1 from typing import List, Optional
3 from nsconfig.core import Nsc, NscZonePrimary
4 from nsconfig.util import IPNetwork, parse_network
6 # Networks which should have blackhole reverse zones as recommended by RFC 6303
8 '0.0.0.0/8', # IPv4 reserved
9 '10.0.0.0/8', # IPv4 private
10 '169.254.0.0/16', # IPv4 link-local
11 '192.0.2.0/24', # IPv4 test
12 '192.168.0.0/16', # IPv4 private
13 '198.51.100.0/24', # IPv4 test
14 '203.0.113.0/24', # IPv4 test
15 '255.255.255.255/32', # IPv4 broadcast
16 '::0/128', # IPv6 unspecified
17 '2001:0db8::/32', # IPv6 example
18 'fd00::/8', # IPv6 unique local
19 'fe80::/12', # IPv6 link-local
23 ] + [f'172.{i}.0.0/16' for i in range(16, 32)] # IPv4 private
26 def generate_localhost(nsc) -> None:
27 z = nsc.add_zone('localhost')
29 .NS(z.config.origin_server)
30 .A('127.0.0.1', '::1'))
32 r4 = nsc.add_zone(reverse_for='127.0.0.0/8')
33 r4[""].NS(z.config.origin_server)
35 r6 = nsc.add_zone(reverse_for='::1/128')
36 r6[""].NS(z.config.origin_server)
39 def generate_blackhole(nsc: Nsc,
40 use_zone: Optional[NscZonePrimary] = None,
41 skip_networks: List[IPNetwork] = [],
44 use_zone = nsc.add_zone('invalid')
45 assert isinstance(use_zone, NscZonePrimary)
46 for raw_net in BLACKHOLE_NETWORKS:
47 net = parse_network(raw_net)
48 if net not in skip_networks:
49 z = nsc.add_zone(reverse_for=net, alias_for=use_zone)