diff options
Diffstat (limited to 'contrib/bind/doc/man')
27 files changed, 0 insertions, 8690 deletions
diff --git a/contrib/bind/doc/man/Makefile b/contrib/bind/doc/man/Makefile deleted file mode 100644 index 604c293da1f2..000000000000 --- a/contrib/bind/doc/man/Makefile +++ /dev/null @@ -1,423 +0,0 @@ -## Portions Copyright (c) 1993 by Digital Equipment Corporation. -## -## Permission to use, copy, modify, and distribute this software for any -## purpose with or without fee is hereby granted, provided that the above -## copyright notice and this permission notice appear in all copies, and that -## the name of Digital Equipment Corporation not be used in advertising or -## publicity pertaining to distribution of the document or software without -## specific, written prior permission. -## -## THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL -## WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES -## OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT -## CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -## DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -## PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -## ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -## SOFTWARE. - -## Portions Copyright (c) 1996,1999 by Internet Software Consortium -## -## Permission to use, copy, modify, and distribute this software for any -## purpose with or without fee is hereby granted, provided that the above -## copyright notice and this permission notice appear in all copies. -## -## THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -## ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -## OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -## CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -## DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -## PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -## ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -## SOFTWARE. - -# -# Makefile to install the BIND manual entries. -# -# Default Configuration: -# There are a set of default assignments immediately following this -# note. These defaults are for BSD4.4, BSD/386, other net2-alikes, -# and will install manual entries with following characteristics: -# o They will be catable (i.e., passed through nroff) -# o They will be installed in the directories -# /usr/share/man/catN, where N is 1, 3, 5, 7, 8 -# o They will have an extension of `.0' -# -# Don't change these defaults. Instead, following the default configuration -# are sets of commented values for particular systems that can be used -# to override the default values. -# - -# -# Target directory for the manual directory tree. Eg., may be used to -# specify the path of an NFS-mounted directory for common files. -# -DESTDIR= - -# -# Default location for manual section directories. -# -DESTMAN= /usr/share/man - -# -# Install manuals in ${MANDIR}N. For systems that generate catable manual -# entries on the fly, use -# MANDIR = man -# -MANDIR = cat - -# -# Default extension for manual entries. To install the manual entries under -# their `real' extensions use -# CATEXT = $$N -# -CATEXT = 0 - -# -# Command to install manual entries -# -INSTALL= install - -# -# `install' options to set Owner and Group for manual entries. Eg. for -# BSD `install' use -# MAN_OWNER = -o bin -# MAN_GROUP = -g bin -# -MAN_OWNER = -MAN_GROUP = - -SHELL= /bin/sh - -INDOT= -XFER_INDOT= -# -# Uppercase versions of the above variables (`INDOT_U' and `XFER_INDOT_U') -# are defined for use in `.TH' lines. -# - -# -# Command used to generate a manual entry. By default this produces catable -# manual entries. -# -# For systems that store manuals in MDOC form (eg modern BSD systems) and -# can generate catable manual entries on the fly the following assignment -# can be used. -# MANROFF = cat -# -MANROFF = ( tbl | nroff -mandoc ) - -# -# Default extensions for installed manual entries. The following variables -# have been defined to allow BIND's manual entries to be installed in the -# right place for a given platform. -# -# CMD_EXT = extension for user commands (eg, dig) -# LIB_NETWORK_EXT = extension for network library routines (eg, -# gethostbyname) -# FORMAT_EXT = extension for files describing file formats -# (eg, resolver) -# DESC_EXT = extension for descriptive files (eg, mailaddr) -# SYS_OPS_EXT = extension system operation and maintenance commands -# and applications. (eg, named, named-xfer, syslog) -# -# Associated with each variable is an additional variable with the suffix -# `_DIR' that specifies the suffix to ${MANDIR}. It's needed because on -# some systems, eg., Ultrix, multiple subsections (eg 3x, 3m 3n) are -# stored in generic manual section directories (eg., man3). -# -# Associated with each variable is an additional variable with the suffix -# `_U' which gives the upper case form of the variable for use in `.TH' -# commands. Useful for platforms (such as Solaris 2) that include letters -# in manual sections. -# -CMD_EXT = 1 -CMD_EXT_DIR = ${CMD_EXT} -LIB_NETWORK_EXT = 3 -LIB_NETWORK_EXT_DIR = ${LIB_NETWORK_EXT} -FORMAT_EXT = 5 -FORMAT_EXT_DIR = ${FORMAT_EXT} -DESC_EXT = 7 -DESC_EXT_DIR = ${DESC_EXT} -SYS_OPS_EXT = 8 -SYS_OPS_EXT_DIR = ${SYS_OPS_EXT} - -# -# Additional variables are defined for cross-references within manual -# entries: -# SYSCALL_EXT = extension for system calls -# BSD_SYSCALL_EXT = extension for BSD-specifc system calls. On some -# systems (eg Ultrix) these appear in section 2. -# On other system (eg SunOS 5) these are implemented -# via a BSD-compatibility library and appear in -# section 3. -# LIB_C_EXT = extension for C library routines (eg, signal) -# -SYSCALL_EXT = 2 -SYSCALL_EXT_DIR = ${SYSCALL_EXT} -BSD_SYSCALL_EXT = 2 -BSD_SYSCALL_EXT_DIR = ${BSD_SYSCALL_EXT} -LIB_C_EXT = 3 -LIB_C_EXT_DIR = ${LIB_C_EXT} - -###################################################################### -# -# No user changes needed past this point. -# -###################################################################### -# -# This sed command is used to update the manual entries so they refer to -# the appropriate section of the manual for a given platform. -# -EXT_SED_CMD = INDOT_U=`echo "${INDOT}"|tr "[a-z]" "[A-Z]"`; \ - export INDOT_U; \ - XFER_INDOT_U=`echo "${XFER_INDOT}"|tr "[a-z]" "[A-Z]"`; \ - export XFER_INDOT_U; \ - CMD_EXT_U=`echo "${CMD_EXT}"|tr "[a-z]" "[A-Z]"`; \ - export CMD_EXT_U; \ - SYS_OPS_EXT_U=`echo "${SYS_OPS_EXT}"|tr "[a-z]" "[A-Z]"`; \ - export SYS_OPS_EXT_U; \ - LIB_NETWORK_EXT_U=`echo "${LIB_NETWORK_EXT}"|tr "[a-z]" "[A-Z]"`; \ - export LIB_NETWORK_EXT_U; \ - FORMAT_EXT_U=`echo "${FORMAT_EXT}"|tr "[a-z]" "[A-Z]"`; \ - export FORMAT_EXT_U; \ - DESC_EXT_U=`echo "${DESC_EXT}"|tr "[a-z]" "[A-Z]"`; \ - export DESC_EXT_U; \ - SYSCALL_EXT_U=`echo "${SYSCALL_EXT}"|tr "[a-z]" "[A-Z]"`; \ - export SYSCALL_EXT_U; \ - BSD_SYSCALL_EXT_U=`echo "${BSD_SYSCALL_EXT}"|tr "[a-z]" "[A-Z]"`; \ - export BSD_SYSCALL_EXT_U; \ - LIB_C_EXT_U=`echo "${LIB_C_EXT}"|tr "[a-z]" "[A-Z]"`; \ - export LIB_C_EXT_U; \ - sed -e "s/@INDOT@/${INDOT}/g" \ - -e "s/@INDOT_U@/$${INDOT_U}/g" \ - -e "s/@XFER_INDOT@/${XFER_INDOT}/g" \ - -e "s/@XFER_INDOT_U@/$${XFER_INDOT_U}/g" \ - -e "s/@CMD_EXT@/${CMD_EXT}/g" \ - -e "s/@CMD_EXT_U@/$${CMD_EXT_U}/g" \ - -e "s/@LIB_NETWORK_EXT@/${LIB_NETWORK_EXT}/g" \ - -e "s/@LIB_NETWORK_EXT_U@/$${LIB_NETWORK_EXT_U}/g" \ - -e "s/@FORMAT_EXT@/${FORMAT_EXT}/g" \ - -e "s/@FORMAT_EXT_U@/$${FORMAT_EXT_U}/g" \ - -e "s/@DESC_EXT@/${DESC_EXT}/g" \ - -e "s/@DESC_EXT_U@/$${DESC_EXT_U}/g" \ - -e "s/@SYS_OPS_EXT@/${SYS_OPS_EXT}/g" \ - -e "s/@SYS_OPS_EXT_U@/$${SYS_OPS_EXT_U}/g" \ - -e "s/@SYSCALL_EXT@/${SYSCALL_EXT}/g" \ - -e "s/@SYSCALL_EXT_U@/$${SYSCALL_EXT_U}/g" \ - -e "s/@BSD_SYSCALL_EXT@/${BSD_SYSCALL_EXT}/g" \ - -e "s/@BSD_SYSCALL_EXT_U@/$${BSD_SYSCALL_EXT_U}/g" \ - -e "s/@LIB_C_EXT@/${LIB_C_EXT}/g" \ - -e "s/@LIB_C_EXT_U@/$${LIB_C_EXT_U}/g" - -# -# Command used to produce manual entries -# -MK_MANFILE = ( ${EXT_SED_CMD} | ${MANROFF} ) - -# -# Extensions for the generated manual entries -# -OUT_EXT = lst -CMD_OUT_EXT = ${OUT_EXT}${CMD_EXT} -LIB_NETWORK_OUT_EXT = ${OUT_EXT}${LIB_NETWORK_EXT} -FORMAT_OUT_EXT = ${OUT_EXT}${FORMAT_EXT} -DESC_OUT_EXT = ${OUT_EXT}${DESC_EXT} -SYS_OPS_OUT_EXT = ${OUT_EXT}${SYS_OPS_EXT} - -# -# User command manual entries -# -CMD_BASE = dig host dnsquery dnskeygen -CMD_SRC_EXT = 1 -CMD_SRC = dig.${CMD_SRC_EXT} \ - host.${CMD_SRC_EXT} \ - dnsquery.${CMD_SRC_EXT} \ - dnskeygen.${CMD_SRC_EXT} -CMD_OUT = dig.${CMD_OUT_EXT} \ - host.${CMD_OUT_EXT} \ - dnsquery.${CMD_OUT_EXT} \ - dnskeygen.${CMD_OUT_EXT} - -# -# named manual entries -# -NAMED_BASE = named ndc -SYS_OPS_SRC_EXT = 8 -NAMED_SRC = named.${SYS_OPS_SRC_EXT} ndc.${SYS_OPS_SRC_EXT} -NAMED_OUT = named.${SYS_OPS_OUT_EXT} ndc.${SYS_OPS_OUT_EXT} - -# -# named-xfer manual entry -# -NAMED_XFER_BASE = named-xfer -NAMED_XFER_SRC = named-xfer.${SYS_OPS_SRC_EXT} -NAMED_XFER_OUT = named-xfer.${SYS_OPS_OUT_EXT} - -# -# named-bootconf manual entry -# -NAMED_BOOTCONF_BASE = named-bootconf -NAMED_BOOTCONF_SRC = named-bootconf.${SYS_OPS_SRC_EXT} -NAMED_BOOTCONF_OUT = named-bootconf.${SYS_OPS_OUT_EXT} - -# -# nslookup manual entry -# -NSLOOKUP_BASE = nslookup -NSLOOKUP_SRC = nslookup.${SYS_OPS_SRC_EXT} -NSLOOKUP_OUT = nslookup.${SYS_OPS_OUT_EXT} - -# -# nsupdate manual entry -# -NSUPDATE_BASE = nsupdate -NSUPDATE_SRC = nsupdate.${SYS_OPS_SRC_EXT} -NSUPDATE_OUT = nsupdate.${SYS_OPS_OUT_EXT} - -# -# Network library routines manual entries -# -LIB_NETWORK_BASE = gethostbyname inet_cidr resolver hesiod getnetent \ - tsig getaddrinfo getnameinfo getipnodebyname -LIB_NETWORK_SRC_EXT = 3 -LIB_NETWORK_SRC = gethostbyname.${LIB_NETWORK_SRC_EXT} \ - inet_cidr.${LIB_NETWORK_SRC_EXT} \ - resolver.${LIB_NETWORK_SRC_EXT} \ - hesiod.${LIB_NETWORK_SRC_EXT} \ - getnetent.${LIB_NETWORK_SRC_EXT} \ - tsig.${LIB_NETWORK_SRC_EXT} \ - getaddrinfo.${LIB_NETWORK_SRC_EXT} \ - getnameinfo.${LIB_NETWORK_SRC_EXT} \ - getipnodebyname.${LIB_NETWORK_SRC_EXT} -LIB_NETWORK_OUT = gethostbyname.${LIB_NETWORK_OUT_EXT} \ - inet_cidr.${LIB_NETWORK_OUT_EXT} \ - resolver.${LIB_NETWORK_OUT_EXT} \ - hesiod.${LIB_NETWORK_OUT_EXT} \ - getnetent.${LIB_NETWORK_OUT_EXT} \ - tsig.${LIB_NETWORK_OUT_EXT} \ - getaddrinfo.${LIB_NETWORK_OUT_EXT} \ - getnameinfo.${LIB_NETWORK_OUT_EXT} \ - getipnodebyname.${LIB_NETWORK_OUT_EXT} - -# -# File format manual entries -# -FORMAT_BASE = resolver irs.conf named.conf -FORMAT_SRC_EXT = 5 -FORMAT_SRC = resolver.${FORMAT_SRC_EXT} \ - irs.conf.${FORMAT_SRC_EXT} \ - named.conf.${FORMAT_SRC_EXT} -FORMAT_OUT = resolver.${FORMAT_OUT_EXT} \ - irs.conf.${FORMAT_OUT_EXT} \ - named.conf.${FORMAT_OUT_EXT} - -# -# Feature Description manual entries -# -DESC_BASE = hostname mailaddr -DESC_SRC_EXT = 7 -DESC_SRC = hostname.${DESC_SRC_EXT} mailaddr.${DESC_SRC_EXT} -DESC_OUT = hostname.${DESC_OUT_EXT} mailaddr.${DESC_OUT_EXT} - -.SUFFIXES: .${CMD_SRC_EXT} .${CMD_OUT_EXT} \ - .${SYS_OPS_SRC_EXT} .${SYS_OPS_OUT_EXT} \ - .${LIB_NETWORK_SRC_EXT} .${LIB_NETWORK_OUT_EXT} \ - .${FORMAT_SRC_EXT} .${FORMAT_OUT_EXT} \ - .${DESC_SRC_EXT} .${DESC_OUT_EXT} - -.${CMD_SRC_EXT}.${CMD_OUT_EXT}: - @echo "$*.${CMD_SRC_EXT} -> $*.${CMD_OUT_EXT}" - @${MK_MANFILE} <$*.${CMD_SRC_EXT} >$*.${CMD_OUT_EXT} - -.${SYS_OPS_SRC_EXT}.${SYS_OPS_OUT_EXT}: - @echo "$*.${SYS_OPS_SRC_EXT} -> $*.${SYS_OPS_OUT_EXT}" - @${MK_MANFILE} <$*.${SYS_OPS_SRC_EXT} >$*.${SYS_OPS_OUT_EXT} - -.${LIB_NETWORK_SRC_EXT}.${LIB_NETWORK_OUT_EXT}: - @echo "$*.${LIB_NETWORK_SRC_EXT} -> $*.${LIB_NETWORK_OUT_EXT}" - @${MK_MANFILE} <$*.${LIB_NETWORK_SRC_EXT} >$*.${LIB_NETWORK_OUT_EXT} - -.${FORMAT_SRC_EXT}.${FORMAT_OUT_EXT}: - @echo "$*.${FORMAT_SRC_EXT} -> $*.${FORMAT_OUT_EXT}" - @${MK_MANFILE} <$*.${FORMAT_SRC_EXT} >$*.${FORMAT_OUT_EXT} - -.${DESC_SRC_EXT}.${DESC_OUT_EXT}: - @echo "$*.${DESC_SRC_EXT} -> $*.${DESC_OUT_EXT}" - @${MK_MANFILE} <$*.${DESC_SRC_EXT} >$*.${DESC_OUT_EXT} - -OUTFILES = ${CMD_OUT} ${NAMED_OUT} ${NAMED_XFER_OUT} ${NSLOOKUP_OUT} \ - ${NSUPDATE_OUT} ${LIB_NETWORK_OUT} ${FORMAT_OUT} ${DESC_OUT} \ - ${NAMED_BOOTCONF_OUT} - -all: ${OUTFILES} - -install: ${OUTFILES} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${CMD_EXT_DIR} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${LIB_NETWORK_EXT_DIR} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${FORMAT_EXT_DIR} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${DESC_EXT_DIR} - @set -x; N=${CMD_EXT}; for f in ${CMD_BASE}; do \ - ${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \ - $${f}.${CMD_OUT_EXT} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${CMD_EXT_DIR}/$${f}.${CATEXT}; \ - done - @set -x; N=${SYS_OPS_EXT}; for f in ${NAMED_BASE}; do \ - ${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \ - $${f}.${SYS_OPS_OUT_EXT} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/${INDOT}$${f}.${CATEXT}; \ - done - @set -x; N=${SYS_OPS_EXT}; for f in ${NAMED_XFER_BASE}; do \ - ${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \ - $${f}.${SYS_OPS_OUT_EXT} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/${XFER_INDOT}$${f}.${CATEXT}; \ - done - @set -x; N=${SYS_OPS_EXT}; for f in ${NAMED_BOOTCONF_BASE}; do \ - ${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \ - $${f}.${SYS_OPS_OUT_EXT} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/${XFER_INDOT}$${f}.${CATEXT}; \ - done - @set -x; N=${SYS_OPS_EXT}; for f in ${NSLOOKUP_BASE}; do \ - ${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \ - $${f}.${SYS_OPS_OUT_EXT} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/$${f}.${CATEXT}; \ - done - @set -x; N=${SYS_OPS_EXT}; for f in ${NSUPDATE_BASE}; do \ - ${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \ - $${f}.${SYS_OPS_OUT_EXT} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/$${f}.${CATEXT}; \ - done - @set -x; N=${LIB_NETWORK_EXT}; for f in ${LIB_NETWORK_BASE}; do \ - ${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \ - $${f}.${LIB_NETWORK_OUT_EXT} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${LIB_NETWORK_EXT_DIR}/$${f}.${CATEXT}; \ - done - @set -x; N=${FORMAT_EXT}; for f in ${FORMAT_BASE}; do \ - ${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \ - $${f}.${FORMAT_OUT_EXT} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${FORMAT_EXT_DIR}/$${f}.${CATEXT}; \ - done - @set -x; N=${DESC_EXT}; for f in ${DESC_BASE}; do \ - ${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \ - $${f}.${DESC_OUT_EXT} \ - ${DESTDIR}${DESTMAN}/${MANDIR}${DESC_EXT_DIR}/$${f}.${CATEXT}; \ - done - -${DESTDIR}${DESTMAN}/${MANDIR}${CMD_EXT_DIR} \ -${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR} \ -${DESTDIR}${DESTMAN}/${MANDIR}${LIB_NETWORK_EXT_DIR} \ -${DESTDIR}${DESTMAN}/${MANDIR}${FORMAT_EXT_DIR} \ -${DESTDIR}${DESTMAN}/${MANDIR}${DESC_EXT_DIR}: - mkdir $@ - -links: FRC - @set -ex; ln -s SRC/*.[0-9] . - -depend: - -clean: - rm -f *~ *.BAK *.CKP *.orig - rm -f ${OUTFILES} - -FRC: diff --git a/contrib/bind/doc/man/dig.1 b/contrib/bind/doc/man/dig.1 deleted file mode 100644 index 67995591452c..000000000000 --- a/contrib/bind/doc/man/dig.1 +++ /dev/null @@ -1,704 +0,0 @@ -.\" $Id: dig.1,v 8.9 2002/06/18 01:53:43 marka Exp $ -.\" -.\" ++Copyright++ 1993 -.\" - -.\" Copyright (c) 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" - -.\" Portions Copyright (c) 1993 by Digital Equipment Corporation. -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies, and that -.\" the name of Digital Equipment Corporation not be used in advertising or -.\" publicity pertaining to distribution of the document or software without -.\" specific, written prior permission. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL -.\" WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT -.\" CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" - -.\" --Copyright-- -.\" -.\" Distributed with 'dig' version 2.0 from University of Southern -.\" California Information Sciences Institute (USC-ISI). -.\" -.\" dig.1 2.0 (USC-ISI) 8/30/90 -.\" -.Dd August 30, 1990 -.Dt DIG @CMD_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm dig -.Nd send domain name query packets to name servers -.Sh SYNOPSIS -.Nm dig -.Op Ic @ Ns Ar server -.Ar domain -.Op Aq Ar query-type -.Op Aq Ar query-class -.Op Ic + Ns Aq Ar query-option -.Op Fl Aq Ar dig-option -.Op Ar %comment -.Sh DESCRIPTION -.Ic Dig -(domain information groper) is a flexible command line tool -which can be used to gather information from the Domain -Name System servers. -.Ic Dig -has two modes: simple interactive mode -for a single query, and batch mode which executes a query for -each in a list of several query lines. All query options are -accessible from the command line. -.Pp -The usual simple use of -.Ic dig -will take the form: -.Pp -.Bd -ragged -offset indent-two -.Ic dig @ Ns Ar server domain query-type query-class -.Ed -.Pp -where: -.Bl -tag -width Fl -.It Ar server -may be either a domain name or a raw (IPv4 / IPv6) -Internet address. If this optional field is omitted, -.Ic dig -will attempt to use the default name server for your machine. -.sp 1 -.Em Note : -If a domain name is specified, this will be resolved -using the domain name system resolver (i.e., BIND). If your -system does not support DNS, you may -.Em have -to specify a -dot-notation address. Alternatively, if there is a server -at your disposal somewhere, all that is required is that -.Pa /etc/resolv.conf -be present and indicate where the default -name servers reside, so that -.Ar server -itself can be resolved. See -.Xr resolver @FORMAT_EXT@ -for information on -.Pa /etc/resolv.conf . -.Sy WARNING : -Changing -.Pa /etc/resolv.conf -will affect both the standard resolver library and -.Pq potentially -several programs which use it. -As an option, the user may set the -environment variable -.Ev LOCALRES -to name a file which is to -be used instead of -.Pa /etc/resolv.conf -.Po Ns Ev LOCALRES -is specific to the -.Ic dig -resolver and is not referenced by the standard resolver -.Pc . -If the -.Ev LOCALRES -variable is not set or the specified file -is not readable, then -.Pa /etc/resolv.conf -will be used. -.It Ar domain -is the domain name for which you are requesting information. -See the -.Fl x -option (documented in the -.Sx OTHER OPTIONS -subsection of this section) for convenient way to specify reverse address -query. -.It Ar query-type -is the type of information (DNS query type) that -you are requesting. If omitted, the default is -.Dq Ar a -.Pq Dv T_A = Ar address . -The following types are recognized: -.Pp -.Bl -hang -width "hinfo T_HINFO " -compact -.It Ar a\ \ \ \ \ \ Dv T_A -network address -.It Ar any\ \ \ \ Dv T_ANY -all/any information about specified domain -.It Ar mx\ \ \ \ \ Dv T_MX -mail exchanger for the domain -.It Ar ns\ \ \ \ \ Dv T_NS -name servers -.It Ar soa\ \ \ \ Dv T_SOA -zone of authority record -.It Ar hinfo\ \ Dv T_HINFO -host information -.It Ar axfr\ \ \ Dv T_AXFR -zone transfer (must ask an authoritative server) -.It Ar txt\ \ \ \ Dv T_TXT -arbitrary number of strings -.El -.Pp -(See RFC 1035 for the complete list.) -.It Ar query-class -is the network class requested in the query. If -omitted, the default is -.Dq Ar in -.Pq Dv C_IN = Ar Internet . -The following classes are recognized: -.Pp -.Bl -tag -width "hinfo T_HINFO " -compact -.It Ar in\ \ \ \ \ Dv C_IN -Internet class domain -.It Ar any\ \ \ \ Dv C_ANY -all/any class information -.El -.Pp -(See RFC 1035 for the complete list.) -.Pp -.Em Note : -.Dq Ar Any -can be used to specify a -.Em class -and/or a -.Em type -of query. -.Ic Dig -will parse the first occurrence of -.Dq Ar any -to mean -.Ar query-type = Dv T_ANY . -To specify -.Ar query-class = Dv C_ANY , -you must either specify -.Dq any -twice, or set -.Ar query-class -using the -.Fl c -option (see below). -.El -.Ss OTHER OPTIONS -.Bl -tag -width Fl -.It % Ns Ar ignored-comment -.Dq % -is used to included an argument that is simply not -parsed. This may be useful if running -.Ic dig -in batch -mode. Instead of resolving every -.Ar @server-domain-name -in a list of queries, you can avoid the overhead of doing -so, and still have the domain name on the command line -as a reference. Example: -.Pp -.Bd -ragged -offset indent-two -.Ic dig @128.9.0.32 %venera.isi.edu mx isi.edu -.Ed -.Pp -.It Fl Aq Ar dig option -.Dq Fl -is used to specify an option which affects the operation of -.Ic dig . -The following options are currently -available (although not guaranteed to be useful): -.Bl -tag -width Fl -.It Fl x Ar dot-notation-address -Convenient form to specify inverse address mapping. -Instead of -.Dq Ic dig 32.0.9.28.in-addr.arpa , -one can simply -.Dq Ic dig -x 28.9.0.32 . -.It Fl x Ar IPv6-address -Convenient form to specify inverse address mapping. -Instead of -.Dq Ic dig 1.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa , -one can simply -.Dq Ic dig -x ::1 . -.It Fl f Ar file -File for -.Ic dig -batch mode. The file contains a list -of query specifications -( -.Ns Ic dig -command lines) which are to be executed successively. Lines beginning with -.Sq \&; , -.Sq # , -or -.Sq \en -are ignored. Other options -may still appear on command line, and will be in -effect for each batch query. -.It Fl T Ar time -Time in seconds between start of successive -queries when running in batch mode. Can be used -to keep two or more batch -.Ic dig -commands running -roughly in sync. Default is zero. -.It Fl p Ar port -Port number. Query a name server listening to a -non-standard port number. Default is 53. -.It Fl P Ns Bq Ar ping-string -After query returns, execute a -.Xr ping @SYS_OPS_EXT@ -command for response time comparison. This rather -unelegantly makes a call to the shell. The last -three lines of statistics is printed for the -command: -.Pp -.Bd -ragged -offset indent-two -.Ic ping Fl s server_name 56 3 -.Ed -.Pp -If the optional -.Dq Ar ping_string -is present, it -replaces -.Dq Ic ping Fl s -in the shell command. -.It Fl t Ar query-type -Specify type of query. May specify either an -integer value to be included in the type field -or use the abbreviated mnemonic as discussed -above (i.e., -.Ar mx = Dv T_MX ) . -.It Fl c Ar query-class -Specify class of query. May specify either an -integer value to be included in the class field -or use the abbreviated mnemonic as discussed -above (i.e., in = C_IN). -.It Fl k Ar keydir:keyname -Sign the query with the TSIG key named keyname -that is in the directory keydir. -.It Fl envsav -This flag specifies that the -.Ic dig -environment -(defaults, print options, etc.), after -all of the arguments are parsed, should be saved -to a file to become the default environment. -This is useful if you do not like the standard set of -defaults and do not desire to include a -large number of options each time -.Ic dig -is used. The environment consists of resolver state -variable flags, timeout, and retries as well as the flags detailing -.Ic dig -output (see below). -If the shell environment variable -.Ev LOCALDEF -is set to the name of a file, this is where the default -.Ic dig -environment is saved. If not, the file -.Dq Pa DiG.env -is created in the current working directory. -.Pp -.Em Note : -.Ev LOCALDEF -is specific to the -.Ic dig -resolver, -and will not affect operation of the standard -resolver library. -.Pp -Each time -.Ic dig -is executed, it looks for -.Dq Pa ./DiG.env -or the file specified by the shell environment variable -.Ev LOCALDEF . -If such file exists and is readable, then the -environment is restored from this file before any arguments are parsed. -.It Fl envset -This flag only affects batch query runs. When -.Dq Fl envset -is specified on a line in a -.Ic dig -batch file, the -.Ic dig -environment after the arguments are parsed -becomes the default environment for the duration of -the batch file, or until the next line which specifies -.Dq Fl envset . -.It Xo -.Fl Op Cm no -.Ns Cm stick -.Xc -This flag only affects batch query runs. -It specifies that the -.Ic dig -environment (as read initially -or set by -.Dq Fl envset -switch) is to be restored before each query (line) in a -.Ic dig -batch file. -The default -.Dq Fl nostick -means that the -.Ic dig -environment does not stick, hence options specified on a single line -in a -.Ic dig -batch file will remain in effect for -subsequent lines (i.e. they are not restored to the -.Dq sticky -default). -.El -.It Ic + Ns Aq Ar query-option -.Dq + -is used to specify an option to be changed in the query packet or to change -.Ic dig -output specifics. Many of these are the same parameters accepted by -.Xr nslookup @SYS_OPS_EXT@ . -If an option requires a parameter, the form is as follows: -.Pp -.Bd -ragged -offset indent-two -.Ic + -.Ns Ar keyword -.Ns Op = Ns Ar value -.Ed -.Pp -Most keywords can be abbreviated. Parsing of the -.Dq + -options is very simplistic \(em a value must not be -separated from its keyword by white space. The following -keywords are currently available: -.Pp -Keyword Abbrev. Meaning [default] -.Pp -.Bl -tag -width "[no]primary (ret) " -compact -.It Xo -.Op Cm no -.Ns Cm debug\ \ \ \ -.Pq Cm deb -.Xc -turn on/off debugging mode -.Bq Cm deb -.It Xo -.Op Cm no -.Ns Cm d2\ \ \ \ \ \ \ \ \ \ -.Xc -turn on/off extra debugging mode -.Bq Cm nod2 -.It Xo -.Op Cm no -.Ns Cm recurse\ \ -.Pq Cm rec -.Xc -use/don't use recursive lookup -.Bq Cm rec -.It Xo -.Cm retry= Ns Ar # -.Cm \ \ \ \ \ -.Pq Cm ret -.Xc -set number of retries to # -.Bq 4 -.It Xo -.Cm time= Ns Ar # -.Cm \ \ \ \ \ \ -.Pq Cm ti -.Xc -set timeout length to # seconds -.Bq 4 -.It Xo -.Op Cm no -.Ns Cm ko -.Xc -keep open option (implies vc) -.Bq Cm noko -.It Xo -.Op Cm no -.Ns Cm vc -.Xc -use/don't use virtual circuit -.Bq Cm novc -.It Xo -.Op Cm no -.Ns Cm defname\ \ -.Pq Cm def -.Xc -use/don't use default domain name -.Bq Cm def -.It Xo -.Op Cm no -.Ns Cm search\ \ \ -.Pq Cm sea -.Xc -use/don't use domain search list -.Bq Cm sea -.It Xo -.Cm domain= Ns Ar NAME\ \ -.Pq Cm do -.Xc -set default domain name to -.Ar NAME -.It Xo -.Op Cm no -.Ns Cm ignore\ \ \ -.Pq Cm i -.Xc -ignore/don't ignore trunc. errors -.Bq Cm noi -.It Xo -.Op Cm no -.Ns Cm primary\ \ -.Pq Cm pr -.Xc -use/don't use primary server -.Bq Cm nopr -.It Xo -.Op Cm no -.Ns Cm aaonly\ \ \ -.Pq Cm aa -.Xc -authoritative query only flag -.Bq Cm noaa -.It Xo -.Op Cm no -.Ns Cm cmd -.Xc -echo parsed arguments -.Bq Cm cmd -.It Xo -.Op Cm no -.Ns Cm stats\ \ \ \ -.Pq Cm st -.Xc -print query statistics -.Bq Cm st -.It Xo -.Op Cm no -.Ns Cm Header\ \ \ -.Pq Cm H -.Xc -print basic header -.Bq Cm H -.It Xo -.Op Cm no -.Ns Cm header\ \ \ -.Pq Cm he -.Xc -print header flags -.Bq Cm he -.It Xo -.Op Cm no -.Ns Cm ttlid\ \ \ \ -.Pq Cm tt -.Xc -print TTLs -.Bq Cm tt -.It Xo -.Op Cm no -.Ns Cm trunc\ \ \ \ -.Pq Cm tr -.Xc -truncate origin from names -.Bq Cm tr -.It Xo -.Op Cm no -.Ns Cm cl -.Xc -print class info -.Bq Cm nocl -.It Xo -.Op Cm no -.Ns Cm qr -.Xc -print outgoing query -.Bq Cm noqr -.It Xo -.Op Cm no -.Ns Cm reply\ \ \ \ -.Pq Cm rep -.Xc -print reply -.Bq Cm rep -.It Xo -.Op Cm no -.Ns Cm ques\ \ \ \ \ -.Pq Cm qu -.Xc -print question section -.Bq Cm qu -.It Xo -.Op Cm no -.Ns Cm answer\ \ \ -.Pq Cm an -.Xc -print answer section -.Bq Cm an -.It Xo -.Op Cm no -.Ns Cm author\ \ \ -.Pq Cm au -.Xc -print authoritative section -.Bq Cm au -.It Xo -.Op Cm no -.Ns Cm addit\ \ \ \ -.Pq Cm ad -.Xc -print additional section -.Bq Cm ad -.It Xo -.Op Cm no -.Ns Cm dnssec\ \ \ -.Pq Cm \ddn -.Xc -set the DNSSEC OK bit in the OPT pseudo record -.Bq Cm nodn -.It Cm pfdef -set to default print flags -.It Cm pfmin -set to minimal default print flags -.It Cm pfset= Ns Ar # -set print flags to # -(# can be hex/octal/decimal) -.It Cm pfand= Ns Ar # -bitwise and print flags with # -.It Cm pfor= Ns Ar # -bitwise or print flags with # -.El -.Pp -The -.Cm retry -and -.Cm time -options affect the retransmission strategy used by the resolver -library when sending datagram queries. The algorithm is as follows: -.Pp -.Bd -literal -offset indent -for i = 0 to retry - 1 - for j = 1 to num_servers - send_query - wait((time * (2**i)) / num_servers) - end -end -.Ed -.Pp -(Note: -.Ic dig -always uses a value of 1 for -.Dq Li num_servers . ) -.El -.Ss DETAILS -.Ic Dig -once required a slightly modified version of the BIND -.Xr resolver @LIB_NETWORK_EXT@ -library. As of BIND 4.9, BIND's resolver has been augmented to work -properly with -.Ic dig . -Essentially, -.Ic dig -is a straight-forward -(albeit not pretty) effort of parsing arguments and setting appropriate -parameters. -.Ic Dig -uses -.Xr resolver @LIB_NETWORK_EXT@ -routines -.Fn res_init , -.Fn res_mkquery , -.Fn res_send -as well as accessing the -.Ft _res -structure. -.Sh ENVIRONMENT -.Bl -tag -width "LOCALRES " -compact -.It Ev LOCALRES -file to use in place of Pa /etc/resolv.conf -.It Ev LOCALDEF -default environment file -.El -.Pp -See also the explanation of the -.Fl envsav , -.Fl envset , -and -.Xo -.Fl Op Cm no -.Ns Cm stick -.Xc -options, above. -.Sh FILES -.Bl -tag -width "/etc/resolv.conf " -compact -.It Pa /etc/resolv.conf -initial domain name and name server addresses -.It Pa \./DiG.env -default save file for default options -.El -.Sh SEE ALSO -.Xr @INDOT@named @SYS_OPS_EXT@ , -.Xr resolver @LIB_NETWORK_EXT@ , -.Xr resolver @FORMAT_EXT@ , -.Xr nslookup @SYS_OPS_EXT@ . -.Sh STANDARDS -RFC 1035. -.Sh AUTHOR -Steve Hotz -hotz@isi.edu -.Sh ACKNOWLEDGMENTS -.Ic Dig -uses functions from -.Xr nslookup @SYS_OPS_EXT@ -authored by Andrew Cherenson. -.Sh BUGS -.Ic Dig -has a serious case of "creeping featurism" -- the result of -considering several potential uses during it's development. It would -probably benefit from a rigorous diet. Similarly, the print flags -and granularity of the items they specify make evident their -rather ad hoc genesis. -.Pp -.Ic Dig -does not consistently exit nicely (with appropriate status) -when a problem occurs somewhere in the resolver -.Po -.Sy NOTE : -most of the common exit cases are handled -.Pc . -This is particularly annoying when running in -batch mode. If it exits abnormally (and is not caught), the entire -batch aborts; when such an event is trapped, -.Ic dig -simply -continues with the next query. diff --git a/contrib/bind/doc/man/dnskeygen.1 b/contrib/bind/doc/man/dnskeygen.1 deleted file mode 100644 index 7080f953a398..000000000000 --- a/contrib/bind/doc/man/dnskeygen.1 +++ /dev/null @@ -1,132 +0,0 @@ -.\" Copyright (c) 1996,1999 by Internet Software Consortium -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" -.\" $Id: dnskeygen.1,v 8.8 2002/04/22 04:27:19 marka Exp $ -.\" -.Dd December 2, 1998 -.Dt DNSKEYGEN @CMD_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm dnskeygen -.Nd "generate public, private, and shared secret keys for DNS Security" -.Sh SYNOPSIS -.Nm dnskeygen -.Oo -.Fl Op Cm DHR -.Ar size -.Oc -.Op Fl F -.Op Fl Cm zhu -.Op Fl Cm a -.Op Fl Cm c -.Op Fl Cm p Ar num -.Op Fl Cm s Ar num -.Fl n Ar name -.Sh DESCRIPTION -.Ic Dnskeygen -(DNS Key Generator) is a tool to generate and maintain keys for DNS Security -within the DNS (Domain Name System). -.Nm Dnskeygen -can generate public and private keys to authenticate zone data, and shared -secret keys to be used for Request/Transaction signatures. -.Bl -tag -width Fl -.It Fl D -Dnskeygen will generate a -.Ic DSA/DSS -key. -.Dq size -must be one of [512, 576, 640, 704, 768, 832, 896, 960, 1024]. -.It Fl H -Dnskeygen will generate an -.Ic HMAC-MD5 -key. -.Dq size -must be between 128 and 504. -.It Fl R -Dnskeygen will generate an -.Ic RSA -key. -.Dq size -must be between 512 and 4096. -.It Fl F -.Ic ( RSA only ) -Use a large exponent for key generation. -.It Fl z Fl h Fl u -These flags define the type of key being generated: Zone (DNS validation) key, -Host (host or service) key or User (e.g. email) key, respectively. -Each key is only allowed to be one of these. -.It Fl a -Indicates that the key -.Ic CANNOT -be used for authentication. -.It Fl c -Indicates that the key -.Ic CANNOT -be used for encryption. -.It Fl p Ar num -Sets the key's protocol field to -.Ar num ; -the default is -.Ic 3 -(DNSSEC) if -.Dq Fl z -or -.Dq Fl h -is specified and -.Ic 2 -(EMAIL) otherwise. Other accepted values are -.Ic 1 -(TLS), -.Ic 4 -(IPSEC), and -.Ic 255 -(ANY). -.It Fl s Ar num -Sets the key's strength field to -.Ar num ; -the default is -.Sy 0 . -.It Fl n Ar name -Sets the key's name to -.Ar name . -.El -.Ss DETAILS -.Ic Dnskeygen -stores each key in two files: -.Pa K<name>+<alg>+<footprint>.private -and -.Pa K<name>+<alg>+<footprint>.key -The file -.Pa K<name>+<alg>+<footprint>.private -contains the private key in a portable format. The file -.Pa K<name>+<alg>+<footprint>.key -contains the public key in the DNS zone file format: -.Pp -.D1 Ar <name> IN KEY <flags> <algorithm> <protocol> <exponent|modulus> -.Pp -.Sh ENVIRONMENT -No environmental variables are used. -.Sh SEE ALSO -.Em RFC 2065 -on secure DNS and the -.Em TSIG -Internet Draft. -.Sh AUTHOR -Olafur Gudmundsson (ogud@tis.com). -.Sh ACKNOWLEDGMENTS -The underlying cryptographic math is done by the DNSSAFE and/or Foundation -Toolkit libraries. -.Sh BUGS -None are known at this time diff --git a/contrib/bind/doc/man/dnsquery.1 b/contrib/bind/doc/man/dnsquery.1 deleted file mode 100644 index b6588c636744..000000000000 --- a/contrib/bind/doc/man/dnsquery.1 +++ /dev/null @@ -1,180 +0,0 @@ -.\" $Id: dnsquery.1,v 8.5 2002/06/18 02:04:54 marka Exp $ -.\" -.\"Copyright (c) 1995,1996,1999 by Internet Software Consortium -.\" -.\"Permission to use, copy, modify, and distribute this software for any -.\"purpose with or without fee is hereby granted, provided that the above -.\"copyright notice and this permission notice appear in all copies. -.\" -.\"THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\"ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\"OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\"CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\"DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\"PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\"ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\"SOFTWARE. -.\" -.Dd March 10, 1990 -.Dt DNSQUERY @CMD_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm dnsquery -.Nd query domain name servers using resolver -.Sh SYNOPSIS -.Nm dnsquery -.Op Fl n Ar nameserver -.Op Fl t Ar type -.Op Fl c Ar class -.Op Fl r Ar retry -.Op Fl p Ar period -.Op Fl d -.Op Fl s -.Op Fl v -.Ar host -.Sh DESCRIPTION -The -.Ic dnsquery -program is a general interface to nameservers via -BIND resolver library calls. The program supports -queries to the nameserver with an opcode of QUERY. -This program is intended to be a replacement or -supplement to programs like nstest, nsquery and -nslookup. All arguments except for -.Ar host -and -.Ar nameserver -are treated without case-sensitivity. -.Sh OPTIONS -.Bl -tag -width Fl -.It Fl n Ar nameserver -The nameserver to be used in the query. Nameservers can appear as either -Internet addresses of the form -.Ar ( w.x.y.z -or -.Ar xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx ) -or can appear as domain names. -(Default: as specified in -.Pa /etc/resolv.conf . ) -.It Fl t Ar type -The type of resource record of interest. Types include: -.Bl -tag -width "AFSDB " -compact -offset indent -.It Ar A -address -.It Ar NS -nameserver -.It Ar CNAME -canonical name -.It Ar PTR -domain name pointer -.It Ar SOA -start of authority -.It Ar WKS -well-known service -.It Ar HINFO -host information -.It Ar MINFO -mailbox information -.It Ar MX -mail exchange -.It Ar RP -responsible person -.It Ar MG -mail group member -.It Ar AFSDB -DCE or AFS server -.It Ar ANY -wildcard -.El -.Pp -Note that any case may be used. (Default: -.Ar ANY . ) -.It Fl c Ar class -The class of resource records of interest. -Classes include: -.Bl -tag -width "CHAOS " -compact -offset indent -.It Ar IN -Internet -.It Ar HS -Hesiod -.It Ar CHAOS -Chaos -.It Ar ANY -wildcard -.El -.Pp -Note that any case may be used. (Default: -.Ar IN . ) -.It Fl r Ar retry -The number of times to retry if the nameserver is -not responding. (Default: 4.) -.It Fl p Ar period -Period to wait before timing out. (Default: -.Dv RES_TIMEOUT . ) -.It Fl d -Turn on debugging. This sets the -.Dv RES_DEBUG -bit of the resolver's -.Ft options -field. (Default: no debugging.) -.It Fl s -Use a -.Em stream -rather than a packet. This uses a TCP stream connection with -the nameserver rather than a UDP datagram. This sets the -.Dv RES_USEVC -bit of the resolver's -.Ft options -field. (Default: UDP datagram.) -.It Fl v -Synonym for the -.Dq Fl s -flag. -.It Ar host -The name of the host (or domain) of interest. -.El -.Sh FILES -.Bl -tag -width "<arpa/nameser.h> " -compact -.It Pa /etc/resolv.conf -to get the default ns and search lists -.It Pa <arpa/nameser.h> -list of usable RR types and classes -.It Pa <resolv.h> -list of resolver flags -.El -.Sh DIAGNOSTICS -If the resolver fails to answer the query and debugging has not been -turned on, -.Ic dnsquery -will simply print a message like: -.Dl Query failed (rc = 1) : Unknown host -.Pp -The value of the return code is supplied by -.Ft h_errno . -.Sh SEE ALSO -.Xr nslookup @SYS_OPS_EXT@ , -.Xr nstest @CMD_EXT@ , -.Xr nsquery @CMD_EXT@ , -.Xr named @SYS_OPS_EXT@ , -.Xr resolver @FORMAT_EXT@ . -.Sh AUTHOR -Bryan Beecher -.Sh BUGS -Queries of a class other than -.Ar IN -can have interesting results -since ordinarily a nameserver only has a list of root nameservers -for class -.Ar IN -resource records. -.Pp -.Ic Dnsquery -uses a call to -.Fn inet_addr -to determine if the argument -for the -.Dq Fl n -option is a valid Internet address. Unfortunately, -.Fn inet_addr -seems to cause a segmentation fault with some (bad) -IP addresses (e.g., 1.2.3.4.5). diff --git a/contrib/bind/doc/man/dnssigner.1 b/contrib/bind/doc/man/dnssigner.1 deleted file mode 100644 index 1fb4ce4623c2..000000000000 --- a/contrib/bind/doc/man/dnssigner.1 +++ /dev/null @@ -1,213 +0,0 @@ -.\" Copyright (c) 1996 by Internet Software Consortium -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" -.\" $Id: dnssigner.1,v 8.2 1997/03/14 02:29:42 vixie Exp $ -.\" -.Dd October 25, 1996 -.Dt DNSSIGNER @CMD_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm dnssigner -.Nd add signatures to DNS zone files -.Sh SYNOPSIS -.Nm dnssigner -.Op Cm signer-name Ar default_signer -.Op Cm boot-file Ar file -.Op Cm debug-file Ar file -.Op Cm out-dir Ar directory -.Op Cm seq-no Ar number -.Oo -.Cm expiration-time -.Oo Po Cm + -.Ns \&| -.Ns Cm = -.Pc Oc -.Ns Ar time -.Oc -.Op Cm hide -.Op Cm noaxfr -.Op Cm nosign -.Op Cm verify -.Op Cm update-zonekey -.Op Fl d Ns Ar level -.Sh DESCRIPTION -.Ic Dnssigner -(Sign DNS zone database) is a tool to generate signatures -for DNS (Domain Name System) resource records. It also generates -NXT records for each zone. -.Pp -.Bl -tag -width Fl -.It Cm signer-name Ar default_signer -Specifies a name of the key to use if no signer is defined using the -.Em Li $SIGNER -directive in the boot files. -.It Cm boot-file Ar file -Specifies the control file for -.Ic dnssigner , -which is in the same format as the BIND-4 -.Pa named.boot -file. -.It Cm debug-file Ar file -Redirect debug output to the specified -.Ar file ; -default is -.Pa signer_out -in the current directory. -.It Cm out-dir Ar directory -Write signed files to thie specified -.Ar directory ; -default is to use -.Pa /tmp . -.Pp -.Sy NOTE : -Specify the full path to this directory; relative paths may not work. -.It Xo Cm expiration-time -.Oo Po Cm + -.Ns \&| -.Ns Cm = -.Pc Oc -.Ns Ar time -.Xc -Time when the signature records are to -expire. Using either -.Dq Cm = -or -.Em no -sign before the -.Ar time -argument -.Po i.e., -.Do Op Cm = -.Ns Ar time -.Dc -.Pc , -the -.Ar time -is interpreted as an absolute time in seconds when the records will expire. -.Po Sy NOTE : - All such times are interpreted as Universal Times. -.Pc -With -.Dq Cm + -specified -.Pq i.e., Dq Cm + Ns Ar time , -the -.Ar time -time is interpreted as an offset into the future. -.Pp -If not specified on the command line, the default -.Cm expiration-time -is 3600*24*30 sec (30 days). -.It Cm seq-no Ar number -Force the serial number in the SOA records to the specified value. -If this parameter is not set, the serial number will be set to a value -based on the current time. -.It Cm hide -This flag will cause NXT records in zones with wildcard -records to point to -.Li *.<zone> -as the next host. The purpose of this -flag is to hide all information about valid names in a zone. -.It Cm noaxfr -Turn of generation of zone transfer signature records, -which validate the transfer of an entire zone. -.It Cm nosign -When this flag is specified, the boot files are read, NXT -records are generated and zone file is written to the output -directory. No SIG records are generated. This flag is useful for -quickly checking the format of the data in the boot files, and to -have boot files sorted into DNSSEC order. -.It Cm verify -When this flag is present, -.Ic dnssigner -will verify all -signed records and print out a confirmation message for each SIG -verified. The main use of this flag is to see how long it takes to -generate each signature. -.It Cm update-zonekey -If this flag is specified, then the zonekeys used -to sign files will be updated with new records. Specify this flag if -one or more of the keys have been updated. If there are no zonekeys -specified in the boot files, this flag will insert them. Omitting -zonekeys will cause primary nameservers to reject the zone. -.It Fl d Ns Ar level -Debug level to use for running -.Ic dnssigner ; -these levels are the same as those used by -.Xr @INDOT_U@NAMED @SYS_OPS_EXT_U@ -.El -.Ss DETAILS -.Ic Dnssigner -reads BIND-4 -.Pa named.boot -and zone files, adds SIG and NXT -records and writes out the records (to one file per zone, regardless of -how many include files the original zone was in). The files generated by -.Ic dnssigner -are ordinary textual zone files and are then normally -loaded by -.Xr @INDOT_U@NAMED @SYS_OPS_EXT_U@ -to serve the zone. -.Ic Dnssigner -\fBrequires that the PRIVATE key(s) reside in the input directory\fP. -.Pp -Making manual changes to the output files is hazardous, because most -changes will invalidate one or more signatures contained therein. This -will cause the zone to fail to load into -.Xr @INDOT_U@NAMED @SYS_OPS_EXT_U@ , -or will cause subsequent -failures in retrieving records from the zone. It is far better to make -changes in -.Ic dnssigner's -input files, and rerun -.Ic dnssigner . -.Pp -When -.Ic dnssigner -detects a delegation point, it creates a special file -.Pa <zone_name>.PARENT -which contains the RR's the parent zone signs for the -child zone (NS, KEY, NXT). The intent is that the child will include this -file when loading primary nameservers. Similarly, each zone file ends -with the -.Dq Li #include <zone_name>.PARENT -command. The records -in the -.Pa .PARENT -files are omitted from the SIG(AXFR) calculations as these -records usualy are on a different signing cycle. -.Pp -The -.Em Li Dq $SIGNER Op Ar keyname -directive can be used to change signers in a -zone. If -.Ar keyname -is omitted, signing is turned off. Keys are loaded the -first time the keys are accessed. Only records that are signed by the -zone signer (the key that signs the SOA) are included in the SIG(AXFR) -calculation. It is not generally recommended that multiple keys sign -records in the same zone, unless this is useful for dynamic updates. -.Sh ENVIRONMENT -No environmental variables are used. -.Sh SEE ALSO -.Xr @INDOT_U@NAMED @SYS_OPS_EXT_U@ , -RSAREF documentation, -Internet-Draft -.Em draft-ietf-dnssec-secext-10.txt -on Secure DNS, or its successor. -.Sh AUTHOR -Olafur Gudmundsson (ogud@tis.com) -.Sh ACKNOWLEDGMENTS -The underlying crypto math is done by the RSAREF or BSAFE libraries. diff --git a/contrib/bind/doc/man/getaddrinfo.3 b/contrib/bind/doc/man/getaddrinfo.3 deleted file mode 100644 index a18d3d0fd997..000000000000 --- a/contrib/bind/doc/man/getaddrinfo.3 +++ /dev/null @@ -1,360 +0,0 @@ -.\" Copyright (c) 1983, 1987, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" From: @(#)gethostbyname.3 8.4 (Berkeley) 5/25/95 -.\" $Id: getaddrinfo.3,v 8.3 2001/12/28 04:24:15 marka Exp $ -.\" -.Dd May 25, 1995 -.Dt GETADDRINFO @LIB_NETWORK_EXT@ -.Os KAME -.Sh NAME -.Nm getaddrinfo -.Nm freeaddrinfo , -.Nm gai_strerror -.Nd nodename-to-address translation in protocol-independent manner -.Sh SYNOPSIS -.Fd #include <sys/socket.h> -.Fd #include <netdb.h> -.Ft int -.Fn getaddrinfo "const char *nodename" "const char *servname" \ -"const struct addrinfo *hints" "struct addrinfo **res" -.Ft void -.Fn freeaddrinfo "struct addrinfo *ai" -.Ft "char *" -.Fn gai_strerror "int ecode" -.Sh DESCRIPTION -The -.Fn getaddrinfo -function is defined for protocol-independent nodename-to-address translation. -It performs functionality of -.Xr gethostbyname @LIB_NETWORK_EXT@ -and -.Xr getservbyname @LIB_NETWORK_EXT@ , -in more sophisticated manner. -.Pp -The addrinfo structure is defined as a result of including the -.Li <netdb.h> -header: -.Bd -literal -offset -struct addrinfo { * - int ai_flags; /* AI_PASSIVE, AI_CANONNAME, AI_NUMERICHOST */ - int ai_family; /* PF_xxx */ - int ai_socktype; /* SOCK_xxx */ - int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */ - size_t ai_addrlen; /* length of ai_addr */ - char *ai_canonname; /* canonical name for nodename */ - struct sockaddr *ai_addr; /* binary address */ - struct addrinfo *ai_next; /* next structure in linked list */ -}; -.Ed -.Pp -The -.Fa nodename -and -.Fa servname -arguments are pointers to null-terminated strings or -.Dv NULL . -One or both of these two arguments must be a -.Pf non Dv -NULL -pointer. -In the normal client scenario, both the -.Fa nodename -and -.Fa servname -are specified. -In the normal server scenario, only the -.Fa servname -is specified. -A -.Pf non Dv -NULL -.Fa nodename -string can be either a node name or a numeric host address string -(i.e., a dotted-decimal IPv4 address or an IPv6 hex address). -A -.Pf non Dv -NULL -.Fa servname -string can be either a service name or a decimal port number. -.Pp -The caller can optionally pass an -.Li addrinfo -structure, pointed to by the third argument, -to provide hints concerning the type of socket that the caller supports. -In this -.Fa hints -structure all members other than -.Fa ai_flags , -.Fa ai_family , -.Fa ai_socktype , -and -.Fa ai_protocol -must be zero or a -.Dv NULL -pointer. -A value of -.Dv PF_UNSPEC -for -.Fa ai_family -means the caller will accept any protocol family. -A value of 0 for -.Fa ai_socktype -means the caller will accept any socket type. -A value of 0 for -.Fa ai_protocol -means the caller will accept any protocol. -For example, if the caller handles only TCP and not UDP, then the -.Fa ai_socktype -member of the hints structure should be set to -.Dv SOCK_STREAM -when -.Fn getaddrinfo -is called. -If the caller handles only IPv4 and not IPv6, then the -.Fa ai_family -member of the -.Fa hints -structure should be set to -.Dv PF_INET -when -.Fn getaddrinfo -is called. -If the third argument to -.Fn getaddrinfo -is a -.Dv NULL -pointer, this is the same as if the caller had filled in an -.Li addrinfo -structure initialized to zero with -.Fa ai_family -set to PF_UNSPEC. -.Pp -Upon successful return a pointer to a linked list of one or more -.Li addrinfo -structures is returned through the final argument. -The caller can process each -.Li addrinfo -structure in this list by following the -.Fa ai_next -pointer, until a -.Dv NULL -pointer is encountered. -In each returned -.Li addrinfo -structure the three members -.Fa ai_family , -.Fa ai_socktype , -and -.Fa ai_protocol -are the corresponding arguments for a call to the -.Fn socket -function. -In each -.Li addrinfo -structure the -.Fa ai_addr -member points to a filled-in socket address structure whose length is -specified by the -.Fa ai_addrlen -member. -.Pp -If the -.Dv AI_PASSIVE -bit is set in the -.Fa ai_flags -member of the -.Fa hints -structure, then the caller plans to use the returned socket address -structure in a call to -.Fn bind . -In this case, if the -.Fa nodename -argument is a -.Dv NULL -pointer, then the IP address portion of the socket -address structure will be set to -.Dv INADDR_ANY -for an IPv4 address or -.Dv IN6ADDR_ANY_INIT -for an IPv6 address. -.Pp -If the -.Dv AI_PASSIVE -bit is not set in the -.Fa ai_flags -member of the -.Fa hints -structure, then the returned socket address structure will be ready for a -call to -.Fn connect -.Pq for a connection-oriented protocol -or either -.Fn connect , -.Fn sendto , -or -.Fn sendmsg -.Pq for a connectionless protocol . -In this case, if the -.Fa nodename -argument is a -.Dv NULL -pointer, then the IP address portion of the -socket address structure will be set to the loopback address. -.Pp -If the -.Dv AI_CANONNAME -bit is set in the -.Fa ai_flags -member of the -.Fa hints -structure, then upon successful return the -.Fa ai_canonname -member of the first -.Li addrinfo -structure in the linked list will point to a null-terminated string -containing the canonical name of the specified -.Fa nodename . -.Pp -If the -.Dv AI_NUMERICHOST -bit is set in the -.Fa ai_flags -member of the -.Fa hints -structure, then a -.Pf non Dv -NULL -.Fa nodename -string must be a numeric host address string. -Otherwise an error of -.Dv EAI_NONAME -is returned. -This flag prevents any type of name resolution service (e.g., the DNS) -from being called. -.Pp -All of the information returned by -.Fn getaddrinfo -is dynamically allocated: -the -.Li addrinfo -structures, and the socket address structures and canonical node name -strings pointed to by the addrinfo structures. -To return this information to the system the function -Fn freeaddrinfo -is called. -The -.Fa addrinfo -structure pointed to by the -.Fa ai argument -is freed, along with any dynamic storage pointed to by the structure. -This operation is repeated until a -.Dv NULL -.Fa ai_next -pointer is encountered. -.Pp -To aid applications in printing error messages based on the -.Dv EAI_xxx -codes returned by -.Fn getaddrinfo , -.Fn gai_strerror -is defined. -The argument is one of the -.Dv EAI_xxx -values defined earlier and the return value points to a string describing -the error. -If the argument is not one of the -.Dv EAI_xxx -values, the function still returns a pointer to a string whose contents -indicate an unknown error. -.Sh FILES -.Bl -tag -width /etc/resolv.conf -compact -.It Pa /etc/hosts -.It Pa /etc/host.conf -.It Pa /etc/resolv.conf -.El -.Sh DIAGNOSTICS -Error return status from -.Fn getaddrinfo -is zero on success and non-zero on errors. -Non-zero error codes are defined in -.Li <netdb.h> , -and as follows: -.Pp -.Bl -tag -width EAI_ADDRFAMILY -compact -.It Dv EAI_ADDRFAMILY -address family for nodename not supported -.It Dv EAI_AGAIN -temporary failure in name resolution -.It Dv EAI_BADFLAGS -invalid value for ai_flags -.It Dv EAI_FAIL -non-recoverable failure in name resolution -.It Dv EAI_FAMILY -ai_family not supported -.It Dv EAI_MEMORY -memory allocation failure -.It Dv EAI_NODATA -no address associated with nodename -.It Dv EAI_NONAME -nodename nor servname provided, or not known -.It Dv EAI_SERVICE -servname not supported for ai_socktype -.It Dv EAI_SOCKTYPE -ai_socktype not supported -.It Dv EAI_SYSTEM -system error returned in errno -.El -.Pp -If called with proper argument, -.Fn gai_strerror -returns a pointer to a string describing the given error code. -If the argument is not one of the -.Dv EAI_xxx -values, the function still returns a pointer to a string whose contents -indicate an unknown error. -.Sh SEE ALSO -.Xr getnameinfo @LIB_NETWORK_EXT@ , -.Xr gethostbyname @LIB_NETWORK_EXT@ , -.Xr getservbyname @LIB_NETWORK_EXT@ , -.Xr hosts @FORMAT_EXT@ , -.Xr services @FORMAT_EXT@ , -.Xr hostname @DESC_EXT@ , -.Xr named @SYS_OPS_EXT@ -.Pp -R. Gilligan, S. Thomson, J. Bound, and W. Stevens, -``Basic Socket Interface Extensions for IPv6,'' RFC2133, April 1997. -.Sh HISTORY -The implementation first appeared in WIDE Hydrangea IPv6 protocol stack kit. -.Sh STANDARDS -The -.Fn getaddrinfo -function is defined IEEE POSIX 1003.1g draft specification, -and documented in ``Basic Socket Interface Extensions for IPv6'' -(RFC2133). -.Sh BUGS -The text was shamelessly copied from RFC2133. diff --git a/contrib/bind/doc/man/gethostbyname.3 b/contrib/bind/doc/man/gethostbyname.3 deleted file mode 100644 index e23d51e8a757..000000000000 --- a/contrib/bind/doc/man/gethostbyname.3 +++ /dev/null @@ -1,242 +0,0 @@ -.\" Copyright (c) 1983, 1987 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted provided -.\" that: (1) source distributions retain this entire copyright notice and -.\" comment, and (2) distributions including binaries display the following -.\" acknowledgement: ``This product includes software developed by the -.\" University of California, Berkeley and its contributors'' in the -.\" documentation or other materials provided with the distribution and in -.\" all advertising materials mentioning features or use of this software. -.\" Neither the name of the University nor the names of its contributors may -.\" be used to endorse or promote products derived from this software without -.\" specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED -.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)gethostbyname.3 6.12 (Berkeley) 6/23/90 -.\" -.Dd June 23, 1990 -.Dt GETHOSTBYNAME @LIB_NETWORK_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm gethostbyname , -.Nm gethostbyaddr , -.Nm gethostent , -.Nm sethostent , -.Nm endhostent , -.Nm herror -.Nd get network host entry -.Sh SYNOPSIS -.Fd #include <netdb.h> -.Ft extern int -.Fa h_errno ; -.Pp -.Ft struct hostent * -.Fn gethostbyname "char *name" -.Ft struct hostent * -.Fn gethostbyname2 "char *name" "int af" -.Ft struct hostent * -.Fn gethostbyaddr "char *addr" "int len, type" -.Ft struct hostent * -.Fn gethostent -.Fn sethostent "int stayopen" -.Fn endhostent -.Fn herror "char *string" -.Sh DESCRIPTION -.Fn Gethostbyname , -.Fn gethostbyname2 , -and -.Fn gethostbyaddr -each return a pointer to a -.Ft hostent -structure (see below) describing an internet host -referenced by name or by address, as the function names indicate. -This structure contains either the information obtained from the name server, -.Xr @INDOT@named @SYS_OPS_EXT@ , -or broken-out fields from a line in -.Pa /etc/hosts . -If the local name server is not running, these routines do a lookup in -.Pa /etc/hosts . -.Bd -literal -offset indent -struct hostent { - char *h_name; /* official name of host */ - char **h_aliases; /* alias list */ - int h_addrtype; /* host address type */ - int h_length; /* length of address */ - char **h_addr_list; /* list of addresses from name server */ -}; - -#define h_addr h_addr_list[0] /* address, for backward compatibility */ -.Ed -.Pp -The members of this structure are: -.Bl -tag -width "h_addr_list" -.It h_name -Official name of the host. -.It h_aliases -A zero-terminated array of alternate names for the host. -.It h_addrtype -The type of address being returned; usually -.Dv AF_INET . -.It h_length -The length, in bytes, of the address. -.It h_addr_list -A zero-terminated array of network addresses for the host. -Host addresses are returned in network byte order. -.It h_addr -The first address in -.Li h_addr_list ; -this is for backward compatibility. -.El -.Pp -When using the nameserver, -.Fn gethostbyname -will search for the named host in each parent domain given in the -.Dq Li search -directive of -.Xr resolv.conf @FORMAT_EXT@ -unless the name contains a dot -.Pq Dq \&. . -If the name contains no dot, and if the environment variable -.Ev HOSTALIASES -contains the name of an alias file, the alias file will first be searched -for an alias matching the input name. -See -.Xr hostname @DESC_EXT@ -for the domain search procedure and the alias file format. -.Pp -.Fn Gethostbyname2 -is an evolution of -.Fn gethostbyname -intended to allow lookups in address families other than -.Dv AF_INET , -for example, -.Dv AF_INET6 . -Currently, the -.Fa af -argument must be specified as -.Dv AF_INET -else the function will return -.Dv NULL -after having set -.Ft h_errno -to -.Dv NETDB_INTERNAL . -.Pp -.Fn Sethostent -may be used to request the use of a connected TCP socket for queries. -If the -.Fa stayopen -flag is non-zero, -this sets the option to send all queries to the name server using TCP -and to retain the connection after each call to -.Fn gethostbyname -or -.Fn gethostbyaddr . -Otherwise, queries are performed using UDP datagrams. -.Pp -.Fn Endhostent -closes the TCP connection. -.Sh ENVIRONMENT -.Bl -tag -width "HOSTALIASES " -compact -.It Ev HOSTALIASES -Name of file containing -.Pq Ar host alias , full hostname -pairs. -.El -.Sh FILES -.Bl -tag -width "HOSTALIASES " -compact -.It Pa /etc/hosts -See -.Xr hosts @FORMAT_EXT@ . -.El -.Sh DIAGNOSTICS -.Pp -Error return status from -.Fn gethostbyname -and -.Fn gethostbyaddr -is indicated by return of a null pointer. -The external integer -.Ft h_errno -may then be checked to see whether this is a temporary failure -or an invalid or unknown host. -The routine -.Fn herror -can be used to print an error message describing the failure. -If its argument -.Fa string -is non-NULL, it is printed, followed by a colon and a space. -The error message is printed with a trailing newline. -.Pp -.Ft h_errno -can have the following values: -.Bl -tag -width "HOST_NOT_FOUND " -offset indent -.It Dv NETDB_INTERNAL -This indicates an internal error in the library, unrelated to the network -or name service. -.Ft errno -will be valid in this case; see -.Xr perror @SYSCALL_EXT@ . -.It Dv HOST_NOT_FOUND -No such host is known. -.It Dv TRY_AGAIN -This is usually a temporary error -and means that the local server did not receive -a response from an authoritative server. -A retry at some later time may succeed. -.It Dv NO_RECOVERY -Some unexpected server failure was encountered. -This is a non-recoverable error, as one might expect. -.It Dv NO_DATA -The requested name is valid but does not have an IP address; -this is not a temporary error. -This means that the name is known to the name server but there is no address -associated with this name. -Another type of request to the name server using this domain name -will result in an answer; -for example, a mail-forwarder may be registered for this domain. -.El -.Sh SEE ALSO -.Xr hosts @FORMAT_EXT@ , -.Xr hostname @DESC_EXT@ , -.Xr @INDOT@named @SYS_OPS_EXT@ , -.Xr resolver @LIB_NETWORK_EXT@ , -.Xr resolver @FORMAT_EXT@ . -.Sh CAVEAT -.Pp -.Fn Gethostent -is defined, and -.Fn sethostent -and -.Fn endhostent -are redefined, -when -.Pa libc -is built to use only the routines to lookup in -.Pa /etc/hosts -and not the name server: -.Bd -ragged -offset indent -.Pp -.Fn Gethostent -reads the next line of -.Pa /etc/hosts , -opening the file if necessary. -.Pp -.Fn Sethostent -is redefined to open and rewind the file. If the -.Fa stayopen -argument is non-zero, -the hosts data base will not be closed after each call to -.Fn gethostbyname -or -.Fn gethostbyaddr . -.Pp -.Fn Endhostent -is redefined to close the file. -.Ed -.Sh BUGS -All information is contained in a static area so it must be copied if it is -to be saved. Only the Internet address format is currently understood. diff --git a/contrib/bind/doc/man/getipnodebyname.3 b/contrib/bind/doc/man/getipnodebyname.3 deleted file mode 100644 index 95ca428188b1..000000000000 --- a/contrib/bind/doc/man/getipnodebyname.3 +++ /dev/null @@ -1,227 +0,0 @@ -.\" Copyright (c) 1996,1999 by Internet Software Consortium -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" -.\" Copyright (c) 1983, 1987 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted provided -.\" that: (1) source distributions retain this entire copyright notice and -.\" comment, and (2) distributions including binaries display the following -.\" acknowledgement: ``This product includes software developed by the -.\" University of California, Berkeley and its contributors'' in the -.\" documentation or other materials provided with the distribution and in -.\" all advertising materials mentioning features or use of this software. -.\" Neither the name of the University nor the names of its contributors may -.\" be used to endorse or promote products derived from this software without -.\" specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED -.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.Dd September 17, 1999 -.Dt GETIPNODEBYNAME @LIB_NETWORK_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm getipnodebyname , -.Nm getipnodebyaddr -.Nd get network host entry -.br -.Nm freehostent -.Nd free network host entry -.Sh SYNOPSIS -.Fd #include <netdb.h> -.Pp -.Ft struct hostent * -.Fn getipnodebyname "const char *name" "int af" "int flags" "int *error" -.Ft struct hostent * -.Fn getipnodebyaddr "const void *addr" "size_t len" "int af" "int *error" -.Ft void -.Fn freehostent "struct hostent *he" -.Sh DESCRIPTION -.Fn Getipnodebyname , -and -.Fn getipnodebyaddr -each return a pointer to a -.Ft hostent -structure (see below) describing an internet host -referenced by name or by address, as the function names indicate. -This structure contains either the information obtained from the name server, -.Xr @INDOT@named @SYS_OPS_EXT@ , -or broken-out fields from a line in -.Pa /etc/hosts . -If the local name server is not running, these routines do a lookup in -.Pa /etc/hosts . -.Bd -literal -offset indent -struct hostent { - char *h_name; /* official name of host */ - char **h_aliases; /* alias list */ - int h_addrtype; /* host address type */ - int h_length; /* length of address */ - char **h_addr_list; /* list of addresses from name server */ -}; - -#define h_addr h_addr_list[0] /* address, for backward compatibility */ -.Ed -.Pp -The members of this structure are: -.Bl -tag -width "h_addr_list" -.It h_name -Official name of the host. -.It h_aliases -A zero-terminated array of alternate names for the host. -.It h_addrtype -The type of address being returned. -.It h_length -The length, in bytes, of the address. -.It h_addr_list -A zero-terminated array of network addresses for the host. -Host addresses are returned in network byte order. -.It h_addr -The first address in -.Li h_addr_list ; -this is for backward compatibility. -.El -.Pp -This structure should be freed after use by calling -.Fn freehostent . -.Pp -When using the nameserver, -.Fn getiphostbyaddr -will search for the named host in each parent domain given in the -.Dq Li search -directive of -.Xr resolv.conf @FORMAT_EXT@ -unless the name contains a dot -.Pq Dq \&. . -If the name contains no dot, and if the environment variable -.Ev HOSTALIASES -contains the name of an alias file, the alias file will first be searched -for an alias matching the input name. -See -.Xr hostname @DESC_EXT@ -for the domain search procedure and the alias file format. -.Pp -.Fn Getiphostbyaddr -can be told to look for IPv4 addresses, IPv6 addresses or both IPv4 and IPv6. -If IPv4 addresses only are to be looked up then -.Fa af -should be set to -.Dv AF_INET , -otherwise it should be set to -.Dv AF_INET6 . -.Pp -There are three flags that can be set -.Bl -tag -width "AI_ADDRCONFIG" -.It Dv AI_V4MAPPED -Return IPv4 addresses if no IPv6 addresses are found. -This flag is ignored unless -.Fa af -is -.Dv AF_INET6 . -.It Dv AI_ALL -Return IPv4 addresses as well IPv6 addresses if -.Dv AI_V4MAPPED -is set. -This flag is ignored unless -.Fa af -is -.Dv AF_INET6 . -.It Dv AI_ADDRCONFIG -Only return addresses of a given type if the system has an active interface -with that type. -.El -.Pp -Also -.Dv AI_DEFAULT -is defined to be -.Dv (AI_V4MAPPED|AI_ADDRCONFIG) . -.Pp -.Fn Getipnodebyaddr -will lookup IPv4 mapped and compatible addresses in the IPv4 name -space and IPv6 name space -.Pp -.Fn Freehostent -frees the hostent structure allocated be -.Fn getipnodebyname -and -.Fn getipnodebyaddr . -The structures returned by -.Fn gethostbyname , -.Fn gethostbyname2 , -.Fn gethostbyaddr -and -.Fn gethostent -should not be passed to -.Fn freehostent -as they are pointers to static areas. -.Sh ENVIRONMENT -.Bl -tag -width "HOSTALIASES " -compact -.It Ev HOSTALIASES -Name of file containing -.Pq Ar host alias , full hostname -pairs. -.El -.Sh FILES -.Bl -tag -width "HOSTALIASES " -compact -.It Pa /etc/hosts -See -.Xr hosts @FORMAT_EXT@ . -.El -.Sh DIAGNOSTICS -.Pp -Error return status from -.Fn getipnodebyname -and -.Fn getipnodebyaddr -is indicated by return of a null pointer. -In this case -.Ft error -may then be checked to see whether this is a temporary failure -or an invalid or unknown host. -.Ft errno -can have the following values: -.Bl -tag -width "HOST_NOT_FOUND " -offset indent -.It Dv NETDB_INTERNAL -This indicates an internal error in the library, unrelated to the network -or name service. -.Ft errno -will be valid in this case; see -.Xr perror @SYSCALL_EXT@ . -.It Dv HOST_NOT_FOUND -No such host is known. -.It Dv TRY_AGAIN -This is usually a temporary error -and means that the local server did not receive -a response from an authoritative server. -A retry at some later time may succeed. -.It Dv NO_RECOVERY -Some unexpected server failure was encountered. -This is a non-recoverable error, as one might expect. -.It Dv NO_ADDRESS -The requested name is valid but does not have an IP address; -this is not a temporary error. -This means that the name is known to the name server but there is no address -associated with this name. -Another type of request to the name server using this domain name -will result in an answer; -for example, a mail-forwarder may be registered for this domain. -.El -.Sh SEE ALSO -.Xr hosts @FORMAT_EXT@ , -.Xr hostname @DESC_EXT@ , -.Xr @INDOT@named @SYS_OPS_EXT@ , -.Xr resolver @LIB_NETWORK_EXT@ , -.Xr resolver @FORMAT_EXT@ , -.Xr gethostbyname @LIB_NETWORK_EXT@ , -.Xr RFC2553 . diff --git a/contrib/bind/doc/man/getnameinfo.3 b/contrib/bind/doc/man/getnameinfo.3 deleted file mode 100644 index e80dc3651816..000000000000 --- a/contrib/bind/doc/man/getnameinfo.3 +++ /dev/null @@ -1,103 +0,0 @@ -.\" $Id: getnameinfo.3,v 8.2 2001/12/28 04:24:16 marka Exp $ -.\" -.\"Copyright (c) 1998,1999 by Internet Software Consortium -.\" -.\"Permission to use, copy, modify, and distribute this software for any -.\"purpose with or without fee is hereby granted, provided that the above -.\"copyright notice and this permission notice appear in all copies. -.\" -.\"THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\"ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\"OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\"CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\"DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\"PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\"ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\"SOFTWARE. -.\" -.Dd January 11, 1999 -.Dt GETRNAMEINFO @LIB_NETWORK_EXT@ -.Sh NAME -.Nm getnameinfo -.Nd address-to-name translation in protocol-independent manner -.Sh SYNOPSIS -.Fd #include <sys/socket.h> -.Fd #include <netdb.h> -.Ft int -.Fn getnameinfo "const struct sockaddr *sa" "socklen_t salen" \ -"char *host" "size_t hostlen" "char *serv" "size_t servlen" "int flags" -.Sh DESCRIPTION -The -.Fn getnameinfo -function is defined for protocol-independent address-to-nodename translation. -It performs functionality of -.Xr gethostbyaddr @LIB_NETWORK_EXT@ -and -.Xr getservbyport @LIB_NETWORK_EXT@ -in more sophisticated manner. -.Pp -The -.Fa sa -arguement is a pointer to a generic socket address structure of size -.Fa salen . -The arguements -.Fa host -and -.Fa serv -are pointers to buffers to hold the return values. -Their sizes are specified by -.Fa hostlen -and -.Fa servlen -repectively. -Either -.Fa host -or -.Fa serv -may be -.Dv NULL -if the hostname or service name is not required. -.Pp -The -.Fa flags -arguement modifies the behaviour of -.Fn getnameinfo -as follows: -.Pp -If -.Dv NI_NOFQDN -is set only the unqualified hostname is returned for local fully -qualified names. -.Pp -If -.Dv NI_NUMERICHOST -is set then the numeric form of the hostname is returned. -.Pp -If -.Dv NI_NAMEREQD -is set, then a error is returned if the hostname cannot be looked up. -.Pp -If -.Dv NI_NUMERICSERV -is set then the service is returned in numeric form. -.Pp -If -.Dv NI_DGRAM -is set then the service is UDP based rather than TCP based. -.Sh SEE ALSO -.Xr getaddrinfo @LIB_NETWORK_EXT@ , -.Xr gethostbyaddr @LIB_NETWORK_EXT@ , -.Xr getservbyport @LIB_NETWORK_EXT@ , -.Xr hosts @FORMAT_EXT@ , -.Xr services @FORMAT_EXT@ , -.Xr hostname @DESC_EXT@ , -.Xr named @SYS_OPS_EXT@ -.Pp -R. Gilligan, S. Thomson, J. Bound, and W. Stevens, -``Basic Socket Interface Extensions for IPv6,'' RFC2133, April 1997. -.Sh STANDARDS -The -.Fn getaddrinfo -function is defined IEEE POSIX 1003.1g draft specification, -and documented in ``Basic Socket Interface Extensions for IPv6'' -(RFC2133). diff --git a/contrib/bind/doc/man/getnetent.3 b/contrib/bind/doc/man/getnetent.3 deleted file mode 100644 index 0475256d1bee..000000000000 --- a/contrib/bind/doc/man/getnetent.3 +++ /dev/null @@ -1,154 +0,0 @@ -.\" $Id: getnetent.3,v 8.6 2001/12/28 04:24:17 marka Exp $ -.\" -.\"Copyright (c) 1995,1996,1999 by Internet Software Consortium -.\" -.\"Permission to use, copy, modify, and distribute this software for any -.\"purpose with or without fee is hereby granted, provided that the above -.\"copyright notice and this permission notice appear in all copies. -.\" -.\"THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\"ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\"OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\"CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\"DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\"PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\"ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\"SOFTWARE. -.\" -.Dd May 20, 1996 -.Dt GETNETENT @LIB_NETWORK_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm getnetent , -.Nm getnetbyaddr , -.Nm getnetbyname , -.Nm setnetent , -.Nm endnetent -.Nd get networks entry -.Sh SYNOPSIS -.Fd #include <netdb.h> -.Ft struct netent * -.Fn getnetent -.Ft struct netent * -.Fn getnetbyname "char name" -.Ft struct netent * -.Fn getnetbyaddr "unsigned long net" "int type" -.Ft void -.Fn setnetent "int stayopen" -.Ft void -.Fn endnetent -.Sh DESCRIPTION -The -.Fn getnetent , -.Fn getnetbyname , -and -.Fn getnetbyaddr -subroutines -each return a pointer to an object with the following structure -containing the broken-out fields of a line in the -.Pa networks -database. -.Bd -literal -offset indent -struct netent { - char *n_name; /* official name of net */ - char **n_aliases; /* alias list */ - int n_addrtype; /* net number type */ - long n_net; /* net number */ -}; -.Ed -.Pp -The members of this structure are: -.Bl -tag -width "n_addrtype" -.It n_name -The official name of the network. -.It n_aliases -A zero-terminated list of alternate names for the network. -.It n_addrtype -The type of the network number returned: -.Dv AF_INET . -.It n_net -The network number. Network numbers are returned in machine byte -order. -.El -.Pp -If the -.Fa stayopen -flag on a -.Fn setnetent -subroutine is NULL, the -.Pa networks -database is opened. Otherwise, the -.Fn setnetent -has the effect of rewinding the -.Pa networks -database. -The -.Fn endnetent -subroutine may be called to -close the -.Pa networks -database when processing is complete. -.Pp -The -.Fn getnetent -subroutine simply reads the next -line while -.Fn getnetbyname -and -.Fn getnetbyaddr -search until a matching -.Fa name -or -.Fa net -number is found -(or until -.Dv EOF -is encountered). The -.Fa type must be -.Dv AF_INET . -The -.Fn getnetent -subroutine keeps a pointer in the database, allowing -successive calls to be used to search the entire file. -.Pp -Before a -.Ic while -loop using -.Fn getnetent , -a call to -.Fn setnetent -must be made -in order to perform initialization; a call to -.Fn endnetent -must be used after the loop. Both -.Fn getnetbyname -and -.Fn getnetbyaddr -make calls to -.Fn setnetent -and -.Fn endnetent . -.Sh FILES -.Pa /etc/networks -.Sh DIAGNOSTICS -Null pointer (0) returned on -.Dv EOF -or error. -.Sh SEE ALSO -.Xr networks @FORMAT_EXT@ , -RFC 1101. -.Sh HISTORY -The -.Fn "getnetent" , -.Fn "getnetbyaddr" , -.Fn "getnetbyname" , -.Fn "setnetent" , -and -.Fn "endnetent" -functions appeared in -.Bx 4.2 . -.Sh BUGS -The data space used by these functions is static; if future use requires the -data, it should be copied before any subsequent calls to these functions -overwrite it. Only Internet network numbers are currently understood. -Expecting network numbers to fit in no more than 32 bits is probably naive. diff --git a/contrib/bind/doc/man/hesiod.3 b/contrib/bind/doc/man/hesiod.3 deleted file mode 100644 index 284b8f4f7178..000000000000 --- a/contrib/bind/doc/man/hesiod.3 +++ /dev/null @@ -1,129 +0,0 @@ -.\" $Id: hesiod.3,v 8.1 1999/04/12 02:47:00 vixie Exp $ -.\" -.\" Copyright 1988, 1996 by the Massachusetts Institute of Technology. -.\" -.\" Permission to use, copy, modify, and distribute this -.\" software and its documentation for any purpose and without -.\" fee is hereby granted, provided that the above copyright -.\" notice appear in all copies and that both that copyright -.\" notice and this permission notice appear in supporting -.\" documentation, and that the name of M.I.T. not be used in -.\" advertising or publicity pertaining to distribution of the -.\" software without specific, written prior permission. -.\" M.I.T. makes no representations about the suitability of -.\" this software for any purpose. It is provided "as is" -.\" without express or implied warranty. -.\" -.TH HESIOD 3 "30 November 1996" -.SH NAME -hesiod, hesiod_init, hesiod_resolve, hesiod_free_list, hesiod_to_bind, hesiod_end \- Hesiod name server interface library -.SH SYNOPSIS -.nf -.B #include <hesiod.h> -.PP -.B int hesiod_init(void **\fIcontext\fP) -.B char **hesiod_resolve(void *\fIcontext\fP, const char *\fIname\fP, -.B const char *\fItype\fP) -.B void hesiod_free_list(void *\fIcontext\fP, char **\fIlist\fP); -.B char *hesiod_to_bind(void *\fIcontext\fP, const char *\fIname\fP, -.B const char *\fItype\fP) -.B void hesiod_end(void *\fIcontext\fP) -.fi -.SH DESCRIPTION -This family of functions allows you to perform lookups of Hesiod -information, which is stored as text records in the Domain Name -Service. To perform lookups, you must first initialize a -.IR context , -an opaque object which stores information used internally by the -library between calls. -.I hesiod_init -initializes a context, storing a pointer to the context in the -location pointed to by the -.I context -argument. -.I hesiod_end -frees the resources used by a context. -.PP -.I hesiod_resolve -is the primary interface to the library. If successful, it returns a -list of one or more strings giving the records matching -.I name -and -.IR type . -The last element of the list is followed by a NULL pointer. It is the -caller's responsibility to call -.I hesiod_free_list -to free the resources used by the returned list. -.PP -.I hesiod_to_bind -converts -.I name -and -.I type -into the DNS name used by -.IR hesiod_resolve . -It is the caller's responsibility to free the returned string using -.IR free . -.SH RETURN VALUES -If successful, -.I hesiod_init -returns 0; otherwise it returns \-1 and sets -.I errno -to indicate the error. On failure, -.I hesiod_resolve -and -.I hesiod_to_bind -return NULL and set the global variable -.I errno -to indicate the error. -.SH ENVIRONMENT -If the environment variable -.B HES_DOMAIN -is set, it will override the domain in the Hesiod configuration file. -If the environment variable -.B HESIOD_CONFIG -is set, it specifies the location of the Hesiod configuration file. -.SH SEE ALSO -`Hesiod - Project Athena Technical Plan -- Name Service', named(8), -hesiod.conf(5) -.SH ERRORS -Hesiod calls may fail because of: -.IP ENOMEM -Insufficient memory was available to carry out the requested -operation. -.IP ENOEXEC -.I hesiod_init -failed because the Hesiod configuration file was invalid. -.IP ECONNREFUSED -.I hesiod_resolve -failed because no name server could be contacted to answer the query. -.IP EMSGSIZE -.I hesiod_resolve -failed because the query or response was too big to fit into the -packet buffers. -.IP ENOENT -.I hesiod_resolve -failed because the name server had no text records matching -.I name -and -.IR type , -or -.I hesiod_to_bind -failed because the -.I name -argument had a domain extension which could not be resolved with type -``rhs-extension'' in the local Hesiod domain. -.SH AUTHOR -Steve Dyer, IBM/Project Athena -.br -Greg Hudson, MIT Team Athena -.br -Copyright 1987, 1988, 1995, 1996 by the Massachusetts Institute of Technology. -.SH BUGS -The strings corresponding to the -.I errno -values set by the Hesiod functions are not particularly indicative of -what went wrong, especially for -.I ENOEXEC -and -.IR ENOENT . diff --git a/contrib/bind/doc/man/host.1 b/contrib/bind/doc/man/host.1 deleted file mode 100644 index 858bd6e7b863..000000000000 --- a/contrib/bind/doc/man/host.1 +++ /dev/null @@ -1,316 +0,0 @@ -.\" ++Copyright++ 1993 -.\" - -.\" Copyright (c) 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" - -.\" Portions Copyright (c) 1993 by Digital Equipment Corporation. -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies, and that -.\" the name of Digital Equipment Corporation not be used in advertising or -.\" publicity pertaining to distribution of the document or software without -.\" specific, written prior permission. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL -.\" WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT -.\" CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" - -.\" --Copyright-- -.\" $Id: host.1,v 8.7 2002/06/18 02:39:26 marka Exp $ -.Dd December 15, 1994 -.Dt HOST @CMD_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm host -.Nd look up host names using domain server -.Sh SYNOPSIS -.Nm host -.Op Fl l -.Op Fl v -.Op Fl w -.Op Fl r -.Op Fl d -.Op Fl t Ar querytype -.Op Fl a -.Ar host -.Op Ar server -.Sh DESCRIPTION -.Ic Host -looks for information about Internet hosts. It gets this information -from a set of interconnected servers that are spread across the -world. By default, it simply converts between host names and -Internet addresses. However, with the -.Dq Fl t -or -.Dq Fl a -options, it can be used -to find all of the information about this host that is maintained -by the domain server. -.Pp -The arguments can be either host names or host numbers. The program -first attempts to interpret them as host numbers. If this fails, -it will treat them as host names. A host number consists of -IPv4 dotted decimal quad (127.0.0.1) or IPv6 raw address (::1). -A host name consists of names separated by dots, e.g. topaz.rutgers.edu. -Unless the name ends in a dot, the local domain -is automatically tacked on the end. Thus, a Rutgers user can say -.Pp -.D1 Ic host topaz -.Pp -and it will actually look up "topaz.rutgers.edu". -If this fails, the name is tried unchanged (in this case, "topaz"). -This same convention is used for mail and other network utilities. -The actual suffix to tack on the end is obtained -by looking at the results of a -.Xr hostname @CMD_EXT@ -call, and using everything -starting at the first dot. (See below for a description of -.Sx CUSTOMIZING HOST NAME LOOKUP . ) -.Pp -The first argument is the host name you want to look up. -If this is a number, an -.Dq inverse query -is done, i.e. the domain -system looks in a separate set of databases used to convert numbers -to names. -.Pp -The second argument is optional. It -allows you to specify a particular server to query. If you don't -specify this argument, the default server (normally the local machine) -is used. -.Pp -If a name is specified, you may see output of three different kinds. -Here is an example that shows all of them: -.Pp -.D1 Ic % host sun4 -.Dl sun4.rutgers.edu is a nickname for ATHOS.RUTGERS.EDU -.Dl ATHOS.RUTGERS.EDU has address 128.6.5.46 -.Dl ATHOS.RUTGERS.EDU has address 128.6.4.4 -.Dl ATHOS.RUTGERS.EDU mail is handled by ARAMIS.RUTGERS.EDU -.Pp -The user has typed the command -.Dq Ic host sun4 . -The first line indicates that the name -.Dq Li sun4.rutgers.edu -is actually a nickname. The official host name is -.Dq Li ATHOS.RUTGERS.EDU . -The next two lines show the -address. If a system has more than one network interface, there -will be a separate address for each. The last line indicates -that -.Li ATHOS.RUTGERS.EDU -does not receive its own mail. Mail for -it is taken by -.Li ARAMIS.RUTGERS.EDU . -There may be more than one -such line, since some systems have more than one other system -that will handle mail for them. Technically, every system that -can receive mail is supposed to have an entry of this kind. If -the system receives its own mail, there should be an entry -the mentions the system itself; for example, -.Pp -.D1 Li XXX mail is handled by XXX -.Pp -However, many systems that receive -their own mail do not bother to mention that fact. If a system -has a -.Dq Li mail is handled by -entry, but no address, this indicates -that it is not really part of the Internet, but a system that is -on the network will forward mail to it. Systems on Usenet, Bitnet, -and a number of other networks have entries of this kind. -.Sh OPTIONS -There are a number of options that can be used before the -host name. Most of these options are meaningful only to the -staff who have to maintain the domain database. -.Bl -tag -width Fl -.It Fl w -This causes -.Ic host -to wait forever for a response. Normally -it will time out after approximate one minute. -.It Fl v -Use "verbose" format for printout. This -is the official domain master file format, which is documented -in the man page for -.Xr @INDOT@named @SYS_OPS_EXT@ . -Without this option, output still follows -this format in general terms, but some attempt is made to make it -more intelligible to normal users. Without -.Dq Fl v , -any "a", "mx", and "cname" records -are written out as "has address", "mail is handled by", and -"is a nickname for" (respectively), and TTL and class fields are not shown. -.It Fl r -Turn off recursion in the request. -This means that the name server will return only data it has in -its own database. It will not ask other servers for more -information. -.It Fl d -Turn on debugging. Network transactions are shown in detail. -.It Fl s -Chase signatures back to parent key (DNSSEC). -.It Fl t Ar querytype -Allows you to specify a particular -.Ar querytype -of information -to be looked up. The arguments are defined in the man page for -.Xr @INDOT@named @SYS_OPS_EXT@ . -Currently-supported types include: -.Dq Cm a , -.Dq Cm aaaa , -.Dq Cm ns , -.Dq Cm md , -.Dq Cm mf , -.Dq Cm cname , -.Dq Cm soa , -.Dq Cm mb , -.Dq Cm mg , -.Dq Cm mr , -.Dq Cm null , -.Dq Cm wks , -.Dq Cm ptr , -.Dq Cm hinfo , -.Dq Cm minfo , -.Dq Cm mx , -.Dq Cm uinfo , -.Dq Cm uid , -.Dq Cm gid , -.Dq Cm unspec . -Additionally, the wildcard, which may be written -as either -.Dq Cm any -or -.Dq Cm * , -can be used to specify any (all) of the above types. -Types must be given in lower case. -Note that the default is to look first for -.Dq Cm a , -and then -.Dq Cm mx , -except that if the verbose option is turned on, the default is only -.Dq Cm a . -The -.Dq Fl t -option is particularly useful for filtering information returned by -.Ic host ; -see the explanation of the -.Dq Fl l -option, below, for more information. -.It Fl a -.Dq all ; -this is equivalent to -.Dq Fl v Fl t Cm any . -.It Fl l -List a complete domain; e.g.: -.Pp -.D1 Ic host -l rutgers.edu -.Pp -will give a listing of all hosts in the rutgers.edu domain. The -.Dq Fl t -option is used to filter what information is presented, as you -would expect. The default is address information, which also -include PTR and NS records. The command -.Pp -.D1 Ic host -l -v -t any rutgers.edu -.Pp -will give a complete download of the zone data for rutgers.edu, -in the official master file format. (However the SOA record is -listed twice, for arcane reasons.) -.Pp -.Sy NOTE : -.Dq Fl l -is implemented by -doing a complete zone transfer and then filtering out the information -the you have asked for. This command should be used only if it -is absolutely necessary. -.El -.Sh CUSTOMIZING HOST NAME LOOKUP -In general, if the name supplied by the user does not -have any dots in it, a default domain is appended to the end. -This domain can be defined in -.Pa /etc/resolv.conf , -but is normally derived -by taking the local hostname after its first dot. The user can override -this, and specify a different default domain, using the environment -variable -.Ev LOCALDOMAIN . -In addition, the user can supply his own abbreviations for host names. -They should be in a file consisting of one line per abbreviation. -Each line contains an abbreviation, a space, and then the full -host name. The name file must be contained in the -.Ev HOSTALIASES -environment variable. -.Sh ENVIRONMENT -.Bl -tag -width "/etc/resolv.conf " -compact -.It Ev HOSTALIASES -Name of file containing -.Pq Ar host alias , full hostname -pairs. -.El -.Sh FILES -.Bl -tag -width "/etc/resolv.conf " -compact -.It Pa /etc/resolv.conf -See -.Xr resolver @FORMAT_EXT@ . -.El -.Sh SEE ALSO -.Xr @INDOT@named @SYS_OPS_EXT@ , -.Xr resolver @FORMAT_EXT@ . -.Sh BUGS -Unexpected effects can happen when you type a name that is not -part of the local domain. Please always keep in mind the -fact that the local domain name is tacked onto the end of every -name, unless it ends in a dot. Only if this fails is the name -used unchanged. -.Pp -The -.Dq Fl l -option only tries the first name server listed for the -domain that you have requested. If this server is dead, you -may need to specify a server manually. E.g., to get a listing -of foo.edu, you could try -.Pp -.D1 Ic host -t ns foo.edu -.Pp -to get a list of all the name servers for foo.edu, and then try -.Pp -.D1 Ic host -l foo.edu xxx -.Pp -for all -.Dq Ic xxx -on the list of name servers, until you find one that works. diff --git a/contrib/bind/doc/man/hostname.7 b/contrib/bind/doc/man/hostname.7 deleted file mode 100644 index 1c5a2561c15f..000000000000 --- a/contrib/bind/doc/man/hostname.7 +++ /dev/null @@ -1,168 +0,0 @@ -.\" Copyright (c) 1987 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)hostname.7 6.4 (Berkeley) 1/16/90 -.\" -.Dd February 16, 1994 -.Dt HOSTNAME @DESC_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm hostname -.Nd host name resolution description -.Sh DESCRIPTION -Hostnames are domains. A domain is a hierarchical, dot-separated list -of subdomains. For example, the machine -.Dq Li monet , -in the -.Dq Li Berkeley -subdomain of the -.Dq Li EDU -subdomain of the Internet Domain Name System would be represented as -.Pp -.Dl monet.Berkeley.EDU -.Pp -(with no trailing dot). -.Pp -Hostnames are often used with network client and server programs, -which must generally translate the name to an address for use. -(This task is usually performed by the library routine -.Xr gethostbyname @LIB_NETWORK_EXT@ . ) -The default method for resolving hostnames by the Internet name resolver is -to follow RFC 1535's security recommendations. Actions can be taken -by the administrator to override these recommendations and to have the -resolver behave the same as earlier, non-RFC 1535 -resolvers. -.Pp -The default method (using RFC 1535 guidelines) follows: -.Pp -If the name consists of a single component, i.e. contains no dot, and if the -environment variable -.Dq Ev HOSTALIASES -is set to the name of a file, -that file is searched for a string matching the input hostname. The file -should consist of lines made up of two strings separated by white-space, the -first of which is the hostname alias, and the second of which is the complete -hostname to be substituted for that alias. If a case-insensitive match is -found between the hostname to be resolved and the first field of a line in -the file, the substituted name is looked up with no further processing. -.Pp -If there is at least one dot in the name, then the name is first tried -.Dq as-is . -The number of dots to cause this action is configurable by setting the -threshold using the -.Dq Li ndots -option in -.Pa /etc/resolv.conf -(default: 1). If the name ends with a dot, the trailing dot is -removed, and the remaining name is looked up (regardless of the setting of -the -.Li ndots -option), without further processing. -.Pp -If the input name does not end with a trailing dot, it is looked up by -searching through a list of domains until a match is found. If neither the -search option in the -.Pa /etc/resolv.conf -file or the -.Dq Ev LOCALDOMAIN -environment variable is used, then the -search list of domains contains only the full domain specified by the -.Li domain -option (in -.Pa /etc/resolv.conf ) -or the domain used in the local hostname (see -.Xr hostname @CMD_EXT@ -and -.Xr resolver @FORMAT_EXT@ ) . -For example, if the -.Dq Li domain -option is set to -.Li CS.Berkeley.EDU , -then only -.Li CS.Berkeley.EDU -will be in the search list, and this will be the only -domain appended to the partial hostname. For example, if -.Dq Li lithium -is the name to be resolved, this would make -.Li lithium.CS.Berkeley.EDU -the only name to be tried using the search list. -.Pp -If the -.Li search -option is used in -.Pa /etc/resolv.conf -or the environment variable -.Dq Ev LOCALDOMAIN -is set by the user, then -the search list will include what is set by these methods. For -example, if the -.Dq Li search -option contained -.Pp -.Dl CS.Berkeley.EDU CChem.Berkeley.EDU Berkeley.EDU -.Pp -then the partial hostname (e.g., -.Dq Li lithium ) -will be tried with -.Em each -domain name appended (in the same order specified); the resulting hostnames -that would be tried are: -.Bd -literal -offset indent -lithium.CS.Berkeley.EDU -lithium.CChem.Berkeley.EDU -lithium.Berkeley.EDU -.Ed -.Pp -The environment variable -.Dq Ev LOCALDOMAIN -overrides the -.Dq Li search -and -.Dq Li domain -options, and if both -.Li search -and -.Li domain -options are present in the resolver configuration file, then only the -.Em last -one listed is used (see -.Xr resolver @FORMAT_EXT@ ) . -.Pp -If the name was not previously tried -.Dq as-is -(i.e., it fell below the -.Dq Li ndots -threshold or did not contain a dot), then the name as -originally provided is attempted. -.Sh ENVIRONMENT -.Bl -tag -width "/etc/resolv.conf " -.It Ev LOCALDOMAIN -Affects domains appended to partial hostnames. -.It Ev HOSTALIASES -Name of file containing -.Pq Ar host alias , full hostname -pairs. -.El -.Sh FILES -.Bl -tag -width "/etc/resolv.conf " -compact -.It Pa /etc/resolv.conf -See -.Xr resolve @FORMAT_EXT@ . -.El -.Sh SEE ALSO -.Xr gethostbyname @LIB_NETWORK_EXT@ , -.Xr resolver @FORMAT_EXT@ , -.Xr mailaddr @DESC_EXT@ , -.Xr @INDOT@named @SYS_OPS_EXT@ . diff --git a/contrib/bind/doc/man/inet_cidr.3 b/contrib/bind/doc/man/inet_cidr.3 deleted file mode 100644 index 0bed686d2a08..000000000000 --- a/contrib/bind/doc/man/inet_cidr.3 +++ /dev/null @@ -1,94 +0,0 @@ -.\" $Id: inet_cidr.3,v 8.3 2001/08/08 07:50:06 marka Exp $ -.\" -.\"Copyright (c) 1998,1999 by Internet Software Consortium -.\" -.\"Permission to use, copy, modify, and distribute this software for any -.\"purpose with or without fee is hereby granted, provided that the above -.\"copyright notice and this permission notice appear in all copies. -.\" -.\"THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\"ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\"OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\"CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\"DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\"PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\"ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\"SOFTWARE. -.\" -.Dd October 19, 1998 -.Dt INET_CIDR @LIB_NETWORK_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm inet_cidr_ntop , -.Nm inet_cidr_pton -.Nd network translation routines -.Sh SYNOPSIS -.Fd #include <sys/types.h> -.Fd #include <sys/socket.h> -.Fd #include <netinet/in.h> -.Fd #include <arpa/inet.h> -.Fn inet_cidr_ntop "int af" "const void *src" "int bits" "char *dst" "size_t size" -.Fn inet_cidr_pton "int af" "const char *src" "void *dst" "int *bits" -.Sh DESCRIPTION -These routines are used for converting addresses to and from network and -presentation forms with CIDR (Classless Inter-Domain Routing) representation, -embedded net mask. -.Pp -.Bd -literal - 130.155.16.1/20 -.Ed -.\" ::ffff:130.155.16.1/116 -.Pp -.Fn inet_cidr_ntop -converts an address from network to presentation format. -.Pp -.Ft af -describes the type of address that is being passed in -.Ft src . -.\"Currently defined types are AF_INET and AF_INET6. -Currently only AF_INET is supported. -.Pp -.Ft src -is an address in network byte order, its length is determined from -.Ft af . -.Pp -.Ft bits -specifies the number of bits in the netmask unless it is -1 in which case -the CIDR representation is omitted. -.Pp -.Ft dst -is a caller supplied buffer of at least -.Ft size -bytes. -.Pp -.Fn inet_cidr_ntop -returns -.Ft dst -on success or NULL. -Check errno for reason. -.Pp -.Fn inet_cidr_pton -converts and address from presentation format, with optional CIDR -reperesentation, to network format. -The resulting address is zero filled if there were insufficint bits in -.Ft src . -.Pp -.Ft af -describes the type of address that is being passed in via -.Ft src -and determines the size of -.Ft dst . -.Pp -.Ft src -is an address in presentation format. -.Pp -.Ft bits -returns the number of bits in the netmask or -1 if a CIDR representation was -not supplied. -.Pp -.Fn inet_cidr_pton -returns 0 on succces or -1 on error. -Check errno for reason. -ENOENT indicates an invalid netmask. -.Sh SEE ALSO -.Xr intro 2 diff --git a/contrib/bind/doc/man/irs.conf.5 b/contrib/bind/doc/man/irs.conf.5 deleted file mode 100644 index 9ee5882f01c4..000000000000 --- a/contrib/bind/doc/man/irs.conf.5 +++ /dev/null @@ -1,201 +0,0 @@ -.\" Copyright (c) 1996,1999 by Internet Software Consortium -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" -.\" Copyright (c) 1986, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: irs.conf.5,v 8.4 1999/01/18 07:46:45 vixie Exp $ -.\" -.Dd November 16, 1997 -.Dt IRS.CONF 5 -.Os BIND 8.1 -.Sh NAME -.Nm irs.conf -.Nd Information Retrieval System configuration file -.Sh SYNOPSIS -.Nm irs.conf -.Sh DESCRIPTION -The -.Xr irs 3 -functions are a set of routines in the C library which provide access to -various system maps. -The maps that irs currently controls are the following: passwd, group, -services, protocols, hosts, networks and netgroup. -When a program first calls a function that accesses one of these maps, -the irs configuration file is read, -and the source of each map is determined for the life of the process. -.Pp -If this file does not exist, -the irs routines default to using local sources for all information, -with the exception of the host and networks maps, -which use the Domain Name System (DNS). -.Pp -Each record in the file consists of one line. -A record consists of a map-name, an access-method and possibly a (comma -delimited) set of options, -separated by tabs or spaces. -Blank lines, and text between a # and a newline are ignored. -.Pp -Available maps: -.Bd -literal -offset indent -Map name Information in map -========= ================================== -passwd User authentication information -group User group membership information -services Network services directory -protocols Network protocols directory -hosts Network hosts directory -networks Network "network names" directory -netgroup Network "host groups" directory -.Ed -.Pp -Available access methods: -.Bd -literal -offset indent -Access method Description -============= ================================================= -local Use a local file, usually in /etc -dns Use the domain name service (includes hesiod) -nis Use the Sun-compatible Network Information Service -irp Use the IRP daemon on the localhost. -.Ed -.Pp -Available options: -.Bd -literal -offset indent -Option Description -======== ================================================ -continue don't stop searching if you can't find something -merge don't stop searching if you CAN find something -.Ed -.Pp -The continue option creates -.Dq "union namespaces" -whereby subsequent access methods of the same map type can be tried -if a name cannot be found using earlier access methods. -This can be quite confusing in the case of host names, -since the name to address and address to name mappings can be visibly -asymmetric even though the data used by any given access method is -entirely consistent. This behavior is, therefore, not the default. -.Pp -The merge option only affects lookups in the groups map. -If set, subsequent access methods will be tried in order to cause -local users to appear in NIS (or other remote) groups in addition -to the local groups. -.Sh EXAMPLE -.Bd -literal -offset indent -# Get password entries from local file, or failing that, NIS -passwd local continue -passwd nis - -# Build group membership from both local file, and NIS. -group local continue,merge -group nis - -# Services comes from just the local file. -services local - -protocols local - -# Hosts comes first from DNS, failing that, the local file -hosts dns continue -hosts local - -# Networks comes first from the local file, and failing -# that the, irp daemon -networks local continue -networks irp - -netgroup local -.Ed -.Sh NOTES -If a local user needs to be in the local host's -.Dq wheel -group but not in every host's -.Dq wheel -group, put them in the local host's -.Pa /etc/group -.Dq wheel -entry and set up the -.Dq groups -portion of your -.Pa /etc/irs.conf -file as: -.Bd -literal -offset indent -group local continue,merge -group nis -.Ed -.Pp -NIS takes a long time to time out. -Especially for hosts if you use the -.Fl d -option to your server's -.Dq ypserv -daemon. -.Pp -It is important that the -.Pa irs.conf -file contain an entry for each map. -If a map is not mentioned in the -.Pa irs.conf -file, all queries to that map will fail. -.Pp -The classic NIS mechanism for specifying union namespaces is to add an entry -to a local map file whose name is ``+''. In IRS, this is done via ``continue'' -and/or ``merge'' map options. While this results in a small incompatibility -when local map files are imported from non-IRS systems to IRS systems, there -are compensating advantages in security and configurability. -.Sh FILES -.Bl -tag -width /etc/irs.confXXXX -compact -.It Pa /etc/irs.conf -The file -.Nm irs.conf -resides in -.Pa /etc . -.El -.Sh SEE ALSO -.Xr groups 5 , -.Xr hosts 5 , -.Xr netgroup 5 , -.Xr networks 5 , -.Xr passwd 5 , -.Xr protocols 5 , -.Xr services 5 diff --git a/contrib/bind/doc/man/mailaddr.7 b/contrib/bind/doc/man/mailaddr.7 deleted file mode 100644 index f194321f0833..000000000000 --- a/contrib/bind/doc/man/mailaddr.7 +++ /dev/null @@ -1,179 +0,0 @@ -.\" Copyright (c) 1983, 1987 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)mailaddr.7 6.5 (Berkeley) 2/14/89 -.\" -.Dd February 14, 1989 -.Dt MAILADDR @DESC_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm mailaddr -.Nd mail addressing description -.Sh DESCRIPTION -Mail addresses are based on the ARPANET protocol listed at the end of this -manual page. These addresses are in the general format -.Pp -.Bd -ragged -offset indent-two -.Li user@domain -.Ed -.Pp -where a domain is a hierarchical, dot-separated list of subdomains. For -example, the address -.Pp -.Bd -ragged -offset indent-two -.Li eric@monet.berkeley.edu -.Ed -.Pp -is normally interpreted from right to left: the message should go to the -ARPA name tables (which do not correspond exactly to the physical ARPANET), -then to the Berkeley gateway, after which it should go to the local host -.Dq Li monet . -When the message reaches -.Li monet , -it is delivered to the user -.Dq Li eric . -.Pp -Unlike some other forms of addressing, this does not imply any routing. -Thus, although this address is specified as an ARPA address, it might -travel by an alternate route if that were more convenient or efficient. -For example, at Berkeley, the associated message would probably go directly -to -.Li monet -over the Ethernet rather than going via the Berkeley ARPANET gateway. -.Ss Abbreviation -.Pp -Under certain circumstances, it may not be necessary to type the entire -domain name. In general, anything following the first dot may be omitted -if it is the same as the domain from which you are sending the message. -For example, a user on -.Dq Li calder.berkeley.edu -could send to -.Dq Li eric@monet -without adding the -.Dq Li berkeley.edu -since it is the same on both sending and receiving hosts. -.Pp -Certain other abbreviations may be permitted as special cases. For -example, at Berkeley, ARPANET hosts may be referenced without adding the -.Dq Li berkeley.edu -as long as their names do not conflict with a local host name. -.Ss Compatibility -.Pp -Certain old address formats are converted to the new format to provide -compatibility with the previous mail system. In particular, -.Bd -ragged -offset indent-two -.Li user@host.ARPA -.Ed -.Pp -is allowed and -.Bd -ragged -offset indent-two -.Li host:user -.Ed -.Pp -is converted to -.Bd -ragged -offset indent-two -.Li user@host -.Ed -.Pp -in order to be consistent with the -.Xr rcp @CMD_EXT@ -command. -.Pp -Also, the syntax -.Bd -ragged -offset indent-two -.Li host!user -.Ed -.Pp -is converted to: -.Bd -ragged -offset indent-two -.Li user@host.UUCP -.Ed -.Pp -This is normally converted back to the -.Dq Li host!user -form before being sent on, for compatibility with older UUCP hosts. -.Pp -The current implementation is not able to route messages automatically through -the UUCP network. Until that time you must explicitly tell the mail system -which hosts to send your message through to get to your final destination. -.Ss Case Distinctions -.Pp -Domain names (i.e., anything after the -.Dq Li @ -sign) may be given in any mixture -of upper and lower case with the exception of UUCP hostnames. Most hosts -accept any combination of case in user names, with the notable exception of -MULTICS sites. -.Ss Route-addrs. -.Pp -Under some circumstances it may be necessary to route a message through -several hosts to get it to the final destination. Normally this routing -is done automatically, but sometimes it is desirable to route the message -manually. Addresses which show these relays are termed -.Dq route-addrs . -These use the syntax: -.Bd -ragged -offset indent-two -.Li <@hosta,@hostb:user@hostc> -.Ed -.Pp -This specifies that the message should be sent to -.Li hosta , -from there to -.Li hostb , -and finally to -.Li hostc . -This path is forced even if there is a more efficient path to -.Li hostc . -.Pp -Route-addrs occur frequently on return addresses, since these are generally -augmented by the software at each host. It is generally possible to ignore -all but the -.Dq Li user@domain -part of the address to determine the actual sender. -.Ss Postmaster -.Pp -Every site is required to have a user or user alias designated -.Dq Li postmaster -to which problems with the mail system may be addressed. -.Ss Other Networks -.Pp -Some other networks can be reached by giving the name of the network as the -last component of the domain. -.Em This is not a standard feature -and may -.Em not -be supported at all sites. For example, messages to CSNET or BITNET sites -can often be sent to -.Dq Li user@host.CSNET -or -.Dq Li user@host.BITNET , -respectively. -.Sh BUGS -The RFC822 group syntax -.Pq Dq Li group:user1,user2,user3; -is not supported except in the special case of -.Dq LI group:; -because of a conflict with old berknet-style addresses. -.Pp -Route-Address syntax is grotty. -.Pp -UUCP- and ARPANET-style addresses do not coexist politely. -.Sh SEE ALSO -.Xr mail @CMD_EXT@ , -.Xr sendmail @SYS_OPS_EXT@ ; -Crocker, D. H., RFC822, -.Do -Standard for the Format of Arpa Internet Text Messages -.Dc . diff --git a/contrib/bind/doc/man/mkdep.1 b/contrib/bind/doc/man/mkdep.1 deleted file mode 100644 index bf46eafe2f87..000000000000 --- a/contrib/bind/doc/man/mkdep.1 +++ /dev/null @@ -1,82 +0,0 @@ -.\" Copyright (c) 1987 Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)mkdep.1 5.8 (Berkeley) 10/24/88 -.\" -.Dd October 24, 1988 -.Dt MKDEP @CMD_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm mkdep -.Nd construct Makefile dependency list -.Sh SYNOPSIS -.Nm mkdep -.Op Fl ap -.Op Fl f Ar depend_file -.Op Ar flags -.Ar -.Sh DESCRIPTION -.Ic Mkdep -takes a set of flags for the C compiler and a list -of C source files as arguments and constructs a set of -.Li include -file dependencies which are written into the file -.Pa depend_file , -or -.Dq Pa .depend -by default. An example of its use in a -.Pa Makefile -might be: -.Bd -literal -offset indent -CFLAGS= -O -DDEBUG -I../include -I. -SRCS= file1.c file2.c - -depend: - mkdep ${CFLAGS} ${SRCS} -.Ed -.Pp -where the macro -.Dq Li SRCS -is the list of C source files and the macro -.Dq Li CFLAGS -is the list of flags for the C compiler. -.Pp -If the -.Dq Fl p -option is provided, -.Ic mkdep -produces dependencies -of the form -.Dq Li program: program.c -so that subsequent calls to -.Xr make @CMD_EXT@ -will produce -.Dq Pa program -directly from its C module rather than using an intermediate -.Dq Pa \&.o -module. This is useful in directories which -contain many programs, each of whose source is contained in a single -C module. -.Pp -The -.Dq Fl a -option causes appending to the output file, so that multiple -.Ic mkdep Ns 's -may be run from a single -.Pa Makefile . -.Sh SEE ALSO -.Xr cc @CMD_EXT@ , -.Xr cpp @CMD_EXT@ , -.Xr make @CMD_EXT@ . diff --git a/contrib/bind/doc/man/named-bootconf.8 b/contrib/bind/doc/man/named-bootconf.8 deleted file mode 100644 index 2798637baee8..000000000000 --- a/contrib/bind/doc/man/named-bootconf.8 +++ /dev/null @@ -1,69 +0,0 @@ -.\" $NetBSD: named-bootconf.8,v 1.1 1998/11/19 21:11:45 tron Exp $ -.\" -.\" Copyright (c) 1998 The NetBSD Foundation, Inc. -.\" All rights reserved. -.\" -.\" This documentation is derived from software contributed to The NetBSD -.\" Foundation by Matthias Scheler. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the NetBSD -.\" Foundation, Inc. and its contributors. -.\" 4. Neither the name of The NetBSD Foundation nor the names of its -.\" contributors may be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS -.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS -.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. -.\" -.\" Copyright (c) 1999 by Internet Software Consortium -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.Dd November 19, 1998 -.Dt NAMED-BOOTCONF 8 -.Os NetBSD -.Sh NAME -.Nm named-bootconf -.Nd convert name server configuration files -.Sh SYNOPSIS -.Nm -.Sh DESCRIPTION -.Nm -converts named configuration files from BIND 4 format to BIND 8 format. -.Sh EXAMPLES -named-bootconf < named.boot > named.conf -.Sh BUGS -Comments from the source file will not always appear at the appropriate place -in the target file. -.Sh SEE ALSO -.Xr named 8 , -.Xr named.conf 5 diff --git a/contrib/bind/doc/man/named-xfer.8 b/contrib/bind/doc/man/named-xfer.8 deleted file mode 100644 index 7d73b0f757fd..000000000000 --- a/contrib/bind/doc/man/named-xfer.8 +++ /dev/null @@ -1,183 +0,0 @@ -.\" ++Copyright++ 1985 -.\" - -.\" Copyright (c) 1985 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" - -.\" Portions Copyright (c) 1993 by Digital Equipment Corporation. -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies, and that -.\" the name of Digital Equipment Corporation not be used in advertising or -.\" publicity pertaining to distribution of the document or software without -.\" specific, written prior permission. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL -.\" WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT -.\" CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" - -.\" Portions Copyright (c) 1999 by Check Point Software Technologies, Inc. -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies, and that -.\" the name of Check Point Software Technologies Incorporated not be used -.\" in advertising or publicity pertaining to distribution of the document -.\" or software without specific, written prior permission. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND CHECK POINT SOFTWARE TECHNOLOGIES -.\" INCORPORATED DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, -.\" INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. -.\" IN NO EVENT SHALL CHECK POINT SOFTWARE TECHNOLOGIES INCORPRATED -.\" BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR -.\" ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER -.\" IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT -.\" OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.\" --Copyright-- -.\" -.\" from named.8 6.6 (Berkeley) 2/14/89 -.\" -.Dd June 26, 1993 -.Dt @XFER_INDOT_U@NAMED-XFER @SYS_OPS_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm @XFER_INDOT@named-xfer -.Nd ancillary agent for inbound zone transfers -.Sh SYNOPSIS -.Nm named-xfer -.Fl z Ar zone_to_transfer -.Fl f Ar db_file -.Fl s Ar serial_no -.Op Fl d Ar debuglevel -.Op Fl l Ar debug_log_file -.Op Fl i Ar ixfr_file -.Op Fl t Ar trace_file -.Op Fl p Ar port# -.Op Fl S -.Ar nameserver -.Op Sy axfr | ixfr -.Sh DESCRIPTION -.Ic Named-xfer -is an ancillary program executed by -.Xr @INDOT@named @SYS_OPS_EXT@ -to perform an inbound zone transfer. It is rarely executed directly, and then -only by system administrators who are trying to debug a zone transfer problem. -See RFC's 1033, 1034, and 1035 for more information on the Internet -name-domain system. -.Pp -Options are: -.Bl -tag -width Fl -.It Fl z Ar zone_to_transfer -specifies the name of the zone to be transferred. -.It Fl f Ar db_file -specifies the name of the -.Ar db_file -into which the zone should be dumped -when it is received from the primary server. -.It Fl s Ar serial_no -specifies the serial number of our current copy of this zone. If the -.Sy SOA RR -we get from the primary server does not have a serial -number higher than this, the transfer will be aborted. -.It Fl d Ar debuglevel -Print debugging information. -The -.Ar debuglevel -is a number determines the level of messages printed. -.It Fl l Ar debug_log_file -Specifies a log file for debugging messages. The default is system- -dependent but is usually in -.Pa /var/tmp -or -.Pa /usr/tmp . -Note that this only applies if -.Dq Fl d -is also specified. -.It Fl i Ar ixfr_file -Specifies the name of the -.Ar ixfr_file -into which the zone changes from Incremental Zone Transfer (IXFR) -should be dumped when it is received from the primary server. -.It Fl t Ar trace_file -Specifies a -.Ar trace_file -which will contain a protocol trace of the zone -transfer. This is probably only of interest to people debugging the name -server itself. -.It Fl p Ar port# -Use a different port number. The default is the standard port number -as returned by -.Xr getservbyname @LIB_NETWORK_EXT@ -for the service -.Dq Li domain . -.It Fl S -Perform a restricted transfer of only the SOA, NS records and glue A records -for the zone. The SOA record will not be loaded by -.Xr @INDOT@named @SYS_OPS_EXT@ -but will be used to -determine when to verify the NS records. See the -.Dq Li stubs -directive in -.Xr @INDOT@named @SYS_OPS_EXT@ -for more information. -.El -.Pp -Additional arguments are taken as name server addresses in so-called -.Dq dotted-quad -syntax -.Em only ; -no host name are allowed here. At least one address must be specified. -Any additional addresses will be tried, in order, if the first one fails -to transfer to us successfully. -The -.Sy axfr -or -.Sy ixfr -after name server address designates the type of zone transfer to perform. -Use -.Sy axfr -for a full zone transfer or -.Sy ixfr -for an incremental zone transfer. -.Sh SEE ALSO -.Xr hostname @DESC_EXT@ , -.Xr @INDOT@named @SYS_OPS_EXT@ , -.Xr resolver @LIB_NETWORK_EXT@ , -.Xr resolver @FORMAT_EXT@ , -RFC 882, RFC 883, RFC 973, RFC 974, RFC 1033, RFC 1034, RFC 1035, -RFC 1123, RFC 1995 -.Dq Name Server Operations Guide for Sy BIND . diff --git a/contrib/bind/doc/man/named.8 b/contrib/bind/doc/man/named.8 deleted file mode 100644 index 882cea14d1ce..000000000000 --- a/contrib/bind/doc/man/named.8 +++ /dev/null @@ -1,445 +0,0 @@ -.\" ++Copyright++ 1985, 1996 -.\" - -.\" Copyright (c) 1985, 1996 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" - -.\" Portions Copyright (c) 1993 by Digital Equipment Corporation. -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies, and that -.\" the name of Digital Equipment Corporation not be used in advertising or -.\" publicity pertaining to distribution of the document or software without -.\" specific, written prior permission. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL -.\" WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT -.\" CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" - -.\" --Copyright-- -.\" -.\" @(#)named.8 6.6 (Berkeley) 2/14/89 -.\" -.Dd February 1, 1996 -.Dt @INDOT_U@named @SYS_OPS_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm @INDOT@named -.Nd Internet domain name server (DNS) -.Sh SYNOPSIS -.Nm @INDOT@named -.Op Fl d Ar debuglevel -.Op Fl p Ar port# -.Oo Fl Po -.Cm b Ns \&| Ns Cm c -.Pc -.Ar config_file -.Oc -.Op Fl f q r v -.Op Fl u Ar user_name -.Op Fl g Ar group_name -.Op Fl t Ar directory -.Op Fl w Ar directory -.Op Ar config_file -.Sh DESCRIPTION -.Ic Named -is the Internet domain name server. -See RFC's 1033, 1034, and 1035 for more information on the Internet -name-domain system. Without any arguments, -.Ic named -will read the default configuration file -.Pa /etc/named.conf , -read any initial data, and listen for queries. A -.Ar config_file -argument given at the end of the command line will override any -.Ar config_file -specified by using the -.Dq Fl b -or -.Dq Fl c -flags. -.Pp -.Sy NOTE : -Several of -.Nm named Ns 's -options, and much more of its behaviour, can be controlled in the configuration -file. Please refer to the configuration file guide included with this -.Sy BIND -distribution for further information. -.Pp -Options are: -.Bl -tag -width Fl -.It Fl d Ar debuglevel -Print debugging information. -The -.Ar debuglevel -is a number determines the level of messages printed. If negative, -.Ar debuglevel -is set to -.Dq 1 . -.Pp -.Sy NOTE : -The new debugging framework is considerably more sophisticated than it -was in older versions of -.Nm @INDOT@named . -The configuration file's -.Dq Li logging -statement allows for multiple, distinct levels of debugging for each of -a large set of categories of events (such as queries, transfers in or out, -etc.). Please refer to the configuration file guide included with this -.Sy BIND -distribution for further information about these extensive new capabilities. -.It Fl p Ar port# -Use the specified remote port number; this is the port number to which -.Nm @INDOT@named -will send queries. The default value is the standard port number, i.e., -the port number returned by -.Xr getservbyname @LIB_NETWORK_EXT@ -for service -.Dq Li domain . -.Pp -.Sy NOTE : -Previously, the syntax -.Dq Fl p Ar port# Ns Op Ar \&/localport# -was supported; the first port was that used when contacting -.Em remote -servers, and the second one was the service port bound by the -.Em local -instance of -.Nm @INDOT_U@named . -The current usage is equivalent to the old usage without the -.Ar localport# -specified; this functionality can be specified with the -.Dq Li listen-on -clause of the configuration file's -.Dq Li options -statement. -.It Xo Fl Po -.Cm b Ns \&| Ns Cm c -.Pc Ar config_file -.Xc -Use an alternate -.Ar config_file ; -this argument is overridden by any -.Ar config_file -which is specified at the end of the command line. -The default value is -.Pa /etc/named.conf . -.It Fl f -Run this process in the foreground; don't -.Xr fork @SYSCALL_EXT@ -and daemonize. (The default is to daemonize.) -.It Fl q -Trace all incoming queries if -.Nm @INDOT_U@named -has been compiled with -.Li QRYLOG -defined. -.Pp -.Sy NOTE : -This option is deprecated in favor of the -.Dq Li queries -.Em logging category -of the configuration file's -.Dq Li logging -statement; for more information, please refer to the configuration file guide -included with this distribution of -.Sy BIND . -.It Fl r -Turns recursion off in the server. Answers can come only from local -(primary or secondary) zones. This can be used on root servers. -The default is to use recursion. -.Pp -.Sy NOTE : -This option can be overridden by and is deprecated in favor of the -.Dq Li recursion -clause of the configuration file's -.Dq Li options -statement. -.It Fl v -Report the version and exit. -.It Fl u Ar user_name -Specifies the user the server should run as after it initializes. The value -specified may be either a username or a numeric user id. If the -.Dq Fl g -flag is not specified, then the group id used will be the primary group of -the user specified (initgroups() is called, so all of the user's groups will -be available to the server). -.Pp -.It Fl g Ar group_name -Specifies the group the server should run as after it initializes. The value -specified may be either a groupname or a numeric group id. -.Pp -.It Fl t Ar directory -Specifies the directory the server should chroot() into as soon as it is -finshed processing command line arguments. -.Pp -.It Fl w Ar directory -Sets the working directory of the server. The -.Dq Li directory -clause of the configuration file's -.Dq Li options -statement overrides any value specified on the command line. -The default working directory is the current directory -.Pq Dq \&. . -.El -.Pp -Any additional argument is taken as the name of the configuration file, for -compatibility with older implementations; as noted above, this argument -overrides any -.Ar config_file -specified by the use of the -.Dq Fl b -or -.Dq Fl c -flags. If no further argument is given, then the default configuration file -is used -.Pq Pa /etc/named.conf . -.Ss Master File Format -The master file consists of control information and a list of resource -records for objects in the zone of the forms: -.Bd -literal -offset indent -$INCLUDE <filename> <opt_domain> -$ORIGIN <domain> -$TTL <ttl> -<domain> <opt_ttl> <opt_class> <type> <resource_record_data> -.Ed -.Pp -where: -.Bl -tag -width "opt_domain " -.It Ar domain -is -.Dq Li .\& -for root, -.Dq Li @ -for the current origin, or a standard domain name. If -.Ar domain -is a standard domain name that does -.Em not -end with -.Dq Li \&. , -the current origin is appended to the domain. Domain names ending with -.Dq Li .\& -are unmodified. -.It Ar opt_domain -This field is used to define an origin for the data in an included file. -It is equivalent to placing an -.Li $ORIGIN -statement before the first line of the included file. The field is optional. -Neither the -.Ar opt_domain -field nor -.Li $ORIGIN -statements in the included file modify the current origin for this file. -.It Ar ttl -A integer number that sets the default time-to-live for future records without -an explicit ttl. -.It Ar opt_ttl -An optional integer number for the time-to-live field. -If not set the ttl is taken from the last $TTL statement. -If no $TTL statement has occurred then the SOA minimum value is used and a -warning is generated. -.It Ar opt_class -The object address type; currently only one type is supported, -.Dv IN , -for objects connected to the DARPA Internet. -.It Ar type -This field contains one of the following tokens; the data expected in the -.Ar resource_record_data -field is in parentheses: -.Bl -tag -width "HINFO " -offset indent -.It Dv A -a host address (dotted-quad IP address) -.It Dv NS -an authoritative name server (domain) -.It Dv MX -a mail exchanger (domain), preceded by a preference value (0..32767), -with lower numeric values representing higher logical preferences. -.It Dv CNAME -the canonical name for an alias (domain) -.It Dv SOA -marks the start of a zone of authority (domain of originating host, -domain address of maintainer, a serial number and the following -parameters in seconds: refresh, retry, expire and minimum TTL (see RFC 883 -and RFC 2308)). -.It Dv NULL -a null resource record (no format or data) -.It Dv RP -a Responsible Person for some domain name (mailbox, TXT-referral) -.It Dv PTR -a domain name pointer (domain) -.It Dv HINFO -host information (cpu_type OS_type) -.El -.El -.Pp -Resource records normally end at the end of a line, -but may be continued across lines between opening and closing parentheses. -Comments are introduced by semicolons and continue to the end of the line. -.Pp -.Sy NOTE : -There are other resource record types not shown here. You should -consult the -.Sy BIND -Operations Guide -.Pq Dq BOG -for the complete -list. Some resource record types may have been standardized in newer RFC's -but not yet implemented in this version of -.Sy BIND . -.Ss SOA Record Format -Each master zone file should begin with an SOA record for the zone. -An example SOA record is as follows: -.Bd -literal -@ IN SOA ucbvax.Berkeley.EDU. rwh.ucbvax.Berkeley.EDU. ( - 1989020501 ; serial - 10800 ; refresh - 3600 ; retry - 3600000 ; expire - 86400 ) ; minimum -.Ed -.Pp -The SOA specifies a serial number, which should be incremented each time the -master file is changed. Note that the serial number can be given as a -dotted number, but this is a -.Em very -unwise thing to do since the -translation to normal integers is via concatenation rather than -multiplication and addition. You can spell out the year, month, day of -month, and 0..99 version number and still fit inside the unsigned 32-bit -size of this field. (It's true that we will have to rethink this strategy in -the year 4294, but we're not worried about it.) -.Pp -Secondary servers -check the serial number at intervals specified by the refresh time in -seconds; if the serial number changes, a zone transfer will be done to load -the new data. If a master server cannot be contacted when a refresh is due, -the retry time specifies the interval at which refreshes should be attempted. -If a master server cannot be contacted within the interval given by the -expire time, all data from the zone is discarded by secondary servers. The -minimum value is the cache time-to-live for negative answers (RFC 2308). -.Sh NOTES -The boot file directives -.Dq Li domain -and -.Dq Li suffixes -have been -obsoleted by a more useful, resolver-based implementation of -suffixing for partially-qualified domain names. The prior mechanisms -could fail under a number of situations, especially when then local -nameserver did not have complete information. -.Pp -The following signals have the specified effect when sent to the -server process using the -.Xr kill @CMD_EXT@ -command: -.Pp -.Bl -tag -width "SIGWINCH" -.It Dv SIGHUP -Causes server to read -.Pa named.conf -and reload the database. If the server -is built with the -.Li FORCED_RELOAD -compile-time option, then -.Dv SIGHUP -will -also cause the server to check the serial number on all secondary zones; -normally, the serial numbers are only checked at the SOA-specified intervals. -.It Dv SIGINT -Dumps the current data base and cache to -.Dq Pa /var/tmp/named_dump.db -or the value of -.Dv _PATH_DUMPFILE . -.It Dv SIGILL -Dumps statistics data into -.Pa named.stats -if the server is compiled with -.Li -DSTATS . -Statistics data is appended to the file. -.It Dv SIGSYS -Dumps the profiling data in -.Pa /var/tmp -if the server is compiled with profiling (server forks, chdirs and exits). -.It Dv SIGTERM -Saves any modified dynamic zones to the file system, and shuts down the server. -.It Dv SIGUSR1 -Turns on debugging; each -.Dv SIGUSR1 -increments debug level. -.Po -.Dv SIGEMT -on older systems without -.Dv SIGUSR1 . -.Pc -.It Dv SIGUSR2 -Turns off debugging completely. -.Po -.Dv SIGFPE -on older systems without -.Dv SIGUSR2 . -.Pc -.It Dv SIGWINCH -Toggles logging of all incoming queries via -.Xr syslog @LIB_C_EXT@ -(requires server to have been built with the -.Li QRYLOG -option). -.El -.Sh FILES -.Bl -tag -width "/var/tmp/named_dump.db (_PATH_DUMPFILE) " -compact -.It Pa /etc/named.conf -default name server configuration file -.It Pa /var/run/named.pid Pq Dv _PATH_PIDFILE -the process id -.It Pa /var/tmp/named_dump.db Pq Dv _PATH_DUMPFILE -dump of the name server database -.It Pa /var/tmp/named.run Pq file: Dv _PATH_DEBUG -debug output -.It Pa /var/tmp/named.stats Pq file: Dv _PATH_STATS -nameserver statistics data -.El -.Sh SEE ALSO -.Xr named.conf @FORMAT_EXT@ , -.Xr gethostbyname @LIB_NETWORK_EXT@ , -.Xr hostname @DESC_EXT@ , -.Xr kill @CMD_EXT@ , -.Xr resolver @LIB_NETWORK_EXT@ , -.Xr resolver @FORMAT_EXT@ , -.Xr signal @LIB_C_EXT@ , -RFC 882, RFC 883, RFC 973, RFC 974, RFC 1033, RFC 1034, RFC 1035, RFC 1123, -RFC 2308 -.Dq Name Server Operations Guide for Sy BIND diff --git a/contrib/bind/doc/man/named.conf.5 b/contrib/bind/doc/man/named.conf.5 deleted file mode 100644 index 532af69e8f8d..000000000000 --- a/contrib/bind/doc/man/named.conf.5 +++ /dev/null @@ -1,2129 +0,0 @@ -.\" Copyright (c) 1999-2000 by Internet Software Consortium -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.Dd January 7, 1999 -.Dt NAMED.CONF 5 -.Os BSD 4 -.Sh NAME -.Nm named.conf -.Nd configuration file for -.Xr named 8 -.Sh OVERVIEW -BIND 8 is much more configurable than previous release of BIND. There -are entirely new areas of configuration, such as access control lists -and categorized logging. Many options that previously applied to all -zones can now be used selectively. These features, plus a -consideration of future configuration needs led to the creation of a -new configuration file format. -.Ss General Syntax -A BIND 8 configuration consists of two general features, statements -and comments. All statements end with a semicolon. Many statements -can contain substatements, which are each also terminated with a -semicolon. -.Pp -The following statements are supported: -.Bl -tag -width 0n -.It Ic logging -specifies what the server logs, and where the log messages are sent -.It Ic options -controls global server configuration options and sets defaults for other -statements -.It Ic zone -defines a zone -.It Ic acl -defines a named IP address matching list, for access control and other uses -.It Ic key -specifies key information for use in authentication and authorization -.It Ic trusted-keys -defines DNSSEC keys that are preconfigured into the server and implicitly -trusted -.It Ic server -sets certain configuration options for individual remote servers -.It Ic controls -declares control channels to be used by the -.Nm ndc -utility -.It Ic include -includes another file -.El -.Pp -The -.Ic logging -and -.Ic options -statements may only occur once per configuration, while the rest may -appear numerous times. Further detail on each statement is provided -in individual sections below. -.Pp -Comments may appear anywhere that whitespace may appear in a BIND -configuration file. To appeal to programmers of all kinds, they can -be written in C, C++, or shell/perl constructs. -.Pp -C-style comments start with the two characters -.Li /* -(slash, star) and end with -.Li */ -(star, slash). -Because they are completely delimited with these characters, -they can be used to comment only a portion of a line or to span -multiple lines. -.Pp -C-style comments cannot be nested. For example, the following is -not valid because the entire comment ends with the first -.Li */ : -.Bd -literal -offset indent -/* This is the start of a comment. - This is still part of the comment. -/* This is an incorrect attempt at nesting a comment. */ - This is no longer in any comment. */ -.Ed -.Pp -C++-style comments start with the two characters -.Li // -(slash, slash) and continue to the end of the physical line. -They cannot be continued across multiple physical lines; to have -one logical comment span multiple lines, each line must use the -.Li // -pair. For example: -.Bd -literal -offset indent -// This is the start of a comment. The next line -// is a new comment, even though it is logically -// part of the previous comment. -.Ed -.Pp -Shell-style (or perl-style, if you prefer) comments start with the -character -.Li # -(hash or pound or number or octothorpe or whatever) and continue to -the end of the physical line, like C++ comments. For example: -.Bd -literal -offset indent -# This is the start of a comment. The next line -# is a new comment, even though it is logically -# part of the previous comment. -.Ed -.Pp -.Em WARNING : -you cannot use the -.Li ; -(semicolon) character to start a comment such as you would in a zone -file. The semicolon indicates the end of a configuration statement, -so whatever follows it will be interpreted as the start of the next -statement. -.Ss Converting from BIND 4.9.x -BIND 4.9.x configuration files can be converted to the new format -by using -.Pa src/bin/named/named-bootconf , -a shell script that is part of the BIND 8.2.x source kit. -.Sh DOCUMENTATION DEFINITIONS -Described below are elements used throughout the BIND configuration -file documentation. Elements which are only associated with one -statement are described only in the section describing that statement. -.Bl -tag -width 0n -.It Va acl_name -The name of an -.Va address_match_list -as defined by the -.Ic acl -statement. -.It Va address_match_list -A list of one or more -.Va ip_addr , -.Va ip_prefix , -.Va key_id , -or -.Va acl_name -elements, as described in the -.Sx ADDRESS MATCH LISTS -section. -.It Va dotted-decimal -One or more integers valued 0 through 255 separated only by dots -(``.''), such as -.Li 123 , -.Li 45.67 -or -.Li 89.123.45.67 . -.It Va domain_name -A quoted string which will be used as a DNS name, for example -.Qq Li my.test.domain . -.It Va path_name -A quoted string which will be used as a pathname, such as -.Qq Li zones/master/my.test.domain . -.It Va ip_addr -An IP address with exactly four elements in -.Va dotted-decimal -notation. -.It Va ip_port -An IP port -.Va number . -.Va number is limited to -.Li 0 -through -.Li 65535 , -with values below 1024 typically restricted to -root-owned processes. In some cases an asterisk (``*'') character -can be used as a placeholder to select a random high-numbered port. -.It Va ip_prefix -An IP network specified in -.Va dotted-decimal -form, followed by ``/'' -and then the number of bits in the netmask. E.g. -.Li 127/8 -is -the network -.Li 127.0.0.0 -with netmask -.Li 255.0.0.0 . -.Li 1.2.3.0/28 -is network -.Li 1.2.3.0 -with netmask -.Li 255.255.255.240. -.It Va key_name -A string representing the name of a shared key, to be used for transaction -security. -.It Va number -A non-negative integer with an entire range limited by the range of a -C language signed integer (2,147,483,647 on a machine with 32 bit -integers). Its acceptable value might further be limited by the -context in which it is used. -.It Va size_spec -A -.Va number , -the word -.Li unlimited , -or the word -.Li default . -.Pp -The maximum value of -.Va size_spec -is that of unsigned long integers on the machine. -.Li unlimited -requests unlimited use, or the maximum available amount. -.Li default -uses the limit that was in force when the server was started. -.Pp -A -.Va number -can optionally be followed by a scaling factor: -.Li K -or -.Li k -for kilobytes, -.Li M -or -.Li m -for megabytes, and -.Li G -or -.Li g -for gigabytes, which scale by 1024, 1024*1024, and 1024*1024*1024 -respectively. -.Pp -Integer storage overflow is currently silently ignored during -conversion of scaled values, resulting in values less than intended, -possibly even negative. Using -.Li unlimited -is the best way to safely set a really large number. -.It Va yes_or_no -Either -.Li yes -or -.Li no . -The words -.Li true -and -.Li false -are also accepted, as are the numbers -.Li 1 and -.Li 0 . -.El -.Sh ADDRESS MATCH LISTS -.Ss Syntax -.Bd -literal -\fIaddress_match_list\fR = 1\&*\fIaddress_match_element\fR -.Pp -\fIaddress_match_element\fR = [ \&"!\&" ] ( \fIaddress_match_list\fR / - \fIip_address\fR / \fIip_prefix\fR / - \fIacl_name\fR / \&"key \&" \fIkey_id\fR ) \&";\&" -.Ed -.Ss Definition and Usage -Address match lists are primarily used to determine access control for -various server operations. They are also used to define priorities -for querying other nameservers and to set the addresses on which -.Nm named -will listen for queries. -The elements which constitute an address match list can be any -of the following: -.Bl -bullet -.It -an -.Va ip-address -(in -.Va dotted-decimal -notation, -.It -an -.Va ip-prefix -(in the '/'-notation), -.It -A -.Va key_id , -as defined by the -.Ic key -statement, -.It -the name of an address match list previously defined with -the -.Ic acl -statement, or -.It -another -.Va address_match_list . -.El -.Pp -Elements can be negated with a leading exclamation mark (``!''), and -the match list names -.Li any , -.Li none , -.Li localhost -and -.Li localnets -are predefined. More information on those names can be found in the -description of the -.Ic acl -statement. -.Pp -The addition of the -.Ic key -clause made the name of this syntactic element something of a -misnomer, since security keys can be used to validate access without -regard to a host or network address. Nonetheless, the term ``address -match list'' is still used throughout the documentation. -.Pp -When a given IP address or prefix is compared to an address match -list, the list is traversed in order until an element matches. The -interpretation of a match depends on whether the list is being used -for access control, defining -.Ic listen-on -ports, or as a topology, and whether the element was -negated. -.Pp -When used as an access control list, a non-negated match allows access -and a negated match denies access. If there is no match at all in the -list, access is denied. The clauses -.Ic allow-query , -.Ic allow-transfer , -.Ic allow-update , -.Ic allow-recursion , -and -.Ic blackhole -all use address match lists like this. Similarly, the -.Ic listen-on -option will cause the server to not accept queries on any of the -machine's addresses which do not match the list. -.Pp -When used with the -.Ic topology -option, a non-negated match returns a distance based on its position on -the list (the closer the match is to the start of the list, the -shorter the distance is between it and the server). A negated match -will be assigned the maximum distance from the server. If there is no -match, the address will get a distance which is further than any -non-negated list element, and closer than any negated element. -.Pp -Because of the first-match aspect of the algorithm, an element that -defines a subset of another element in the list should come before the -broader element, regardless of whether either is negated. For -example, in -.Dl 1.2.3/24; !1.2.3.13 -the 1.2.3.13 element is completely useless, because the algorithm will -match any lookup for 1.2.3.13 to the 1.2.3/24 element. Using -.Dl !1.2.3.13; 1.2.3/24 -fixes that problem by having 1.2.3.13 blocked by the negation but all -other 1.2.3.* hosts fall through. -.Sh THE LOGGING STATEMENT -.Ss Syntax -.Bd -literal -logging { - [ channel \fIchannel_name\fR { - ( file \fIpath_name\fR - [ versions ( \fInumber\fR | unlimited ) ] - [ size \fIsize_spec\fR ] - | syslog ( kern | user | mail | daemon | auth | syslog | lpr | - news | uucp | cron | authpriv | ftp | - local0 | local1 | local2 | local3 | - local4 | local5 | local6 | local7 ) - | null ); -.Pp - [ severity ( critical | error | warning | notice | - info | debug [ \fIlevel\fR ] | dynamic ); ] - [ print-category \fIyes_or_no\fR; ] - [ print-severity \fIyes_or_no\fR; ] - [ print-time \fIyes_or_no\fR; ] - }; ] -.Pp - [ category \fIcategory_name\fR { - \fIchannel_name\fR; [ \fIchannel_name\fR; ... ] - }; ] - ... -}; -.Ed -.Ss Definition and Usage -The -.Ic logging -statement configures a wide variety of logging options for the nameserver. -Its -.Ic channel -phrase associates output methods, format options and -severity levels with a name that can then be used with the -.Ic category -phrase to select how various classes of messages are logged. -.Pp -Only one -.Ic logging -statement is used to define as many channels and categories as are wanted. -If there are multiple logging statements in a configuration, the first -defined determines the logging, and warnings are issued for the -others. If there is no logging statement, the logging configuration -will be: -.Bd -literal - logging { - category default { default_syslog; default_debug; }; - category panic { default_syslog; default_stderr; }; - category packet { default_debug; }; - category eventlib { default_debug; }; - }; -.Ed -.Pp -The logging configuration is established as soon as the -.Ic logging -statement is parsed. If you want to redirect -messages about processing of the entire configuration file, the -.Ic logging -statement must appear first. Even if you do not -redirect configuration file parsing messages, we recommend -always putting the -.Ic logging -statement first so that this rule need not be consciously recalled if -you ever do want the parser's messages relocated. -.Ss The channel phrase -All log output goes to one or more ``channels''; you can make as many -of them as you want. -.Pp -Every channel definition must include a clause that says whether -messages selected for the channel go to a file, to a particular syslog -facility, or are discarded. It can optionally also limit the message -severity level that will be accepted by the channel (default is -.Li info ) , -and whether to include a time stamp generated by -.Nm named , -the category name, or severity level. The default is not to include -any of those three. -.Pp -The word -.Li null -as the destination option for the -channel will cause all messages sent to it to be discarded; other -options for the channel are meaningless. -.Pp -The -.Ic file -clause can include limitations both on how -large the file is allowed to become, and how many versions of the file -will be saved each time the file is opened. -.Pp -The -.Ic size -option for files is simply a hard ceiling on -log growth. If the file ever exceeds the size, then -.Nm named -will just not write anything more to it until the file is reopened; -exceeding the size does not automatically trigger a reopen. The -default behavior is to not limit the size of the file. -.Pp -If you use the -.Ic version -logfile option, then -.Nm named -will retain that many backup versions of the file -by renaming them when opening. For example, if you choose to keep 3 -old versions of the file lamers.log then just before it is opened -lamers.log.1 is renamed to lames.log.2, lamers.log.0 is renamed to -lamers.log.1, and lamers.log is renamed to lamers.log.0. No rolled -versions are kept by default; any existing log file is simply appended. -The -.Li unlimited -keyword is synonymous with -.Li 99 -in current BIND releases. Example usage of size and versions options: -.Bd -literal - channel an_example_level { - file "lamers.log" versions 3 size 20m; - print-time yes; - print-category yes; - }; -.Ed -.Pp -The argument for the -.Ic syslog -clause is a syslog facility as described in the -.Xr syslog 3 -manual page. How -.Nm syslogd -will handle messages sent to this facility is described in the -.Xr syslog.conf 5 -manual page. If you have a system which uses a very old version of -syslog that only uses two arguments to the -.Fn openlog -function, then this clause is silently ignored. -.Pp -The -.Ic severity -clause works like syslog's ``priorities'', except that they can also be -used if you are writing straight to a file rather than using -syslog. Messages which are not at least of the severity level given -will not be selected for the channel; messages of higher severity -levels will be accepted. -.Pp -If you are using syslog, then the -.Pa syslog.conf -priorities will also determine what eventually passes through. -For example, defining a channel facility and severity as -.Li daemon -and -.Li debug -but only logging -.Li daemon.warning -via -.Pa syslog.conf -will cause messages of severity -.Li info -and -.Li notice -to be dropped. If the situation were reversed, with -.Nm named -writing messages of only -.Li warning -or higher, then -.Nm syslogd -would print all messages it received from the channel. -.Pp -The server can supply extensive debugging information when it is in -debugging mode. If the server's global debug level is greater than -zero, then debugging mode will be active. The global debug level is -set either by starting the -.Nm named -server with the -.Fl d -flag followed by a positive integer, or by sending the running server the -.Dv SIGUSR1 -signal (for example, by using -.Ic ndc trace ) . -The global debug level can be set to -zero, and debugging mode turned off, by sending the server the -.Dv SIGUSR2 -signal (as with -.Ic ndc notrace ) . -All debugging messages in the server have a -debug level, and higher debug levels give more more detailed output. -Channels that specify a specific debug severity, e.g. -.Bd -literal - channel specific_debug_level { - file \&"foo\&"; - severity debug 3; - }; -.Ed -.Pp -will get debugging output of level 3 or less any time the -server is in debugging mode, regardless of the global debugging level. -Channels with -.Li dynamic -severity use the server's global level to determine what messages to -print. -.Pp -If -.Ic print-time -has been turned on, then the date and time will be logged. -.Ic print-time -may be specified for a syslog channel, but is usually pointless since -syslog also prints the date and time. -If -.Ic print-category -is requested, then the category of the message will be logged as well. -Finally, if -.Ic print-severity -is on, then the severity level of the message will be logged. The -.Ic print- -options may be used -in any combination, and will always be printed in the following order: -time, category, severity. Here is an example where all three -.Ic print- -options are on: -.Bd -literal - 28-Apr-1997 15:05:32.863 default: notice: Ready to answer queries. -.Ed -.Pp -There are four predefined channels that are used for -default logging as follows. How they are used -used is described in the next section, -.Sx The category phrase . -.Bd -literal - channel default_syslog { - syslog daemon; # send to syslog's daemon facility - severity info; # only send priority info and higher - }; -.Pp - channel default_debug { - file \&"named.run\&"; # write to named.run in the working directory - # Note: stderr is used instead of \&"named.run\&" - # if the server is started with the -f option. - severity dynamic; # log at the server's current debug level - }; -.Pp - channel default_stderr { # writes to stderr - file \&"<stderr>\&"; # this is illustrative only; there's currently - # no way of specifying an internal file - # descriptor in the configuration language. - severity info; # only send priority info and higher - }; -.Pp - channel null { - null; # toss anything sent to this channel - }; -.Ed -.Pp -Once a channel is defined, it cannot be redefined. Thus you cannot -alter the built-in channels directly, but you can modify the default -logging by pointing categories at channels you have defined. -.Ss The category phrase -There are many categories, so you can send the logs you want to see -wherever you want, without seeing logs you don't want. If you don't -specify a list of channels for a category, then log messages in that -category will be sent to the -.Li default -category instead. -If you don't specify a default category, the following ``default -default'' is used: -.Bd -literal - category default { default_syslog; default_debug; }; -.Ed -.Pp -As an example, let's say you want to log security events to a file, -but you also want keep the default logging behavior. You'd specify -the following: -.Bd -literal - channel my_security_channel { - file \&"my_security_file\&"; - severity info; - }; - category security { my_security_channel; - default_syslog; default_debug; }; -.Ed -.Pp -To discard all messages in a category, specify the -.Li null -channel: -.Bd -literal - category lame-servers { null; }; - category cname { null; }; -.Ed -.Pp -The following categories are available: -.Bl -tag -width 0n -.It Ic default -The catch-all. Many things still aren't classified into categories, -and they all end up here. Also, if you don't specify any channels for -a category, the default category is used instead. If you do not -define the default category, the following definition is used: -.Dl category default { default_syslog; default_debug; }; -.It Ic config -High-level configuration file processing. -.It Ic parser -Low-level configuration file processing. -.It Ic queries -A short log message is generated for every query the server receives. -.It Ic lame-servers -Messages like ``Lame server on ...'' -.It Ic statistics -Statistics. -.It Ic panic -If the server has to shut itself down due to an internal problem, it -will log the problem in this category as well as in the problem's native -category. If you do not define the panic category, the following definition -is used: -.Dl category panic { default_syslog; default_stderr; }; -.It Ic update -Dynamic updates. -.It Ic ncache -Negative caching. -.It Ic xfer-in -Zone transfers the server is receiving. -.It Ic xfer-out -Zone transfers the server is sending. -.It Ic db -All database operations. -.It Ic eventlib -Debugging info from the event system. Only one channel may be specified for -this category, and it must be a file channel. If you do not define the -eventlib category, the following definition is used: -.Dl category eventlib { default_debug; }; -.It Ic packet -Dumps of packets received and sent. Only one channel may be specified for -this category, and it must be a file channel. If you do not define the -packet category, the following definition is used: -.Dl category packet { default_debug; }; -.It Ic notify -The NOTIFY protocol. -.It Ic cname -Messages like ``... points to a CNAME''. -.It Ic security -Approved/unapproved requests. -.It Ic os -Operating system problems. -.It Ic insist -Internal consistency check failures. -.It Ic maintenance -Periodic maintenance events. -.It Ic load -Zone loading messages. -.It Ic response-checks -Messages arising from response checking, such as -``Malformed response ...'', ``wrong ans. name ...'', -``unrelated additional info ...'', ``invalid RR type ...'', -and ``bad referral ...''. -.El -.Sh THE OPTIONS STATEMENT -.Ss Syntax -.Bd -literal -options { - [ hostname \fIhostname_string\fR; ] - [ version \fIversion_string\fR; ] - [ directory \fIpath_name\fR; ] - [ named-xfer \fIpath_name\fR; ] - [ dump-file \fIpath_name\fR; ] - [ memstatistics-file \fIpath_name\fR; ] - [ pid-file \fIpath_name\fR; ] - [ statistics-file \fIpath_name\fR; ] - [ auth-nxdomain \fIyes_or_no\fR; ] - [ deallocate-on-exit \fIyes_or_no\fR; ] - [ dialup \fIyes_or_no\fR; ] - [ fake-iquery \fIyes_or_no\fR; ] - [ fetch-glue \fIyes_or_no\fR; ] - [ has-old-clients \fIyes_or_no\fR; ] - [ host-statistics \fIyes_or_no\fR; ] - [ host-statistics-max \fInumber\fR; ] - [ multiple-cnames \fIyes_or_no\fR; ] - [ notify ( \fIyes_or_no\fR | explicit ); ] - [ suppress-initial-notify \fIyes_or_no\fR; ] - [ recursion \fIyes_or_no\fR; ] - [ rfc2308-type1 \fIyes_or_no\fR; ] - [ use-id-pool \fIyes_or_no\fR; ] - [ treat-cr-as-space \fIyes_or_no\fR; ] - [ also-notify \fIyes_or_no\fR; ] - [ forward ( only | first ); ] - [ forwarders { [ \fIin_addr\fR ; [ \fIin_addr\fR ; ... ] ] }; ] - [ check-names ( master | slave | response ) ( warn | fail | ignore ); ] - [ allow-query { \fIaddress_match_list\fR }; ] - [ allow-recursion { \fIaddress_match_list\fR }; ] - [ allow-transfer { \fIaddress_match_list\fR }; ] - [ blackhole { \fIaddress_match_list\fR }; ] - [ listen-on [ port \fIip_port\fR ] { \fIaddress_match_list\fR }; ] - [ query-source [ address ( \fIip_addr\fR | * ) ] - [ port ( \fIip_port\fR | * ) ] ; ] - [ lame-ttl \fInumber\fR; ] - [ max-transfer-time-in \fInumber\fR; ] - [ max-ncache-ttl \fInumber\fR; ] - [ min-roots \fInumber\fR; ] - [ serial-queries \fInumber\fR; ] - [ transfer-format ( one-answer | many-answers ); ] - [ transfers-in \fInumber\fR; ] - [ transfers-out \fInumber\fR; ] - [ transfers-per-ns \fInumber\fR; ] - [ transfer-source \fIip_addr\fR; ] - [ maintain-ixfr-base \fIyes_or_no\fR; ] - [ max-ixfr-log-size \fInumber\fR; ] - [ coresize \fIsize_spec\fR ; ] - [ datasize \fIsize_spec\fR ; ] - [ files \fIsize_spec\fR ; ] - [ stacksize \fIsize_spec\fR ; ] - [ cleaning-interval \fInumber\fR; ] - [ heartbeat-interval \fInumber\fR; ] - [ interface-interval \fInumber\fR; ] - [ statistics-interval \fInumber\fR; ] - [ topology { \fIaddress_match_list\fR }; ] - [ sortlist { \fIaddress_match_list\fR }; ] - [ rrset-order { \fIorder_spec\fR ; [ \fIorder_spec\fR ; ... ] }; ] - [ preferred-glue ( A | AAAA ); ] -}; -.Ed -.Ss Definition and Usage -The options statement sets up global options to be used by -BIND. This statement may appear at only once in a -configuration file; if more than one occurrence is found, the -first occurrence determines the actual options used, -and a warning will be generated. If there is no options statement, -an options block with each option set to its default will be used. -.Ss Server Information -.Bl -tag -width 0n -.It Ic hostname -This defaults to the hostname of the machine hosting the nameserver as found by gethostname(). -Its prime purpose is to be able to identify which of a number of anycast -servers is actually answering your queries by sending a txt query for -.Pa hostname.bind -in class chaos to the anycast server and geting back a unique name. -Setting -the hostname to a empty string ("") will disable processing of the queries. -.It Ic version -The version the server should report via the ndc command or via a query of -name -.Pa version.bind -in class chaos. -The default is the real version number of the server, -but some server operators prefer the string ( -.Ic surely you must be joking -). -.El -.Ss Pathnames -.Bl -tag -width 0n -.It Ic directory -The working directory of the server. Any non-absolute -pathnames in the configuration file will be taken as relative to this -directory. The default location for most server output files -(e.g. -.Pa named.run ) -is this directory. If a directory is not -specified, the working directory defaults to -.Pa \&. , -the directory from which the -server was started. The directory specified should be an absolute path. -.It Ic named-xfer -The pathname to the named-xfer program that the server uses for -inbound zone transfers. If not specified, the default is -system dependent (e.g. -.Pa /usr/sbin/named-xfer -). -.It Ic dump-file -The pathname of the file the server dumps the database to when it -receives -.Dv SIGINT -signal (as sent by -.Ic ndc dumpdb -). If not specified, the default is -.Pa named_dump.db . -.It Ic memstatistics-file -The pathname of the file the server writes memory usage statistics to -on exit, if -.Ic deallocate-on-exit -is -.Li yes . -If not specified, the default is -.Pa named.memstats . -.It Ic pid-file -The pathname of the file the server writes its process ID in. If not -specified, the default is operating system dependent, but is usually -.Pa /var/run/named.pid -or -.Pa /etc/named.pid . -The pid-file is used by programs like -.Nm ndc -that want to send signals to the running nameserver. -.It Ic statistics-file -The pathname of the file the server appends statistics to when it -receives -.Dv SIGILL -signal (from -.Ic ndc stats ) . -If not specified, the default is -.Pa named.stats . -.El -.Ss Boolean Options -.Bl -tag -width 0n -.It Ic auth-nxdomain -If -.Li yes , -then the -.Li AA -bit is always set on -.Dv NXDOMAIN -responses, even if the server is not actually authoritative. -The default is -.Li yes . -Do not turn off -.Ic auth-nxdomain -unless you are sure you know what you are -doing, as some older software won't like it. -.It Ic deallocate-on-exit -If -.Li yes , -then when the server exits it will painstakingly deallocate every -object it allocated, and then write a memory usage report to the -.Ic memstatistics-file . -The default is -.Li no , -because it is faster to let the operating system clean up. -.Ic deallocate-on-exit -is handy for detecting memory leaks. -.It Ic dialup -If -.Li yes , -then the server treats all zones as if they are doing zone transfers -across a dial on demand dialup link, which can be brought up by -traffic originating from this server. This has different effects -according to zone type and concentrates the zone maintenance so that -it all happens in a short interval, once every -.Ic heartbeat-interval -and hopefully during the one call. -It also suppresses some of the normal zone maintenance traffic. -The default is -.Li no . -The -.Ic dialup -option may also be specified in the -.Ic zone -statement, in which -case it overrides the -.Ic options dialup -statement. -.Pp -If the zone is a -.Ic master -then the server will send out -.Dv NOTIFY -request to all the slaves. -This will trigger the zone up to date checking in the slave (providing -it supports -.Dv NOTIFY ) -allowing the slave -to verify the zone while the call us up. -.Pp -If the zone is a -.Ic slave -or -.Ic stub -then the server will suppress the zone regular zone up to date queries -and only perform the when the -.Ic heartbeat-interval -expires. -.It Ic fake-iquery -If -.Li yes , -the server will simulate the obsolete DNS query type -.Dv IQUERY . -The default is -.Li no . -.It Ic fetch-glue -If -.Li yes -(the default), the server will fetch ``glue'' resource -records it doesn't have when constructing the additional data section of -a response. -.Ic fetch-glue no -can be used in conjunction with -.Ic recursion no -to prevent the server's cache from growing or -becoming corrupted (at the cost of requiring more work from the client). -.It Ic has-old-clients -Setting the option to -.Li yes , -is equivalent to setting the following three options: -.Ic auth-nxdomain yes ; , -.Ic maintain-ixfr-base yes ; , -and -.Ic rfc2308-type1 no ; -.Pp -The use of -.Ic has-old-clients -with -.Ic auth-nxdomain , -.Ic maintain-ixfr-base , -and -.Ic rfc2308-type1 -is order dependant. -.It Ic host-statistics -If -.Li yes , -then statistics are kept for every host that the the nameserver -interacts with. The default is -.Li no . -.Em Note : -turning on -.Ic host-statistics -can consume huge amounts of memory. -.It Ic maintain-ixfr-base -If -.Li yes , -a IXFR database file is kept for all dynamicaly updated zones. -This enables the server to answer IXFR queries which can speed up -zone transfers enormously. -The default is -.Li no . -.It Ic multiple-cnames -If -.Li yes , -then multiple CNAME resource records will be -allowed for a domain name. The default is -.Li no . -Allowing multiple CNAME records is against standards and is not recommended. -Multiple CNAME support is available because previous versions of BIND -allowed multiple CNAME records, and these records have been used for load -balancing by a number of sites. -.It Ic notify -If -.Li yes -(the default), DNS NOTIFY messages are sent when a -zone the server is authoritative for changes. The use of NOTIFY -speeds convergence between the master and its slaves. Slave servers -that receive a NOTIFY message and understand it will contact the -master server for the zone and see if they need to do a zone transfer, and -if they do, they will initiate it immediately. -If -.Li explicit , -the DNS NOTIFY messages will only be sent to the addresses in the -.Ic also-notify -list. -The -.Ic notify -option may also be specified in the -.Ic zone -statement, in which case it overrides the -.Ic options notify -statement. -.It Ic suppress-initial-notify -If -.Li yes , -suppress the initial notify messages when the server first loads. -The default is -.Li no . -.It Ic recursion -If -.Li yes , -and a DNS query requests recursion, then the -server will attempt to do all the work required to answer the query. -If recursion is not on, the server will return a referral to the -client if it doesn't know the answer. The default is -.Li yes . -See also -.Ic fetch-glue -above. -.It Ic rfc2308-type1 -If -.Li yes, -the server will send NS records along with the SOA record for negative -answers. You need to set this to no if you have an old BIND server using -you as a forwarder that does not understand negative answers which contain -both SOA and NS records or you have an old version of sendmail. The correct -fix is to upgrade the broken server or sendmail. The default is -.Li no . -.It Ic use-id-pool -If -.Li yes, -the server will keep track of its own outstanding query ID's to avoid duplication -and increase randomness. This will result in 128KB more memory being consumed -by the server. The default is -.Li no . -.It Ic treat-cr-as-space -If -.Li yes, -the server will treat CR characters the same way it treats a space -or tab. This may be necessary when loading zone files on a UNIX system -that were generated on an NT or DOS machine. The default is -.Li no . -.El -.Ss Also-Notify -.Ic also-notify -.Pp -Defines a global list of IP addresses that also get sent NOTIFY messages -whenever a fresh copy of the zone is loaded. This helps to ensure that copies of -the zones will quickly converge on ``stealth'' servers. If an -.Ic also-notify -list is given in a -.Ic zone -statement, it will override the -.Ic options also-notify -statement. When a -.Ic zone notify -statement is set to -.Ic no , -the IP addresses in -the global -.Ic also-notify -list will not get sent NOTIFY messages for that zone. -The default is the empty list (no global notification list). -.Ss Forwarding -The forwarding facility can be used to create a large site-wide -cache on a few servers, reducing traffic over links to external -nameservers. It can also be used to allow queries by servers that do -not have direct access to the Internet, but wish to look up exterior -names anyway. Forwarding occurs only on those queries for which the -server is not authoritative and does not have the answer in its cache. -.Bl -tag -width 0n -.It Ic forward -This option is only meaningful if the -.Ic forwarders -list is -not empty. A value of -.Li first , -the default, causes the -server to query the forwarders first, and if that doesn't answer the -question the server will then look for the answer itself. If -.Li only -is specified, the server will only query the forwarders. -.It Ic forwarders -Specifies the IP addresses to be used for forwarding. The default is the -empty list (no forwarding). -.El -.Pp -Forwarding can also be configured on a per-zone basis, allowing for -the global forwarding options to be overridden in a variety of ways. -You can set particular zones to use different forwarders, or have -different -.Ic forward only/first -behavior, or to not forward -at all. See -.Sx THE ZONE STATEMENT -section for more information. -.Pp -Future versions of BIND 8 will provide a more powerful forwarding -system. The syntax described above will continue to be supported. -.Ss Name Checking -The server can check domain names based upon their expected client contexts. -For example, a domain name used as a hostname can be checked for compliance -with the RFCs defining valid hostnames. -.Pp -Three checking methods are available: -.Bl -tag -width 0n -.It Ic ignore -No checking is done. -.It Ic warn -Names are checked against their expected client contexts. Invalid names are -logged, but processing continues normally. -.It Ic fail -Names are checked against their expected client contexts. Invalid names are -logged, and the offending data is rejected. -.El -.Pp -The server can check names three areas: master zone files, slave -zone files, and in responses to queries the server has initiated. If -.Ic check-names response fail -has been specified, and -answering the client's question would require sending an invalid name -to the client, the server will send a -.Dv REFUSED -response code to the client. -.Pp -The defaults are: -.Bd -literal - check-names master fail; - check-names slave warn; - check-names response ignore; -.Ed -.Pp -.Ic check-names -may also be specified in the -.Ic zone -statement, in which case it overrides the -.Ic options check-names -statement. When used in a -.Ic zone -statement, the area is not specified (because it can be deduced from -the zone type). -.Ss Access Control -Access to the server can be restricted based on the IP address of the -requesting system or via shared secret keys. See -.Sx ADDRESS MATCH LISTS -for details on how to specify access criteria. -.Bl -tag -width 0n -.It Ic allow-query -Specifies which hosts are allowed to ask ordinary questions. -.Ic allow-query -may also be specified in the -.Ic zone -statement, in which case it overrides the -.Ic options allow-query -statement. If not specified, the default is to allow queries -from all hosts. -.Bl -tag -width 0n -.It Ic allow-recursion -Specifies which hosts are allowed to ask recursive questions. -If not specified, the default is to allow recursive queries -from all hosts. -.It Ic allow-transfer -Specifies which hosts are allowed to receive zone transfers from the -server. -.Ic allow-transfer -may also be specified in the -.Ic zone -statement, in which case it overrides the -.Ic options allow-transfer -statement. If not specified, the default -is to allow transfers from all hosts. -.It Ic blackhole -Specifies a list of addresses that the server will not accept queries from -or use to resolve a query. Queries from these addresses will not be -responded to. -.El -.El -.Ss Interfaces -The interfaces and ports that the server will answer queries from may -be specified using the -.Ic listen-on -option. -.Ic listen-on -takes an optional port, and an address match list. -The server will listen on all interfaces allowed by the address match -list. If a port is not specified, port 53 will be used. -.Pp -Multiple -.Ic listen-on -statements are allowed. For example, -.Bd -literal - listen-on { 5.6.7.8; }; - listen-on port 1234 { !1.2.3.4; 1.2/16; }; -.Ed -.Pp -will enable the nameserver on port 53 for the IP address 5.6.7.8, and -on port 1234 of an address on the machine in net 1.2 that is not -1.2.3.4. -.Pp -If no -.Ic listen-on -is specified, the server will listen on port -53 on all interfaces. -.Ss Query Address -If the server doesn't know the answer to a question, it will query -other nameservers. -.Ic query-source -specifies the address and port used for such queries. If -.Ic address -is -.Li * -or is omitted, a wildcard IP address -( -.Dv INADDR_ANY ) -will be used. If -.Va port -is -.Li * -or is omitted, a random unprivileged port will be used. -The default is -.Dl query-source address * port *; -.Pp -Note: -.Ic query-source -currently applies only to UDP queries; -TCP queries always use a wildcard IP address and a random unprivileged -port. -.Ss Zone Transfers -.Bl -tag -width 0n -.It Ic max-transfer-time-in -Inbound zone transfers ( -.Nm named-xfer -processes) running -longer than this many minutes will be terminated. -The default is 120 minutes (2 hours). -.It Ic transfer-format -The server supports two zone transfer methods. -.Li one-answer -uses one DNS message per resource record -transferred. -.Li many-answers -packs as many resource records -as possible into a message. -.Li many-answers -is more efficient, but is only known to be understood by BIND 8.1 and -patched versions of BIND 4.9.5. The default is -.Li one-answer . -.Ic transfer-format -may be overridden on a per-server basis by using the -.Ic server -statement. -.It Ic transfers-in -The maximum number of inbound zone transfers that can be running -concurrently. The default value is 10. Increasing -.Ic transfers-in -may speed up the convergence of slave zones, -but it also may increase the load on the local system. -.It Ic transfers-out -This option will be used in the future to limit the number of -concurrent outbound zone transfers. It is checked for syntax, but is -otherwise ignored. -.It Ic transfers-per-ns -The maximum number of inbound zone transfers ( -.Nm named-xfer -processes) that can be concurrently transferring from a given remote -nameserver. The default value is 2. Increasing -.Ic transfers-per-ns -may speed up the convergence of slave zones, but it also may increase -the load on the remote nameserver. -.Ic transfers-per-ns -may be overridden on a per-server basis by using the -.Ic transfers -phrase of the -.Ic server -statement. -.It Ic transfer-source -.Nm transfer-source -determines which local address will be bound to the TCP connection used to fetch all zones -transferred inbound by the server. If not set, it defaults to a system controlled value which will usually be the address of the interface ``closest to`` the remote end. This -address must appear in the remote end's -.Nm allow-transfer -option for the zones being transferred, if one is specified. This statement sets the -.Nm transfer-source -for all zones, but can be overriden on a per-zone basis by includinga -.Nm transfer-source -statement within the zone block in the configuration file. -.El -.Ss Resource Limits -The server's usage of many system resources can be limited. Some -operating systems don't support some of the limits. On such systems, -a warning will be issued if the unsupported limit is used. Some -operating systems don't support limiting resources, and on these systems -a -.D1 cannot set resource limits on this system -message will -be logged. -.Pp -Scaled values are allowed when specifying resource limits. For -example, -.Li 1G -can be used instead of -.Li 1073741824 -to specify a limit of one gigabyte. -.Li unlimited -requests unlimited use, or the maximum -available amount. -.Li default -uses the limit that was in -force when the server was started. -See the definition of -.Va size_spec -in the -.Sx DOCUMENTATION DEFINITIONS -section for more details. -.Bl -tag -width 0n -.It Ic coresize -The maximum size of a core dump. The default value is -.Li default . -.It Ic datasize -The maximum amount of data memory the server may use. The default -value is -.Li default . -.It Ic files -The maximum number of files the server may have open concurrently. -The default value is -.Li unlimited . -Note that on some operating systems the server cannot set an unlimited -value and cannot determine the maximum number of open files the kernel -can support. On such systems, choosing -.Li unlimited -will cause the server to use -the larger of the -.Va rlim_max -from -.Fn getrlimit RLIMIT_NOFILE -and the value returned by -.Fn sysconf _SC_OPEN_MAX . -If the -actual kernel limit is larger than this value, use -.Ic limit files -to specify the limit explicitly. -.It Ic max-ixfr-log-size -The -.Li max-ixfr-log-size -will be used in a future release of the server to limit the size of the transaction -log kept for Incremental Zone Transfer. -.It Ic stacksize -The maximum amount of stack memory the server may use. The default value is -.Li default . -.El -.Ss Periodic Task Intervals -.Bl -tag -width 0n -.It Ic cleaning-interval -The server will remove expired resource records from the cache every -.Ic cleaning-interval -minutes. The default is 60 minutes. If set -to 0, no periodic cleaning will occur. -.It Ic heartbeat-interval -The server will perform zone maintenance tasks for all zones marked -.Ic dialup yes -whenever this interval expires. -The default is 60 minutes. Reasonable values are up to 1 day (1440 minutes). -If set to 0, no zone maintenance for these zones will occur. -.It Ic interface-interval -The server will scan the network interface list every -.Ic interface-interval -minutes. The default is 60 minutes. -If set to 0, interface scanning will only occur when the configuration -file is loaded. After the scan, listeners will be started on any new -interfaces (provided they are allowed by the -.Ic listen-on -configuration). Listeners on interfaces that have gone away will be -cleaned up. -.It Ic statistics-interval -Nameserver statistics will be logged every -.Ic statistics-interval -minutes. The default is 60. If set to 0, no statistics will be logged. -.El -.Ss Topology -All other things being equal, when the server chooses a nameserver -to query from a list of nameservers, it prefers the one that is -topologically closest to itself. The -.Ic topology -statement takes an address match list and interprets it in a special way. -Each top-level list element is assigned a distance. -Non-negated elements get a distance based on -their position in the list, where the closer the match is to the start -of the list, the shorter the distance is between it and the server. A -negated match will be assigned the maximum distance from the server. -If there is no match, the address will get a distance which is further -than any non-negated list element, and closer than any negated -element. For example, -.Bd -literal - topology { - 10/8; - !1.2.3/24; - { 1.2/16; 3/8; }; - }; -.Ed -.Pp -will prefer servers on network 10 the most, followed by hosts on -network 1.2.0.0 (netmask 255.255.0.0) and network 3, with the exception -of hosts on network 1.2.3 (netmask 255.255.255.0), which is preferred least -of all. -.Pp -The default topology is -.Dl topology { localhost; localnets; }; -.Ss Resource Record sorting -When returning multiple RRs, the nameserver will normally return them in -.Ic Round Robin , -i.e. after each request, the first RR is put to the end of the list. -As the order of RRs is not defined, this should not cause any problems. -.Pp -The client resolver code should re-arrange the RRs as appropriate, i.e. using -any addresses on the local net in preference to other addresses. However, not all -resolvers can do this, or are not correctly configured. -.Pp -When a client is using a local server, the sorting can be performed in the server, -based on the client's address. This only requires configuring the nameservers, -not all the clients. -.Pp -The -.Ic sortlist -statement takes an address match list and interprets it even more -specially than the -.Ic topology -statement does. -.Pp -Each top level statement in the sortlist must itself be an explicit address match -list with one or two elements. The first element (which may be an IP address, -an IP prefix, an ACL name or nested address match list) of each top level list is -checked against the source address of the query until a match is found. -.Pp -Once the source address of the query has been matched, if the top level -statement contains only one element, the actual primitive element that -matched the source address is used to select the address in the response to -move to the beginning of the response. If the statement is a list of two elements, -the second element is treated like the address match list in a topology -statement. Each top level element is assigned a distance and the address in the -response with the minimum distance is moved to the beginning of the response. -.Pp -In the following example, any queries received from any of the addresses of the -host itself will get responses preferring addresses on any of the locally -connected networks. Next most preferred are addresses on the 192.168.1/24 -network, and after that either the 192.168.2/24 or 192.168.3/24 network with no -preference shown between these two networks. Queries received from a host on -the 192.168.1/24 network will prefer other addresses on that network to the -192.168.2/24 and 192.168.3/24 networks. Queries received from a host on the -192.168.4/24 or the 192.168.5/24 network will only prefer other addresses on -their directly connected networks. -.Bd -literal -sortlist { - { localhost; // IF the local host - { localnets; // THEN first fit on the - 192.168.1/24; // following nets - { 192,168.2/24; 192.168.3/24; }; }; }; - { 192.168.1/24; // IF on class C 192.168.1 - { 192.168.1/24; // THEN use .1, or .2 or .3 - { 192.168.2/24; 192.168.3/24; }; }; }; - { 192.168.2/24; // IF on class C 192.168.2 - { 192.168.2/24; // THEN use .2, or .1 or .3 - { 192.168.1/24; 192.168.3/24; }; }; }; - { 192.168.3/24; // IF on class C 192.168.3 - { 192.168.3/24; // THEN use .3, or .1 or .2 - { 192.168.1/24; 192.168.2/24; }; }; }; - { { 192.168.4/24; 192.168.5/24; }; // if .4 or .5, prefer that net - }; -}; -.Ed -.Pp -The following example will give reasonable behaviour for the local host and -hosts on directly connected networks. It is similar to the behavior of the -address sort in BIND 4.9.x. Responses sent to queries from the local host will -favor any of the directly connected networks. Responses sent to queries from -any other hosts on a directly connected network will prefer addresses on that -same network. Responses to other queries will not be sorted. -.Bd -literal -sortlist { - { localhost; localnets; }; - { localnets; }; -}; -.Ed -.Ss RRset Ordering -When multiple records are returned in an answer it may be useful to configure -the order the records are placed into the response. For example the records for -a zone might be configured to always be returned in the order they are defined -in the zone file. Or perhaps a random shuffle of the records as they are -returned is wanted. The rrset-order statement permits configuration of the -ordering made of the records in a multiple record response. The default, if no -ordering is defined, is a cyclic ordering (round robin). -.Pp -An -.Ic order_spec -is defined as follows: -.Bd -literal - [ \fIclass class_name\fR ][ \fItype type_name\fR ][ \fIname\fR "FQDN" ] \fIorder\fR ordering -.Ed -.Pp -If no class is specified, the default is -.Ic ANY . -If no -.Li Ictype -is specified, the default is -.Ic ANY . -If no name is specified, the default is "*". -.Pp -The legal values for -.Ic ordering -are: -.Bl -tag -width indent -.It Ic fixed -Records are returned in the order they are defined in the zone file. -.It Ic random -Records are returned in some random order. -.It Ic cyclic -Records are returned in a round-robin order. -.El -.Pp -For example: -.Bd -literal - rrset-order { - class IN type A name "rc.vix.com" order random; - order cyclic; - }; -.Ed -.Pp -will cause any responses for type A records in class IN that have "rc.vix.com" as -a suffix, to always be returned in random order. All other records are returned -in cyclic order. -.Pp -If multiple -.Ic rrset-order -statements appear, they are not combined--the last one applies. -.Pp -If no -.Ic rrset-order -statement is specified, a default one of: -.Bd -literal - rrset-order { class ANY type ANY name "*" order cyclic ; }; -.Ed -.Pp -is used. -.Ss Glue Ordering -When running a root nameserver it is sometimes necessary to ensure that other -nameservers that are priming are successful. -This requires that glue A records for at least of the nameservers are returned -in the answer to a priming query. -This can be achieved by setting -.Ic preferred-glue A; -which will add A records before other types in the additional section. -.Ss Tuning -.Bl -tag -width 0n -.It Ic lame-ttl -Sets the number of seconds to cache a lame server indication. 0 disables -caching. Default is 600 (10 minutes). Maximum value is 1800 (30 minutes) -.It Ic max-ncache-ttl -To reduce network traffic and increase performance the server store negative -answers. -.Ic max-ncache-ttl -is used to set a maximum retention time -for these answers in the server is seconds. The default -.Ic max-ncache-ttl -is 10800 seconds (3 hours). -.Ic max-ncache-ttl -cannot exceed the maximum retention time for ordinary (positive) -answers (7 days) and will be silently truncated to 7 days if set to a -value which is greater that 7 days. -.It Ic min-roots -The minimum number of root servers that is required for a request for the root -servers to be accepted. Default is 2. -.El -.Sh THE ZONE STATEMENT -.Ss Syntax -.Bd -literal -zone \fIdomain_name\fR [ ( in | hs | hesiod | chaos ) ] { - type master; - file \fIpath_name\fR; - [ check-names ( warn | fail | ignore ); ] - [ allow-update { \fIaddress_match_list\fR }; ] - [ allow-query { \fIaddress_match_list\fR }; ] - [ allow-transfer { \fIaddress_match_list\fR }; ] - [ forward ( only | first ); ] - [ forwarders { [ \fIip_addr\fR ; [ \fIip_addr\fR ; ... ] ] }; ] - [ dialup \fIyes_or_no\fR; ] - [ notify ( \fIyes_or_no\fR | explicit ); ] - [ also-notify { \fIip_addr\fR; [ \fIip_addr\fR; ... ] }; - [ pubkey \fInumber\fR \fInumber\fR \fInumber\fR \fIstring\fR; ] -}; -.Pp -zone \fIdomain_name\fR [ ( in | hs | hesiod | chaos ) ] { - type ( slave | stub ); - [ file \fIpath_name\fR; ] - masters [ port \fIip_port\fR ] { \fIip_addr\fR [ key \fIkey_id\fR ]; [ ... ] }; - [ check-names ( warn | fail | ignore ); ] - [ allow-update { \fIaddress_match_list\fR }; ] - [ allow-query { \fIaddress_match_list\fR }; ] - [ allow-transfer { \fIaddress_match_list\fR }; ] - [ forward ( only | first ); ] - [ forwarders { [ \fIip_addr\fR ; [ \fIip_addr\fR ; ... ] ] }; ] - [ transfer-source \fIip_addr\fR; ] - [ max-transfer-time-in \fInumber\fR; ] - [ notify \fIyes_or_no\fR; ] - [ also-notify { \fIip_addr\fR; [ \fIip_addr\fR; ... ] }; - [ pubkey \fInumber\fR \fInumber\fR \fInumber\fR \fIstring\fR; ] -}; -.Pp -zone \fIdomain_name\fR [ ( in | hs | hesiod | chaos ) ] { - type forward; - [ forward ( only | first ); ] - [ forwarders { [ \fIip_addr\fR ; [ \fIip_addr\fR ; ... ] ] }; ] - [ check-names ( warn | fail | ignore ); ] -}; -.Pp -zone \&".\&" [ ( in | hs | hesiod | chaos ) ] { - type hint; - file \fIpath_name\fR; - [ check-names ( warn | fail | ignore ); ] -}; -.Ed -.Ss Definition and Usage -The -.Ic zone -statement is used to define how information about particular DNS zones -is managed by the server. There are five different zone types. -.Bl -tag -width 0n -.It Ic master -The server has a master copy of the data for the zone and will be able -to provide authoritative answers for it. -.It Ic slave -A -.Ic slave -zone is a replica of a master zone. The -.Ic masters -list specifies one or more IP addresses that the slave contacts to -update its copy of the zone. If a -.Ic port -is specified then checks to see if the zone is current and zone transfers -will be done to the port given. If -.Ic file -is specified, then the replica will be written to the named file. -Use of the -.Ic file -clause is highly recommended, since it often speeds server startup -and eliminates a needless waste of bandwidth. -.It Ic stub -A -.Ic stub -zone is like a slave zone, except that it replicates -only the NS records of a master zone instead of the entire zone. -.It Ic forward -A -.Ic forward -zone is used to direct all queries in it to other servers, as described in -.Sx THE OPTIONS STATEMENT -section. The specification of options in such a zone will override -any global options declared in the -.Ic options -statement. -.Pp -If either no -.Ic forwarders -clause is present in the zone or an empty list for -.Ic forwarders -is given, then no forwarding will be done for the zone, cancelling the -effects of any -.Ic forwarders -in the -.Ic options -statement. -Thus if you want to use this type of zone to change only the behavior of -the global -.Ic forward -option, and not the servers used, then you also need to respecify the -global forwarders. -.It Ic hint -The initial set of root nameservers is specified using a -.Ic hint -zone. When the server starts up, it uses the root hints -to find a root nameserver and get the most recent list of root nameservers. -.El -.Pp -Note: previous releases of BIND used the term -.Ic primary -for a master zone, -.Ic secondary -for a slave zone, and -.Ic cache -for a hint zone. -.Ss Classes -The zone's name may optionally be followed by a class. If a class is not -specified, class -.Ic in -(for "internet"), is assumed. This is correct for the vast majority -of cases. -.Pp -The -.Ic hesiod -class is for an information service from MIT's Project Athena. It is -used to share information about various systems databases, such as -users, groups, printers and so on. More information can be found at -ftp://athena-dist.mit.edu/pub/ATHENA/usenix/athena_changes.PS. -The keyword -.Ic hs -is a synonym for -.Ic hesiod . -.Pp -Another MIT development was CHAOSnet, a LAN protocol created in the -mid-1970s. It is still sometimes seen on LISP stations and other -hardware in the AI community, and zone data for it can be specified -with the -.Ic chaos -class. -.Ss Options -.Bl -tag -width 0n -.It Ic check-names -See the subsection on -.Sx Name Checking -in -.Sx THE OPTIONS STATEMENT . -.It Ic allow-query -See the description of -.Ic allow-query -in the -.Sx Access Control -subsection of -.Sx THE OPTIONS STATEMENT . -.It Ic allow-update -Specifies which hosts are allowed to submit Dynamic DNS updates to the -server. The default is to deny updates from all hosts. -.It Ic allow-transfer -See the description of -.Ic allow-transfer -in the -.Sx Access Control -subsection of -.Sx THE OPTIONS STATEMENT . -.It Ic transfer-source -.Ic transfer-source -determines which local address will be bound to the TCP connection -used to fetch this zone. If not set, it defaults to a system -controlled value which will usually be the address of the interface -``closest to'' the remote end. This address must appear in the remote end's -.Ic allow-transfer -option for this zone if one is specified. -.It Ic max-transfer-time-in -See the description of -.Ic max-transfer-time-in -in the -.Sx Zone Transfers -subsection of -.Sx THE OPTIONS STATEMENT . -.It Ic dialup -See the description of -.Ic dialup -in the -.Sx Boolean Options -subsection of -.Sx THE OPTIONS STATEMENT . -.It Ic notify -See the description of -.Sx notify -in the -.Sx Boolean Options -subsection of the -.Sx THE OPTIONS STATEMENT . -.It Ic also-notify -.Ic also-notify -is only meaningful if -.Ic notify -is active for this zone. -The set of machines that will receive a DNS NOTIFY message for this -zone is made up of all the listed nameservers for the zone (other than -the primary master) plus any IP addresses specified with -.Ic also-notify . -.Ic also-notify -is not meaningful for -.Ic stub -zones. The default is the empty list. -.It Ic forward -.Ic forward -is only meaningful if the zone has a -.Ic forwarders -list. The -.Ic only -value causes the lookup to fail after trying the -.Ic forwarders -and getting no answer, while -.Ic first -would allow a normal lookup to be tried. -.It Ic forwarders -The -.Ic forwarders -option in a zone is used to override the list of global forwarders. -If it is not specified in a zone of type -.Ic forward , -.Em no -forwarding is done for the zone; the global options are not used. -.It Ic pubkey -The DNSSEC flags, protocol, and algorithm are specified, as well as a base-64 -encoded string representing the key. -.El -.Sh THE ACL STATEMENT -.Ss Syntax -.Bd -literal -acl \fIname\fR { - \fIaddress_match_list\fR -}; -.Ed -.Ss Definition and Usage -The -.Ic acl -statement creates a named address match list. -It gets its name from a primary use of address match lists: Access -Control Lists (ACLs). -.Pp -Note that an address match list's name must be defined with -.Ic acl -before it can be used elsewhere; no forward -references are allowed. -.Pp -The following ACLs are built-in: -.Bl -tag -width 0n -.It Ic any -Allows all hosts. -.It Ic none -Denies all hosts. -.It Ic localhost -Allows the IP addresses of all interfaces on the system. -.It Ic localnets -Allows any host on a network for which the system has an interface. -.El -.Sh THE KEY STATEMENT -.Ss Syntax -.Bd -literal -key \fIkey_id\fR { - algorithm \fIalgorithm_id\fR; - secret \fIsecret_string\fR; -}; -.Ed -.Ss Definition and Usage -The -.Ic key -statement defines a key ID which can be used in a -.Ic server -statement to associate a method of authentication with a particular -name server that is more rigorous than simple IP address matching. -A key ID must be created with the -.Ic key -statement before it can be used in a -.Ic server -definition or an address match list. -.Pp -The -.Va algorithm_id -is a string that specifies a -security/authentication algorithm. -.Va secret_string -is the secret to be used by the algorithm, -and is treated as a base-64 encoded string. -It should go without saying, but probably can't, -that if you have -.Va secret_string 's -in your -.Pa named.conf , -then it should not be readable by anyone but the superuser. -.Sh THE TRUSTED-KEYS STATEMENT -.Ss Syntax -.Bd -literal -trusted-keys { - [ \fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ] -}; -.Ed -.Ss Definition and Usage -The -.Ic trusted-keys -statement is for use with DNSSEC-style security, originally specified -in RFC 2065. DNSSEC is meant to -provide three distinct services: key distribution, data origin -authentication, and transaction and request authentication. A -complete description of DNSSEC and its use is beyond the scope of this -document, and readers interested in more information should start with -RFC 2065 and then continue with the Internet Drafts available at -http://www.ietf.org/ids.by.wg/dnssec.html. -.Pp -Each trusted key is associated with a domain name. Its attributes are -the non-negative integral -.Va flags , -.Va protocol , -and -.Va algorithm , -as well as a base-64 encoded string representing the -.Va key . -.Pp -Any number of trusted keys can be specified. -.Sh THE SERVER STATEMENT -.Ss Syntax -.Bd -literal -server \fIip_addr\fR { - [ edns \fIyes_or_no\fR; ] - [ bogus \fIyes_or_no\fR; ] - [ support-ixfr \fIyes_or_no\fR; ] - [ transfers \fInumber\fR; ] - [ transfer-format ( one-answer | many-answers ); ] - [ keys { \fIkey_id\fR [ \fIkey_id\fR ... ] }; ] -}; -.Ed -.Ss Definition and Usage -The server statement defines the characteristics to be -associated with a remote name server. -.Pp -If you discover that a server does not support EDNS you can prevent -named making EDNS queries to it by specifying -.Ic edns -.Ic no; . -The default value of -.Ic edns -is -.Ic yes . -.Pp -If you discover that a server is giving out bad data, marking it as -.Ic bogus -will prevent further queries to it. The default value of -.Ic bogus -is -.Li no . -.Pp -If the server supports IXFR you can tell named to attempt to -perform a IXFR style zone transfer by specifing -.Ic support-ixfr -.Li yes . -The default value of -.Ic support-ixfr -is -.Li no . -.Pp -The server supports two zone transfer methods. The first, -.Ic one-answer , -uses one DNS message per resource record transferred. -.Ic many-answers -packs as many resource records as possible into a message. -.Ic many-answers -is more efficient, but is only known to be understood by BIND 8.1 and -patched versions of BIND 4.9.5. You can specify which method to use -for a server with the -.Ic transfer-format -option. If -.Ic transfer-format -is not specified, the -.Ic transfer-format -specified by the -.Ic options -statement will be used. -.Pp -The -.Ic transfers -will be used in a future release of the server to limit the number of -concurrent in-bound zone transfers from the specified server. It is -checked for syntax but is otherwise ignored. -.Pp -The -.Ic keys -clause is used to identify a -.Va key_id -defined by the -.Ic key -statement, to be used for transaction security when talking to the -remote server. -The -.Ic key -statememnt must come before the -.Ic server -statement that references it. -.Pp -The -.Ic keys -statement is intended for future use by the -server. It is checked for syntax but is otherwise ignored. -.Sh THE CONTROLS STATEMENT -.Ss Syntax -.Bd -literal -controls { - [ inet \fIip_addr\fR - port \fIip_port\fR - allow { \fIaddress_match_list\fR; }; ] - [ unix \fIpath_name\fR - perm \fInumber\fR - owner \fInumber\fR - group \fInumber\fR; ] -}; -.Ed -.Ss Definition and Usage -The -.Ic controls -statement declares control channels to be used by system -administrators to affect the operation of the local name server. -These control channels are used by the -.Nm ndc -utility to send commands -to and retrieve non-DNS results from a name server. -.Pp -A -.Ic unix -control channel is a FIFO in the file system, and access to it is -controlled by normal file system permissions. It is created by -.Nm named -with the specified file mode bits (see -.Xr chmod 1 ) , -user and group owner. Note that, unlike -.Nm chmod , -the mode bits specified for -.Ic perm -will normally have a leading -.Li 0 -so the number is interpreted as octal. Also note that the user and -group ownership specified as -.Ic owner -and -.Ic group -must be given as numbers, not names. -It is recommended that the -permissions be restricted to administrative personnel only, or else any -user on the system might be able to manage the local name server. -.Pp -An -.Ic inet -control channel is a TCP/IP socket accessible to the Internet, created -at the specified -.Va ip_port -on the specified -.Va ip_addr . -Modern -.Nm telnet -clients are capable of speaking directly to these -sockets, and the control protocol is ARPAnet-style text. -It is recommended that 127.0.0.1 be the only -.Va ip_addr -used, and this only if you trust all non-privileged users on the local -host to manage your name server. -.Sh THE INCLUDE STATEMENT -.Ss Syntax -.Bd -literal -include \fIpath_name\fR; -.Ed -.Ss Definition and Usage -The -.Ic include -statement inserts the specified file at the point that the -.Ic include -statement is encountered. It cannot be used within another statement, -though, so a line such as -.Dl acl internal_hosts { include "internal_hosts.acl"; }; -is not allowed. -.Pp -Use -.Ic include -to break the configuration up into easily-managed chunks. -For example: -.Bd -literal -include "/etc/security/keys.bind"; -include "/etc/acls.bind"; -.Ed -.Pp -could be used at the top of a BIND configuration file in order to -include any ACL or key information. -.Pp -Be careful not to type -``#include'', like you would in a C program, because -``#'' is used to start a comment. -.Sh EXAMPLES -The simplest configuration file that is still realistically useful is -one which simply defines a hint zone that has a full path to the root -servers file. -.Bd -literal -zone \&".\&" in { - type hint; - file \&"/var/named/root.cache\&"; -}; -.Ed -.Pp -Here's a more typical real-world example. -.Bd -literal -/* - * A simple BIND 8 configuration - */ -.Pp -logging { - category lame-servers { null; }; - category cname { null; }; -}; -.Pp -options { - directory \&"/var/named\&"; -}; -.Pp -controls { - inet * port 52 allow { any; }; // a bad idea - unix \&"/var/run/ndc\&" perm 0600 owner 0 group 0; // the default -}; -.Pp -zone \&"isc.org\&" in { - type master; - file \&"master/isc.org\&"; -}; -.Pp -zone \&"vix.com\&" in { - type slave; - file \&"slave/vix.com\&"; - masters { 10.0.0.53; }; -}; -.Pp -zone \&"0.0.127.in-addr.arpa\&" in { - type master; - file \&"master/127.0.0\&"; -}; -.Pp -zone \&".\&" in { - type hint; - file \&"root.cache\&"; -}; -.Ed -.Sh FILES -.Bl -tag -width 0n -compact -.It Pa /etc/named.conf -The BIND 8 -.Nm named -configuration file. -.El -.Sh SEE ALSO -.Xr named 8 , -.Xr ndc 8 diff --git a/contrib/bind/doc/man/ndc.8 b/contrib/bind/doc/man/ndc.8 deleted file mode 100644 index 33a70768ec15..000000000000 --- a/contrib/bind/doc/man/ndc.8 +++ /dev/null @@ -1,133 +0,0 @@ -.\" Copyright (c) 1998,1999 by Internet Software Consortium -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" -.Dd December 31, 1998 -.Dt @INDOT_U@NDC @SYS_OPS_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm ndc -.Nd name daemon control program -.Sh SYNOPSIS -.Nm ndc -.Op Fl c Ar channel -.Op Fl l Ar localsock -.Op Fl p Ar pidfile -.Op Fl d -.Op Fl q -.Op Fl s -.Op Fl t -.Op Ar command -.Sh DESCRIPTION -This command allows the system administrator to control the operation -of a name server. If no -.Ar command -is given, -.Ic ndc -will prompt for commands until it reads EOF. -.Pp -Options are: -.Bl -tag -width Fl -.It Fl c Ar channel -Specifies the rendezvous point for the control channel. The default is -.Pa /var/run/ndc -(a UNIX domain socket which is also the server's default control channel). -If the desired control channel is a TCP/IP socket, then the format of the -.Ar channel -argument is -.Sy ipaddr/port -(for example, -.Sy 127.0.0.1/54 -would be TCP port 54 on the local host.) -.It Fl l Ar localsock -This option will -.Xr bind 2 -the client side of the control channel to a specific address. Servers can -be configured to reject connections which do not come from specific addresses. -The format is the same as for -.Ar channel -(see above). -.It Fl p Ar pidfile -For backward compatibility with older name servers, -.Ic ndc -is able to use UNIX signals for control communications. This capability is -optional in modern name servers and will disappear altogether at some future -time. Note that the available -.Ar command -set is narrower when the signal interface is used. A likely -.Ar pidfile -argument would be something like -.Pa /var/run/named.pid . -.It Fl d -Turns on debugging output, which is of interest mainly to developers. -.It Fl q -Suppresses prompts and result text. -.It Fl s -Suppresses nonfatal error announcements. -.It Fl t -Turns on protocol and system tracing, useful in installation debugging. -.El -.Sh COMMANDS -Several commands are built into -.Ic ndc , -but the full set of commands supported by the name server is dynamic and -should be discovered using the -.Ar help -command (see below). Builtin commands are: -.Bl -tag -width Fl -.It Ar /help -Provides help for builtin commands. -.It Ar /exit -Exit from -.Ic ndc -command interpreter. -.It Ar /trace -Toggle tracing (see -.Fl t -description above). -.It Ar /debug -Toggle debugging (see -.Fl d -description above). -.It Ar /quiet -Toggle quietude (see -.Fl q -description above). -.It Ar /silent -Toggle silence (see -.Fl s -description above). -.El -.Sh NOTES -If running in -.Ar pidfile -mode, any arguments to -.Ar start -and -.Ar restart -commands are passed to the new -.Ic @INDOT@named -on its command line. If running in -.Ar channel -mode, there is no -.Ar start -command and the -.Ar restart -command just tells the name server to -.Xr execvp @LIB_C_EXT@ -itself. -.Sh AUTHOR -Paul Vixie (Internet Software Consortium) -.Sh SEE ALSO -.Xr @INDOT@named @SYS_OPS_EXT@ , diff --git a/contrib/bind/doc/man/nslookup.8 b/contrib/bind/doc/man/nslookup.8 deleted file mode 100644 index 54c45b67d9a7..000000000000 --- a/contrib/bind/doc/man/nslookup.8 +++ /dev/null @@ -1,535 +0,0 @@ -.\" -.\" ++Copyright++ 1985, 1989 -.\" - -.\" Copyright (c) 1985, 1989 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" - -.\" Portions Copyright (c) 1993 by Digital Equipment Corporation. -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies, and that -.\" the name of Digital Equipment Corporation not be used in advertising or -.\" publicity pertaining to distribution of the document or software without -.\" specific, written prior permission. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL -.\" WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT -.\" CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" - -.\" --Copyright-- -.\" -.\" @(#)nslookup.8 5.3 (Berkeley) 6/24/90 -.\" -.Dd June 24, 1990 -.Dt NSLOOKUP @SYS_OPS_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm nslookup -.Nd query Internet name servers interactively -.Sh SYNOPSIS -.Nm nslookup -.Op Fl option Ar ... -.Op Ar host-to-find | Fl Op Ar server -.Sh DESCRIPTION -.Ic Nslookup -is a program to query Internet domain name servers. -.Ic Nslookup -has two modes: interactive and non-interactive. -Interactive mode allows the user to query name servers for -information about various hosts and domains or to print a list of hosts -in a domain. -Non-interactive mode is used to print just the name and requested information -for a host or domain. -.Sh ARGUMENTS -Interactive mode is entered in the following cases: -.Bl -tag -width "a) " -.It a) -when no arguments are given (the default name server will be used), -.It b) -when the first argument is a hyphen (-) and the second argument -is the host name or Internet address of a name server. -.El -.Pp -Non-interactive mode is used when the name or Internet address -of the host to be looked up -is given as the first argument. The optional second argument specifies -the host name or address of a name server. -.Pp -The options listed under the -.Dq Li set -command below can be specified in -the -.Pa .nslookuprc -file in the user's home directory if they are listed -one per line. Options can also be specified -on the command line if they precede the arguments and are prefixed with -a hyphen. For example, to change the default query type to host information, -and the initial timeout to 10 seconds, type: -.Bd -literal -offset indent - nslookup -query=hinfo -timeout=10 -.Ed -.Sh INTERACTIVE COMMANDS -Commands may be interrupted at any time by typing a control-C. -To exit, type a control-D -.Pq Dv EOF -or type -.Li exit . -The command line length must be less than 256 characters. -To treat a built-in command as a host name, -precede it with an escape character -.Pq .&\\ . -.Sy N.B.: An unrecognized command will be interpreted as a host name. -.Bl -tag -width "lserver" -.It Ar host Op Ar server -Look up information for -.Ar host -using the current default server or using -.Ar server , -if specified. -If -.Ar host -is an Internet address and the query type is -.Dv A -or -.Dv PTR , -the name of the host is returned. -If -.Ar host -is a name and does not have a trailing period, the default -domain name is appended to the name. (This behavior depends on the state of the -.Ic set -options -.Ic domain , srchlist , defname , -and -.Ic search . ) -.Pp -To look up a host not in the current domain, append a period to -the name. -.It Ic server Ar domain -.It Ic lserver Ar domain -Change the default server to -.Ar domain ; -.Ic lserver -uses the initial server to look up information about -.Ar domain , -while -.Ic server -uses the current default server. -If an authoritative answer can't be found, the names of servers -that might have the answer are returned. -.It Ic root -Changes the default server to the server for the root of the domain name space. -Currently, the host -.Li ns.internic.net -is used. -(This command is a synonym for -.Dq Ic lserver ns.internic.net . ) -The name of the root server can be changed with the -.Dq Ic set root -command. -.It Xo Ic finger Op Ar name -.Op Ic > Ar filename -.Xc -.It Xo Ic finger Op Ar name -.Op Ic >> Ar filename -.Xc -Connects with the finger server on the current host. -The current host is defined when a previous lookup for a host -was successful and returned address information (see the -.Dq Ic set querytype Ns = Ns Dv A -command). -The -.Ar name -is optional. -.Ic > -and -.Ic >> -can be used to redirect output in the usual manner. -.It Xo Ic ls Op Ar option -.Ar domain Op Ic > Ar filename -.Xc -.It Xo Ic ls Op Ar option -.Ar domain Op Ic >> Ar filename -.Xc -List the information available for -.Ar domain , -optionally creating or appending to -.Ar filename . -The default output contains host names and their Internet addresses. -.Ar Option -can be one of the following: -.Bl -tag -width "-a " -.It Fl t Ar querytype -lists all records of the specified type (see -.Ar querytype -below). -.It Fl a -lists aliases of hosts in the domain; -synonym for -.Dq Fl t Dv CNAME . -.It Fl d -lists all records for the domain; -synonym for -.Dq Fl t Dv ANY . -.It Fl h -lists CPU and operating system information for the domain; -synonym for -.Dq Fl t Dv HINFO . -.It Fl s -lists well-known services of hosts in the domain; -synonym for -.Dq Fl t Dv WKS . -.El -.Pp -When output is directed to a file, hash marks are printed for every -50 records received from the server. -.It Ic view Ar filename -Sorts and lists the output of previous -.Ic ls -command(s) with -.Xr more @CMD_EXT@ . -.It Ic help -.It Ic ?\& -Prints a brief summary of commands. -.It Ic exit -Exits the program. -.It Xo -.Ic set -.Ar keyword Ns Op = Ns Ar value -.Xc -This command is used to change state information that affects the lookups. -Valid keywords are: -.Bl -tag -width "class=v" -.It Ic all -Prints the current values of the frequently-used options to -.Ic set . -Information about the current default server and host is also printed. -.It Ic class Ns = Ns Ar value -Change the query class to one of: -.Bl -tag -width "HESIOD " -.It Dv IN -the Internet class -.It Dv CHAOS -the Chaos class -.It Dv HESIOD -the MIT Athena Hesiod class -.It Dv ANY -wildcard (any of the above) -.El -.Pp -The class specifies the protocol group of the information. -.Pp -(Default = -.Dv IN ; -abbreviation = -.Ic cl ) -.It Xo -.Oo Ic no Oc Ns Ic debug -.Xc -Turn debugging mode on. A lot more information is printed about the -packet sent to the server and the resulting answer. -.Pp -(Default = -.Ic nodebug ; -abbreviation = -.Oo Ic no Oc Ns Ic deb ) -.It Xo -.Oo Ic no Oc Ns Ic d2 -.Xc -Turn exhaustive debugging mode on. -Essentially all fields of every packet are printed. -.Pp -(Default = -.Ic nod2 ) -.It Ic domain Ns = Ns Ar name -Change the default domain name to -.Ar name . -The default domain name is appended to a lookup request depending on the -state of the -.Ic defname -and -.Ic search -options. -The domain search list contains the parents of the default domain if it has -at least two components in its name. -For example, if the default domain -is CC.Berkeley.EDU, the search list is CC.Berkeley.EDU and Berkeley.EDU. -Use the -.Dq Ic set srchlist -command to specify a different list. -Use the -.Dq Ic set all -command to display the list. -.Pp -(Default = value from -.Xr hostname @CMD_EXT@ , -.Pa /etc/resolv.conf , -or -.Ev LOCALDOMAIN ; -abbreviation = -.Ic do ) -.It Xo -.Sm off -.Ic srchlist No = -.Ar name1 No / -.Ar name2 No / -.Ar ... -.Sm on -.Xc -Change the default domain name to -.Ar name1 -and the domain search list -to -.Ar name1 , name2 , -etc. A maximum of 6 names separated by slashes (/) -can be specified. -For example, -.Bd -literal -offset indent -set srchlist=lcs.MIT.EDU/ai.MIT.EDU/MIT.EDU -.Ed -.Pp -sets the domain to lcs.MIT.EDU and the search list to the three names. -This command overrides the -default domain name and search list of the -.Dq Ic set domain -command. -Use the -.Dq Ic set all -command to display the list. -.Pp -(Default = value based on -.Xr hostname @CMD_EXT@ , -.Pa /etc/resolv.conf , -or -.Ev LOCALDOMAIN ; -abbreviation = -.Ic srchl ) -.It Xo -.Oo Ic no Oc Ns Ic defname -.Xc -If set, append the default domain name to a single-component lookup request -(i.e., one that does not contain a period). -.Pp -(Default = -.Ic defname ; -abbreviation = -.Oo Ic no Oc Ns Ic defname ) -.It Xo -.Oo Ic no Oc Ns Ic search -.Xc -If the lookup request contains at least one period but -.Em doesn't -end with a trailing period, append the domain names in the domain search list -to the request until an answer is received. -.Pp -(Default = -.Ic search ; -abbreviation = -.Oo Ic no Oc Ns Ic sea ) -.It Ic port Ns = Ns Ar value -Change the default TCP/UDP name server port to -.Ar value . -.Pp -(Default = 53; -abbreviation = -.Ic \&po ) -.It Ic querytype Ns = Ns Ar value -.It Ic type Ns = Ns Ar value -Change the type of information query to one of: -.Bl -tag -width "HINFO " -.It Dv A -the host's Internet address. -.It Dv CNAME -the canonical name for an alias. -.It Dv HINFO -the host CPU and operating system type. -.It Dv MINFO -the mailbox or mail list information. -.It Dv MX -the mail exchanger. -.It Dv NS -the name server for the named zone. -.It Dv PTR -the host name if the query is an Internet address; -otherwise, the pointer to other information. -.It Dv SOA -the domain's -.Dq start-of-authority -information. -.It Dv TXT -the text information. -.It Dv UINFO -the user information. -.It Dv WKS -the supported well-known services. -.El -.Pp -Other types -.Dv ( ANY , AXFR , MB , -.Dv MD , MF , NULL ) -are described in the RFC-1035 document. -.Pp -(Default = -.Dv A ; -abbreviations = -.Ic q , ty ) -.It Xo -.Oo Ic no Oc Ns Ic recurse -.Xc -Tell the name server to query other servers if it does not have the -information. -.Pp -(Default = -.Ic recurse ; -abbreviation = -.Oo Ic no Oc Ns Ic rec ) -.It Ic retry Ns = Ns Ar number -Set the number of retries to -.Ar number . -When a reply to a request is not received within a certain -amount of time (changed with -.Dq Ic set timeout ) , -the timeout period is doubled and the request is resent. -The retry value controls how many times a request is resent before giving up. -.Pp -(Default = 4, abbreviation = -.Ic ret ) -.It Ic root Ns = Ns Ar host -Change the name of the root server to -.Ar host . -This affects the -.Dq Ic root -command. -.Pp -(Default = -.Ic ns.internic.net. ; -abbreviation = -.Ic ro ) -.It Ic timeout Ns = Ns Ar number -Change the initial timeout interval for waiting for a reply to -.Ar number -seconds. Each retry doubles the timeout period. -.Pp -(Default = 5 seconds; abbreviation = -.Ic ti ) -.It Xo -.Oo Ic no Oc Ns Ic vc -.Xc -Always use a virtual circuit when sending requests to the server. -.Pp -(Default = -.Ic novc ; -abbreviation = -.Oo Ic no Oc Ns Ic v ) -.It Xo -.Oo Ic no Oc Ns Ic ignoretc -.Xc -Ignore packet truncation errors. -.Pp -(Default = -.Ic noignoretc ; -abbreviation = -.Oo Ic no Oc Ns Ic ig ) -.El -.El -.Sh DIAGNOSTICS -If the lookup request was not successful, an error message is printed. -Possible errors are: -.Bl -tag -width "Timed" -.It Li Timed out -The server did not respond to a request after a certain amount of -time (changed with -.Dq Ic set timeout Ns = Ns Ar value ) -and a certain number of retries (changed with -.Do -.Ic set retry Ns = Ns Ar value -.Dc ) . -.It Li \&No response from server -No name server is running on the server machine. -.It Li \&No records -The server does not have resource records of the current query type for the -host, although the host name is valid. -The query type is specified with the -.Dq Ic set querytype -command. -.It Li Non-existent domain -The host or domain name does not exist. -.It Li Connection refused -.It Li Network is unreachable -The connection to the name or finger server could not be made -at the current time. -This error commonly occurs with -.Ic ls -and -.Ic finger -requests. -.It Li Server failure -The name server found an internal inconsistency in its database -and could not return a valid answer. -.It Li Refused -The name server refused to service the request. -.It Li Format error -The name server found that the request packet was not in the proper format. -It may indicate an error in -.Nm nslookup . -.El -.Sh FILES -.Bl -tag -width "/usr/share/misc/nslookup.helpXXX" -compact -.It Pa /etc/resolv.conf -initial domain name and name server addresses -.It Pa $HOME/.nslookuprc -user's initial options -.It Pa /usr/share/misc/nslookup.help -summary of commands -.El -.Sh ENVIRONMENT -.Bl -tag -width "HOSTALIASESXXXX" -compact -.It Ev HOSTALIASES -file containing host aliases -.It Ev LOCALDOMAIN -overrides default domain -.El -.Sh SEE ALSO -.Xr @INDOT@named @SYS_OPS_EXT@ , -.Xr resolver @LIB_NETWORK_EXT@ , -.Xr resolver @FORMAT_EXT@ ; -RFC-1034, -.Dq Domain Names - Concepts and Facilities ; -RFC-1035, -.Dq Domain Names - Implementation and Specification . -.Sh AUTHOR -Andrew Cherenson diff --git a/contrib/bind/doc/man/nsupdate.8 b/contrib/bind/doc/man/nsupdate.8 deleted file mode 100644 index 604598441f49..000000000000 --- a/contrib/bind/doc/man/nsupdate.8 +++ /dev/null @@ -1,203 +0,0 @@ -.\" $Id: nsupdate.8,v 8.8 2002/04/22 04:38:04 marka Exp $ -.\" -.\"Copyright (c) 1999 by Internet Software Consortium -.\" -.\"Permission to use, copy, modify, and distribute this software for any -.\"purpose with or without fee is hereby granted, provided that the above -.\"copyright notice and this permission notice appear in all copies. -.\" -.\"THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\"ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\"OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\"CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\"DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\"PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\"ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\"SOFTWARE. -.Dd March 5, 1999 -.Dt NSUPDATE @SYS_OPS_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm nsupdate -.Nd update Internet name servers interactively -.Sh SYNOPSIS -.Nm nsupdate -.Op Fl k Ar keydir:keyname -.Op Fl d -.Op Fl v -.Op Ar filename -.Sh DESCRIPTION -.Ic Nsupdate -is a program to update Internet domain name servers -supporting dynamic update. -.Ic Nsupdate -uses the DNS resolver library to pass messages -to a DNS server requesting the additional or deletion of -DNS resource records (RRs). -.Ic Nsupdate -reads input from -.Ar filename -or standard input. -.Sh ARGUMENTS -.Bl -tag -width Fl -.It Fl k -Sign updates with TSIG. -.It Fl d -Debug mode. -.It Fl v -Virtual circuit - use TCP to communication with server. -Default is UDP. -.El -.Sh INPUT FORMAT -.Ic Nsupdate -reads input records, one per line, -each line contributing a resource record to an -update request. -All domain names used in a single update request -must belong to the same DNS zone. -Updates are sent to the master server as defined in the SOA -MNAME field. -A blank line causes the accumulated -records to be formated into a single update request -and transmitted to the zone's authoritative name servers. -Additional records may follow, -which are formed into additional, -completely independent update requests. -For the last request to be transmitted, a blank line -must end the input. -.Pp -Records take one of two general forms. -.Em Prerequisite -records specify conditions that must be satisfied before -the request will be processed. -.Em Update -records specify changes to be made to the DNS database. -A update request consists of zero or more prerequisites -and one or more updates. -Each update request is processed atomically - -all prerequisites must be satisfied, then all updates -will be performed. -.Pp -.Ic Nsupdate -understands the following input record formats: -.Pp -.Bl -hang -.It Ic prereq nxdomain Va domain-name -Requires that no RR of any type exists with name -.Va domain-name . -.It Ic prereq yxdomain Va domain-name -Requires that at least one RR named -.Va domain-name -must exist. -.It Xo -.Ic prereq nxrrset Va domain-name Op class -.Va type -.Xc -Requires that no RR exists of the specified -.Va type -and -.Va domain-name . -.It Xo -.Ic prereq yxrrset -.Va domain-name Op Va class -.Va type Op Va data... -.Xc -Requires that a RR exists of the specified -.Va type -and -.Va domain-name . -If -.Va data -is specified, it must match exactly. -.It Xo -.Ic update delete -.Va domain-name Op Va class -.Op Va type Op Va data... -.Xc -Deletes RRs named -.Va domain-name . -If -.Va type -(and possibly -.Va data ) -is specified, -only matching records will be deleted. -.It Xo -.Ic update add -.Va domain-name ttl Op Va class -.Va type data... -.Xc -Adds a new RR with specified -.Va ttl , type , -and -.Va data . -.El -.Sh EXAMPLES -The following example illustrates the interactive use of -.Ic nsupdate -to change an IP address by deleting any existing A records -for a domain name and then inserting a new one. -Since no prerequisites are specified, -the new record will be added even if -there were no existing records to delete. -Note the -trailing blank line, required to process the request. -.Bd -literal -offset indent -$ nsupdate -> update delete test.example.com A -> update add test.example.com 3600 A 10.1.1.1 -> -.Ed -.Pp -In this example, a CNAME alias is added to the database -only if there are no existing A or CNAME records for -the domain name. -.Bd -literal -offset indent -$ nsupdate -> prereq nxrrset www.example.com A -> prereq nxrrset www.example.com CNAME -> update add www.example.com 3600 CNAME test.example.com -> -.Ed -.Pp -In this example, the nsupdate will be signed with the key "mykey", which -is in the directory "/var/named/keys". -.Bd -literal -offset indent -$ nsupdate -k /var/named/keys:mykey -> update add ftp.example.com 60 A 192.168.5.1 -> -.Ed -.Sh DIAGNOSTICS -.Bl -hang -.It Qq send error -Typically indicates that the authoritative nameservers could not be reached -.It Qq failed update packet -Typically indicates that the nameserver has rejected the update, -either because the nameserver doesn't support dynamic update, -or due to an authentication failure -.It Qq res_mkupdate: packet size = Va size -(and no other messages) -The update was successfully received and authenticated by the nameserver. -The prerequisites, however, may have prevented the update from actually -being performed. The only way to determine if the update was performed -is to use debug mode -.Fl ( d ) -and examine the status field in the nameserver's reply. -.El -.Sh FILES -.Bl -hang -.It Pa /etc/resolv.conf -initial domain name and name server addresses -.El -.Sh SEE ALSO -.Xr @INDOT@named @SYS_OPS_EXT@ , -.Xr resolver @LIB_NETWORK_EXT@ , -.Xr resolver @FORMAT_EXT@ ; -RFC-1034, -.Dq Domain Names - Concepts and Facilities ; -RFC-1035, -.Dq Domain Names - Implementation and Specification ; -RFC-2136, -Dynamic Updates in the Domain Name System. -.Sh AUTHOR -Brent Baccala diff --git a/contrib/bind/doc/man/resolver.3 b/contrib/bind/doc/man/resolver.3 deleted file mode 100644 index 9e2ef6f7afa6..000000000000 --- a/contrib/bind/doc/man/resolver.3 +++ /dev/null @@ -1,606 +0,0 @@ -.\" Copyright (c) 1985, 1995 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted provided -.\" that: (1) source distributions retain this entire copyright notice and -.\" comment, and (2) distributions including binaries display the following -.\" acknowledgement: ``This product includes software developed by the -.\" University of California, Berkeley and its contributors'' in the -.\" documentation or other materials provided with the distribution and in -.\" all advertising materials mentioning features or use of this software. -.\" Neither the name of the University nor the names of its contributors may -.\" be used to endorse or promote products derived from this software without -.\" specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED -.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)resolver.3 6.5 (Berkeley) 6/23/90 -.\" $Id: resolver.3,v 8.16 2001/12/28 04:24:20 marka Exp $ -.\" -.Dd July 4, 2000 -.Dt RESOLVER @LIB_NETWORK_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm res_ninit , -.Nm res_ourserver_p , -.Nm fp_resstat , -.Nm res_hostalias , -.Nm res_pquery , -.Nm res_nquery , -.Nm res_nsearch , -.Nm res_nquerydomain , -.Nm res_nmkquery , -.Nm res_nsend , -.Nm res_nupdate , -.Nm res_nmkupdate , -.Nm res_nclose , -.Nm res_nsendsigned , -.Nm res_findzonecut , -.Nm dn_comp , -.Nm dn_expand , -.Nm hstrerror , -.Nm res_init , -.Nm res_isourserver , -.Nm fp_nquery , -.Nm p_query , -.Nm hostalias , -.Nm res_query , -.Nm res_search , -.Nm res_querydomain , -.Nm res_mkquery , -.Nm res_send , -.Nm res_update , -.Nm res_close , -.Nm herror -.Nd resolver routines -.Sh SYNOPSIS -.Fd #include <sys/types.h> -.Fd #include <netinet/in.h> -.Fd #include <arpa/nameser.h> -.Fd #include <resolv.h> -.Vt typedef struct __res_state *res_state ; -.Pp -.Fn res_ninit "res_state statp" -.Fn res_ourserver_p "const res_state statp" "const struct sockaddr_in *addr" -.Fn fp_resstat "const res_state statp" "FILE *fp" -.Fn res_hostalias "const res_state statp" "const char *name" "char *buf" "size_t buflen" -.Fn res_pquery "const res_state statp" "const u_char *msg" "int msglen" "FILE *fp" -.Fn res_nquery "res_state statp" "const char *dname" "int class" "int type" "u_char *answer" "int anslen" -.Fn res_nsearch "res_state statp" "const char *dname" "int class" "int type" "u_char * answer" "int anslen" -.Fn res_nquerydomain "res_state statp" "const char *name" "const char *domain" "int class" "int type" "u_char *answer" "int anslen" -.Fo res_nmkquery -.Fa "res_state statp" -.Fa "int op" -.Fa "const char *dname" -.Fa "int class" -.Fa "int type" -.Fa "const u_char *data" -.Fa "int datalen" -.Fa "const u_char *newrr" -.Fa "u_char *buf" -.Fa "int buflen" -.Fc -.Fn res_nsend "res_state statp" "const u_char *msg" "int msglen" "u_char *answer" "int anslen" -.Fn res_nupdate "res_state statp" "ns_updrec *rrecp_in" -.Fn res_nmkupdate "res_state statp" "ns_updrec *rrecp_in" "u_char *buf" "int buflen" -.Fn res_nclose "res_state statp" -.Fn res_nsendsigned "res_state statp" "const u_char *msg" "int msglen" "ns_tsig_key *key" "u_char *answer" "int anslen" -.Fn res_findzonecut "res_state statp" "const char *dname" "ns_class class" "int options" "char *zname" "size_t zsize" "struct in_addr *addrs" "int naddrs" -.Fn dn_comp "const char *exp_dn" "u_char *comp_dn" "int length" "u_char **dnptrs" "u_char **lastdnptr" -.Fn dn_expand "const u_char *msg" "const u_char *eomorig" "const u_char *comp_dn" "char *exp_dn" "int length" -.Fn hstrerror "int err" -.Ss DEPRECATED -.Fd #include <sys/types.h> -.Fd #include <netinet/in.h> -.Fd #include <arpa/nameser.h> -.Fd #include <resolv.h> -.Fn res_init "void" -.Fn res_isourserver "const struct sockaddr_in *addr" -.Fn fp_nquery "const u_char *msg" "int msglen" "FILE *fp" -.Fn p_query "const u_char *msg" "FILE *fp" -.Fn hostalias "const char *name" -.Fn res_query "const char *dname" "int class" "int type" "u_char *answer" "int anslen" -.Fn res_search "const char *dname" "int class" "int type" "u_char *answer" "int anslen" -.Fn res_querydomain "const char *name" "const char *domain" "int class" "int type" "u_char *answer" "int anslen" -.Fo res_mkquery -.Fa "int op" -.Fa "const char *dname" -.Fa "int class" -.Fa "int type" -.Fa "const char *data" -.Fa "int datalen" -.Fa "struct rrec *newrr" -.Fa "u_char *buf" -.Fa "int buflen" -.Fc -.Fn res_send "const u_char *msg" "int msglen" "u_char *answer" "int anslen" -.Fn res_update "ns_updrec *rrecp_in" -.Fn res_close "void" -.Fn herror "const char *s" -.Sh DESCRIPTION -These routines are used for making, sending and interpreting -query and reply messages with Internet domain name servers. -.Pp -State information is kept in -.Fa statp -and is used to control the behavior of these functions. -.Fa statp -should be set to all zeros prior to the first call to any of these functions. -.Pp -The functions -.Fn res_init , -.Fn res_isourserver , -.Fn fp_nquery , -.Fn p_query , -.Fn hostalias , -.Fn res_query , -.Fn res_search , -.Fn res_querydomain , -.Fn res_mkquery , -.Fn res_send , -.Fn res_update , -.Fn res_close -and -.Fn herror -are deprecated and are supplied for compatability with old source -code. -They use global configuration and state information that is -kept in the structure -.Ft _res -rather than that referenced through -.Ft statp . -.Pp -Most of the values in -.Ft statp -and -.Ft _res -are initialized on the first call to -.Fn res_ninit -/ -.Fn res_init -to reasonable defaults and can be ignored. -Options -stored in -.Ft statp->options -/ -.Ft _res.options -are defined in -.Pa resolv.h -and are as follows. -Options are stored as a simple bit mask containing the bitwise -.Dq OR -of the options enabled. -.Bl -tag -width "RES_DEB" -.It Dv RES_INIT -True if the initial name server address and default domain name are -initialized (i.e., -.Fn res_ninit -/ -.Fn res_init -has been called). -.It Dv RES_DEBUG -Print debugging messages. -.It Dv RES_AAONLY -Accept authoritative answers only. -Should continue until it finds an authoritative answer or finds an error. -Currently this is not implemented. -.It Dv RES_USEVC -Use TCP connections for queries instead of UDP datagrams. -.It Dv RES_STAYOPEN -Used with -.Dv RES_USEVC -to keep the TCP connection open between queries. -This is useful only in programs that regularly do many queries. -UDP should be the normal mode used. -.It Dv RES_IGNTC -Ignore truncation errors, i.e., don't retry with TCP. -.It Dv RES_RECURSE -Set the recursion-desired bit in queries. -This is the default. -(\c -.Fn res_nsend -/ -.Fn res_send -does not do iterative queries and expects the name server -to handle recursion.) -.It Dv RES_DEFNAMES -If set, -.Fn res_nsearch -/ -.Fn res_search -will append the default domain name to single-component names -(those that do not contain a dot). -This option is enabled by default. -.It Dv RES_DNSRCH -If this option is set, -.Fn res_nsearch -/ -.Fn res_search -will search for host names in the current domain and in parent domains; see -.Xr hostname @DESC_EXT@ . -This is used by the standard host lookup routine -.Xr gethostbyname @LIB_NETWORK_EXT@ . -This option is enabled by default. -.It Dv RES_NOALIASES -This option turns off the user level aliasing feature controlled by -the -.Ev HOSTALIASES -environment variable. -Network daemons should set this option. -.It Dv RES_USE_INET6 -This option causes -.Xr gethostbyname @LIB_NETWORK_EXT@ -to look for AAAA records before looking for A records if none are found. -.It Dv RES_ROTATE -This options causes the -.Fn res_nsend -/ -.Fn res_send -to rotate the list of nameservers in -.Fa statp->nsaddr_list -/ -.Fa _res.nsaddr_list . -.It Dv RES_KEEPTSIG -This option causes -.Fn res_nsendsigned -to leave the message unchanged after TSIG verification; otherwise the TSIG -record would be removed and the header updated. -.It Dv RES_NOTLDQUERY -This option causes -.Fn res_nsearch -to not attempt to resolve a unqualified name as if it were a top level -domain (TLD). -This option can cause problems if the site has "localhost" as a TLD rather -than having localhost on one or more elements of the search list. -This option has no effect if neither -.Dv RES_DEFNAMES -or -.Dv RES_DNSRCH -is set. -.El -.Pp -The -.Fn res_ninit -/ -.Fn res_init -routine -reads the configuration file (if any; see -.Xr resolver @FORMAT_EXT@ ) -to get the default domain name, search list and -the Internet address of the local name server(s). -If no server is configured, the host running the resolver is tried. -The current domain name is defined by the hostname -if not specified in the configuration file; -it can be overridden by the environment variable -.Ev LOCALDOMAIN . -This environment variable may contain several blank-separated -tokens if you wish to override the -.Dq search list -on a per-process basis. This is similar to the -.Ic search -command in the configuration file. -Another environment variable -.Pq Dq Ev RES_OPTIONS -can be set to override certain internal resolver options which are otherwise -set by changing fields in the -.Ft statp -/ -.Ft _res -structure or are inherited from the configuration file's -.Ic options -command. The syntax of the -.Dq Ev RES_OPTIONS -environment variable is explained in -.Xr resolver @FORMAT_EXT@ . -Initialization normally occurs on the first call -to one of the other resolver routines. -.Pp -The -.Fn res_nquery -/ -.Fn res_query -functions provides interfaces to the server query mechanism. -They constructs a query, sends it to the local server, -awaits a response, and makes preliminary checks on the reply. -The query requests information of the specified -.Fa type -and -.Fa class -for the specified fully-qualified domain name -.Fa dname . -The reply message is left in the -.Fa answer -buffer with length -.Fa anslen -supplied by the caller. -.Fn res_nquery -/ -.Fn res_query -return -1 on error or the length of the answer. -.Pp -The -.Fn res_nsearch -/ -.Fn res_search -routines make a query and awaits a response like -.Fn res_nquery -/ -.Fn res_query , -but in addition, it implements the default and search rules -controlled by the -.Dv RES_DEFNAMES -and -.Dv RES_DNSRCH -options. -It returns the length of the first successful reply which is stored in -.Ft answer -or -1 on error. -.Pp -The remaining routines are lower-level routines used by -.Fn res_nquery -/ -.Fn res_query . -The -.Fn res_nmkquery -/ -.Fn res_mkquery -functions -constructs a standard query message and places it in -.Fa buf . -It returns the size of the query, or \-1 if the query is -larger than -.Fa buflen . -The query type -.Fa op -is usually -.Dv QUERY , -but can be any of the query types defined in -.Pa <arpa/nameser.h> . -The domain name for the query is given by -.Fa dname . -.Fa Newrr -is currently unused but is intended for making update messages. -.Pp -The -.Fn res_nsend -/ -.Fn res_send -/ -.Fn res_nsendsigned -routines -sends a pre-formatted query and returns an answer. -It will call -.Fn res_ninit -/ -.Fn res_init -if -.Dv RES_INIT -is not set, send the query to the local name server, and -handle timeouts and retries. Additionally, -.Fn res_nsendsigned -will use TSIG signatures to add authentication to the query and verify the -response. In this case, only one nameserver will be contacted. -The length of the reply message is returned, or \-1 if there were errors. -.Pp -.Fn res_nquery -/ -.Fn res_query , -.Fn res_nsearch -/ -.Fn res_search -and -.Fn res_nsend -/ -.Fn res_send -return a length that may be bigger than -.Fa anslen . -In that case the query should be retried with a bigger buffer. -NOTE the answer to the second query may be larger still so supplying -a buffer that bigger that the answer returned by the previous -query is recommended. -.Pp -.Fa answer -MUST be big enough to receive a maximum UDP response from the server or -parts of the answer will be silently discarded. -The default maximum UDP response size is 512 bytes. -.Pp -The function -.Fn res_ourserver_p -returns true when -.Fa inp -is one of the servers in -.Fa statp->nsaddr_list -/ -.Fa _res.nsaddr_list . -.Pp -The functions -.Fn fp_nquery -/ -.Fn p_query -print out the query and any answer in -.Fa msg -on -.Fa fp . -.Fn p_query -is equivalent to -.Fn fp_nquery -with -.Fa msglen -set to 512. -.Pp -The function -.Fn fp_resstat -prints out the active flag bits in -.Fa statp->options -preceeded by the text ";; res options:" on -.Fa file . -.Pp -The functions -.Fn res_hostalias -/ -.Fn hostalias -lookup up name in the file referred to by the -.Ev HOSTALIASES -files return a fully qualified hostname if found or NULL if -not found or an error occurred. -.Fn res_hostalias -uses -.Fa buf -to store the result in, -.Fn hostalias -uses a static buffer. -.Pp -The functions -.Fn res_nupdate -/ -.Fn res_update -take a list of ns_updrec -.Fa rrecp_in . -Identifies the containing zone for each record and groups the records -according to containing zone maintaining in zone order then sends and update -request to the servers for these zones. The number of zones updated is -returned or -1 on error. Note that -.Fn res_nupdate -will perform TSIG authenticated dynamic update operations if the key is not -NULL. -.Pp -The function -.Fn res_findzonecut -discovers the closest enclosing zone cut for a specified domain name, -and finds the IP addresses of the zone's master servers. -.Pp -The functions -.Fn res_nmkupdate -/ -.Fn res_mkupdate -take a linked list of ns_updrec -.Fa rrecp_in -and construct a UPDATE message in -.Fa buf . -.Fn res_nmkupdate -/ -.Fn res_mkupdate -return the length of the constructed message on no error or one of the -following error values. -.Bl -inset -width "-5" -.It -1 -An error occurred parsing -.Fa rrecp_in . -.It -2 -The buffer -.Fa buf -was too small. -.It -3 -The first record was not a zone section or there was a section order problem. -The section order is S_ZONE, S_PREREQ and S_UPDATE. -.It -4 -A number overflow occurred. -.It -5 -Unknown operation or no records. -.El -.Pp -The functions -.Fn res_nclose -/ -.Fn res_close -close any open files referenced through -.Fa statp -/ -.Fa _res . -.Pp -The -.Fn dn_comp -function -compresses the domain name -.Fa exp_dn -and stores it in -.Fa comp_dn . -The size of the compressed name is returned or \-1 if there were errors. -The size of the array pointed to by -.Fa comp_dn -is given by -.Fa length . -The compression uses -an array of pointers -.Fa dnptrs -to previously-compressed names in the current message. -The first pointer points to -to the beginning of the message and the list ends with -.Dv NULL . -The limit to the array is specified by -.Fa lastdnptr . -A side effect of -.Fn dn_comp -is to update the list of pointers for labels inserted into the message -as the name is compressed. If -.Fa dnptr -is -.Dv NULL , -names are not compressed. If -.Fa lastdnptr -is -.Dv NULL , -the list of labels is not updated. -.Pp -The -.Fn dn_expand -entry -expands the compressed domain name -.Fa comp_dn -to a full domain name. -The compressed name is contained in a query or reply message; -.Fa msg -is a pointer to the beginning of the message. -The uncompressed name is placed in the buffer indicated by -.Fa exp_dn -which is of size -.Fa length . -The size of compressed name is returned or \-1 if there was an error. -.Pp -The variables -.Ft statp->res_h_errno -/ -.Ft _res.res_h_errno -and external variable -.Ft h_errno -is set whenever an error occurs during resolver operation. The following -definitions are given in -.Pa <netdb.h> : -.Bd -literal -#define NETDB_INTERNAL -1 /* see errno */ -#define NETDB_SUCCESS 0 /* no problem */ -#define HOST_NOT_FOUND 1 /* Authoritative Answer Host not found */ -#define TRY_AGAIN 2 /* Non-Authoritative not found, or SERVFAIL */ -#define NO_RECOVERY 3 /* Non-Recoverable: FORMERR, REFUSED, NOTIMP */ -#define NO_DATA 4 /* Valid name, no data for requested type */ -.Ed -.Pp -The -.Fn herror -function writes a message to the diagnostic output consisting of the string -parameter -.Fa s , -the constant string ": ", and a message corresponding to the value of -.Ft h_errno . -.Pp -The -.Fn hstrerror -function returns a string which is the message text corresponding to the -value of the -.Fa err -parameter. -.Sh FILES -.Bl -tag -width "/etc/resolv.conf " -.It Pa /etc/resolv.conf -See -.Xr resolver @FORMAT_EXT@ . -.El -.Sh SEE ALSO -.Xr gethostbyname @LIB_NETWORK_EXT@ , -.Xr hostname @DESC_EXT@ , -.Xr @INDOT@named @SYS_OPS_EXT@ , -.Xr resolver @FORMAT_EXT@ ; -RFC1032, RFC1033, RFC1034, RFC1035, RFC974; -SMM:11, -.Dq Name Server Operations Guide for Sy BIND diff --git a/contrib/bind/doc/man/resolver.5 b/contrib/bind/doc/man/resolver.5 deleted file mode 100644 index 84ada338e0d1..000000000000 --- a/contrib/bind/doc/man/resolver.5 +++ /dev/null @@ -1,240 +0,0 @@ -.\" Copyright (c) 1986 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)resolver.5 5.9 (Berkeley) 12/14/89 -.\" $Id: resolver.5,v 8.9 2001/12/28 04:24:21 marka Exp $ -.\" -.Dd November 11, 1993 -.Dt RESOLVER @FORMAT_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm resolver -.Nd resolver configuration file -.Sh SYNOPSIS -.Pa /etc/resolv.conf -.Sh DESCRIPTION -The -.Nm resolver -is a set of routines in the C library -.Pq Xr resolve @LIB_NETWORK_EXT@ -that provide access to the Internet Domain Name System. -The -.Nm resolver -configuration file contains information that is read -by the -.Nm resolver -routines the first time they are invoked by a process. -The file is designed to be human readable and contains a list of -keywords with values that provide various types of -.Nm resolver -information. -.Pp -On a normally configured system, this file should not be necessary. -The only name server to be queried will be on the local machine, -the domain name is determined from the host name, -and the domain search path is constructed from the domain name. -.Pp -The different configuration directives are: -.Bl -tag -width "nameser" -.It Li nameserver -Internet address (in dot notation) of a name server that the -.Nm resolver -should query. Up to -.Dv MAXNS -(see -.Pa <resolv.h> ) -name servers may be listed, one per keyword. -If there are multiple servers, the -.Nm resolver -library queries them in the order listed. -If no -.Li nameserver -entries are present, the default is to use the name server on the local machine. -(The algorithm used is to try a name server, and if the query times out, -try the next, until out of name servers, -then repeat trying all the name servers -until a maximum number of retries are made). -.It Li domain -Local domain name. -Most queries for names within this domain can use short names -relative to the local domain. -If no -.Li domain -entry is present, the domain is determined from the local host name returned by -.Xr gethostname @BSD_SYSCALL_EXT@ ; -the domain part is taken to be everything after the first -.Sq \&. . -Finally, if the host name does not contain a domain part, the root -domain is assumed. -.It Li search -Search list for host-name lookup. -The search list is normally determined from the local domain name; -by default, it contains only the local domain name. -This may be changed by listing the desired domain search path -following the -.Li search -keyword with spaces or tabs separating the names. -Most -.Nm resolver -queries will be attempted using each component -of the search path in turn until a match is found. -Note that this process may be slow and will generate a lot of network -traffic if the servers for the listed domains are not local, -and that queries will time out if no server is available -for one of the domains. -.Pp -The search list is currently limited to six domains -with a total of 256 characters. -.It Li sortlist -Allows addresses returned by gethostbyname to be sorted. -A -.Li sortlist -is specified by IP address netmask pairs. The netmask is -optional and defaults to the natural netmask of the net. The IP address -and optional network pairs are separated by slashes. Up to 10 pairs may -be specified. For example: -.Bd -literal -offset indent -sortlist 130.155.160.0/255.255.240.0 130.155.0.0 -.Ed -.It Li options -Allows certain internal -.Nm resolver -variables to be modified. -The syntax is -.D1 Li options Ar option ... -where -.Ar option -is one of the following: -.Bl -tag -width "ndots:n " -.It Li debug -sets -.Dv RES_DEBUG -in -.Ft _res.options . -.It Li ndots: Ns Ar n -sets a threshold for the number of dots which -must appear in a name given to -.Fn res_query -(see -.Xr resolver @LIB_NETWORK_EXT@ ) -before an -.Em initial absolute query -will be made. The default for -.Ar n -is -.Dq 1 , -meaning that if there are -.Em any -dots in a name, the name will be tried first as an absolute name before any -.Em search list -elements are appended to it. -.It Li timeout: Ns Ar n -sets the amount of time the resolver will wait for a response from a remote -name server before retrying the query via a different name server. Measured in -seconds, the default is -.Dv RES_TIMEOUT -(see -.Pa <resolv.h> ) . -.It Li attempts: Ns Ar n -sets the number of times the resolver will send a query to its name servers -before giving up and returning an error to the calling application. The -default is -.Dv RES_DFLRETRY -(see -.Pa <resolv.h> ) . -.It Li rotate -sets -.Dv RES_ROTATE -in -.Ft _res.options , -which causes round robin selection of nameservers from among those listed. -This has the effect of spreading the query load among all listed servers, -rather than having all clients try the first listed server first every time. -.It Li no-check-names -sets -.Dv RES_NOCHECKNAME -in -.Ft _res.options , -which disables the modern BIND checking of incoming host names and mail names -for invalid characters such as underscore (_), non-ASCII, or control characters. -.It Li inet6 -sets -.Dv RES_USE_INET6 -in -.Ft _res.options . -This has the effect of trying a AAAA query before an A query inside the -.Ft gethostbyname -function, and of mapping IPv4 responses in IPv6 ``tunnelled form'' if no -AAAA records are found but an A record set exists. -.It Li no-tld-query -sets -.Dv RES_NOTLDQUERY -in -.Ft _res.options . -This option causes -.Fn res_nsearch -to not attempt to resolve a unqualified name as if it were a top level -domain (TLD). -This option can cause problems if the site has "localhost" as a TLD rather -than having localhost on one or more elements of the search list. -This option has no effect if neither -.Dv RES_DEFNAMES -or -.Dv RES_DNSRCH -is set. -.El -.El -.Pp -The -.Li domain -and -.Li search -keywords are mutually exclusive. -If more than one instance of these keywords is present, -the last instance wins. -.Pp -The -.Li search -keyword of a system's -.Pa resolv.conf -file can be -overridden on a per-process basis by setting the environment variable -.Dq Ev LOCALDOMAIN -to a space-separated list of search domains. -.Pp -The -.Li options -keyword of a system's -.Pa resolv.conf -file can be amended on a per-process basis by setting the environment variable -.Dq Ev RES_OPTIONS to a space-separated list of -.Nm resolver -options as explained above under -.Li options . -.Pp -The keyword and value must appear on a single line, and the keyword -(e.g., -.Li nameserver ) -must start the line. The value follows the keyword, separated by white space. -.Sh FILES -.Pa /etc/resolv.conf -.Pa <resolv.h> -.Sh SEE ALSO -.Xr gethostbyname @LIB_NETWORK_EXT@ , -.Xr hostname @DESC_EXT@ , -.Xr @INDOT@named @SYS_OPS_EXT@ , -.Xr resolver @LIB_NETWORK_EXT@ , -.Xr resolver @FORMAT_EXT@ . -.Dq Name Server Operations Guide for Sy BIND diff --git a/contrib/bind/doc/man/tsig.3 b/contrib/bind/doc/man/tsig.3 deleted file mode 100644 index 300527ac79dd..000000000000 --- a/contrib/bind/doc/man/tsig.3 +++ /dev/null @@ -1,240 +0,0 @@ -.\" $Id: tsig.3,v 8.3 2001/08/08 07:50:19 marka Exp $ -.\" -.\"Copyright (c) 1995-1999 by Internet Software Consortium -.\" -.\"Permission to use, copy, modify, and distribute this software for any -.\"purpose with or without fee is hereby granted, provided that the above -.\"copyright notice and this permission notice appear in all copies. -.\" -.\"THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\"ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\"OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\"CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\"DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\"PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\"ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\"SOFTWARE. -.\" -.Dd January 1, 1996 -.Os BSD 4 -.Dt TSIG @SYSCALL_EXT@ -.Sh NAME -.Nm ns_sign , -.Nm ns_sign_tcp , -.Nm ns_sign_tcp_init , -.Nm ns_verify , -.Nm ns_verify_tcp , -.Nm ns_verify_tcp_init , -.Nm ns_find_tsig -.Nd TSIG system -.Sh SYNOPSIS -.Ft int -.Fo ns_sign -.Fa "u_char *msg" -.Fa "int *msglen" -.Fa "int msgsize" -.Fa "int error" -.Fa "void *k" -.Fa "const u_char *querysig" -.Fa "int querysiglen" -.Fa "u_char *sig" -.Fa "int *siglen" -.Fa "time_t in_timesigned" -.Fc -.Ft int -.Fn ns_sign_tcp "u_char *msg" "int *msglen" "int msgsize" "int error" \ - "ns_tcp_tsig_state *state" "int done" -.Ft int -.Fn ns_sign_tcp_init "void *k" "const u_char *querysig" "int querysiglen" \ - "ns_tcp_tsig_state *state" -.Ft int -.Fo ns_verify -.Fa "u_char *msg" -.Fa "int *msglen" -.Fa "void *k" -.Fa "const u_char *querysig" -.Fa "int querysiglen" -.Fa "u_char *sig" -.Fa "int *siglen" -.Fa "time_t in_timesigned" -.Fa "int nostrip" -.Fc -.Ft int -.Fn ns_verify_tcp "u_char *msg" "int *msglen" "ns_tcp_tsig_state *state" \ - "int required" -.Ft int -.Fn ns_verify_tcp_init "void *k" "const u_char *querysig" "int querysiglen" \ - "ns_tcp_tsig_state *state" -.Ft u_char * -.Fn ns_find_tsig "u_char *msg" "u_char *eom" -.Sh DESCRIPTION -The TSIG routines are used to implement transaction/request security of -DNS messages. -.Pp -.Fn ns_sign -and -.Fn ns_verify -are the basic routines. -.Fn ns_sign_tcp -and -.Fn ns_verify_tcp -are used to sign/verify TCP messages that may be split into multiple packets, -such as zone transfers, and -.Fn ns_sign_tcp_init , -.Fn ns_verify_tcp_init -initialize the state structure necessary for TCP operations. -.Fn ns_find_tsig -locates the TSIG record in a message, if one is present. -.Pp -.Fn ns_sign -.Bl -tag -width "in_timesigned" -compact -offset indent -.It Dv msg -the incoming DNS message, which will be modified -.It Dv msglen -the length of the DNS message, on input and output -.It Dv msgsize -the size of the buffer containing the DNS message on input -.It Dv error -the value to be placed in the TSIG error field -.It Dv key -the (DST_KEY *) to sign the data -.It Dv querysig -for a response, the signature contained in the query -.It Dv querysiglen -the length of the query signature -.It Dv sig -a buffer to be filled with the generated signature -.It Dv siglen -the length of the signature buffer on input, the signature length on output -.El -.Pp -.Fn ns_sign_tcp -.Bl -tag -width "in_timesigned" -compact -offset indent -.It Dv msg -the incoming DNS message, which will be modified -.It Dv msglen -the length of the DNS message, on input and output -.It Dv msgsize -the size of the buffer containing the DNS message on input -.It Dv error -the value to be placed in the TSIG error field -.It Dv state -the state of the operation -.It Dv done -non-zero value signifies that this is the last packet -.El -.Pp -.Fn ns_sign_tcp_init -.Bl -tag -width "in_timesigned" -compact -offset indent -.It Dv k -the (DST_KEY *) to sign the data -.It Dv querysig -for a response, the signature contained in the query -.It Dv querysiglen -the length of the query signature -.It Dv state -the state of the operation, which this initializes -.El -.Pp -.Fn ns_verify -.Bl -tag -width "in_timesigned" -compact -offset indent -.It Dv msg -the incoming DNS message, which will be modified -.It Dv msglen -the length of the DNS message, on input and output -.It Dv key -the (DST_KEY *) to sign the data -.It Dv querysig -for a response, the signature contained in the query -.It Dv querysiglen -the length of the query signature -.It Dv sig -a buffer to be filled with the signature contained -.It Dv siglen -the length of the signature buffer on input, the signature length on output -.It Dv nostrip -non-zero value means that the TSIG is left intact -.El -.Pp -.Fn ns_verify_tcp -.Bl -tag -width "in_timesigned" -compact -offset indent -.It Dv msg -the incoming DNS message, which will be modified -.It Dv msglen -the length of the DNS message, on input and output -.It Dv state -the state of the operation -.It Dv required -non-zero value signifies that a TSIG record must be present at this step -.El -.Pp -.Fn ns_verify_tcp_init -.Bl -tag -width "in_timesigned" -compact -offset indent -.It Dv k -the (DST_KEY *) to verify the data -.It Dv querysig -for a response, the signature contained in the query -.It Dv querysiglen -the length of the query signature -.It Dv state -the state of the operation, which this initializes -.El -.Pp -.Fn ns_find_tsig -.Bl -tag -width "in_timesigned" -compact -offset indent -.It Dv msg -the incoming DNS message -.It Dv msglen -the length of the DNS message -.El -.Sh RETURN VALUES -.Fn ns_find_tsig -returns a pointer to the TSIG record if one is found, and NULL otherwise. -.Pp -All other routines return 0 on success, modifying arguments when necessary. -.Pp -.Fn ns_sign -and -.Fn ns_sign_tcp -return the following errors: -.Bl -tag -width "NS_TSIG_ERROR_NO_SPACE" -compact -offset indent -.It Dv (-1) -bad input data -.It Dv (-ns_r_badkey) -The key was invalid, or the signing failed -.It Dv NS_TSIG_ERROR_NO_SPACE -the message buffer is too small. -.El -.Pp -.Fn ns_verify -and -.Fn ns_verify_tcp -return the following errors: -.Bl -tag -width "NS_TSIG_ERROR_NO_SPACE" -compact -offset indent -.It Dv (-1) -bad input data -.It Dv NS_TSIG_ERROR_FORMERR -The message is malformed -.It Dv NS_TSIG_ERROR_NO_TSIG -The message does not contain a TSIG record -.It Dv NS_TSIG_ERROR_ID_MISMATCH -The TSIG original ID field does not match the message ID -.It Dv (-ns_r_badkey) -Verification failed due to an invalid key -.It Dv (-ns_r_badsig) -Verification failed due to an invalid signature -.It Dv (-ns_r_badtime) -Verification failed due to an invalid timestamp -.It Dv ns_r_badkey -Verification succeeded but the message had an error of BADKEY -.It Dv ns_r_badsig -Verification succeeded but the message had an error of BADSIG -.It Dv ns_r_badtime -Verification succeeded but the message had an error of BADTIME -.El -.Pp -.Sh SEE ALSO -.Xr resolver 3 . -.Sh AUTHORS -Brian Wellington, TISLabs at Network Associates -.\" .Sh BUGS |