options {        listen-on port 53 { any; };        listen-on-v6 port 53 { any; };        directory       "/var/named";        dump-file       "/var/named/data/cache_dump.db";        statistics-file "/var/named/data/named_stats.txt";        memstatistics-file "/var/named/data/named_mem_stats.txt";        allow-query     { any; };        recursion yes;                dnssec-enable yes;        dnssec-validation yes;        dnssec-lookaside auto;        /* Path to ISC DLV key */        bindkeys-file "/etc/named.iscdlv.key";        managed-keys-directory "/var/named/dynamic";};logging {        channel default_debug {                file "data/named.run";                severity dynamic;        };};zone "." IN {        type hint;        file "named.ca";};zone "workstation." IN {        type master;        file "named.workstation";};

$TTL 600@       IN SOA master.workstation. afu.master.workstation. (                2014091901 3H 15M 1W 1D)@       IN NS master.workstation.master.workstation. IN A 10.103.25.156www.workstation. IN A 10.103.27.166nfs.workstation. IN A 10.103.25.34ftp.workstation. IN CNAME www.workstation.samba.workstation. IN CNAME nfs.workstation.~                                               

*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT-A INPUT -j REJECT --reject-with icmp-host-prohibited-A FORWARD -j REJECT --reject-with icmp-host-prohibitedCOMMIT~