These should be stubs and overlay the internal zones that
unbound comes with.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Fixes: #11625
;;
esac
- echo "forward-zone:"
- echo " name: ${zone}"
- echo " forward-addr: ${server}"
- echo
+ # Reverse-lookup zones must be stubs
+ case "${zone}" in
+ *.in-addr.arpa)
+ echo "stub-zone:"
+ echo " name: ${zone}."
+ echo " stub-addr: ${server}"
+ echo
+ echo "server:"
+ echo " local-zone: \"${zone}.\" transparent"
+ echo
+ ;;
+ *)
+ echo "forward-zone:"
+ echo " name: ${zone}."
+ echo " forward-addr: ${server}"
+ echo
+ ;;
+ esac
done < /var/ipfire/dnsforward/config
if [ -n "${insecure_zones}" ]; then