Bind-GeoIP实现智能解析
bind dig 补丁下载地址: http://wilmer.gaa.st/edns-client-subnet/
bind GeoIP 补丁下载地址:https://code.google.com/p/bind-geoip/
geoip-c-api 下载地址:https://github.com/maxmind/geoip-api-c/releases
步骤(终端下执行):
1.下载与bind对应版本 dig和Geoip补丁
2.下载geoip-c-api
3.编译安装 geoip-c-api
>./configure –prefix=/usr/local/geoip/
>make && make install
>echo "/usr/local/geoip/lib/" >> /etc/ld.so.conf
>ldconfig
4.对bind源码打补丁
patch -p0 -b < geoip-1.4.patch
patch -p0 -b < dig.patch
autoconf
5.编译安装
>CFLAGS="-I/usr/local/geoip/include" LDFLAGS="-L/usr/local/geoip/lib -lGeoIP" ./configure --prefix=/usr/local/named --with-geoip=/usr/local/geoip/share/GeoIP --with-openssl=no
说明:
--with-geoip=/usr/local/geoip/share/GeoIP 指定 GeoIP.dat 所在路径,若没有指定,bind运行时不会自动加载GeoIP.dat
>make && make install
6.测试
>/usr/local/named/sbin/named -gc /etc/named/named.conf
>/usr/local/named/bin/dig -t @192.168.215.8 www.tuchao.com +client=170.149.100.0/24
配置bind view 匹配不同国家 :geoip_<DBTYPE>DB_<FIELD>_<VALUE>
match-clients { geoip_cityDB_country_US; geoip_cityDB_country_FR; };
# Backwards compatibility for Caraytech/geodns and derived patches:
country_US;
# New syntax
geoip_countryDB_country_US;
geoip_cityDB_city_San_Francisco;
geoip_cityDB_timezone_America|Chicago;
geoip_cityDB_country3_JAP;
geoip_cityDB_regionname_California;
named.conf:example
# Note this will match ANY city named Paris!
view "PARIS" {
match-clients { geoip_cityDB_city_Paris; };
zone "example.com" in {
type master;
file "paris.example.com.dns";
};
};
view "FRANCE" {
match-clients { geoip_cityDB_country_FR; };
zone "example.com" in {
type master;
file "france.example.com.dns";
};
};
view "GERMANY" {
match-clients { geoip_cityDB_country_DE; };
zone "example.com" in {
type master;
file "germany.example.com.dns";
};
};
view "DEFAULT" {
zone "example.com" in {
type master;
file "example.com.dns";
};
};
参考网址:
外文:
https://groups.google.com/d/topic/comp.protocols.dns.bind/AHsPgppNGdw
http://vincent.bernat.im/en/blog/2014-bind-edns0-client-subnet.html
中文:
http://blog.sina.com.cn/s/blog_704836f40101b591.html
http://noops.me/?p=653&utm_source=tuicool
http://bubuko.com/infodetail-188225.html