Skip to content
Snippets Groups Projects
Commit 04deb612 authored by Jan Včelák's avatar Jan Včelák :rocket:
Browse files

doc: regenerate manual pages

parent 6016d15c
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
doc/man/kdig.1in
+ 45
51
View file @ 04deb612
......@@ -65,18 +65,18 @@ zone.
.INDENT 0.0
.TP
\fB\-4\fP
Use IPv4 protocol only.
Use the IPv4 protocol only.
.TP
\fB\-6\fP
Use IPv6 protocol only.
Use the IPv6 protocol only.
.TP
\fB\-b\fP \fIaddress\fP
Set the source IP address of the query to \fIaddress\fP\&. The address must be a
valid address for local interface or :: or 0.0.0.0. Optional port
can be specified in the same format as \fIserver\fP value.
valid address for local interface or :: or 0.0.0.0. An optional port
can be specified in the same format as the \fIserver\fP value.
.TP
\fB\-c\fP \fIclass\fP
Set query class (e.g. CH, CLASS4). An explicit variant of \fIclass\fP
Set the query class (e.g. CH, CLASS4). An explicit variant of \fIclass\fP
specification. The default class is IN.
.TP
\fB\-d\fP
......@@ -86,32 +86,32 @@ Enable debug messages.
Print help and usage.
.TP
\fB\-k\fP \fIkeyfile\fP
Use TSIG key stored in a file \fIkeyfile\fP to authenticate the request. The
file must contain the key in the same format, which is accepted by the
Use the TSIG key stored in a file \fIkeyfile\fP to authenticate the request. The
file must contain the key in the same format as accepted by the
\fB\-y\fP option.
.TP
\fB\-p\fP \fIport\fP
Set nameserver port number or service name to send a query to. The default
Set the nameserver port number or service name to send a query to. The default
port is 53.
.TP
\fB\-q\fP \fIname\fP
Set query name. An explicit variant of \fIname\fP specification.
Set the query name. An explicit variant of \fIname\fP specification.
.TP
\fB\-t\fP \fItype\fP
Set query type (e.g. NS, IXFR=12345, TYPE65535, NOTIFY). An explicit variant of
\fItype\fP specification. The default type is A. IXFR type requires SOA serial
parameter. NOTIFY type without SOA serial parameter causes pure NOTIFY message
without any SOA hint.
Set the query type (e.g. NS, IXFR=12345, TYPE65535, NOTIFY). An explicit
variant of \fItype\fP specification. The default type is A. IXFR type requires
SOA serial parameter. NOTIFY type without SOA serial parameter causes pure
NOTIFY message without any SOA hint.
.TP
\fB\-v\fP, \fB\-\-version\fP
Print program version.
Print the program version.
.TP
\fB\-x\fP \fIaddress\fP
Send reverse (PTR) query for IPv4 or IPv6 \fIaddress\fP\&. Correct name, class
Send a reverse (PTR) query for IPv4 or IPv6 \fIaddress\fP\&. The correct name, class
and type is set automatically.
.TP
\fB\-y\fP [\fIalg\fP:]\fIname\fP:\fIkey\fP
Use TSIG key with a name \fIname\fP to authenticate the request. The \fIalg\fP
Use the TSIG key named \fIname\fP to authenticate the request. The \fIalg\fP
part specifies the algorithm (the default is hmac\-md5) and \fIkey\fP specifies
the shared secret encoded in Base64.
.TP
......@@ -129,91 +129,85 @@ Wrap long records to more lines and improve human readability.
Show record data only.
.TP
\fB+\fP[\fBno\fP]\fBaaflag\fP
Set AA flag.
Set the AA flag.
.TP
\fB+\fP[\fBno\fP]\fBtcflag\fP
Set TC flag.
Set the TC flag.
.TP
\fB+\fP[\fBno\fP]\fBrdflag\fP
Set RD flag.
Set the RD flag.
.TP
\fB+\fP[\fBno\fP]\fBrecurse\fP
Same as \fB+\fP[\fBno\fP]\fBrdflag\fP
.TP
\fB+\fP[\fBno\fP]\fBraflag\fP
Set RA flag.
Set the RA flag.
.TP
\fB+\fP[\fBno\fP]\fBzflag\fP
Set zero flag bit.
Set the zero flag bit.
.TP
\fB+\fP[\fBno\fP]\fBadflag\fP
Set AD flag.
Set the AD flag.
.TP
\fB+\fP[\fBno\fP]\fBcdflag\fP
Set CD flag.
Set the CD flag.
.TP
\fB+\fP[\fBno\fP]\fBdnssec\fP
Set DO flag.
Set the DO flag.
.TP
\fB+\fP[\fBno\fP]\fBall\fP
Show all packet sections.
.TP
\fB+\fP[\fBno\fP]\fBqr\fP
Show query packet.
Show the query packet.
.TP
\fB+\fP[\fBno\fP]\fBheader\fP
Show packet header.
Show the packet header.
.TP
\fB+\fP[\fBno\fP]\fBopt\fP
Show EDNS pseudosection.
Show the EDNS pseudosection.
.TP
\fB+\fP[\fBno\fP]\fBquestion\fP
Show question section.
Show the question section.
.TP
\fB+\fP[\fBno\fP]\fBanswer\fP
Show answer section.
Show the answer section.
.TP
\fB+\fP[\fBno\fP]\fBauthority\fP
Show authority section.
Show the authority section.
.TP
\fB+\fP[\fBno\fP]\fBadditional\fP
Show additional section.
Show the additional section.
.TP
\fB+\fP[\fBno\fP]\fBtsig\fP
Show TSIG pseudosection.
Show the TSIG pseudosection.
.TP
\fB+\fP[\fBno\fP]\fBstats\fP
Show trailing packet statistics.
.TP
\fB+\fP[\fBno\fP]\fBclass\fP
Show DNS class.
Show the DNS class.
.TP
\fB+\fP[\fBno\fP]\fBttl\fP
Show TTL value.
Show the TTL value.
.TP
\fB+\fP[\fBno\fP]\fBtcp\fP
Use TCP protocol (default is UDP for standard query and TCP for AXFR/IXFR).
Use the TCP protocol (default is UDP for standard query and TCP for AXFR/IXFR).
.TP
\fB+\fP[\fBno\fP]\fBfail\fP
Stop querying next nameserver if SERVFAIL response is received.
.TP
\fB+\fP[\fBno\fP]\fBignore\fP
Don\(aqt use TCP automatically if truncated reply is received.
.UNINDENT
.sp
Don\(aqt use TCP automatically if a truncated reply is received.
.TP
\fB+\fP[\fBno\fP]\fBnsid\fP
.INDENT 0.0
.INDENT 3.5
Request nameserver identifier (NSID).
.UNINDENT
.UNINDENT
.INDENT 0.0
Request the nameserver identifier (NSID).
.TP
\fB+\fP[\fBno\fP]\fBedns\fP=\fIN\fP
Use EDNS version (default is 0).
.TP
\fB+noidn\fP
Disable IDN transformation to ASCII and vice versa. IDNA2003 support depends
Disable the IDN transformation to ASCII and vice versa. IDNA2003 support depends
on libidn availability during project building!
.TP
\fB+generic\fP
......@@ -221,22 +215,22 @@ Use the generic representation format when printing resource record types
and data.
.TP
\fB+client\fP=\fISUBN\fP
Set EDNS client subnet SUBN=IP/prefix.
Set the EDNS client subnet SUBN=IP/prefix.
.TP
\fB+time\fP=\fIT\fP
Set wait for reply interval in seconds (default is 5 seconds). This timeout
applies to each query try.
Set the wait\-for\-reply interval in seconds (default is 5 seconds). This timeout
applies to each query attempt.
.TP
\fB+retry\fP=\fIN\fP
Set number (>=0) of UDP retries (default is 2). This doesn\(aqt apply to
Set the number (>=0) of UDP retries (default is 2). This doesn\(aqt apply to
AXFR/IXFR.
.TP
\fB+bufsize\fP=\fIB\fP
Set EDNS buffer size in bytes (default is 512 bytes).
Set the EDNS buffer size in bytes (default is 512 bytes).
.UNINDENT
.SH NOTES
.sp
Options \fB\-k\fP and \fB\-y\fP cannot be used mutually.
Options \fB\-k\fP and \fB\-y\fP can not be used simultaneously.
.sp
Missing features with regard to ISC dig:
.INDENT 0.0
......
doc/man/keymgr.8in
+ 13
12
View file @ 04deb612
......@@ -39,18 +39,18 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
.sp
The \fBkeymgr\fP utility serves for DNSSEC keys and KASP (Key And
Signature Policy) management in Knot DNS server. The configuration is stored
in a so called KASP database. The database is simply a directory on the
in a so called KASP database. The database is simply a directory in the
file\-system containing files in the JSON format.
.sp
The operations are organized into commands and subcommands. The command
The operations are organized into commands and subcommands. A command
specifies the operation to be performed with the KASP database. It is usually
followed by named arguments. A special command \fBhelp\fP can be used to list
available subcommands at that position. Listing of available command arguments
followed by named arguments. The special command \fBhelp\fP can be used to list
available subcommands in that area. The listing of available command arguments
is not supported yet.
.sp
The command and argument names are parsed in a smart way. Only a beginning
of the name can be specified and will be recognized. The specified part must
be unique amongst the other names.
Command and argument names are parsed in a smart way. Only a beginning
of a name can be entered and it will be recognized. The specified part of
a name must be unique amongst the other names.
.SS Global options
.INDENT 0.0
.TP
......@@ -69,7 +69,7 @@ Operations with zones in the database. A zone holds assigned signing
configuration and signing metadata.
.TP
\fBpolicy\fP ...
Operations with KASP policies. The policy holds parameters that define the
Operations with KASP policies. A policy holds parameters that define the
way how a zone is signed.
.TP
\fBkeystore\fP ...
......@@ -129,7 +129,7 @@ Size of the key in bits.
Set the DNSKEY SEP (Secure Entry Point) flag.
.TP
\fBpublish\fP \fItime\fP
The time the key is publish as a DNSKEY record.
The time the key is published as a DNSKEY record.
.TP
\fBactive\fP \fItime\fP
The time the key is started to be used for signing.
......@@ -207,7 +207,7 @@ SOA Minimum TTL field.
Max TTL in the zone.
\fBNote\fP, Knot DNS will determine the value automatically in the future.
.TP
\fBdelay\fP \fIsecones\fP
\fBdelay\fP \fIseconds\fP
Zone signing and data propagation delay. The value is added for safety to
timing of all rollover steps.
.UNINDENT
......@@ -225,7 +225,7 @@ List private keys in the key store.
.SH EXAMPLES
.INDENT 0.0
.IP 1. 3
Initialize new KASP database, add a policy named \fIdefault\fP with default
Initialize a new KASP database, add a policy named \fIdefault\fP with default
parameters, and add a zone \fIexample.com\fP\&. The zone will use the created
policy:
.INDENT 3.0
......@@ -260,7 +260,8 @@ existing zone:
.sp
.nf
.ft C
$ keymgr policy add lab rrsig\-lifetime 300 rrsig\-refresh 150 zsk\-lifetime 600 delay 10
$ keymgr policy add lab rrsig\-lifetime 300 rrsig\-refresh 150 zsk\-lifetime 600 \e
delay 10
$ keymgr zone set example.com policy lab
.ft P
.fi
......
doc/man/khost.1in
+ 11
11
View file @ 04deb612
......@@ -47,19 +47,19 @@ address the PTR query type is used.
.TP
\fIserver\fP
Is a name or an address of the nameserver to send a query to. The address
can be specified using [address]:port notation. If no server is specified
can be specified using [address]:port notation. If no server is specified,
the servers from \fB/etc/resolv.conf\fP are used.
.UNINDENT
.sp
If no arguments are provided, \fBkhost\fP prints short help.
If no arguments are provided, \fBkhost\fP prints a short help.
.SS Options
.INDENT 0.0
.TP
\fB\-4\fP
Use IPv4 protocol only.
Use the IPv4 protocol only.
.TP
\fB\-6\fP
Use IPv6 protocol only.
Use the IPv6 protocol only.
.TP
\fB\-a\fP
Send ANY query with verbose mode.
......@@ -77,22 +77,22 @@ Disable recursion.
Stop querying the next nameserver if SERVFAIL response is received
.TP
\fB\-T\fP
Use TCP protocol.
Use the TCP protocol.
.TP
\fB\-v\fP
Enable verbose output.
.TP
\fB\-V\fP, \fB\-\-version\fP
Print program version.
Print the program version.
.TP
\fB\-w\fP
Wait forever for the reply.
.TP
\fB\-c\fP \fIclass\fP
Set query class (e.g. CH, CLASS4). The default class is IN.
Set the query class (e.g. CH, CLASS4). The default class is IN.
.TP
\fB\-t\fP \fItype\fP
Set query type (e.g. NS, IXFR=12345, TYPE65535). The default is to send 3
Set the query type (e.g. NS, IXFR=12345, TYPE65535). The default is to send 3
queries (A, AAAA and MX).
.TP
\fB\-R\fP \fIretries\fP
......@@ -124,7 +124,7 @@ Verbose mode has slightly different format (same as \fBkdig\fP).
.SH EXAMPLES
.INDENT 0.0
.IP 1. 3
Get A, AAAA and MX records for example.com:
Get the A, AAAA and MX records for example.com:
.INDENT 3.0
.INDENT 3.5
.sp
......@@ -136,7 +136,7 @@ $ khost example.com
.UNINDENT
.UNINDENT
.IP 2. 3
Get reverse record for address 192.0.2.1:
Get the reverse record for address 192.0.2.1:
.INDENT 3.0
.INDENT 3.5
.sp
......@@ -148,7 +148,7 @@ $ khost 192.0.2.1
.UNINDENT
.UNINDENT
.IP 3. 3
Perform verbose zone transfer for zone example.com:
Perform a verbose zone transfer for zone example.com:
.INDENT 3.0
.INDENT 3.5
.sp
......
doc/man/knot.conf.5in
+ 83
71
View file @ 04deb612
......@@ -32,55 +32,67 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
..
.SH DESCRIPTION
.sp
Configuration file for Knot DNS uses simplified YAML format. Simplified means
that not all features are supported.
Configuration files for Knot DNS use simplified YAML format. Simplified means
that not all of the features are supported.
.sp
For the configuration items description, there are some symbols with the
folowing meaning:
For the description of configuration items, we have to declare a meaning of
the following symbols:
.INDENT 0.0
.IP \(bu 2
\fIINT\fP \- Integer
\fIINT\fP \-\- Integer
.IP \(bu 2
\fISTR\fP \- Textual string
\fISTR\fP \-\- Textual string
.IP \(bu 2
\fIHEXSTR\fP \- Hexadecimal string (with \fB0x\fP prefix)
\fIHEXSTR\fP \-\- Hexadecimal string (with \fB0x\fP prefix)
.IP \(bu 2
\fIBOOL\fP \- Boolean value (\fBon\fP, \fBoff\fP, \fBtrue\fP or \fBfalse\fP)
\fIBOOL\fP \-\- Boolean value (\fBon\fP/\fBoff\fP or \fBtrue\fP/\fBfalse\fP)
.IP \(bu 2
\fITIME\fP \- Number of seconds, integer with possible time mutliplier suffix
\fITIME\fP \-\- Number of seconds, an integer with possible time multiplier suffix
(\fBs\fP ~ 1, \fBm\fP ~ 60, \fBh\fP ~ 3600 or \fBd\fP ~ 24 * 3600)
.IP \(bu 2
\fISIZE\fP \- Number of bytes, integer with possible size multiplier suffix
\fISIZE\fP \-\- Number of bytes, an integer with possible size multiplier suffix
(\fBB\fP ~ 1, \fBK\fP ~ 1024, \fBM\fP ~ 1024^2 or \fBG\fP ~ 1024^3)
.IP \(bu 2
\fIBASE64\fP \- Base64 encoded string
\fIBASE64\fP \-\- Base64 encoded string
.IP \(bu 2
\fIADDR\fP \- IPv4 or IPv6 address
\fIADDR\fP \-\- IPv4 or IPv6 address
.IP \(bu 2
\fIDNAME\fP \- Domain name
\fIDNAME\fP \-\- Domain name
.IP \(bu 2
\&... \- Multi\-valued item, order of the values is preserved
\&... \-\- Multi\-valued item, order of the values is preserved
.IP \(bu 2
[ ] \- Optional value
[ ] \-\- Optional value
.IP \(bu 2
| \- Choice
| \-\- Choice
.UNINDENT
.sp
There are 8 main sections (\fBserver\fP, \fBkey\fP, \fBacl\fP, \fBcontrol\fP,
\fBremote\fP, \fBtemplate\fP, \fBzone\fP and \fBlog\fP) and module sections with
\fBmod\-\fP prefix . Most of the sections (excluding \fBserver\fP and
\fBremote\fP, \fBtemplate\fP, \fBzone\fP and \fBlog\fP) and module sections with the
\fBmod\-\fP prefix. The most of the sections (excluding \fBserver\fP and
\fBcontrol\fP) are sequences of settings blocks. Each settings block
begins with a unique identifier, which can be used as a reference from other
sections (such identifier must be defined in advance).
.sp
Multi\-valued item can be specified either as a YAML sequence [val1, val2, ...]
or as more single\-valued items each on the extra line.
A multi\-valued item can be specified either as a YAML sequence
e.g. \fBaddress: [10.0.0.1, 10.0.0.2]\fP
or as more single\-valued items each on an extra line, e.g.:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
address: 10.0.0.1
address: 10.0.0.2
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
If an item value contains spaces or other special characters, it is necessary
to double quote such value with \fB"\fP \fB"\fP\&.
to enclose such value within double quotes \fB"\fP \fB"\fP\&.
.SH COMMENTS
.sp
A comment begins with a \fB#\fP character and is ignored during the processing.
A comment begins with a \fB#\fP character and is ignored during processing.
Also each configuration section or sequence block allows to specify permanent
comment using \fBcomment\fP item which is stored in the server beside the
configuration.
......@@ -133,14 +145,14 @@ server:
.UNINDENT
.SS identity
.sp
An identity of the server returned in the response for the query for TXT
An identity of the server returned in the response to the query for TXT
record \fBid.server.\fP or \fBhostname.bind.\fP in the CHAOS class (see RFC 4892).
Set empty value to disable.
.sp
Default: FQDN hostname
.SS version
.sp
A version of the server software returned in the response for the query
A version of the server software returned in the response to the query
for TXT record \fBversion.server.\fP or \fBversion.bind.\fP in the CHAOS
class (see RFC 4892). Set empty value to disable.
.sp
......@@ -215,8 +227,8 @@ descriptor limit to avoid resource exhaustion.
Default: 100
.SS rate\-limit
.sp
Rate limiting is based on the token bucket scheme. Rate basically
represents number of tokens available each second. Each response is
Rate limiting is based on the token bucket scheme. A rate basically
represents a number of tokens available each second. Each response is
processed and classified (based on several discriminators, e.g.
source netblock, qtype, name, rcode, etc.). Classified responses are
then hashed and assigned to a bucket containing number of available
......@@ -228,10 +240,10 @@ is recalculated each second.
Default: 0 (disabled)
.SS rate\-limit\-table\-size
.sp
Size of the hashtable in number of buckets. The larger the hashtable, the lesser
probability of a hash collision, but at the expense of additional memory costs.
Each bucket is estimated roughly to 32 bytes. Size should be selected as
a reasonably large prime due to the better hash function distribution properties.
Size of the hashtable in a number of buckets. The larger the hashtable, the lesser
the probability of a hash collision, but at the expense of additional memory costs.
Each bucket is estimated roughly to 32 bytes. The size should be selected as
a reasonably large prime due to better hash function distribution properties.
Hash table is internally chained and works well up to a fill rate of 90 %, general
rule of thumb is to select a prime near 1.2 * maximum_qps.
.sp
......@@ -334,13 +346,13 @@ An ordered list of allowed actions.
Possible values:
.INDENT 0.0
.IP \(bu 2
\fBtransfer\fP \- Allow zone transfer
\fBtransfer\fP \-\- Allow zone transfer
.IP \(bu 2
\fBnotify\fP \- Allow incoming notify
\fBnotify\fP \-\- Allow incoming notify
.IP \(bu 2
\fBupdate\fP \- Allow zone updates
\fBupdate\fP \-\- Allow zone updates
.IP \(bu 2
\fBcontrol\fP \- Allow remote control
\fBcontrol\fP \-\- Allow remote control
.UNINDENT
.sp
Default: empty
......@@ -427,10 +439,10 @@ the communication with the remote server.
Default: empty
.SH TEMPLATE SECTION
.sp
A template is shareable zone settings which can be used for configuration of
many zones at one place. A special default template (with the \fIdefault\fP identifier)
can be used for general quering configuration or as an implicit default
configuration if a zone doesn\(aqt have another template specified.
A template is a shareable zone setting which can be used for configuration of
many zones in one place. A special default template (with the \fIdefault\fP identifier)
can be used for general querying configuration or as an implicit configuration
if a zone doesn\(aqt have another template specified.
.INDENT 0.0
.INDENT 3.5
.sp
......@@ -491,12 +503,12 @@ A path to the zone file. Non absolute path is relative to
\fI\%storage\fP\&. It is also possible to use the following formatters:
.INDENT 0.0
.IP \(bu 2
\fB%s\fP \- means the current zone name in the textual representation (beware
\fB%s\fP \-\- means the current zone name in the textual representation (beware
of special characters which are escaped or encoded in the \eDDD form where
DDD is corresponding decimal ASCII code). The zone name doesn\(aqt include the
terminating dot, except for the root zone.
.IP \(bu 2
\fB%%\fP \- means the \fB%\fP character
\fB%%\fP \-\- means the \fB%\fP character
.UNINDENT
.sp
Default: \fI\%storage\fP/\fB%s\fP\&.zone
......@@ -512,7 +524,7 @@ An ordered list of \fI\%references\fP to zone master servers.
Default: empty
.SS ddns\-master
.sp
A \fI\%references\fP to zone primary master server.
A \fI\%reference\fP to zone primary master server.
If not specified, the first \fI\%master\fP server is used.
.sp
Default: empty
......@@ -567,7 +579,7 @@ Multiple NSEC records at the same node
.IP \(bu 2
Missing NSEC records at authoritative nodes
.IP \(bu 2
Extra record types under same name as NSEC3 record (this is RFC\-valid, but
Extra record types under the same name as NSEC3 record (this is RFC\-valid, but
Knot will not serve such a zone correctly)
.IP \(bu 2
NSEC3\-unsecured delegation that is not part of Opt\-out span
......@@ -580,7 +592,7 @@ Signer name in RRSIG RR not the same as in DNSKEY
.IP \(bu 2
Signed RRSIG
.IP \(bu 2
Not all RRs in node are signed
Not all RRs in the node are signed
.IP \(bu 2
Wrong key flags or wrong key in RRSIG record (not the same as ZSK)
.UNINDENT
......@@ -588,29 +600,29 @@ Wrong key flags or wrong key in RRSIG record (not the same as ZSK)
Default: off
.SS disable\-any
.sp
If you enabled, all authoritative ANY queries sent over UDP will be answered
If enabled, all authoritative ANY queries sent over UDP will be answered
with an empty response and with the TC bit set. Use this option to minimize
the risk of DNS reflection attack.
.sp
Default: off
.SS zonefile\-sync
.sp
The time after which the current zone in memory will be synced to zone file
The time after which the current zone in memory will be synced with a zone file
on the disk (see \fI\%file\fP). The server will serve the latest
zone even after restart using zone journal, but the zone file on the disk will
zone even after a restart using zone journal, but the zone file on the disk will
only be synced after \fBzonefile\-sync\fP time has expired (or after manual zone
flush) This is applicable when the zone is updated via IXFR, DDNS or automatic
flush). This is applicable when the zone is updated via IXFR, DDNS or automatic
DNSSEC signing. In order to disable automatic zonefile synchronization, \-1 value
can be used.
.sp
\fICaution:\fP If you are serving large zones with frequent updates where
the immediate sync to zone file is not desirable, increase the default value.
the immediate sync with a zone file is not desirable, increase the value.
.sp
Default: 0 (immediate)
.SS ixfr\-from\-differences
.sp
If enabled, the server creates zone differences from changes you made to the
zone file upon server reload. This option is only relevant if the server
zone file upon server reload. This option is relevant only if the server
is a master server for the zone.
.sp
\fICaution:\fP This option has no effect with enabled
......@@ -644,9 +656,9 @@ no change is made.
Possible values:
.INDENT 0.0
.IP \(bu 2
\fBincrement\fP \- The serial is incremented according to serial number arithmetic
\fBincrement\fP \-\- The serial is incremented according to serial number arithmetic
.IP \(bu 2
\fBunixtime\fP \- The serial is set to the current unix time
\fBunixtime\fP \-\- The serial is set to the current unix time
.UNINDENT
.sp
\fICaution:\fP If your serial was in other than unix time format, be careful
......@@ -667,23 +679,23 @@ Server can be configured to log to the standard output, standard error
output, syslog (or systemd journal if systemd is enabled) or into an arbitrary
file.
.sp
There are 6 logging severities:
There are 6 logging severity levels:
.INDENT 0.0
.IP \(bu 2
\fBcritical\fP \- Non\-recoverable error resulting in server shutdown
\fBcritical\fP \-\- Non\-recoverable error resulting in server shutdown
.IP \(bu 2
\fBerror\fP \- Recoverable error, action should be taken
\fBerror\fP \-\- Recoverable error, action should be taken
.IP \(bu 2
\fBwarning\fP \- Warning that might require user action
\fBwarning\fP \-\- Warning that might require user action
.IP \(bu 2
\fBnotice\fP \- Server notice or hint
\fBnotice\fP \-\- Server notice or hint
.IP \(bu 2
\fBinfo\fP \- Informational message
\fBinfo\fP \-\- Informational message
.IP \(bu 2
\fBdebug\fP \- Debug messages (must be turned on at compile time)
\fBdebug\fP \-\- Debug messages (must be turned on at compile time)
.UNINDENT
.sp
In case of missing log section, \fBwarning\fP or more serious messages
In the case of missing log section, \fBwarning\fP or more serious messages
will be logged to both standard error output and syslog. The \fBinfo\fP and
\fBnotice\fP messages will be logged to standard output.
.INDENT 0.0
......@@ -707,13 +719,13 @@ A logging output.
Possible values:
.INDENT 0.0
.IP \(bu 2
\fBstdout\fP \- Standard output
\fBstdout\fP \-\- Standard output
.IP \(bu 2
\fBstderr\fP \- Standard error output
\fBstderr\fP \-\- Standard error output
.IP \(bu 2
\fBsyslog\fP \- Syslog
\fBsyslog\fP \-\- Syslog
.IP \(bu 2
\fIfile_name\fP \- File.
\fIfile_name\fP \-\- File
.UNINDENT
.SS server
.sp
......@@ -733,7 +745,7 @@ Minimum severity level for all message types that are logged.
Default: empty
.SH MODULE DNSTAP
.sp
Module dnstap allows query and response logging.
The module dnstap allows query and response logging.
.sp
For all queries logging, use this module in the \fIdefault\fP template. For
zone\-specific logging, use this module in the proper zone configuration.
......@@ -754,13 +766,13 @@ mod\-dnstap:
A module identifier.
.SS sink
.sp
A sink path, which can either be a file or a UNIX socket prefixed with
A sink path, which can be either a file or a UNIX socket when prefixed with
\fBunix:\fP\&.
.sp
Default: empty
.SH MODULE SYNTH-RECORD
.sp
This module is able to synthetise either forward or reverse records for the
This module is able to synthesize either forward or reverse records for the
given prefix and subnet.
.INDENT 0.0
.INDENT 3.5
......@@ -788,9 +800,9 @@ The type of generated records.
Possible values:
.INDENT 0.0
.IP \(bu 2
\fBforward\fP \- Forward records
\fBforward\fP \-\- Forward records
.IP \(bu 2
\fBreverse\fP \- Reverse records
\fBreverse\fP \-\- Reverse records
.UNINDENT
.sp
Default: empty
......@@ -804,7 +816,7 @@ separated with a dash.
Default: empty
.SS origin
.sp
A zone origin (only valid for \fI\%reverse type\fP).
A zone origin (only valid for the \fI\%reverse type\fP).
.sp
Default: empty
.SS ttl
......@@ -819,7 +831,7 @@ A network subnet in the form of \fIaddress/prefix\fP\&.
Default: empty
.SH MODULE DNSPROXY
.sp
The module catches all unsatisfied queries and forwards them to the configured
The module catches all unsatisfied queries and forwards them to the indicated
server for resolution.
.INDENT 0.0
.INDENT 3.5
......@@ -845,7 +857,7 @@ Default: empty
.SH MODULE ROSEDB
.sp
The module provides a mean to override responses for certain queries before
the record is searched in the available zones.
the available zones are searched for the record.
.INDENT 0.0
.INDENT 3.5
.sp
......
doc/man/knotc.8in
+ 17
17
View file @ 04deb612
......@@ -38,10 +38,10 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
.INDENT 0.0
.TP
\fB\-c\fP, \fB\-\-config\fP \fIfile\fP
Use textual configuration file (default is \fB@conf_dir@/knot.conf\fP).
Use a textual configuration file (default is \fB@conf_dir@/knot.conf\fP).
.TP
\fB\-C\fP, \fB\-\-confdb\fP \fIdirectory\fP
Use binary configuration database.
Use a binary configuration database.
.TP
\fB\-s\fP, \fB\-\-server\fP \fIserver\fP
Remote UNIX socket/IP address (default is \fB@run_dir@/knot.sock\fP).
......@@ -50,10 +50,10 @@ Remote UNIX socket/IP address (default is \fB@run_dir@/knot.sock\fP).
Remote server port (only for IP).
.TP
\fB\-y\fP, \fB\-\-key\fP [\fIalg\fP:]\fIname\fP:\fIkey\fP
Use TSIG key specified on the command line (default algorithm is hmac\-md5).
Use the TSIG key specified on the command line (default algorithm is hmac\-md5).
.TP
\fB\-k\fP, \fB\-\-keyfile\fP \fIfile\fP
Use TSIG key stored in a file \fIfile\fP to authenticate the request. The
Use the TSIG key stored in a file \fIfile\fP to authenticate the request. The
file must contain the key in the same format, which is accepted by the
\fB\-y\fP option.
.TP
......@@ -64,14 +64,14 @@ Force operation. Overrides some checks.
Verbose mode. Print additional runtime information.
.TP
\fB\-V\fP, \fB\-\-version\fP
Print program version.
Print the program version.
.TP
\fB\-h\fP, \fB\-\-help\fP
Print help and usage.
.UNINDENT
.SS Actions
.sp
If an optional \fIzone\fP argument is not specified, the command is applied to all
If the optional \fIzone\fP argument is not specified, the command is applied to all
zones.
.INDENT 0.0
.TP
......@@ -79,7 +79,7 @@ zones.
Stop server (no\-op if not running).
.TP
\fBreload\fP [\fIzone\fP\&...]
Reload particular zones or reload whole configuration and changed zones.
Reload particular zones or reload the whole configuration and changed zones.
.TP
\fBflush\fP [\fIzone\fP\&...]
Flush journal and update zone files.
......@@ -88,13 +88,13 @@ Flush journal and update zone files.
Check if server is running.
.TP
\fBzonestatus\fP [\fIzone\fP\&...]
Show status of configured zones.
Show the status of listed zones.
.TP
\fBrefresh\fP [\fIzone\fP\&...]
Refresh slave zones. Flag \fB\-f\fP forces re\-transfer (zones must be specified).
Refresh slave zones. The \fB\-f\fP flag forces re\-transfer (zones must be specified).
.TP
\fBcheckconf\fP
Check current configuration.
Check the current configuration.
.TP
\fBcheckzone\fP [\fIzone\fP\&...]
Check zones.
......@@ -103,20 +103,20 @@ Check zones.
Estimate memory consumption for zones.
.TP
\fBsignzone\fP \fIzone\fP\&...
Resign the zone (drop all existing signatures and create new ones).
Re\-sign the zone (drop all existing signatures and create new ones).
.TP
\fBimport\fP \fIfile\fP
Import configuration database from file. This is potentially dangerous
operation, thus flag \fB\-f\fP is required.
Import a configuration database from file. This is a potentially dangerous
operation, thus the \fB\-f\fP flag is required.
.TP
\fBexport\fP \fIfile\fP
Export configuration database to file.
Export the configuration database to a file.
.UNINDENT
.SH EXAMPLES
.SS Setup a keyfile for remote control
.SS Setup a key file for remote control
.INDENT 0.0
.IP 1. 3
Generate key:
Generate a key:
.INDENT 3.0
.INDENT 3.5
.sp
......@@ -128,7 +128,7 @@ $ dnssec\-keygen \-a hmac\-md5 \-b 256 \-n HOST knotc\-key
.UNINDENT
.UNINDENT
.IP 2. 3
Extract secret in base64 format and create keyfile:
Extract a secret in base64 format and create a key file:
.INDENT 3.0
.INDENT 3.5
.sp
......
doc/man/knotd.8in
+ 4
4
View file @ 04deb612
......@@ -38,16 +38,16 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
.INDENT 0.0
.TP
\fB\-c\fP, \fB\-\-config\fP \fIfile\fP
Use textual configuration file (default is \fB@config_dir@/knot.conf\fP).
Use a textual configuration file (default is \fB@config_dir@/knot.conf\fP).
.TP
\fB\-C\fP, \fB\-\-confdb\fP \fIdirectory\fP
Use binary configuration database.
Use a binary configuration database.
.TP
\fB\-d\fP, \fB\-\-daemonize\fP [\fIdirectory\fP]
Run server as a daemon. Working directory may be set (default is \fB/\fP).
Run the server as a daemon. Working directory may be set (default is \fB/\fP).
.TP
\fB\-V\fP, \fB\-\-version\fP
Print program versiom.
Print the program versiom.
.TP
\fB\-h\fP, \fB\-\-help\fP
Print help and usage.
......
doc/man/knsec3hash.1in
+ 4
4
View file @ 04deb612
......@@ -35,15 +35,15 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
\fBknsec3hash\fP \fIsalt\fP \fIalgorithm\fP \fIiterations\fP \fIname\fP
.SH DESCRIPTION
.sp
The utility generates NSEC3 hash for given domain name and parameters of NSEC3 hash.
This utility generates a NSEC3 hash for a given domain name and parameters of NSEC3 hash.
.SS Parameters
.INDENT 0.0
.TP
\fIsalt\fP
Specifies binary salt encoded as a hexadecimal string.
Specifies a binary salt encoded as a hexadecimal string.
.TP
\fIalgorithm\fP
Specifies hashing algorithm number. Currently the only supported algorithm is SHA\-1 (number 1).
Specifies a hashing algorithm by number. Currently, the only supported algorithm is SHA\-1 (number 1).
.TP
\fIiterations\fP
Specifies the number of additional iterations of the hashing algorithm.
......@@ -76,7 +76,7 @@ A1RT98BS5QGC9NFI51S9HCI47ULJG6JH (salt=\-, hash=1, iterations=0)
.UNINDENT
.SH SEE ALSO
.sp
\fI\%RFC 5155\fP \- DNS Security (DNSSEC) Hashed Authenticated Denial of Existence.
\fI\%RFC 5155\fP \-\- DNS Security (DNSSEC) Hashed Authenticated Denial of Existence.
.sp
\fIknotc(8)\fP, \fIknotd(8)\fP\&.
.SH AUTHOR
......
doc/man/knsupdate.1in
+ 8
8
View file @ 04deb612
......@@ -52,7 +52,7 @@ Enable debug messages.
Print help and usage.
.TP
\fB\-k\fP \fIkeyfile\fP
Use TSIG key stored in a file \fIkeyfile\fP to authenticate the request. The
Use the TSIG key stored in a file \fIkeyfile\fP to authenticate the request. The
file should contain the key in the same format, which is accepted by the
\fB\-y\fP option.
.TP
......@@ -68,10 +68,10 @@ The total timeout (for all UDP update tries) of the update request in seconds.
The default is 12. If set to zero, the timeout is infinite.
.TP
\fB\-v\fP, \fB\-\-version\fP
Print program version.
Print the program version.
.TP
\fB\-y\fP [\fIalg\fP:]\fIname\fP:\fIkey\fP
Use TSIG key with a name \fIname\fP to authenticate the request. The \fIalg\fP
Use the TSIG key with a name \fIname\fP to authenticate the request. The \fIalg\fP
part specifies the algorithm (the default is hmac\-md5) and \fIkey\fP specifies
the shared secret encoded in Base64.
.UNINDENT
......@@ -79,10 +79,10 @@ the shared secret encoded in Base64.
.INDENT 0.0
.TP
\fBserver\fP \fIname\fP [\fIport\fP]
Specifies a receiving server of the dynamic update message. Parameter \fIname\fP
Specifies a receiving server of the dynamic update message. The \fIname\fP parameter
can be either a host name or an IP address. If the \fIport\fP is not specified,
the default port is used. The default port value can be controlled using
program option \fB\-p\fP\&.
the \fB\-p\fP program option.
.TP
\fBlocal\fP \fIaddress\fP [\fIport\fP]
Specifies outgoing \fIaddress\fP and \fIport\fP\&. If no local is specified, the
......@@ -106,7 +106,7 @@ Sets \fIvalue\fP as the default TTL (in seconds). If not used, the default value
is 0.
.TP
\fBkey\fP [\fIalg\fP:]\fIname\fP \fIkey\fP
Specifies TSIG \fIkey\fP named \fIname\fP to authenticate the request. An optional
Specifies the TSIG \fIkey\fP named \fIname\fP to authenticate the request. An optional
\fIalg\fP algorithm can be specified. This command has the same effect as
the program option \fB\-y\fP\&.
.TP
......@@ -144,14 +144,14 @@ Sends the current update message and cleans the list of updates.
Displays the last answer from the server.
.TP
\fBdebug\fP
Enable debugging. This command has the same meaning as program option \fB\-d\fP\&.
Enable debugging. This command has the same meaning as the \fB\-d\fP program option.
.TP
\fBquit\fP
Quit the program.
.UNINDENT
.SH NOTES
.sp
Options \fB\-k\fP and \fB\-y\fP cannot be used mutually.
Options \fB\-k\fP and \fB\-y\fP can not be used simultaneously.
.sp
Missing features with regard to ISC nsupdate:
.INDENT 0.0
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment