From ad2fbe8c43e1e857e09fa98abd986d640d3c0259 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sat, 8 Apr 2023 21:06:48 +0300
Subject: [PATCH] Router: Implement recommendations from zonemaster.

Per https://zonemaster.net/en/result/472d8d42df31e2d8, implement _some_
of the recommendations:
- Limit AXFR availability.
- Raise some of the SOA values.
---
 Ansible/roles/router/files/nsd/shore.co.il      | 4 ++--
 Ansible/roles/router/files/nsd/shore.co.il.conf | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Ansible/roles/router/files/nsd/shore.co.il b/Ansible/roles/router/files/nsd/shore.co.il
index ffae98d..35c6b8b 100644
--- a/Ansible/roles/router/files/nsd/shore.co.il
+++ b/Ansible/roles/router/files/nsd/shore.co.il
@@ -2,9 +2,9 @@
 $TTL 1h
 $ORIGIN shore.co.il.
 @               IN      SOA     ns1     hostmaster (
-        2022041003
+        2023040801
+        4h
         1h
-        5m
         4w
         3h )
 
diff --git a/Ansible/roles/router/files/nsd/shore.co.il.conf b/Ansible/roles/router/files/nsd/shore.co.il.conf
index 43a91ca..6269cd8 100644
--- a/Ansible/roles/router/files/nsd/shore.co.il.conf
+++ b/Ansible/roles/router/files/nsd/shore.co.il.conf
@@ -2,4 +2,4 @@ zone:
         name: "shore.co.il"
         zonefile: "shore.co.il"
         notify: 163.172.74.36 NOKEY #ns4.shore.co.il
-        provide-xfr: 0.0.0.0/0 NOKEY
+        provide-xfr: 163.172.74.36/32 NOKEY #ns4.shore.co.il
-- 
GitLab