利用BIND+DLZ+MYSQL构建企业智能DNS

目录:
一、简介
二、服务规划
三、安装BIND及基本环境
四、配置Bind-View-DLZ-MYSQL
五、添加相关记录并进行测试
六、配置从DNS

七、本文以FreeBSD 10.2 stable系统为例

一、简介:
1、智能DNS(Bind-view):
智能DNS 原理很简单:在用户解析一个域名的时候的,判断一下用户使用的IP,然后跟DNS 服务器内
部的IP 表匹配一下,看看用户是电信还是网通用户,然后给用户返回对应的IP 地址。目前的域名服
务运营商不提供智能DNS 服务,所以必须自行架设DNS 服务或者使用网上免费的智能DNS 服务,如
DNSPOD.
2.Bind-DLZ
Bind-DLZ主页:http://bind-dlz.sourceforge.net/
DLZ(Dynamically Loadable Zones)与传统的BIND9不同,BIND的不足之处:
* BIND从文本文件中获取数据,这样容易因为编辑错误出现问题。
* BIND需要将数据加载到内存中,如果域或者记录较多,会消耗大量的内存。
* BIND启动时解析Zone文件,对于一个记录较多的DNS来说,会耽误更多的时间。
* 如果近修改一条记录,那么要重新加载或者重启BIND 才能生效,那么需要时间,可能会影响客户端查询。
而Bind-dlz 即将帮你解决这些问题, 对Zone文件操作也更方便了,直接对数据库操作,可以很方便扩充及开发管理程序。

二、服务规划:
1、nameserver服务器注册(需要到域名服务商那里注册)
主从dns之间实现mysql主从数据库同步:
主DNS:       ns1.gov.com    192.168.1.60
从DNS:        ns2.gov.com    192.168.1.61

网站(联通网通 CNC):    www.gov.com   192.168.1.51
网站(电信 CT):     www.gov.com   192.168.1.52
网站(移动 CMCC):   www.gov.com   192.168.1.53
网站(教育 EDU):    www.gov.com   192.168.1.54
网站(铁通 TIETONG):    www.gov.com   192.168.1.55

网站(其他 ANY):    www.gov.com   192.168.1.56

: 当一个网通用户向本地DNS发www.gov.com的请求时,本地DNS会递归查询,最后把请求发给ns1.gov.com这台DNS服务 器上,ns1.gov.com会根据请求的用户IP所属的范围来择优选择,将www.gov.com在网通的ip返回给本地DNS.

2、Bind-view规划:
网通CNC      cnc.txt
电信CT       ct.txt
移动CMCC     cmcc.txt
教育网EDU    edu.txt

铁通TIETONG  tietong.txt

include "/usr/local/bind/etc/view.conf";(ip库里面没有的IP,属于any区域)
IP库及ACL,如果你有比较详细的按城市或者地域的IP库,在设计BIND-VIEW这个字段的时候,VIEW就可以以城市或地区来命名和规划.

三、安装BIND及基本环境:
1、安装mysql:

pkg install mysql5-server
cp /usr/local/share/mysql/my-medium.cnf /etc/my.cnf
echo 'mysql_enable="YES"' >> /etc/rc.conf
cd /usr/local/etc/rc.d
./mysql-server start //启动MYSQL
 mysqladmin -u root -p password '123456' //修改MYSQL密码

编译安装bind:

wget http://ftp.isc.org/isc/bind9/9.10.3-P2/bind-9.10.3-P2.tar.gz
tar zxvf bind-9.6.0-P1.tar.gz
cd bind-9.6.0-P1
./configure --with-dlz-mysql --enable-largefile --enable-threads=no --prefix=/usr/local/bind --disable-openssl-version-check
make && make install

创建相关配置文件:

cd /usr/local/bind/etc/
../sbin/rndc-confgen >rndc.conf
tail -n10 rndc.conf | head -n9 | sed -e s/#\//g >named.conf

创建 localhost.zone

vi localhost.zone
ttl 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.

创建named.root

cd /usr/local/bind/etc/
wget ftp://ftp.rs.internic.net/domain/named.root

cat named.rot
;       This file holds the information on root name servers needed to
;       initialize cache of Internet domain name servers
;       (e.g. reference this file in the "cache  .  <file>"
;       configuration file of BIND domain name servers).
;
;       This file is made available by InterNIC 
;       under anonymous FTP as
;           file                /domain/named.cache
;           on server           FTP.INTERNIC.NET
;       -OR-                    RS.INTERNIC.NET
;
;       last update:    December 01, 2015
;       related version of root zone:   2015120100
;
; formerly NS.INTERNIC.NET
;
.                        3600000      NS    A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:ba3e::2:30
;
; FORMERLY NS1.ISI.EDU
;
.                        3600000      NS    B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201
B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:84::b
;
; FORMERLY C.PSI.NET
;
.                        3600000      NS    C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
C.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2::c
;
; FORMERLY TERP.UMD.EDU
;
.                        3600000      NS    D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET.      3600000      A     199.7.91.13
D.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2d::d
;
; FORMERLY NS.NASA.GOV
;
.                        3600000      NS    E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
;
; FORMERLY NS.ISC.ORG
;
.                        3600000      NS    F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2f::f
;
; FORMERLY NS.NIC.DDN.MIL
;
.                        3600000      NS    G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
;
; FORMERLY AOS.ARL.ARMY.MIL
;
.                        3600000      NS    H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53
H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53
;
; FORMERLY NIC.NORDU.NET
;
.                        3600000      NS    I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
I.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fe::53
;
; OPERATED BY VERISIGN, INC.
;
.                        3600000      NS    J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
J.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:c27::2:30
;
; OPERATED BY RIPE NCC
;
.                        3600000      NS    K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fd::1
;
; OPERATED BY ICANN
;
.                        3600000      NS    L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET.      3600000      A     199.7.83.42
L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:3::42
;
; OPERATED BY WIDE
;
.                        3600000      NS    M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
M.ROOT-SERVERS.NET.      3600000      AAAA  2001:dc3::35
; End of file

用dnssec-keygen产生加密密钥,一个为public key,另一个为private key

cd /usr/local/bind/sbin
./dnssec-keygen -a hmac-md5 -b 128 -n HOST cnc
./dnssec-keygen -a hmac-md5 -b 128 -n HOST ct
./dnssec-keygen -a hmac-md5 -b 128 -n HOST edu
./dnssec-keygen -a hmac-md5 -b 128 -n HOST cmcc
./dnssec-keygen -a hmac-md5 -b 128 -n HOST tietong
./dnssec-keygen -a hmac-md5 -b 128 -n HOST any

named.conf内容如下:

 key "rndc-key" {
        algorithm hmac-md5;
        secret "D3wcCb9Dti/vZ8v4OUzXVA==";
 };

 controls {
        inet 127.0.0.1 port 953
                allow { 127.0.0.1; } keys { "rndc-key"; };
 };

logging {
        channel query_log {
        file "/var/log/named.log" versions 3 size 20m;
        severity info;
        print-time yes;
        print-category yes;
        print-severity yes;
        };
category queries {
                query_log;
                };
category lame-servers {
                null;
                };
};

options {
        directory "/usr/local/bind/etc";
        pid-file "named.pid";
        allow-query {
                        any;
                        };
#allow-recursion { none; };
recursion no;
listen-on port 53 {
                192.168.137.2;
                127.0.0.1;
                };
#listen-on-v6 port 53 { any;};
};

#TSIG-key
key "cnc" {
algorithm hmac-md5;
secret "zI17BnACwUMcSJCT0POefQ==";};
key "ct" {
algorithm hmac-md5;
secret "zb2zBOKBO9xqMRA6BGsUqA==";};
key "edu" {
algorithm hmac-md5;
secret "H4AzW3qXq2F5wzjWOGjnLg==";};
key "cmcc" {
algorithm hmac-md5;
secret "gzUux9/0x5v6aMu/1Ay6Kg==";};
key "tietong" {
algorithm hmac-md5;
secret "kOM29Ms1BS2qMai2pwtoAQ==";};
key "any" {
algorithm hmac-md5;
secret "lmEhKVBg6HHRSevRgi8Rcw==";};
acl "dns-ip-list"{
192.168.137.2; #master DNS IP
#192.168.137.3; #slave DNS IP
};

include "/usr/local/bind/etc/ip/cnc.txt";
include "/usr/local/bind/etc/ip/ct.txt";
include "/usr/local/bind/etc/ip/cmcc.txt";
include "/usr/local/bind/etc/ip/edu.txt";
include "/usr/local/bind/etc/ip/tietong.txt";
include "/usr/local/bind/etc/view.conf";

配置各个服务商的对应的ACL:

cat ct.txt
acl ct{
1.0.1.0/24;
1.0.2.0/23;
1.0.8.0/21;
1.1.0.0/24;
1.1.2.0/23;
1.1.4.0/22;
1.1.8.0/21;
1.1.16.0/20;
1.1.32.0/19;
1.2.0.0/23;
1.2.5.0/24;
1.2.6.0/23;
1.2.9.0/24;
1.2.10.0/23;
1.2.12.0/22;
1.2.16.0/20;
1.2.32.0/19;
1.2.64.0/18;
1.3.0.0/16;
1.4.1.0/24;
1.4.2.0/23;
1.4.5.0/24;
1.4.8.0/21;
1.4.16.0/20;
1.4.32.0/19;
1.4.64.0/18;
1.10.0.0/21;
1.10.8.0/23;
1.10.11.0/24;
1.10.12.0/22;
1.10.16.0/20;
1.10.32.0/19;
1.10.64.0/18;
1.48.0.0/15;
1.50.0.0/16;
1.68.0.0/14;
1.80.0.0/13;
1.180.0.0/14;
1.192.0.0/13;
1.202.0.0/15;
1.204.0.0/14;
14.0.0.0/21;
14.0.12.0/22;
14.1.0.0/22;
14.16.0.0/12;
14.102.128.0/22;
14.104.0.0/13;
14.112.0.0/12;
14.134.0.0/15;
14.144.0.0/12;
14.156.124.0/24;
14.192.76.0/22;
14.208.0.0/12;
27.16.0.0/12;
27.34.232.0/21;
27.50.40.0/21;
27.54.72.0/21;
27.54.152.0/21;
27.121.72.0/21;
27.121.120.0/21;
27.128.0.0/15;
27.148.0.0/14;
27.152.0.0/13;
27.184.0.0/13;
27.224.0.0/14;
36.0.0.0/22;
36.0.16.0/20;
36.0.32.0/19;
36.1.0.0/16;
36.4.0.0/14;
36.16.0.0/12;
36.37.0.0/19;
36.37.36.0/23;
36.37.39.0/24;
36.37.40.0/21;
36.37.48.0/20;
36.40.0.0/13;
36.48.0.0/15;
36.56.0.0/13;
36.96.0.0/11;
39.0.0.0/24;
39.0.2.0/23;
39.0.4.0/22;
39.0.8.0/21;
39.0.16.0/20;
39.0.32.0/19;
39.0.64.0/18;
39.0.128.0/17;
42.0.0.0/22;
42.0.8.0/21;
42.0.16.0/21;
42.0.24.0/22;
42.0.32.0/19;
42.1.0.0/19;
42.1.32.0/20;
42.1.48.0/21;
42.1.56.0/22;
42.62.128.0/19;
42.62.160.0/20;
42.62.180.0/22;
42.62.184.0/21;
42.80.0.0/15;
42.83.64.0/20;
42.83.80.0/22;
42.83.88.0/21;
42.83.96.0/19;
42.88.0.0/13;
42.96.64.0/19;
42.96.96.0/21;
42.96.108.0/22;
42.96.112.0/20;
42.97.0.0/16;
42.99.0.0/18;
42.99.64.0/19;
42.99.96.0/20;
42.99.112.0/22;
42.99.120.0/21;
42.100.0.0/14;
42.122.0.0/16;
42.123.0.0/19;
42.123.36.0/22;
42.123.40.0/21;
42.123.48.0/20;
42.123.64.0/18;
42.156.0.0/19;
42.156.36.0/22;
42.156.40.0/21;
42.156.48.0/20;
42.156.64.0/18;
42.184.0.0/15;
42.187.0.0/18;
42.187.64.0/19;
42.187.96.0/20;
42.187.112.0/21;
42.187.120.0/22;
42.194.0.0/21;
42.194.8.0/22;
42.194.16.0/20;
42.194.32.0/19;
42.194.64.0/18;
42.202.0.0/15;
42.242.0.0/15;
42.248.0.0/13;
43.242.192.0/22;
43.243.232.0/22;
49.64.0.0/11;
49.112.0.0/13;
49.128.0.0/24;
49.128.2.0/23;
58.32.0.0/13;
58.40.0.0/15;
58.42.0.0/16;
58.43.0.0/16;
58.44.0.0/14;
58.48.0.0/13;
58.56.0.0/15;
58.58.0.0/16;
58.59.0.0/17;
58.59.128.0/17;
58.60.0.0/14;
58.65.232.0/21;
58.208.0.0/12;
59.32.0.0/13;
59.40.0.0/15;
59.42.0.0/16;
59.43.0.0/16;
59.44.0.0/14;
59.48.0.0/16;
59.49.0.0/17;
59.49.128.0/17;
59.50.0.0/16;
59.51.0.0/17;
59.51.128.0/17;
59.52.0.0/14;
59.56.0.0/14;
59.60.0.0/15;
59.62.0.0/15;
59.172.0.0/15;
59.174.0.0/15;
60.160.0.0/15;
60.162.0.0/15;
60.164.0.0/15;
60.166.0.0/15;
60.168.0.0/13;
60.176.0.0/12;
60.235.0.0/16;
61.4.84.0/22;
61.4.88.0/21;
61.45.224.0/20;
61.128.0.0/15;
61.130.0.0/15;
61.132.0.0/16;
61.133.128.0/17;
61.134.0.0/18;
61.134.64.0/19;
61.136.128.0/17;
61.137.0.0/17;
61.138.192.0/18;
61.139.0.0/17;
61.139.192.0/18;
61.140.0.0/14;
61.144.0.0/14;
61.150.0.0/15;
61.152.0.0/16;
61.153.0.0/16;
61.154.0.0/15;
61.157.0.0/16;
61.159.64.0/18;
61.159.128.0/17;
61.160.0.0/16;
61.161.64.0/18;
61.164.0.0/16;
61.165.0.0/16;
61.166.0.0/16;
61.169.0.0/16;
61.170.0.0/15;
61.172.0.0/14;
61.177.0.0/16;
61.178.0.0/16;
61.180.0.0/17;
61.183.0.0/16;
61.184.0.0/14;
61.188.0.0/16;
61.189.128.0/17;
61.190.0.0/15;
101.0.0.0/22;
101.1.0.0/22;
101.2.172.0/22;
101.50.56.0/22;
101.53.100.0/22;
101.55.224.0/21;
101.78.0.0/22;
101.80.0.0/12;
101.96.0.0/21;
101.96.8.0/22;
101.96.16.0/20;
101.99.96.0/19;
101.101.64.0/19;
101.101.100.0/24;
101.101.102.0/23;
101.101.104.0/21;
101.101.112.0/20;
101.102.64.0/19;
101.102.100.0/23;
101.102.102.0/24;
101.102.104.0/21;
101.102.112.0/20;
101.110.64.0/19;
101.110.96.0/20;
101.110.116.0/22;
101.110.120.0/21;
101.128.0.0/22;
101.128.8.0/21;
101.128.16.0/20;
101.128.32.0/19;
101.203.128.0/19;
101.203.160.0/21;
101.203.172.0/22;
101.203.176.0/20;
101.224.0.0/13;
101.234.64.0/21;
101.234.76.0/22;
101.234.80.0/20;
101.234.96.0/19;
101.248.0.0/15;
101.251.0.0/22;
101.251.8.0/21;
101.251.16.0/20;
101.251.32.0/19;
103.12.68.0/22;
103.22.0.0/22;
103.22.4.0/22;
103.22.8.0/22;
103.22.12.0/22;
103.22.16.0/22;
103.22.20.0/22;
103.22.24.0/22;
103.22.28.0/22;
103.22.32.0/22;
103.22.36.0/22;
103.22.40.0/22;
103.22.44.0/22;
103.22.48.0/22;
103.22.52.0/22;
103.22.56.0/22;
103.22.60.0/22;
103.22.64.0/22;
103.22.68.0/22;
103.22.72.0/22;
103.22.76.0/22;
103.22.80.0/22;
103.22.84.0/22;
103.22.88.0/22;
103.22.92.0/22;
103.22.100.0/22;
103.22.104.0/22;
103.22.108.0/22;
103.22.112.0/22;
103.22.116.0/22;
103.22.120.0/22;
103.22.124.0/22;
103.29.128.0/22;
103.38.76.0/22;
103.254.188.0/22;
106.0.0.0/24;
106.0.2.0/23;
106.0.4.0/22;
106.0.8.0/21;
106.0.16.0/20;
106.0.64.0/18;
106.4.0.0/14;
106.8.0.0/15;
106.16.0.0/12;
106.32.0.0/12;
106.56.0.0/13;
106.80.0.0/12;
106.108.0.0/14;
106.112.0.0/13;
106.120.0.0/13;
106.224.0.0/12;
110.76.156.0/22;
110.76.184.0/22;
110.80.0.0/13;
110.88.0.0/14;
110.93.32.0/19;
110.94.0.0/15;
110.152.0.0/14;
110.156.0.0/15;
110.166.0.0/15;
110.173.64.0/19;
110.176.0.0/13;
110.184.0.0/13;
111.72.0.0/13;
111.112.0.0/15;
111.120.0.0/14;
111.124.0.0/16;
111.126.0.0/15;
111.170.0.0/16;
111.172.0.0/14;
111.176.0.0/13;
111.224.0.0/14;
111.235.156.0/22;
112.66.0.0/15;
112.98.0.0/15;
112.100.0.0/14;
112.112.0.0/14;
112.116.0.0/15;
112.137.48.0/21;
113.12.0.0/14;
113.16.0.0/15;
113.24.0.0/14;
113.59.224.0/22;
113.62.0.0/15;
113.64.0.0/11;
113.96.0.0/12;
113.112.0.0/13;
113.120.0.0/13;
113.128.0.0/15;
113.132.0.0/14;
113.136.0.0/13;
113.208.128.0/17;
113.209.0.0/16;
113.212.184.0/21;
113.218.0.0/15;
113.220.0.0/14;
113.240.0.0/13;
113.248.0.0/14;
114.79.64.0/18;
114.80.0.0/12;
114.96.0.0/13;
114.104.0.0/14;
114.135.0.0/16;
114.138.0.0/15;
114.141.64.0/21;
114.198.248.0/21;
114.216.0.0/13;
114.224.0.0/12;
115.69.64.0/20;
115.148.0.0/14;
115.152.0.0/15;
115.166.64.0/19;
115.168.0.0/14;
115.192.0.0/11;
115.224.0.0/12;
116.0.8.0/21;
116.0.24.0/21;
116.1.0.0/16;
116.4.0.0/14;
116.8.0.0/14;
116.16.0.0/12;
116.50.0.0/20;
116.52.0.0/14;
116.192.0.0/16;
116.193.176.0/21;
116.207.0.0/16;
116.208.0.0/14;
116.224.0.0/12;
116.246.0.0/15;
116.248.0.0/15;
116.252.0.0/15;
117.21.0.0/16;
117.22.0.0/15;
117.24.0.0/13;
117.32.0.0/13;
117.40.0.0/14;
117.44.0.0/15;
117.57.0.0/16;
117.60.0.0/14;
117.64.0.0/13;
117.74.80.0/20;
117.80.0.0/12;
117.103.40.0/21;
117.103.72.0/21;
117.104.168.0/21;
117.122.128.0/17;
118.84.0.0/15;
118.102.32.0/21;
118.112.0.0/13;
118.120.0.0/14;
118.124.0.0/15;
118.127.128.0/19;
118.180.0.0/14;
118.184.128.0/17;
118.213.0.0/16;
118.239.0.0/16;
118.248.0.0/13;
119.0.0.0/15;
119.27.128.0/19;
119.41.0.0/16;
119.42.128.0/21;
119.60.0.0/16;
119.82.208.0/20;
119.84.0.0/14;
119.96.0.0/13;
119.120.0.0/13;
119.128.0.0/12;
119.144.0.0/14;
119.148.176.0/20;
119.151.192.0/18;
119.160.200.0/21;
119.252.96.0/21;
120.32.0.0/13;
120.40.0.0/14;
120.68.0.0/14;
120.88.8.0/21;
120.143.128.0/19;
121.0.8.0/21;
121.8.0.0/13;
121.32.0.0/14;
121.50.8.0/21;
121.54.176.0/21;
121.56.0.0/15;
121.58.0.0/17;
121.58.136.0/21;
121.58.160.0/21;
121.59.0.0/16;
121.60.0.0/14;
121.101.0.0/18;
121.200.192.0/21;
121.204.0.0/14;
121.224.0.0/12;
122.4.0.0/14;
122.102.80.0/20;
122.128.120.0/21;
122.224.0.0/12;
122.240.0.0/13;
122.248.24.0/21;
122.255.64.0/21;
123.50.160.0/19;
123.52.0.0/14;
123.96.0.0/15;
123.101.0.0/16;
123.103.0.0/17;
123.149.0.0/16;
123.150.0.0/15;
123.160.0.0/14;
123.164.0.0/14;
123.168.0.0/14;
123.172.0.0/15;
123.174.0.0/15;
123.177.0.0/16;
123.178.0.0/15;
123.180.0.0/14;
123.184.0.0/14;
123.244.0.0/14;
124.31.0.0/16;
124.40.192.0/19;
124.72.0.0/16;
124.73.0.0/16;
124.74.0.0/15;
124.76.0.0/14;
124.109.96.0/21;
124.112.0.0/15;
124.114.0.0/15;
124.116.0.0/16;
124.117.0.0/16;
124.118.0.0/15;
124.224.0.0/16;
124.225.0.0/16;
124.226.0.0/15;
124.228.0.0/14;
124.232.0.0/15;
124.234.0.0/15;
124.236.0.0/14;
125.64.0.0/13;
125.72.0.0/16;
125.73.0.0/16;
125.74.0.0/15;
125.76.0.0/17;
125.76.128.0/17;
125.77.0.0/16;
125.78.0.0/15;
125.80.0.0/13;
125.88.0.0/13;
125.104.0.0/13;
125.112.0.0/12;
125.208.0.0/18;
139.189.0.0/16;
139.200.0.0/13;
140.75.0.0/16;
140.224.0.0/16;
140.237.0.0/16;
140.240.0.0/16;
140.243.0.0/16;
140.246.0.0/16;
140.249.0.0/16;
140.250.0.0/16;
140.255.0.0/16;
144.0.0.0/16;
144.7.0.0/16;
144.12.0.0/16;
144.52.0.0/16;
144.123.0.0/16;
144.255.0.0/16;
150.0.0.0/16;
150.115.0.0/16;
150.121.0.0/16;
150.122.0.0/16;
150.138.0.0/15;
150.223.0.0/16;
153.118.0.0/15;
163.53.220.0/22;
171.8.0.0/13;
171.40.0.0/13;
171.80.0.0/14;
171.88.0.0/13;
171.104.0.0/13;
171.112.0.0/14;
171.208.0.0/12;
175.0.0.0/12;
175.30.0.0/15;
180.96.0.0/11;
180.136.0.0/13;
180.148.16.0/21;
180.148.152.0/21;
180.148.216.0/21;
180.149.128.0/19;
180.152.0.0/13;
180.160.0.0/12;
180.212.0.0/15;
182.23.184.0/21;
182.23.200.0/21;
182.32.0.0/12;
182.84.0.0/14;
182.96.0.0/12;
182.128.0.0/12;
182.144.0.0/13;
182.200.0.0/13;
182.240.0.0/13;
183.0.0.0/10;
183.64.0.0/13;
183.78.180.0/22;
183.91.136.0/21;
183.128.0.0/11;
183.160.0.0/13;
202.0.100.0/23;
202.0.122.0/23;
202.0.176.0/22;
202.3.128.0/23;
202.6.6.0/23;
202.6.66.0/23;
202.6.72.0/23;
202.6.87.0/24;
202.6.88.0/23;
202.6.92.0/23;
202.6.103.0/24;
202.6.108.0/24;
202.6.110.0/23;
202.6.114.0/24;
202.6.176.0/20;
202.8.0.0/24;
202.8.2.0/23;
202.8.4.0/23;
202.8.12.0/24;
202.8.24.0/24;
202.8.77.0/24;
202.8.192.0/20;
202.9.32.0/24;
202.9.34.0/23;
202.9.48.0/23;
202.9.51.0/24;
202.9.52.0/23;
202.9.54.0/24;
202.9.57.0/24;
202.9.58.0/23;
202.12.1.0/24;
202.12.2.0/24;
202.12.17.0/24;
202.12.18.0/24;
202.12.72.0/24;
202.12.84.0/23;
202.12.96.0/24;
202.12.98.0/23;
202.12.106.0/24;
202.12.111.0/24;
202.12.116.0/24;
202.14.64.0/23;
202.14.69.0/24;
202.14.73.0/24;
202.14.74.0/23;
202.14.76.0/24;
202.14.78.0/23;
202.14.88.0/24;
202.14.97.0/24;
202.14.104.0/23;
202.14.108.0/23;
202.14.111.0/24;
202.14.114.0/23;
202.14.118.0/23;
202.14.124.0/23;
202.14.127.0/24;
202.14.129.0/24;
202.14.135.0/24;
202.14.136.0/24;
202.14.149.0/24;
202.14.151.0/24;
202.14.157.0/24;
202.14.158.0/23;
202.14.169.0/24;
202.14.170.0/23;
202.14.176.0/24;
202.14.184.0/23;
202.14.208.0/23;
202.14.213.0/24;
202.14.219.0/24;
202.14.220.0/24;
202.14.222.0/23;
202.14.225.0/24;
202.14.226.0/23;
202.14.231.0/24;
202.14.239.0/24;
202.14.246.0/24;
202.14.251.0/24;
202.20.66.0/24;
202.20.79.0/24;
202.20.87.0/24;
202.20.88.0/23;
202.20.90.0/24;
202.20.94.0/23;
202.20.114.0/24;
202.20.117.0/24;
202.20.120.0/24;
202.20.125.0/24;
202.20.127.0/24;
202.21.131.0/24;
202.21.132.0/24;
202.21.141.0/24;
202.21.142.0/24;
202.21.147.0/24;
202.21.148.0/24;
202.21.150.0/23;
202.21.152.0/23;
202.21.154.0/24;
202.21.156.0/24;
202.27.136.0/23;
202.38.0.0/23;
202.38.48.0/20;
202.38.130.0/23;
202.38.136.0/23;
202.38.142.0/23;
202.38.149.0/24;
202.38.150.0/23;
202.38.154.0/23;
202.38.156.0/24;
202.38.158.0/23;
202.38.168.0/23;
202.38.170.0/24;
202.40.4.0/23;
202.40.7.0/24;
202.40.15.0/24;
202.40.135.0/24;
202.40.136.0/24;
202.40.140.0/24;
202.40.143.0/24;
202.40.144.0/23;
202.40.150.0/24;
202.40.155.0/24;
202.40.156.0/24;
202.40.158.0/23;
202.40.162.0/24;
202.41.8.0/23;
202.41.11.0/24;
202.41.12.0/23;
202.41.128.0/24;
202.41.130.0/23;
202.41.192.0/24;
202.44.16.0/20;
202.44.67.0/24;
202.44.74.0/24;
202.44.129.0/24;
202.44.132.0/23;
202.44.146.0/23;
202.45.0.0/23;
202.45.2.0/24;
202.45.15.0/24;
202.45.16.0/20;
202.46.16.0/23;
202.46.18.0/24;
202.46.20.0/23;
202.46.128.0/24;
202.47.82.0/23;
202.47.126.0/24;
202.47.128.0/24;
202.47.130.0/23;
202.57.240.0/20;
202.58.0.0/24;
202.59.0.0/24;
202.59.212.0/22;
202.59.236.0/24;
202.60.48.0/21;
202.60.96.0/21;
202.60.132.0/22;
202.60.136.0/21;
202.60.144.0/20;
202.62.112.0/22;
202.62.248.0/22;
202.62.252.0/24;
202.62.255.0/24;
202.63.81.0/24;
202.63.82.0/23;
202.63.84.0/22;
202.63.88.0/21;
202.65.0.0/21;
202.65.8.0/23;
202.67.0.0/22;
202.70.96.0/20;
202.70.192.0/20;
202.72.40.0/21;
202.72.80.0/20;
202.73.128.0/22;
202.74.80.0/20;
202.74.254.0/23;
202.75.252.0/22;
202.76.252.0/22;
202.77.80.0/21;
202.77.92.0/22;
202.78.8.0/21;
202.79.224.0/21;
202.79.248.0/22;
202.80.192.0/21;
202.80.200.0/21;
202.81.0.0/22;
202.83.252.0/22;
202.84.4.0/22;
202.84.8.0/21;
202.84.24.0/21;
202.86.249.0/24;
202.86.252.0/22;
202.87.80.0/20;
202.89.8.0/21;
202.90.112.0/20;
202.90.196.0/24;
202.91.0.0/22;
202.91.96.0/20;
202.92.8.0/21;
202.92.48.0/20;
202.92.252.0/22;
202.94.92.0/22;
202.95.240.0/21;
202.96.96.0/21;
202.96.104.0/21;
202.96.112.0/20;
202.96.128.0/21;
202.96.136.0/21;
202.96.144.0/20;
202.96.160.0/21;
202.96.168.0/21;
202.96.176.0/20;
202.96.192.0/21;
202.96.200.0/21;
202.96.208.0/20;
202.96.224.0/21;
202.96.232.0/21;
202.96.240.0/20;
202.97.0.0/21;
202.97.8.0/21;
202.97.16.0/20;
202.97.32.0/19;
202.97.64.0/19;
202.97.96.0/20;
202.97.112.0/20;
202.98.32.0/21;
202.98.40.0/21;
202.98.48.0/20;
202.98.64.0/19;
202.98.96.0/21;
202.98.104.0/21;
202.98.112.0/20;
202.98.128.0/19;
202.98.160.0/21;
202.98.168.0/21;
202.98.176.0/20;
202.98.192.0/21;
202.98.200.0/21;
202.98.208.0/20;
202.98.224.0/21;
202.98.232.0/21;
202.98.240.0/20;
202.100.0.0/21;
202.100.8.0/21;
202.100.16.0/20;
202.100.32.0/19;
202.100.64.0/21;
202.100.72.0/21;
202.100.80.0/20;
202.100.96.0/21;
202.100.104.0/21;
202.100.112.0/20;
202.100.128.0/21;
202.100.136.0/21;
202.100.144.0/20;
202.100.160.0/21;
202.100.168.0/21;
202.100.176.0/20;
202.100.192.0/21;
202.100.200.0/21;
202.100.208.0/20;
202.100.224.0/19;
202.101.0.0/18;
202.101.64.0/19;
202.101.96.0/19;
202.101.224.0/21;
202.102.0.0/19;
202.102.32.0/19;
202.102.64.0/18;
202.102.192.0/21;
202.102.200.0/21;
202.102.208.0/20;
202.103.0.0/21;
202.103.8.0/21;
202.103.16.0/20;
202.103.32.0/19;
202.103.64.0/19;
202.103.96.0/21;
202.103.104.0/21;
202.103.112.0/20;
202.103.128.0/18;
202.103.192.0/19;
202.103.224.0/21;
202.103.232.0/21;
202.103.240.0/20;
202.104.0.0/15;
202.107.128.0/17;
202.109.0.0/16;
202.110.128.0/18;
202.111.0.0/17;
202.111.192.0/18;
202.122.120.0/21;
202.122.132.0/24;
202.124.16.0/21;
202.124.24.0/22;
202.125.112.0/20;
202.127.128.0/20;
202.127.194.0/23;
202.127.196.0/22;
202.127.212.0/22;
202.133.32.0/20;
202.134.58.0/24;
202.134.128.0/20;
202.137.231.0/24;
202.143.4.0/22;
202.143.32.0/20;
202.143.56.0/21;
202.146.160.0/20;
202.146.188.0/22;
202.146.196.0/22;
202.146.200.0/21;
202.147.144.0/20;
202.148.32.0/20;
202.148.64.0/19;
202.149.32.0/19;
202.150.32.0/20;
202.150.56.0/22;
202.150.192.0/20;
202.150.224.0/19;
202.151.0.0/22;
202.151.128.0/19;
202.153.0.0/22;
202.157.192.0/19;
202.162.67.0/24;
202.162.75.0/24;
202.164.96.0/19;
202.165.239.0/24;
202.165.240.0/23;
202.165.243.0/24;
202.165.245.0/24;
202.165.251.0/24;
202.165.252.0/22;
202.166.224.0/19;
202.170.224.0/19;
202.171.216.0/21;
202.171.235.0/24;
202.172.0.0/22;
202.173.0.0/22;
202.173.224.0/19;
202.174.64.0/20;
202.176.224.0/19;
202.180.208.0/21;
202.182.32.0/20;
202.182.192.0/19;
202.189.184.0/21;
202.191.0.0/24;
202.191.68.0/22;
202.191.72.0/21;
202.191.80.0/20;
203.0.4.0/22;
203.0.10.0/23;
203.0.18.0/24;
203.0.24.0/24;
203.0.42.0/23;
203.0.45.0/24;
203.0.46.0/23;
203.0.81.0/24;
203.0.82.0/23;
203.0.90.0/23;
203.0.96.0/23;
203.0.104.0/21;
203.0.114.0/23;
203.0.122.0/24;
203.0.128.0/24;
203.0.130.0/23;
203.0.132.0/22;
203.0.137.0/24;
203.0.142.0/24;
203.0.144.0/24;
203.0.146.0/24;
203.0.148.0/24;
203.0.150.0/23;
203.0.152.0/24;
203.0.177.0/24;
203.0.224.0/24;
203.1.4.0/22;
203.1.18.0/24;
203.1.26.0/23;
203.1.65.0/24;
203.1.66.0/23;
203.1.70.0/23;
203.1.76.0/23;
203.1.90.0/24;
203.1.97.0/24;
203.1.98.0/23;
203.1.100.0/22;
203.1.108.0/24;
203.1.253.0/24;
203.1.254.0/24;
203.2.64.0/21;
203.2.73.0/24;
203.2.112.0/21;
203.2.126.0/23;
203.2.140.0/24;
203.2.150.0/24;
203.2.152.0/22;
203.2.156.0/23;
203.2.160.0/21;
203.2.180.0/23;
203.2.196.0/23;
203.2.209.0/24;
203.2.214.0/23;
203.2.226.0/23;
203.2.229.0/24;
203.2.236.0/23;
203.3.68.0/24;
203.3.72.0/23;
203.3.75.0/24;
203.3.80.0/21;
203.3.96.0/22;
203.3.105.0/24;
203.3.112.0/21;
203.3.120.0/24;
203.3.123.0/24;
203.3.135.0/24;
203.3.139.0/24;
203.3.143.0/24;
203.4.132.0/23;
203.4.134.0/24;
203.4.151.0/24;
203.4.152.0/22;
203.4.174.0/23;
203.4.180.0/24;
203.4.186.0/24;
203.4.205.0/24;
203.4.208.0/22;
203.4.227.0/24;
203.4.230.0/23;
203.5.4.0/23;
203.5.7.0/24;
203.5.8.0/23;
203.5.11.0/24;
203.5.21.0/24;
203.5.22.0/24;
203.5.44.0/24;
203.5.46.0/23;
203.5.52.0/22;
203.5.56.0/23;
203.5.60.0/23;
203.5.114.0/23;
203.5.118.0/24;
203.5.120.0/24;
203.5.172.0/24;
203.5.180.0/23;
203.5.182.0/24;
203.5.185.0/24;
203.5.186.0/24;
203.5.188.0/23;
203.5.190.0/24;
203.5.195.0/24;
203.5.214.0/23;
203.5.218.0/23;
203.6.131.0/24;
203.6.136.0/24;
203.6.138.0/23;
203.6.142.0/24;
203.6.150.0/23;
203.6.157.0/24;
203.6.159.0/24;
203.6.224.0/20;
203.6.248.0/23;
203.7.129.0/24;
203.7.138.0/23;
203.7.147.0/24;
203.7.150.0/23;
203.7.158.0/24;
203.7.192.0/23;
203.7.200.0/24;
203.8.0.0/24;
203.8.8.0/24;
203.8.23.0/24;
203.8.24.0/21;
203.8.70.0/24;
203.8.82.0/24;
203.8.86.0/23;
203.8.91.0/24;
203.8.110.0/23;
203.8.115.0/24;
203.8.166.0/23;
203.8.169.0/24;
203.8.173.0/24;
203.8.184.0/24;
203.8.186.0/23;
203.8.190.0/23;
203.8.192.0/24;
203.8.197.0/24;
203.8.198.0/23;
203.8.203.0/24;
203.8.209.0/24;
203.8.210.0/23;
203.8.212.0/22;
203.8.217.0/24;
203.8.220.0/24;
203.9.32.0/24;
203.9.36.0/23;
203.9.57.0/24;
203.9.63.0/24;
203.9.65.0/24;
203.9.70.0/23;
203.9.72.0/24;
203.9.75.0/24;
203.9.76.0/23;
203.9.96.0/22;
203.9.100.0/23;
203.9.108.0/24;
203.9.158.0/24;
203.10.34.0/24;
203.10.56.0/24;
203.10.74.0/23;
203.10.84.0/22;
203.10.88.0/24;
203.10.95.0/24;
203.10.125.0/24;
203.11.70.0/24;
203.11.76.0/22;
203.11.82.0/24;
203.11.84.0/22;
203.11.100.0/22;
203.11.109.0/24;
203.11.117.0/24;
203.11.122.0/24;
203.11.126.0/24;
203.11.136.0/22;
203.11.141.0/24;
203.11.142.0/23;
203.11.180.0/22;
203.11.208.0/22;
203.12.16.0/24;
203.12.19.0/24;
203.12.24.0/24;
203.12.57.0/24;
203.12.65.0/24;
203.12.66.0/24;
203.12.70.0/23;
203.12.87.0/24;
203.12.88.0/21;
203.12.100.0/23;
203.12.103.0/24;
203.12.114.0/24;
203.12.118.0/24;
203.12.130.0/24;
203.12.137.0/24;
203.12.196.0/22;
203.12.200.0/21;
203.12.211.0/24;
203.12.219.0/24;
203.12.226.0/24;
203.12.240.0/22;
203.13.18.0/24;
203.13.24.0/24;
203.13.44.0/23;
203.13.80.0/21;
203.13.88.0/23;
203.13.92.0/22;
203.13.173.0/24;
203.13.224.0/23;
203.13.227.0/24;
203.13.233.0/24;
203.14.24.0/22;
203.14.33.0/24;
203.14.56.0/24;
203.14.61.0/24;
203.14.62.0/24;
203.14.104.0/24;
203.14.114.0/23;
203.14.118.0/24;
203.14.162.0/24;
203.14.184.0/21;
203.14.192.0/24;
203.14.194.0/23;
203.14.214.0/24;
203.14.231.0/24;
203.14.246.0/24;
203.15.0.0/20;
203.15.20.0/23;
203.15.22.0/24;
203.15.87.0/24;
203.15.88.0/23;
203.15.105.0/24;
203.15.112.0/21;
203.15.130.0/23;
203.15.149.0/24;
203.15.151.0/24;
203.15.156.0/22;
203.15.174.0/24;
203.15.227.0/24;
203.15.232.0/21;
203.15.240.0/23;
203.15.246.0/24;
203.16.10.0/24;
203.16.12.0/23;
203.16.16.0/21;
203.16.27.0/24;
203.16.38.0/24;
203.16.49.0/24;
203.16.50.0/23;
203.16.58.0/24;
203.16.133.0/24;
203.16.161.0/24;
203.16.162.0/24;
203.16.186.0/23;
203.16.228.0/24;
203.16.238.0/24;
203.16.240.0/24;
203.16.245.0/24;
203.17.2.0/24;
203.17.18.0/24;
203.17.28.0/24;
203.17.39.0/24;
203.17.56.0/24;
203.17.74.0/23;
203.17.88.0/23;
203.17.136.0/24;
203.17.164.0/24;
203.17.187.0/24;
203.17.190.0/23;
203.17.231.0/24;
203.17.233.0/24;
203.17.248.0/24;
203.17.255.0/24;
203.18.2.0/23;
203.18.4.0/24;
203.18.7.0/24;
203.18.31.0/24;
203.18.37.0/24;
203.18.48.0/23;
203.18.52.0/24;
203.18.72.0/22;
203.18.80.0/23;
203.18.87.0/24;
203.18.100.0/23;
203.18.105.0/24;
203.18.107.0/24;
203.18.110.0/24;
203.18.129.0/24;
203.18.131.0/24;
203.18.132.0/23;
203.18.144.0/24;
203.18.153.0/24;
203.18.199.0/24;
203.18.208.0/24;
203.18.211.0/24;
203.18.215.0/24;
203.19.18.0/24;
203.19.24.0/24;
203.19.30.0/24;
203.19.32.0/21;
203.19.41.0/24;
203.19.44.0/23;
203.19.46.0/24;
203.19.58.0/24;
203.19.60.0/23;
203.19.64.0/24;
203.19.68.0/24;
203.19.72.0/24;
203.19.101.0/24;
203.19.111.0/24;
203.19.131.0/24;
203.19.133.0/24;
203.19.144.0/24;
203.19.149.0/24;
203.19.156.0/24;
203.19.176.0/24;
203.19.178.0/23;
203.19.208.0/24;
203.19.228.0/22;
203.19.233.0/24;
203.19.242.0/24;
203.19.248.0/23;
203.19.255.0/24;
203.20.17.0/24;
203.20.40.0/23;
203.20.48.0/24;
203.20.61.0/24;
203.20.65.0/24;
203.20.84.0/23;
203.20.89.0/24;
203.20.106.0/23;
203.20.115.0/24;
203.20.117.0/24;
203.20.118.0/23;
203.20.122.0/24;
203.20.126.0/23;
203.20.135.0/24;
203.20.136.0/21;
203.20.150.0/24;
203.20.230.0/24;
203.20.232.0/24;
203.20.236.0/24;
203.21.0.0/23;
203.21.2.0/24;
203.21.8.0/24;
203.21.10.0/24;
203.21.18.0/24;
203.21.33.0/24;
203.21.34.0/24;
203.21.41.0/24;
203.21.44.0/24;
203.21.68.0/24;
203.21.82.0/24;
203.21.96.0/22;
203.21.124.0/24;
203.21.136.0/23;
203.21.145.0/24;
203.21.206.0/24;
203.22.24.0/24;
203.22.28.0/23;
203.22.31.0/24;
203.22.68.0/24;
203.22.76.0/24;
203.22.78.0/24;
203.22.84.0/24;
203.22.87.0/24;
203.22.92.0/22;
203.22.99.0/24;
203.22.106.0/24;
203.22.122.0/23;
203.22.131.0/24;
203.22.163.0/24;
203.22.166.0/24;
203.22.170.0/24;
203.22.176.0/21;
203.22.194.0/24;
203.22.242.0/23;
203.22.245.0/24;
203.22.246.0/24;
203.22.252.0/23;
203.23.0.0/24;
203.23.47.0/24;
203.23.61.0/24;
203.23.62.0/23;
203.23.73.0/24;
203.23.85.0/24;
203.23.92.0/22;
203.23.98.0/24;
203.23.107.0/24;
203.23.112.0/24;
203.23.130.0/24;
203.23.140.0/23;
203.23.172.0/24;
203.23.182.0/24;
203.23.186.0/23;
203.23.192.0/24;
203.23.197.0/24;
203.23.198.0/24;
203.23.204.0/22;
203.23.224.0/24;
203.23.226.0/23;
203.23.228.0/22;
203.23.249.0/24;
203.23.251.0/24;
203.24.13.0/24;
203.24.18.0/24;
203.24.27.0/24;
203.24.43.0/24;
203.24.56.0/24;
203.24.58.0/24;
203.24.67.0/24;
203.24.74.0/24;
203.24.79.0/24;
203.24.80.0/23;
203.24.84.0/23;
203.24.86.0/24;
203.24.90.0/24;
203.24.111.0/24;
203.24.112.0/24;
203.24.116.0/24;
203.24.122.0/23;
203.24.145.0/24;
203.24.152.0/23;
203.24.157.0/24;
203.24.161.0/24;
203.24.167.0/24;
203.24.186.0/23;
203.24.199.0/24;
203.24.202.0/24;
203.24.212.0/23;
203.24.217.0/24;
203.24.219.0/24;
203.24.244.0/24;
203.25.19.0/24;
203.25.20.0/23;
203.25.46.0/24;
203.25.48.0/21;
203.25.64.0/23;
203.25.91.0/24;
203.25.99.0/24;
203.25.100.0/24;
203.25.106.0/24;
203.25.131.0/24;
203.25.135.0/24;
203.25.138.0/24;
203.25.147.0/24;
203.25.153.0/24;
203.25.154.0/23;
203.25.164.0/24;
203.25.166.0/24;
203.25.174.0/23;
203.25.180.0/24;
203.25.182.0/24;
203.25.191.0/24;
203.25.199.0/24;
203.25.200.0/24;
203.25.202.0/23;
203.25.208.0/20;
203.25.229.0/24;
203.25.235.0/24;
203.25.236.0/24;
203.25.242.0/24;
203.26.12.0/24;
203.26.34.0/24;
203.26.49.0/24;
203.26.50.0/24;
203.26.55.0/24;
203.26.56.0/23;
203.26.60.0/24;
203.26.65.0/24;
203.26.68.0/24;
203.26.76.0/24;
203.26.80.0/24;
203.26.84.0/24;
203.26.97.0/24;
203.26.102.0/23;
203.26.115.0/24;
203.26.116.0/24;
203.26.129.0/24;
203.26.143.0/24;
203.26.144.0/24;
203.26.148.0/23;
203.26.154.0/24;
203.26.158.0/23;
203.26.170.0/24;
203.26.173.0/24;
203.26.176.0/24;
203.26.185.0/24;
203.26.202.0/23;
203.26.210.0/24;
203.26.214.0/24;
203.26.222.0/24;
203.26.224.0/24;
203.26.228.0/24;
203.26.232.0/24;
203.27.0.0/24;
203.27.10.0/24;
203.27.15.0/24;
203.27.16.0/24;
203.27.20.0/24;
203.27.22.0/23;
203.27.40.0/24;
203.27.45.0/24;
203.27.53.0/24;
203.27.65.0/24;
203.27.66.0/24;
203.27.81.0/24;
203.27.88.0/24;
203.27.102.0/24;
203.27.109.0/24;
203.27.117.0/24;
203.27.121.0/24;
203.27.122.0/23;
203.27.125.0/24;
203.27.200.0/24;
203.27.202.0/24;
203.27.233.0/24;
203.27.241.0/24;
203.27.250.0/24;
203.28.10.0/24;
203.28.12.0/24;
203.28.33.0/24;
203.28.34.0/23;
203.28.43.0/24;
203.28.44.0/24;
203.28.54.0/24;
203.28.56.0/24;
203.28.73.0/24;
203.28.74.0/24;
203.28.76.0/24;
203.28.86.0/24;
203.28.88.0/24;
203.28.112.0/24;
203.28.131.0/24;
203.28.136.0/24;
203.28.140.0/24;
203.28.145.0/24;
203.28.165.0/24;
203.28.169.0/24;
203.28.170.0/24;
203.28.178.0/23;
203.28.185.0/24;
203.28.187.0/24;
203.28.196.0/24;
203.28.226.0/23;
203.28.239.0/24;
203.29.2.0/24;
203.29.8.0/23;
203.29.13.0/24;
203.29.14.0/24;
203.29.28.0/24;
203.29.46.0/24;
203.29.57.0/24;
203.29.61.0/24;
203.29.63.0/24;
203.29.69.0/24;
203.29.73.0/24;
203.29.81.0/24;
203.29.90.0/24;
203.29.95.0/24;
203.29.100.0/24;
203.29.103.0/24;
203.29.112.0/24;
203.29.120.0/22;
203.29.182.0/23;
203.29.187.0/24;
203.29.189.0/24;
203.29.190.0/24;
203.29.205.0/24;
203.29.210.0/24;
203.29.217.0/24;
203.29.227.0/24;
203.29.231.0/24;
203.29.233.0/24;
203.29.234.0/24;
203.29.248.0/24;
203.29.254.0/23;
203.30.16.0/23;
203.30.25.0/24;
203.30.27.0/24;
203.30.29.0/24;
203.30.66.0/24;
203.30.81.0/24;
203.30.87.0/24;
203.30.111.0/24;
203.30.121.0/24;
203.30.123.0/24;
203.30.152.0/24;
203.30.156.0/24;
203.30.162.0/24;
203.30.173.0/24;
203.30.175.0/24;
203.30.187.0/24;
203.30.194.0/24;
203.30.217.0/24;
203.30.220.0/24;
203.30.222.0/24;
203.30.232.0/23;
203.30.235.0/24;
203.30.240.0/23;
203.30.246.0/24;
203.30.250.0/23;
203.31.45.0/24;
203.31.46.0/24;
203.31.49.0/24;
203.31.51.0/24;
203.31.54.0/23;
203.31.69.0/24;
203.31.72.0/24;
203.31.80.0/24;
203.31.85.0/24;
203.31.97.0/24;
203.31.105.0/24;
203.31.106.0/24;
203.31.108.0/23;
203.31.124.0/24;
203.31.162.0/24;
203.31.174.0/24;
203.31.177.0/24;
203.31.181.0/24;
203.31.187.0/24;
203.31.189.0/24;
203.31.204.0/24;
203.31.220.0/24;
203.31.222.0/23;
203.31.225.0/24;
203.31.229.0/24;
203.31.248.0/23;
203.31.253.0/24;
203.32.20.0/24;
203.32.48.0/23;
203.32.56.0/24;
203.32.60.0/24;
203.32.62.0/24;
203.32.68.0/23;
203.32.76.0/24;
203.32.81.0/24;
203.32.84.0/23;
203.32.95.0/24;
203.32.102.0/24;
203.32.105.0/24;
203.32.130.0/24;
203.32.133.0/24;
203.32.140.0/24;
203.32.152.0/24;
203.32.186.0/23;
203.32.192.0/24;
203.32.196.0/24;
203.32.203.0/24;
203.32.204.0/23;
203.32.212.0/24;
203.33.4.0/24;
203.33.7.0/24;
203.33.8.0/21;
203.33.21.0/24;
203.33.26.0/24;
203.33.32.0/24;
203.33.63.0/24;
203.33.64.0/24;
203.33.67.0/24;
203.33.68.0/24;
203.33.73.0/24;
203.33.79.0/24;
203.33.100.0/24;
203.33.122.0/24;
203.33.129.0/24;
203.33.131.0/24;
203.33.145.0/24;
203.33.156.0/24;
203.33.158.0/23;
203.33.174.0/24;
203.33.185.0/24;
203.33.200.0/24;
203.33.202.0/23;
203.33.204.0/24;
203.33.206.0/23;
203.33.214.0/23;
203.33.224.0/23;
203.33.226.0/24;
203.33.233.0/24;
203.33.243.0/24;
203.33.250.0/24;
203.34.4.0/24;
203.34.21.0/24;
203.34.27.0/24;
203.34.39.0/24;
203.34.48.0/23;
203.34.54.0/24;
203.34.56.0/23;
203.34.67.0/24;
203.34.69.0/24;
203.34.76.0/24;
203.34.92.0/24;
203.34.106.0/24;
203.34.113.0/24;
203.34.147.0/24;
203.34.150.0/24;
203.34.152.0/23;
203.34.161.0/24;
203.34.162.0/24;
203.34.187.0/24;
203.34.192.0/21;
203.34.204.0/22;
203.34.232.0/24;
203.34.240.0/24;
203.34.242.0/24;
203.34.245.0/24;
203.34.251.0/24;
203.55.2.0/23;
203.55.4.0/24;
203.55.10.0/24;
203.55.13.0/24;
203.55.22.0/24;
203.55.30.0/24;
203.55.93.0/24;
203.55.101.0/24;
203.55.109.0/24;
203.55.110.0/24;
203.55.116.0/23;
203.55.119.0/24;
203.55.128.0/23;
203.55.146.0/23;
203.55.192.0/24;
203.55.196.0/24;
203.55.218.0/23;
203.55.221.0/24;
203.55.224.0/24;
203.56.1.0/24;
203.56.4.0/24;
203.56.12.0/24;
203.56.24.0/24;
203.56.38.0/24;
203.56.40.0/24;
203.56.46.0/24;
203.56.48.0/21;
203.56.68.0/23;
203.56.82.0/23;
203.56.84.0/23;
203.56.95.0/24;
203.56.110.0/24;
203.56.121.0/24;
203.56.161.0/24;
203.56.169.0/24;
203.56.172.0/23;
203.56.175.0/24;
203.56.183.0/24;
203.56.185.0/24;
203.56.187.0/24;
203.56.192.0/24;
203.56.198.0/24;
203.56.201.0/24;
203.56.208.0/23;
203.56.210.0/24;
203.56.214.0/24;
203.56.216.0/24;
203.56.227.0/24;
203.56.228.0/24;
203.56.232.0/24;
203.56.240.0/24;
203.56.252.0/24;
203.56.254.0/24;
203.57.5.0/24;
203.57.6.0/24;
203.57.12.0/23;
203.57.28.0/24;
203.57.39.0/24;
203.57.46.0/24;
203.57.58.0/24;
203.57.61.0/24;
203.57.66.0/24;
203.57.69.0/24;
203.57.70.0/23;
203.57.73.0/24;
203.57.90.0/24;
203.57.101.0/24;
203.57.109.0/24;
203.57.123.0/24;
203.57.157.0/24;
203.57.200.0/24;
203.57.202.0/24;
203.57.206.0/24;
203.57.222.0/24;
203.57.224.0/20;
203.57.246.0/23;
203.57.249.0/24;
203.57.253.0/24;
203.57.254.0/23;
203.62.2.0/24;
203.62.131.0/24;
203.62.139.0/24;
203.62.161.0/24;
203.62.197.0/24;
203.62.228.0/22;
203.62.234.0/24;
203.62.246.0/24;
203.76.160.0/22;
203.76.168.0/22;
203.77.180.0/22;
203.78.48.0/20;
203.80.4.0/23;
203.80.32.0/20;
203.80.57.0/24;
203.80.132.0/22;
203.80.136.0/21;
203.81.0.0/21;
203.82.0.0/23;
203.82.16.0/21;
203.83.0.0/22;
203.83.224.0/20;
203.86.96.0/19;
203.86.254.0/23;
203.89.8.0/21;
203.89.136.0/22;
203.90.8.0/22;
203.92.0.0/22;
203.95.224.0/19;
203.99.8.0/21;
203.100.48.0/21;
203.100.63.0/24;
203.104.32.0/20;
203.105.96.0/19;
203.105.128.0/19;
203.110.208.0/20;
203.110.232.0/23;
203.110.234.0/24;
203.118.241.0/24;
203.119.113.0/24;
203.119.114.0/23;
203.119.116.0/22;
203.119.120.0/21;
203.128.224.0/21;
203.129.8.0/21;
203.130.32.0/19;
203.142.224.0/19;
203.144.96.0/19;
203.145.0.0/19;
203.148.80.0/22;
203.148.86.0/23;
203.149.92.0/22;
203.152.128.0/19;
203.153.0.0/22;
203.160.104.0/21;
203.160.129.0/24;
203.160.192.0/19;
203.161.0.0/22;
203.168.0.0/19;
203.170.58.0/23;
203.171.0.0/22;
203.174.4.0/24;
203.176.64.0/19;
203.189.0.0/23;
203.189.6.0/23;
203.189.112.0/22;
203.189.192.0/19;
203.190.249.0/24;
203.191.0.0/23;
203.193.224.0/19;
203.194.120.0/21;
203.195.64.0/19;
203.195.112.0/21;
203.196.8.0/21;
203.202.236.0/22;
203.205.64.0/19;
203.212.0.0/20;
203.215.232.0/21;
203.223.16.0/21;
210.5.56.0/21;
210.75.0.0/16;
210.77.0.0/16;
210.192.96.0/19;
211.100.0.0/16;
211.154.0.0/16;
218.0.0.0/16;
218.1.0.0/16;
218.2.0.0/15;
218.4.0.0/15;
218.6.0.0/16;
218.13.0.0/16;
218.14.0.0/15;
218.16.0.0/14;
218.20.0.0/16;
218.21.0.0/17;
218.22.0.0/15;
218.30.0.0/15;
218.62.128.0/17;
218.63.0.0/16;
218.64.0.0/15;
218.66.0.0/16;
218.67.0.0/17;
218.70.0.0/15;
218.72.0.0/14;
218.76.0.0/15;
218.78.0.0/15;
218.80.0.0/14;
218.84.0.0/14;
218.88.0.0/13;
218.100.88.0/21;
218.100.96.0/19;
218.100.128.0/17;
218.185.240.0/21;
219.128.0.0/12;
219.144.0.0/14;
219.148.0.0/16;
219.149.0.0/17;
219.149.128.0/18;
219.149.192.0/18;
219.150.0.0/19;
219.150.32.0/19;
219.150.64.0/19;
219.150.96.0/20;
219.150.112.0/20;
219.150.128.0/17;
219.151.0.0/19;
219.151.32.0/19;
219.151.64.0/18;
219.151.128.0/17;
219.152.0.0/15;
219.159.64.0/18;
219.159.128.0/17;
220.160.0.0/11;
220.247.136.0/21;
221.224.0.0/13;
221.232.0.0/14;
221.236.0.0/15;
221.238.0.0/16;
221.239.0.0/17;
221.239.128.0/17;
222.64.0.0/13;
222.72.0.0/15;
222.74.0.0/16;
222.75.0.0/16;
222.76.0.0/14;
222.80.0.0/15;
222.82.0.0/16;
222.83.0.0/17;
222.83.128.0/17;
222.84.0.0/16;
222.85.0.0/17;
222.85.128.0/17;
222.86.0.0/15;
222.88.0.0/15;
222.90.0.0/15;
222.92.0.0/14;
222.168.0.0/15;
222.170.0.0/15;
222.172.0.0/17;
222.172.128.0/17;
222.173.0.0/16;
222.174.0.0/15;
222.176.0.0/13;
222.184.0.0/13;
222.208.0.0/13;
222.216.0.0/15;
222.218.0.0/16;
222.219.0.0/16;
222.220.0.0/15;
222.222.0.0/15;
222.240.0.0/13;
223.8.0.0/13;
223.144.0.0/12;
223.198.0.0/15;
223.214.0.0/15;
223.220.0.0/15;
223.240.0.0/13;
223.255.252.0/23;
};

cat cnc.txt
acl cnc{
1.24.0.0/13;
1.56.0.0/13;
1.188.0.0/14;
14.204.0.0/15;
27.8.0.0/13;
27.36.0.0/14;
27.40.0.0/13;
27.50.128.0/17;
27.54.192.0/18;
27.98.224.0/19;
27.112.0.0/18;
27.115.0.0/17;
27.192.0.0/11;
36.32.0.0/14;
36.248.0.0/14;
39.64.0.0/11;
42.1.128.0/17;
42.4.0.0/14;
42.48.0.0/15;
42.51.0.0/16;
42.52.0.0/14;
42.56.0.0/14;
42.63.0.0/16;
42.84.0.0/14;
42.157.0.0/16;
42.176.0.0/13;
42.224.0.0/12;
43.224.12.0/22;
43.224.24.0/22;
43.224.52.0/22;
43.224.160.0/22;
43.224.208.0/22;
43.226.116.0/22;
43.226.120.0/22;
43.226.160.0/22;
43.229.236.0/22;
43.240.0.0/22;
43.240.132.0/22;
43.240.204.0/22;
43.241.48.0/22;
43.241.92.0/22;
43.241.184.0/22;
43.242.148.0/22;
43.242.152.0/22;
43.242.156.0/22;
43.242.164.0/22;
43.242.180.0/22;
43.243.4.0/22;
43.243.16.0/22;
43.243.88.0/22;
43.243.128.0/22;
43.243.156.0/22;
43.243.180.0/22;
43.243.228.0/22;
43.247.88.0/22;
43.247.212.0/22;
43.247.216.0/22;
43.248.4.0/22;
43.248.20.0/22;
43.248.48.0/22;
43.248.108.0/22;
43.248.148.0/22;
43.248.244.0/22;
43.249.4.0/22;
43.249.136.0/22;
43.249.236.0/22;
43.250.4.0/22;
43.250.96.0/22;
43.250.112.0/22;
43.250.128.0/22;
43.250.144.0/22;
43.250.168.0/22;
43.250.200.0/22;
43.250.212.0/22;
43.250.244.0/22;
43.251.4.0/22;
43.251.36.0/22;
43.251.232.0/22;
43.254.44.0/22;
43.254.104.0/22;
43.254.116.0/22;
43.254.144.0/22;
43.254.148.0/22;
43.255.204.0/22;
45.112.228.0/22;
45.112.232.0/22;
45.113.24.0/22;
45.113.240.0/22;
45.113.252.0/22;
45.115.144.0/22;
45.115.200.0/22;
45.117.124.0/22;
45.121.96.0/22;
45.124.20.0/22;
45.124.68.0/22;
45.126.108.0/22;
58.16.0.0/16;
58.17.0.0/17;
58.17.128.0/17;
58.18.0.0/16;
58.19.0.0/16;
58.20.0.0/16;
58.21.0.0/16;
58.22.0.0/15;
58.24.0.0/15;
58.30.0.0/15;
58.144.0.0/16;
58.240.0.0/15;
58.242.0.0/15;
58.244.0.0/15;
58.246.0.0/15;
58.248.0.0/13;
60.0.0.0/13;
60.8.0.0/15;
60.10.0.0/16;
60.11.0.0/16;
60.12.0.0/16;
60.13.0.0/18;
60.13.64.0/18;
60.13.128.0/17;
60.14.0.0/15;
60.16.0.0/13;
60.24.0.0/14;
60.28.0.0/15;
60.30.0.0/16;
60.31.0.0/16;
60.63.0.0/16;
60.204.0.0/16;
60.208.0.0/13;
60.216.0.0/15;
60.218.0.0/15;
60.220.0.0/14;
60.253.128.0/17;
60.255.0.0/16;
61.28.0.0/20;
61.28.16.0/20;
61.28.32.0/19;
61.28.64.0/18;
61.45.128.0/18;
61.48.0.0/14;
61.52.0.0/15;
61.54.0.0/16;
61.55.0.0/16;
61.133.0.0/17;
61.134.96.0/19;
61.134.128.0/18;
61.134.192.0/18;
61.135.0.0/16;
61.136.0.0/18;
61.136.64.0/18;
61.137.128.0/17;
61.138.0.0/18;
61.138.64.0/18;
61.138.128.0/18;
61.139.128.0/18;
61.148.0.0/15;
61.156.0.0/16;
61.158.0.0/17;
61.158.128.0/17;
61.159.0.0/18;
61.161.0.0/18;
61.161.128.0/17;
61.162.0.0/16;
61.163.0.0/16;
61.167.0.0/16;
61.168.0.0/16;
61.176.0.0/16;
61.179.0.0/16;
61.180.128.0/17;
61.181.0.0/16;
61.182.0.0/16;
61.189.0.0/17;
61.240.0.0/14;
101.16.0.0/12;
101.64.0.0/13;
101.72.0.0/14;
101.204.0.0/14;
101.232.0.0/15;
103.3.96.0/22;
103.3.100.0/22;
103.3.104.0/22;
103.3.108.0/22;
103.3.112.0/22;
103.3.116.0/22;
103.3.120.0/22;
103.3.124.0/22;
103.3.132.0/22;
103.3.136.0/22;
103.3.140.0/22;
103.3.148.0/22;
103.3.152.0/22;
103.3.156.0/22;
103.5.56.0/22;
103.5.252.0/22;
103.7.212.0/22;
103.9.248.0/22;
103.14.84.0/22;
103.18.224.0/22;
103.22.188.0/22;
103.25.40.0/22;
103.27.4.0/22;
103.27.240.0/22;
103.28.204.0/22;
103.31.200.0/22;
103.36.208.0/22;
103.37.44.0/22;
103.37.100.0/22;
103.38.32.0/22;
103.38.40.0/22;
103.39.88.0/22;
103.40.192.0/22;
103.40.212.0/22;
103.43.192.0/22;
103.45.168.0/22;
103.45.224.0/22;
103.52.96.0/22;
103.52.100.0/22;
103.52.176.0/22;
103.53.204.0/22;
103.55.172.0/22;
103.55.228.0/22;
103.56.60.0/22;
103.57.196.0/22;
103.61.176.0/22;
103.192.132.0/22;
103.192.188.0/22;
103.203.140.0/22;
103.227.120.0/22;
103.229.148.0/22;
103.229.212.0/22;
103.230.196.0/22;
103.230.236.0/22;
103.233.228.0/22;
103.234.244.0/22;
103.236.240.0/22;
103.238.28.0/22;
103.238.32.0/22;
103.238.144.0/22;
103.239.244.0/22;
103.240.36.0/22;
103.240.72.0/22;
103.240.84.0/22;
103.240.124.0/22;
103.240.172.0/22;
103.246.8.0/22;
103.246.152.0/22;
103.248.100.0/22;
103.250.32.0/22;
103.250.104.0/22;
103.250.124.0/22;
103.250.180.0/22;
103.250.192.0/22;
103.250.216.0/22;
103.250.248.0/22;
103.251.32.0/22;
103.251.96.0/22;
103.251.124.0/22;
103.251.160.0/22;
103.251.240.0/22;
103.255.200.0/22;
110.6.0.0/15;
110.16.0.0/14;
110.52.0.0/15;
110.72.0.0/15;
110.228.0.0/14;
110.232.32.0/19;
110.236.0.0/15;
110.240.0.0/12;
111.85.0.0/16;
111.160.0.0/13;
111.192.0.0/12;
111.228.0.0/14;
112.64.0.0/15;
112.80.0.0/13;
112.88.0.0/13;
112.96.0.0/15;
112.109.128.0/17;
112.111.0.0/16;
112.122.0.0/15;
112.132.0.0/16;
112.192.0.0/14;
112.224.0.0/11;
113.0.0.0/13;
113.8.0.0/15;
113.18.0.0/16;
113.56.0.0/15;
113.58.0.0/16;
113.59.0.0/17;
113.194.0.0/15;
113.200.0.0/15;
113.204.0.0/14;
113.213.0.0/17;
113.224.0.0/12;
114.54.0.0/15;
114.60.0.0/14;
114.118.0.0/16;
114.119.0.0/17;
114.240.0.0/12;
115.46.0.0/16;
115.48.0.0/12;
115.85.192.0/18;
115.172.0.0/14;
116.2.0.0/15;
116.60.0.0/14;
116.70.0.0/17;
116.95.0.0/16;
116.112.0.0/14;
116.116.0.0/15;
116.194.0.0/15;
116.199.0.0/17;
116.199.128.0/19;
116.214.32.0/19;
116.216.0.0/14;
116.242.0.0/15;
116.244.0.0/15;
116.254.128.0/17;
116.255.128.0/17;
117.8.0.0/13;
117.74.64.0/20;
117.75.0.0/16;
117.76.0.0/14;
117.100.0.0/15;
117.120.64.0/18;
117.121.128.0/18;
118.72.0.0/13;
118.80.0.0/15;
118.88.32.0/19;
118.88.64.0/18;
118.88.128.0/17;
118.102.16.0/20;
118.132.0.0/14;
118.144.0.0/14;
118.191.0.0/16;
118.192.0.0/16;
118.193.0.0/20;
118.212.0.0/16;
118.224.0.0/14;
118.244.0.0/14;
119.4.0.0/14;
119.27.64.0/18;
119.32.0.0/14;
119.36.0.0/16;
119.37.0.0/17;
119.37.128.0/18;
119.38.0.0/17;
119.39.0.0/16;
119.40.0.0/18;
119.40.128.0/17;
119.42.0.0/19;
119.42.224.0/19;
119.44.0.0/15;
119.48.0.0/13;
119.59.128.0/17;
119.62.0.0/16;
119.108.0.0/15;
119.112.0.0/13;
119.148.160.0/20;
119.162.0.0/15;
119.164.0.0/14;
119.176.0.0/12;
119.232.0.0/15;
119.248.0.0/14;
119.252.240.0/20;
120.0.0.0/12;
120.64.0.0/14;
120.80.0.0/13;
120.128.0.0/14;
120.132.0.0/17;
121.16.0.0/13;
121.24.0.0/14;
121.28.0.0/15;
121.30.0.0/16;
121.31.0.0/16;
121.52.224.0/19;
121.55.0.0/18;
121.68.0.0/14;
121.76.0.0/15;
121.89.0.0/16;
121.100.128.0/17;
121.201.0.0/16;
122.13.0.0/16;
122.96.0.0/15;
122.102.64.0/20;
122.136.0.0/13;
122.156.0.0/14;
122.188.0.0/14;
122.192.0.0/14;
123.4.0.0/14;
123.8.0.0/13;
123.98.0.0/17;
123.100.0.0/19;
123.112.0.0/12;
123.128.0.0/13;
123.138.0.0/15;
123.144.0.0/14;
123.148.0.0/16;
123.152.0.0/13;
123.176.80.0/20;
123.188.0.0/14;
123.196.0.0/15;
123.232.0.0/14;
123.253.0.0/16;
124.6.64.0/18;
124.20.0.0/16;
124.21.0.0/20;
124.21.16.0/20;
124.21.32.0/19;
124.21.64.0/18;
124.21.128.0/17;
124.42.0.0/17;
124.42.128.0/17;
124.64.0.0/15;
124.66.0.0/17;
124.67.0.0/16;
124.68.0.0/14;
124.88.0.0/16;
124.89.0.0/17;
124.89.128.0/17;
124.90.0.0/15;
124.92.0.0/14;
124.128.0.0/13;
124.152.0.0/16;
124.160.0.0/16;
124.161.0.0/16;
124.162.0.0/16;
124.163.0.0/16;
124.164.0.0/14;
124.172.0.0/15;
124.240.128.0/18;
124.248.0.0/17;
125.32.0.0/16;
125.33.0.0/16;
125.34.0.0/16;
125.35.0.0/17;
125.35.128.0/17;
125.36.0.0/14;
125.40.0.0/13;
125.211.0.0/16;
139.9.0.0/16;
139.170.0.0/16;
139.208.0.0/13;
139.226.0.0/15;
140.206.0.0/15;
150.129.136.0/22;
150.242.152.0/22;
150.255.0.0/16;
153.0.0.0/16;
153.3.0.0/16;
153.34.0.0/15;
153.36.0.0/15;
153.99.0.0/16;
153.101.0.0/16;
157.0.0.0/16;
157.18.0.0/16;
157.61.0.0/16;
157.122.0.0/16;
157.148.0.0/16;
157.156.0.0/16;
157.255.0.0/16;
163.0.0.0/16;
163.53.48.0/22;
163.53.52.0/22;
163.125.0.0/16;
163.142.0.0/16;
163.177.0.0/16;
163.179.0.0/16;
163.204.0.0/16;
171.34.0.0/15;
171.36.0.0/14;
171.116.0.0/14;
171.120.0.0/13;
175.16.0.0/13;
175.42.0.0/15;
175.44.0.0/16;
175.106.128.0/17;
175.146.0.0/15;
175.148.0.0/14;
175.152.0.0/14;
175.160.0.0/12;
175.184.128.0/18;
180.77.0.0/16;
180.95.128.0/17;
180.129.128.0/17;
180.130.0.0/16;
180.189.148.0/22;
180.223.0.0/16;
182.54.0.0/17;
182.88.0.0/14;
182.112.0.0/12;
182.236.128.0/17;
183.92.0.0/14;
183.184.0.0/13;
202.74.8.0/21;
202.75.208.0/20;
202.92.0.0/22;
202.96.0.0/18;
202.96.64.0/21;
202.96.72.0/21;
202.96.80.0/20;
202.97.128.0/18;
202.97.192.0/19;
202.97.224.0/21;
202.97.232.0/21;
202.97.240.0/20;
202.98.0.0/21;
202.98.8.0/21;
202.98.16.0/20;
202.99.0.0/18;
202.99.64.0/19;
202.99.96.0/21;
202.99.104.0/21;
202.99.112.0/20;
202.99.128.0/19;
202.99.160.0/21;
202.99.168.0/21;
202.99.176.0/20;
202.99.192.0/21;
202.99.200.0/21;
202.99.208.0/20;
202.99.224.0/21;
202.99.232.0/21;
202.99.240.0/20;
202.101.128.0/18;
202.102.128.0/21;
202.102.136.0/21;
202.102.144.0/20;
202.102.160.0/19;
202.102.224.0/21;
202.102.232.0/21;
202.102.240.0/20;
202.106.0.0/16;
202.107.0.0/17;
202.108.0.0/16;
202.110.0.0/18;
202.110.64.0/18;
202.110.192.0/18;
202.111.128.0/19;
202.111.160.0/19;
202.115.32.0/19;
202.115.64.0/18;
202.122.128.0/24;
202.127.112.0/20;
202.127.209.0/24;
202.130.224.0/19;
202.170.128.0/19;
203.93.8.0/24;
203.93.9.0/24;
203.93.10.0/23;
203.93.12.0/22;
203.93.64.0/18;
203.93.136.0/22;
203.93.140.0/24;
203.93.192.0/18;
203.135.96.0/20;
203.135.112.0/20;
203.135.160.0/20;
203.166.160.0/19;
203.223.0.0/20;
210.5.128.0/20;
210.13.0.0/18;
210.13.64.0/18;
210.13.128.0/17;
210.14.160.0/19;
210.14.192.0/19;
210.14.224.0/19;
210.15.32.0/19;
210.15.96.0/19;
210.15.128.0/18;
210.21.0.0/17;
210.21.128.0/17;
210.22.0.0/16;
210.51.0.0/16;
210.52.0.0/18;
210.52.64.0/18;
210.52.128.0/17;
210.53.0.0/17;
210.53.128.0/17;
210.56.192.0/19;
210.72.160.0/19;
210.74.64.0/19;
210.74.96.0/19;
210.74.128.0/19;
210.78.0.0/19;
210.78.160.0/19;
210.78.192.0/18;
210.79.64.0/18;
210.82.0.0/15;
211.90.0.0/15;
211.92.0.0/15;
211.94.0.0/15;
211.96.0.0/15;
211.101.64.0/18;
211.144.0.0/15;
218.7.0.0/16;
218.8.0.0/15;
218.10.0.0/16;
218.11.0.0/16;
218.12.0.0/16;
218.21.128.0/17;
218.24.0.0/15;
218.26.0.0/16;
218.27.0.0/16;
218.28.0.0/15;
218.56.0.0/14;
218.60.0.0/15;
218.62.0.0/17;
218.67.128.0/17;
218.68.0.0/15;
218.104.0.0/17;
218.104.128.0/19;
218.104.160.0/19;
218.104.192.0/21;
218.104.200.0/21;
218.104.208.0/20;
218.104.224.0/19;
218.105.0.0/16;
218.106.0.0/15;
219.154.0.0/15;
219.156.0.0/15;
219.158.0.0/17;
219.158.128.0/17;
219.159.0.0/18;
219.232.0.0/14;
220.152.128.0/17;
220.192.0.0/15;
220.194.0.0/15;
220.196.0.0/14;
220.200.0.0/13;
220.231.0.0/18;
220.234.0.0/16;
220.248.0.0/14;
220.252.0.0/16;
221.0.0.0/15;
221.2.0.0/16;
221.3.0.0/17;
221.3.128.0/17;
221.4.0.0/16;
221.5.0.0/17;
221.5.128.0/17;
221.6.0.0/16;
221.7.0.0/19;
221.7.32.0/19;
221.7.64.0/19;
221.7.96.0/19;
221.7.128.0/17;
221.8.0.0/15;
221.10.0.0/16;
221.11.0.0/17;
221.11.128.0/18;
221.11.192.0/19;
221.11.224.0/19;
221.12.0.0/17;
221.12.128.0/18;
221.13.0.0/18;
221.13.64.0/19;
221.13.96.0/19;
221.13.128.0/17;
221.14.0.0/15;
221.137.0.0/16;
221.192.0.0/15;
221.194.0.0/16;
221.195.0.0/16;
221.196.0.0/15;
221.198.0.0/16;
221.199.0.0/19;
221.199.32.0/20;
221.199.48.0/20;
221.199.64.0/18;
221.199.128.0/18;
221.199.192.0/20;
221.199.224.0/19;
221.200.0.0/14;
221.204.0.0/15;
221.206.0.0/16;
221.207.0.0/18;
221.207.64.0/18;
221.207.128.0/17;
221.208.0.0/14;
221.212.0.0/16;
221.213.0.0/16;
221.214.0.0/15;
221.216.0.0/13;
222.128.0.0/14;
222.132.0.0/14;
222.136.0.0/13;
222.160.0.0/15;
222.162.0.0/16;
222.163.0.0/19;
222.163.32.0/19;
222.163.64.0/18;
222.163.128.0/17;
223.27.184.0/22;
223.166.0.0/15;
};

cat cmcc.txt
acl cmcc{
36.128.0.0/10;
39.128.0.0/10;
43.251.244.0/22;
45.121.172.0/22;
45.121.176.0/22;
103.20.112.0/22;
103.21.176.0/22;
103.62.24.0/22;
111.0.0.0/10;
112.0.0.0/10;
117.128.0.0/10;
120.192.0.0/10;
183.192.0.0/10;
211.103.0.0/17;
211.136.0.0/14;
211.140.0.0/15;
211.142.0.0/17;
211.142.128.0/17;
211.143.0.0/16;
218.200.0.0/14;
218.204.0.0/15;
218.206.0.0/15;
221.130.0.0/15;
221.176.0.0/13;
223.64.0.0/11;
223.96.0.0/12;
223.112.0.0/14;
223.116.0.0/15;
223.120.0.0/13;
192.168.137.0/24;
};

cat edu.txt
acl edu{
1.51.0.0/16;
1.184.0.0/15;
42.244.0.0/14;
49.52.0.0/14;
49.120.0.0/14;
49.140.0.0/15;
49.208.0.0/15;
58.154.0.0/15;
58.192.0.0/15;
58.194.0.0/15;
58.196.0.0/15;
58.198.0.0/15;
58.200.0.0/13;
59.64.0.0/14;
59.68.0.0/14;
59.72.0.0/15;
59.74.0.0/15;
59.76.0.0/16;
59.77.0.0/16;
59.78.0.0/15;
101.4.0.0/14;
101.76.0.0/15;
110.64.0.0/15;
111.114.0.0/15;
111.116.0.0/15;
111.186.0.0/15;
113.54.0.0/15;
114.212.0.0/15;
114.214.0.0/16;
115.24.0.0/14;
115.154.0.0/15;
115.156.0.0/15;
115.158.0.0/16;
116.13.0.0/16;
116.56.0.0/15;
118.202.0.0/15;
118.228.0.0/15;
118.230.0.0/16;
120.94.0.0/16;
120.95.0.0/16;
121.48.0.0/15;
121.52.160.0/19;
121.192.0.0/16;
121.193.0.0/16;
121.194.0.0/15;
121.248.0.0/14;
122.204.0.0/14;
125.216.0.0/15;
125.218.0.0/16;
125.219.0.0/16;
125.220.0.0/15;
125.222.0.0/15;
175.185.0.0/16;
175.186.0.0/15;
180.84.0.0/15;
180.201.0.0/16;
180.208.0.0/15;
183.168.0.0/15;
183.170.0.0/16;
183.172.0.0/14;
192.124.154.0/24;
202.4.128.0/19;
202.38.2.0/23;
202.38.64.0/19;
202.38.96.0/19;
202.38.140.0/23;
202.38.184.0/21;
202.38.192.0/18;
202.112.0.0/16;
202.113.0.0/20;
202.113.16.0/20;
202.113.32.0/19;
202.113.64.0/18;
202.113.128.0/18;
202.113.192.0/19;
202.113.224.0/20;
202.113.240.0/20;
202.114.0.0/19;
202.114.32.0/19;
202.114.64.0/18;
202.114.128.0/17;
202.115.0.0/19;
202.115.128.0/17;
202.116.0.0/19;
202.116.32.0/20;
202.116.48.0/20;
202.116.64.0/19;
202.116.96.0/19;
202.116.128.0/17;
202.117.0.0/18;
202.117.64.0/18;
202.117.128.0/17;
202.118.0.0/19;
202.118.32.0/19;
202.118.64.0/18;
202.118.128.0/17;
202.119.0.0/19;
202.119.32.0/19;
202.119.64.0/20;
202.119.80.0/20;
202.119.96.0/19;
202.119.128.0/17;
202.120.0.0/18;
202.120.64.0/18;
202.120.128.0/17;
202.121.0.0/16;
202.127.216.0/21;
202.127.224.0/19;
202.179.240.0/20;
202.192.0.0/13;
202.200.0.0/14;
202.204.0.0/14;
203.91.120.0/21;
210.25.0.0/16;
210.26.0.0/15;
210.28.0.0/14;
210.32.0.0/14;
210.36.0.0/14;
210.40.0.0/13;
211.64.0.0/14;
211.68.0.0/15;
211.70.0.0/15;
211.80.0.0/16;
211.81.0.0/16;
211.82.0.0/16;
211.83.0.0/16;
211.84.0.0/15;
211.86.0.0/15;
218.192.0.0/16;
218.193.0.0/16;
218.194.0.0/16;
218.195.0.0/16;
218.196.0.0/14;
219.216.0.0/15;
219.218.0.0/15;
219.220.0.0/16;
219.221.0.0/16;
219.222.0.0/15;
219.224.0.0/15;
219.226.0.0/16;
219.227.0.0/16;
219.228.0.0/15;
219.230.0.0/15;
219.242.0.0/15;
219.244.0.0/14;
222.16.0.0/15;
222.18.0.0/15;
222.20.0.0/15;
222.22.0.0/16;
222.23.0.0/16;
222.24.0.0/15;
222.26.0.0/15;
222.28.0.0/14;
222.192.0.0/14;
222.196.0.0/15;
222.198.0.0/16;
222.199.0.0/16;
222.200.0.0/14;
222.204.0.0/15;
222.206.0.0/15;
223.2.0.0/15;
223.128.0.0/15;
};

cat tietong.txt
acl tietong{
36.192.0.0/11;
43.247.240.0/22;
61.232.0.0/14;
61.236.0.0/15;
101.144.0.0/12;
103.3.128.0/22;
110.96.0.0/11;
110.192.0.0/11;
115.180.0.0/14;
118.204.0.0/14;
120.90.0.0/15;
122.64.0.0/11;
123.64.0.0/11;
211.98.0.0/16;
221.172.0.0/14;
222.32.0.0/11;
};

DLZ相关数据库表结构建立

mysql>create database dns_view; //创建数据库名为dns_view与view中的dbname对应
mysql>use dns_view;
CREATE TABLE `dnstb` (
`id` int(10) unsigned NOT NULL auto_increment,
`zone` varchar(255) NOT NULL,
`host` varchar(255) NOT NULL default '@',
`type` enum('MX','CNAME','NS','SOA','A','PTR') NOT NULL,
`data` varchar(255) default NULL,
`ttl` int(11) NOT NULL default '600',
`view` char(20) default 'OP',
`mx_priority` int(11) default NULL,
`refresh` int(11) NOT NULL default '600',
`retry` int(11) NOT NULL default '3600',
`expire` int(11) NOT NULL default '86400',
`minimum` int(11) NOT NULL default '3600',
`serial` bigint(20) NOT NULL default '2011061200',
`resp_person` varchar(64) NOT NULL default 'root.gov.com.',
`primary_ns` varchar(64) NOT NULL default 'ns1.gov.com.',
`data_count` int(11) NOT NULL default '0',
PRIMARY KEY (`id`),
KEY `type` (`type`),
KEY `host` (`host`),
KEY `zone` (`zone`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=gbk;

配置Bind-View-DLZ-MYSQL:
1、配置view.conf

cat /usr/local/bind/etc/view.conf
view "CMCC_view" {
match-clients { key cmcc;dns-ip-list;CMCC;};
allow-query-cache       { none; };
allow-recursion         { none; };
allow-transfer          { none; };
recursion               no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 }
{select zone from dnstb where zone = '$zone$' and view = 'CMCC' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from dnstb where zone
= '$zone$' and host = '$record$' and (view = 'CMCC' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '$zone$' and view='CMCC'}
{select zone from xfr_table where zone = '$zone$' and client = '$client$' and
view='CMCC' limit 1}
{update data_count set count = count + 1 where zone ='$zone$' and view='CMCC'}";
};
};

view "CNC_view" {
match-clients { key cnc;dns-ip-list;CNC;};
allow-query-cache       { none; };
allow-recursion         { none; };
allow-transfer          { none; };
recursion               no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 }
{select zone from dnstb where zone = '$zone$' and view = 'CNC' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from dnstb where zone
= '$zone$' and host = '$record$' and (view = 'CNC' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '$zone$' and view='CNC'}
{select zone from xfr_table where zone = '$zone$' and client = '$client$' and
view='CNC' limit 1}
{update data_count set count = count + 1 where zone ='$zone$' and view='CNC'}";
};
};


view "EDU_view" {
match-clients { key edu;dns-ip-list;EDU;};
allow-query-cache       { none; };
allow-recursion         { none; };
allow-transfer          { none; };
recursion               no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 }
{select zone from dnstb where zone = '$zone$' and view = 'EDU' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from dnstb where zone
= '$zone$' and host = '$record$' and (view = 'EDU' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '$zone$' and view='EDU'}
{select zone from xfr_table where zone = '$zone$' and client = '$client$' and
view='EDU' limit 1}
{update data_count set count = count + 1 where zone ='$zone$' and view='EDU'}";
};
};

view "TIETONG_view" {
match-clients { key tietong;dns-ip-list;TIETONG;};
allow-query-cache       { none; };
allow-recursion         { none; };
allow-transfer          { none; };
recursion               no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 }
{select zone from dnstb where zone = '$zone$' and view = 'TIETONG' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from dnstb where zone
= '$zone$' and host = '$record$' and (view = 'TIETONG' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '$zone$' and view='TIETONG'}
{select zone from xfr_table where zone = '$zone$' and client = '$client$' and
view='TIETONG' limit 1}
{update data_count set count = count + 1 where zone ='$zone$' and view='TIETONG'}";
};
};

view "CT_view" {
match-clients { key ct;dns-ip-list;CT;};
allow-query-cache       { none; };
allow-recursion         { none; };
allow-transfer          { none; };
recursion               no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 }
{select zone from dnstb where zone = '$zone$' and view = 'CT' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from dnstb where zone
= '$zone$' and host = '$record$' and (view = 'CT' or view = 'OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb where zone = '$zone$' and view='CT'}
{select zone from xfr_table where zone = '$zone$' and client = '$client$' and
view='CT' limit 1}
{update data_count set count = count + 1 where zone ='$zone$' and view='CT'}";
};
};


view "any_view" {
match-clients { key any;dns-ip-list;ANY;};
allow-query-cache       { none; };
allow-recursion         { none; };
allow-transfer          { none; };
recursion               no;
dlz "Mysql zone" {
database "mysql
{host=127.0.0.1 dbname=dns_view ssl=false port=3306 user=root pass=123456 }
{select zone from dnstb where zone = '$zone$' and view = 'ANY' limit 1 }
{select ttl, type, mx_priority, case when lower(type)='txt' then concat('\"', data,
'\"') when lower(type) = 'soa' then concat_ws(' ', data, resp_person, serial,
refresh, retry, expire, minimum) else data end as mydata from dnstb where zone
= '$zone$' and host = '$record$' and (view = 'ANY' or view='OP')}
{}
{select ttl, type, host, mx_priority, case when lower(type)='txt' then concat('\"',
data, '\"') else data end as mydata, resp_person, serial, refresh, retry, expire,
minimum from dnstb  where zone = '$zone$' and view='ANY'}
{select zone from xfr_table where zone = '$zone$' and client = '$client$' and
view='ANY' limit 1}
{update data_count set count = count + 1 where zone ='$zone$' and view='ANY'}";
};
};

启动bind服务

/usr/local/bind/sbin/named -uroot -g -d 9

调试状态,如果没有报错说明环境配置正确。做成启动服务. Debug的时候多用此模式启动bind. ,如果没问题,杀掉进程使用下面的命令启动服务
重载named.conf相关配置文件.

/usr/local/bind/sbin/rndc reload

启动bind 服务.

/usr/local/bind/sbin/named -4 -uroot -c /usr/local/bind/etc/named.conf

添加相关记录并进行测试
�CSOA

INSERT INTO `dnstb` (`zone`, `host`, `type`, `data`, `ttl`,`mx_priority`,
`refresh`, `retry`, `expire`, `minimum`, `serial`, `resp_person`, `primary_ns`,
`data_count`) VALUES
('gov.com', '@', 'SOA', 'ns1.gov.com.', 10, NULL, 600, 3600, 86400,
10, 2011061200, 'root.gov.com.', 'ns1.gov.com.', 0);

�C@ NS

INSERT INTO `dnstb` (`zone`, `host`, `type`, `data`) VALUES
('gov.com', '@', 'NS', 'ns1.gov.com.'),
('gov.com', '@', 'NS', 'ns2.gov.com.');

�CNS A

INSERT INTO `dnstb` (`zone`, `host`, `type`, `data`) VALUES
('gov.com', 'ns1', 'A', '192.168.137.2'),
('gov.com', 'ns2', 'A', '192.168.137.3');

�CA

INSERT INTO `dnstb` (`zone`, `host`, `type`, `data`, `ttl`, `view`) VALUES
('gov.com', 'www', 'A', '192.168.1.51', 360, 'CNC'),
('gov.com', 'www', 'A', '192.168.1.52', 360, 'CT'),
('gov.com', 'www', 'A', '192.168.1.53', 360, 'CMCC'),
('gov.com', 'www', 'A', '192.168.1.54', 360, 'EDU'),
('gov.com', 'www', 'A', '192.168.1.55', 360, 'TIETONG'),
('gov.com', 'www', 'A', '192.168.1.56', 360, 'ANY'),

�CCNAME

INSERT INTO dnstb (zone,host,type,DATA,view) VALUES
('gov.com', 'bbs', 'CNAME', 'www','OP');

测试。试着换客户ip 来解析就能解析出不同的地址
通过dig www.gov.com @127.0.0.1 测试

六、配置从DNS:
1、安装mysql(略)
2、安装bind配置和主的一样,可以通过rsync同步过来。
3、Mysql主从复制:
1)Master 配置
创建同步用户

mysql -u root
mysql>UNLOCK TABLES;
mysql>GRANT ALL PRIVILEGES ON *. TO 'root'@'%' IDENTIFIED BY '123456' WITH
GRANT OPTION;
mysql>exit

修改配置文件,并打包var文件到Slave 端

vim /etc/my.cnf
[mysqld] 在mysqld 里添加如下几项
long_query_time = 5
expire_logs_days= 3
binlog-do-db=dns_view  ==>要同步的数据库
binlog-ignore-db=mysql ==>不同步的数据库
binlog_format=mixed
server-id = 160  ==>同一个网络唯一

重启mysql
2)Slave配置:
将my.cnf 中的server-id=1 改成161
#log-bin=mysql-bin //注释掉这两行。
#binlog_format=mixed //修改成如下内容

server-id = 161
replicate-do-db=dns_view
replicate-ignore-db=mysql
log-slave-updates
slave-skip-errors=all
slave-net-timeout=60

重启mysql

mysql -u root
mysql>CHANGE MASTER TO
MASTER_HOST='192.168.137.2', //Master IP
MASTER_USER='root', //用户
MASTER_PASSWORD='123456', //密码
MASTER_LOG_FILE='mysql-bin.000002',
MASTER_LOG_POS=2272;

以上两行必须按照Master 端的master 状态写show master status;
3)验证:

dig @192.168.137.2 www.gov.com
dig @192.168.137.3 www.gov.com

在Master端修改A记录的IP地址,看从是否有变化,如果变化一致说明mysql主从复制成功。

七、根据职能DNS可以轻松实现企业DNS功能,同时还可以结合Squid,Nginx,Varnish打造CDN架构

你可能感兴趣的:(mysql,FreeBSD,dns,DLZ)