目錄:
一、簡介
二、服務規劃
三、安裝BIND及基本環境
四、配置Bind-View-DLZ-MYSQL
五、添加相關記錄並進行測試
六、配置從DNS
七、本文以FreeBSD 10.2 stable系統爲例
一、簡介:
1、智能DNS(Bind-view):
智能DNS 原理很簡單:在用戶解析一個域名的時候的,判斷一下用戶使用的IP,然後跟DNS 服務器內
部的IP 表匹配一下,看看用戶是電信還是網通用戶,然後給用戶返回對應的IP 地址。目前的域名服
務運營商不提供智能DNS 服務,所以必須自行架設DNS 服務或者使用網上免費的智能DNS 服務,如
DNSPOD.
2.Bind-DLZ
Bind-DLZ主頁:http://bind-dlz.sourceforge.net/
DLZ(Dynamically Loadable Zones)與傳統的BIND9不同,BIND的不足之處:
* BIND從文本文件中獲取數據,這樣容易因爲編輯錯誤出現問題。
* BIND需要將數據加載到內存中,如果域或者記錄較多,會消耗大量的內存。
* BIND啓動時解析Zone文件,對於一個記錄較多的DNS來說,會耽誤更多的時間。
* 如果近修改一條記錄,那麼要重新加載或者重啓BIND 才能生效,那麼需要時間,可能會影響客戶端查詢。
而Bind-dlz 即將幫你解決這些問題, 對Zone文件操作也更方便了,直接對數據庫操作,可以很方便擴充及開發管理程序。
二、服務規劃:
1、nameserver服務器註冊(需要到域名服務商那裏註冊)
主從dns之間實現mysql主從數據庫同步:
主DNS: ns1.gov.com 192.168.1.60
從DNS: ns2.gov.com 192.168.1.61
網站(聯通網通 CNC): www.gov.com 192.168.1.51
網站(電信 CT): www.gov.com 192.168.1.52
網站(移動 CMCC): www.gov.com 192.168.1.53
網站(教育 EDU): www.gov.com 192.168.1.54
網站(鐵通 TIETONG): www.gov.com 192.168.1.55
網站(其他 ANY): www.gov.com 192.168.1.56
注: 當一個網通用戶向本地DNS發www.gov.com的請求時,本地DNS會遞歸查詢,最後把請求發給ns1.gov.com這臺DNS服務 器上,ns1.gov.com會根據請求的用戶IP所屬的範圍來擇優選擇,將www.gov.com在網通的ip返回給本地DNS.
2、Bind-view規劃:
網通CNC cnc.txt
電信CT ct.txt
移動CMCC cmcc.txt
教育網EDU edu.txt
鐵通TIETONG tietong.txt
include "/usr/local/bind/etc/view.conf";(ip庫裏面沒有的IP,屬於any區域)
IP庫及ACL,如果你有比較詳細的按城市或者地域的IP庫,在設計BIND-VIEW這個字段的時候,VIEW就可以以城市或地區來命名和規劃.
三、安裝BIND及基本環境:
1、安裝mysql:
pkg install mysql5-server cp /usr/local/share/mysql/my-medium.cnf /etc/my.cnf echo 'mysql_enable="YES"' >> /etc/rc.conf cd /usr/local/etc/rc.d ./mysql-server start //啓動MYSQL mysqladmin -u root -p password '123456' //修改MYSQL密碼
編譯安裝bind:
wget http://ftp.isc.org/isc/bind9/9.10.3-P2/bind-9.10.3-P2.tar.gz tar zxvf bind-9.6.0-P1.tar.gz cd bind-9.6.0-P1 ./configure --with-dlz-mysql --enable-largefile --enable-threads=no --prefix=/usr/local/bind --disable-openssl-version-check make && make install
創建相關配置文件:
cd /usr/local/bind/etc/ ../sbin/rndc-confgen >rndc.conf tail -n10 rndc.conf | head -n9 | sed -e s/#\//g >named.conf
創建 localhost.zone
vi localhost.zone ttl 86400 @ IN SOA localhost. root.localhost. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum IN NS localhost. 1 IN PTR localhost.
創建named.root
cd /usr/local/bind/etc/ wget ftp://ftp.rs.internic.net/domain/named.root cat named.rot ; This file holds the information on root name servers needed to ; initialize cache of Internet domain name servers ; (e.g. reference this file in the "cache . <file>" ; configuration file of BIND domain name servers). ; ; This file is made available by InterNIC ; under anonymous FTP as ; file /domain/named.cache ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET ; ; last update: December 01, 2015 ; related version of root zone: 2015120100 ; ; formerly NS.INTERNIC.NET ; . 3600000 NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 ; ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b ; ; FORMERLY C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c ; ; FORMERLY TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d ; ; FORMERLY NS.NASA.GOV ; . 3600000 NS E.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 ; ; FORMERLY NS.ISC.ORG ; . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f ; ; FORMERLY NS.NIC.DDN.MIL ; . 3600000 NS G.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 ; ; FORMERLY AOS.ARL.ARMY.MIL ; . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53 H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53 ; ; FORMERLY NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 ; ; OPERATED BY VERISIGN, INC. ; . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 ; ; OPERATED BY RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 ; ; OPERATED BY ICANN ; . 3600000 NS L.ROOT-SERVERS.NET. L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 ; ; OPERATED BY WIDE ; . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 ; End of file
用dnssec-keygen產生加密密鑰,一個爲public key,另一個爲private key
cd /usr/local/bind/sbin ./dnssec-keygen -a hmac-md5 -b 128 -n HOST cnc ./dnssec-keygen -a hmac-md5 -b 128 -n HOST ct ./dnssec-keygen -a hmac-md5 -b 128 -n HOST edu ./dnssec-keygen -a hmac-md5 -b 128 -n HOST cmcc ./dnssec-keygen -a hmac-md5 -b 128 -n HOST tietong ./dnssec-keygen -a hmac-md5 -b 128 -n HOST any
named.conf內容如下:
key "rndc-key" { algorithm hmac-md5; secret "D3wcCb9Dti/vZ8v4OUzXVA=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; logging { channel query_log { file "/var/log/named.log" versions 3 size 20m; severity info; print-time yes; print-category yes; print-severity yes; }; category queries { query_log; }; category lame-servers { null; }; }; options { directory "/usr/local/bind/etc"; pid-file "named.pid"; allow-query { any; }; #allow-recursion { none; }; recursion no; listen-on port 53 { 192.168.137.2; 127.0.0.1; }; #listen-on-v6 port 53 { any;}; }; #TSIG-key key "cnc" { algorithm hmac-md5; secret "zI17BnACwUMcSJCT0POefQ==";}; key "ct" { algorithm hmac-md5; secret "zb2zBOKBO9xqMRA6BGsUqA==";}; key "edu" { algorithm hmac-md5; secret "H4AzW3qXq2F5wzjWOGjnLg==";}; key "cmcc" { algorithm hmac-md5; secret "gzUux9/0x5v6aMu/1Ay6Kg==";}; key "tietong" { algorithm hmac-md5; secret "kOM29Ms1BS2qMai2pwtoAQ==";}; key "any" { algorithm hmac-md5; secret "lmEhKVBg6HHRSevRgi8Rcw==";}; acl "dns-ip-list"{ 192.168.137.2; #master DNS IP #192.168.137.3; #slave DNS IP }; include "/usr/local/bind/etc/ip/cnc.txt"; include "/usr/local/bind/etc/ip/ct.txt"; include "/usr/local/bind/etc/ip/cmcc.txt"; include "/usr/local/bind/etc/ip/edu.txt"; include "/usr/local/bind/etc/ip/tietong.txt"; include "/usr/local/bind/etc/view.conf";
配置各個服務商的對應的ACL:
cat ct.txt acl ct{ 1.0.1.0/24; 1.0.2.0/23; 1.0.8.0/21; 1.1.0.0/24; 1.1.2.0/23; 1.1.4.0/22; 1.1.8.0/21; 1.1.16.0/20; 1.1.32.0/19; 1.2.0.0/23; 1.2.5.0/24; 1.2.6.0/23; 1.2.9.0/24; 1.2.10.0/23; 1.2.12.0/22; 1.2.16.0/20; 1.2.32.0/19; 1.2.64.0/18; 1.3.0.0/16; 1.4.1.0/24; 1.4.2.0/23; 1.4.5.0/24; 1.4.8.0/21; 1.4.16.0/20; 1.4.32.0/19; 1.4.64.0/18; 1.10.0.0/21; 1.10.8.0/23; 1.10.11.0/24; 1.10.12.0/22; 1.10.16.0/20; 1.10.32.0/19; 1.10.64.0/18; 1.48.0.0/15; 1.50.0.0/16; 1.68.0.0/14; 1.80.0.0/13; 1.180.0.0/14; 1.192.0.0/13; 1.202.0.0/15; 1.204.0.0/14; 14.0.0.0/21; 14.0.12.0/22; 14.1.0.0/22; 14.16.0.0/12; 14.102.128.0/22; 14.104.0.0/13; 14.112.0.0/12; 14.134.0.0/15; 14.144.0.0/12; 14.156.124.0/24; 14.192.76.0/22; 14.208.0.0/12; 27.16.0.0/12; 27.34.232.0/21; 27.50.40.0/21; 27.54.72.0/21; 27.54.152.0/21; 27.121.72.0/21; 27.121.120.0/21; 27.128.0.0/15; 27.148.0.0/14; 27.152.0.0/13; 27.184.0.0/13; 27.224.0.0/14; 36.0.0.0/22; 36.0.16.0/20; 36.0.32.0/19; 36.1.0.0/16; 36.4.0.0/14; 36.16.0.0/12; 36.37.0.0/19; 36.37.36.0/23; 36.37.39.0/24; 36.37.40.0/21; 36.37.48.0/20; 36.40.0.0/13; 36.48.0.0/15; 36.56.0.0/13; 36.96.0.0/11; 39.0.0.0/24; 39.0.2.0/23; 39.0.4.0/22; 39.0.8.0/21; 39.0.16.0/20; 39.0.32.0/19; 39.0.64.0/18; 39.0.128.0/17; 42.0.0.0/22; 42.0.8.0/21; 42.0.16.0/21; 42.0.24.0/22; 42.0.32.0/19; 42.1.0.0/19; 42.1.32.0/20; 42.1.48.0/21; 42.1.56.0/22; 42.62.128.0/19; 42.62.160.0/20; 42.62.180.0/22; 42.62.184.0/21; 42.80.0.0/15; 42.83.64.0/20; 42.83.80.0/22; 42.83.88.0/21; 42.83.96.0/19; 42.88.0.0/13; 42.96.64.0/19; 42.96.96.0/21; 42.96.108.0/22; 42.96.112.0/20; 42.97.0.0/16; 42.99.0.0/18; 42.99.64.0/19; 42.99.96.0/20; 42.99.112.0/22; 42.99.120.0/21; 42.100.0.0/14; 42.122.0.0/16; 42.123.0.0/19; 42.123.36.0/22; 42.123.40.0/21; 42.123.48.0/20; 42.123.64.0/18; 42.156.0.0/19; 42.156.36.0/22; 42.156.40.0/21; 42.156.48.0/20; 42.156.64.0/18; 42.184.0.0/15; 42.187.0.0/18; 42.187.64.0/19; 42.187.96.0/20; 42.187.112.0/21; 42.187.120.0/22; 42.194.0.0/21; 42.194.8.0/22; 42.194.16.0/20; 42.194.32.0/19; 42.194.64.0/18; 42.202.0.0/15; 42.242.0.0/15; 42.248.0.0/13; 43.242.192.0/22; 43.243.232.0/22; 49.64.0.0/11; 49.112.0.0/13; 49.128.0.0/24; 49.128.2.0/23; 58.32.0.0/13; 58.40.0.0/15; 58.42.0.0/16; 58.43.0.0/16; 58.44.0.0/14; 58.48.0.0/13; 58.56.0.0/15; 58.58.0.0/16; 58.59.0.0/17; 58.59.128.0/17; 58.60.0.0/14; 58.65.232.0/21; 58.208.0.0/12; 59.32.0.0/13; 59.40.0.0/15; 59.42.0.0/16; 59.43.0.0/16; 59.44.0.0/14; 59.48.0.0/16; 59.49.0.0/17; 59.49.128.0/17; 59.50.0.0/16; 59.51.0.0/17; 59.51.128.0/17; 59.52.0.0/14; 59.56.0.0/14; 59.60.0.0/15; 59.62.0.0/15; 59.172.0.0/15; 59.174.0.0/15; 60.160.0.0/15; 60.162.0.0/15; 60.164.0.0/15; 60.166.0.0/15; 60.168.0.0/13; 60.176.0.0/12; 60.235.0.0/16; 61.4.84.0/22; 61.4.88.0/21; 61.45.224.0/20; 61.128.0.0/15; 61.130.0.0/15; 61.132.0.0/16; 61.133.128.0/17; 61.134.0.0/18; 61.134.64.0/19; 61.136.128.0/17; 61.137.0.0/17; 61.138.192.0/18; 61.139.0.0/17; 61.139.192.0/18; 61.140.0.0/14; 61.144.0.0/14; 61.150.0.0/15; 61.152.0.0/16; 61.153.0.0/16; 61.154.0.0/15; 61.157.0.0/16; 61.159.64.0/18; 61.159.128.0/17; 61.160.0.0/16; 61.161.64.0/18; 61.164.0.0/16; 61.165.0.0/16; 61.166.0.0/16; 61.169.0.0/16; 61.170.0.0/15; 61.172.0.0/14; 61.177.0.0/16; 61.178.0.0/16; 61.180.0.0/17; 61.183.0.0/16; 61.184.0.0/14; 61.188.0.0/16; 61.189.128.0/17; 61.190.0.0/15; 101.0.0.0/22; 101.1.0.0/22; 101.2.172.0/22; 101.50.56.0/22; 101.53.100.0/22; 101.55.224.0/21; 101.78.0.0/22; 101.80.0.0/12; 101.96.0.0/21; 101.96.8.0/22; 101.96.16.0/20; 101.99.96.0/19; 101.101.64.0/19; 101.101.100.0/24; 101.101.102.0/23; 101.101.104.0/21; 101.101.112.0/20; 101.102.64.0/19; 101.102.100.0/23; 101.102.102.0/24; 101.102.104.0/21; 101.102.112.0/20; 101.110.64.0/19; 101.110.96.0/20; 101.110.116.0/22; 101.110.120.0/21; 101.128.0.0/22; 101.128.8.0/21; 101.128.16.0/20; 101.128.32.0/19; 101.203.128.0/19; 101.203.160.0/21; 101.203.172.0/22; 101.203.176.0/20; 101.224.0.0/13; 101.234.64.0/21; 101.234.76.0/22; 101.234.80.0/20; 101.234.96.0/19; 101.248.0.0/15; 101.251.0.0/22; 101.251.8.0/21; 101.251.16.0/20; 101.251.32.0/19; 103.12.68.0/22; 103.22.0.0/22; 103.22.4.0/22; 103.22.8.0/22; 103.22.12.0/22; 103.22.16.0/22; 103.22.20.0/22; 103.22.24.0/22; 103.22.28.0/22; 103.22.32.0/22; 103.22.36.0/22; 103.22.40.0/22; 103.22.44.0/22; 103.22.48.0/22; 103.22.52.0/22; 103.22.56.0/22; 103.22.60.0/22; 103.22.64.0/22; 103.22.68.0/22; 103.22.72.0/22; 103.22.76.0/22; 103.22.80.0/22; 103.22.84.0/22; 103.22.88.0/22; 103.22.92.0/22; 103.22.100.0/22; 103.22.104.0/22; 103.22.108.0/22; 103.22.112.0/22; 103.22.116.0/22; 103.22.120.0/22; 103.22.124.0/22; 103.29.128.0/22; 103.38.76.0/22; 103.254.188.0/22; 106.0.0.0/24; 106.0.2.0/23; 106.0.4.0/22; 106.0.8.0/21; 106.0.16.0/20; 106.0.64.0/18; 106.4.0.0/14; 106.8.0.0/15; 106.16.0.0/12; 106.32.0.0/12; 106.56.0.0/13; 106.80.0.0/12; 106.108.0.0/14; 106.112.0.0/13; 106.120.0.0/13; 106.224.0.0/12; 110.76.156.0/22; 110.76.184.0/22; 110.80.0.0/13; 110.88.0.0/14; 110.93.32.0/19; 110.94.0.0/15; 110.152.0.0/14; 110.156.0.0/15; 110.166.0.0/15; 110.173.64.0/19; 110.176.0.0/13; 110.184.0.0/13; 111.72.0.0/13; 111.112.0.0/15; 111.120.0.0/14; 111.124.0.0/16; 111.126.0.0/15; 111.170.0.0/16; 111.172.0.0/14; 111.176.0.0/13; 111.224.0.0/14; 111.235.156.0/22; 112.66.0.0/15; 112.98.0.0/15; 112.100.0.0/14; 112.112.0.0/14; 112.116.0.0/15; 112.137.48.0/21; 113.12.0.0/14; 113.16.0.0/15; 113.24.0.0/14; 113.59.224.0/22; 113.62.0.0/15; 113.64.0.0/11; 113.96.0.0/12; 113.112.0.0/13; 113.120.0.0/13; 113.128.0.0/15; 113.132.0.0/14; 113.136.0.0/13; 113.208.128.0/17; 113.209.0.0/16; 113.212.184.0/21; 113.218.0.0/15; 113.220.0.0/14; 113.240.0.0/13; 113.248.0.0/14; 114.79.64.0/18; 114.80.0.0/12; 114.96.0.0/13; 114.104.0.0/14; 114.135.0.0/16; 114.138.0.0/15; 114.141.64.0/21; 114.198.248.0/21; 114.216.0.0/13; 114.224.0.0/12; 115.69.64.0/20; 115.148.0.0/14; 115.152.0.0/15; 115.166.64.0/19; 115.168.0.0/14; 115.192.0.0/11; 115.224.0.0/12; 116.0.8.0/21; 116.0.24.0/21; 116.1.0.0/16; 116.4.0.0/14; 116.8.0.0/14; 116.16.0.0/12; 116.50.0.0/20; 116.52.0.0/14; 116.192.0.0/16; 116.193.176.0/21; 116.207.0.0/16; 116.208.0.0/14; 116.224.0.0/12; 116.246.0.0/15; 116.248.0.0/15; 116.252.0.0/15; 117.21.0.0/16; 117.22.0.0/15; 117.24.0.0/13; 117.32.0.0/13; 117.40.0.0/14; 117.44.0.0/15; 117.57.0.0/16; 117.60.0.0/14; 117.64.0.0/13; 117.74.80.0/20; 117.80.0.0/12; 117.103.40.0/21; 117.103.72.0/21; 117.104.168.0/21; 117.122.128.0/17; 118.84.0.0/15; 118.102.32.0/21; 118.112.0.0/13; 118.120.0.0/14; 118.124.0.0/15; 118.127.128.0/19; 118.180.0.0/14; 118.184.128.0/17; 118.213.0.0/16; 118.239.0.0/16; 118.248.0.0/13; 119.0.0.0/15; 119.27.128.0/19; 119.41.0.0/16; 119.42.128.0/21; 119.60.0.0/16; 119.82.208.0/20; 119.84.0.0/14; 119.96.0.0/13; 119.120.0.0/13; 119.128.0.0/12; 119.144.0.0/14; 119.148.176.0/20; 119.151.192.0/18; 119.160.200.0/21; 119.252.96.0/21; 120.32.0.0/13; 120.40.0.0/14; 120.68.0.0/14; 120.88.8.0/21; 120.143.128.0/19; 121.0.8.0/21; 121.8.0.0/13; 121.32.0.0/14; 121.50.8.0/21; 121.54.176.0/21; 121.56.0.0/15; 121.58.0.0/17; 121.58.136.0/21; 121.58.160.0/21; 121.59.0.0/16; 121.60.0.0/14; 121.101.0.0/18; 121.200.192.0/21; 121.204.0.0/14; 121.224.0.0/12; 122.4.0.0/14; 122.102.80.0/20; 122.128.120.0/21; 122.224.0.0/12; 122.240.0.0/13; 122.248.24.0/21; 122.255.64.0/21; 123.50.160.0/19; 123.52.0.0/14; 123.96.0.0/15; 123.101.0.0/16; 123.103.0.0/17; 123.149.0.0/16; 123.150.0.0/15; 123.160.0.0/14; 123.164.0.0/14; 123.168.0.0/14; 123.172.0.0/15; 123.174.0.0/15; 123.177.0.0/16; 123.178.0.0/15; 123.180.0.0/14; 123.184.0.0/14; 123.244.0.0/14; 124.31.0.0/16; 124.40.192.0/19; 124.72.0.0/16; 124.73.0.0/16; 124.74.0.0/15; 124.76.0.0/14; 124.109.96.0/21; 124.112.0.0/15; 124.114.0.0/15; 124.116.0.0/16; 124.117.0.0/16; 124.118.0.0/15; 124.224.0.0/16; 124.225.0.0/16; 124.226.0.0/15; 124.228.0.0/14; 124.232.0.0/15; 124.234.0.0/15; 124.236.0.0/14; 125.64.0.0/13; 125.72.0.0/16; 125.73.0.0/16; 125.74.0.0/15; 125.76.0.0/17; 125.76.128.0/17; 125.77.0.0/16; 125.78.0.0/15; 125.80.0.0/13; 125.88.0.0/13; 125.104.0.0/13; 125.112.0.0/12; 125.208.0.0/18; 139.189.0.0/16; 139.200.0.0/13; 140.75.0.0/16; 140.224.0.0/16; 140.237.0.0/16; 140.240.0.0/16; 140.243.0.0/16; 140.246.0.0/16; 140.249.0.0/16; 140.250.0.0/16; 140.255.0.0/16; 144.0.0.0/16; 144.7.0.0/16; 144.12.0.0/16; 144.52.0.0/16; 144.123.0.0/16; 144.255.0.0/16; 150.0.0.0/16; 150.115.0.0/16; 150.121.0.0/16; 150.122.0.0/16; 150.138.0.0/15; 150.223.0.0/16; 153.118.0.0/15; 163.53.220.0/22; 171.8.0.0/13; 171.40.0.0/13; 171.80.0.0/14; 171.88.0.0/13; 171.104.0.0/13; 171.112.0.0/14; 171.208.0.0/12; 175.0.0.0/12; 175.30.0.0/15; 180.96.0.0/11; 180.136.0.0/13; 180.148.16.0/21; 180.148.152.0/21; 180.148.216.0/21; 180.149.128.0/19; 180.152.0.0/13; 180.160.0.0/12; 180.212.0.0/15; 182.23.184.0/21; 182.23.200.0/21; 182.32.0.0/12; 182.84.0.0/14; 182.96.0.0/12; 182.128.0.0/12; 182.144.0.0/13; 182.200.0.0/13; 182.240.0.0/13; 183.0.0.0/10; 183.64.0.0/13; 183.78.180.0/22; 183.91.136.0/21; 183.128.0.0/11; 183.160.0.0/13; 202.0.100.0/23; 202.0.122.0/23; 202.0.176.0/22; 202.3.128.0/23; 202.6.6.0/23; 202.6.66.0/23; 202.6.72.0/23; 202.6.87.0/24; 202.6.88.0/23; 202.6.92.0/23; 202.6.103.0/24; 202.6.108.0/24; 202.6.110.0/23; 202.6.114.0/24; 202.6.176.0/20; 202.8.0.0/24; 202.8.2.0/23; 202.8.4.0/23; 202.8.12.0/24; 202.8.24.0/24; 202.8.77.0/24; 202.8.192.0/20; 202.9.32.0/24; 202.9.34.0/23; 202.9.48.0/23; 202.9.51.0/24; 202.9.52.0/23; 202.9.54.0/24; 202.9.57.0/24; 202.9.58.0/23; 202.12.1.0/24; 202.12.2.0/24; 202.12.17.0/24; 202.12.18.0/24; 202.12.72.0/24; 202.12.84.0/23; 202.12.96.0/24; 202.12.98.0/23; 202.12.106.0/24; 202.12.111.0/24; 202.12.116.0/24; 202.14.64.0/23; 202.14.69.0/24; 202.14.73.0/24; 202.14.74.0/23; 202.14.76.0/24; 202.14.78.0/23; 202.14.88.0/24; 202.14.97.0/24; 202.14.104.0/23; 202.14.108.0/23; 202.14.111.0/24; 202.14.114.0/23; 202.14.118.0/23; 202.14.124.0/23; 202.14.127.0/24; 202.14.129.0/24; 202.14.135.0/24; 202.14.136.0/24; 202.14.149.0/24; 202.14.151.0/24; 202.14.157.0/24; 202.14.158.0/23; 202.14.169.0/24; 202.14.170.0/23; 202.14.176.0/24; 202.14.184.0/23; 202.14.208.0/23; 202.14.213.0/24; 202.14.219.0/24; 202.14.220.0/24; 202.14.222.0/23; 202.14.225.0/24; 202.14.226.0/23; 202.14.231.0/24; 202.14.239.0/24; 202.14.246.0/24; 202.14.251.0/24; 202.20.66.0/24; 202.20.79.0/24; 202.20.87.0/24; 202.20.88.0/23; 202.20.90.0/24; 202.20.94.0/23; 202.20.114.0/24; 202.20.117.0/24; 202.20.120.0/24; 202.20.125.0/24; 202.20.127.0/24; 202.21.131.0/24; 202.21.132.0/24; 202.21.141.0/24; 202.21.142.0/24; 202.21.147.0/24; 202.21.148.0/24; 202.21.150.0/23; 202.21.152.0/23; 202.21.154.0/24; 202.21.156.0/24; 202.27.136.0/23; 202.38.0.0/23; 202.38.48.0/20; 202.38.130.0/23; 202.38.136.0/23; 202.38.142.0/23; 202.38.149.0/24; 202.38.150.0/23; 202.38.154.0/23; 202.38.156.0/24; 202.38.158.0/23; 202.38.168.0/23; 202.38.170.0/24; 202.40.4.0/23; 202.40.7.0/24; 202.40.15.0/24; 202.40.135.0/24; 202.40.136.0/24; 202.40.140.0/24; 202.40.143.0/24; 202.40.144.0/23; 202.40.150.0/24; 202.40.155.0/24; 202.40.156.0/24; 202.40.158.0/23; 202.40.162.0/24; 202.41.8.0/23; 202.41.11.0/24; 202.41.12.0/23; 202.41.128.0/24; 202.41.130.0/23; 202.41.192.0/24; 202.44.16.0/20; 202.44.67.0/24; 202.44.74.0/24; 202.44.129.0/24; 202.44.132.0/23; 202.44.146.0/23; 202.45.0.0/23; 202.45.2.0/24; 202.45.15.0/24; 202.45.16.0/20; 202.46.16.0/23; 202.46.18.0/24; 202.46.20.0/23; 202.46.128.0/24; 202.47.82.0/23; 202.47.126.0/24; 202.47.128.0/24; 202.47.130.0/23; 202.57.240.0/20; 202.58.0.0/24; 202.59.0.0/24; 202.59.212.0/22; 202.59.236.0/24; 202.60.48.0/21; 202.60.96.0/21; 202.60.132.0/22; 202.60.136.0/21; 202.60.144.0/20; 202.62.112.0/22; 202.62.248.0/22; 202.62.252.0/24; 202.62.255.0/24; 202.63.81.0/24; 202.63.82.0/23; 202.63.84.0/22; 202.63.88.0/21; 202.65.0.0/21; 202.65.8.0/23; 202.67.0.0/22; 202.70.96.0/20; 202.70.192.0/20; 202.72.40.0/21; 202.72.80.0/20; 202.73.128.0/22; 202.74.80.0/20; 202.74.254.0/23; 202.75.252.0/22; 202.76.252.0/22; 202.77.80.0/21; 202.77.92.0/22; 202.78.8.0/21; 202.79.224.0/21; 202.79.248.0/22; 202.80.192.0/21; 202.80.200.0/21; 202.81.0.0/22; 202.83.252.0/22; 202.84.4.0/22; 202.84.8.0/21; 202.84.24.0/21; 202.86.249.0/24; 202.86.252.0/22; 202.87.80.0/20; 202.89.8.0/21; 202.90.112.0/20; 202.90.196.0/24; 202.91.0.0/22; 202.91.96.0/20; 202.92.8.0/21; 202.92.48.0/20; 202.92.252.0/22; 202.94.92.0/22; 202.95.240.0/21; 202.96.96.0/21; 202.96.104.0/21; 202.96.112.0/20; 202.96.128.0/21; 202.96.136.0/21; 202.96.144.0/20; 202.96.160.0/21; 202.96.168.0/21; 202.96.176.0/20; 202.96.192.0/21; 202.96.200.0/21; 202.96.208.0/20; 202.96.224.0/21; 202.96.232.0/21; 202.96.240.0/20; 202.97.0.0/21; 202.97.8.0/21; 202.97.16.0/20; 202.97.32.0/19; 202.97.64.0/19; 202.97.96.0/20; 202.97.112.0/20; 202.98.32.0/21; 202.98.40.0/21; 202.98.48.0/20; 202.98.64.0/19; 202.98.96.0/21; 202.98.104.0/21; 202.98.112.0/20; 202.98.128.0/19; 202.98.160.0/21; 202.98.168.0/21; 202.98.176.0/20; 202.98.192.0/21; 202.98.200.0/21; 202.98.208.0/20; 202.98.224.0/21; 202.98.232.0/21; 202.98.240.0/20; 202.100.0.0/21; 202.100.8.0/21; 202.100.16.0/20; 202.100.32.0/19; 202.100.64.0/21; 202.100.72.0/21; 202.100.80.0/20; 202.100.96.0/21; 202.100.104.0/21; 202.100.112.0/20; 202.100.128.0/21; 202.100.136.0/21; 202.100.144.0/20; 202.100.160.0/21; 202.100.168.0/21; 202.100.176.0/20; 202.100.192.0/21; 202.100.200.0/21; 202.100.208.0/20; 202.100.224.0/19; 202.101.0.0/18; 202.101.64.0/19; 202.101.96.0/19; 202.101.224.0/21; 202.102.0.0/19; 202.102.32.0/19; 202.102.64.0/18; 202.102.192.0/21; 202.102.200.0/21; 202.102.208.0/20; 202.103.0.0/21; 202.103.8.0/21; 202.103.16.0/20; 202.103.32.0/19; 202.103.64.0/19; 202.103.96.0/21; 202.103.104.0/21; 202.103.112.0/20; 202.103.128.0/18; 202.103.192.0/19; 202.103.224.0/21; 202.103.232.0/21; 202.103.240.0/20; 202.104.0.0/15; 202.107.128.0/17; 202.109.0.0/16; 202.110.128.0/18; 202.111.0.0/17; 202.111.192.0/18; 202.122.120.0/21; 202.122.132.0/24; 202.124.16.0/21; 202.124.24.0/22; 202.125.112.0/20; 202.127.128.0/20; 202.127.194.0/23; 202.127.196.0/22; 202.127.212.0/22; 202.133.32.0/20; 202.134.58.0/24; 202.134.128.0/20; 202.137.231.0/24; 202.143.4.0/22; 202.143.32.0/20; 202.143.56.0/21; 202.146.160.0/20; 202.146.188.0/22; 202.146.196.0/22; 202.146.200.0/21; 202.147.144.0/20; 202.148.32.0/20; 202.148.64.0/19; 202.149.32.0/19; 202.150.32.0/20; 202.150.56.0/22; 202.150.192.0/20; 202.150.224.0/19; 202.151.0.0/22; 202.151.128.0/19; 202.153.0.0/22; 202.157.192.0/19; 202.162.67.0/24; 202.162.75.0/24; 202.164.96.0/19; 202.165.239.0/24; 202.165.240.0/23; 202.165.243.0/24; 202.165.245.0/24; 202.165.251.0/24; 202.165.252.0/22; 202.166.224.0/19; 202.170.224.0/19; 202.171.216.0/21; 202.171.235.0/24; 202.172.0.0/22; 202.173.0.0/22; 202.173.224.0/19; 202.174.64.0/20; 202.176.224.0/19; 202.180.208.0/21; 202.182.32.0/20; 202.182.192.0/19; 202.189.184.0/21; 202.191.0.0/24; 202.191.68.0/22; 202.191.72.0/21; 202.191.80.0/20; 203.0.4.0/22; 203.0.10.0/23; 203.0.18.0/24; 203.0.24.0/24; 203.0.42.0/23; 203.0.45.0/24; 203.0.46.0/23; 203.0.81.0/24; 203.0.82.0/23; 203.0.90.0/23; 203.0.96.0/23; 203.0.104.0/21; 203.0.114.0/23; 203.0.122.0/24; 203.0.128.0/24; 203.0.130.0/23; 203.0.132.0/22; 203.0.137.0/24; 203.0.142.0/24; 203.0.144.0/24; 203.0.146.0/24; 203.0.148.0/24; 203.0.150.0/23; 203.0.152.0/24; 203.0.177.0/24; 203.0.224.0/24; 203.1.4.0/22; 203.1.18.0/24; 203.1.26.0/23; 203.1.65.0/24; 203.1.66.0/23; 203.1.70.0/23; 203.1.76.0/23; 203.1.90.0/24; 203.1.97.0/24; 203.1.98.0/23; 203.1.100.0/22; 203.1.108.0/24; 203.1.253.0/24; 203.1.254.0/24; 203.2.64.0/21; 203.2.73.0/24; 203.2.112.0/21; 203.2.126.0/23; 203.2.140.0/24; 203.2.150.0/24; 203.2.152.0/22; 203.2.156.0/23; 203.2.160.0/21; 203.2.180.0/23; 203.2.196.0/23; 203.2.209.0/24; 203.2.214.0/23; 203.2.226.0/23; 203.2.229.0/24; 203.2.236.0/23; 203.3.68.0/24; 203.3.72.0/23; 203.3.75.0/24; 203.3.80.0/21; 203.3.96.0/22; 203.3.105.0/24; 203.3.112.0/21; 203.3.120.0/24; 203.3.123.0/24; 203.3.135.0/24; 203.3.139.0/24; 203.3.143.0/24; 203.4.132.0/23; 203.4.134.0/24; 203.4.151.0/24; 203.4.152.0/22; 203.4.174.0/23; 203.4.180.0/24; 203.4.186.0/24; 203.4.205.0/24; 203.4.208.0/22; 203.4.227.0/24; 203.4.230.0/23; 203.5.4.0/23; 203.5.7.0/24; 203.5.8.0/23; 203.5.11.0/24; 203.5.21.0/24; 203.5.22.0/24; 203.5.44.0/24; 203.5.46.0/23; 203.5.52.0/22; 203.5.56.0/23; 203.5.60.0/23; 203.5.114.0/23; 203.5.118.0/24; 203.5.120.0/24; 203.5.172.0/24; 203.5.180.0/23; 203.5.182.0/24; 203.5.185.0/24; 203.5.186.0/24; 203.5.188.0/23; 203.5.190.0/24; 203.5.195.0/24; 203.5.214.0/23; 203.5.218.0/23; 203.6.131.0/24; 203.6.136.0/24; 203.6.138.0/23; 203.6.142.0/24; 203.6.150.0/23; 203.6.157.0/24; 203.6.159.0/24; 203.6.224.0/20; 203.6.248.0/23; 203.7.129.0/24; 203.7.138.0/23; 203.7.147.0/24; 203.7.150.0/23; 203.7.158.0/24; 203.7.192.0/23; 203.7.200.0/24; 203.8.0.0/24; 203.8.8.0/24; 203.8.23.0/24; 203.8.24.0/21; 203.8.70.0/24; 203.8.82.0/24; 203.8.86.0/23; 203.8.91.0/24; 203.8.110.0/23; 203.8.115.0/24; 203.8.166.0/23; 203.8.169.0/24; 203.8.173.0/24; 203.8.184.0/24; 203.8.186.0/23; 203.8.190.0/23; 203.8.192.0/24; 203.8.197.0/24; 203.8.198.0/23; 203.8.203.0/24; 203.8.209.0/24; 203.8.210.0/23; 203.8.212.0/22; 203.8.217.0/24; 203.8.220.0/24; 203.9.32.0/24; 203.9.36.0/23; 203.9.57.0/24; 203.9.63.0/24; 203.9.65.0/24; 203.9.70.0/23; 203.9.72.0/24; 203.9.75.0/24; 203.9.76.0/23; 203.9.96.0/22; 203.9.100.0/23; 203.9.108.0/24; 203.9.158.0/24; 203.10.34.0/24; 203.10.56.0/24; 203.10.74.0/23; 203.10.84.0/22; 203.10.88.0/24; 203.10.95.0/24; 203.10.125.0/24; 203.11.70.0/24; 203.11.76.0/22; 203.11.82.0/24; 203.11.84.0/22; 203.11.100.0/22; 203.11.109.0/24; 203.11.117.0/24; 203.11.122.0/24; 203.11.126.0/24; 203.11.136.0/22; 203.11.141.0/24; 203.11.142.0/23; 203.11.180.0/22; 203.11.208.0/22; 203.12.16.0/24; 203.12.19.0/24; 203.12.24.0/24; 203.12.57.0/24; 203.12.65.0/24; 203.12.66.0/24; 203.12.70.0/23; 203.12.87.0/24; 203.12.88.0/21; 203.12.100.0/23; 203.12.103.0/24; 203.12.114.0/24; 203.12.118.0/24; 203.12.130.0/24; 203.12.137.0/24; 203.12.196.0/22; 203.12.200.0/21; 203.12.211.0/24; 203.12.219.0/24; 203.12.226.0/24; 203.12.240.0/22; 203.13.18.0/24; 203.13.24.0/24; 203.13.44.0/23; 203.13.80.0/21; 203.13.88.0/23; 203.13.92.0/22; 203.13.173.0/24; 203.13.224.0/23; 203.13.227.0/24; 203.13.233.0/24; 203.14.24.0/22; 203.14.33.0/24; 203.14.56.0/24; 203.14.61.0/24; 203.14.62.0/24; 203.14.104.0/24; 203.14.114.0/23; 203.14.118.0/24; 203.14.162.0/24; 203.14.184.0/21; 203.14.192.0/24; 203.14.194.0/23; 203.14.214.0/24; 203.14.231.0/24; 203.14.246.0/24; 203.15.0.0/20; 203.15.20.0/23; 203.15.22.0/24; 203.15.87.0/24; 203.15.88.0/23; 203.15.105.0/24; 203.15.112.0/21; 203.15.130.0/23; 203.15.149.0/24; 203.15.151.0/24; 203.15.156.0/22; 203.15.174.0/24; 203.15.227.0/24; 203.15.232.0/21; 203.15.240.0/23; 203.15.246.0/24; 203.16.10.0/24; 203.16.12.0/23; 203.16.16.0/21; 203.16.27.0/24; 203.16.38.0/24; 203.16.49.0/24; 203.16.50.0/23; 203.16.58.0/24; 203.16.133.0/24; 203.16.161.0/24; 203.16.162.0/24; 203.16.186.0/23; 203.16.228.0/24; 203.16.238.0/24; 203.16.240.0/24; 203.16.245.0/24; 203.17.2.0/24; 203.17.18.0/24; 203.17.28.0/24; 203.17.39.0/24; 203.17.56.0/24; 203.17.74.0/23; 203.17.88.0/23; 203.17.136.0/24; 203.17.164.0/24; 203.17.187.0/24; 203.17.190.0/23; 203.17.231.0/24; 203.17.233.0/24; 203.17.248.0/24; 203.17.255.0/24; 203.18.2.0/23; 203.18.4.0/24; 203.18.7.0/24; 203.18.31.0/24; 203.18.37.0/24; 203.18.48.0/23; 203.18.52.0/24; 203.18.72.0/22; 203.18.80.0/23; 203.18.87.0/24; 203.18.100.0/23; 203.18.105.0/24; 203.18.107.0/24; 203.18.110.0/24; 203.18.129.0/24; 203.18.131.0/24; 203.18.132.0/23; 203.18.144.0/24; 203.18.153.0/24; 203.18.199.0/24; 203.18.208.0/24; 203.18.211.0/24; 203.18.215.0/24; 203.19.18.0/24; 203.19.24.0/24; 203.19.30.0/24; 203.19.32.0/21; 203.19.41.0/24; 203.19.44.0/23; 203.19.46.0/24; 203.19.58.0/24; 203.19.60.0/23; 203.19.64.0/24; 203.19.68.0/24; 203.19.72.0/24; 203.19.101.0/24; 203.19.111.0/24; 203.19.131.0/24; 203.19.133.0/24; 203.19.144.0/24; 203.19.149.0/24; 203.19.156.0/24; 203.19.176.0/24; 203.19.178.0/23; 203.19.208.0/24; 203.19.228.0/22; 203.19.233.0/24; 203.19.242.0/24; 203.19.248.0/23; 203.19.255.0/24; 203.20.17.0/24; 203.20.40.0/23; 203.20.48.0/24; 203.20.61.0/24; 203.20.65.0/24; 203.20.84.0/23; 203.20.89.0/24; 203.20.106.0/23; 203.20.115.0/24; 203.20.117.0/24; 203.20.118.0/23; 203.20.122.0/24; 203.20.126.0/23; 203.20.135.0/24; 203.20.136.0/21; 203.20.150.0/24; 203.20.230.0/24; 203.20.232.0/24; 203.20.236.0/24; 203.21.0.0/23; 203.21.2.0/24; 203.21.8.0/24; 203.21.10.0/24; 203.21.18.0/24; 203.21.33.0/24; 203.21.34.0/24; 203.21.41.0/24; 203.21.44.0/24; 203.21.68.0/24; 203.21.82.0/24; 203.21.96.0/22; 203.21.124.0/24; 203.21.136.0/23; 203.21.145.0/24; 203.21.206.0/24; 203.22.24.0/24; 203.22.28.0/23; 203.22.31.0/24; 203.22.68.0/24; 203.22.76.0/24; 203.22.78.0/24; 203.22.84.0/24; 203.22.87.0/24; 203.22.92.0/22; 203.22.99.0/24; 203.22.106.0/24; 203.22.122.0/23; 203.22.131.0/24; 203.22.163.0/24; 203.22.166.0/24; 203.22.170.0/24; 203.22.176.0/21; 203.22.194.0/24; 203.22.242.0/23; 203.22.245.0/24; 203.22.246.0/24; 203.22.252.0/23; 203.23.0.0/24; 203.23.47.0/24; 203.23.61.0/24; 203.23.62.0/23; 203.23.73.0/24; 203.23.85.0/24; 203.23.92.0/22; 203.23.98.0/24; 203.23.107.0/24; 203.23.112.0/24; 203.23.130.0/24; 203.23.140.0/23; 203.23.172.0/24; 203.23.182.0/24; 203.23.186.0/23; 203.23.192.0/24; 203.23.197.0/24; 203.23.198.0/24; 203.23.204.0/22; 203.23.224.0/24; 203.23.226.0/23; 203.23.228.0/22; 203.23.249.0/24; 203.23.251.0/24; 203.24.13.0/24; 203.24.18.0/24; 203.24.27.0/24; 203.24.43.0/24; 203.24.56.0/24; 203.24.58.0/24; 203.24.67.0/24; 203.24.74.0/24; 203.24.79.0/24; 203.24.80.0/23; 203.24.84.0/23; 203.24.86.0/24; 203.24.90.0/24; 203.24.111.0/24; 203.24.112.0/24; 203.24.116.0/24; 203.24.122.0/23; 203.24.145.0/24; 203.24.152.0/23; 203.24.157.0/24; 203.24.161.0/24; 203.24.167.0/24; 203.24.186.0/23; 203.24.199.0/24; 203.24.202.0/24; 203.24.212.0/23; 203.24.217.0/24; 203.24.219.0/24; 203.24.244.0/24; 203.25.19.0/24; 203.25.20.0/23; 203.25.46.0/24; 203.25.48.0/21; 203.25.64.0/23; 203.25.91.0/24; 203.25.99.0/24; 203.25.100.0/24; 203.25.106.0/24; 203.25.131.0/24; 203.25.135.0/24; 203.25.138.0/24; 203.25.147.0/24; 203.25.153.0/24; 203.25.154.0/23; 203.25.164.0/24; 203.25.166.0/24; 203.25.174.0/23; 203.25.180.0/24; 203.25.182.0/24; 203.25.191.0/24; 203.25.199.0/24; 203.25.200.0/24; 203.25.202.0/23; 203.25.208.0/20; 203.25.229.0/24; 203.25.235.0/24; 203.25.236.0/24; 203.25.242.0/24; 203.26.12.0/24; 203.26.34.0/24; 203.26.49.0/24; 203.26.50.0/24; 203.26.55.0/24; 203.26.56.0/23; 203.26.60.0/24; 203.26.65.0/24; 203.26.68.0/24; 203.26.76.0/24; 203.26.80.0/24; 203.26.84.0/24; 203.26.97.0/24; 203.26.102.0/23; 203.26.115.0/24; 203.26.116.0/24; 203.26.129.0/24; 203.26.143.0/24; 203.26.144.0/24; 203.26.148.0/23; 203.26.154.0/24; 203.26.158.0/23; 203.26.170.0/24; 203.26.173.0/24; 203.26.176.0/24; 203.26.185.0/24; 203.26.202.0/23; 203.26.210.0/24; 203.26.214.0/24; 203.26.222.0/24; 203.26.224.0/24; 203.26.228.0/24; 203.26.232.0/24; 203.27.0.0/24; 203.27.10.0/24; 203.27.15.0/24; 203.27.16.0/24; 203.27.20.0/24; 203.27.22.0/23; 203.27.40.0/24; 203.27.45.0/24; 203.27.53.0/24; 203.27.65.0/24; 203.27.66.0/24; 203.27.81.0/24; 203.27.88.0/24; 203.27.102.0/24; 203.27.109.0/24; 203.27.117.0/24; 203.27.121.0/24; 203.27.122.0/23; 203.27.125.0/24; 203.27.200.0/24; 203.27.202.0/24; 203.27.233.0/24; 203.27.241.0/24; 203.27.250.0/24; 203.28.10.0/24; 203.28.12.0/24; 203.28.33.0/24; 203.28.34.0/23; 203.28.43.0/24; 203.28.44.0/24; 203.28.54.0/24; 203.28.56.0/24; 203.28.73.0/24; 203.28.74.0/24; 203.28.76.0/24; 203.28.86.0/24; 203.28.88.0/24; 203.28.112.0/24; 203.28.131.0/24; 203.28.136.0/24; 203.28.140.0/24; 203.28.145.0/24; 203.28.165.0/24; 203.28.169.0/24; 203.28.170.0/24; 203.28.178.0/23; 203.28.185.0/24; 203.28.187.0/24; 203.28.196.0/24; 203.28.226.0/23; 203.28.239.0/24; 203.29.2.0/24; 203.29.8.0/23; 203.29.13.0/24; 203.29.14.0/24; 203.29.28.0/24; 203.29.46.0/24; 203.29.57.0/24; 203.29.61.0/24; 203.29.63.0/24; 203.29.69.0/24; 203.29.73.0/24; 203.29.81.0/24; 203.29.90.0/24; 203.29.95.0/24; 203.29.100.0/24; 203.29.103.0/24; 203.29.112.0/24; 203.29.120.0/22; 203.29.182.0/23; 203.29.187.0/24; 203.29.189.0/24; 203.29.190.0/24; 203.29.205.0/24; 203.29.210.0/24; 203.29.217.0/24; 203.29.227.0/24; 203.29.231.0/24; 203.29.233.0/24; 203.29.234.0/24; 203.29.248.0/24; 203.29.254.0/23; 203.30.16.0/23; 203.30.25.0/24; 203.30.27.0/24; 203.30.29.0/24; 203.30.66.0/24; 203.30.81.0/24; 203.30.87.0/24; 203.30.111.0/24; 203.30.121.0/24; 203.30.123.0/24; 203.30.152.0/24; 203.30.156.0/24; 203.30.162.0/24; 203.30.173.0/24; 203.30.175.0/24; 203.30.187.0/24; 203.30.194.0/24; 203.30.217.0/24; 203.30.220.0/24; 203.30.222.0/24; 203.30.232.0/23; 203.30.235.0/24; 203.30.240.0/23; 203.30.246.0/24; 203.30.250.0/23; 203.31.45.0/24; 203.31.46.0/24; 203.31.49.0/24; 203.31.51.0/24; 203.31.54.0/23; 203.31.69.0/24; 203.31.72.0/24; 203.31.80.0/24; 203.31.85.0/24; 203.31.97.0/24; 203.31.105.0/24; 203.31.106.0/24; 203.31.108.0/23; 203.31.124.0/24; 203.31.162.0/24; 203.31.174.0/24; 203.31.177.0/24; 203.31.181.0/24; 203.31.187.0/24; 203.31.189.0/24; 203.31.204.0/24; 203.31.220.0/24; 203.31.222.0/23; 203.31.225.0/24; 203.31.229.0/24; 203.31.248.0/23; 203.31.253.0/24; 203.32.20.0/24; 203.32.48.0/23; 203.32.56.0/24; 203.32.60.0/24; 203.32.62.0/24; 203.32.68.0/23; 203.32.76.0/24; 203.32.81.0/24; 203.32.84.0/23; 203.32.95.0/24; 203.32.102.0/24; 203.32.105.0/24; 203.32.130.0/24; 203.32.133.0/24; 203.32.140.0/24; 203.32.152.0/24; 203.32.186.0/23; 203.32.192.0/24; 203.32.196.0/24; 203.32.203.0/24; 203.32.204.0/23; 203.32.212.0/24; 203.33.4.0/24; 203.33.7.0/24; 203.33.8.0/21; 203.33.21.0/24; 203.33.26.0/24; 203.33.32.0/24; 203.33.63.0/24; 203.33.64.0/24; 203.33.67.0/24; 203.33.68.0/24; 203.33.73.0/24; 203.33.79.0/24; 203.33.100.0/24; 203.33.122.0/24; 203.33.129.0/24; 203.33.131.0/24; 203.33.145.0/24; 203.33.156.0/24; 203.33.158.0/23; 203.33.174.0/24; 203.33.185.0/24; 203.33.200.0/24; 203.33.202.0/23; 203.33.204.0/24; 203.33.206.0/23; 203.33.214.0/23; 203.33.224.0/23; 203.33.226.0/24; 203.33.233.0/24; 203.33.243.0/24; 203.33.250.0/24; 203.34.4.0/24; 203.34.21.0/24; 203.34.27.0/24; 203.34.39.0/24; 203.34.48.0/23; 203.34.54.0/24; 203.34.56.0/23; 203.34.67.0/24; 203.34.69.0/24; 203.34.76.0/24; 203.34.92.0/24; 203.34.106.0/24; 203.34.113.0/24; 203.34.147.0/24; 203.34.150.0/24; 203.34.152.0/23; 203.34.161.0/24; 203.34.162.0/24; 203.34.187.0/24; 203.34.192.0/21; 203.34.204.0/22; 203.34.232.0/24; 203.34.240.0/24; 203.34.242.0/24; 203.34.245.0/24; 203.34.251.0/24; 203.55.2.0/23; 203.55.4.0/24; 203.55.10.0/24; 203.55.13.0/24; 203.55.22.0/24; 203.55.30.0/24; 203.55.93.0/24; 203.55.101.0/24; 203.55.109.0/24; 203.55.110.0/24; 203.55.116.0/23; 203.55.119.0/24; 203.55.128.0/23; 203.55.146.0/23; 203.55.192.0/24; 203.55.196.0/24; 203.55.218.0/23; 203.55.221.0/24; 203.55.224.0/24; 203.56.1.0/24; 203.56.4.0/24; 203.56.12.0/24; 203.56.24.0/24; 203.56.38.0/24; 203.56.40.0/24; 203.56.46.0/24; 203.56.48.0/21; 203.56.68.0/23; 203.56.82.0/23; 203.56.84.0/23; 203.56.95.0/24; 203.56.110.0/24; 203.56.121.0/24; 203.56.161.0/24; 203.56.169.0/24; 203.56.172.0/23; 203.56.175.0/24; 203.56.183.0/24; 203.56.185.0/24; 203.56.187.0/24; 203.56.192.0/24; 203.56.198.0/24; 203.56.201.0/24; 203.56.208.0/23; 203.56.210.0/24; 203.56.214.0/24; 203.56.216.0/24; 203.56.227.0/24; 203.56.228.0/24; 203.56.232.0/24; 203.56.240.0/24; 203.56.252.0/24; 203.56.254.0/24; 203.57.5.0/24; 203.57.6.0/24; 203.57.12.0/23; 203.57.28.0/24; 203.57.39.0/24; 203.57.46.0/24; 203.57.58.0/24; 203.57.61.0/24; 203.57.66.0/24; 203.57.69.0/24; 203.57.70.0/23; 203.57.73.0/24; 203.57.90.0/24; 203.57.101.0/24; 203.57.109.0/24; 203.57.123.0/24; 203.57.157.0/24; 203.57.200.0/24; 203.57.202.0/24; 203.57.206.0/24; 203.57.222.0/24; 203.57.224.0/20; 203.57.246.0/23; 203.57.249.0/24; 203.57.253.0/24; 203.57.254.0/23; 203.62.2.0/24; 203.62.131.0/24; 203.62.139.0/24; 203.62.161.0/24; 203.62.197.0/24; 203.62.228.0/22; 203.62.234.0/24; 203.62.246.0/24; 203.76.160.0/22; 203.76.168.0/22; 203.77.180.0/22; 203.78.48.0/20; 203.80.4.0/23; 203.80.32.0/20; 203.80.57.0/24; 203.80.132.0/22; 203.80.136.0/21; 203.81.0.0/21; 203.82.0.0/23; 203.82.16.0/21; 203.83.0.0/22; 203.83.224.0/20; 203.86.96.0/19; 203.86.254.0/23; 203.89.8.0/21; 203.89.136.0/22; 203.90.8.0/22; 203.92.0.0/22; 203.95.224.0/19; 203.99.8.0/21; 203.100.48.0/21; 203.100.63.0/24; 203.104.32.0/20; 203.105.96.0/19; 203.105.128.0/19; 203.110.208.0/20; 203.110.232.0/23; 203.110.234.0/24; 203.118.241.0/24; 203.119.113.0/24; 203.119.114.0/23; 203.119.116.0/22; 203.119.120.0/21; 203.128.224.0/21; 203.129.8.0/21; 203.130.32.0/19; 203.142.224.0/19; 203.144.96.0/19; 203.145.0.0/19; 203.148.80.0/22; 203.148.86.0/23; 203.149.92.0/22; 203.152.128.0/19; 203.153.0.0/22; 203.160.104.0/21; 203.160.129.0/24; 203.160.192.0/19; 203.161.0.0/22; 203.168.0.0/19; 203.170.58.0/23; 203.171.0.0/22; 203.174.4.0/24; 203.176.64.0/19; 203.189.0.0/23; 203.189.6.0/23; 203.189.112.0/22; 203.189.192.0/19; 203.190.249.0/24; 203.191.0.0/23; 203.193.224.0/19; 203.194.120.0/21; 203.195.64.0/19; 203.195.112.0/21; 203.196.8.0/21; 203.202.236.0/22; 203.205.64.0/19; 203.212.0.0/20; 203.215.232.0/21; 203.223.16.0/21; 210.5.56.0/21; 210.75.0.0/16; 210.77.0.0/16; 210.192.96.0/19; 211.100.0.0/16; 211.154.0.0/16; 218.0.0.0/16; 218.1.0.0/16; 218.2.0.0/15; 218.4.0.0/15; 218.6.0.0/16; 218.13.0.0/16; 218.14.0.0/15; 218.16.0.0/14; 218.20.0.0/16; 218.21.0.0/17; 218.22.0.0/15; 218.30.0.0/15; 218.62.128.0/17; 218.63.0.0/16; 218.64.0.0/15; 218.66.0.0/16; 218.67.0.0/17; 218.70.0.0/15; 218.72.0.0/14; 218.76.0.0/15; 218.78.0.0/15; 218.80.0.0/14; 218.84.0.0/14; 218.88.0.0/13; 218.100.88.0/21; 218.100.96.0/19; 218.100.128.0/17; 218.185.240.0/21; 219.128.0.0/12; 219.144.0.0/14; 219.148.0.0/16; 219.149.0.0/17; 219.149.128.0/18; 219.149.192.0/18; 219.150.0.0/19; 219.150.32.0/19; 219.150.64.0/19; 219.150.96.0/20; 219.150.112.0/20; 219.150.128.0/17; 219.151.0.0/19; 219.151.32.0/19; 219.151.64.0/18; 219.151.128.0/17; 219.152.0.0/15; 219.159.64.0/18; 219.159.128.0/17; 220.160.0.0/11; 220.247.136.0/21; 221.224.0.0/13; 221.232.0.0/14; 221.236.0.0/15; 221.238.0.0/16; 221.239.0.0/17; 221.239.128.0/17; 222.64.0.0/13; 222.72.0.0/15; 222.74.0.0/16; 222.75.0.0/16; 222.76.0.0/14; 222.80.0.0/15; 222.82.0.0/16; 222.83.0.0/17; 222.83.128.0/17; 222.84.0.0/16; 222.85.0.0/17; 222.85.128.0/17; 222.86.0.0/15; 222.88.0.0/15; 222.90.0.0/15; 222.92.0.0/14; 222.168.0.0/15; 222.170.0.0/15; 222.172.0.0/17; 222.172.128.0/17; 222.173.0.0/16; 222.174.0.0/15; 222.176.0.0/13; 222.184.0.0/13; 222.208.0.0/13; 222.216.0.0/15; 222.218.0.0/16; 222.219.0.0/16; 222.220.0.0/15; 222.222.0.0/15; 222.240.0.0/13; 223.8.0.0/13; 223.144.0.0/12; 223.198.0.0/15; 223.214.0.0/15; 223.220.0.0/15; 223.240.0.0/13; 223.255.252.0/23; }; cat cnc.txt acl cnc{ 1.24.0.0/13; 1.56.0.0/13; 1.188.0.0/14; 14.204.0.0/15; 27.8.0.0/13; 27.36.0.0/14; 27.40.0.0/13; 27.50.128.0/17; 27.54.192.0/18; 27.98.224.0/19; 27.112.0.0/18; 27.115.0.0/17; 27.192.0.0/11; 36.32.0.0/14; 36.248.0.0/14; 39.64.0.0/11; 42.1.128.0/17; 42.4.0.0/14; 42.48.0.0/15; 42.51.0.0/16; 42.52.0.0/14; 42.56.0.0/14; 42.63.0.0/16; 42.84.0.0/14; 42.157.0.0/16; 42.176.0.0/13; 42.224.0.0/12; 43.224.12.0/22; 43.224.24.0/22; 43.224.52.0/22; 43.224.160.0/22; 43.224.208.0/22; 43.226.116.0/22; 43.226.120.0/22; 43.226.160.0/22; 43.229.236.0/22; 43.240.0.0/22; 43.240.132.0/22; 43.240.204.0/22; 43.241.48.0/22; 43.241.92.0/22; 43.241.184.0/22; 43.242.148.0/22; 43.242.152.0/22; 43.242.156.0/22; 43.242.164.0/22; 43.242.180.0/22; 43.243.4.0/22; 43.243.16.0/22; 43.243.88.0/22; 43.243.128.0/22; 43.243.156.0/22; 43.243.180.0/22; 43.243.228.0/22; 43.247.88.0/22; 43.247.212.0/22; 43.247.216.0/22; 43.248.4.0/22; 43.248.20.0/22; 43.248.48.0/22; 43.248.108.0/22; 43.248.148.0/22; 43.248.244.0/22; 43.249.4.0/22; 43.249.136.0/22; 43.249.236.0/22; 43.250.4.0/22; 43.250.96.0/22; 43.250.112.0/22; 43.250.128.0/22; 43.250.144.0/22; 43.250.168.0/22; 43.250.200.0/22; 43.250.212.0/22; 43.250.244.0/22; 43.251.4.0/22; 43.251.36.0/22; 43.251.232.0/22; 43.254.44.0/22; 43.254.104.0/22; 43.254.116.0/22; 43.254.144.0/22; 43.254.148.0/22; 43.255.204.0/22; 45.112.228.0/22; 45.112.232.0/22; 45.113.24.0/22; 45.113.240.0/22; 45.113.252.0/22; 45.115.144.0/22; 45.115.200.0/22; 45.117.124.0/22; 45.121.96.0/22; 45.124.20.0/22; 45.124.68.0/22; 45.126.108.0/22; 58.16.0.0/16; 58.17.0.0/17; 58.17.128.0/17; 58.18.0.0/16; 58.19.0.0/16; 58.20.0.0/16; 58.21.0.0/16; 58.22.0.0/15; 58.24.0.0/15; 58.30.0.0/15; 58.144.0.0/16; 58.240.0.0/15; 58.242.0.0/15; 58.244.0.0/15; 58.246.0.0/15; 58.248.0.0/13; 60.0.0.0/13; 60.8.0.0/15; 60.10.0.0/16; 60.11.0.0/16; 60.12.0.0/16; 60.13.0.0/18; 60.13.64.0/18; 60.13.128.0/17; 60.14.0.0/15; 60.16.0.0/13; 60.24.0.0/14; 60.28.0.0/15; 60.30.0.0/16; 60.31.0.0/16; 60.63.0.0/16; 60.204.0.0/16; 60.208.0.0/13; 60.216.0.0/15; 60.218.0.0/15; 60.220.0.0/14; 60.253.128.0/17; 60.255.0.0/16; 61.28.0.0/20; 61.28.16.0/20; 61.28.32.0/19; 61.28.64.0/18; 61.45.128.0/18; 61.48.0.0/14; 61.52.0.0/15; 61.54.0.0/16; 61.55.0.0/16; 61.133.0.0/17; 61.134.96.0/19; 61.134.128.0/18; 61.134.192.0/18; 61.135.0.0/16; 61.136.0.0/18; 61.136.64.0/18; 61.137.128.0/17; 61.138.0.0/18; 61.138.64.0/18; 61.138.128.0/18; 61.139.128.0/18; 61.148.0.0/15; 61.156.0.0/16; 61.158.0.0/17; 61.158.128.0/17; 61.159.0.0/18; 61.161.0.0/18; 61.161.128.0/17; 61.162.0.0/16; 61.163.0.0/16; 61.167.0.0/16; 61.168.0.0/16; 61.176.0.0/16; 61.179.0.0/16; 61.180.128.0/17; 61.181.0.0/16; 61.182.0.0/16; 61.189.0.0/17; 61.240.0.0/14; 101.16.0.0/12; 101.64.0.0/13; 101.72.0.0/14; 101.204.0.0/14; 101.232.0.0/15; 103.3.96.0/22; 103.3.100.0/22; 103.3.104.0/22; 103.3.108.0/22; 103.3.112.0/22; 103.3.116.0/22; 103.3.120.0/22; 103.3.124.0/22; 103.3.132.0/22; 103.3.136.0/22; 103.3.140.0/22; 103.3.148.0/22; 103.3.152.0/22; 103.3.156.0/22; 103.5.56.0/22; 103.5.252.0/22; 103.7.212.0/22; 103.9.248.0/22; 103.14.84.0/22; 103.18.224.0/22; 103.22.188.0/22; 103.25.40.0/22; 103.27.4.0/22; 103.27.240.0/22; 103.28.204.0/22; 103.31.200.0/22; 103.36.208.0/22; 103.37.44.0/22; 103.37.100.0/22; 103.38.32.0/22; 103.38.40.0/22; 103.39.88.0/22; 103.40.192.0/22; 103.40.212.0/22; 103.43.192.0/22; 103.45.168.0/22; 103.45.224.0/22; 103.52.96.0/22; 103.52.100.0/22; 103.52.176.0/22; 103.53.204.0/22; 103.55.172.0/22; 103.55.228.0/22; 103.56.60.0/22; 103.57.196.0/22; 103.61.176.0/22; 103.192.132.0/22; 103.192.188.0/22; 103.203.140.0/22; 103.227.120.0/22; 103.229.148.0/22; 103.229.212.0/22; 103.230.196.0/22; 103.230.236.0/22; 103.233.228.0/22; 103.234.244.0/22; 103.236.240.0/22; 103.238.28.0/22; 103.238.32.0/22; 103.238.144.0/22; 103.239.244.0/22; 103.240.36.0/22; 103.240.72.0/22; 103.240.84.0/22; 103.240.124.0/22; 103.240.172.0/22; 103.246.8.0/22; 103.246.152.0/22; 103.248.100.0/22; 103.250.32.0/22; 103.250.104.0/22; 103.250.124.0/22; 103.250.180.0/22; 103.250.192.0/22; 103.250.216.0/22; 103.250.248.0/22; 103.251.32.0/22; 103.251.96.0/22; 103.251.124.0/22; 103.251.160.0/22; 103.251.240.0/22; 103.255.200.0/22; 110.6.0.0/15; 110.16.0.0/14; 110.52.0.0/15; 110.72.0.0/15; 110.228.0.0/14; 110.232.32.0/19; 110.236.0.0/15; 110.240.0.0/12; 111.85.0.0/16; 111.160.0.0/13; 111.192.0.0/12; 111.228.0.0/14; 112.64.0.0/15; 112.80.0.0/13; 112.88.0.0/13; 112.96.0.0/15; 112.109.128.0/17; 112.111.0.0/16; 112.122.0.0/15; 112.132.0.0/16; 112.192.0.0/14; 112.224.0.0/11; 113.0.0.0/13; 113.8.0.0/15; 113.18.0.0/16; 113.56.0.0/15; 113.58.0.0/16; 113.59.0.0/17; 113.194.0.0/15; 113.200.0.0/15; 113.204.0.0/14; 113.213.0.0/17; 113.224.0.0/12; 114.54.0.0/15; 114.60.0.0/14; 114.118.0.0/16; 114.119.0.0/17; 114.240.0.0/12; 115.46.0.0/16; 115.48.0.0/12; 115.85.192.0/18; 115.172.0.0/14; 116.2.0.0/15; 116.60.0.0/14; 116.70.0.0/17; 116.95.0.0/16; 116.112.0.0/14; 116.116.0.0/15; 116.194.0.0/15; 116.199.0.0/17; 116.199.128.0/19; 116.214.32.0/19; 116.216.0.0/14; 116.242.0.0/15; 116.244.0.0/15; 116.254.128.0/17; 116.255.128.0/17; 117.8.0.0/13; 117.74.64.0/20; 117.75.0.0/16; 117.76.0.0/14; 117.100.0.0/15; 117.120.64.0/18; 117.121.128.0/18; 118.72.0.0/13; 118.80.0.0/15; 118.88.32.0/19; 118.88.64.0/18; 118.88.128.0/17; 118.102.16.0/20; 118.132.0.0/14; 118.144.0.0/14; 118.191.0.0/16; 118.192.0.0/16; 118.193.0.0/20; 118.212.0.0/16; 118.224.0.0/14; 118.244.0.0/14; 119.4.0.0/14; 119.27.64.0/18; 119.32.0.0/14; 119.36.0.0/16; 119.37.0.0/17; 119.37.128.0/18; 119.38.0.0/17; 119.39.0.0/16; 119.40.0.0/18; 119.40.128.0/17; 119.42.0.0/19; 119.42.224.0/19; 119.44.0.0/15; 119.48.0.0/13; 119.59.128.0/17; 119.62.0.0/16; 119.108.0.0/15; 119.112.0.0/13; 119.148.160.0/20; 119.162.0.0/15; 119.164.0.0/14; 119.176.0.0/12; 119.232.0.0/15; 119.248.0.0/14; 119.252.240.0/20; 120.0.0.0/12; 120.64.0.0/14; 120.80.0.0/13; 120.128.0.0/14; 120.132.0.0/17; 121.16.0.0/13; 121.24.0.0/14; 121.28.0.0/15; 121.30.0.0/16; 121.31.0.0/16; 121.52.224.0/19; 121.55.0.0/18; 121.68.0.0/14; 121.76.0.0/15; 121.89.0.0/16; 121.100.128.0/17; 121.201.0.0/16; 122.13.0.0/16; 122.96.0.0/15; 122.102.64.0/20; 122.136.0.0/13; 122.156.0.0/14; 122.188.0.0/14; 122.192.0.0/14; 123.4.0.0/14; 123.8.0.0/13; 123.98.0.0/17; 123.100.0.0/19; 123.112.0.0/12; 123.128.0.0/13; 123.138.0.0/15; 123.144.0.0/14; 123.148.0.0/16; 123.152.0.0/13; 123.176.80.0/20; 123.188.0.0/14; 123.196.0.0/15; 123.232.0.0/14; 123.253.0.0/16; 124.6.64.0/18; 124.20.0.0/16; 124.21.0.0/20; 124.21.16.0/20; 124.21.32.0/19; 124.21.64.0/18; 124.21.128.0/17; 124.42.0.0/17; 124.42.128.0/17; 124.64.0.0/15; 124.66.0.0/17; 124.67.0.0/16; 124.68.0.0/14; 124.88.0.0/16; 124.89.0.0/17; 124.89.128.0/17; 124.90.0.0/15; 124.92.0.0/14; 124.128.0.0/13; 124.152.0.0/16; 124.160.0.0/16; 124.161.0.0/16; 124.162.0.0/16; 124.163.0.0/16; 124.164.0.0/14; 124.172.0.0/15; 124.240.128.0/18; 124.248.0.0/17; 125.32.0.0/16; 125.33.0.0/16; 125.34.0.0/16; 125.35.0.0/17; 125.35.128.0/17; 125.36.0.0/14; 125.40.0.0/13; 125.211.0.0/16; 139.9.0.0/16; 139.170.0.0/16; 139.208.0.0/13; 139.226.0.0/15; 140.206.0.0/15; 150.129.136.0/22; 150.242.152.0/22; 150.255.0.0/16; 153.0.0.0/16; 153.3.0.0/16; 153.34.0.0/15; 153.36.0.0/15; 153.99.0.0/16; 153.101.0.0/16; 157.0.0.0/16; 157.18.0.0/16; 157.61.0.0/16; 157.122.0.0/16; 157.148.0.0/16; 157.156.0.0/16; 157.255.0.0/16; 163.0.0.0/16; 163.53.48.0/22; 163.53.52.0/22; 163.125.0.0/16; 163.142.0.0/16; 163.177.0.0/16; 163.179.0.0/16; 163.204.0.0/16; 171.34.0.0/15; 171.36.0.0/14; 171.116.0.0/14; 171.120.0.0/13; 175.16.0.0/13; 175.42.0.0/15; 175.44.0.0/16; 175.106.128.0/17; 175.146.0.0/15; 175.148.0.0/14; 175.152.0.0/14; 175.160.0.0/12; 175.184.128.0/18; 180.77.0.0/16; 180.95.128.0/17; 180.129.128.0/17; 180.130.0.0/16; 180.189.148.0/22; 180.223.0.0/16; 182.54.0.0/17; 182.88.0.0/14; 182.112.0.0/12; 182.236.128.0/17; 183.92.0.0/14; 183.184.0.0/13; 202.74.8.0/21; 202.75.208.0/20; 202.92.0.0/22; 202.96.0.0/18; 202.96.64.0/21; 202.96.72.0/21; 202.96.80.0/20; 202.97.128.0/18; 202.97.192.0/19; 202.97.224.0/21; 202.97.232.0/21; 202.97.240.0/20; 202.98.0.0/21; 202.98.8.0/21; 202.98.16.0/20; 202.99.0.0/18; 202.99.64.0/19; 202.99.96.0/21; 202.99.104.0/21; 202.99.112.0/20; 202.99.128.0/19; 202.99.160.0/21; 202.99.168.0/21; 202.99.176.0/20; 202.99.192.0/21; 202.99.200.0/21; 202.99.208.0/20; 202.99.224.0/21; 202.99.232.0/21; 202.99.240.0/20; 202.101.128.0/18; 202.102.128.0/21; 202.102.136.0/21; 202.102.144.0/20; 202.102.160.0/19; 202.102.224.0/21; 202.102.232.0/21; 202.102.240.0/20; 202.106.0.0/16; 202.107.0.0/17; 202.108.0.0/16; 202.110.0.0/18; 202.110.64.0/18; 202.110.192.0/18; 202.111.128.0/19; 202.111.160.0/19; 202.115.32.0/19; 202.115.64.0/18; 202.122.128.0/24; 202.127.112.0/20; 202.127.209.0/24; 202.130.224.0/19; 202.170.128.0/19; 203.93.8.0/24; 203.93.9.0/24; 203.93.10.0/23; 203.93.12.0/22; 203.93.64.0/18; 203.93.136.0/22; 203.93.140.0/24; 203.93.192.0/18; 203.135.96.0/20; 203.135.112.0/20; 203.135.160.0/20; 203.166.160.0/19; 203.223.0.0/20; 210.5.128.0/20; 210.13.0.0/18; 210.13.64.0/18; 210.13.128.0/17; 210.14.160.0/19; 210.14.192.0/19; 210.14.224.0/19; 210.15.32.0/19; 210.15.96.0/19; 210.15.128.0/18; 210.21.0.0/17; 210.21.128.0/17; 210.22.0.0/16; 210.51.0.0/16; 210.52.0.0/18; 210.52.64.0/18; 210.52.128.0/17; 210.53.0.0/17; 210.53.128.0/17; 210.56.192.0/19; 210.72.160.0/19; 210.74.64.0/19; 210.74.96.0/19; 210.74.128.0/19; 210.78.0.0/19; 210.78.160.0/19; 210.78.192.0/18; 210.79.64.0/18; 210.82.0.0/15; 211.90.0.0/15; 211.92.0.0/15; 211.94.0.0/15; 211.96.0.0/15; 211.101.64.0/18; 211.144.0.0/15; 218.7.0.0/16; 218.8.0.0/15; 218.10.0.0/16; 218.11.0.0/16; 218.12.0.0/16; 218.21.128.0/17; 218.24.0.0/15; 218.26.0.0/16; 218.27.0.0/16; 218.28.0.0/15; 218.56.0.0/14; 218.60.0.0/15; 218.62.0.0/17; 218.67.128.0/17; 218.68.0.0/15; 218.104.0.0/17; 218.104.128.0/19; 218.104.160.0/19; 218.104.192.0/21; 218.104.200.0/21; 218.104.208.0/20; 218.104.224.0/19; 218.105.0.0/16; 218.106.0.0/15; 219.154.0.0/15; 219.156.0.0/15; 219.158.0.0/17; 219.158.128.0/17; 219.159.0.0/18; 219.232.0.0/14; 220.152.128.0/17; 220.192.0.0/15; 220.194.0.0/15; 220.196.0.0/14; 220.200.0.0/13; 220.231.0.0/18; 220.234.0.0/16; 220.248.0.0/14; 220.252.0.0/16; 221.0.0.0/15; 221.2.0.0/16; 221.3.0.0/17; 221.3.128.0/17; 221.4.0.0/16; 221.5.0.0/17; 221.5.128.0/17; 221.6.0.0/16; 221.7.0.0/19; 221.7.32.0/19; 221.7.64.0/19; 221.7.96.0/19; 221.7.128.0/17; 221.8.0.0/15; 221.10.0.0/16; 221.11.0.0/17; 221.11.128.0/18; 221.11.192.0/19; 221.11.224.0/19; 221.12.0.0/17; 221.12.128.0/18; 221.13.0.0/18; 221.13.64.0/19; 221.13.96.0/19; 221.13.128.0/17; 221.14.0.0/15; 221.137.0.0/16; 221.192.0.0/15; 221.194.0.0/16; 221.195.0.0/16; 221.196.0.0/15; 221.198.0.0/16; 221.199.0.0/19; 221.199.32.0/20; 221.199.48.0/20; 221.199.64.0/18; 221.199.128.0/18; 221.199.192.0/20; 221.199.224.0/19; 221.200.0.0/14; 221.204.0.0/15; 221.206.0.0/16; 221.207.0.0/18; 221.207.64.0/18; 221.207.128.0/17; 221.208.0.0/14; 221.212.0.0/16; 221.213.0.0/16; 221.214.0.0/15; 221.216.0.0/13; 222.128.0.0/14; 222.132.0.0/14; 222.136.0.0/13; 222.160.0.0/15; 222.162.0.0/16; 222.163.0.0/19; 222.163.32.0/19; 222.163.64.0/18; 222.163.128.0/17; 223.27.184.0/22; 223.166.0.0/15; }; cat cmcc.txt acl cmcc{ 36.128.0.0/10; 39.128.0.0/10; 43.251.244.0/22; 45.121.172.0/22; 45.121.176.0/22; 103.20.112.0/22; 103.21.176.0/22; 103.62.24.0/22; 111.0.0.0/10; 112.0.0.0/10; 117.128.0.0/10; 120.192.0.0/10; 183.192.0.0/10; 211.103.0.0/17; 211.136.0.0/14; 211.140.0.0/15; 211.142.0.0/17; 211.142.128.0/17; 211.143.0.0/16; 218.200.0.0/14; 218.204.0.0/15; 218.206.0.0/15; 221.130.0.0/15; 221.176.0.0/13; 223.64.0.0/11; 223.96.0.0/12; 223.112.0.0/14; 223.116.0.0/15; 223.120.0.0/13; 192.168.137.0/24; }; cat edu.txt acl edu{ 1.51.0.0/16; 1.184.0.0/15; 42.244.0.0/14; 49.52.0.0/14; 49.120.0.0/14; 49.140.0.0/15; 49.208.0.0/15; 58.154.0.0/15; 58.192.0.0/15; 58.194.0.0/15; 58.196.0.0/15; 58.198.0.0/15; 58.200.0.0/13; 59.64.0.0/14; 59.68.0.0/14; 59.72.0.0/15; 59.74.0.0/15; 59.76.0.0/16; 59.77.0.0/16; 59.78.0.0/15; 101.4.0.0/14; 101.76.0.0/15; 110.64.0.0/15; 111.114.0.0/15; 111.116.0.0/15; 111.186.0.0/15; 113.54.0.0/15; 114.212.0.0/15; 114.214.0.0/16; 115.24.0.0/14; 115.154.0.0/15; 115.156.0.0/15; 115.158.0.0/16; 116.13.0.0/16; 116.56.0.0/15; 118.202.0.0/15; 118.228.0.0/15; 118.230.0.0/16; 120.94.0.0/16; 120.95.0.0/16; 121.48.0.0/15; 121.52.160.0/19; 121.192.0.0/16; 121.193.0.0/16; 121.194.0.0/15; 121.248.0.0/14; 122.204.0.0/14; 125.216.0.0/15; 125.218.0.0/16; 125.219.0.0/16; 125.220.0.0/15; 125.222.0.0/15; 175.185.0.0/16; 175.186.0.0/15; 180.84.0.0/15; 180.201.0.0/16; 180.208.0.0/15; 183.168.0.0/15; 183.170.0.0/16; 183.172.0.0/14; 192.124.154.0/24; 202.4.128.0/19; 202.38.2.0/23; 202.38.64.0/19; 202.38.96.0/19; 202.38.140.0/23; 202.38.184.0/21; 202.38.192.0/18; 202.112.0.0/16; 202.113.0.0/20; 202.113.16.0/20; 202.113.32.0/19; 202.113.64.0/18; 202.113.128.0/18; 202.113.192.0/19; 202.113.224.0/20; 202.113.240.0/20; 202.114.0.0/19; 202.114.32.0/19; 202.114.64.0/18; 202.114.128.0/17; 202.115.0.0/19; 202.115.128.0/17; 202.116.0.0/19; 202.116.32.0/20; 202.116.48.0/20; 202.116.64.0/19; 202.116.96.0/19; 202.116.128.0/17; 202.117.0.0/18; 202.117.64.0/18; 202.117.128.0/17; 202.118.0.0/19; 202.118.32.0/19; 202.118.64.0/18; 202.118.128.0/17; 202.119.0.0/19; 202.119.32.0/19; 202.119.64.0/20; 202.119.80.0/20; 202.119.96.0/19; 202.119.128.0/17; 202.120.0.0/18; 202.120.64.0/18; 202.120.128.0/17; 202.121.0.0/16; 202.127.216.0/21; 202.127.224.0/19; 202.179.240.0/20; 202.192.0.0/13; 202.200.0.0/14; 202.204.0.0/14; 203.91.120.0/21; 210.25.0.0/16; 210.26.0.0/15; 210.28.0.0/14; 210.32.0.0/14; 210.36.0.0/14; 210.40.0.0/13; 211.64.0.0/14; 211.68.0.0/15; 211.70.0.0/15; 211.80.0.0/16; 211.81.0.0/16; 211.82.0.0/16; 211.83.0.0/16; 211.84.0.0/15; 211.86.0.0/15; 218.192.0.0/16; 218.193.0.0/16; 218.194.0.0/16; 218.195.0.0/16; 218.196.0.0/14; 219.216.0.0/15; 219.218.0.0/15; 219.220.0.0/16; 219.221.0.0/16; 219.222.0.0/15; 219.224.0.0/15; 219.226.0.0/16; 219.227.0.0/16; 219.228.0.0/15; 219.230.0.0/15; 219.242.0.0/15; 219.244.0.0/14; 222.16.0.0/15; 222.18.0.0/15; 222.20.0.0/15; 222.22.0.0/16; 222.23.0.0/16; 222.24.0.0/15; 222.26.0.0/15; 222.28.0.0/14; 222.192.0.0/14; 222.196.0.0/15; 222.198.0.0/16; 222.199.0.0/16; 222.200.0.0/14; 222.204.0.0/15; 222.206.0.0/15; 223.2.0.0/15; 223.128.0.0/15; }; cat tietong.txt acl tietong{ 36.192.0.0/11; 43.247.240.0/22; 61.232.0.0/14; 61.236.0.0/15; 101.144.0.0/12; 103.3.128.0/22; 110.96.0.0/11; 110.192.0.0/11; 115.180.0.0/14; 118.204.0.0/14; 120.90.0.0/15; 122.64.0.0/11; 123.64.0.0/11; 211.98.0.0/16; 221.172.0.0/14; 222.32.0.0/11; };
DLZ相關數據庫表結構建立
mysql>create database dns_view; //創建數據庫名爲dns_view與view中的dbname對應 mysql>use dns_view; CREATE TABLE `dnstb` ( `id` int(10) unsigned NOT NULL auto_increment, `zone` varchar(255) NOT NULL, `host` varchar(255) NOT NULL default '@', `type` enum('MX','CNAME','NS','SOA','A','PTR') NOT NULL, `data` varchar(255) default NULL, `ttl` int(11) NOT NULL default '600', `view` char(20) default 'OP', `mx_priority` int(11) default NULL, `refresh` int(11) NOT NULL default '600', `retry` int(11) NOT NULL default '3600', `expire` int(11) NOT NULL default '86400', `minimum` int(11) NOT NULL default '3600', `serial` bigint(20) NOT NULL default '2011061200', `resp_person` varchar(64) NOT NULL default 'root.gov.com.', `primary_ns` varchar(64) NOT NULL default 'ns1.gov.com.', `data_count` int(11) NOT NULL default '0', PRIMARY KEY (`id`), KEY `type` (`type`), KEY `host` (`host`), KEY `zone` (`zone`) ) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=gbk;
配置Bind-View-DLZ-MYSQL:
1、配置view.conf
cat /usr/local/bind/etc/view.conf view "CMCC_view" { match-clients { key cmcc;dns-ip-list;CMCC;}; allow-query-cache { none; }; allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 } {select zone from dnstb where zone = '$zone$' and view = 'CMCC' limit 1 } {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dnstb where zone = '$zone$' and host = '$record$' and (view = 'CMCC' or view = 'OP')} {} {select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire, minimum from dnstb where zone = '$zone$' and view='CMCC'} {select zone from xfr_table where zone = '$zone$' and client = '$client$' and view='CMCC' limit 1} {update data_count set count = count + 1 where zone ='$zone$' and view='CMCC'}"; }; }; view "CNC_view" { match-clients { key cnc;dns-ip-list;CNC;}; allow-query-cache { none; }; allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 } {select zone from dnstb where zone = '$zone$' and view = 'CNC' limit 1 } {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dnstb where zone = '$zone$' and host = '$record$' and (view = 'CNC' or view = 'OP')} {} {select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire, minimum from dnstb where zone = '$zone$' and view='CNC'} {select zone from xfr_table where zone = '$zone$' and client = '$client$' and view='CNC' limit 1} {update data_count set count = count + 1 where zone ='$zone$' and view='CNC'}"; }; }; view "EDU_view" { match-clients { key edu;dns-ip-list;EDU;}; allow-query-cache { none; }; allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 } {select zone from dnstb where zone = '$zone$' and view = 'EDU' limit 1 } {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dnstb where zone = '$zone$' and host = '$record$' and (view = 'EDU' or view = 'OP')} {} {select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire, minimum from dnstb where zone = '$zone$' and view='EDU'} {select zone from xfr_table where zone = '$zone$' and client = '$client$' and view='EDU' limit 1} {update data_count set count = count + 1 where zone ='$zone$' and view='EDU'}"; }; }; view "TIETONG_view" { match-clients { key tietong;dns-ip-list;TIETONG;}; allow-query-cache { none; }; allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 } {select zone from dnstb where zone = '$zone$' and view = 'TIETONG' limit 1 } {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dnstb where zone = '$zone$' and host = '$record$' and (view = 'TIETONG' or view = 'OP')} {} {select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire, minimum from dnstb where zone = '$zone$' and view='TIETONG'} {select zone from xfr_table where zone = '$zone$' and client = '$client$' and view='TIETONG' limit 1} {update data_count set count = count + 1 where zone ='$zone$' and view='TIETONG'}"; }; }; view "CT_view" { match-clients { key ct;dns-ip-list;CT;}; allow-query-cache { none; }; allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 } {select zone from dnstb where zone = '$zone$' and view = 'CT' limit 1 } {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dnstb where zone = '$zone$' and host = '$record$' and (view = 'CT' or view = 'OP')} {} {select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire, minimum from dnstb where zone = '$zone$' and view='CT'} {select zone from xfr_table where zone = '$zone$' and client = '$client$' and view='CT' limit 1} {update data_count set count = count + 1 where zone ='$zone$' and view='CT'}"; }; }; view "any_view" { match-clients { key any;dns-ip-list;ANY;}; allow-query-cache { none; }; allow-recursion { none; }; allow-transfer { none; }; recursion no; dlz "Mysql zone" { database "mysql {host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 } {select zone from dnstb where zone = '$zone$' and view = 'ANY' limit 1 } {select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial, refresh, retry, expire, minimum) else data end as mydata from dnstb where zone = '$zone$' and host = '$record$' and (view = 'ANY' or view='OP')} {} {select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"', data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire, minimum from dnstb where zone = '$zone$' and view='ANY'} {select zone from xfr_table where zone = '$zone$' and client = '$client$' and view='ANY' limit 1} {update data_count set count = count + 1 where zone ='$zone$' and view='ANY'}"; }; };
啓動bind服務
/usr/local/bind/sbin/named -uroot -g -d 9
調試狀態,如果沒有報錯說明環境配置正確。做成啓動服務. Debug的時候多用此模式啓動bind. ,如果沒問題,殺掉進程使用下面的命令啓動服務
重載named.conf相關配置文件.
/usr/local/bind/sbin/rndc reload
啓動bind 服務.
/usr/local/bind/sbin/named -4 -uroot -c /usr/local/bind/etc/named.conf
添加相關記錄並進行測試
–SOA
INSERT INTO `dnstb` (`zone`, `host`, `type`, `data`, `ttl`,`mx_priority`, `refresh`, `retry`, `expire`, `minimum`, `serial`, `resp_person`, `primary_ns`, `data_count`) VALUES ('gov.com', '@', 'SOA', 'ns1.gov.com.', 10, NULL, 600, 3600, 86400, 10, 2011061200, 'root.gov.com.', 'ns1.gov.com.', 0);
–@ NS
INSERT INTO `dnstb` (`zone`, `host`, `type`, `data`) VALUES ('gov.com', '@', 'NS', 'ns1.gov.com.'), ('gov.com', '@', 'NS', 'ns2.gov.com.');
–NS A
INSERT INTO `dnstb` (`zone`, `host`, `type`, `data`) VALUES ('gov.com', 'ns1', 'A', '192.168.137.2'), ('gov.com', 'ns2', 'A', '192.168.137.3');
–A
INSERT INTO `dnstb` (`zone`, `host`, `type`, `data`, `ttl`, `view`) VALUES ('gov.com', 'www', 'A', '192.168.1.51', 360, 'CNC'), ('gov.com', 'www', 'A', '192.168.1.52', 360, 'CT'), ('gov.com', 'www', 'A', '192.168.1.53', 360, 'CMCC'), ('gov.com', 'www', 'A', '192.168.1.54', 360, 'EDU'), ('gov.com', 'www', 'A', '192.168.1.55', 360, 'TIETONG'), ('gov.com', 'www', 'A', '192.168.1.56', 360, 'ANY'),
–CNAME
INSERT INTO dnstb (zone,host,type,DATA,view) VALUES ('gov.com', 'bbs', 'CNAME', 'www','OP');
測試。試着換客戶ip 來解析就能解析出不同的地址
通過dig www.gov.com @127.0.0.1 測試
六、配置從DNS:
1、安裝mysql(略)
2、安裝bind配置和主的一樣,可以通過rsync同步過來。
3、Mysql主從複製:
1)Master 配置
創建同步用戶
mysql -u root mysql>UNLOCK TABLES; mysql>GRANT ALL PRIVILEGES ON *. TO 'root'@'%' IDENTIFIED BY '123456' WITH GRANT OPTION; mysql>exit
修改配置文件,並打包var文件到Slave 端
vim /etc/my.cnf [mysqld] 在mysqld 裏添加如下幾項 long_query_time = 5 expire_logs_days= 3 binlog-do-db=dns_view ==>要同步的數據庫 binlog-ignore-db=mysql ==>不同步的數據庫 binlog_format=mixed server-id = 160 ==>同一個網絡唯一
重啓mysql
2)Slave配置:
將my.cnf 中的server-id=1 改成161
#log-bin=mysql-bin //註釋掉這兩行。
#binlog_format=mixed //修改成如下內容
server-id = 161 replicate-do-db=dns_view replicate-ignore-db=mysql log-slave-updates slave-skip-errors=all slave-net-timeout=60
重啓mysql
mysql -u root mysql>CHANGE MASTER TO MASTER_HOST='192.168.137.2', //Master IP MASTER_USER='root', //用戶 MASTER_PASSWORD='123456', //密碼 MASTER_LOG_FILE='mysql-bin.000002', MASTER_LOG_POS=2272;
以上兩行必須按照Master 端的master 狀態寫show master status;
3)驗證:
dig @192.168.137.2 www.gov.com dig @192.168.137.3 www.gov.com
在Master端修改A記錄的IP地址,看從是否有變化,如果變化一致說明mysql主從複製成功。
七、根據職能DNS可以輕鬆實現企業DNS功能,同時還可以結合Squid,Nginx,Varnish打造CDN架構