Setup a DNS server with bind on Ubuntu

After looking on Ubuntu forum for an easy step-by-step howto for instaling a DNS server, I decided the best idea would probably be to write this howto myself.... So, here it is!

Step 1: Install Ubuntu dapper, or use your WORKING installation.

Step2: Install bind 9:
Code:
sudo apt-get install bind9
Step 3: Configure the main Bind files. Usually, if you install Bind from the source code, you will have to edit the file named.conf. However, Ubuntu provides you with a pre-configured Bind, so we will edit another file:
Code:
sudo vi /etc/bind/named.conf.local
This is where we will insert our zones. By the way, a zone is a domain name that is referenced in the DNS server 
Insert this in the named.conf.local file:
Code:
# This is the zone definition. replace example.com with your domain name
zone "example.com" {
        type master;
        file "/etc/bind/zones/example.com.db";
        };

# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation - e.g my network address is 192.168.0
zone "0.168.192.in-addr.arpa" {
     type master;
     file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};
Ok, now, let's edit the options file:
Code:
sudo vi /etc/bind/named.conf.options
We need to modify the forwarder. This is the DNS server to which your own DNS will forward the requests he cannot process.
Code:
forwarders {
      # Replace the address below with the address of your provider's DNS server
      123.123.123.123;
};
Now, let's add the zone definition files (replace example.com with your domain name:
Code:
sudo mkdir /etc/bind/zones
sudo vi /etc/bind/zones/example.com.db
The zone definition file is where we will put all the addresses / machine names that our DNS server will know. You can take the following example:
Code:
// replace example.com with your domain name. do not forget the . after the domain name!
// Also, replace ns1 with the name of your DNS server
example.com.      IN      SOA     ns1.example.com. admin.example.com. (
// Do not modify the following lines!
                                                        2006081401
                                                        28800
                                                        3600
                                                        604800
                                                        38400
 )

// Replace the following line as necessary:
// ns1 = DNS Server name
// mta = mail server name
// example.com = domain name
example.com.      IN      NS              ns1.example.com.
example.com.      IN      MX     10       mta.example.com.

// Replace the IP address with the right IP addresses.
www              IN      A       192.168.0.2
mta              IN      A       192.168.0.3
ns1              IN      A       192.168.0.1
Now, let's create the reverse DNS zone file:
Code:
sudo vi /etc/bind/zones/rev.0.168.192.in-addr.arpa
Copy and paste the following text, modify as needed:
Code:
//replace example.com with yoour domain name, ns1 with your DNS server name.
// The number before IN PTR example.com is the machine address of the DNS server. in my case, it's 1, as my IP address is 192.168.0.1.
@ IN SOA ns1.example.com. admin.example.com. (
                        2006081401;
                        28800; 
                        604800;
                        604800;
                        86400 
)

                     IN    NS     ns1.example.com.
1                    IN    PTR    example.com
Ok, now you just need to restart bind:
Code:
sudo /etc/init.d/bind9 restart
We can now test the new DNS server...
Step 4: Modify the file resolv.conf with the following settings:
Code:
sudo vi /etc/resolv.conf
enter the following:
Code:
// replace example.com with your domain name, and 192.168.0.1 with the address of your new DNS server.
search example.com
nameserver 192.168.0.1
Now, test your DNS:
Code:
dig example.com
Look at the result.... Enjoy!

Redirection from http to https through .htaccess

If you want to redirect domainname.com and www.domainname.com to https://www.domainname.com, please use below codes in .htaccess file of the domain:


RewriteEngine On
RewriteCond %{HTTPS} !^on$
RewriteRule (.*) https://www.domainname.com /$1 [R,L]

Clamd FAILED :: Starting Clam AntiVirus Daemon: LibClamAV Error: cl_cvdhead: Can't read CVD header in /var/clamav/daily.cld

If you are getting following error while restarting the clamd
--------------------------------------

Stopping Clam AntiVirus Daemon:                            [FAILED]
Starting Clam AntiVirus Daemon: LibClamAV Error: cl_cvdhead: Can't read CVD header in /var/clamav/daily.cld
LibClamAV Error: cli_loaddbdir(): error parsing header of /var/clamav/daily.cld
ERROR: Malformed database
                                                           [FAILED]
--------------------------------------


That means the DBs are corrupted. Do this:
--------------
cd /usr/share/clamav/
--------------
Empty the content of these 3 files:
daily.cvd
main.cld
mirrors.dat
Then run this command to download fresh copies for your DBs:

/etc/cron.daily/freshclam

Although this is not necessary, but restart clamd:

Code:
/scripts/restartsrv_clamd
Hope this helps!

Run FTP on multiple ports (Proftpd & Pure-FTPD)

In many cases you don't want to allow default FTP port which is 21 and need to set FTP on different port OR you want both for FTP. Here I am specifying the steps to configure FTP on multiple ports and I am using custom port number 8226 here for FTP:

Pro-FTPD

in pro-ftpd, its quite simple and you just need to specify the different port in "/etc/pure-ftpd.conf" as given below:
---------------------
Port                            8226
PassivePorts    30000 50000
---------------------

On my testing server I've added these lines above following line which works fine:
---------------------
# Umask 022 is a good standard umask to prevent new dirs and files
---------------------

Once you are done with the changes, restart the service:
---------------------
/etc/init.d/proftpd restart
---------------------

make sure it is working through following command:
---------------------
root@[~]# netstat -lpn | grep ftp
tcp        0      0 :::8226                     :::*                        LISTEN      854817/proftpd: (ac 
tcp        0      0 :::21                       :::*                        LISTEN      854817/proftpd: (ac 
---------------------

Now try connecting with both ports and it should work.

Pure-FTPD

Pure-FTPD configuration is bit lengthy but it is always recommended to use pure-ftp instead as Pure-FTPd is generally regarded as faster FTP than Pro FTPd. So here is the configuration for running pure-ftpd on multiple ports

1. Make a copy of default pure-ftpd.conf file
---------------------
cp -p /etc/pure-ftpd.conf /etc/pure-ftpd-8226.conf
---------------------

2. Edit the file /etc/pure-ftpd-8226.conf
---------------------
vi /etc/pure-ftpd-8226.conf
---------------------

3. Find and replace the lines
---------------------
# Bind 127.0.0.1,21
With
Bind 0.0.0.0,8226
---------------------

4. Now make a copy of the start-up script and run with the new config as a separate service:
---------------------
cp -p /etc/rc.d/init.d/pure-ftpd /etc/rc.d/init.d/pure-ftpd-8226
---------------------

5. Edit the /etc/rc.d/init.d/pure-ftpd-31 to load with the new config.
---------------------
vi /etc/rc.d/init.d/pure-ftpd-31
---------------------

6. Find and replace the lines
---------------------
$DAEMONIZE $fullpath /etc/pure-ftpd.conf -O clf:/var/log/xferlog $OPTIONS –daemonize
With
$DAEMONIZE $fullpath /etc/pure-ftpd-8226.conf -O clf:/var/log/xferlog $OPTIONS –daemonize
---------------------

7. Now start the new service.
---------------------
/etc/init.d/pure-ftpd-8226 start
---------------------
Done, now make sure that both ports are working
---------------------
root@vault [~]# netstat -lpn | grep ftp
tcp        0      0 0.0.0.0:6497                0.0.0.0:*                   LISTEN      7589/pure-ftpd (SER 
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      23093/pure-ftpd (SER
---------------------
Note :: 
# If you want to stop serving port 21 for FTP with pure-ftpd, simply stop the default service:
---------------------
/etc/init.d/pure-ftpd stop
---------------------
and restart another start-up script
---------------------
/etc/init.d/pure-ftpd-8226 restart
---------------------
That's it.

# The another important thing is that you need to allow passive port range in custom conf file (/etc/pure-ftpd-8226.conf), simply remove the comment (#) in front of below line:
---------------------
PassivePorts    30000 50000
---------------------
# Make sure that passive port range (30000:50000) and custom port (8226) is open in firewall if you have any

I hope this post will make your work easier :-)