From 3a3705ef7747327df182bf8d009333d2472253d5 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 19 May 2005 12:34:34 +0000 Subject: [PATCH] regen --- bin/check/named-checkzone.8 | 14 ++++- bin/check/named-checkzone.html | 54 ++++++++++++++--- bin/named/named.conf.5 | 8 ++- bin/named/named.conf.html | 16 +++-- doc/arm/Bv9ARM.ch06.html | 104 ++++++++++++++++++++++----------- doc/arm/Bv9ARM.ch07.html | 14 ++--- doc/arm/Bv9ARM.ch08.html | 18 +++--- doc/arm/Bv9ARM.ch09.html | 18 +++--- doc/arm/Bv9ARM.html | 40 ++++++------- doc/misc/options | 8 +++ 10 files changed, 199 insertions(+), 95 deletions(-) diff --git a/bin/check/named-checkzone.8 b/bin/check/named-checkzone.8 index e1c9fa3988..8e870d54eb 100644 --- a/bin/check/named-checkzone.8 +++ b/bin/check/named-checkzone.8 @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: named-checkzone.8,v 1.27 2005/05/13 03:14:03 marka Exp $ +.\" $Id: named-checkzone.8,v 1.28 2005/05/19 12:34:32 marka Exp $ .\" .hy 0 .ad l @@ -41,7 +41,7 @@ named-checkzone \- zone file validity checking tool .SH "SYNOPSIS" .HP 16 -\fBnamed\-checkzone\fR [\fB\-d\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-k\ \fImode\fR\fR] [\fB\-n\ \fImode\fR\fR] [\fB\-o\ \fIfilename\fR\fR] [\fB\-t\ \fIdirectory\fR\fR] [\fB\-w\ \fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-W\ \fImode\fR\fR] {zonename} {filename} +\fBnamed\-checkzone\fR [\fB\-d\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-i\ \fImode\fR\fR] [\fB\-k\ \fImode\fR\fR] [\fB\-m\ \fImode\fR\fR] [\fB\-n\ \fImode\fR\fR] [\fB\-o\ \fIfilename\fR\fR] [\fB\-t\ \fIdirectory\fR\fR] [\fB\-w\ \fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-W\ \fImode\fR\fR] {zonename} {filename} .SH "DESCRIPTION" .PP \fBnamed\-checkzone\fR checks the syntax and integrity of a zone file\&. It performs the same checks as \fBnamed\fR does when loading a zone\&. This makes \fBnamed\-checkzone\fR useful for checking zone files before configuring them into a name server\&. @@ -62,9 +62,19 @@ When loading the zone file read the journal if it exists\&. \-c \fIclass\fR Specify the class of the zone\&. If not specified "IN" is assumed\&. .TP +\-i \fImode\fR +Perform post load zone integrity checks\&. Possible modes are \fB"full"\fR (default), \fB"local"\fR and \fB"none"\fR\&. +Mode \fB"full"\fR checks that MX records refer to A or AAAA record (both in\-zone and out\-of\-zone hostnames)\&. Mode \fB"local"\fR only checks MX records which refer to in\-zone hostnames\&. +Mode \fB"full"\fR checks that SRV records refer to A or AAAA record (both in\-zone and out\-of\-zone hostnames)\&. Mode \fB"local"\fR only checks SRV records which refer to in\-zone hostnames\&. +Mode \fB"full"\fR checks that delegation NS records refer to A or AAAA record (both in\-zone and out\-of\-zone hostnames)\&. It also checks that glue addresses records in the zone match those advertised by the child\&. Mode \fB"local"\fR only checks NS records which refer to in\-zone hostnames or that some required glue exists, that is when the nameserver is in a child zone\&. +Mode \fB"none"\fR disables the checks\&. +.TP \-k \fImode\fR Perform \fB"check\-name"\fR checks with the specified failure mode\&. Possible modes are \fB"fail"\fR, \fB"warn"\fR (default) and \fB"ignore"\fR\&. .TP +\-m \fImode\fR +Specify whether MX records should be checked to see if they are addresses\&. Possible modes are \fB"fail"\fR, \fB"warn"\fR (default) and \fB"ignore"\fR\&. +.TP \-n \fImode\fR Specify whether NS records should be checked to see if they are addresses\&. Possible modes are \fB"fail"\fR, \fB"warn"\fR (default) and \fB"ignore"\fR\&. .TP diff --git a/bin/check/named-checkzone.html b/bin/check/named-checkzone.html index 6c539791e2..2246b1c628 100644 --- a/bin/check/named-checkzone.html +++ b/bin/check/named-checkzone.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -29,10 +29,10 @@

Synopsis

-

named-checkzone [-d] [-j] [-q] [-v] [-c class] [-k mode] [-n mode] [-o filename] [-t directory] [-w directory] [-D] [-W mode] {zonename} {filename}

+

named-checkzone [-d] [-j] [-q] [-v] [-c class] [-i mode] [-k mode] [-m mode] [-n mode] [-o filename] [-t directory] [-w directory] [-D] [-W mode] {zonename} {filename}

-

DESCRIPTION

+

DESCRIPTION

named-checkzone checks the syntax and integrity of a zone file. It performs the same checks as named does when loading a @@ -41,7 +41,7 @@

-

OPTIONS

+

OPTIONS

-d

@@ -64,6 +64,39 @@

Specify the class of the zone. If not specified "IN" is assumed.

+
-i mode
+
+

+ Perform post load zone integrity checks. Possible modes are + "full" (default), + "local" and + "none". +

+

+ Mode "full" checks that MX records + refer to A or AAAA record (both in-zone and out-of-zone + hostnames). Mode "local" only + checks MX records which refer to in-zone hostnames. +

+

+ Mode "full" checks that SRV records + refer to A or AAAA record (both in-zone and out-of-zone + hostnames). Mode "local" only + checks SRV records which refer to in-zone hostnames. +

+

+ Mode "full" checks that delegation NS + records refer to A or AAAA record (both in-zone and out-of-zone + hostnames). It also checks that glue addresses records + in the zone match those advertised by the child. + Mode "local" only checks NS records which + refer to in-zone hostnames or that some required glue exists, + that is when the nameserver is in a child zone. +

+

+ Mode "none" disables the checks. +

+
-k mode

Perform "check-name" checks with @@ -72,6 +105,13 @@ "warn" (default) and "ignore".

+
-m mode
+

+ Specify whether MX records should be checked to see if they + are addresses. Possible modes are "fail", + "warn" (default) and + "ignore". +

-n mode

Specify whether NS records should be checked to see if they @@ -122,21 +162,21 @@

-

RETURN VALUES

+

RETURN VALUES

named-checkzone returns an exit status of 1 if errors were detected and 0 otherwise.

-

SEE ALSO

+

SEE ALSO

named(8), RFC 1035, BIND 9 Administrator Reference Manual.

-

AUTHOR

+

AUTHOR

Internet Systems Consortium

diff --git a/bin/named/named.conf.5 b/bin/named/named.conf.5 index 8dc47c7827..d09f028ca7 100644 --- a/bin/named/named.conf.5 +++ b/bin/named/named.conf.5 @@ -12,7 +12,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: named.conf.5,v 1.10 2005/05/12 23:54:25 sra Exp $ +.\" $Id: named.conf.5,v 1.11 2005/05/19 12:34:33 marka Exp $ .\" .hy 0 .ad l @@ -195,6 +195,8 @@ options { max\-cache\-size \fIsize_no_default\fR; check\-names ( master | slave | response ) ( fail | warn | ignore ); + check\-mx ( fail | warn | ignore ); + integrity\-check \fIboolean\fR; cache\-file \fIquoted_string\fR; suppress\-initial\-notify \fIboolean\fR; // not yet implemented preferred\-glue \fIstring\fR; @@ -308,6 +310,8 @@ view \fIstring\fR \fIoptional_class\fR { max\-cache\-size \fIsize_no_default\fR; check\-names ( master | slave | response ) ( fail | warn | ignore ); + check\-mx ( fail | warn | ignore ); + integrity\-check \fIboolean\fR; cache\-file \fIquoted_string\fR; suppress\-initial\-notify \fIboolean\fR; // not yet implemented preferred\-glue \fIstring\fR; @@ -382,6 +386,8 @@ zone \fIstring\fR \fIoptional_class\fR { database \fIstring\fR; delegation\-only \fIboolean\fR; check\-names ( fail | warn | ignore ); + check\-mx ( fail | warn | ignore ); + integrity\-check \fIboolean\fR; dialup \fIdialuptype\fR; ixfr\-from\-differences \fIboolean\fR; journal \fIquoted_string\fR; diff --git a/bin/named/named.conf.html b/bin/named/named.conf.html index 11e7a64487..cf0851ecdd 100644 --- a/bin/named/named.conf.html +++ b/bin/named/named.conf.html @@ -13,7 +13,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -213,6 +213,8 @@ options max-cache-size size_no_default;
check-names ( master | slave | response )
( fail | warn | ignore );
+ check-mx ( fail | warn | ignore );
+ integrity-check boolean;
cache-file quoted_string;
suppress-initial-notify boolean; // not yet implemented
preferred-glue string;
@@ -292,7 +294,7 @@ options

-

VIEW

+

VIEW


view string optional_class {
match-clients { address_match_element; ... };
@@ -342,6 +344,8 @@ view max-cache-size size_no_default;
check-names ( master | slave | response )
( fail | warn | ignore );
+ check-mx ( fail | warn | ignore );
+ integrity-check boolean;
cache-file quoted_string;
suppress-initial-notify boolean; // not yet implemented
preferred-glue string;
@@ -413,7 +417,7 @@ view

-

ZONE

+

ZONE


zone string optional_class {
type ( master | slave | stub | hint |
@@ -429,6 +433,8 @@ zone database string;
delegation-only boolean;
check-names ( fail | warn | ignore );
+ check-mx ( fail | warn | ignore );
+ integrity-check boolean;
dialup dialuptype;
ixfr-from-differences boolean;
journal quoted_string;
@@ -491,12 +497,12 @@ zone

-

FILES

+

FILES

/etc/named.conf

-

SEE ALSO

+

SEE ALSO

named(8), rndc(8), BIND 9 Administrator Reference Manual. diff --git a/doc/arm/Bv9ARM.ch06.html b/doc/arm/Bv9ARM.ch06.html index d2faab1a1c..0ef364eeac 100644 --- a/doc/arm/Bv9ARM.ch06.html +++ b/doc/arm/Bv9ARM.ch06.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> - + @@ -77,23 +77,23 @@

server Statement Grammar
server Statement Definition and Usage
-
trusted-keys Statement Grammar
-
trusted-keys Statement Definition +
trusted-keys Statement Grammar
+
trusted-keys Statement Definition and Usage
view Statement Grammar
-
view Statement Definition and Usage
+
view Statement Definition and Usage
zone Statement Grammar
-
zone Statement Definition and Usage
+
zone Statement Definition and Usage
-
Zone File
+
Zone File
Types of Resource Records and When to Use Them
-
Discussion of MX Records
+
Discussion of MX Records
Setting TTLs
-
Inverse Mapping in IPv4
-
Other Zone File Directives
-
BIND Master File Extension: the $GENERATE Directive
+
Inverse Mapping in IPv4
+
Other Zone File Directives
+
BIND Master File Extension: the $GENERATE Directive
@@ -1752,7 +1752,9 @@ category notify { null; }; [ forwarders { ip_addr [port ip_port] ; [ ip_addr [port ip_port] ; ... ] }; ] [ dual-stack-servers [port ip_port] { ( domain_name [port ip_port] | ip_addr [port ip_port] ) ; ... }; ] [ check-names ( master | slave | response )( warn | fail | ignore ); ] + [ check-mx ( warn | fail | ignore ); ] [ check-wildcard yes_or_no; ] + [ integrity-checks yes_or_no; ] [ allow-notify { address_match_list }; ] [ allow-query { address_match_list }; ] [ allow-query-cache { address_match_list }; ] @@ -2657,6 +2659,13 @@ options { IN-ADDR.ARPA, IP6.ARPA, IP6.INT).

+
check-mx
+

+ Check whether the MX record appears to refer to a IP address. + The default is to warn. Other possible + values are fail and + ignore. +

check-wildcard

This option is used to check for non-terminal wildcards. @@ -2667,11 +2676,24 @@ options { affects master zones. The default (yes) is to check for non-terminal wildcards and issue a warning.

+
integrity-check
+

+ Perform post load zone integrity checks on master + zones. This checks that MX and SRV records refer + to address (A or AAAA) records and that glue + address records exist for delegated zones. For + MX and SRV records only in-zone hostnames are + checked (for out-of-zone hostnames use named-checkzone). + For NS records only names below top of zone are + checked (for out-of-zone names and glue consistancy + checks use named-checkzone). The default is + yes. +

-Forwarding

+Forwarding

The forwarding facility can be used to create a large site-wide cache on a few servers, reducing traffic over links to external @@ -2715,7 +2737,7 @@ options {

-Dual-stack Servers

+Dual-stack Servers

Dual-stack servers are used as servers of last resort to work around @@ -2880,7 +2902,7 @@ options {

-Interfaces

+Interfaces

The interfaces and ports that the server will answer queries from may be specified using the listen-on option. listen-on takes @@ -2960,7 +2982,7 @@ listen-on-v6 port 1234 { !2001:db8::/32; any; };

-Query Address

+Query Address

If the server doesn't know the answer to a question, it will query other name servers. query-source specifies @@ -3204,7 +3226,7 @@ query-source-v6 address * port *;

-Bad UDP Port Lists

+Bad UDP Port Lists

avoid-v4-udp-ports and avoid-v6-udp-ports specify a list of IPv4 and IPv6 UDP ports that will not be used as system @@ -3218,7 +3240,7 @@ query-source-v6 address * port *;

-Operating System Resource Limits

+Operating System Resource Limits

The server's usage of many system resources can be limited. Scaled values are allowed when specifying resource limits. For @@ -3278,7 +3300,7 @@ query-source-v6 address * port *;

-Server Resource Limits

+Server Resource Limits

The following options set limits on the server's resource consumption that are enforced internally by the @@ -3357,7 +3379,7 @@ query-source-v6 address * port *;

-Periodic Task Intervals

+Periodic Task Intervals
cleaning-interval

@@ -4181,7 +4203,7 @@ query-source-v6 address * port *;

-trusted-keys Statement Grammar

+trusted-keys Statement Grammar
trusted-keys {
     string number number number string ;
     [ string number number number string ; [...]]
@@ -4190,7 +4212,7 @@ query-source-v6 address * port *;
 
 

 

-trusted-keys Statement Definition
+trusted-keys Statement Definition
             and Usage

 

             The trusted-keys statement defines
@@ -4229,7 +4251,7 @@ query-source-v6 address * port *;
 

 

 

-view Statement Definition and Usage

+view Statement Definition and Usage

 

             The view statement is a powerful
             new feature
@@ -4359,7 +4381,9 @@ view "external" {
     [ allow-update-forwarding { address_match_list } ; ]
     [ also-notify { ip_addr [port ip_port] ; [ ip_addr [port ip_port] ; ... ] }; ]
     [ check-names (warn|fail|ignore) ; ]
+    [ check-mx (warn|fail|ignore) ; ]
     [ check-wildcard yes_or_no; ]
+    [ integrity-checks yes_or_no ; ]
     [ dialup dialup_option ; ]
     [ delegation-only yes_or_no ; ]
     [ file string ; ]
@@ -4399,10 +4423,10 @@ view "external" {
 
 

 

-zone Statement Definition and Usage

+zone Statement Definition and Usage

 

 

-Zone Types

+Zone Types

 
@@ -4611,7 +4635,7 @@ view "external" {
 

 

-Class

+Class

               The zone's name may optionally be followed by a class. If
               a class is not specified, class IN (for Internet),
@@ -4633,7 +4657,7 @@ view "external" {
 
 

 

-Zone Options

+Zone Options

 
journal

 

@@ -4700,11 +4724,21 @@ view "external" {
                     network.  The default varies according to zone type.  For master zones the default is fail.  For slave
                     zones the default is warn.
                   

+
check-mx

+

+                    See the description of
+                    check-mx in the section called “Boolean Options”.
+                  

 
check-wildcard

 

                     See the description of
                     check-wildcard in the section called “Boolean Options”.
                   

+
integrity-check

+

+                    See the description of
+                    integrity-check in the section called “Boolean Options”.
+                  

 
database

 

 

@@ -5057,7 +5091,7 @@ view "external" {
 

 

-Zone File

+Zone File

 

 Types of Resource Records and When to Use Them

@@ -5070,7 +5104,7 @@ view "external" {
           

 

 

-Resource Records

+Resource Records

               A domain name identifies a node.  Each node has a set of
               resource information, which may be empty.  The set of resource
@@ -5659,7 +5693,7 @@ view "external" {
 
 

 

-Textual expression of RRs

+Textual expression of RRs

               RRs are represented in binary form in the packets of the DNS
               protocol, and are usually represented in highly encoded form
@@ -5866,7 +5900,7 @@ view "external" {
 
 

 

-Discussion of MX Records

+Discussion of MX Records

             As described above, domain servers store information as a
             series of resource records, each of which contains a particular
@@ -6123,7 +6157,7 @@ view "external" {
 
 

 

-Inverse Mapping in IPv4

+Inverse Mapping in IPv4

             Reverse name resolution (that is, translation from IP address
             to name) is achieved by means of the in-addr.arpa domain
@@ -6184,7 +6218,7 @@ view "external" {
 
 

 

-Other Zone File Directives

+Other Zone File Directives

             The Master File Format was initially defined in RFC 1035 and
             has subsequently been extended. While the Master File Format
@@ -6199,7 +6233,7 @@ view "external" {
           

 

-The $ORIGIN Directive

+The $ORIGIN Directive

               Syntax: $ORIGIN
 	      domain-name
@@ -6227,7 +6261,7 @@ WWW.EXAMPLE.COM. CNAME MAIN-SERVER.EXAMPLE.COM.
 
 

 

-The $INCLUDE Directive

+The $INCLUDE Directive

               Syntax: $INCLUDE
               filename
@@ -6263,7 +6297,7 @@ WWW.EXAMPLE.COM. CNAME MAIN-SERVER.EXAMPLE.COM.
 
 

 

-The $TTL Directive

+The $TTL Directive

               Syntax: $TTL
               default-ttl
@@ -6282,7 +6316,7 @@ WWW.EXAMPLE.COM. CNAME MAIN-SERVER.EXAMPLE.COM.
 
 

 

-BIND Master File Extension: the  $GENERATE Directive

+BIND Master File Extension: the  $GENERATE Directive

             Syntax: $GENERATE
 	    range
diff --git a/doc/arm/Bv9ARM.ch07.html b/doc/arm/Bv9ARM.ch07.html
index 9feb625b7a..852a6b9c05 100644
--- a/doc/arm/Bv9ARM.ch07.html
+++ b/doc/arm/Bv9ARM.ch07.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-
+
 
 
 
@@ -46,11 +46,11 @@
 
Table of Contents

 
Access Control Lists

-
chroot and setuid (for
+
chroot and setuid (for
           UNIX servers)

 

-
The chroot Environment

-
Using the setuid Function

+
The chroot Environment

+
Using the setuid Function

 

 
Dynamic Update Security

 

@@ -114,7 +114,7 @@ zone "example.com" {
 

 

-chroot and setuid (for
+chroot and setuid (for
           UNIX servers)

 

           On UNIX servers, it is possible to run BIND in a chrooted environment
@@ -138,7 +138,7 @@ zone "example.com" {
         

 

 

-The chroot Environment

+The chroot Environment

             In order for a chroot() environment
             to
@@ -166,7 +166,7 @@ zone "example.com" {
 
 

 

-Using the setuid Function

+Using the setuid Function

             Prior to running the named daemon,
             use
diff --git a/doc/arm/Bv9ARM.ch08.html b/doc/arm/Bv9ARM.ch08.html
index 0b4a39d2ff..4a18eb8b3e 100644
--- a/doc/arm/Bv9ARM.ch08.html
+++ b/doc/arm/Bv9ARM.ch08.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-
+
 
 
 
@@ -45,18 +45,18 @@
 

 
Table of Contents

 

-
Common Problems

-
It's not working; how can I figure out what's wrong?

-
Incrementing and Changing the Serial Number

-
Where Can I Get Help?

+
Common Problems

+
It's not working; how can I figure out what's wrong?

+
Incrementing and Changing the Serial Number

+
Where Can I Get Help?

 

 

 

-Common Problems

+Common Problems

 

-It's not working; how can I figure out what's wrong?

+It's not working; how can I figure out what's wrong?

             The best solution to solving installation and
             configuration issues is to take preventative measures by setting
@@ -68,7 +68,7 @@
 
 

 

-Incrementing and Changing the Serial Number

+Incrementing and Changing the Serial Number

           Zone serial numbers are just numbers-they aren't date
           related.  A lot of people set them to a number that represents a
@@ -95,7 +95,7 @@
 
 

 

-Where Can I Get Help?

+Where Can I Get Help?

           The Internet Software Consortium
           (ISC) offers a wide range
diff --git a/doc/arm/Bv9ARM.ch09.html b/doc/arm/Bv9ARM.ch09.html
index da5b133759..d9ac4ff086 100644
--- a/doc/arm/Bv9ARM.ch09.html
+++ b/doc/arm/Bv9ARM.ch09.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-
+
 
 
 
@@ -43,24 +43,24 @@
 

 
Table of Contents

 

-
Acknowledgments

-
A Brief History of the DNS and BIND

+
Acknowledgments

+
A Brief History of the DNS and BIND

 
General DNS Reference Information

 
IPv6 addresses (AAAA)

 
Bibliography (and Suggested Reading)

 

 
Request for Comments (RFCs)

 
Internet Drafts

-
Other Documents About BIND

+
Other Documents About BIND

 

 

 

 

-Acknowledgments

+Acknowledgments

 

-A Brief History of the DNS and BIND

+A Brief History of the DNS and BIND

             Although the "official" beginning of the Domain Name
             System occurred in 1984 with the publication of RFC 920, the
@@ -469,7 +469,7 @@
           

 

-Bibliography

+Bibliography

 
Standards

 
[RFC974] C. Partridge. Mail Routing and the Domain System. January 1986. 

@@ -592,11 +592,11 @@
 

 

-Other Documents About BIND

+Other Documents About BIND

 

-Bibliography

+Bibliography
Paul Albitz and Cricket Liu. DNS and BIND. Copyright © 1998 Sebastopol, CA: O'Reilly and Associates. 

diff --git a/doc/arm/Bv9ARM.html b/doc/arm/Bv9ARM.html
index 3d12b1f6c3..f1b167fc49 100644
--- a/doc/arm/Bv9ARM.html
+++ b/doc/arm/Bv9ARM.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-
+
@@ -155,54 +155,54 @@
 
server Statement Grammar
server Statement Definition and
             Usage

-
trusted-keys Statement Grammar

-
trusted-keys Statement Definition
+
trusted-keys Statement Grammar

+
trusted-keys Statement Definition
             and Usage
view Statement Grammar

-
view Statement Definition and Usage

+
view Statement Definition and Usage
zone
             Statement Grammar

-
zone Statement Definition and Usage

+
zone Statement Definition and Usage

-
Zone File

+
Zone File

 
Types of Resource Records and When to Use Them

-
Discussion of MX Records

+
Discussion of MX Records

 
Setting TTLs

-
Inverse Mapping in IPv4

-
Other Zone File Directives

-
BIND Master File Extension: the  $GENERATE Directive

+
Inverse Mapping in IPv4

+
Other Zone File Directives

+
BIND Master File Extension: the  $GENERATE Directive

 
7. BIND 9 Security Considerations

 
Access Control Lists

-
chroot and setuid (for
+
chroot and setuid (for
           UNIX servers)

 

-
The chroot Environment

-
Using the setuid Function

+
The chroot Environment

+
Using the setuid Function

 

 
Dynamic Update Security

 
8. Troubleshooting

-
Common Problems

-
It's not working; how can I figure out what's wrong?

-
Incrementing and Changing the Serial Number

-
Where Can I Get Help?

+
Common Problems

+
It's not working; how can I figure out what's wrong?

+
Incrementing and Changing the Serial Number

+
Where Can I Get Help?

 
A. Appendices

-
Acknowledgments

-
A Brief History of the DNS and BIND

+
Acknowledgments

+
A Brief History of the DNS and BIND

 
General DNS Reference Information

 
IPv6 addresses (AAAA)

 
Bibliography (and Suggested Reading)

 

 
Request for Comments (RFCs)

 
Internet Drafts

-
Other Documents About BIND

+
Other Documents About BIND

 

 

diff --git a/doc/misc/options b/doc/misc/options
index c2bb164383..16ff3398ac 100644
--- a/doc/misc/options
+++ b/doc/misc/options
@@ -129,6 +129,8 @@ options {
         zone-statistics ;
         key-directory ;
         check-wildcard ;
+        integrity-check ;
+        check-mx ( fail | warn | ignore );
 };
 
 controls {
@@ -224,6 +226,8 @@ view   {
                 zone-statistics ;
                 key-directory ;
                 check-wildcard ;
+                integrity-check ;
+                check-mx ( fail | warn | ignore );
         };
         server  {
                 bogus ;
@@ -320,6 +324,8 @@ view   {
         zone-statistics ;
         key-directory ;
         check-wildcard ;
+        integrity-check ;
+        check-mx ( fail | warn | ignore );
 };
 
 lwres {
@@ -388,6 +394,8 @@ zone   {
         zone-statistics ;
         key-directory ;
         check-wildcard ;
+        integrity-check ;
+        check-mx ( fail | warn | ignore );
 };
 
 server  {