files = qw{localdomain.zone named.broadcast named.ip6.local named.local named.zero named.rfc1912.zones};
if ( grep { !-e $_ } map { $def_basedir . "/$_" } @rfc1912_files ) {

    # RFC1912
    Cpanel::FileUtils::Copy::safecopy( '/usr/local/cpanel/scripts/named.rfc1912.zones', "$def_basedir/named.rfc1912.zones" );
    system 'tar', 'xvf', '/usr/local/cpanel/scripts/rfc1912_zones.tar', '-C', $def_basedir;    # uses new .tar without the ./named/ directory so we can use it for both
    if ($chrootdir) {
        system 'tar', 'xvf', '/usr/local/cpanel/scripts/rfc1912_zones.tar', '-C', $chrootdir . '/var/named';
    }
}

######[ create a brand new named.conf from a default template if needed ]##########################

if ( !-e $def_namedconf || -z _ ) {    # no named.conf or zero bytes

    print "Installing default Bind configuration\n" if $cpverbose;

    #>>>>>[ Write default configuration w/ proper basedir ]>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

    if ( open my $conf_fh, '>', $def_namedconf ) {
        foreach (&getdefault_nameddotconf) {
            s/###BASE_DIR###/$def_basedir/g;
            s/###PID_FILE###/$def_pidfile/g;
            print {$conf_fh} $_;
        }
        close $conf_fh;
    }

    clearcache();

    # Reset ownership
    Cpanel::SafetyBits::safe_recchown( 'named', 'named', $def_basedir );

    # Force
    $options{'f'} = 1;
}
else {
    # As of BIND 9.16
    # The keyword additional_from_cache_line will cause a warning
    # As of BIND 9.18
    # The keyword additional_from_cache_line will cause an error
    # Strip that out if it exists and we are on BIND 9.16+

    my $named_ref = Cpanel::NameServer::Utils::BIND::named_version();
    if ( $named_ref->{success} && ( "$named_ref->{major}.$named_ref->{minor}" >= 9.16 ) ) {
        require Path::Tiny;

        my $file         = Path::Tiny::path($def_namedconf);
        my @lines        = $file->lines();
        my @output_lines = grep { $_ !~ m/additional-from-cache/ } @lines;
        $file->spew(@output_lines);
    }
}

my $dnslib = Cpanel::DNSLib->new();

my $needpid = 0;

######[> Ensure all .db's have an entry in named.conf and vice versa >]############################

# suck up all zones of the named.conf and zone dir in memory for fast parsing, heavy on mem side but better than thrashing hdd

my $ndc_fh;

my $namedconf_obj = Cpanel::NameServer::Conf->new();

# start with a freshly rebuild conf file when force is specified (also happens when named.conf was empty)
if ( $options{'f'} && $namedconf_obj->type() ne 'bind' ) {
    $namedconf_obj->rebuild_conf();
}
my %current_zone_entries = map { $_ => 1 } @{ $namedconf_obj->fetchzones() };

opendir my $zone_dh, $def_basedir or die "Unable to read zone file directory $def_basedir: $!";
my @zonedir_contents = readdir($zone_dh);
closedir $zone_dh;

my %current_zone_files = ();
foreach my $zonefile (@zonedir_contents) {
    if ( $zonefile =~ /^([\w\-.]+)\.db$/ && Cpanel::Validate::Domain::Tiny::validdomainname($1) ) {
        $current_zone_files{$1} = 1;
    }
}

my %bad_zones = %current_zone_entries;
delete @bad_zones{ keys %current_zone_files };
delete $bad_zones{'.'};

my %missing_zones = %current_zone_files;
delete @missing_zones{ keys %current_zone_entries };

# make sure all zones.db files have entry in named.conf
# Add missing files to named.conf
if ( scalar keys %missing_zones ) {
    print "Adding zones " . join( ' ', keys %missing_zones ) . "\n" if $cpverbose;
    $namedconf_obj->addzones( keys %missing_zones );
}

# make sure all entries in named.conf have zone files
if ( scalar keys %bad_zones ) {
    print 'Removing zones ' . join( ' ', keys %bad_zones ) . " from configuration, zonefiles missing\n" if $cpverbose;
    $namedconf_obj->removezones( keys %bad_zones );
}

$namedconf_obj->finish();

######[> Handle chroot setups >]###################################################################

# This logic is required due to how bind-chroot symlinks /etc/named.conf to the chroot location
# And how File::Copy will not follow the symlinks, but will recreate them instead
if ( -l $def_namedconf ) {
    my $target = readlink $def_namedconf;
    print "Symlink detected: $target\n";

    if ( open( $ndc_fh, '<', $target ) ) {
        unlink $def_namedconf;
        print "Restoring $def_namedconf from $target before proceeding\n";
        Cpanel::FileUtils::Copy::safecopy( $target, $def_namedconf );
    }
    else {
        print "Failed to read symlinked $def_namedconf [$target]. Cannot continue.\n";
        exit 1;
    }
}
else {
    open( $ndc_fh, "<", $def_namedconf );
}

open( my $ndf_fh, ">", $def_namedconf . '.rebuilddnsconfig' );

if ( !$ndc_fh ) {
    open( $ndc_fh, "<", $def_namedconf );
}

my $inc               = 0;
my $firstline         = 0;
my $numbrace          = 0;
my $zonemarker        = 0;
my $cppcomment        = 0;
my $currzone          = '';
my $skip_next_opening = 0;
my $zonedir           = Cpanel::DNSLib::find_zonedir();

while (<$ndc_fh>) {

    # Rudamentary comment exclusion.
    if ($cppcomment) {
        if (m/\*\//) {
            $cppcomment = 0;
        }
        print $ndf_fh $_;
        next;
    }
    if (m/^\s*\#/) {
        print $ndf_fh $_;
        next;
    }
    if (m/^\s*\/\//) {
        print $ndf_fh $_;
        next;
    }
    if (m/^\s*\/\*/) {
        $cppcomment = 1;
        print $ndf_fh $_;
        next;
    }
    if ( $skip_next_opening && m/^\s*\{\s*$/ ) {
        $skip_next_opening = 0;
        $numbrace++;
        next;
    }
    next if m/bind.conf.wp/;
    next if ( m/\s*include\s+/ && m/rndc.key/ );
    if ( $needpid && m/pid-file/ ) {
        next;
    }

    if (m/\s*zone\s+["']([^"']+)/) {
        $zonemarker = 1;
        $currzone   = $1;
    }
    elsif (m/\s*include\s+["']([^"']+)/) {
        my $file      = $1;
        my $filemtime = ( stat($file) )[9];
        if ( -f _ ) {
            copytochroot( $file, $filemtime );
        }
    }

    if ($zonemarker) {
        $numbrace += Cpanel::StringFunc::Count::get_curly_brace_count($_);

        if ( $numbrace == 0 ) {
            $zonemarker = 0;
        }

        if (m/(.*[\s\t\;\{])file\s+(["'])([^"']+)(.*)/) {
            my $postfile    = $4;
            my $file        = $3;
            my $prefile     = $2;
            my $space       = $1;
            my $relativedir = '';
            my $fileold     = $file;

            if ( !Cpanel::StringFunc::Match::beginmatch( $file, '/' ) ) {
                if ( $file =~ m/^([^\/]+)/ ) {
                    $relativedir = $1;
                }
            }

            my $filename = $file;
            if ( $file =~ m/([^\/]+)$/ ) {
                $filename = $1;
            }

            my $filenew = $zonedir . '/' . $filename;

            if ( $file eq $filenew ) {
                print $ndf_fh $_;
            }
            elsif ( !Cpanel::StringFunc::Match::beginmatch( $file, '/' ) ) {
                $file = $filenew;
                print "Updating $fileold to $filenew\n";

                #print $ndf_fh "${space}file ${prefile}${filenew}${postfile}";
            }
            else {
                if ( !Cpanel::StringFunc::Match::beginmatch( $file, '/dev/' ) ) {
                    $filenew = $zonedir . '/' . $filename;
                    print "Updating $file to $filenew\n";

                    #print $ndf_fh "${space}file ${prefile}${filenew}${postfile}";
                }
                else {
                    $filenew = $file;
                    print $ndf_fh $_;
                }
            }

            my $absfilename = '';

            if ( $relativedir ne '' ) {
                $absfilename = Cpanel::Path::relative2abspath( $relativedir, $zonedir ) . '/' . $filename;
            }
            if ( $absfilename ne '' && -e $absfilename ) {
                $file = $absfilename;
            }

            my ( $fileinode,    $filemtime )    = stat($file);
            my ( $filenewinode, $filenewmtime ) = stat($filenew);

            if ( !$filemtime ) {
                print "!! $file does not exist, unable to locate.\n";
                print "!! Run /usr/local/cpanel/scripts/cleandns to remove zone without corresponding files.\n";
                print "!! Or locate the proper zone file and place in $zonedir and rerun\n";
                print "!! This script with the following options: /script/fixndc -fv\n";
                next;
            }

            if ( !$filenewmtime ) {
                print "Moving $file to $filenew ...\n";
                Cpanel::FileUtils::Move::safemv( $file, $filenew );
            }
            elsif ( $fileinode != $filenewinode && ( $filenewmtime > time() || $filemtime > $filenewmtime ) ) {    # timewarp safe
                Cpanel::FileUtils::Copy::safecopy( $file, $filenew );
                Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $filenew );
            }

            copytochroot( $filenew, $filemtime );
            next;
        }
    }

    # Match for zone and file declaration on one line.
    if ( m/.*[\s\t\;\{]file\s+["'][^"']+/ && m/[\s\;]*zone/ ) {
        m/(.*[\s\t\;\{])file\s+["']([^"']+)(.*)/;
        my $file        = $2;
        my $space       = $1;
        my $space2      = $3;
        my $relativedir = '';

        my $currzone = '';
        my $delim    = '"';
        if (m/\s*zone\s+(["'])([\w\-\.]+)["']/) {
            $zonemarker = 1;
            $currzone   = $2;
            $delim      = $1;
        }
        m/zone\s+(.*)/;
        $numbrace += Cpanel::StringFunc::Count::get_curly_brace_count($1);
        if ( $numbrace <= 0 ) {
            $zonemarker = 0;
        }

        if ( !Cpanel::StringFunc::Match::beginmatch( $file, '/' ) ) {
            if ( $file =~ m/^([^\/]+)/ ) {
                $relativedir = $1;
            }
        }
        my $filename = $file;
        if ( $file =~ m/([^\/]+)$/ ) {
            $filename = $1;
        }
        my $filenew = $zonedir . '/' . $filename;

        if ( $file eq $filenew ) {
            print $ndf_fh $_;
        }
        elsif ( !Cpanel::StringFunc::Match::beginmatch( $file, '/' ) ) {
            $file = $filenew;
            print "Updating $file to $filenew\n";

            #print $ndf_fh "${space}file ${delim}${filenew}${space2}";
        }
        else {
            if ( !Cpanel::StringFunc::Match::beginmatch( $file, '/dev/' ) ) {
                $filenew = $zonedir . '/' . $filename;
                print "Updating $file to $filenew\n";

                #print $ndf_fh "${space}file ${delim}${filenew}${space2}";
            }
            else {
                $filenew = $file;
                print $ndf_fh $_;
            }
        }

        my $absfilename = '';
        if ($relativedir) {
            $absfilename = Cpanel::Path::relative2abspath( $relativedir, $zonedir ) . '/' . $filename;
        }
        if ( $absfilename ne '' && -e $absfilename ) {
            $file = $absfilename;
        }

        my $mtime = 0;
        if ( -e $file ) {
            $mtime = ( stat(_) )[9];
            if ( !-e $filenew ) {
                print "Moving $file to $filenew ...\n";
                Cpanel::FileUtils::Move::safemv( $file, $filenew );
            }
            elsif (( stat($file) )[1] != ( stat($filenew) )[1]
                && ( ( stat($filenew) )[9] > time() || $mtime > ( stat($filenew) )[9] ) ) {    # timewarp safe
                Cpanel::FileUtils::Copy::safecopy( $file, $filenew );
                Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $filenew );
            }
        }
        else {
            print "!! $file does not exist, unable to locate.\n";
            print "!! Run /usr/local/cpanel/scripts/cleandns to remove zone without corresponding files.\n";
            print "!! Or locate the proper zone file and place in $zonedir and rerun\n";
            print "!! This script with the following options: /script/fixndc -fv\n";
            $filenew = '';
        }

        if ( $filenew ne '' ) {
            copytochroot( $filenew, $mtime );
        }
    }

    if ( !$inc ) {
        print $ndf_fh $_;
    }
    else {
        if ($firstline) {
            $firstline = 0;
            next;
        }
        $numbrace += Cpanel::StringFunc::Count::get_curly_brace_count($_);
        if ( $numbrace == 0 ) {
            $inc = 0;
        }
    }

    if ( $needpid && m/^\s*options\s*/ ) {
        if ( !m/\{/ ) {

            #print $ndf_fh "{\n\tpid-file \"/var/run/named/pid\"\;\n";
            $skip_next_opening = 1;
        }
        else {

            #print $ndf_fh "\tpid-file \"/var/run/named/pid\"\;\n";
        }
        next;
    }
}

close $ndc_fh;
close $ndf_fh;

Cpanel::FileUtils::Copy::safecopy( $def_namedconf, $def_namedconf . '.prerebuilddnsconfig' );

clearcache();

Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $def_namedconf );

if ( $chrootdir ne '' ) {
    print "Updated $def_namedconf in chroot directory\n" if $cpverbose;
    if ( -e $chrootdir . $def_namedconf ) {
        if ( ( stat($def_namedconf) )[1] != ( stat( $chrootdir . $def_namedconf ) )[1] ) {
            Cpanel::FileUtils::Copy::safecopy( $def_namedconf, $chrootdir . $def_namedconf );
            Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $chrootdir . $def_namedconf );
        }
    }
    else {
        Cpanel::FileUtils::Copy::safecopy( $def_namedconf, $chrootdir . $def_namedconf );
        Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $chrootdir . $def_namedconf );
    }
}

# Reset ownership of named.conf
print "Changing ownership of $def_namedconf: $binduser:$bindgroup\n" if $cpverbose;
Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $def_namedconf );

if ( !-e '/var/cpanel/usensd' ) {
    print "Restarting Bind\n" if $cpverbose;
    system('/usr/local/cpanel/scripts/restartsrv_named');
}
else {

    # This will also regenerate the zone database
    print "Restarting NSD\n" if $cpverbose;
    system('/usr/local/cpanel/scripts/restartsrv_nsd');
}

######[ call fixrndc to ensure working rndckey config ]############################################

if ( !-e '/var/cpanel/usensd' ) {

    print "Running `/usr/local/cpanel/scripts/fixrndc -f` to check rndc key\n" if $cpverbose;
    my $opts = $cpverbose ? '-fvs' : '-fs';
    exec( '/usr/local/cpanel/scripts/fixrndc', $opts );
}

exit(0);

################################################################################
# sub copytochroot
################################################################################

sub copytochroot {
    my $filenew = shift;

    # mtime of original file
    my $mtime = shift || 0;
    if ( $chrootdir ne '' ) {
        my $chrootfile = $chrootdir . $filenew;
        print "Copying $filenew to $chrootfile\n" if $cpverbose;
        my ( $fsinode, $fsmode, $fsuid, $fsgid, $fsmtime ) = ( stat($filenew) )[ 1, 2, 4, 5, 9 ];
        my $fsperms = $fsmode & 07777;
        if ( -e $chrootfile ) {
            my ( $chrootinode, $chrootmode, $chrootuid, $chrootgid, $chrootmtime ) = ( stat(_) )[ 1, 2, 4, 5, 9 ];
            my $chrootperms = $chrootmode & 07777;
            if ($mtime) {
                my $now = time();
                if ( $fsinode != $chrootinode
                    && ( $mtime > $chrootmtime || $mtime > $now || $chrootmtime > $now || $chrootuid != $binduid || $chrootgid != $bindgid || $chrootperms != $fsperms ) ) {    #timewarp safe
                    if ( Cpanel::FileUtils::Copy::safecopy( $filenew, $chrootfile ) ) {
                        print "Copied $filenew to chroot environment.\n" if $cpverbose;
                        Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $chrootfile );
                        Cpanel::SafetyBits::safe_chmod( $fsperms, $chrootfile );
                        return 1;
                    }
                    else {
                        warn "Problem copying $filenew to $chrootdir";
                        return 0;
                    }
                }
                else {
                    print "$filenew already exists in chroot environment.\n" if $cpverbose;
                    return 1;
                }
            }
            else {
                if ( $fsinode != $chrootinode ) {
                    if ( Cpanel::FileUtils::Copy::safecopy( $filenew, $chrootfile ) ) {
                        Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $chrootfile );
                        Cpanel::SafetyBits::safe_chmod( $fsperms, $chrootfile );
                        print "Copied $filenew to chroot environment.\n" if $cpverbose;
                        return 1;
                    }
                    else {
                        warn "Problem copying $filenew to $chrootdir";
                        return 0;
                    }
                }
                else {
                    if ( $chrootuid != $binduid || $chrootgid != $bindgid || $chrootperms != $fsperms ) {
                        Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $chrootfile );
                        Cpanel::SafetyBits::safe_chmod( $fsperms, $chrootfile );
                    }
                    print "$filenew already exists in chroot environment.\n" if $cpverbose;
                    return 1;
                }
            }
            warn "Problem copying $filenew to chroot environment. This should not happen.";
            return 0;
        }
        elsif ( Cpanel::FileUtils::Copy::safecopy( $filenew, $chrootfile ) ) {
            print "Copied $filenew to chroot environment.\n" if $cpverbose;
            Cpanel::SafetyBits::safe_chown( $binduser, $bindgroup, $chrootfile );
            return 1;
        }
        else {
            warn "Problem copying $filenew to chroot environment.\n";
            return 0;
        }
    }
    return 0;
}

sub clearcache {
    if ( -e $def_namedconf . '.cache' ) {
        unlink( $def_namedconf . '.cache' );
    }

    return;
}

######[ Default named.conf template ]##############################################################

sub getdefault_nameddotconf {
    my $bind_ipv6_line = '';
    if ( -f '/etc/cpanel/ipv6/range_allocation_data' ) {
        $bind_ipv6_line = "\n\    // Enable IPv6\n    listen-on-v6 { any; };   /* updated by cPanel */";
    }

    my $additional_from_cache_line = "additional-from-cache no;";

    # As of BIND 9.18
    # The keyword additional_from_cache_line will cause an error

    my $named_ref = Cpanel::NameServer::Utils::BIND::named_version();
    if ( $named_ref->{success} && ( "$named_ref->{major}.$named_ref->{minor}" >= 9.18 ) ) {
        $additional_from_cache_line = "";
    }

    return <<"EOC";
options {
    /* make named use port 53 for the source of all queries, to allow
         * firewalls to block all ports except 53:
         */

    // query-source    port 53;
    $bind_ipv6_line
    recursion no;

    /* We no longer enable this by default as the dns posion exploit
        has forced many providers to open up their firewalls a bit */

    // Put files that named is allowed to write in the data/ directory:
    directory                "###BASE_DIR###"; // the default
    pid-file                 "###PID_FILE###";
    dump-file                "data/cache_dump.db";
    statistics-file          "data/named_stats.txt";
   /* memstatistics-file     "data/named_mem_stats.txt"; */
    allow-transfer    { "none"; };
};

logging {
        channel default_log {
                file "/var/log/named/named.log" versions 5 size 128M;
                print-time yes;
                print-severity yes;
                print-category yes;
                severity warning;
        };
        category default { default_log; };
        category general { default_log; };
};

// All BIND 9 zones are in a "view", which allow different zones to be served
// to different types of client addresses, and for options to be set for groups
// of zones.
//
// By default, if named.conf contains no "view" clauses, all zones are in the
// "default" view, which matches all clients.
//
// If named.conf contains any "view" clause, then all zones MUST be in a view;
// so it is recommended to start off using views to avoid having to restructure
// your configuration files in the future.

view "localhost_resolver" {
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
 * If all you want is a caching-only nameserver, then you need only define this view:
 */
    match-clients         { 127.0.0.0/24; };
    match-destinations    { localhost; };
    recursion yes;

    // The root hint zone has been removed from the default named.conf.
    // You may add it again by uncommenting the following block:
    /*
    zone "." IN {
        type hint;
        file "###BASE_DIR###/named.ca";
    };
    */

    /* these are zones that contain definitions for all the localhost
     * names and addresses, as recommended in RFC1912 - these names should
     * ONLY be served to localhost clients:
     */
    include "###BASE_DIR###/named.rfc1912.zones";
};

view "internal" {
/* This view will contain zones you want to serve only to "internal" clients
   that connect via your directly attached LAN interfaces - "localnets" .
 */
    match-clients        { localnets; };
    match-destinations    { localnets; };
    recursion yes;

    // The root hint zone has been removed from the default named.conf.
    // You may add it again by uncommenting the following block:
    /*
    zone "." IN {
        type hint;
        file "###BASE_DIR###/named.ca";
    };
    */

    // include "###BASE_DIR###/named.rfc1912.zones";
    // you should not serve your rfc1912 names to non-localhost clients.

    // These are your "authoritative" internal zones, and would probably
    // also be included in the "localhost_resolver" view above :
};

view    "external" {
/* This view will contain zones you want to serve only to "external" clients
 * that have addresses that are not on your directly attached LAN interface subnets:
 */
    recursion no;
    $additional_from_cache_line
    // you'd probably want to deny recursion to external clients, so you don't
    // end up providing free DNS service to all takers

    // The root hint zone has been removed from the default named.conf.
    // You may add it again by uncommenting the following block:
    /*
    zone "." IN {
        type hint;
        file "###BASE_DIR###/named.ca";
    };
    */

    // These are your "authoritative" external zones, and would probably
    // contain entries for just your web and mail servers:

    // BEGIN external zone entries

};
EOC

}

###################################################################################################
Gay Pornography Blog Explicit images and videos offering the newest homosexual porno moments & pornography stars

Gay Pornography Blog Explicit images and videos offering the newest homosexual porno moments & pornography stars

Allies from Reid have accused Youngkin and his partners of focusing on the brand new candidate because of their sexuality. Reid are Virginia’s basic publicly homosexual statewide nominee. Reid has declined the newest account are their and you can would not action away — leaving group loyal scrambling in order to unite regarding the half a year from the state’s bellwether 2025 from-year election. Okay, very I’m pretty sure all of these movies are novice.

Anna beggion sex videos: Implant it video clips on the page using this code

Research and acquire all anna beggion sex videos of the gender information of the greatest homosexual pornography celebrities on the adult industry. Find in which gay porn video clips he’s played thanks to these IMDB gay adult film database and you may homosexual p… Check out 100 percent free Hd gay rape porn fantasy video to the very popular homosexual pornography hoses worldwide.

BongHunk – Day sex with my date

This site has been in existence for only nine weeks, or at least it seems like one to, and they curently have a significant-measurements of video clips collection. Their upload plan are both insane, otherwise they just ensured that people features lots of posts to watch right away. In either case, you will not use up all your what to observe anytime soon, so you have absolutely nothing to consider. Unlike pushing you to definitely read the latest content, they just state new stuff is coming every day, that is good enough for me personally. Although not, the greater amount of bottom line is whether or not these moments look nice otherwise not, thus why don’t we see. Scott DeMarco and you will Filou Fitt have created an intimate atmosphere which have delicate lights as they hug and you can strip down one another for the sleep.

Check out and you can download full-length 720p/1080p/4K High definition vintage homosexual porn video clips in the most famous homosexual porn studios. Load private classic gay adult Cds that have old-fashioned male porn superstars from the 60s, 70s… Observe free High definition homosexual bareback porn movies on the most widely used homosexual intercourse tubes worldwide. Discover explicit gay porno video out of sensuous men and men pornography superstars having rectal intercourse without condom. Check out and you can install 720p/1080p/4K homosexual twink porn movies in the most well-known homosexual porn studios. Weight private full-duration homosexual gender movies from adorable slim guys, sexy 18-year-dated males and you will younger male po…

Best Yaoi Manga Web sites

anna beggion sex videos

“People on line can be unlock profile with the exact same or equivalent brands while the someone else.

Or maybe you want gay shag movies having shy males and masculine alphas? Our curator ensures you have made an informed mature homosexual banging vids. Are you searching for the most popular gay pornography videos?

Gay Porn POV: Alex Kof Takes Angelo Sin’s Huge Penis

Stream exclusive complete-size gay intercourse video with nasty men porn stars pissing, pooping, farting and you may eat… View and you can download 720p/1080p/4K homosexual bareback porno video on the most famous gay pornography studios. Load private full-length homosexual sex videos away from gorgeous people screwing both anally with no condom!

We’ve got obtained the best of the best all-in-one place in order to take pleasure in high quality pornography videos, amateur homosexual intercourse movies, passionate photos and you can gifs and so much more. Do not hesitate to search all of our larger, heavy collection of movies and select away from a variety of video classes and. A robust look setting places the advantage on your own give when you are helpful sorting and you may filter systems enables you to easily view the current or most popular homosexual Adult inside a pinch.

Publicado

en

por

admin

Etiquetas: