Lai's Blog: 2025

1. 建立開發機器

qemu-img create -f qcow2 Core15-64-dev-1024.qcow2 1024M

2. 安裝作業系統並設定serial console

qemu-system-x86_64 -hda Core15-64-dev-1024.qcow2 -cdrom CorePure64-15.0.iso -boot d -m 4096

3. 開啟TC

qemu-system-x86_64 -hda Core15-64-dev-1024.qcow2  -m 4096 -accel whpx,kernel-irqchip=off  -serial telnet:localhost:12345

4. 安裝編譯環境

tec-load -wi compiletc openssl-dev wget

copy Core15-64-dev-1024.qcow2 Core15-64-dev-pdns-recursor.qcow2

5A. 建立PowerDNS Recursor開發環境機器

qemu-system-x86_64 -hda Core15-64-dev-pdns-recursor.qcow2 -m 4096 -accel whpx,kernel-irqchip=off -serial telnet:localhost:12345,server,nowait

6A. 下載並安裝Recursor所需編譯環境並進行編譯

tce-load -wi boost-1.65-dev lua-5.4-dev rust

cd /usr/local/include

sudo ln -s lua5.4/* .

cd ~

wget https://downloads.powerdns.com/releases/pdns-recursor-5.2.0.tar.bz2

tar xf pdns-recursor-5.2.0.tar.bz2

cd pdns-recursor-5.2.0

export SSL_CERT_FILE=/usr/local/etc/ssl/certs/ca-certificates.crt

./configure

make

7. 安裝完成編譯程式

sudo make install

8A. 封裝pdns-recursor.tcz

tce-load -wi squashfs-tools

mkdir -p pdns_recursor

cd pdns_recursor

mkdir -p usr/local/sbin usr/local/bin usr/local/etc usr/local/etc/pdns_recursor usr/local/tce.installed

cp /usr/local/sbin/pdns_recursor usr/local/sbin

strip -g usr/local/sbin/*

cp /usr/local/bin/rec_control usr/local/bin

strip -g usr/local/bin/*

cp /usr/local/etc/recursor.yam-dist usr/local/etc

cat > usr/local/etc/pdns_recursor/recursor.yml <<_END_

dnssec:
   validation: off

ecs:
   add_for:
   - '0.0.0.0/0'

incoming:
   allow_from:
   - '0.0.0.0/0'
   listen:
   - '0.0.0.0'
   use_incoming_edns_subnet: true

logging:
   loglevel: 6
   trace: 'yes'

outgoing:
   dont_query:
   - '127.0.0.0/8'
   edns_subnet_allow_list:
   - '0.0.0.0/0'
   source_address:
   - '0.0.0.0'

recursor:
#   hint_file: '/opt/pdns_recursor/root.hint'

_END_

cat > usr/local/etc/pdns_recursor/root.hint <<_END_

; OPERATED BY WIDE
;
.                        3600000      NS    M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
M.ROOT-SERVERS.NET.      3600000      AAAA  2001:dc3::35

_END_

cat > usr/local/tce.installed/pdns_recursor <<_END_

#!/bin/sh
syslogd
sleep 5
mkdir /var/run/pdns-recursor

mkdir /opt/pdns_recursor

cp -n /usr/local/etc/pdns_recursor/* /opt/pdns_recursor
pdns_recursor --daemon=yes --config-dir=/opt/pdns_recursor

_END_

cd ~

cat pdns_recursor.tcz.dep <<_END_

openssl.tcz
boost-1.65.tcz
lua-5.4-lib.tcz
curl.tcz

_END_

sudo chown -R root:root pdns_recursor

sudo chown tc:staff pdns_recursor/usr/local/tce.installed/pdns_recursor

chmod 755 pdns_recursor/usr/local/tce.installed/pdns_server

mksquashfs pdns_recursor pdns_recursor.tcz

md5sum pdns_recursor.tcz > pdns_recursor.tcz.md5.txt

9A. 導出

local:

nc -w 3 server 65001 < pdns_recursor.tcz

remote:

ncat -l 65001 > pdns_recursor.tcz

local:
nc -w 3 server 65001 < pdns_recursor.tcz.dep
remote:
ncat -l 65001 > pdns_recursor.tcz.dep
local:
nc -w 3 server 65001 < pdns_recursor.tcz.md5.txt
remote:
ncat -l 65001 > pdns_recursor.tcz.md5.txt

5B. 建立PowerDNS Server開發環境機器

copy Core15-64-dev-1024.qcow2 Core15-64-dev-pdns-server.qcow2

qemu-system-x86_64 -hda Core15-64-dev-pdns-server.qcow2 -m 4096 -accel whpx,kernel-irqchip=off -serial telnet:localhost:12345,server,nowait

6B. 下載Server編譯所需編譯環境並進行編譯

tce-load -wi boost-1.65-dev lua-5.4-dev rust curl-dev

cd /usr/local/include

sudo ln -s lua5.4/* .

cd ~

wget https://downloads.powerdns.com/releases/pdns-4.9.5.tar.bz2

tar xf pdns-4.9.5.tar.bz2

cd pdns-4.9.5

export SSL_CERT_FILE=/usr/local/etc/ssl/certs/ca-certificates.crt
./configure --with-modules=bind
make
7. 安裝完成編譯程式
sudo make install
8B. 封裝pdns-server.tcz
cd ~
mkdir -p usr/local/bin usr/local/sbin usr/local/etc usr/local/tce.installed /usr/local/lib/pdns usr/local/etc/pdns_server
cp /usr/local/sbin/pdns* usr/local/sbin
cp /usr/local/bin/pdns* usr/local/bin
cp /usr/local/bin/zone* usr/local/bin
cp /usr/local/etc/pdns.conf-dist usr/local/etc
cp /usr/local/lib/pdns/* usr/local/lib/pdns
strip -g usr/local/bin/* usr/local/sbin/*
strip --strip-unneeded usr/local/lib/pdns/lib*.so
cat > usr/local/tce.installed/pdns_server <<_END_
#!/bin/sh
syslogd
sleep 5
mkdir /var/run/pdns
mkdir /opt/pdns_server
cp -n /usr/local/etc/pdns_server/* /opt/pdns_server
pdns_server --daemon=yes --config-dir=/opt/pdns_server
_END_
cat > usr/local/etc/pdns_server/pdns.conf <<_END_
daemon=no
edns-subnet-processing=yes
enable-lua-records=yes
launch=bind
bind-config=/opt/pdns_server/named.conf
local-address=0.0.0.0
log-dns-details=yes
log-dns-queries=yes
loglevel=6
_END_
cat > usr/local/etc/pdns_server/named.conf <<_END_
zone "example.com." {
        type master;
        file "/opt/pdns_server/db.example.com";
};
_END_
cat > usr/local/etc/pdns_server/db.example.com <<_END_
$TTL 60
@       IN      SOA     ns.example.com. host.example.com. (
        2025010101;
        600;
        30;
        60;
        60)
        IN      NS      ns
ns      IN      A       10.1.1.1
www1    IN      A       10.1.1.2
www2    IN      A       10.1.1.2
www     IN      LUA     CNAME   "; if (netmask({'10.1.1.0/24'})) then return 'ww
who     IN      LUA     TXT     "; returnj 'IP=' .. bestwho:toString()"
_END_
cd ~
sudo chown -R root:root pdns_server
sudo chown tc:staff pdns_server/usr/local/tce.installed/pdns_server
sudo chmod 755 pdns_server/usr/local/tce.installed/pdns_server
mksquashfs pdns_server pdns_server.tcz
md5sum pdns_server.tcz > pdns_server.tcz.md5.txt

cat > pdns_server.tcz.dep <<_END_
> openssl.tcz
> lua-5.4-lib.tcz
> curl.tcz
> _END_

9. 導出

local:
nc -w 3 server 65001 < pdns_server.tcz
remote:
ncat -l 65001 > pdns_server.tcz 
local:
nc -w 3 server 65001 < pdns_server.tcz.dep
remote:
ncat -l 65001 > pdns_recursor.tcz.dep
local:
nc -w 3 server 65001 < pdns_server.tcz.md5.txt
remote:
ncat -l 65001 > pdns_server.tcz.md5.txt

Lai's Blog

2025年5月11日星期日

Tiny Core Linux安裝PowerDNS Server/Recursor

2025年4月20日星期日

Mikrotik script to add NAT rules for GNS3

SNMP

網誌存檔

關於我自己