know-how:firewall
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
| Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung | ||
| know-how:firewall [2022/04/13 08:55] – [GeoIP - map-geoip.sh] cc | know-how:firewall [2024/02/26 10:31] (aktuell) – cc | ||
|---|---|---|---|
| Zeile 1: | Zeile 1: | ||
| + | ~~ODT~~ | ||
| FIXME | FIXME | ||
| ====== Features ====== | ====== Features ====== | ||
| Zeile 1139: | Zeile 1140: | ||
| exit 0 | exit 0 | ||
| + | </ | ||
| + | |||
| + | ====== unbound ====== | ||
| + | * Rekursiver DNS Resolver der DNSSEC validiert und auch dns over tls unterstützt | ||
| + | |||
| + | ===== internal dns zone ===== | ||
| + | * zB: wenn intern ein AD Server benutzt wird für interne Domäne | ||
| + | |||
| + | < | ||
| + | server: | ||
| + | .. | ||
| + | .. | ||
| + | #2024-02-11 cc: if pannoniait.intern was used by a e.g. windows ad server | ||
| + | private-domain: | ||
| + | domain-insecure: | ||
| + | .. | ||
| + | .. | ||
| + | |||
| + | #2024-02-11 cc: If pannoniait.intern was used e.g. by windows ad server | ||
| + | forward-zone: | ||
| + | name: pannoniait.intern | ||
| + | | ||
| + | |||
| + | </ | ||
| + | |||
| + | ===== dns over tls ===== | ||
| + | * führt zu massiven DNS Performanceeinbruch FIXME performance + prefetch usw. | ||
| + | < | ||
| + | server: | ||
| + | .. | ||
| + | .. | ||
| + | #2024-02-11 cc: The debian place where the bundle can be found | ||
| + | tls-cert-bundle: | ||
| + | .. | ||
| + | .. | ||
| + | forward-zone: | ||
| + | name: " | ||
| + | forward-addr: | ||
| + | forward-addr: | ||
| + | forward-tls-upstream: | ||
| + | .. | ||
| + | .. | ||
| </ | </ | ||
know-how/firewall.1649832955.txt.gz · Zuletzt geändert: 2022/04/13 08:55 von cc