upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 12:30:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

regen

Browse source
This commit is contained in:
Rob Austein 2005-05-11 06:05:43 +00:00
parent 268a447506
commit 60e5e10f8d
75 changed files with 19983 additions and 41745 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
CHANGES
View file

@ -1,3 +1,6 @@
1856. [doc] Switch Docbook toolchain from DSSSL to XSL.
[RT #11398]
1855. [placeholder] rt14616
1854. [bug] lwres also needs to know the print format for

79
bin/check/named-checkconf.8
View file

@ -1,59 +1,70 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2002 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2002 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: named-checkconf.8,v 1.20 2005/04/07 03:49:55 marka Exp $
.\"
.TH "NAMED-CHECKCONF" "8" "June 14, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "NAMED-CHECKCONF" 8 "June 14, 2000" "" ""
.SH NAME
named-checkconf \- named configuration file syntax checking tool
.SH SYNOPSIS
.sp
\fBnamed-checkconf\fR [ \fB-v\fR ] [ \fB-j\fR ] [ \fB-t \fIdirectory\fB\fR ] \fBfilename\fR [ \fB-z\fR ]
.SH "SYNOPSIS"
.HP 16
\fBnamed\-checkconf\fR [\fB\-v\fR] [\fB\-j\fR] [\fB\-t\ \fIdirectory\fR\fR] {filename} [\fB\-z\fR]
.SH "DESCRIPTION"
.PP
\fBnamed-checkconf\fR checks the syntax, but not
the semantics, of a named configuration file.
\fBnamed\-checkconf\fR checks the syntax, but not the semantics, of a named configuration file\&.
.SH "OPTIONS"
.TP
\fB-t \fIdirectory\fB\fR
chroot to \fIdirectory\fR so that include
directives in the configuration file are processed as if
run by a similarly chrooted named.
\-t \fIdirectory\fR
chroot to \fIdirectory\fR so that include directives in the configuration file are processed as if run by a similarly chrooted named\&.
.TP
\fB-v\fR
Print the version of the \fBnamed-checkconf\fR
program and exit.
\-v
Print the version of the \fBnamed\-checkconf\fR program and exit\&.
.TP
\fB-z\fR
Perform a check load the master zonefiles found in
\fInamed.conf\fR.
\-z
Perform a check load the master zonefiles found in \fInamed\&.conf\fR\&.
.TP
\fB-j\fR
When loading a zonefile read the journal if it exists.
\-j
When loading a zonefile read the journal if it exists\&.
.TP
\fBfilename\fR
The name of the configuration file to be checked. If not
specified, it defaults to \fI/etc/named.conf\fR.
filename
The name of the configuration file to be checked\&. If not specified, it defaults to \fI/etc/named\&.conf\fR\&.
.SH "RETURN VALUES"
.PP
\fBnamed-checkconf\fR returns an exit status of 1 if
errors were detected and 0 otherwise.
\fBnamed\-checkconf\fR returns an exit status of 1 if errors were detected and 0 otherwise\&.
.SH "SEE ALSO"
.PP
\fBnamed\fR(8),
\fIBIND 9 Administrator Reference Manual\fR.
\fBnamed\fR(8), BIND 9 Administrator Reference Manual\&.
.SH "AUTHOR"
.PP
Internet Systems Consortium
Internet Systems Consortium

288
bin/check/named-checkconf.html
View file

@ -1,220 +1,90 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2002 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2002 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named-checkconf.html,v 1.15 2005/04/07 03:49:55 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>named-checkconf</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
><SPAN
CLASS="APPLICATION"
>named-checkconf</SPAN
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>named-checkconf</SPAN
>&nbsp;--&nbsp;named configuration file syntax checking tool</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>named-checkconf</B
> [<CODE
CLASS="OPTION"
>-v</CODE
>] [<CODE
CLASS="OPTION"
>-j</CODE
>] [<CODE
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></CODE
>] {filename} [<CODE
CLASS="OPTION"
>-z</CODE
>]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN26"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>named-checkconf</B
> checks the syntax, but not
the semantics, of a named configuration file.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN30"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
> chroot to <TT
CLASS="FILENAME"
>directory</TT
> so that include
directives in the configuration file are processed as if
run by a similarly chrooted named.
</P
></DD
><DT
>-v</DT
><DD
><P
> Print the version of the <B
CLASS="COMMAND"
>named-checkconf</B
>
program and exit.
</P
></DD
><DT
>-z</DT
><DD
><P
> Perform a check load the master zonefiles found in
<TT
CLASS="FILENAME"
>named.conf</TT
>.
</P
></DD
><DT
>-j</DT
><DD
><P
> When loading a zonefile read the journal if it exists.
</P
></DD
><DT
>filename</DT
><DD
><P
> The name of the configuration file to be checked. If not
specified, it defaults to <TT
CLASS="FILENAME"
>/etc/named.conf</TT
>.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN58"
></A
><H2
>RETURN VALUES</H2
><P
> <B
CLASS="COMMAND"
>named-checkconf</B
> returns an exit status of 1 if
errors were detected and 0 otherwise.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN62"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN69"
></A
><H2
>AUTHOR</H2
><P
> Internet Systems Consortium
</P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>named-checkconf</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">named-checkconf</span> &#8212; named configuration file syntax checking tool</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">named-checkconf</code> [<code class="option">-v</code>] [<code class="option">-j</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] {filename} [<code class="option">-z</code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2513995"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">named-checkconf</strong></span>
checks the syntax, but not the semantics, of a named
configuration file.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514007"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
<dd><p>
chroot to <code class="filename">directory</code> so that
include
directives in the configuration file are processed as if
run by a similarly chrooted named.
</p></dd>
<dt><span class="term">-v</span></dt>
<dd><p>
Print the version of the <span><strong class="command">named-checkconf</strong></span>
program and exit.
</p></dd>
<dt><span class="term">-z</span></dt>
<dd><p>
Perform a check load the master zonefiles found in
<code class="filename">named.conf</code>.
</p></dd>
<dt><span class="term">-j</span></dt>
<dd><p>
When loading a zonefile read the journal if it exists.
</p></dd>
<dt><span class="term">filename</span></dt>
<dd><p>
The name of the configuration file to be checked. If not
specified, it defaults to <code class="filename">/etc/named.conf</code>.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514168"></a><h2>RETURN VALUES</h2>
<p><span><strong class="command">named-checkconf</strong></span>
returns an exit status of 1 if
errors were detected and 0 otherwise.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514180"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514269"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
</div></body>
</html>

130
bin/check/named-checkzone.8
View file

@ -1,101 +1,97 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2002 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2002 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: named-checkzone.8,v 1.24 2005/03/16 04:57:16 marka Exp $
.\"
.TH "NAMED-CHECKZONE" "8" "June 13, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "NAMED-CHECKZONE" 8 "June 13, 2000" "" ""
.SH NAME
named-checkzone \- zone file validity checking tool
.SH SYNOPSIS
.sp
\fBnamed-checkzone\fR [ \fB-d\fR ] [ \fB-j\fR ] [ \fB-q\fR ] [ \fB-v\fR ] [ \fB-c \fIclass\fB\fR ] [ \fB-k \fImode\fB\fR ] [ \fB-n \fImode\fB\fR ] [ \fB-o \fIfilename\fB\fR ] [ \fB-t \fIdirectory\fB\fR ] [ \fB-w \fIdirectory\fB\fR ] [ \fB-D\fR ] [ \fB-W \fImode\fB\fR ] \fBzonename\fR \fBfilename\fR
.SH "SYNOPSIS"
.HP 16
\fBnamed\-checkzone\fR [\fB\-d\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-k\ \fImode\fR\fR] [\fB\-n\ \fImode\fR\fR] [\fB\-o\ \fIfilename\fR\fR] [\fB\-t\ \fIdirectory\fR\fR] [\fB\-w\ \fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-W\ \fImode\fR\fR] {zonename} {filename}
.SH "DESCRIPTION"
.PP
\fBnamed-checkzone\fR checks the syntax and integrity of
a zone file. It performs the same checks as \fBnamed\fR
does when loading a zone. This makes
\fBnamed-checkzone\fR useful for checking zone
files before configuring them into a name server.
\fBnamed\-checkzone\fR checks the syntax and integrity of a zone file\&. It performs the same checks as \fBnamed\fR does when loading a zone\&. This makes \fBnamed\-checkzone\fR useful for checking zone files before configuring them into a name server\&.
.SH "OPTIONS"
.TP
\fB-d\fR
Enable debugging.
\-d
Enable debugging\&.
.TP
\fB-q\fR
Quiet mode - exit code only.
\-q
Quiet mode \- exit code only\&.
.TP
\fB-v\fR
Print the version of the \fBnamed-checkzone\fR
program and exit.
\-v
Print the version of the \fBnamed\-checkzone\fR program and exit\&.
.TP
\fB-j\fR
When loading the zone file read the journal if it exists.
\-j
When loading the zone file read the journal if it exists\&.
.TP
\fB-c \fIclass\fB\fR
Specify the class of the zone. If not specified "IN" is assumed.
\-c \fIclass\fR
Specify the class of the zone\&. If not specified "IN" is assumed\&.
.TP
\fB-k \fImode\fB\fR
Perform \fB"check-name"\fR checks with the specified failure mode.
Possible modes are \fB"fail"\fR,
\fB"warn"\fR (default) and
\fB"ignore"\fR.
\-k \fImode\fR
Perform \fB"check\-name"\fR checks with the specified failure mode\&. Possible modes are \fB"fail"\fR, \fB"warn"\fR (default) and \fB"ignore"\fR\&.
.TP
\fB-n \fImode\fB\fR
Specify whether NS records should be checked to see if they
are addresses. Possible modes are \fB"fail"\fR,
\fB"warn"\fR (default) and
\fB"ignore"\fR.
\-n \fImode\fR
Specify whether NS records should be checked to see if they are addresses\&. Possible modes are \fB"fail"\fR, \fB"warn"\fR (default) and \fB"ignore"\fR\&.
.TP
\fB-o \fIfilename\fB\fR
Write zone output to \fIfilename\fR.
\-o \fIfilename\fR
Write zone output to \fIfilename\fR\&.
.TP
\fB-t \fIdirectory\fB\fR
chroot to \fIdirectory\fR so that include
directives in the configuration file are processed as if
run by a similarly chrooted named.
\-t \fIdirectory\fR
chroot to \fIdirectory\fR so that include directives in the configuration file are processed as if run by a similarly chrooted named\&.
.TP
\fB-w \fIdirectory\fB\fR
chdir to \fIdirectory\fR so that relative
filenames in master file $INCLUDE directives work. This
is similar to the directory clause in
\fInamed.conf\fR.
\-w \fIdirectory\fR
chdir to \fIdirectory\fR so that relative filenames in master file $INCLUDE directives work\&. This is similar to the directory clause in \fInamed\&.conf\fR\&.
.TP
\fB-D\fR
Dump zone file in canonical format.
\-D
Dump zone file in canonical format\&.
.TP
\fB-W \fImode\fB\fR
Specify whether to check for non-terminal wildcards.
Non-terminal wildcards are almost always the result of a
failure to understand the wildcard matching algorithm (RFC 1034).
Possible modes are \fB"warn"\fR (default) and
\fB"ignore"\fR.
\-W \fImode\fR
Specify whether to check for non\-terminal wildcards\&. Non\-terminal wildcards are almost always the result of a failure to understand the wildcard matching algorithm (RFC 1034)\&. Possible modes are \fB"warn"\fR (default) and \fB"ignore"\fR\&.
.TP
\fBzonename\fR
The domain name of the zone being checked.
zonename
The domain name of the zone being checked\&.
.TP
\fBfilename\fR
The name of the zone file.
filename
The name of the zone file\&.
.SH "RETURN VALUES"
.PP
\fBnamed-checkzone\fR returns an exit status of 1 if
errors were detected and 0 otherwise.
\fBnamed\-checkzone\fR returns an exit status of 1 if errors were detected and 0 otherwise\&.
.SH "SEE ALSO"
.PP
\fBnamed\fR(8),
\fIRFC 1035\fR,
\fIBIND 9 Administrator Reference Manual\fR.
\fBnamed\fR(8), RFC 1035, BIND 9 Administrator Reference Manual\&.
.SH "AUTHOR"
.PP
Internet Systems Consortium
Internet Systems Consortium

542
bin/check/named-checkzone.html
View file

@ -1,421 +1,143 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2002 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2002 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named-checkzone.html,v 1.20 2005/04/07 03:49:55 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>named-checkzone</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
><SPAN
CLASS="APPLICATION"
>named-checkzone</SPAN
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>named-checkzone</SPAN
>&nbsp;--&nbsp;zone file validity checking tool</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>named-checkzone</B
> [<CODE
CLASS="OPTION"
>-d</CODE
>] [<CODE
CLASS="OPTION"
>-j</CODE
>] [<CODE
CLASS="OPTION"
>-q</CODE
>] [<CODE
CLASS="OPTION"
>-v</CODE
>] [<CODE
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>class</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-k <TT
CLASS="REPLACEABLE"
><I
>mode</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-n <TT
CLASS="REPLACEABLE"
><I
>mode</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-o <TT
CLASS="REPLACEABLE"
><I
>filename</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-w <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-D</CODE
>] [<CODE
CLASS="OPTION"
>-W <TT
CLASS="REPLACEABLE"
><I
>mode</I
></TT
></CODE
>] {zonename} {filename}</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN49"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>named-checkzone</B
> checks the syntax and integrity of
a zone file. It performs the same checks as <B
CLASS="COMMAND"
>named</B
>
does when loading a zone. This makes
<B
CLASS="COMMAND"
>named-checkzone</B
> useful for checking zone
files before configuring them into a name server.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN55"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-d</DT
><DD
><P
> Enable debugging.
</P
></DD
><DT
>-q</DT
><DD
><P
> Quiet mode - exit code only.
</P
></DD
><DT
>-v</DT
><DD
><P
> Print the version of the <B
CLASS="COMMAND"
>named-checkzone</B
>
program and exit.
</P
></DD
><DT
>-j</DT
><DD
><P
> When loading the zone file read the journal if it exists.
</P
></DD
><DT
>-c <TT
CLASS="REPLACEABLE"
><I
>class</I
></TT
></DT
><DD
><P
> Specify the class of the zone. If not specified "IN" is assumed.
</P
></DD
><DT
>-k <TT
CLASS="REPLACEABLE"
><I
>mode</I
></TT
></DT
><DD
><P
> Perform <B
CLASS="COMMAND"
>"check-name"</B
> checks with the specified failure mode.
Possible modes are <B
CLASS="COMMAND"
>"fail"</B
>,
<B
CLASS="COMMAND"
>"warn"</B
> (default) and
<B
CLASS="COMMAND"
>"ignore"</B
>.
</P
></DD
><DT
>-n <TT
CLASS="REPLACEABLE"
><I
>mode</I
></TT
></DT
><DD
><P
> Specify whether NS records should be checked to see if they
are addresses. Possible modes are <B
CLASS="COMMAND"
>"fail"</B
>,
<B
CLASS="COMMAND"
>"warn"</B
> (default) and
<B
CLASS="COMMAND"
>"ignore"</B
>.
</P
></DD
><DT
>-o <TT
CLASS="REPLACEABLE"
><I
>filename</I
></TT
></DT
><DD
><P
> Write zone output to <TT
CLASS="FILENAME"
>filename</TT
>.
</P
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
> chroot to <TT
CLASS="FILENAME"
>directory</TT
> so that include
directives in the configuration file are processed as if
run by a similarly chrooted named.
</P
></DD
><DT
>-w <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
> chdir to <TT
CLASS="FILENAME"
>directory</TT
> so that relative
filenames in master file $INCLUDE directives work. This
is similar to the directory clause in
<TT
CLASS="FILENAME"
>named.conf</TT
>.
</P
></DD
><DT
>-D</DT
><DD
><P
> Dump zone file in canonical format.
</P
></DD
><DT
>-W <TT
CLASS="REPLACEABLE"
><I
>mode</I
></TT
></DT
><DD
><P
> Specify whether to check for non-terminal wildcards.
Non-terminal wildcards are almost always the result of a
failure to understand the wildcard matching algorithm (RFC 1034).
Possible modes are <B
CLASS="COMMAND"
>"warn"</B
> (default) and
<B
CLASS="COMMAND"
>"ignore"</B
>.
</P
></DD
><DT
>zonename</DT
><DD
><P
> The domain name of the zone being checked.
</P
></DD
><DT
>filename</DT
><DD
><P
> The name of the zone file.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN135"
></A
><H2
>RETURN VALUES</H2
><P
> <B
CLASS="COMMAND"
>named-checkzone</B
> returns an exit status of 1 if
errors were detected and 0 otherwise.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN139"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>,
<I
CLASS="CITETITLE"
>RFC 1035</I
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN147"
></A
><H2
>AUTHOR</H2
><P
> Internet Systems Consortium
</P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>named-checkzone</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">named-checkzone</span> &#8212; zone file validity checking tool</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">named-checkzone</code> [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514060"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">named-checkzone</strong></span>
checks the syntax and integrity of a zone file. It performs the
same checks as <span><strong class="command">named</strong></span> does when loading a
zone. This makes <span><strong class="command">named-checkzone</strong></span> useful for
checking zone files before configuring them into a name server.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514080"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-d</span></dt>
<dd><p>
Enable debugging.
</p></dd>
<dt><span class="term">-q</span></dt>
<dd><p>
Quiet mode - exit code only.
</p></dd>
<dt><span class="term">-v</span></dt>
<dd><p>
Print the version of the <span><strong class="command">named-checkzone</strong></span>
program and exit.
</p></dd>
<dt><span class="term">-j</span></dt>
<dd><p>
When loading the zone file read the journal if it exists.
</p></dd>
<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
<dd><p>
Specify the class of the zone. If not specified "IN" is assumed.
</p></dd>
<dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt>
<dd><p>
Perform <span><strong class="command">"check-name"</strong></span> checks with
the specified failure mode.
Possible modes are <span><strong class="command">"fail"</strong></span>,
<span><strong class="command">"warn"</strong></span> (default) and
<span><strong class="command">"ignore"</strong></span>.
</p></dd>
<dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt>
<dd><p>
Specify whether NS records should be checked to see if they
are addresses. Possible modes are <span><strong class="command">"fail"</strong></span>,
<span><strong class="command">"warn"</strong></span> (default) and
<span><strong class="command">"ignore"</strong></span>.
</p></dd>
<dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt>
<dd><p>
Write zone output to <code class="filename">filename</code>.
</p></dd>
<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
<dd><p>
chroot to <code class="filename">directory</code> so that
include
directives in the configuration file are processed as if
run by a similarly chrooted named.
</p></dd>
<dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt>
<dd><p>
chdir to <code class="filename">directory</code> so that
relative
filenames in master file $INCLUDE directives work. This
is similar to the directory clause in
<code class="filename">named.conf</code>.
</p></dd>
<dt><span class="term">-D</span></dt>
<dd><p>
Dump zone file in canonical format.
</p></dd>
<dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt>
<dd><p>
Specify whether to check for non-terminal wildcards.
Non-terminal wildcards are almost always the result of a
failure to understand the wildcard matching algorithm (RFC 1034).
Possible modes are <span><strong class="command">"warn"</strong></span> (default)
and
<span><strong class="command">"ignore"</strong></span>.
</p></dd>
<dt><span class="term">zonename</span></dt>
<dd><p>
The domain name of the zone being checked.
</p></dd>
<dt><span class="term">filename</span></dt>
<dd><p>
The name of the zone file.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514488"></a><h2>RETURN VALUES</h2>
<p><span><strong class="command">named-checkzone</strong></span>
returns an exit status of 1 if
errors were detected and 0 otherwise.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514500"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<em class="citetitle">RFC 1035</em>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514524"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
</div></body>
</html>

374
bin/dig/dig.1
View file

@ -1,401 +1,229 @@
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium.
.\"
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dig.1,v 1.27 2004/06/23 09:11:41 marka Exp $
.\"
.TH "DIG" "1" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "DIG" 1 "Jun 30, 2000" "" ""
.SH NAME
dig \- DNS lookup utility
.SH SYNOPSIS
.sp
\fBdig\fR [ \fB@server\fR ] [ \fB-b \fIaddress\fB\fR ] [ \fB-c \fIclass\fB\fR ] [ \fB-f \fIfilename\fB\fR ] [ \fB-k \fIfilename\fB\fR ] [ \fB-p \fIport#\fB\fR ] [ \fB-t \fItype\fB\fR ] [ \fB-x \fIaddr\fB\fR ] [ \fB-y \fIname:key\fB\fR ] [ \fB-4\fR ] [ \fB-6\fR ] [ \fBname\fR ] [ \fBtype\fR ] [ \fBclass\fR ] [ \fBqueryopt\fR\fI...\fR ]
.sp
\fBdig\fR [ \fB-h\fR ]
.sp
\fBdig\fR [ \fBglobal-queryopt\fR\fI...\fR ] [ \fBquery\fR\fI...\fR ]
.SH "SYNOPSIS"
.HP 4
\fBdig\fR [@server] [\fB\-b\ \fIaddress\fR\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-f\ \fIfilename\fR\fR] [\fB\-k\ \fIfilename\fR\fR] [\fB\-p\ \fIport#\fR\fR] [\fB\-t\ \fItype\fR\fR] [\fB\-x\ \fIaddr\fR\fR] [\fB\-y\ \fIname:key\fR\fR] [\fB\-4\fR] [\fB\-6\fR] [name] [type] [class] [queryopt...].HP 4
\fBdig\fR [\fB\-h\fR].HP 4
\fBdig\fR [global\-queryopt...] [query...]
.SH "DESCRIPTION"
.PP
\fBdig\fR (domain information groper) is a flexible tool
for interrogating DNS name servers. It performs DNS lookups and
displays the answers that are returned from the name server(s) that
were queried. Most DNS administrators use \fBdig\fR to
troubleshoot DNS problems because of its flexibility, ease of use and
clarity of output. Other lookup tools tend to have less functionality
than \fBdig\fR.
\fBdig\fR (domain information groper) is a flexible tool for interrogating DNS name servers\&. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried\&. Most DNS administrators use \fBdig\fR to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output\&. Other lookup tools tend to have less functionality than \fBdig\fR\&.
.PP
Although \fBdig\fR is normally used with command-line
arguments, it also has a batch mode of operation for reading lookup
requests from a file. A brief summary of its command-line arguments
and options is printed when the \fB-h\fR option is given.
Unlike earlier versions, the BIND9 implementation of
\fBdig\fR allows multiple lookups to be issued from the
command line.
Although \fBdig\fR is normally used with command\-line arguments, it also has a batch mode of operation for reading lookup requests from a file\&. A brief summary of its command\-line arguments and options is printed when the \fB\-h\fR option is given\&. Unlike earlier versions, the BIND9 implementation of \fBdig\fR allows multiple lookups to be issued from the command line\&.
.PP
Unless it is told to query a specific name server,
\fBdig\fR will try each of the servers listed in
\fI/etc/resolv.conf\fR.
Unless it is told to query a specific name server, \fBdig\fR will try each of the servers listed in \fI/etc/resolv\&.conf\fR\&.
.PP
When no command line arguments or options are given, will perform an
NS query for "." (the root).
When no command line arguments or options are given, will perform an NS query for "\&." (the root)\&.
.PP
It is possible to set per-user defaults for \fBdig\fR via
\fI${HOME}/.digrc\fR. This file is read and any options in it
are applied before the command line arguments.
It is possible to set per\-user defaults for \fBdig\fR via \fI${HOME}/\&.digrc\fR\&. This file is read and any options in it are applied before the command line arguments\&.
.SH "SIMPLE USAGE"
.PP
A typical invocation of \fBdig\fR looks like:
.sp
A typical invocation of \fBdig\fR looks like:
.nf
dig @server name type
.sp
.fi
where:
where:
.TP
\fBserver\fR
is the name or IP address of the name server to query. This can be an IPv4
address in dotted-decimal notation or an IPv6
address in colon-delimited notation. When the supplied
\fIserver\fR argument is a hostname,
\fBdig\fR resolves that name before querying that name
server. If no \fIserver\fR argument is provided,
\fBdig\fR consults \fI/etc/resolv.conf\fR
and queries the name servers listed there. The reply from the name
server that responds is displayed.
is the name or IP address of the name server to query\&. This can be an IPv4 address in dotted\-decimal notation or an IPv6 address in colon\-delimited notation\&. When the supplied \fIserver\fR argument is a hostname, \fBdig\fR resolves that name before querying that name server\&. If no \fIserver\fR argument is provided, \fBdig\fR consults \fI/etc/resolv\&.conf\fR and queries the name servers listed there\&. The reply from the name server that responds is displayed\&.
.TP
\fBname\fR
is the name of the resource record that is to be looked up.
is the name of the resource record that is to be looked up\&.
.TP
\fBtype\fR
indicates what type of query is required \(em
ANY, A, MX, SIG, etc.
\fItype\fR can be any valid query type. If no
\fItype\fR argument is supplied,
\fBdig\fR will perform a lookup for an A record.
indicates what type of query is required -- ANY, A, MX, SIG, etc\&. \fItype\fR can be any valid query type\&. If no \fItype\fR argument is supplied, \fBdig\fR will perform a lookup for an A record\&.
.SH "OPTIONS"
.PP
The \fB-b\fR option sets the source IP address of the query
to \fIaddress\fR. This must be a valid address on
one of the host's network interfaces or "0.0.0.0" or "::". An optional port
may be specified by appending "#<port>"
The \fB\-b\fR option sets the source IP address of the query to \fIaddress\fR\&. This must be a valid address on one of the host's network interfaces or "0\&.0\&.0\&.0" or "::"\&. An optional port may be specified by appending "#<port>"
.PP
The default query class (IN for internet) is overridden by the
\fB-c\fR option. \fIclass\fR is any valid
class, such as HS for Hesiod records or CH for CHAOSNET records.
The default query class (IN for internet) is overridden by the \fB\-c\fR option\&. \fIclass\fR is any valid class, such as HS for Hesiod records or CH for CHAOSNET records\&.
.PP
The \fB-f\fR option makes \fBdig \fR operate
in batch mode by reading a list of lookup requests to process from the
file \fIfilename\fR. The file contains a number of
queries, one per line. Each entry in the file should be organised in
the same way they would be presented as queries to
\fBdig\fR using the command-line interface.
The \fB\-f\fR option makes \fBdig \fR operate in batch mode by reading a list of lookup requests to process from the file \fIfilename\fR\&. The file contains a number of queries, one per line\&. Each entry in the file should be organised in the same way they would be presented as queries to \fBdig\fR using the command\-line interface\&.
.PP
If a non-standard port number is to be queried, the
\fB-p\fR option is used. \fIport#\fR is
the port number that \fBdig\fR will send its queries
instead of the standard DNS port number 53. This option would be used
to test a name server that has been configured to listen for queries
on a non-standard port number.
If a non\-standard port number is to be queried, the \fB\-p\fR option is used\&. \fIport#\fR is the port number that \fBdig\fR will send its queries instead of the standard DNS port number 53\&. This option would be used to test a name server that has been configured to listen for queries on a non\-standard port number\&.
.PP
The \fB-4\fR option forces \fBdig\fR to only
use IPv4 query transport. The \fB-6\fR option forces
\fBdig\fR to only use IPv6 query transport.
The \fB\-4\fR option forces \fBdig\fR to only use IPv4 query transport\&. The \fB\-6\fR option forces \fBdig\fR to only use IPv6 query transport\&.
.PP
The \fB-t\fR option sets the query type to
\fItype\fR. It can be any valid query type which is
supported in BIND9. The default query type "A", unless the
\fB-x\fR option is supplied to indicate a reverse lookup.
A zone transfer can be requested by specifying a type of AXFR. When
an incremental zone transfer (IXFR) is required,
\fItype\fR is set to ixfr=N.
The incremental zone transfer will contain the changes made to the zone
since the serial number in the zone's SOA record was
\fIN\fR.
The \fB\-t\fR option sets the query type to \fItype\fR\&. It can be any valid query type which is supported in BIND9\&. The default query type "A", unless the \fB\-x\fR option is supplied to indicate a reverse lookup\&. A zone transfer can be requested by specifying a type of AXFR\&. When an incremental zone transfer (IXFR) is required, \fItype\fR is set to ixfr=N\&. The incremental zone transfer will contain the changes made to the zone since the serial number in the zone's SOA record was \fIN\fR\&.
.PP
Reverse lookups - mapping addresses to names - are simplified by the
\fB-x\fR option. \fIaddr\fR is an IPv4
address in dotted-decimal notation, or a colon-delimited IPv6 address.
When this option is used, there is no need to provide the
\fIname\fR, \fIclass\fR and
\fItype\fR arguments. \fBdig\fR
automatically performs a lookup for a name like
11.12.13.10.in-addr.arpa and sets the query type and
class to PTR and IN respectively. By default, IPv6 addresses are
looked up using nibble format under the IP6.ARPA domain.
To use the older RFC1886 method using the IP6.INT domain
specify the \fB-i\fR option. Bit string labels (RFC2874)
are now experimental and are not attempted.
Reverse lookups \- mapping addresses to names \- are simplified by the \fB\-x\fR option\&. \fIaddr\fR is an IPv4 address in dotted\-decimal notation, or a colon\-delimited IPv6 address\&. When this option is used, there is no need to provide the \fIname\fR, \fIclass\fR and \fItype\fR arguments\&. \fBdig\fR automatically performs a lookup for a name like 11\&.12\&.13\&.10\&.in\-addr\&.arpa and sets the query type and class to PTR and IN respectively\&. By default, IPv6 addresses are looked up using nibble format under the IP6\&.ARPA domain\&. To use the older RFC1886 method using the IP6\&.INT domain specify the \fB\-i\fR option\&. Bit string labels (RFC2874) are now experimental and are not attempted\&.
.PP
To sign the DNS queries sent by \fBdig\fR and their
responses using transaction signatures (TSIG), specify a TSIG key file
using the \fB-k\fR option. You can also specify the TSIG
key itself on the command line using the \fB-y\fR option;
\fIname\fR is the name of the TSIG key and
\fIkey\fR is the actual key. The key is a base-64
encoded string, typically generated by \fBdnssec-keygen\fR(8).
Caution should be taken when using the \fB-y\fR option on
multi-user systems as the key can be visible in the output from
\fBps\fR(1) or in the shell's history file. When
using TSIG authentication with \fBdig\fR, the name
server that is queried needs to know the key and algorithm that is
being used. In BIND, this is done by providing appropriate
\fBkey\fR and \fBserver\fR statements in
\fInamed.conf\fR.
To sign the DNS queries sent by \fBdig\fR and their responses using transaction signatures (TSIG), specify a TSIG key file using the \fB\-k\fR option\&. You can also specify the TSIG key itself on the command line using the \fB\-y\fR option; \fIname\fR is the name of the TSIG key and \fIkey\fR is the actual key\&. The key is a base\-64 encoded string, typically generated by \fBdnssec\-keygen\fR(8)\&. Caution should be taken when using the \fB\-y\fR option on multi\-user systems as the key can be visible in the output from \fBps\fR(1) or in the shell's history file\&. When using TSIG authentication with \fBdig\fR, the name server that is queried needs to know the key and algorithm that is being used\&. In BIND, this is done by providing appropriate \fBkey\fR and \fBserver\fR statements in \fInamed\&.conf\fR\&.
.SH "QUERY OPTIONS"
.PP
\fBdig\fR provides a number of query options which affect
the way in which lookups are made and the results displayed. Some of
these set or reset flag bits in the query header, some determine which
sections of the answer get printed, and others determine the timeout
and retry strategies.
\fBdig\fR provides a number of query options which affect the way in which lookups are made and the results displayed\&. Some of these set or reset flag bits in the query header, some determine which sections of the answer get printed, and others determine the timeout and retry strategies\&.
.PP
Each query option is identified by a keyword preceded by a plus sign
(+). Some keywords set or reset an option. These may be preceded
by the string no to negate the meaning of that keyword. Other
keywords assign values to options like the timeout interval. They
have the form \fB+keyword=value\fR.
The query options are:
Each query option is identified by a keyword preceded by a plus sign (+)\&. Some keywords set or reset an option\&. These may be preceded by the string no to negate the meaning of that keyword\&. Other keywords assign values to options like the timeout interval\&. They have the form \fB+keyword=value\fR\&. The query options are:
.TP
\fB+[no]tcp\fR
Use [do not use] TCP when querying name servers. The default
behaviour is to use UDP unless an AXFR or IXFR query is requested, in
which case a TCP connection is used.
Use [do not use] TCP when querying name servers\&. The default behaviour is to use UDP unless an AXFR or IXFR query is requested, in which case a TCP connection is used\&.
.TP
\fB+[no]vc\fR
Use [do not use] TCP when querying name servers. This alternate
syntax to \fI+[no]tcp\fR is provided for backwards
compatibility. The "vc" stands for "virtual circuit".
Use [do not use] TCP when querying name servers\&. This alternate syntax to \fI+[no]tcp\fR is provided for backwards compatibility\&. The "vc" stands for "virtual circuit"\&.
.TP
\fB+[no]ignore\fR
Ignore truncation in UDP responses instead of retrying with TCP. By
default, TCP retries are performed.
Ignore truncation in UDP responses instead of retrying with TCP\&. By default, TCP retries are performed\&.
.TP
\fB+domain=somename\fR
Set the search list to contain the single domain
\fIsomename\fR, as if specified in a
\fBdomain\fR directive in
\fI/etc/resolv.conf\fR, and enable search list
processing as if the \fI+search\fR option were given.
Set the search list to contain the single domain \fIsomename\fR, as if specified in a \fBdomain\fR directive in \fI/etc/resolv\&.conf\fR, and enable search list processing as if the \fI+search\fR option were given\&.
.TP
\fB+[no]search\fR
Use [do not use] the search list defined by the searchlist or domain
directive in \fIresolv.conf\fR (if any).
The search list is not used by default.
Use [do not use] the search list defined by the searchlist or domain directive in \fIresolv\&.conf\fR (if any)\&. The search list is not used by default\&.
.TP
\fB+[no]defname\fR
Deprecated, treated as a synonym for \fI+[no]search\fR
Deprecated, treated as a synonym for \fI+[no]search\fR
.TP
\fB+[no]aaonly\fR
Sets the "aa" flag in the query.
Sets the "aa" flag in the query\&.
.TP
\fB+[no]aaflag\fR
A synonym for \fI+[no]aaonly\fR.
A synonym for \fI+[no]aaonly\fR\&.
.TP
\fB+[no]adflag\fR
Set [do not set] the AD (authentic data) bit in the query. The AD bit
currently has a standard meaning only in responses, not in queries,
but the ability to set the bit in the query is provided for
completeness.
Set [do not set] the AD (authentic data) bit in the query\&. The AD bit currently has a standard meaning only in responses, not in queries, but the ability to set the bit in the query is provided for completeness\&.
.TP
\fB+[no]cdflag\fR
Set [do not set] the CD (checking disabled) bit in the query. This
requests the server to not perform DNSSEC validation of responses.
Set [do not set] the CD (checking disabled) bit in the query\&. This requests the server to not perform DNSSEC validation of responses\&.
.TP
\fB+[no]cl\fR
Display [do not display] the CLASS when printing the record.
Display [do not display] the CLASS when printing the record\&.
.TP
\fB+[no]ttlid\fR
Display [do not display] the TTL when printing the record.
Display [do not display] the TTL when printing the record\&.
.TP
\fB+[no]recurse\fR
Toggle the setting of the RD (recursion desired) bit in the query.
This bit is set by default, which means \fBdig\fR
normally sends recursive queries. Recursion is automatically disabled
when the \fI+nssearch\fR or
\fI+trace\fR query options are used.
Toggle the setting of the RD (recursion desired) bit in the query\&. This bit is set by default, which means \fBdig\fR normally sends recursive queries\&. Recursion is automatically disabled when the \fI+nssearch\fR or \fI+trace\fR query options are used\&.
.TP
\fB+[no]nssearch\fR
When this option is set, \fBdig\fR attempts to find the
authoritative name servers for the zone containing the name being
looked up and display the SOA record that each name server has for the
zone.
When this option is set, \fBdig\fR attempts to find the authoritative name servers for the zone containing the name being looked up and display the SOA record that each name server has for the zone\&.
.TP
\fB+[no]trace\fR
Toggle tracing of the delegation path from the root name servers for
the name being looked up. Tracing is disabled by default. When
tracing is enabled, \fBdig\fR makes iterative queries to
resolve the name being looked up. It will follow referrals from the
root servers, showing the answer from each server that was used to
resolve the lookup.
Toggle tracing of the delegation path from the root name servers for the name being looked up\&. Tracing is disabled by default\&. When tracing is enabled, \fBdig\fR makes iterative queries to resolve the name being looked up\&. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup\&.
.TP
\fB+[no]cmd\fR
toggles the printing of the initial comment in the output identifying
the version of \fBdig\fR and the query options that have
been applied. This comment is printed by default.
toggles the printing of the initial comment in the output identifying the version of \fBdig\fR and the query options that have been applied\&. This comment is printed by default\&.
.TP
\fB+[no]short\fR
Provide a terse answer. The default is to print the answer in a
verbose form.
Provide a terse answer\&. The default is to print the answer in a verbose form\&.
.TP
\fB+[no]identify\fR
Show [or do not show] the IP address and port number that supplied the
answer when the \fI+short\fR option is enabled. If
short form answers are requested, the default is not to show the
source address and port number of the server that provided the answer.
Show [or do not show] the IP address and port number that supplied the answer when the \fI+short\fR option is enabled\&. If short form answers are requested, the default is not to show the source address and port number of the server that provided the answer\&.
.TP
\fB+[no]comments\fR
Toggle the display of comment lines in the output. The default is to
print comments.
Toggle the display of comment lines in the output\&. The default is to print comments\&.
.TP
\fB+[no]stats\fR
This query option toggles the printing of statistics: when the query
was made, the size of the reply and so on. The default behaviour is
to print the query statistics.
This query option toggles the printing of statistics: when the query was made, the size of the reply and so on\&. The default behaviour is to print the query statistics\&.
.TP
\fB+[no]qr\fR
Print [do not print] the query as it is sent.
By default, the query is not printed.
Print [do not print] the query as it is sent\&. By default, the query is not printed\&.
.TP
\fB+[no]question\fR
Print [do not print] the question section of a query when an answer is
returned. The default is to print the question section as a comment.
Print [do not print] the question section of a query when an answer is returned\&. The default is to print the question section as a comment\&.
.TP
\fB+[no]answer\fR
Display [do not display] the answer section of a reply. The default
is to display it.
Display [do not display] the answer section of a reply\&. The default is to display it\&.
.TP
\fB+[no]authority\fR
Display [do not display] the authority section of a reply. The
default is to display it.
Display [do not display] the authority section of a reply\&. The default is to display it\&.
.TP
\fB+[no]additional\fR
Display [do not display] the additional section of a reply.
The default is to display it.
Display [do not display] the additional section of a reply\&. The default is to display it\&.
.TP
\fB+[no]all\fR
Set or clear all display flags.
Set or clear all display flags\&.
.TP
\fB+time=T\fR
Sets the timeout for a query to
\fIT\fR seconds. The default time out is 5 seconds.
An attempt to set \fIT\fR to less than 1 will result
in a query timeout of 1 second being applied.
Sets the timeout for a query to \fIT\fR seconds\&. The default time out is 5 seconds\&. An attempt to set \fIT\fR to less than 1 will result in a query timeout of 1 second being applied\&.
.TP
\fB+tries=T\fR
Sets the number of times to try UDP queries to server to
\fIT\fR instead of the default, 3. If
\fIT\fR is less than or equal to zero, the number of
tries is silently rounded up to 1.
Sets the number of times to try UDP queries to server to \fIT\fR instead of the default, 3\&. If \fIT\fR is less than or equal to zero, the number of tries is silently rounded up to 1\&.
.TP
\fB+retry=T\fR
Sets the number of times to retry UDP queries to server to
\fIT\fR instead of the default, 2. Unlike
\fI+tries\fR, this does not include the initial
query.
Sets the number of times to retry UDP queries to server to \fIT\fR instead of the default, 2\&. Unlike \fI+tries\fR, this does not include the initial query\&.
.TP
\fB+ndots=D\fR
Set the number of dots that have to appear in
\fIname\fR to \fID\fR for it to be
considered absolute. The default value is that defined using the
ndots statement in \fI/etc/resolv.conf\fR, or 1 if no
ndots statement is present. Names with fewer dots are interpreted as
relative names and will be searched for in the domains listed in the
\fBsearch\fR or \fBdomain\fR directive in
\fI/etc/resolv.conf\fR.
Set the number of dots that have to appear in \fIname\fR to \fID\fR for it to be considered absolute\&. The default value is that defined using the ndots statement in \fI/etc/resolv\&.conf\fR, or 1 if no ndots statement is present\&. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the \fBsearch\fR or \fBdomain\fR directive in \fI/etc/resolv\&.conf\fR\&.
.TP
\fB+bufsize=B\fR
Set the UDP message buffer size advertised using EDNS0 to
\fIB\fR bytes. The maximum and minimum sizes of this
buffer are 65535 and 0 respectively. Values outside this range are
rounded up or down appropriately.
Set the UDP message buffer size advertised using EDNS0 to \fIB\fR bytes\&. The maximum and minimum sizes of this buffer are 65535 and 0 respectively\&. Values outside this range are rounded up or down appropriately\&.
.TP
\fB+[no]multiline\fR
Print records like the SOA records in a verbose multi-line
format with human-readable comments. The default is to print
each record on a single line, to facilitate machine parsing
of the \fBdig\fR output.
Print records like the SOA records in a verbose multi\-line format with human\-readable comments\&. The default is to print each record on a single line, to facilitate machine parsing of the \fBdig\fR output\&.
.TP
\fB+[no]fail\fR
Do not try the next server if you receive a SERVFAIL. The default is
to not try the next server which is the reverse of normal stub resolver
behaviour.
Do not try the next server if you receive a SERVFAIL\&. The default is to not try the next server which is the reverse of normal stub resolver behaviour\&.
.TP
\fB+[no]besteffort\fR
Attempt to display the contents of messages which are malformed.
The default is to not display malformed answers.
Attempt to display the contents of messages which are malformed\&. The default is to not display malformed answers\&.
.TP
\fB+[no]dnssec\fR
Requests DNSSEC records be sent by setting the DNSSEC OK bit (DO)
in the OPT record in the additional section of the query.
Requests DNSSEC records be sent by setting the DNSSEC OK bit (DO) in the OPT record in the additional section of the query\&.
.TP
\fB+[no]sigchase\fR
Chase DNSSEC signature chains. Requires dig be compiled with
-DDIG_SIGCHASE.
Chase DNSSEC signature chains\&. Requires dig be compiled with \-DDIG_SIGCHASE\&.
.TP
\fB+trusted-key=####\fR
Specify a trusted key to be used with \fB+sigchase\fR.
Requires dig be compiled with -DDIG_SIGCHASE.
\fB+trusted\-key=####\fR
Specify a trusted key to be used with \fB+sigchase\fR\&. Requires dig be compiled with \-DDIG_SIGCHASE\&.
.TP
\fB+[no]topdown\fR
When chasing DNSSEC signature chains perform a top down validation.
Requires dig be compiled with -DDIG_SIGCHASE.
When chasing DNSSEC signature chains perform a top down validation\&. Requires dig be compiled with \-DDIG_SIGCHASE\&.
.SH "MULTIPLE QUERIES"
.PP
The BIND 9 implementation of \fBdig \fR supports
specifying multiple queries on the command line (in addition to
supporting the \fB-f\fR batch file option). Each of those
queries can be supplied with its own set of flags, options and query
options.
The BIND 9 implementation of \fBdig \fR supports specifying multiple queries on the command line (in addition to supporting the \fB\-f\fR batch file option)\&. Each of those queries can be supplied with its own set of flags, options and query options\&.
.PP
In this case, each \fIquery\fR argument represent an
individual query in the command-line syntax described above. Each
consists of any of the standard options and flags, the name to be
looked up, an optional query type and class and any query options that
should be applied to that query.
In this case, each \fIquery\fR argument represent an individual query in the command\-line syntax described above\&. Each consists of any of the standard options and flags, the name to be looked up, an optional query type and class and any query options that should be applied to that query\&.
.PP
A global set of query options, which should be applied to all queries,
can also be supplied. These global query options must precede the
first tuple of name, class, type, options, flags, and query options
supplied on the command line. Any global query options (except
the \fB+[no]cmd\fR option) can be
overridden by a query-specific set of query options. For example:
.sp
A global set of query options, which should be applied to all queries, can also be supplied\&. These global query options must precede the first tuple of name, class, type, options, flags, and query options supplied on the command line\&. Any global query options (except the \fB+[no]cmd\fR option) can be overridden by a query\-specific set of query options\&. For example:
.nf
dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
.sp
dig +qr www\&.isc\&.org any \-x 127\&.0\&.0\&.1 isc\&.org ns +noqr
.fi
shows how \fBdig\fR could be used from the command line
to make three lookups: an ANY query for www.isc.org, a
reverse lookup of 127.0.0.1 and a query for the NS records of
isc.org.
A global query option of \fI+qr\fR is applied, so
that \fBdig\fR shows the initial query it made for each
lookup. The final query has a local query option of
\fI+noqr\fR which means that \fBdig\fR
will not print the initial query when it looks up the NS records for
isc.org.
shows how \fBdig\fR could be used from the command line to make three lookups: an ANY query for www\&.isc\&.org, a reverse lookup of 127\&.0\&.0\&.1 and a query for the NS records of isc\&.org\&. A global query option of \fI+qr\fR is applied, so that \fBdig\fR shows the initial query it made for each lookup\&. The final query has a local query option of \fI+noqr\fR which means that \fBdig\fR will not print the initial query when it looks up the NS records for isc\&.org\&.
.SH "FILES"
.PP
\fI/etc/resolv.conf\fR
\fI/etc/resolv\&.conf\fR
.PP
\fI${HOME}/.digrc\fR
\fI${HOME}/\&.digrc\fR
.SH "SEE ALSO"
.PP
\fBhost\fR(1),
\fBnamed\fR(8),
\fBdnssec-keygen\fR(8),
\fIRFC1035\fR.
\fBhost\fR(1), \fBnamed\fR(8), \fBdnssec\-keygen\fR(8), RFC1035\&.
.SH "BUGS"
.PP
There are probably too many query options.
There are probably too many query options\&.

1736
bin/dig/dig.html
View file

File diff suppressed because it is too large Load diff

157
bin/dig/host.1
View file

@ -1,140 +1,81 @@
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2002 Internet Software Consortium.
.\"
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2002 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: host.1,v 1.18 2004/11/11 02:06:28 marka Exp $
.\"
.TH "HOST" "1" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "HOST" 1 "Jun 30, 2000" "" ""
.SH NAME
host \- DNS lookup utility
.SH SYNOPSIS
.sp
\fBhost\fR [ \fB-aCdlnrTwv\fR ] [ \fB-c \fIclass\fB\fR ] [ \fB-N \fIndots\fB\fR ] [ \fB-R \fInumber\fB\fR ] [ \fB-t \fItype\fB\fR ] [ \fB-W \fIwait\fB\fR ] [ \fB-m \fIflag\fB\fR ] [ \fB-4\fR ] [ \fB-6\fR ] \fBname\fR [ \fBserver\fR ]
.SH "SYNOPSIS"
.HP 5
\fBhost\fR [\fB\-aCdlnrTwv\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-N\ \fIndots\fR\fR] [\fB\-R\ \fInumber\fR\fR] [\fB\-t\ \fItype\fR\fR] [\fB\-W\ \fIwait\fR\fR] [\fB\-m\ \fIflag\fR\fR] [\fB\-4\fR] [\fB\-6\fR] {name} [server]
.SH "DESCRIPTION"
.PP
\fBhost\fR
is a simple utility for performing DNS lookups.
It is normally used to convert names to IP addresses and vice versa.
When no arguments or options are given,
\fBhost\fR
prints a short summary of its command line arguments and options.
\fBhost\fR is a simple utility for performing DNS lookups\&. It is normally used to convert names to IP addresses and vice versa\&. When no arguments or options are given, \fBhost\fR prints a short summary of its command line arguments and options\&.
.PP
\fIname\fR is the domain name that is to be looked
up. It can also be a dotted-decimal IPv4 address or a colon-delimited
IPv6 address, in which case \fBhost\fR will by default
perform a reverse lookup for that address.
\fIserver\fR is an optional argument which is either
the name or IP address of the name server that \fBhost\fR
should query instead of the server or servers listed in
\fI/etc/resolv.conf\fR.
\fIname\fR is the domain name that is to be looked up\&. It can also be a dotted\-decimal IPv4 address or a colon\-delimited IPv6 address, in which case \fBhost\fR will by default perform a reverse lookup for that address\&. \fIserver\fR is an optional argument which is either the name or IP address of the name server that \fBhost\fR should query instead of the server or servers listed in \fI/etc/resolv\&.conf\fR\&.
.PP
The \fB-a\fR (all) option is equivalent to setting the
\fB-v\fR option and asking \fBhost\fR to make
a query of type ANY.
The \fB\-a\fR (all) option is equivalent to setting the \fB\-v\fR option and asking \fBhost\fR to make a query of type ANY\&.
.PP
When the \fB-C\fR option is used, \fBhost\fR
will attempt to display the SOA records for zone
\fIname\fR from all the listed authoritative name
servers for that zone. The list of name servers is defined by the NS
records that are found for the zone.
When the \fB\-C\fR option is used, \fBhost\fR will attempt to display the SOA records for zone \fIname\fR from all the listed authoritative name servers for that zone\&. The list of name servers is defined by the NS records that are found for the zone\&.
.PP
The \fB-c\fR option instructs to make a DNS query of class
\fIclass\fR. This can be used to lookup Hesiod or
Chaosnet class resource records. The default class is IN (Internet).
The \fB\-c\fR option instructs to make a DNS query of class \fIclass\fR\&. This can be used to lookup Hesiod or Chaosnet class resource records\&. The default class is IN (Internet)\&.
.PP
Verbose output is generated by \fBhost\fR when the
\fB-d\fR or \fB-v\fR option is used. The two
options are equivalent. They have been provided for backwards
compatibility. In previous versions, the \fB-d\fR option
switched on debugging traces and \fB-v\fR enabled verbose
output.
Verbose output is generated by \fBhost\fR when the \fB\-d\fR or \fB\-v\fR option is used\&. The two options are equivalent\&. They have been provided for backwards compatibility\&. In previous versions, the \fB\-d\fR option switched on debugging traces and \fB\-v\fR enabled verbose output\&.
.PP
List mode is selected by the \fB-l\fR option. This makes
\fBhost\fR perform a zone transfer for zone
\fIname\fR. Transfer the zone printing out the NS, PTR
and address records (A/AAAA). If combined with \fB-a\fR
all records will be printed.
List mode is selected by the \fB\-l\fR option\&. This makes \fBhost\fR perform a zone transfer for zone \fIname\fR\&. Transfer the zone printing out the NS, PTR and address records (A/AAAA)\&. If combined with \fB\-a\fR all records will be printed\&.
.PP
The \fB-i\fR
option specifies that reverse lookups of IPv6 addresses should
use the IP6.INT domain as defined in RFC1886.
The default is to use IP6.ARPA.
The \fB\-i\fR option specifies that reverse lookups of IPv6 addresses should use the IP6\&.INT domain as defined in RFC1886\&. The default is to use IP6\&.ARPA\&.
.PP
The \fB-N\fR option sets the number of dots that have to be
in \fIname\fR for it to be considered absolute. The
default value is that defined using the ndots statement in
\fI/etc/resolv.conf\fR, or 1 if no ndots statement is
present. Names with fewer dots are interpreted as relative names and
will be searched for in the domains listed in the \fBsearch\fR
or \fBdomain\fR directive in
\fI/etc/resolv.conf\fR.
The \fB\-N\fR option sets the number of dots that have to be in \fIname\fR for it to be considered absolute\&. The default value is that defined using the ndots statement in \fI/etc/resolv\&.conf\fR, or 1 if no ndots statement is present\&. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the \fBsearch\fR or \fBdomain\fR directive in \fI/etc/resolv\&.conf\fR\&.
.PP
The number of UDP retries for a lookup can be changed with the
\fB-R\fR option. \fInumber\fR indicates
how many times \fBhost\fR will repeat a query that does
not get answered. The default number of retries is 1. If
\fInumber\fR is negative or zero, the number of
retries will default to 1.
The number of UDP retries for a lookup can be changed with the \fB\-R\fR option\&. \fInumber\fR indicates how many times \fBhost\fR will repeat a query that does not get answered\&. The default number of retries is 1\&. If \fInumber\fR is negative or zero, the number of retries will default to 1\&.
.PP
Non-recursive queries can be made via the \fB-r\fR option.
Setting this option clears the \fBRD\fR \(em recursion
desired \(em bit in the query which \fBhost\fR makes.
This should mean that the name server receiving the query will not
attempt to resolve \fIname\fR. The
\fB-r\fR option enables \fBhost\fR to mimic
the behaviour of a name server by making non-recursive queries and
expecting to receive answers to those queries that are usually
referrals to other name servers.
Non\-recursive queries can be made via the \fB\-r\fR option\&. Setting this option clears the \fBRD\fR -- recursion desired -- bit in the query which \fBhost\fR makes\&. This should mean that the name server receiving the query will not attempt to resolve \fIname\fR\&. The \fB\-r\fR option enables \fBhost\fR to mimic the behaviour of a name server by making non\-recursive queries and expecting to receive answers to those queries that are usually referrals to other name servers\&.
.PP
By default \fBhost\fR uses UDP when making queries. The
\fB-T\fR option makes it use a TCP connection when querying
the name server. TCP will be automatically selected for queries that
require it, such as zone transfer (AXFR) requests.
By default \fBhost\fR uses UDP when making queries\&. The \fB\-T\fR option makes it use a TCP connection when querying the name server\&. TCP will be automatically selected for queries that require it, such as zone transfer (AXFR) requests\&.
.PP
The \fB-4\fR option forces \fBhost\fR to only
use IPv4 query transport. The \fB-6\fR option forces
\fBhost\fR to only use IPv6 query transport.
The \fB\-4\fR option forces \fBhost\fR to only use IPv4 query transport\&. The \fB\-6\fR option forces \fBhost\fR to only use IPv6 query transport\&.
.PP
The \fB-t\fR option is used to select the query type.
\fItype\fR can be any recognised query type: CNAME,
NS, SOA, SIG, KEY, AXFR, etc. When no query type is specified,
\fBhost\fR automatically selects an appropriate query
type. By default it looks for A records, but if the
\fB-C\fR option was given, queries will be made for SOA
records, and if \fIname\fR is a dotted-decimal IPv4
address or colon-delimited IPv6 address, \fBhost\fR will
query for PTR records. If a query type of IXFR is chosen the starting
serial number can be specified by appending an equal followed by the
starting serial number (e.g. -t IXFR=12345678).
The \fB\-t\fR option is used to select the query type\&. \fItype\fR can be any recognised query type: CNAME, NS, SOA, SIG, KEY, AXFR, etc\&. When no query type is specified, \fBhost\fR automatically selects an appropriate query type\&. By default it looks for A records, but if the \fB\-C\fR option was given, queries will be made for SOA records, and if \fIname\fR is a dotted\-decimal IPv4 address or colon\-delimited IPv6 address, \fBhost\fR will query for PTR records\&. If a query type of IXFR is chosen the starting serial number can be specified by appending an equal followed by the starting serial number (e\&.g\&. \-t IXFR=12345678)\&.
.PP
The time to wait for a reply can be controlled through the
\fB-W\fR and \fB-w\fR options. The
\fB-W\fR option makes \fBhost\fR wait for
\fIwait\fR seconds. If \fIwait\fR
is less than one, the wait interval is set to one second. When the
\fB-w\fR option is used, \fBhost\fR will
effectively wait forever for a reply. The time to wait for a response
will be set to the number of seconds given by the hardware's maximum
value for an integer quantity.
The time to wait for a reply can be controlled through the \fB\-W\fR and \fB\-w\fR options\&. The \fB\-W\fR option makes \fBhost\fR wait for \fIwait\fR seconds\&. If \fIwait\fR is less than one, the wait interval is set to one second\&. When the \fB\-w\fR option is used, \fBhost\fR will effectively wait forever for a reply\&. The time to wait for a response will be set to the number of seconds given by the hardware's maximum value for an integer quantity\&.
.PP
The \fB-m\fR can be used to set the memory usage debugging flags
\fIrecord\fR, \fIusage\fR and
\fItrace\fR.
The \fB\-m\fR can be used to set the memory usage debugging flags \fIrecord\fR, \fIusage\fR and \fItrace\fR\&.
.SH "FILES"
.PP
\fI/etc/resolv.conf\fR
\fI/etc/resolv\&.conf\fR
.SH "SEE ALSO"
.PP
\fBdig\fR(1),
\fBnamed\fR(8).
\fBdig\fR(1), \fBnamed\fR(8)\&.

637
bin/dig/host.html
View file

@ -1,468 +1,191 @@
<!--
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2002 Internet Software Consortium.
-
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2002 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: host.html,v 1.13 2005/04/03 03:31:32 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>host</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>host</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>host&nbsp;--&nbsp;DNS lookup utility</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN11"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>host</B
> [<CODE
CLASS="OPTION"
>-aCdlnrTwv</CODE
>] [<CODE
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>class</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-N <TT
CLASS="REPLACEABLE"
><I
>ndots</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-R <TT
CLASS="REPLACEABLE"
><I
>number</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>type</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-W <TT
CLASS="REPLACEABLE"
><I
>wait</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-m <TT
CLASS="REPLACEABLE"
><I
>flag</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-4</CODE
>] [<CODE
CLASS="OPTION"
>-6</CODE
>] {name} [server]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN40"
></A
><H2
>DESCRIPTION</H2
><P
><B
CLASS="COMMAND"
>host</B
>
is a simple utility for performing DNS lookups.
It is normally used to convert names to IP addresses and vice versa.
When no arguments or options are given,
<B
CLASS="COMMAND"
>host</B
>
prints a short summary of its command line arguments and options.</P
><P
><CODE
CLASS="PARAMETER"
>name</CODE
> is the domain name that is to be looked
up. It can also be a dotted-decimal IPv4 address or a colon-delimited
IPv6 address, in which case <B
CLASS="COMMAND"
>host</B
> will by default
perform a reverse lookup for that address.
<CODE
CLASS="PARAMETER"
>server</CODE
> is an optional argument which is either
the name or IP address of the name server that <B
CLASS="COMMAND"
>host</B
>
should query instead of the server or servers listed in
<TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
>.</P
><P
>The <CODE
CLASS="OPTION"
>-a</CODE
> (all) option is equivalent to setting the
<CODE
CLASS="OPTION"
>-v</CODE
> option and asking <B
CLASS="COMMAND"
>host</B
> to make
a query of type ANY.</P
><P
>When the <CODE
CLASS="OPTION"
>-C</CODE
> option is used, <B
CLASS="COMMAND"
>host</B
>
will attempt to display the SOA records for zone
<CODE
CLASS="PARAMETER"
>name</CODE
> from all the listed authoritative name
servers for that zone. The list of name servers is defined by the NS
records that are found for the zone.</P
><P
>The <CODE
CLASS="OPTION"
>-c</CODE
> option instructs to make a DNS query of class
<CODE
CLASS="PARAMETER"
>class</CODE
>. This can be used to lookup Hesiod or
Chaosnet class resource records. The default class is IN (Internet).</P
><P
>Verbose output is generated by <B
CLASS="COMMAND"
>host</B
> when the
<CODE
CLASS="OPTION"
>-d</CODE
> or <CODE
CLASS="OPTION"
>-v</CODE
> option is used. The two
options are equivalent. They have been provided for backwards
compatibility. In previous versions, the <CODE
CLASS="OPTION"
>-d</CODE
> option
switched on debugging traces and <CODE
CLASS="OPTION"
>-v</CODE
> enabled verbose
output.</P
><P
>List mode is selected by the <CODE
CLASS="OPTION"
>-l</CODE
> option. This makes
<B
CLASS="COMMAND"
>host</B
> perform a zone transfer for zone
<CODE
CLASS="PARAMETER"
>name</CODE
>. Transfer the zone printing out the NS, PTR
and address records (A/AAAA). If combined with <CODE
CLASS="OPTION"
>-a</CODE
>
all records will be printed. </P
><P
>The <CODE
CLASS="OPTION"
>-i</CODE
>
option specifies that reverse lookups of IPv6 addresses should
use the IP6.INT domain as defined in RFC1886.
The default is to use IP6.ARPA.</P
><P
>The <CODE
CLASS="OPTION"
>-N</CODE
> option sets the number of dots that have to be
in <CODE
CLASS="PARAMETER"
>name</CODE
> for it to be considered absolute. The
default value is that defined using the ndots statement in
<TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
>, or 1 if no ndots statement is
present. Names with fewer dots are interpreted as relative names and
will be searched for in the domains listed in the <SPAN
CLASS="TYPE"
>search</SPAN
>
or <SPAN
CLASS="TYPE"
>domain</SPAN
> directive in
<TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
>.</P
><P
>The number of UDP retries for a lookup can be changed with the
<CODE
CLASS="OPTION"
>-R</CODE
> option. <CODE
CLASS="PARAMETER"
>number</CODE
> indicates
how many times <B
CLASS="COMMAND"
>host</B
> will repeat a query that does
not get answered. The default number of retries is 1. If
<CODE
CLASS="PARAMETER"
>number</CODE
> is negative or zero, the number of
retries will default to 1.</P
><P
>Non-recursive queries can be made via the <CODE
CLASS="OPTION"
>-r</CODE
> option.
Setting this option clears the <SPAN
CLASS="TYPE"
>RD</SPAN
> &mdash; recursion
desired &mdash; bit in the query which <B
CLASS="COMMAND"
>host</B
> makes.
This should mean that the name server receiving the query will not
attempt to resolve <CODE
CLASS="PARAMETER"
>name</CODE
>. The
<CODE
CLASS="OPTION"
>-r</CODE
> option enables <B
CLASS="COMMAND"
>host</B
> to mimic
the behaviour of a name server by making non-recursive queries and
expecting to receive answers to those queries that are usually
referrals to other name servers.</P
><P
>By default <B
CLASS="COMMAND"
>host</B
> uses UDP when making queries. The
<CODE
CLASS="OPTION"
>-T</CODE
> option makes it use a TCP connection when querying
the name server. TCP will be automatically selected for queries that
require it, such as zone transfer (AXFR) requests.</P
><P
>The <CODE
CLASS="OPTION"
>-4</CODE
> option forces <B
CLASS="COMMAND"
>host</B
> to only
use IPv4 query transport. The <CODE
CLASS="OPTION"
>-6</CODE
> option forces
<B
CLASS="COMMAND"
>host</B
> to only use IPv6 query transport.</P
><P
>The <CODE
CLASS="OPTION"
>-t</CODE
> option is used to select the query type.
<CODE
CLASS="PARAMETER"
>type</CODE
> can be any recognised query type: CNAME,
NS, SOA, SIG, KEY, AXFR, etc. When no query type is specified,
<B
CLASS="COMMAND"
>host</B
> automatically selects an appropriate query
type. By default it looks for A records, but if the
<CODE
CLASS="OPTION"
>-C</CODE
> option was given, queries will be made for SOA
records, and if <CODE
CLASS="PARAMETER"
>name</CODE
> is a dotted-decimal IPv4
address or colon-delimited IPv6 address, <B
CLASS="COMMAND"
>host</B
> will
query for PTR records. If a query type of IXFR is chosen the starting
serial number can be specified by appending an equal followed by the
starting serial number (e.g. -t IXFR=12345678).</P
><P
>The time to wait for a reply can be controlled through the
<CODE
CLASS="OPTION"
>-W</CODE
> and <CODE
CLASS="OPTION"
>-w</CODE
> options. The
<CODE
CLASS="OPTION"
>-W</CODE
> option makes <B
CLASS="COMMAND"
>host</B
> wait for
<CODE
CLASS="PARAMETER"
>wait</CODE
> seconds. If <CODE
CLASS="PARAMETER"
>wait</CODE
>
is less than one, the wait interval is set to one second. When the
<CODE
CLASS="OPTION"
>-w</CODE
> option is used, <B
CLASS="COMMAND"
>host</B
> will
effectively wait forever for a reply. The time to wait for a response
will be set to the number of seconds given by the hardware's maximum
value for an integer quantity.</P
><P
>The <CODE
CLASS="OPTION"
>-m</CODE
> can be used to set the memory usage debugging flags
<CODE
CLASS="PARAMETER"
>record</CODE
>, <CODE
CLASS="PARAMETER"
>usage</CODE
> and
<CODE
CLASS="PARAMETER"
>trace</CODE
>. </P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN123"
></A
><H2
>FILES</H2
><P
><TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN127"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>dig</SPAN
>(1)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>.</P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>host</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456614"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>host &#8212; DNS lookup utility</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">host</code> [<code class="option">-aCdlnrTwv</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-N <em class="replaceable"><code>ndots</code></em></code>] [<code class="option">-R <em class="replaceable"><code>number</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-W <em class="replaceable"><code>wait</code></em></code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-4</code>] [<code class="option">-6</code>] {name} [server]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514038"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">host</strong></span>
is a simple utility for performing DNS lookups.
It is normally used to convert names to IP addresses and vice versa.
When no arguments or options are given,
<span><strong class="command">host</strong></span>
prints a short summary of its command line arguments and options.
</p>
<p><em class="parameter"><code>name</code></em> is the domain name that is to be
looked
up. It can also be a dotted-decimal IPv4 address or a colon-delimited
IPv6 address, in which case <span><strong class="command">host</strong></span> will by
default
perform a reverse lookup for that address.
<em class="parameter"><code>server</code></em> is an optional argument which
is either
the name or IP address of the name server that <span><strong class="command">host</strong></span>
should query instead of the server or servers listed in
<code class="filename">/etc/resolv.conf</code>.
</p>
<p>
The <code class="option">-a</code> (all) option is equivalent to setting the
<code class="option">-v</code> option and asking <span><strong class="command">host</strong></span> to make
a query of type ANY.
</p>
<p>
When the <code class="option">-C</code> option is used, <span><strong class="command">host</strong></span>
will attempt to display the SOA records for zone
<em class="parameter"><code>name</code></em> from all the listed
authoritative name
servers for that zone. The list of name servers is defined by the NS
records that are found for the zone.
</p>
<p>
The <code class="option">-c</code> option instructs to make a DNS query of class
<em class="parameter"><code>class</code></em>. This can be used to lookup
Hesiod or
Chaosnet class resource records. The default class is IN (Internet).
</p>
<p>
Verbose output is generated by <span><strong class="command">host</strong></span> when
the
<code class="option">-d</code> or <code class="option">-v</code> option is used. The two
options are equivalent. They have been provided for backwards
compatibility. In previous versions, the <code class="option">-d</code> option
switched on debugging traces and <code class="option">-v</code> enabled verbose
output.
</p>
<p>
List mode is selected by the <code class="option">-l</code> option. This makes
<span><strong class="command">host</strong></span> perform a zone transfer for zone
<em class="parameter"><code>name</code></em>. Transfer the zone printing out
the NS, PTR
and address records (A/AAAA). If combined with <code class="option">-a</code>
all records will be printed.
</p>
<p>
The <code class="option">-i</code>
option specifies that reverse lookups of IPv6 addresses should
use the IP6.INT domain as defined in RFC1886.
The default is to use IP6.ARPA.
</p>
<p>
The <code class="option">-N</code> option sets the number of dots that have to be
in <em class="parameter"><code>name</code></em> for it to be considered
absolute. The
default value is that defined using the ndots statement in
<code class="filename">/etc/resolv.conf</code>, or 1 if no ndots
statement is
present. Names with fewer dots are interpreted as relative names and
will be searched for in the domains listed in the <span class="type">search</span>
or <span class="type">domain</span> directive in
<code class="filename">/etc/resolv.conf</code>.
</p>
<p>
The number of UDP retries for a lookup can be changed with the
<code class="option">-R</code> option. <em class="parameter"><code>number</code></em>
indicates
how many times <span><strong class="command">host</strong></span> will repeat a query
that does
not get answered. The default number of retries is 1. If
<em class="parameter"><code>number</code></em> is negative or zero, the
number of
retries will default to 1.
</p>
<p>
Non-recursive queries can be made via the <code class="option">-r</code> option.
Setting this option clears the <span class="type">RD</span> &#8212; recursion
desired &#8212; bit in the query which <span><strong class="command">host</strong></span> makes.
This should mean that the name server receiving the query will not
attempt to resolve <em class="parameter"><code>name</code></em>. The
<code class="option">-r</code> option enables <span><strong class="command">host</strong></span>
to mimic
the behaviour of a name server by making non-recursive queries and
expecting to receive answers to those queries that are usually
referrals to other name servers.
</p>
<p>
By default <span><strong class="command">host</strong></span> uses UDP when making
queries. The
<code class="option">-T</code> option makes it use a TCP connection when querying
the name server. TCP will be automatically selected for queries that
require it, such as zone transfer (AXFR) requests.
</p>
<p>
The <code class="option">-4</code> option forces <span><strong class="command">host</strong></span> to only
use IPv4 query transport. The <code class="option">-6</code> option forces
<span><strong class="command">host</strong></span> to only use IPv6 query transport.
</p>
<p>
The <code class="option">-t</code> option is used to select the query type.
<em class="parameter"><code>type</code></em> can be any recognised query
type: CNAME,
NS, SOA, SIG, KEY, AXFR, etc. When no query type is specified,
<span><strong class="command">host</strong></span> automatically selects an appropriate
query
type. By default it looks for A records, but if the
<code class="option">-C</code> option was given, queries will be made for SOA
records, and if <em class="parameter"><code>name</code></em> is a
dotted-decimal IPv4
address or colon-delimited IPv6 address, <span><strong class="command">host</strong></span> will
query for PTR records. If a query type of IXFR is chosen the starting
serial number can be specified by appending an equal followed by the
starting serial number (e.g. -t IXFR=12345678).
</p>
<p>
The time to wait for a reply can be controlled through the
<code class="option">-W</code> and <code class="option">-w</code> options. The
<code class="option">-W</code> option makes <span><strong class="command">host</strong></span>
wait for
<em class="parameter"><code>wait</code></em> seconds. If <em class="parameter"><code>wait</code></em>
is less than one, the wait interval is set to one second. When the
<code class="option">-w</code> option is used, <span><strong class="command">host</strong></span>
will
effectively wait forever for a reply. The time to wait for a response
will be set to the number of seconds given by the hardware's maximum
value for an integer quantity.
</p>
<p>
The <code class="option">-m</code> can be used to set the memory usage debugging
flags
<em class="parameter"><code>record</code></em>, <em class="parameter"><code>usage</code></em> and
<em class="parameter"><code>trace</code></em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514459"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514471"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>.
</p>
</div>
</div></body>
</html>

182
bin/dig/nslookup.1
View file

@ -1,76 +1,71 @@
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: nslookup.1,v 1.2 2004/08/21 09:49:57 marka Exp $
.\"
.TH "NSLOOKUP" "1" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "NSLOOKUP" 1 "Jun 30, 2000" "" ""
.SH NAME
nslookup \- query Internet name servers interactively
.SH SYNOPSIS
.sp
\fBnslookup\fR [ \fB-option\fR ] [ \fBname | -\fR ] [ \fBserver\fR ]
.SH "SYNOPSIS"
.HP 9
\fBnslookup\fR [\fB\-option\fR] [name\ |\ \-] [server]
.SH "DESCRIPTION"
.PP
\fBNslookup\fR
is a program to query Internet domain name servers. \fBNslookup\fR
has two modes: interactive and non-interactive. Interactive mode allows
the user to query name servers for information about various hosts and
domains or to print a list of hosts in a domain. Non-interactive mode is
used to print just the name and requested information for a host or
domain.
\fBNslookup\fR is a program to query Internet domain name servers\&. \fBNslookup\fR has two modes: interactive and non\-interactive\&. Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain\&. Non\-interactive mode is used to print just the name and requested information for a host or domain\&.
.SH "ARGUMENTS"
.PP
Interactive mode is entered in the following cases:
.IP 1.
Interactive mode is entered in the following cases:
.TP 3
1.
when no arguments are given (the default name server will be used)
.IP 2.
when the first argument is a hyphen (-) and the second argument is
the host name or Internet address of a name server.
.TP
2.
when the first argument is a hyphen (\-) and the second argument is the host name or Internet address of a name server\&.
.LP
.PP
Non-interactive mode is used when the name or Internet address of the
host to be looked up is given as the first argument. The optional second
argument specifies the host name or address of a name server.
Non\-interactive mode is used when the name or Internet address of the host to be looked up is given as the first argument\&. The optional second argument specifies the host name or address of a name server\&.
.PP
Options can also be specified on the command line if they precede the
arguments and are prefixed with a hyphen. For example, to
change the default query type to host information, and the initial timeout to 10 seconds, type:
.PP
.sp
.nf
nslookup -query=hinfo -timeout=10
.sp
.fi
Options can also be specified on the command line if they precede the arguments and are prefixed with a hyphen\&. For example, to change the default query type to host information, and the initial timeout to 10 seconds, type: .IP .nf nslookup \-query=hinfo \-timeout=10 .fi
.SH "INTERACTIVE COMMANDS"
.TP
\fBhost [server]\fR
Look up information for host using the current default server or
using server, if specified. If host is an Internet address and
the query type is A or PTR, the name of the host is returned.
If host is a name and does not have a trailing period, the
search list is used to qualify the name.
To look up a host not in the current domain, append a period to
the name.
host [server]
Look up information for host using the current default server or using server, if specified\&. If host is an Internet address and the query type is A or PTR, the name of the host is returned\&. If host is a name and does not have a trailing period, the search list is used to qualify the name\&.
To look up a host not in the current domain, append a period to the name\&.
.TP
\fBserver \fIdomain\fB\fR
\fBserver\fR \fIdomain\fR
.TP
\fBlserver \fIdomain\fB\fR
Change the default server to \fIdomain\fR; lserver uses the initial
server to look up information about \fIdomain\fR, while server uses
the current default server. If an authoritative answer can't be
found, the names of servers that might have the answer are
returned.
\fBlserver\fR \fIdomain\fR
Change the default server to \fIdomain\fR; \fBlserver\fR uses the initial server to look up information about \fIdomain\fR, while \fBserver\fR uses the current default server\&. If an authoritative answer can't be found, the names of servers that might have the answer are returned\&.
.TP
\fBroot\fR
not implemented
@ -91,20 +86,17 @@ not implemented
not implemented
.TP
\fBexit\fR
Exits the program.
Exits the program\&.
.TP
\fBset \fIkeyword[=value]\fB\fR
This command is used to change state information that affects
the lookups. Valid keywords are:
\fBset\fR \fIkeyword[=value]\fR
This command is used to change state information that affects the lookups\&. Valid keywords are:
.RS
.TP
\fBall\fR
Prints the current values of the frequently used
options to \fBset\fR. Information about the current default
server and host is also printed.
Prints the current values of the frequently used options to \fBset\fR\&. Information about the current default server and host is also printed\&.
.TP
\fBclass=\fIvalue\fB\fR
Change the query class to one of:
\fBclass=\fR\fIvalue\fR
Change the query class to one of:
.RS
.TP
\fBIN\fR
@ -119,74 +111,56 @@ the Hesiod class
\fBANY\fR
wildcard
.RE
.PP
The class specifies the protocol group of the information.
.IP
The class specifies the protocol group of the information\&.
(Default = IN; abbreviation = cl)
.TP
\fB\fI[no]\fBdebug\fR
Turn debugging mode on. A lot more information is
printed about the packet sent to the server and the
resulting answer.
\fB \fI[no]\fRdebug\fR
Turn debugging mode on\&. A lot more information is printed about the packet sent to the server and the resulting answer\&.
(Default = nodebug; abbreviation = [no]deb)
.TP
\fB\fI[no]\fBd2\fR
Turn debugging mode on. A lot more information is
printed about the packet sent to the server and the
resulting answer.
\fB \fI[no]\fRd2\fR
Turn debugging mode on\&. A lot more information is printed about the packet sent to the server and the resulting answer\&.
(Default = nod2)
.TP
\fBdomain=\fIname\fB\fR
Sets the search list to \fIname\fR.
\fBdomain=\fR\fIname\fR
Sets the search list to \fIname\fR\&.
.TP
\fB\fI[no]\fBsearch\fR
If the lookup request contains at least one period but
doesn't end with a trailing period, append the domain
names in the domain search list to the request until an
answer is received.
\fB \fI[no]\fRsearch\fR
If the lookup request contains at least one period but doesn't end with a trailing period, append the domain names in the domain search list to the request until an answer is received\&.
(Default = search)
.TP
\fBport=\fIvalue\fB\fR
Change the default TCP/UDP name server port to \fIvalue\fR.
\fBport=\fR\fIvalue\fR
Change the default TCP/UDP name server port to \fIvalue\fR\&.
(Default = 53; abbreviation = po)
.TP
\fBquerytype=\fIvalue\fB\fR
\fBquerytype=\fR\fIvalue\fR
.TP
\fBtype=\fIvalue\fB\fR
Change the top of the information query.
\fBtype=\fR\fIvalue\fR
Change the top of the information query\&.
(Default = A; abbreviations = q, ty)
.TP
\fB\fI[no]\fBrecurse\fR
Tell the name server to query other servers if it does not have the
information.
\fB \fI[no]\fRrecurse\fR
Tell the name server to query other servers if it does not have the information\&.
(Default = recurse; abbreviation = [no]rec)
.TP
\fBretry=\fInumber\fB\fR
Set the number of retries to number.
\fBretry=\fR\fInumber\fR
Set the number of retries to number\&.
.TP
\fBtimeout=\fInumber\fB\fR
Change the initial timeout interval for waiting for a
reply to number seconds.
\fBtimeout=\fR\fInumber\fR
Change the initial timeout interval for waiting for a reply to number seconds\&.
.TP
\fB\fI[no]\fBvc\fR
Always use a virtual circuit when sending requests to the server.
\fB \fI[no]\fRvc\fR
Always use a virtual circuit when sending requests to the server\&.
(Default = novc)
.RE
.IP
.SH "FILES"
.PP
\fI/etc/resolv.conf\fR
\fI/etc/resolv\&.conf\fR
.SH "SEE ALSO"
.PP
\fBdig\fR(1),
\fBhost\fR(1),
\fBnamed\fR(8).
\fBdig\fR(1), \fBhost\fR(1), \fBnamed\fR(8)\&.
.SH "AUTHOR"
.PP
Andrew Cherenson

927
bin/dig/nslookup.html
View file

@ -1,655 +1,296 @@
<!--
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
-
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>nslookup</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456619"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>nslookup &#8212; query Internet name servers interactively</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">nslookup</code> [<code class="option">-option</code>] [name | -] [server]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514032"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">Nslookup</strong></span>
is a program to query Internet domain name servers. <span><strong class="command">Nslookup</strong></span>
has two modes: interactive and non-interactive. Interactive mode allows
the user to query name servers for information about various hosts and
domains or to print a list of hosts in a domain. Non-interactive mode
is
used to print just the name and requested information for a host or
domain.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514048"></a><h2>ARGUMENTS</h2>
<p>
Interactive mode is entered in the following cases:
</p>
<div class="orderedlist"><ol type="a">
<li><p>
when no arguments are given (the default name server will be used)
</p></li>
<li><p>
when the first argument is a hyphen (-) and the second argument is
the host name or Internet address of a name server.
</p></li>
</ol></div>
<p>
</p>
<p>
Non-interactive mode is used when the name or Internet address of the
host to be looked up is given as the first argument. The optional second
argument specifies the host name or address of a name server.
</p>
<p>
Options can also be specified on the command line if they precede the
arguments and are prefixed with a hyphen. For example, to
change the default query type to host information, and the initial
timeout to 10 seconds, type:
</p>
<div class="informalexample"><pre class="programlisting">
nslookup -query=hinfo -timeout=10
</pre></div>
<p>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514089"></a><h2>INTERACTIVE COMMANDS</h2>
<div class="variablelist"><dl>
<dt><span class="term">host [<span class="optional">server</span>]</span></dt>
<dd>
<p>
Look up information for host using the current default server or
using server, if specified. If host is an Internet address and
the query type is A or PTR, the name of the host is returned.
If host is a name and does not have a trailing period, the
search list is used to qualify the name.
</p>
<p>
To look up a host not in the current domain, append a period to
the name.
</p>
</dd>
<dt><span class="term"><code class="constant">server</code> <em class="replaceable"><code>domain</code></em></span></dt>
<dd><p></p></dd>
<dt><span class="term"><code class="constant">lserver</code> <em class="replaceable"><code>domain</code></em></span></dt>
<dd><p>
Change the default server to <em class="replaceable"><code>domain</code></em>; <code class="constant">lserver</code> uses the initial
server to look up information about <em class="replaceable"><code>domain</code></em>, while <code class="constant">server</code> uses
the current default server. If an authoritative answer can't be
found, the names of servers that might have the answer are
returned.
</p></dd>
<dt><span class="term"><code class="constant">root</code></span></dt>
<dd><p>
not implemented
</p></dd>
<dt><span class="term"><code class="constant">finger</code></span></dt>
<dd><p>
not implemented
</p></dd>
<dt><span class="term"><code class="constant">ls</code></span></dt>
<dd><p>
not implemented
</p></dd>
<dt><span class="term"><code class="constant">view</code></span></dt>
<dd><p>
not implemented
</p></dd>
<dt><span class="term"><code class="constant">help</code></span></dt>
<dd><p>
not implemented
</p></dd>
<dt><span class="term"><code class="constant">?</code></span></dt>
<dd><p>
not implemented
</p></dd>
<dt><span class="term"><code class="constant">exit</code></span></dt>
<dd><p>
Exits the program.
</p></dd>
<dt><span class="term"><code class="constant">set</code>
<em class="replaceable"><code>keyword[<span class="optional">=value</span>]</code></em></span></dt>
<dd>
<p>
This command is used to change state information that affects
the lookups. Valid keywords are:
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">all</code></span></dt>
<dd><p>
Prints the current values of the frequently used
options to <span><strong class="command">set</strong></span>.
Information about the current default
server and host is also printed.
</p></dd>
<dt><span class="term"><code class="constant">class=</code><em class="replaceable"><code>value</code></em></span></dt>
<dd>
<p>
Change the query class to one of:
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">IN</code></span></dt>
<dd><p>
the Internet class
</p></dd>
<dt><span class="term"><code class="constant">CH</code></span></dt>
<dd><p>
the Chaos class
</p></dd>
<dt><span class="term"><code class="constant">HS</code></span></dt>
<dd><p>
the Hesiod class
</p></dd>
<dt><span class="term"><code class="constant">ANY</code></span></dt>
<dd><p>
wildcard
</p></dd>
</dl></div>
<p>
The class specifies the protocol group of the information.
<!-- $Id: nslookup.html,v 1.4 2005/04/03 03:31:32 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>nslookup</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>nslookup</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>nslookup&nbsp;--&nbsp;query Internet name servers interactively</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN11"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>nslookup</B
> [<CODE
CLASS="OPTION"
>-option</CODE
>] [name | -] [server]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN18"
></A
><H2
>DESCRIPTION</H2
><P
><B
CLASS="COMMAND"
>Nslookup</B
>
is a program to query Internet domain name servers. <B
CLASS="COMMAND"
>Nslookup</B
>
has two modes: interactive and non-interactive. Interactive mode allows
the user to query name servers for information about various hosts and
domains or to print a list of hosts in a domain. Non-interactive mode is
used to print just the name and requested information for a host or
domain.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN23"
></A
><H2
>ARGUMENTS</H2
><P
>Interactive mode is entered in the following cases:
<P
></P
><OL
TYPE="a"
><LI
><P
>when no arguments are given (the default name server will be used)</P
></LI
><LI
><P
>when the first argument is a hyphen (-) and the second argument is
the host name or Internet address of a name server.</P
></LI
></OL
></P
><P
>Non-interactive mode is used when the name or Internet address of the
host to be looked up is given as the first argument. The optional second
argument specifies the host name or address of a name server.</P
><P
>Options can also be specified on the command line if they precede the
arguments and are prefixed with a hyphen. For example, to
change the default query type to host information, and the initial timeout to 10 seconds, type:
<DIV
CLASS="INFORMALEXAMPLE"
><P
></P
><A
NAME="AEN33"
></A
><PRE
CLASS="PROGRAMLISTING"
>nslookup -query=hinfo -timeout=10</PRE
><P
></P
></DIV
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN35"
></A
><H2
>INTERACTIVE COMMANDS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>host [<SPAN
CLASS="OPTIONAL"
>server</SPAN
>]</DT
><DD
><P
>Look up information for host using the current default server or
using server, if specified. If host is an Internet address and
the query type is A or PTR, the name of the host is returned.
If host is a name and does not have a trailing period, the
search list is used to qualify the name.</P
><P
>To look up a host not in the current domain, append a period to
the name.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>server</CODE
> <TT
CLASS="REPLACEABLE"
><I
>domain</I
></TT
></DT
><DD
><P
></P
></DD
><DT
><CODE
CLASS="CONSTANT"
>lserver</CODE
> <TT
CLASS="REPLACEABLE"
><I
>domain</I
></TT
></DT
><DD
><P
>Change the default server to <TT
CLASS="REPLACEABLE"
><I
>domain</I
></TT
>; <CODE
CLASS="CONSTANT"
>lserver</CODE
> uses the initial
server to look up information about <TT
CLASS="REPLACEABLE"
><I
>domain</I
></TT
>, while <CODE
CLASS="CONSTANT"
>server</CODE
> uses
the current default server. If an authoritative answer can't be
found, the names of servers that might have the answer are
returned.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>root</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>finger</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>ls</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>view</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>help</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>?</CODE
></DT
><DD
><P
>not implemented</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>exit</CODE
></DT
><DD
><P
>Exits the program.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>set</CODE
> <TT
CLASS="REPLACEABLE"
><I
>keyword[<SPAN
CLASS="OPTIONAL"
>=value</SPAN
>]</I
></TT
></DT
><DD
><P
>This command is used to change state information that affects
the lookups. Valid keywords are:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>all</CODE
></DT
><DD
><P
>Prints the current values of the frequently used
options to <B
CLASS="COMMAND"
>set</B
>. Information about the current default
server and host is also printed.
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>class=</CODE
><TT
CLASS="REPLACEABLE"
><I
>value</I
></TT
></DT
><DD
><P
> Change the query class to one of:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>IN</CODE
></DT
><DD
><P
>the Internet class</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>CH</CODE
></DT
><DD
><P
>the Chaos class</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>HS</CODE
></DT
><DD
><P
>the Hesiod class</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>ANY</CODE
></DT
><DD
><P
>wildcard</P
></DD
></DL
></DIV
>
The class specifies the protocol group of the information.
</P
><P
> (Default = IN; abbreviation = cl)
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
><TT
CLASS="REPLACEABLE"
><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
>]</I
></TT
>debug</CODE
></DT
><DD
><P
> Turn debugging mode on. A lot more information is
printed about the packet sent to the server and the
resulting answer.
</P
><P
> (Default = nodebug; abbreviation = [<SPAN
CLASS="OPTIONAL"
>no</SPAN
>]deb)
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
><TT
CLASS="REPLACEABLE"
><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
>]</I
></TT
>d2</CODE
></DT
><DD
><P
> Turn debugging mode on. A lot more information is
printed about the packet sent to the server and the
resulting answer.
</P
><P
> (Default = nod2)
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>domain=</CODE
><TT
CLASS="REPLACEABLE"
><I
>name</I
></TT
></DT
><DD
><P
> Sets the search list to <TT
CLASS="REPLACEABLE"
><I
>name</I
></TT
>.
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
><TT
CLASS="REPLACEABLE"
><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
>]</I
></TT
>search</CODE
></DT
><DD
><P
> If the lookup request contains at least one period but
doesn't end with a trailing period, append the domain
names in the domain search list to the request until an
answer is received.
</P
><P
> (Default = search)
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>port=</CODE
><TT
CLASS="REPLACEABLE"
><I
>value</I
></TT
></DT
><DD
><P
> Change the default TCP/UDP name server port to <TT
CLASS="REPLACEABLE"
><I
>value</I
></TT
>.
</P
><P
> (Default = 53; abbreviation = po)
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>querytype=</CODE
><TT
CLASS="REPLACEABLE"
><I
>value</I
></TT
></DT
><DD
><P
></P
></DD
><DT
><CODE
CLASS="CONSTANT"
>type=</CODE
><TT
CLASS="REPLACEABLE"
><I
>value</I
></TT
></DT
><DD
><P
> Change the top of the information query.
</P
><P
> (Default = A; abbreviations = q, ty)
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
><TT
CLASS="REPLACEABLE"
><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
>]</I
></TT
>recurse</CODE
></DT
><DD
><P
> Tell the name server to query other servers if it does not have the
information.
</P
><P
> (Default = recurse; abbreviation = [no]rec)
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>retry=</CODE
><TT
CLASS="REPLACEABLE"
><I
>number</I
></TT
></DT
><DD
><P
> Set the number of retries to number.
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>timeout=</CODE
><TT
CLASS="REPLACEABLE"
><I
>number</I
></TT
></DT
><DD
><P
> Change the initial timeout interval for waiting for a
reply to number seconds.
</P
></DD
><DT
><CODE
CLASS="CONSTANT"
><TT
CLASS="REPLACEABLE"
><I
>[<SPAN
CLASS="OPTIONAL"
>no</SPAN
>]</I
></TT
>vc</CODE
></DT
><DD
><P
> Always use a virtual circuit when sending requests to the server.
</P
><P
> (Default = novc)
</P
></DD
></DL
></DIV
></P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN218"
></A
><H2
>FILES</H2
><P
><TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN222"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>dig</SPAN
>(1)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>host</SPAN
>(1)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN234"
></A
><H2
>Author</H2
><P
>Andrew Cherenson</P
></DIV
></BODY
></HTML
>
</p>
<p>
(Default = IN; abbreviation = cl)
</p>
</dd>
<dt><span class="term"><code class="constant">
<em class="replaceable"><code>[<span class="optional">no</span>]</code></em>debug</code></span></dt>
<dd>
<p>
Turn debugging mode on. A lot more information is
printed about the packet sent to the server and the
resulting answer.
</p>
<p>
(Default = nodebug; abbreviation = [<span class="optional">no</span>]deb)
</p>
</dd>
<dt><span class="term"><code class="constant">
<em class="replaceable"><code>[<span class="optional">no</span>]</code></em>d2</code></span></dt>
<dd>
<p>
Turn debugging mode on. A lot more information is
printed about the packet sent to the server and the
resulting answer.
</p>
<p>
(Default = nod2)
</p>
</dd>
<dt><span class="term"><code class="constant">domain=</code><em class="replaceable"><code>name</code></em></span></dt>
<dd><p>
Sets the search list to <em class="replaceable"><code>name</code></em>.
</p></dd>
<dt><span class="term"><code class="constant">
<em class="replaceable"><code>[<span class="optional">no</span>]</code></em>search</code></span></dt>
<dd>
<p>
If the lookup request contains at least one period but
doesn't end with a trailing period, append the domain
names in the domain search list to the request until an
answer is received.
</p>
<p>
(Default = search)
</p>
</dd>
<dt><span class="term"><code class="constant">port=</code><em class="replaceable"><code>value</code></em></span></dt>
<dd>
<p>
Change the default TCP/UDP name server port to <em class="replaceable"><code>value</code></em>.
</p>
<p>
(Default = 53; abbreviation = po)
</p>
</dd>
<dt><span class="term"><code class="constant">querytype=</code><em class="replaceable"><code>value</code></em></span></dt>
<dd><p></p></dd>
<dt><span class="term"><code class="constant">type=</code><em class="replaceable"><code>value</code></em></span></dt>
<dd>
<p>
Change the top of the information query.
</p>
<p>
(Default = A; abbreviations = q, ty)
</p>
</dd>
<dt><span class="term"><code class="constant">
<em class="replaceable"><code>[<span class="optional">no</span>]</code></em>recurse</code></span></dt>
<dd>
<p>
Tell the name server to query other servers if it does not
have the
information.
</p>
<p>
(Default = recurse; abbreviation = [no]rec)
</p>
</dd>
<dt><span class="term"><code class="constant">retry=</code><em class="replaceable"><code>number</code></em></span></dt>
<dd><p>
Set the number of retries to number.
</p></dd>
<dt><span class="term"><code class="constant">timeout=</code><em class="replaceable"><code>number</code></em></span></dt>
<dd><p>
Change the initial timeout interval for waiting for a
reply to number seconds.
</p></dd>
<dt><span class="term"><code class="constant">
<em class="replaceable"><code>[<span class="optional">no</span>]</code></em>vc</code></span></dt>
<dd>
<p>
Always use a virtual circuit when sending requests to the
server.
</p>
<p>
(Default = novc)
</p>
</dd>
</dl></div>
<p>
</p>
</dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2516999"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2517011"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">host</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2517045"></a><h2>Author</h2>
<p>
Andrew Cherenson
</p>
</div>
</div></body>
</html>

206
bin/dnssec/dnssec-keygen.8
View file

@ -1,174 +1,128 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dnssec-keygen.8,v 1.28 2005/04/07 03:49:55 marka Exp $
.\"
.TH "DNSSEC-KEYGEN" "8" "June 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "DNSSEC-KEYGEN" 8 "June 30, 2000" "" ""
.SH NAME
dnssec-keygen \- DNSSEC key generation tool
.SH SYNOPSIS
.sp
\fBdnssec-keygen\fR \fB-a \fIalgorithm\fB\fR \fB-b \fIkeysize\fB\fR \fB-n \fInametype\fB\fR [ \fB-c \fIclass\fB\fR ] [ \fB-e\fR ] [ \fB-f \fIflag\fB\fR ] [ \fB-g \fIgenerator\fB\fR ] [ \fB-h\fR ] [ \fB-k\fR ] [ \fB-p \fIprotocol\fB\fR ] [ \fB-r \fIrandomdev\fB\fR ] [ \fB-s \fIstrength\fB\fR ] [ \fB-t \fItype\fB\fR ] [ \fB-v \fIlevel\fB\fR ] \fBname\fR
.SH "SYNOPSIS"
.HP 14
\fBdnssec\-keygen\fR {\-a\ \fIalgorithm\fR} {\-b\ \fIkeysize\fR} {\-n\ \fInametype\fR} [\fB\-c\ \fIclass\fR\fR] [\fB\-e\fR] [\fB\-f\ \fIflag\fR\fR] [\fB\-g\ \fIgenerator\fR\fR] [\fB\-h\fR] [\fB\-k\fR] [\fB\-p\ \fIprotocol\fR\fR] [\fB\-r\ \fIrandomdev\fR\fR] [\fB\-s\ \fIstrength\fR\fR] [\fB\-t\ \fItype\fR\fR] [\fB\-v\ \fIlevel\fR\fR] {name}
.SH "DESCRIPTION"
.PP
\fBdnssec-keygen\fR generates keys for DNSSEC
(Secure DNS), as defined in RFC 2535 and RFC <TBA\\>. It can also generate
keys for use with TSIG (Transaction Signatures), as
defined in RFC 2845.
\fBdnssec\-keygen\fR generates keys for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC <TBA\\>\&. It can also generate keys for use with TSIG (Transaction Signatures), as defined in RFC 2845\&.
.SH "OPTIONS"
.TP
\fB-a \fIalgorithm\fB\fR
Selects the cryptographic algorithm. The value of
\fBalgorithm\fR must be one of RSAMD5 (RSA) or RSASHA1,
DSA, DH (Diffie Hellman), or HMAC-MD5. These values
are case insensitive.
Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm,
and DSA is recommended. For TSIG, HMAC-MD5 is mandatory.
Note 2: HMAC-MD5 and DH automatically set the -k flag.
\-a \fIalgorithm\fR
Selects the cryptographic algorithm\&. The value of \fBalgorithm\fR must be one of RSAMD5 (RSA) or RSASHA1, DSA, DH (Diffie Hellman), or HMAC\-MD5\&. These values are case insensitive\&.
Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm, and DSA is recommended\&. For TSIG, HMAC\-MD5 is mandatory\&.
Note 2: HMAC\-MD5 and DH automatically set the \-k flag\&.
.TP
\fB-b \fIkeysize\fB\fR
Specifies the number of bits in the key. The choice of key
size depends on the algorithm used. RSAMD5 / RSASHA1 keys must be between
512 and 2048 bits. Diffie Hellman keys must be between
128 and 4096 bits. DSA keys must be between 512 and 1024
bits and an exact multiple of 64. HMAC-MD5 keys must be
between 1 and 512 bits.
\-b \fIkeysize\fR
Specifies the number of bits in the key\&. The choice of key size depends on the algorithm used\&. RSAMD5 / RSASHA1 keys must be between 512 and 2048 bits\&. Diffie Hellman keys must be between 128 and 4096 bits\&. DSA keys must be between 512 and 1024 bits and an exact multiple of 64\&. HMAC\-MD5 keys must be between 1 and 512 bits\&.
.TP
\fB-n \fInametype\fB\fR
Specifies the owner type of the key. The value of
\fBnametype\fR must either be ZONE (for a DNSSEC
zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with a host (KEY)),
USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). These values are
case insensitive.
\-n \fInametype\fR
Specifies the owner type of the key\&. The value of \fBnametype\fR must either be ZONE (for a DNSSEC zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with a host (KEY)), USER (for a key associated with a user(KEY)) or OTHER (DNSKEY)\&. These values are case insensitive\&.
.TP
\fB-c \fIclass\fB\fR
Indicates that the DNS record containing the key should have
the specified class. If not specified, class IN is used.
\-c \fIclass\fR
Indicates that the DNS record containing the key should have the specified class\&. If not specified, class IN is used\&.
.TP
\fB-e\fR
If generating an RSAMD5/RSASHA1 key, use a large exponent.
\-e
If generating an RSAMD5/RSASHA1 key, use a large exponent\&.
.TP
\fB-f \fIflag\fB\fR
Set the specified flag in the flag field of the KEY/DNSKEY record.
The only recognized flag is KSK (Key Signing Key) DNSKEY.
\-f \fIflag\fR
Set the specified flag in the flag field of the KEY/DNSKEY record\&. The only recognized flag is KSK (Key Signing Key) DNSKEY\&.
.TP
\fB-g \fIgenerator\fB\fR
If generating a Diffie Hellman key, use this generator.
Allowed values are 2 and 5. If no generator
is specified, a known prime from RFC 2539 will be used
if possible; otherwise the default is 2.
\-g \fIgenerator\fR
If generating a Diffie Hellman key, use this generator\&. Allowed values are 2 and 5\&. If no generator is specified, a known prime from RFC 2539 will be used if possible; otherwise the default is 2\&.
.TP
\fB-h\fR
Prints a short summary of the options and arguments to
\fBdnssec-keygen\fR.
\-h
Prints a short summary of the options and arguments to \fBdnssec\-keygen\fR\&.
.TP
\fB-k\fR
Generate KEY records rather than DNSKEY records.
\-k
Generate KEY records rather than DNSKEY records\&.
.TP
\fB-p \fIprotocol\fB\fR
Sets the protocol value for the generated key. The protocol
is a number between 0 and 255. The default is 3 (DNSSEC).
Other possible values for this argument are listed in
RFC 2535 and its successors.
\-p \fIprotocol\fR
Sets the protocol value for the generated key\&. The protocol is a number between 0 and 255\&. The default is 3 (DNSSEC)\&. Other possible values for this argument are listed in RFC 2535 and its successors\&.
.TP
\fB-r \fIrandomdev\fB\fR
Specifies the source of randomness. If the operating
system does not provide a \fI/dev/random\fR
or equivalent device, the default source of randomness
is keyboard input. \fIrandomdev\fR specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
\fIkeyboard\fR indicates that keyboard
input should be used.
\-r \fIrandomdev\fR
Specifies the source of randomness\&. If the operating system does not provide a \fI/dev/random\fR or equivalent device, the default source of randomness is keyboard input\&. \fIrandomdev\fR specifies the name of a character device or file containing random data to be used instead of the default\&. The special value \fIkeyboard\fR indicates that keyboard input should be used\&.
.TP
\fB-s \fIstrength\fB\fR
Specifies the strength value of the key. The strength is
a number between 0 and 15, and currently has no defined
purpose in DNSSEC.
\-s \fIstrength\fR
Specifies the strength value of the key\&. The strength is a number between 0 and 15, and currently has no defined purpose in DNSSEC\&.
.TP
\fB-t \fItype\fB\fR
Indicates the use of the key. \fBtype\fR must be
one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default
is AUTHCONF. AUTH refers to the ability to authenticate
data, and CONF the ability to encrypt data.
\-t \fItype\fR
Indicates the use of the key\&. \fBtype\fR must be one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF\&. The default is AUTHCONF\&. AUTH refers to the ability to authenticate data, and CONF the ability to encrypt data\&.
.TP
\fB-v \fIlevel\fB\fR
Sets the debugging level.
\-v \fIlevel\fR
Sets the debugging level\&.
.SH "GENERATED KEYS"
.PP
When \fBdnssec-keygen\fR completes successfully,
it prints a string of the form \fIKnnnn.+aaa+iiiii\fR
to the standard output. This is an identification string for
the key it has generated. These strings can be used as arguments
to \fBdnssec-makekeyset\fR.
.TP 0.2i
When \fBdnssec\-keygen\fR completes successfully, it prints a string of the form \fIKnnnn\&.+aaa+iiiii\fR to the standard output\&. This is an identification string for the key it has generated\&. These strings can be used as arguments to \fBdnssec\-makekeyset\fR\&.
.TP 3
\(bu
\fInnnn\fR is the key name.
.TP 0.2i
\fInnnn\fR is the key name\&.
.TP
\(bu
\fIaaa\fR is the numeric representation of the
algorithm.
.TP 0.2i
\fIaaa\fR is the numeric representation of the algorithm\&.
.TP
\(bu
\fIiiiii\fR is the key identifier (or footprint).
\fIiiiii\fR is the key identifier (or footprint)\&.
.LP
.PP
\fBdnssec-keygen\fR creates two file, with names based
on the printed string. \fIKnnnn.+aaa+iiiii.key\fR
contains the public key, and
\fIKnnnn.+aaa+iiiii.private\fR contains the private
key.
\fBdnssec\-keygen\fR creates two file, with names based on the printed string\&. \fIKnnnn\&.+aaa+iiiii\&.key\fR contains the public key, and \fIKnnnn\&.+aaa+iiiii\&.private\fR contains the private key\&.
.PP
The \fI\&.key\fR file contains a DNS KEY record that can be inserted into a zone file (directly or with a $INCLUDE statement)\&.
.PP
The \fI.key\fR file contains a DNS KEY record that
can be inserted into a zone file (directly or with a $INCLUDE
statement).
.PP
.PP
The \fI.private\fR file contains algorithm specific
fields. For obvious security reasons, this file does not have
general read permission.
.PP
.PP
Both \fI.key\fR and \fI.private\fR
files are generated for symmetric encryption algorithm such as
HMAC-MD5, even though the public and private key are equivalent.
The \fI\&.private\fR file contains algorithm specific fields\&. For obvious security reasons, this file does not have general read permission\&.
.PP
Both \fI\&.key\fR and \fI\&.private\fR files are generated for symmetric encryption algorithm such as HMAC\-MD5, even though the public and private key are equivalent\&.
.SH "EXAMPLE"
.PP
To generate a 768-bit DSA key for the domain
\fBexample.com\fR, the following command would be
issued:
To generate a 768\-bit DSA key for the domain \fBexample\&.com\fR, the following command would be issued:
.PP
\fBdnssec-keygen -a DSA -b 768 -n ZONE example.com\fR
\fBdnssec\-keygen \-a DSA \-b 768 \-n ZONE example\&.com\fR
.PP
The command would print a string of the form:
.PP
\fBKexample.com.+003+26160\fR
\fBKexample\&.com\&.+003+26160\fR
.PP
In this example, \fBdnssec-keygen\fR creates
the files \fIKexample.com.+003+26160.key\fR and
\fIKexample.com.+003+26160.private\fR
In this example, \fBdnssec\-keygen\fR creates the files \fIKexample\&.com\&.+003+26160\&.key\fR and \fIKexample\&.com\&.+003+26160\&.private\fR
.SH "SEE ALSO"
.PP
\fBdnssec-signzone\fR(8),
\fIBIND 9 Administrator Reference Manual\fR,
\fIRFC 2535\fR,
\fIRFC 2845\fR,
\fIRFC 2539\fR.
\fBdnssec\-signzone\fR(8), BIND 9 Administrator Reference Manual, RFC 2535, RFC 2845, RFC 2539\&.
.SH "AUTHOR"
.PP
Internet Systems Consortium
Internet Systems Consortium

796
bin/dnssec/dnssec-keygen.html
View file

@ -1,588 +1,232 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-keygen.html,v 1.16 2005/04/07 03:49:55 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>dnssec-keygen</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
><SPAN
CLASS="APPLICATION"
>dnssec-keygen</SPAN
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>dnssec-keygen</SPAN
>&nbsp;--&nbsp;DNSSEC key generation tool</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>dnssec-keygen</B
> {-a <TT
CLASS="REPLACEABLE"
><I
>algorithm</I
></TT
>} {-b <TT
CLASS="REPLACEABLE"
><I
>keysize</I
></TT
>} {-n <TT
CLASS="REPLACEABLE"
><I
>nametype</I
></TT
>} [<CODE
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>class</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-e</CODE
>] [<CODE
CLASS="OPTION"
>-f <TT
CLASS="REPLACEABLE"
><I
>flag</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-g <TT
CLASS="REPLACEABLE"
><I
>generator</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-h</CODE
>] [<CODE
CLASS="OPTION"
>-k</CODE
>] [<CODE
CLASS="OPTION"
>-p <TT
CLASS="REPLACEABLE"
><I
>protocol</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-r <TT
CLASS="REPLACEABLE"
><I
>randomdev</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-s <TT
CLASS="REPLACEABLE"
><I
>strength</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>type</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-v <TT
CLASS="REPLACEABLE"
><I
>level</I
></TT
></CODE
>] {name}</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN53"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>dnssec-keygen</B
> generates keys for DNSSEC
(Secure DNS), as defined in RFC 2535 and RFC &lt;TBA\&gt;. It can also generate
keys for use with TSIG (Transaction Signatures), as
defined in RFC 2845.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN57"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-a <TT
CLASS="REPLACEABLE"
><I
>algorithm</I
></TT
></DT
><DD
><P
> Selects the cryptographic algorithm. The value of
<CODE
CLASS="OPTION"
>algorithm</CODE
> must be one of RSAMD5 (RSA) or RSASHA1,
DSA, DH (Diffie Hellman), or HMAC-MD5. These values
are case insensitive.
</P
><P
> Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm,
and DSA is recommended. For TSIG, HMAC-MD5 is mandatory.
</P
><P
> Note 2: HMAC-MD5 and DH automatically set the -k flag.
</P
></DD
><DT
>-b <TT
CLASS="REPLACEABLE"
><I
>keysize</I
></TT
></DT
><DD
><P
> Specifies the number of bits in the key. The choice of key
size depends on the algorithm used. RSAMD5 / RSASHA1 keys must be between
512 and 2048 bits. Diffie Hellman keys must be between
128 and 4096 bits. DSA keys must be between 512 and 1024
bits and an exact multiple of 64. HMAC-MD5 keys must be
between 1 and 512 bits.
</P
></DD
><DT
>-n <TT
CLASS="REPLACEABLE"
><I
>nametype</I
></TT
></DT
><DD
><P
> Specifies the owner type of the key. The value of
<CODE
CLASS="OPTION"
>nametype</CODE
> must either be ZONE (for a DNSSEC
zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with a host (KEY)),
USER (for a key associated with a user(KEY)) or OTHER (DNSKEY). These values are
case insensitive.
</P
></DD
><DT
>-c <TT
CLASS="REPLACEABLE"
><I
>class</I
></TT
></DT
><DD
><P
> Indicates that the DNS record containing the key should have
the specified class. If not specified, class IN is used.
</P
></DD
><DT
>-e</DT
><DD
><P
> If generating an RSAMD5/RSASHA1 key, use a large exponent.
</P
></DD
><DT
>-f <TT
CLASS="REPLACEABLE"
><I
>flag</I
></TT
></DT
><DD
><P
> Set the specified flag in the flag field of the KEY/DNSKEY record.
The only recognized flag is KSK (Key Signing Key) DNSKEY.
</P
></DD
><DT
>-g <TT
CLASS="REPLACEABLE"
><I
>generator</I
></TT
></DT
><DD
><P
> If generating a Diffie Hellman key, use this generator.
Allowed values are 2 and 5. If no generator
is specified, a known prime from RFC 2539 will be used
if possible; otherwise the default is 2.
</P
></DD
><DT
>-h</DT
><DD
><P
> Prints a short summary of the options and arguments to
<B
CLASS="COMMAND"
>dnssec-keygen</B
>.
</P
></DD
><DT
>-k</DT
><DD
><P
> Generate KEY records rather than DNSKEY records.
</P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>protocol</I
></TT
></DT
><DD
><P
> Sets the protocol value for the generated key. The protocol
is a number between 0 and 255. The default is 3 (DNSSEC).
Other possible values for this argument are listed in
RFC 2535 and its successors.
</P
></DD
><DT
>-r <TT
CLASS="REPLACEABLE"
><I
>randomdev</I
></TT
></DT
><DD
><P
> Specifies the source of randomness. If the operating
system does not provide a <TT
CLASS="FILENAME"
>/dev/random</TT
>
or equivalent device, the default source of randomness
is keyboard input. <TT
CLASS="FILENAME"
>randomdev</TT
> specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<TT
CLASS="FILENAME"
>keyboard</TT
> indicates that keyboard
input should be used.
</P
></DD
><DT
>-s <TT
CLASS="REPLACEABLE"
><I
>strength</I
></TT
></DT
><DD
><P
> Specifies the strength value of the key. The strength is
a number between 0 and 15, and currently has no defined
purpose in DNSSEC.
</P
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>type</I
></TT
></DT
><DD
><P
> Indicates the use of the key. <CODE
CLASS="OPTION"
>type</CODE
> must be
one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default
is AUTHCONF. AUTH refers to the ability to authenticate
data, and CONF the ability to encrypt data.
</P
></DD
><DT
>-v <TT
CLASS="REPLACEABLE"
><I
>level</I
></TT
></DT
><DD
><P
> Sets the debugging level.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN136"
></A
><H2
>GENERATED KEYS</H2
><P
> When <B
CLASS="COMMAND"
>dnssec-keygen</B
> completes successfully,
it prints a string of the form <TT
CLASS="FILENAME"
>Knnnn.+aaa+iiiii</TT
>
to the standard output. This is an identification string for
the key it has generated. These strings can be used as arguments
to <B
CLASS="COMMAND"
>dnssec-makekeyset</B
>.
</P
><P
></P
><UL
><LI
><P
> <TT
CLASS="FILENAME"
>nnnn</TT
> is the key name.
</P
></LI
><LI
><P
> <TT
CLASS="FILENAME"
>aaa</TT
> is the numeric representation of the
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>dnssec-keygen</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-keygen</span> &#8212; DNSSEC key generation tool</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-keygen</code> {-a <em class="replaceable"><code>algorithm</code></em>} {-b <em class="replaceable"><code>keysize</code></em>} {-n <em class="replaceable"><code>nametype</code></em>} [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-e</code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-g <em class="replaceable"><code>generator</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k</code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-s <em class="replaceable"><code>strength</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] {name}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514086"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-keygen</strong></span>
generates keys for DNSSEC (Secure DNS), as defined in RFC 2535
and RFC &lt;TBA\&gt;. It can also generate keys for use with
TSIG (Transaction Signatures), as defined in RFC 2845.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514098"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd>
<p>
Selects the cryptographic algorithm. The value of
<code class="option">algorithm</code> must be one of RSAMD5 (RSA) or RSASHA1,
DSA, DH (Diffie Hellman), or HMAC-MD5. These values
are case insensitive.
</p>
<p>
Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement
algorithm,
and DSA is recommended. For TSIG, HMAC-MD5 is mandatory.
</p>
<p>
Note 2: HMAC-MD5 and DH automatically set the -k flag.
</p>
</dd>
<dt><span class="term">-b <em class="replaceable"><code>keysize</code></em></span></dt>
<dd><p>
Specifies the number of bits in the key. The choice of key
size depends on the algorithm used. RSAMD5 / RSASHA1 keys must be
between
512 and 2048 bits. Diffie Hellman keys must be between
128 and 4096 bits. DSA keys must be between 512 and 1024
bits and an exact multiple of 64. HMAC-MD5 keys must be
between 1 and 512 bits.
</p></dd>
<dt><span class="term">-n <em class="replaceable"><code>nametype</code></em></span></dt>
<dd><p>
Specifies the owner type of the key. The value of
<code class="option">nametype</code> must either be ZONE (for a DNSSEC
zone key (KEY/DNSKEY)), HOST or ENTITY (for a key associated with
a host (KEY)),
USER (for a key associated with a user(KEY)) or OTHER (DNSKEY).
These values are
case insensitive.
</p></dd>
<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
<dd><p>
Indicates that the DNS record containing the key should have
the specified class. If not specified, class IN is used.
</p></dd>
<dt><span class="term">-e</span></dt>
<dd><p>
If generating an RSAMD5/RSASHA1 key, use a large exponent.
</p></dd>
<dt><span class="term">-f <em class="replaceable"><code>flag</code></em></span></dt>
<dd><p>
Set the specified flag in the flag field of the KEY/DNSKEY record.
The only recognized flag is KSK (Key Signing Key) DNSKEY.
</p></dd>
<dt><span class="term">-g <em class="replaceable"><code>generator</code></em></span></dt>
<dd><p>
If generating a Diffie Hellman key, use this generator.
Allowed values are 2 and 5. If no generator
is specified, a known prime from RFC 2539 will be used
if possible; otherwise the default is 2.
</p></dd>
<dt><span class="term">-h</span></dt>
<dd><p>
Prints a short summary of the options and arguments to
<span><strong class="command">dnssec-keygen</strong></span>.
</p></dd>
<dt><span class="term">-k</span></dt>
<dd><p>
Generate KEY records rather than DNSKEY records.
</p></dd>
<dt><span class="term">-p <em class="replaceable"><code>protocol</code></em></span></dt>
<dd><p>
Sets the protocol value for the generated key. The protocol
is a number between 0 and 255. The default is 3 (DNSSEC).
Other possible values for this argument are listed in
RFC 2535 and its successors.
</p></dd>
<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt>
<dd><p>
Specifies the source of randomness. If the operating
system does not provide a <code class="filename">/dev/random</code>
or equivalent device, the default source of randomness
is keyboard input. <code class="filename">randomdev</code>
specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<code class="filename">keyboard</code> indicates that keyboard
input should be used.
</p></dd>
<dt><span class="term">-s <em class="replaceable"><code>strength</code></em></span></dt>
<dd><p>
Specifies the strength value of the key. The strength is
a number between 0 and 15, and currently has no defined
purpose in DNSSEC.
</p></dd>
<dt><span class="term">-t <em class="replaceable"><code>type</code></em></span></dt>
<dd><p>
Indicates the use of the key. <code class="option">type</code> must be
one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The default
is AUTHCONF. AUTH refers to the ability to authenticate
data, and CONF the ability to encrypt data.
</p></dd>
<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
<dd><p>
Sets the debugging level.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514637"></a><h2>GENERATED KEYS</h2>
<p>
When <span><strong class="command">dnssec-keygen</strong></span> completes
successfully,
it prints a string of the form <code class="filename">Knnnn.+aaa+iiiii</code>
to the standard output. This is an identification string for
the key it has generated. These strings can be used as arguments
to <span><strong class="command">dnssec-makekeyset</strong></span>.
</p>
<div class="itemizedlist"><ul type="disc">
<li><p><code class="filename">nnnn</code> is the key name.
</p></li>
<li><p><code class="filename">aaa</code> is the numeric representation
of the
algorithm.
</P
></LI
><LI
><P
> <TT
CLASS="FILENAME"
>iiiii</TT
> is the key identifier (or footprint).
</P
></LI
></UL
><P
> <B
CLASS="COMMAND"
>dnssec-keygen</B
> creates two file, with names based
on the printed string. <TT
CLASS="FILENAME"
>Knnnn.+aaa+iiiii.key</TT
>
contains the public key, and
<TT
CLASS="FILENAME"
>Knnnn.+aaa+iiiii.private</TT
> contains the private
key.
</P
><P
> The <TT
CLASS="FILENAME"
>.key</TT
> file contains a DNS KEY record that
can be inserted into a zone file (directly or with a $INCLUDE
statement).
</P
><P
> The <TT
CLASS="FILENAME"
>.private</TT
> file contains algorithm specific
fields. For obvious security reasons, this file does not have
general read permission.
</P
><P
> Both <TT
CLASS="FILENAME"
>.key</TT
> and <TT
CLASS="FILENAME"
>.private</TT
>
files are generated for symmetric encryption algorithm such as
HMAC-MD5, even though the public and private key are equivalent.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN163"
></A
><H2
>EXAMPLE</H2
><P
> To generate a 768-bit DSA key for the domain
<KBD
CLASS="USERINPUT"
>example.com</KBD
>, the following command would be
issued:
</P
><P
> <KBD
CLASS="USERINPUT"
>dnssec-keygen -a DSA -b 768 -n ZONE example.com</KBD
>
</P
><P
> The command would print a string of the form:
</P
><P
> <KBD
CLASS="USERINPUT"
>Kexample.com.+003+26160</KBD
>
</P
><P
> In this example, <B
CLASS="COMMAND"
>dnssec-keygen</B
> creates
the files <TT
CLASS="FILENAME"
>Kexample.com.+003+26160.key</TT
> and
<TT
CLASS="FILENAME"
>Kexample.com.+003+26160.private</TT
>
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN176"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>dnssec-signzone</SPAN
>(8)</SPAN
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>,
<I
CLASS="CITETITLE"
>RFC 2535</I
>,
<I
CLASS="CITETITLE"
>RFC 2845</I
>,
<I
CLASS="CITETITLE"
>RFC 2539</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN186"
></A
><H2
>AUTHOR</H2
><P
> Internet Systems Consortium
</P
></DIV
></BODY
></HTML
>
</p></li>
<li><p><code class="filename">iiiii</code> is the key identifier (or
footprint).
</p></li>
</ul></div>
<p><span><strong class="command">dnssec-keygen</strong></span>
creates two file, with names based
on the printed string. <code class="filename">Knnnn.+aaa+iiiii.key</code>
contains the public key, and
<code class="filename">Knnnn.+aaa+iiiii.private</code> contains the
private
key.
</p>
<p>
The <code class="filename">.key</code> file contains a DNS KEY record
that
can be inserted into a zone file (directly or with a $INCLUDE
statement).
</p>
<p>
The <code class="filename">.private</code> file contains algorithm
specific
fields. For obvious security reasons, this file does not have
general read permission.
</p>
<p>
Both <code class="filename">.key</code> and <code class="filename">.private</code>
files are generated for symmetric encryption algorithm such as
HMAC-MD5, even though the public and private key are equivalent.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514723"></a><h2>EXAMPLE</h2>
<p>
To generate a 768-bit DSA key for the domain
<strong class="userinput"><code>example.com</code></strong>, the following command would be
issued:
</p>
<p><strong class="userinput"><code>dnssec-keygen -a DSA -b 768 -n ZONE example.com</code></strong>
</p>
<p>
The command would print a string of the form:
</p>
<p><strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
</p>
<p>
In this example, <span><strong class="command">dnssec-keygen</strong></span> creates
the files <code class="filename">Kexample.com.+003+26160.key</code>
and
<code class="filename">Kexample.com.+003+26160.private</code>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514766"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 2535</em>,
<em class="citetitle">RFC 2845</em>,
<em class="citetitle">RFC 2539</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514797"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
</div></body>
</html>

220
bin/dnssec/dnssec-signzone.8
View file

@ -1,184 +1,126 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: dnssec-signzone.8,v 1.34 2005/03/23 04:27:45 marka Exp $
.\"
.TH "DNSSEC-SIGNZONE" "8" "June 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "DNSSEC-SIGNZONE" 8 "June 30, 2000" "" ""
.SH NAME
dnssec-signzone \- DNSSEC zone signing tool
.SH SYNOPSIS
.sp
\fBdnssec-signzone\fR [ \fB-a\fR ] [ \fB-c \fIclass\fB\fR ] [ \fB-d \fIdirectory\fB\fR ] [ \fB-e \fIend-time\fB\fR ] [ \fB-f \fIoutput-file\fB\fR ] [ \fB-g\fR ] [ \fB-h\fR ] [ \fB-k \fIkey\fB\fR ] [ \fB-l \fIdomain\fB\fR ] [ \fB-i \fIinterval\fB\fR ] [ \fB-j \fIjitter\fB\fR ] [ \fB-n \fInthreads\fB\fR ] [ \fB-o \fIorigin\fB\fR ] [ \fB-p\fR ] [ \fB-r \fIrandomdev\fB\fR ] [ \fB-s \fIstart-time\fB\fR ] [ \fB-t\fR ] [ \fB-v \fIlevel\fB\fR ] [ \fB-z\fR ] \fBzonefile\fR [ \fBkey\fR\fI...\fR ]
.SH "SYNOPSIS"
.HP 16
\fBdnssec\-signzone\fR [\fB\-a\fR] [\fB\-c\ \fIclass\fR\fR] [\fB\-d\ \fIdirectory\fR\fR] [\fB\-e\ \fIend\-time\fR\fR] [\fB\-f\ \fIoutput\-file\fR\fR] [\fB\-g\fR] [\fB\-h\fR] [\fB\-k\ \fIkey\fR\fR] [\fB\-l\ \fIdomain\fR\fR] [\fB\-i\ \fIinterval\fR\fR] [\fB\-j\ \fIjitter\fR\fR] [\fB\-n\ \fInthreads\fR\fR] [\fB\-o\ \fIorigin\fR\fR] [\fB\-p\fR] [\fB\-r\ \fIrandomdev\fR\fR] [\fB\-s\ \fIstart\-time\fR\fR] [\fB\-t\fR] [\fB\-v\ \fIlevel\fR\fR] [\fB\-z\fR] {zonefile} [key...]
.SH "DESCRIPTION"
.PP
\fBdnssec-signzone\fR signs a zone. It generates
NSEC and RRSIG records and produces a signed version of the
zone. The security status of delegations from the signed zone
(that is, whether the child zones are secure or not) is
determined by the presence or absence of a
\fIkeyset\fR file for each child zone.
\fBdnssec\-signzone\fR signs a zone\&. It generates NSEC and RRSIG records and produces a signed version of the zone\&. The security status of delegations from the signed zone (that is, whether the child zones are secure or not) is determined by the presence or absence of a \fIkeyset\fR file for each child zone\&.
.SH "OPTIONS"
.TP
\fB-a\fR
Verify all generated signatures.
\-a
Verify all generated signatures\&.
.TP
\fB-c \fIclass\fB\fR
Specifies the DNS class of the zone.
\-c \fIclass\fR
Specifies the DNS class of the zone\&.
.TP
\fB-k \fIkey\fB\fR
Treat specified key as a key signing key ignoring any
key flags. This option may be specified multiple times.
\-k \fIkey\fR
Treat specified key as a key signing key ignoring any key flags\&. This option may be specified multiple times\&.
.TP
\fB-l \fIdomain\fB\fR
Generate a DLV set in addition to the key (DNSKEY) and DS sets.
The domain is appended to the name of the records.
\-l \fIdomain\fR
Generate a DLV set in addition to the key (DNSKEY) and DS sets\&. The domain is appended to the name of the records\&.
.TP
\fB-d \fIdirectory\fB\fR
Look for \fIkeyset\fR files in
\fBdirectory\fR as the directory
\-d \fIdirectory\fR
Look for \fIkeyset\fR files in \fBdirectory\fR as the directory
.TP
\fB-g\fR
Generate DS records for child zones from keyset files.
Existing DS records will be removed.
\-g
Generate DS records for child zones from keyset files\&. Existing DS records will be removed\&.
.TP
\fB-s \fIstart-time\fB\fR
Specify the date and time when the generated RRSIG records
become valid. This can be either an absolute or relative
time. An absolute start time is indicated by a number
in YYYYMMDDHHMMSS notation; 20000530144500 denotes
14:45:00 UTC on May 30th, 2000. A relative start time is
indicated by +N, which is N seconds from the current time.
If no \fBstart-time\fR is specified, the current
time minus 1 hour (to allow for clock skew) is used.
\-s \fIstart\-time\fR
Specify the date and time when the generated RRSIG records become valid\&. This can be either an absolute or relative time\&. An absolute start time is indicated by a number in YYYYMMDDHHMMSS notation; 20000530144500 denotes 14:45:00 UTC on May 30th, 2000\&. A relative start time is indicated by +N, which is N seconds from the current time\&. If no \fBstart\-time\fR is specified, the current time minus 1 hour (to allow for clock skew) is used\&.
.TP
\fB-e \fIend-time\fB\fR
Specify the date and time when the generated RRSIG records
expire. As with \fBstart-time\fR, an absolute
time is indicated in YYYYMMDDHHMMSS notation. A time relative
to the start time is indicated with +N, which is N seconds from
the start time. A time relative to the current time is
indicated with now+N. If no \fBend-time\fR is
specified, 30 days from the start time is used as a default.
\-e \fIend\-time\fR
Specify the date and time when the generated RRSIG records expire\&. As with \fBstart\-time\fR, an absolute time is indicated in YYYYMMDDHHMMSS notation\&. A time relative to the start time is indicated with +N, which is N seconds from the start time\&. A time relative to the current time is indicated with now+N\&. If no \fBend\-time\fR is specified, 30 days from the start time is used as a default\&.
.TP
\fB-f \fIoutput-file\fB\fR
The name of the output file containing the signed zone. The
default is to append \fI.signed\fR to the
input file.
\-f \fIoutput\-file\fR
The name of the output file containing the signed zone\&. The default is to append \fI\&.signed\fR to the input file\&.
.TP
\fB-h\fR
Prints a short summary of the options and arguments to
\fBdnssec-signzone\fR.
\-h
Prints a short summary of the options and arguments to \fBdnssec\-signzone\fR\&.
.TP
\fB-i \fIinterval\fB\fR
When a previously signed zone is passed as input, records
may be resigned. The \fBinterval\fR option
specifies the cycle interval as an offset from the current
time (in seconds). If a RRSIG record expires after the
cycle interval, it is retained. Otherwise, it is considered
to be expiring soon, and it will be replaced.
The default cycle interval is one quarter of the difference
between the signature end and start times. So if neither
\fBend-time\fR or \fBstart-time\fR
are specified, \fBdnssec-signzone\fR generates
signatures that are valid for 30 days, with a cycle
interval of 7.5 days. Therefore, if any existing RRSIG records
are due to expire in less than 7.5 days, they would be
replaced.
\-i \fIinterval\fR
When a previously signed zone is passed as input, records may be resigned\&. The \fBinterval\fR option specifies the cycle interval as an offset from the current time (in seconds)\&. If a RRSIG record expires after the cycle interval, it is retained\&. Otherwise, it is considered to be expiring soon, and it will be replaced\&.
The default cycle interval is one quarter of the difference between the signature end and start times\&. So if neither \fBend\-time\fR or \fBstart\-time\fR are specified, \fBdnssec\-signzone\fR generates signatures that are valid for 30 days, with a cycle interval of 7\&.5 days\&. Therefore, if any existing RRSIG records are due to expire in less than 7\&.5 days, they would be replaced\&.
.TP
\fB\fR
When signing a zone with a fixed signature lifetime, all
RRSIG records issued at the time of signing expires
simultaneously. If the zone is incrementally signed, i.e.
a previously signed zone is passed as input to the signer,
all expired signatures has to be regenerated at about the
same time. The \fBjitter\fR option specifies a
jitter window that will be used to randomize the signature
expire time, thus spreading incremental signature
regeneration over time.
Signature lifetime jitter also to some extent benefits
validators and servers by spreading out cache expiration,
i.e. if large numbers of RRSIGs don't expire at the same time
from all caches there will be less congestion than if all
validators need to refetch at mostly the same time.
\-j \fIjitter\fR
When signing a zone with a fixed signature lifetime, all RRSIG records issued at the time of signing expires simultaneously\&. If the zone is incrementally signed, i\&.e\&. a previously signed zone is passed as input to the signer, all expired signatures has to be regenerated at about the same time\&. The \fBjitter\fR option specifies a jitter window that will be used to randomize the signature expire time, thus spreading incremental signature regeneration over time\&.
Signature lifetime jitter also to some extent benefits validators and servers by spreading out cache expiration, i\&.e\&. if large numbers of RRSIGs don't expire at the same time from all caches there will be less congestion than if all validators need to refetch at mostly the same time\&.
.TP
\fB-n \fIncpus\fB\fR
Specifies the number of threads to use. By default, one
thread is started for each detected CPU.
\-n \fIncpus\fR
Specifies the number of threads to use\&. By default, one thread is started for each detected CPU\&.
.TP
\fB-o \fIorigin\fB\fR
The zone origin. If not specified, the name of the zone file
is assumed to be the origin.
\-o \fIorigin\fR
The zone origin\&. If not specified, the name of the zone file is assumed to be the origin\&.
.TP
\fB-p\fR
Use pseudo-random data when signing the zone. This is faster,
but less secure, than using real random data. This option
may be useful when signing large zones or when the entropy
source is limited.
\-p
Use pseudo\-random data when signing the zone\&. This is faster, but less secure, than using real random data\&. This option may be useful when signing large zones or when the entropy source is limited\&.
.TP
\fB-r \fIrandomdev\fB\fR
Specifies the source of randomness. If the operating
system does not provide a \fI/dev/random\fR
or equivalent device, the default source of randomness
is keyboard input. \fIrandomdev\fR specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
\fIkeyboard\fR indicates that keyboard
input should be used.
\-r \fIrandomdev\fR
Specifies the source of randomness\&. If the operating system does not provide a \fI/dev/random\fR or equivalent device, the default source of randomness is keyboard input\&. \fIrandomdev\fR specifies the name of a character device or file containing random data to be used instead of the default\&. The special value \fIkeyboard\fR indicates that keyboard input should be used\&.
.TP
\fB-t\fR
Print statistics at completion.
\-t
Print statistics at completion\&.
.TP
\fB-v \fIlevel\fB\fR
Sets the debugging level.
\-v \fIlevel\fR
Sets the debugging level\&.
.TP
\fB-z\fR
Ignore KSK flag on key when determining what to sign.
\-z
Ignore KSK flag on key when determining what to sign\&.
.TP
\fBzonefile\fR
The file containing the zone to be signed.
Sets the debugging level.
zonefile
The file containing the zone to be signed\&. Sets the debugging level\&.
.TP
\fBkey\fR
The keys used to sign the zone. If no keys are specified, the
default all zone keys that have private key files in the
current directory.
key
The keys used to sign the zone\&. If no keys are specified, the default all zone keys that have private key files in the current directory\&.
.SH "EXAMPLE"
.PP
The following command signs the \fBexample.com\fR
zone with the DSA key generated in the \fBdnssec-keygen\fR
man page. The zone's keys must be in the zone. If there are
\fIkeyset\fR files associated with child zones,
they must be in the current directory.
\fBexample.com\fR, the following command would be
issued:
The following command signs the \fBexample\&.com\fR zone with the DSA key generated in the \fBdnssec\-keygen\fR man page\&. The zone's keys must be in the zone\&. If there are \fIkeyset\fR files associated with child zones, they must be in the current directory\&. \fBexample\&.com\fR, the following command would be issued:
.PP
\fBdnssec-signzone -o example.com db.example.com Kexample.com.+003+26160\fR
\fBdnssec\-signzone \-o example\&.com db\&.example\&.com Kexample\&.com\&.+003+26160\fR
.PP
The command would print a string of the form:
.PP
In this example, \fBdnssec-signzone\fR creates
the file \fIdb.example.com.signed\fR. This file
should be referenced in a zone statement in a
\fInamed.conf\fR file.
In this example, \fBdnssec\-signzone\fR creates the file \fIdb\&.example\&.com\&.signed\fR\&. This file should be referenced in a zone statement in a \fInamed\&.conf\fR file\&.
.SH "SEE ALSO"
.PP
\fBdnssec-keygen\fR(8),
\fIBIND 9 Administrator Reference Manual\fR,
\fIRFC 2535\fR.
\fBdnssec\-keygen\fR(8), BIND 9 Administrator Reference Manual, RFC 2535\&.
.SH "AUTHOR"
.PP
Internet Systems Consortium
Internet Systems Consortium

856
bin/dnssec/dnssec-signzone.html
View file

@ -1,634 +1,244 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: dnssec-signzone.html,v 1.17 2005/04/07 03:49:57 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>dnssec-signzone</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
><SPAN
CLASS="APPLICATION"
>dnssec-signzone</SPAN
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>dnssec-signzone</SPAN
>&nbsp;--&nbsp;DNSSEC zone signing tool</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>dnssec-signzone</B
> [<CODE
CLASS="OPTION"
>-a</CODE
>] [<CODE
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>class</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-d <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-e <TT
CLASS="REPLACEABLE"
><I
>end-time</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-f <TT
CLASS="REPLACEABLE"
><I
>output-file</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-g</CODE
>] [<CODE
CLASS="OPTION"
>-h</CODE
>] [<CODE
CLASS="OPTION"
>-k <TT
CLASS="REPLACEABLE"
><I
>key</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-l <TT
CLASS="REPLACEABLE"
><I
>domain</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-i <TT
CLASS="REPLACEABLE"
><I
>interval</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-j <TT
CLASS="REPLACEABLE"
><I
>jitter</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-n <TT
CLASS="REPLACEABLE"
><I
>nthreads</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-o <TT
CLASS="REPLACEABLE"
><I
>origin</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-p</CODE
>] [<CODE
CLASS="OPTION"
>-r <TT
CLASS="REPLACEABLE"
><I
>randomdev</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-s <TT
CLASS="REPLACEABLE"
><I
>start-time</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-t</CODE
>] [<CODE
CLASS="OPTION"
>-v <TT
CLASS="REPLACEABLE"
><I
>level</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-z</CODE
>] {zonefile} [key...]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN69"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>dnssec-signzone</B
> signs a zone. It generates
NSEC and RRSIG records and produces a signed version of the
zone. The security status of delegations from the signed zone
(that is, whether the child zones are secure or not) is
determined by the presence or absence of a
<TT
CLASS="FILENAME"
>keyset</TT
> file for each child zone.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN74"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-a</DT
><DD
><P
> Verify all generated signatures.
</P
></DD
><DT
>-c <TT
CLASS="REPLACEABLE"
><I
>class</I
></TT
></DT
><DD
><P
> Specifies the DNS class of the zone.
</P
></DD
><DT
>-k <TT
CLASS="REPLACEABLE"
><I
>key</I
></TT
></DT
><DD
><P
> Treat specified key as a key signing key ignoring any
key flags. This option may be specified multiple times.
</P
></DD
><DT
>-l <TT
CLASS="REPLACEABLE"
><I
>domain</I
></TT
></DT
><DD
><P
> Generate a DLV set in addition to the key (DNSKEY) and DS sets.
The domain is appended to the name of the records.
</P
></DD
><DT
>-d <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
> Look for <TT
CLASS="FILENAME"
>keyset</TT
> files in
<CODE
CLASS="OPTION"
>directory</CODE
> as the directory
</P
></DD
><DT
>-g</DT
><DD
><P
> Generate DS records for child zones from keyset files.
Existing DS records will be removed.
</P
></DD
><DT
>-s <TT
CLASS="REPLACEABLE"
><I
>start-time</I
></TT
></DT
><DD
><P
> Specify the date and time when the generated RRSIG records
become valid. This can be either an absolute or relative
time. An absolute start time is indicated by a number
in YYYYMMDDHHMMSS notation; 20000530144500 denotes
14:45:00 UTC on May 30th, 2000. A relative start time is
indicated by +N, which is N seconds from the current time.
If no <CODE
CLASS="OPTION"
>start-time</CODE
> is specified, the current
time minus 1 hour (to allow for clock skew) is used.
</P
></DD
><DT
>-e <TT
CLASS="REPLACEABLE"
><I
>end-time</I
></TT
></DT
><DD
><P
> Specify the date and time when the generated RRSIG records
expire. As with <CODE
CLASS="OPTION"
>start-time</CODE
>, an absolute
time is indicated in YYYYMMDDHHMMSS notation. A time relative
to the start time is indicated with +N, which is N seconds from
the start time. A time relative to the current time is
indicated with now+N. If no <CODE
CLASS="OPTION"
>end-time</CODE
> is
specified, 30 days from the start time is used as a default.
</P
></DD
><DT
>-f <TT
CLASS="REPLACEABLE"
><I
>output-file</I
></TT
></DT
><DD
><P
> The name of the output file containing the signed zone. The
default is to append <TT
CLASS="FILENAME"
>.signed</TT
> to the
input file.
</P
></DD
><DT
>-h</DT
><DD
><P
> Prints a short summary of the options and arguments to
<B
CLASS="COMMAND"
>dnssec-signzone</B
>.
</P
></DD
><DT
>-i <TT
CLASS="REPLACEABLE"
><I
>interval</I
></TT
></DT
><DD
><P
> When a previously signed zone is passed as input, records
may be resigned. The <CODE
CLASS="OPTION"
>interval</CODE
> option
specifies the cycle interval as an offset from the current
time (in seconds). If a RRSIG record expires after the
cycle interval, it is retained. Otherwise, it is considered
to be expiring soon, and it will be replaced.
</P
><P
> The default cycle interval is one quarter of the difference
between the signature end and start times. So if neither
<CODE
CLASS="OPTION"
>end-time</CODE
> or <CODE
CLASS="OPTION"
>start-time</CODE
>
are specified, <B
CLASS="COMMAND"
>dnssec-signzone</B
> generates
signatures that are valid for 30 days, with a cycle
interval of 7.5 days. Therefore, if any existing RRSIG records
are due to expire in less than 7.5 days, they would be
replaced.
</P
></DD
><DT
></DT
><DD
><P
> When signing a zone with a fixed signature lifetime, all
RRSIG records issued at the time of signing expires
simultaneously. If the zone is incrementally signed, i.e.
a previously signed zone is passed as input to the signer,
all expired signatures has to be regenerated at about the
same time. The <CODE
CLASS="OPTION"
>jitter</CODE
> option specifies a
jitter window that will be used to randomize the signature
expire time, thus spreading incremental signature
regeneration over time.
</P
><P
> Signature lifetime jitter also to some extent benefits
validators and servers by spreading out cache expiration,
i.e. if large numbers of RRSIGs don't expire at the same time
from all caches there will be less congestion than if all
validators need to refetch at mostly the same time.
</P
></DD
><DT
>-n <TT
CLASS="REPLACEABLE"
><I
>ncpus</I
></TT
></DT
><DD
><P
> Specifies the number of threads to use. By default, one
thread is started for each detected CPU.
</P
></DD
><DT
>-o <TT
CLASS="REPLACEABLE"
><I
>origin</I
></TT
></DT
><DD
><P
> The zone origin. If not specified, the name of the zone file
is assumed to be the origin.
</P
></DD
><DT
>-p</DT
><DD
><P
> Use pseudo-random data when signing the zone. This is faster,
but less secure, than using real random data. This option
may be useful when signing large zones or when the entropy
source is limited.
</P
></DD
><DT
>-r <TT
CLASS="REPLACEABLE"
><I
>randomdev</I
></TT
></DT
><DD
><P
> Specifies the source of randomness. If the operating
system does not provide a <TT
CLASS="FILENAME"
>/dev/random</TT
>
or equivalent device, the default source of randomness
is keyboard input. <TT
CLASS="FILENAME"
>randomdev</TT
> specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<TT
CLASS="FILENAME"
>keyboard</TT
> indicates that keyboard
input should be used.
</P
></DD
><DT
>-t</DT
><DD
><P
> Print statistics at completion.
</P
></DD
><DT
>-v <TT
CLASS="REPLACEABLE"
><I
>level</I
></TT
></DT
><DD
><P
> Sets the debugging level.
</P
></DD
><DT
>-z</DT
><DD
><P
> Ignore KSK flag on key when determining what to sign.
</P
></DD
><DT
>zonefile</DT
><DD
><P
> The file containing the zone to be signed.
Sets the debugging level.
</P
></DD
><DT
>key</DT
><DD
><P
> The keys used to sign the zone. If no keys are specified, the
default all zone keys that have private key files in the
current directory.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN190"
></A
><H2
>EXAMPLE</H2
><P
> The following command signs the <KBD
CLASS="USERINPUT"
>example.com</KBD
>
zone with the DSA key generated in the <B
CLASS="COMMAND"
>dnssec-keygen</B
>
man page. The zone's keys must be in the zone. If there are
<TT
CLASS="FILENAME"
>keyset</TT
> files associated with child zones,
they must be in the current directory.
<KBD
CLASS="USERINPUT"
>example.com</KBD
>, the following command would be
issued:
</P
><P
> <KBD
CLASS="USERINPUT"
>dnssec-signzone -o example.com db.example.com Kexample.com.+003+26160</KBD
>
</P
><P
> The command would print a string of the form:
</P
><P
> In this example, <B
CLASS="COMMAND"
>dnssec-signzone</B
> creates
the file <TT
CLASS="FILENAME"
>db.example.com.signed</TT
>. This file
should be referenced in a zone statement in a
<TT
CLASS="FILENAME"
>named.conf</TT
> file.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN204"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>dnssec-keygen</SPAN
>(8)</SPAN
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>,
<I
CLASS="CITETITLE"
>RFC 2535</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN212"
></A
><H2
>AUTHOR</H2
><P
> Internet Systems Consortium
</P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>dnssec-signzone</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">dnssec-signzone</span> &#8212; DNSSEC zone signing tool</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">dnssec-signzone</code> [<code class="option">-a</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-e <em class="replaceable"><code>end-time</code></em></code>] [<code class="option">-f <em class="replaceable"><code>output-file</code></em></code>] [<code class="option">-g</code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>key</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-j <em class="replaceable"><code>jitter</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nthreads</code></em></code>] [<code class="option">-o <em class="replaceable"><code>origin</code></em></code>] [<code class="option">-p</code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-s <em class="replaceable"><code>start-time</code></em></code>] [<code class="option">-t</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-z</code>] {zonefile} [key...]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514118"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">dnssec-signzone</strong></span>
signs a zone. It generates
NSEC and RRSIG records and produces a signed version of the
zone. The security status of delegations from the signed zone
(that is, whether the child zones are secure or not) is
determined by the presence or absence of a
<code class="filename">keyset</code> file for each child zone.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514133"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a</span></dt>
<dd><p>
Verify all generated signatures.
</p></dd>
<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
<dd><p>
Specifies the DNS class of the zone.
</p></dd>
<dt><span class="term">-k <em class="replaceable"><code>key</code></em></span></dt>
<dd><p>
Treat specified key as a key signing key ignoring any
key flags. This option may be specified multiple times.
</p></dd>
<dt><span class="term">-l <em class="replaceable"><code>domain</code></em></span></dt>
<dd><p>
Generate a DLV set in addition to the key (DNSKEY) and DS sets.
The domain is appended to the name of the records.
</p></dd>
<dt><span class="term">-d <em class="replaceable"><code>directory</code></em></span></dt>
<dd><p>
Look for <code class="filename">keyset</code> files in
<code class="option">directory</code> as the directory
</p></dd>
<dt><span class="term">-g</span></dt>
<dd><p>
Generate DS records for child zones from keyset files.
Existing DS records will be removed.
</p></dd>
<dt><span class="term">-s <em class="replaceable"><code>start-time</code></em></span></dt>
<dd><p>
Specify the date and time when the generated RRSIG records
become valid. This can be either an absolute or relative
time. An absolute start time is indicated by a number
in YYYYMMDDHHMMSS notation; 20000530144500 denotes
14:45:00 UTC on May 30th, 2000. A relative start time is
indicated by +N, which is N seconds from the current time.
If no <code class="option">start-time</code> is specified, the current
time minus 1 hour (to allow for clock skew) is used.
</p></dd>
<dt><span class="term">-e <em class="replaceable"><code>end-time</code></em></span></dt>
<dd><p>
Specify the date and time when the generated RRSIG records
expire. As with <code class="option">start-time</code>, an absolute
time is indicated in YYYYMMDDHHMMSS notation. A time relative
to the start time is indicated with +N, which is N seconds from
the start time. A time relative to the current time is
indicated with now+N. If no <code class="option">end-time</code> is
specified, 30 days from the start time is used as a default.
</p></dd>
<dt><span class="term">-f <em class="replaceable"><code>output-file</code></em></span></dt>
<dd><p>
The name of the output file containing the signed zone. The
default is to append <code class="filename">.signed</code> to
the
input file.
</p></dd>
<dt><span class="term">-h</span></dt>
<dd><p>
Prints a short summary of the options and arguments to
<span><strong class="command">dnssec-signzone</strong></span>.
</p></dd>
<dt><span class="term">-i <em class="replaceable"><code>interval</code></em></span></dt>
<dd>
<p>
When a previously signed zone is passed as input, records
may be resigned. The <code class="option">interval</code> option
specifies the cycle interval as an offset from the current
time (in seconds). If a RRSIG record expires after the
cycle interval, it is retained. Otherwise, it is considered
to be expiring soon, and it will be replaced.
</p>
<p>
The default cycle interval is one quarter of the difference
between the signature end and start times. So if neither
<code class="option">end-time</code> or <code class="option">start-time</code>
are specified, <span><strong class="command">dnssec-signzone</strong></span>
generates
signatures that are valid for 30 days, with a cycle
interval of 7.5 days. Therefore, if any existing RRSIG records
are due to expire in less than 7.5 days, they would be
replaced.
</p>
</dd>
<dt><span class="term">-j <em class="replaceable"><code>jitter</code></em></span></dt>
<dd>
<p>
When signing a zone with a fixed signature lifetime, all
RRSIG records issued at the time of signing expires
simultaneously. If the zone is incrementally signed, i.e.
a previously signed zone is passed as input to the signer,
all expired signatures has to be regenerated at about the
same time. The <code class="option">jitter</code> option specifies a
jitter window that will be used to randomize the signature
expire time, thus spreading incremental signature
regeneration over time.
</p>
<p>
Signature lifetime jitter also to some extent benefits
validators and servers by spreading out cache expiration,
i.e. if large numbers of RRSIGs don't expire at the same time
from all caches there will be less congestion than if all
validators need to refetch at mostly the same time.
</p>
</dd>
<dt><span class="term">-n <em class="replaceable"><code>ncpus</code></em></span></dt>
<dd><p>
Specifies the number of threads to use. By default, one
thread is started for each detected CPU.
</p></dd>
<dt><span class="term">-o <em class="replaceable"><code>origin</code></em></span></dt>
<dd><p>
The zone origin. If not specified, the name of the zone file
is assumed to be the origin.
</p></dd>
<dt><span class="term">-p</span></dt>
<dd><p>
Use pseudo-random data when signing the zone. This is faster,
but less secure, than using real random data. This option
may be useful when signing large zones or when the entropy
source is limited.
</p></dd>
<dt><span class="term">-r <em class="replaceable"><code>randomdev</code></em></span></dt>
<dd><p>
Specifies the source of randomness. If the operating
system does not provide a <code class="filename">/dev/random</code>
or equivalent device, the default source of randomness
is keyboard input. <code class="filename">randomdev</code>
specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<code class="filename">keyboard</code> indicates that keyboard
input should be used.
</p></dd>
<dt><span class="term">-t</span></dt>
<dd><p>
Print statistics at completion.
</p></dd>
<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
<dd><p>
Sets the debugging level.
</p></dd>
<dt><span class="term">-z</span></dt>
<dd><p>
Ignore KSK flag on key when determining what to sign.
</p></dd>
<dt><span class="term">zonefile</span></dt>
<dd><p>
The file containing the zone to be signed.
Sets the debugging level.
</p></dd>
<dt><span class="term">key</span></dt>
<dd><p>
The keys used to sign the zone. If no keys are specified, the
default all zone keys that have private key files in the
current directory.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514731"></a><h2>EXAMPLE</h2>
<p>
The following command signs the <strong class="userinput"><code>example.com</code></strong>
zone with the DSA key generated in the <span><strong class="command">dnssec-keygen</strong></span>
man page. The zone's keys must be in the zone. If there are
<code class="filename">keyset</code> files associated with child
zones,
they must be in the current directory.
<strong class="userinput"><code>example.com</code></strong>, the following command would be
issued:
</p>
<p><strong class="userinput"><code>dnssec-signzone -o example.com db.example.com
Kexample.com.+003+26160</code></strong>
</p>
<p>
The command would print a string of the form:
</p>
<p>
In this example, <span><strong class="command">dnssec-signzone</strong></span> creates
the file <code class="filename">db.example.com.signed</code>. This
file
should be referenced in a zone statement in a
<code class="filename">named.conf</code> file.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514779"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 2535</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514804"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
</div></body>
</html>

164
bin/named/lwresd.8
View file

@ -1,140 +1,106 @@
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwresd.8,v 1.18 2004/06/03 04:12:37 marka Exp $
.\"
.TH "LWRESD" "8" "June 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRESD" 8 "June 30, 2000" "" ""
.SH NAME
lwresd \- lightweight resolver daemon
.SH SYNOPSIS
.sp
\fBlwresd\fR [ \fB-C \fIconfig-file\fB\fR ] [ \fB-d \fIdebug-level\fB\fR ] [ \fB-f\fR ] [ \fB-g\fR ] [ \fB-i \fIpid-file\fB\fR ] [ \fB-n \fI#cpus\fB\fR ] [ \fB-P \fIport\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-s\fR ] [ \fB-t \fIdirectory\fB\fR ] [ \fB-u \fIuser\fB\fR ] [ \fB-v\fR ]
.SH "SYNOPSIS"
.HP 7
\fBlwresd\fR [\fB\-C\ \fIconfig\-file\fR\fR] [\fB\-d\ \fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-i\ \fIpid\-file\fR\fR] [\fB\-n\ \fI#cpus\fR\fR] [\fB\-P\ \fIport\fR\fR] [\fB\-p\ \fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fIdirectory\fR\fR] [\fB\-u\ \fIuser\fR\fR] [\fB\-v\fR]
.SH "DESCRIPTION"
.PP
\fBlwresd\fR is the daemon providing name lookup
services to clients that use the BIND 9 lightweight resolver
library. It is essentially a stripped-down, caching-only name
server that answers queries using the BIND 9 lightweight
resolver protocol rather than the DNS protocol.
\fBlwresd\fR is the daemon providing name lookup services to clients that use the BIND 9 lightweight resolver library\&. It is essentially a stripped\-down, caching\-only name server that answers queries using the BIND 9 lightweight resolver protocol rather than the DNS protocol\&.
.PP
\fBlwresd\fR listens for resolver queries on a
UDP port on the IPv4 loopback interface, 127.0.0.1. This
means that \fBlwresd\fR can only be used by
processes running on the local machine. By default UDP port
number 921 is used for lightweight resolver requests and
responses.
\fBlwresd\fR listens for resolver queries on a UDP port on the IPv4 loopback interface, 127\&.0\&.0\&.1\&. This means that \fBlwresd\fR can only be used by processes running on the local machine\&. By default UDP port number 921 is used for lightweight resolver requests and responses\&.
.PP
Incoming lightweight resolver requests are decoded by the
server which then resolves them using the DNS protocol. When
the DNS lookup completes, \fBlwresd\fR encodes
the answers in the lightweight resolver format and returns
them to the client that made the request.
Incoming lightweight resolver requests are decoded by the server which then resolves them using the DNS protocol\&. When the DNS lookup completes, \fBlwresd\fR encodes the answers in the lightweight resolver format and returns them to the client that made the request\&.
.PP
If \fI/etc/resolv.conf\fR contains any
\fBnameserver\fR entries, \fBlwresd\fR
sends recursive DNS queries to those servers. This is similar
to the use of forwarders in a caching name server. If no
\fBnameserver\fR entries are present, or if
forwarding fails, \fBlwresd\fR resolves the
queries autonomously starting at the root name servers, using
a built-in list of root server hints.
If \fI/etc/resolv\&.conf\fR contains any \fBnameserver\fR entries, \fBlwresd\fR sends recursive DNS queries to those servers\&. This is similar to the use of forwarders in a caching name server\&. If no \fBnameserver\fR entries are present, or if forwarding fails, \fBlwresd\fR resolves the queries autonomously starting at the root name servers, using a built\-in list of root server hints\&.
.SH "OPTIONS"
.TP
\fB-C \fIconfig-file\fB\fR
Use \fIconfig-file\fR as the
configuration file instead of the default,
\fI/etc/resolv.conf\fR.
\-C \fIconfig\-file\fR
Use \fIconfig\-file\fR as the configuration file instead of the default, \fI/etc/resolv\&.conf\fR\&.
.TP
\fB-d \fIdebug-level\fB\fR
Set the daemon's debug level to \fIdebug-level\fR.
Debugging traces from \fBlwresd\fR become
more verbose as the debug level increases.
\-d \fIdebug\-level\fR
Set the daemon's debug level to \fIdebug\-level\fR\&. Debugging traces from \fBlwresd\fR become more verbose as the debug level increases\&.
.TP
\fB-f\fR
Run the server in the foreground (i.e. do not daemonize).
\-f
Run the server in the foreground (i\&.e\&. do not daemonize)\&.
.TP
\fB-g\fR
Run the server in the foreground and force all logging
to \fIstderr\fR.
\-g
Run the server in the foreground and force all logging to \fIstderr\fR\&.
.TP
\fB-n \fI#cpus\fB\fR
Create \fI#cpus\fR worker threads
to take advantage of multiple CPUs. If not specified,
\fBlwresd\fR will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
\-n \fI#cpus\fR
Create \fI#cpus\fR worker threads to take advantage of multiple CPUs\&. If not specified, \fBlwresd\fR will try to determine the number of CPUs present and create one thread per CPU\&. If it is unable to determine the number of CPUs, a single worker thread will be created\&.
.TP
\fB-P \fIport\fB\fR
Listen for lightweight resolver queries on port
\fIport\fR. If
not specified, the default is port 921.
\-P \fIport\fR
Listen for lightweight resolver queries on port \fIport\fR\&. If not specified, the default is port 921\&.
.TP
\fB-p \fIport\fB\fR
Send DNS lookups to port \fIport\fR. If not
specified, the default is port 53. This provides a
way of testing the lightweight resolver daemon with a
name server that listens for queries on a non-standard
port number.
\-p \fIport\fR
Send DNS lookups to port \fIport\fR\&. If not specified, the default is port 53\&. This provides a way of testing the lightweight resolver daemon with a name server that listens for queries on a non\-standard port number\&.
.TP
\fB-s\fR
Write memory usage statistics to \fIstdout\fR
on exit.
.sp
\-s
Write memory usage statistics to \fIstdout\fR on exit\&.
.RS
.B "Note:"
This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release\&.
.RE
.sp
.TP
\fB-t \fIdirectory\fB\fR
\fBchroot()\fR to \fIdirectory\fR after
processing the command line arguments, but before
reading the configuration file.
.sp
\-t \fIdirectory\fR
\fBchroot()\fR to \fIdirectory\fR after processing the command line arguments, but before reading the configuration file\&.
.RS
.B "Warning:"
This option should be used in conjunction with the
\fB-u\fR option, as chrooting a process
running as root doesn't enhance security on most
systems; the way \fBchroot()\fR is
defined allows a process with root privileges to
escape a chroot jail.
This option should be used in conjunction with the \fB\-u\fR option, as chrooting a process running as root doesn't enhance security on most systems; the way \fBchroot()\fR is defined allows a process with root privileges to escape a chroot jail\&.
.RE
.sp
.TP
\fB-u \fIuser\fB\fR
\fBsetuid()\fR to \fIuser\fR after completing
privileged operations, such as creating sockets that
listen on privileged ports.
\-u \fIuser\fR
\fBsetuid()\fR to \fIuser\fR after completing privileged operations, such as creating sockets that listen on privileged ports\&.
.TP
\fB-v\fR
Report the version number and exit.
\-v
Report the version number and exit\&.
.SH "FILES"
.TP
\fB\fI/etc/resolv.conf\fB\fR
The default configuration file.
\fI/etc/resolv\&.conf\fR
The default configuration file\&.
.TP
\fB\fI/var/run/lwresd.pid\fB\fR
The default process-id file.
\fI/var/run/lwresd\&.pid\fR
The default process\-id file\&.
.SH "SEE ALSO"
.PP
\fBnamed\fR(8),
\fBlwres\fR(3),
\fBresolver\fR(5).
\fBnamed\fR(8), \fBlwres\fR(3), \fBresolver\fR(5)\&.
.SH "AUTHOR"
.PP
Internet Systems Consortium
Internet Systems Consortium

705
bin/named/lwresd.html
View file

@ -1,541 +1,186 @@
<!--
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwresd.html,v 1.10 2005/04/03 03:31:33 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwresd</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
><SPAN
CLASS="APPLICATION"
>lwresd</SPAN
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>lwresd</SPAN
>&nbsp;--&nbsp;lightweight resolver daemon</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>lwresd</B
> [<CODE
CLASS="OPTION"
>-C <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-f</CODE
>] [<CODE
CLASS="OPTION"
>-g</CODE
>] [<CODE
CLASS="OPTION"
>-i <TT
CLASS="REPLACEABLE"
><I
>pid-file</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-P <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-s</CODE
>] [<CODE
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-v</CODE
>]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN48"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>lwresd</B
> is the daemon providing name lookup
services to clients that use the BIND 9 lightweight resolver
library. It is essentially a stripped-down, caching-only name
server that answers queries using the BIND 9 lightweight
resolver protocol rather than the DNS protocol.
</P
><P
> <B
CLASS="COMMAND"
>lwresd</B
> listens for resolver queries on a
UDP port on the IPv4 loopback interface, 127.0.0.1. This
means that <B
CLASS="COMMAND"
>lwresd</B
> can only be used by
processes running on the local machine. By default UDP port
number 921 is used for lightweight resolver requests and
responses.
</P
><P
> Incoming lightweight resolver requests are decoded by the
server which then resolves them using the DNS protocol. When
the DNS lookup completes, <B
CLASS="COMMAND"
>lwresd</B
> encodes
the answers in the lightweight resolver format and returns
them to the client that made the request.
</P
><P
> If <TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
> contains any
<CODE
CLASS="OPTION"
>nameserver</CODE
> entries, <B
CLASS="COMMAND"
>lwresd</B
>
sends recursive DNS queries to those servers. This is similar
to the use of forwarders in a caching name server. If no
<CODE
CLASS="OPTION"
>nameserver</CODE
> entries are present, or if
forwarding fails, <B
CLASS="COMMAND"
>lwresd</B
> resolves the
queries autonomously starting at the root name servers, using
a built-in list of root server hints.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN63"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-C <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></DT
><DD
><P
> Use <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
> as the
configuration file instead of the default,
<TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
>.
</P
></DD
><DT
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></DT
><DD
><P
> Set the daemon's debug level to <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
>.
Debugging traces from <B
CLASS="COMMAND"
>lwresd</B
> become
more verbose as the debug level increases.
</P
></DD
><DT
>-f</DT
><DD
><P
> Run the server in the foreground (i.e. do not daemonize).
</P
></DD
><DT
>-g</DT
><DD
><P
> Run the server in the foreground and force all logging
to <TT
CLASS="FILENAME"
>stderr</TT
>.
</P
></DD
><DT
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></DT
><DD
><P
> Create <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
> worker threads
to take advantage of multiple CPUs. If not specified,
<B
CLASS="COMMAND"
>lwresd</B
> will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
</P
></DD
><DT
>-P <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
> Listen for lightweight resolver queries on port
<TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
>. If
not specified, the default is port 921.
</P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
> Send DNS lookups to port <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
>. If not
specified, the default is port 53. This provides a
way of testing the lightweight resolver daemon with a
name server that listens for queries on a non-standard
port number.
</P
></DD
><DT
>-s</DT
><DD
><P
> Write memory usage statistics to <TT
CLASS="FILENAME"
>stdout</TT
>
on exit.
</P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
> This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
</P
></BLOCKQUOTE
></DIV
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
> <CODE
CLASS="FUNCTION"
>chroot()</CODE
> to <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
> after
processing the command line arguments, but before
reading the configuration file.
</P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
BORDER="1"
WIDTH="90%"
><TR
><TD
ALIGN="CENTER"
><B
>Warning</B
></TD
></TR
><TR
><TD
ALIGN="LEFT"
><P
> This option should be used in conjunction with the
<CODE
CLASS="OPTION"
>-u</CODE
> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <CODE
CLASS="FUNCTION"
>chroot()</CODE
> is
defined allows a process with root privileges to
escape a chroot jail.
</P
></TD
></TR
></TABLE
></DIV
></DD
><DT
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></DT
><DD
><P
> <CODE
CLASS="FUNCTION"
>setuid()</CODE
> to <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
</P
></DD
><DT
>-v</DT
><DD
><P
> Report the version number and exit.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN137"
></A
><H2
>FILES</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
></DT
><DD
><P
> The default configuration file.
</P
></DD
><DT
><TT
CLASS="FILENAME"
>/var/run/lwresd.pid</TT
></DT
><DD
><P
> The default process-id file.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN150"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>resolver</SPAN
>(5)</SPAN
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN162"
></A
><H2
>AUTHOR</H2
><P
> Internet Systems Consortium
</P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwresd</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">lwresd</span> &#8212; lightweight resolver daemon</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">lwresd</code> [<code class="option">-C <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-i <em class="replaceable"><code>pid-file</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-P <em class="replaceable"><code>port</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514046"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">lwresd</strong></span>
is the daemon providing name lookup
services to clients that use the BIND 9 lightweight resolver
library. It is essentially a stripped-down, caching-only name
server that answers queries using the BIND 9 lightweight
resolver protocol rather than the DNS protocol.
</p>
<p><span><strong class="command">lwresd</strong></span>
listens for resolver queries on a
UDP port on the IPv4 loopback interface, 127.0.0.1. This
means that <span><strong class="command">lwresd</strong></span> can only be used by
processes running on the local machine. By default UDP port
number 921 is used for lightweight resolver requests and
responses.
</p>
<p>
Incoming lightweight resolver requests are decoded by the
server which then resolves them using the DNS protocol. When
the DNS lookup completes, <span><strong class="command">lwresd</strong></span> encodes
the answers in the lightweight resolver format and returns
them to the client that made the request.
</p>
<p>
If <code class="filename">/etc/resolv.conf</code> contains any
<code class="option">nameserver</code> entries, <span><strong class="command">lwresd</strong></span>
sends recursive DNS queries to those servers. This is similar
to the use of forwarders in a caching name server. If no
<code class="option">nameserver</code> entries are present, or if
forwarding fails, <span><strong class="command">lwresd</strong></span> resolves the
queries autonomously starting at the root name servers, using
a built-in list of root server hints.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514093"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-C <em class="replaceable"><code>config-file</code></em></span></dt>
<dd><p>
Use <em class="replaceable"><code>config-file</code></em> as the
configuration file instead of the default,
<code class="filename">/etc/resolv.conf</code>.
</p></dd>
<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
<dd><p>
Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
Debugging traces from <span><strong class="command">lwresd</strong></span> become
more verbose as the debug level increases.
</p></dd>
<dt><span class="term">-f</span></dt>
<dd><p>
Run the server in the foreground (i.e. do not daemonize).
</p></dd>
<dt><span class="term">-g</span></dt>
<dd><p>
Run the server in the foreground and force all logging
to <code class="filename">stderr</code>.
</p></dd>
<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
<dd><p>
Create <em class="replaceable"><code>#cpus</code></em> worker threads
to take advantage of multiple CPUs. If not specified,
<span><strong class="command">lwresd</strong></span> will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
</p></dd>
<dt><span class="term">-P <em class="replaceable"><code>port</code></em></span></dt>
<dd><p>
Listen for lightweight resolver queries on port
<em class="replaceable"><code>port</code></em>. If
not specified, the default is port 921.
</p></dd>
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
<dd><p>
Send DNS lookups to port <em class="replaceable"><code>port</code></em>. If not
specified, the default is port 53. This provides a
way of testing the lightweight resolver daemon with a
name server that listens for queries on a non-standard
port number.
</p></dd>
<dt><span class="term">-s</span></dt>
<dd>
<p>
Write memory usage statistics to <code class="filename">stdout</code>
on exit.
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
<p>
This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
</p>
</div>
</dd>
<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
<dd>
<p><code class="function">chroot()</code>
to <em class="replaceable"><code>directory</code></em> after
processing the command line arguments, but before
reading the configuration file.
</p>
<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Warning</h3>
<p>
This option should be used in conjunction with the
<code class="option">-u</code> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <code class="function">chroot()</code> is
defined allows a process with root privileges to
escape a chroot jail.
</p>
</div>
</dd>
<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
<dd><p><code class="function">setuid()</code>
to <em class="replaceable"><code>user</code></em> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
</p></dd>
<dt><span class="term">-v</span></dt>
<dd><p>
Report the version number and exit.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514493"></a><h2>FILES</h2>
<div class="variablelist"><dl>
<dt><span class="term"><code class="filename">/etc/resolv.conf</code></span></dt>
<dd><p>
The default configuration file.
</p></dd>
<dt><span class="term"><code class="filename">/var/run/lwresd.pid</code></span></dt>
<dd><p>
The default process-id file.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514533"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514567"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
</div></body>
</html>

199
bin/named/named.8
View file

@ -1,177 +1,130 @@
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
.\"
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: named.8,v 1.23 2004/06/03 04:12:37 marka Exp $
.\"
.TH "NAMED" "8" "June 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "NAMED" 8 "June 30, 2000" "" ""
.SH NAME
named \- Internet domain name server
.SH SYNOPSIS
.sp
\fBnamed\fR [ \fB-4\fR ] [ \fB-6\fR ] [ \fB-c \fIconfig-file\fB\fR ] [ \fB-d \fIdebug-level\fB\fR ] [ \fB-f\fR ] [ \fB-g\fR ] [ \fB-n \fI#cpus\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-s\fR ] [ \fB-t \fIdirectory\fB\fR ] [ \fB-u \fIuser\fB\fR ] [ \fB-v\fR ] [ \fB-x \fIcache-file\fB\fR ]
.SH "SYNOPSIS"
.HP 6
\fBnamed\fR [\fB\-4\fR] [\fB\-6\fR] [\fB\-c\ \fIconfig\-file\fR\fR] [\fB\-d\ \fIdebug\-level\fR\fR] [\fB\-f\fR] [\fB\-g\fR] [\fB\-n\ \fI#cpus\fR\fR] [\fB\-p\ \fIport\fR\fR] [\fB\-s\fR] [\fB\-t\ \fIdirectory\fR\fR] [\fB\-u\ \fIuser\fR\fR] [\fB\-v\fR] [\fB\-x\ \fIcache\-file\fR\fR]
.SH "DESCRIPTION"
.PP
\fBnamed\fR is a Domain Name System (DNS) server,
part of the BIND 9 distribution from ISC. For more
information on the DNS, see RFCs 1033, 1034, and 1035.
\fBnamed\fR is a Domain Name System (DNS) server, part of the BIND 9 distribution from ISC\&. For more information on the DNS, see RFCs 1033, 1034, and 1035\&.
.PP
When invoked without arguments, \fBnamed\fR will
read the default configuration file
\fI/etc/named.conf\fR, read any initial
data, and listen for queries.
When invoked without arguments, \fBnamed\fR will read the default configuration file \fI/etc/named\&.conf\fR, read any initial data, and listen for queries\&.
.SH "OPTIONS"
.TP
\fB-4\fR
Use IPv4 only even if the host machine is capable of IPv6.
\fB-4\fR and \fB-6\fR are mutually
exclusive.
\-4
Use IPv4 only even if the host machine is capable of IPv6\&. \fB\-4\fR and \fB\-6\fR are mutually exclusive\&.
.TP
\fB-6\fR
Use IPv6 only even if the host machine is capable of IPv4.
\fB-4\fR and \fB-6\fR are mutually
exclusive.
\-6
Use IPv6 only even if the host machine is capable of IPv4\&. \fB\-4\fR and \fB\-6\fR are mutually exclusive\&.
.TP
\fB-c \fIconfig-file\fB\fR
Use \fIconfig-file\fR as the
configuration file instead of the default,
\fI/etc/named.conf\fR. To
ensure that reloading the configuration file continues
to work after the server has changed its working
directory due to to a possible
\fBdirectory\fR option in the configuration
file, \fIconfig-file\fR should be
an absolute pathname.
\-c \fIconfig\-file\fR
Use \fIconfig\-file\fR as the configuration file instead of the default, \fI/etc/named\&.conf\fR\&. To ensure that reloading the configuration file continues to work after the server has changed its working directory due to to a possible \fBdirectory\fR option in the configuration file, \fIconfig\-file\fR should be an absolute pathname\&.
.TP
\fB-d \fIdebug-level\fB\fR
Set the daemon's debug level to \fIdebug-level\fR.
Debugging traces from \fBnamed\fR become
more verbose as the debug level increases.
\-d \fIdebug\-level\fR
Set the daemon's debug level to \fIdebug\-level\fR\&. Debugging traces from \fBnamed\fR become more verbose as the debug level increases\&.
.TP
\fB-f\fR
Run the server in the foreground (i.e. do not daemonize).
\-f
Run the server in the foreground (i\&.e\&. do not daemonize)\&.
.TP
\fB-g\fR
Run the server in the foreground and force all logging
to \fIstderr\fR.
\-g
Run the server in the foreground and force all logging to \fIstderr\fR\&.
.TP
\fB-n \fI#cpus\fB\fR
Create \fI#cpus\fR worker threads
to take advantage of multiple CPUs. If not specified,
\fBnamed\fR will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
\-n \fI#cpus\fR
Create \fI#cpus\fR worker threads to take advantage of multiple CPUs\&. If not specified, \fBnamed\fR will try to determine the number of CPUs present and create one thread per CPU\&. If it is unable to determine the number of CPUs, a single worker thread will be created\&.
.TP
\fB-p \fIport\fB\fR
Listen for queries on port \fIport\fR. If not
specified, the default is port 53.
\-p \fIport\fR
Listen for queries on port \fIport\fR\&. If not specified, the default is port 53\&.
.TP
\fB-s\fR
Write memory usage statistics to \fIstdout\fR on exit.
.sp
\-s
Write memory usage statistics to \fIstdout\fR on exit\&.
.RS
.B "Note:"
This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
This option is mainly of interest to BIND 9 developers and may be removed or changed in a future release\&.
.RE
.sp
.TP
\fB-t \fIdirectory\fB\fR
\fBchroot()\fR to \fIdirectory\fR after
processing the command line arguments, but before
reading the configuration file.
.sp
\-t \fIdirectory\fR
\fBchroot()\fR to \fIdirectory\fR after processing the command line arguments, but before reading the configuration file\&.
.RS
.B "Warning:"
This option should be used in conjunction with the
\fB-u\fR option, as chrooting a process
running as root doesn't enhance security on most
systems; the way \fBchroot()\fR is
defined allows a process with root privileges to
escape a chroot jail.
This option should be used in conjunction with the \fB\-u\fR option, as chrooting a process running as root doesn't enhance security on most systems; the way \fBchroot()\fR is defined allows a process with root privileges to escape a chroot jail\&.
.RE
.sp
.TP
\fB-u \fIuser\fB\fR
\fBsetuid()\fR to \fIuser\fR after completing
privileged operations, such as creating sockets that
listen on privileged ports.
.sp
\-u \fIuser\fR
\fBsetuid()\fR to \fIuser\fR after completing privileged operations, such as creating sockets that listen on privileged ports\&.
.RS
.B "Note:"
On Linux, \fBnamed\fR uses the kernel's
capability mechanism to drop all root privileges
except the ability to \fBbind()\fR to a
privileged port and set process resource limits.
Unfortunately, this means that the \fB-u\fR
option only works when \fBnamed\fR is run
on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
later, since previous kernels did not allow privileges
to be retained after \fBsetuid()\fR.
On Linux, \fBnamed\fR uses the kernel's capability mechanism to drop all root privileges except the ability to \fBbind()\fR to a privileged port and set process resource limits\&. Unfortunately, this means that the \fB\-u\fR option only works when \fBnamed\fR is run on kernel 2\&.2\&.18 or later, or kernel 2\&.3\&.99\-pre3 or later, since previous kernels did not allow privileges to be retained after \fBsetuid()\fR\&.
.RE
.sp
.TP
\fB-v\fR
Report the version number and exit.
\-v
Report the version number and exit\&.
.TP
\fB-x \fIcache-file\fB\fR
Load data from \fIcache-file\fR into the
cache of the default view.
.sp
\-x \fIcache\-file\fR
Load data from \fIcache\-file\fR into the cache of the default view\&.
.RS
.B "Warning:"
This option must not be used. It is only of interest
to BIND 9 developers and may be removed or changed in a
future release.
This option must not be used\&. It is only of interest to BIND 9 developers and may be removed or changed in a future release\&.
.RE
.sp
.SH "SIGNALS"
.PP
In routine operation, signals should not be used to control
the nameserver; \fBrndc\fR should be used
instead.
In routine operation, signals should not be used to control the nameserver; \fBrndc\fR should be used instead\&.
.TP
\fBSIGHUP\fR
Force a reload of the server.
SIGHUP
Force a reload of the server\&.
.TP
\fBSIGINT, SIGTERM\fR
Shut down the server.
.PP
The result of sending any other signals to the server is undefined.
SIGINT, SIGTERM
Shut down the server\&.
.PP
The result of sending any other signals to the server is undefined\&.
.SH "CONFIGURATION"
.PP
The \fBnamed\fR configuration file is too complex
to describe in detail here. A complete description is
provided in the \fIBIND 9 Administrator Reference
Manual\fR.
The \fBnamed\fR configuration file is too complex to describe in detail here\&. A complete description is provided in the BIND 9 Administrator Reference Manual\&.
.SH "FILES"
.TP
\fB\fI/etc/named.conf\fB\fR
The default configuration file.
\fI/etc/named\&.conf\fR
The default configuration file\&.
.TP
\fB\fI/var/run/named.pid\fB\fR
The default process-id file.
\fI/var/run/named\&.pid\fR
The default process\-id file\&.
.SH "SEE ALSO"
.PP
\fIRFC 1033\fR,
\fIRFC 1034\fR,
\fIRFC 1035\fR,
\fBrndc\fR(8),
\fBlwresd\fR(8),
\fIBIND 9 Administrator Reference Manual\fR.
RFC 1033, RFC 1034, RFC 1035, \fBrndc\fR(8), \fBlwresd\fR(8), BIND 9 Administrator Reference Manual\&.
.SH "AUTHOR"
.PP
Internet Systems Consortium
Internet Systems Consortium

587
bin/named/named.conf.5
View file

@ -1,32 +1,47 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: named.conf.5,v 1.8 2005/01/17 01:55:05 marka Exp $
.\"
.TH "NAMED.CONF" "5" "Aug 13, 2004" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "NAMED.CONF" 5 "Aug 13, 2004" "" ""
.SH NAME
named.conf \- configuration file for named
.SH SYNOPSIS
.sp
\fBnamed.conf\fR
.SH "SYNOPSIS"
.HP 11
\fBnamed\&.conf\fR
.SH "DESCRIPTION"
.PP
\fInamed.conf\fR is the configuration file for
\fBnamed\fR. Statements are enclosed
in braces and terminated with a semi-colon. Clauses in
the statements are also semi-colon terminated. The usual
comment styles are supported:
\fInamed\&.conf\fR is the configuration file for \fBnamed\fR\&. Statements are enclosed in braces and terminated with a semi\-colon\&. Clauses in the statements are also semi\-colon terminated\&. The usual comment styles are supported:
.PP
C style: /* */
.PP
@ -34,71 +49,57 @@ C++ style: // to end of line
.PP
Unix style: # to end of line
.SH "ACL"
.sp
.nf
acl \fIstring\fR { \fIaddress_match_element\fR; ... };
.sp
acl \fIstring\fR { \fIaddress_match_element\fR; \&.\&.\&. };
.fi
.SH "KEY"
.sp
.nf
key \fIdomain_name\fR {
algorithm \fIstring\fR;
secret \fIstring\fR;
};
.sp
.fi
.SH "MASTERS"
.sp
.nf
masters \fIstring\fR [ port \fIinteger\fR ] {
( \fImasters\fR | \fIipv4_address\fR [port \fIinteger\fR] |
\fIipv6_address\fR [port \fIinteger\fR] ) [ key \fIstring\fR ]; ...
\fIipv6_address\fR [port \fIinteger\fR] ) [ key \fIstring\fR ]; \&.\&.\&.
};
.sp
.fi
.SH "SERVER"
.sp
.nf
server ( \fIipv4_address[/prefixlen]\fR | \fIipv6_address[/prefixlen]\fR ) {
bogus \fIboolean\fR;
edns \fIboolean\fR;
provide-ixfr \fIboolean\fR;
request-ixfr \fIboolean\fR;
provide\-ixfr \fIboolean\fR;
request\-ixfr \fIboolean\fR;
keys \fIserver_key\fR;
transfers \fIinteger\fR;
transfer-format ( many-answers | one-answer );
transfer-source ( \fIipv4_address\fR | * )
transfer\-format ( many\-answers | one\-answer );
transfer\-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
transfer-source-v6 ( \fIipv6_address\fR | * )
transfer\-source\-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
support-ixfr \fIboolean\fR; // obsolete
support\-ixfr \fIboolean\fR; // obsolete
};
.sp
.fi
.SH "TRUSTED-KEYS"
.sp
.nf
trusted-keys {
\fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; ...
trusted\-keys {
\fIdomain_name\fR \fIflags\fR \fIprotocol\fR \fIalgorithm\fR \fIkey\fR; \&.\&.\&.
};
.sp
.fi
.SH "CONTROLS"
.sp
.nf
controls {
inet ( \fIipv4_address\fR | \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ]
allow { \fIaddress_match_element\fR; ... }
[ keys { \fIstring\fR; ... } ];
allow { \fIaddress_match_element\fR; \&.\&.\&. }
[ keys { \fIstring\fR; \&.\&.\&. } ];
unix \fIunsupported\fR; // not implemented
};
.sp
.fi
.SH "LOGGING"
.sp
.nf
logging {
channel \fIstring\fR {
@ -107,377 +108,333 @@ logging {
null;
stderr;
severity \fIlog_severity\fR;
print-time \fIboolean\fR;
print-severity \fIboolean\fR;
print-category \fIboolean\fR;
print\-time \fIboolean\fR;
print\-severity \fIboolean\fR;
print\-category \fIboolean\fR;
};
category \fIstring\fR { \fIstring\fR; ... };
category \fIstring\fR { \fIstring\fR; \&.\&.\&. };
};
.sp
.fi
.SH "LWRES"
.sp
.nf
lwres {
listen-on [ port \fIinteger\fR ] {
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
listen\-on [ port \fIinteger\fR ] {
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; \&.\&.\&.
};
view \fIstring\fR \fIoptional_class\fR;
search { \fIstring\fR; ... };
search { \fIstring\fR; \&.\&.\&. };
ndots \fIinteger\fR;
};
.sp
.fi
.SH "OPTIONS"
.sp
.nf
options {
avoid-v4-udp-ports { \fIport\fR; ... };
avoid-v6-udp-ports { \fIport\fR; ... };
blackhole { \fIaddress_match_element\fR; ... };
avoid\-v4\-udp\-ports { \fIport\fR; \&.\&.\&. };
avoid\-v6\-udp\-ports { \fIport\fR; \&.\&.\&. };
blackhole { \fIaddress_match_element\fR; \&.\&.\&. };
coresize \fIsize\fR;
datasize \fIsize\fR;
directory \fIquoted_string\fR;
dump-file \fIquoted_string\fR;
dump\-file \fIquoted_string\fR;
files \fIsize\fR;
heartbeat-interval \fIinteger\fR;
host-statistics \fIboolean\fR; // not implemented
host-statistics-max \fInumber\fR; // not implemented
heartbeat\-interval \fIinteger\fR;
host\-statistics \fIboolean\fR; // not implemented
host\-statistics\-max \fInumber\fR; // not implemented
hostname ( \fIquoted_string\fR | none );
interface-interval \fIinteger\fR;
listen-on [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
listen-on-v6 [ port \fIinteger\fR ] { \fIaddress_match_element\fR; ... };
match-mapped-addresses \fIboolean\fR;
memstatistics-file \fIquoted_string\fR;
pid-file ( \fIquoted_string\fR | none );
interface\-interval \fIinteger\fR;
listen\-on [ port \fIinteger\fR ] { \fIaddress_match_element\fR; \&.\&.\&. };
listen\-on\-v6 [ port \fIinteger\fR ] { \fIaddress_match_element\fR; \&.\&.\&. };
match\-mapped\-addresses \fIboolean\fR;
memstatistics\-file \fIquoted_string\fR;
pid\-file ( \fIquoted_string\fR | none );
port \fIinteger\fR;
querylog \fIboolean\fR;
recursing-file \fIquoted_string\fR;
random-device \fIquoted_string\fR;
recursive-clients \fIinteger\fR;
serial-query-rate \fIinteger\fR;
server-id ( \fIquoted_string\fR | none |;
recursing\-file \fIquoted_string\fR;
random\-device \fIquoted_string\fR;
recursive\-clients \fIinteger\fR;
serial\-query\-rate \fIinteger\fR;
server\-id ( \fIquoted_string\fR | none |;
stacksize \fIsize\fR;
statistics-file \fIquoted_string\fR;
statistics-interval \fIinteger\fR; // not yet implemented
tcp-clients \fIinteger\fR;
tcp-listen-queue \fIinteger\fR;
tkey-dhkey \fIquoted_string\fR \fIinteger\fR;
tkey-gssapi-credential \fIquoted_string\fR;
tkey-domain \fIquoted_string\fR;
transfers-per-ns \fIinteger\fR;
transfers-in \fIinteger\fR;
transfers-out \fIinteger\fR;
use-ixfr \fIboolean\fR;
statistics\-file \fIquoted_string\fR;
statistics\-interval \fIinteger\fR; // not yet implemented
tcp\-clients \fIinteger\fR;
tcp\-listen\-queue \fIinteger\fR;
tkey\-dhkey \fIquoted_string\fR \fIinteger\fR;
tkey\-gssapi\-credential \fIquoted_string\fR;
tkey\-domain \fIquoted_string\fR;
transfers\-per\-ns \fIinteger\fR;
transfers\-in \fIinteger\fR;
transfers\-out \fIinteger\fR;
use\-ixfr \fIboolean\fR;
version ( \fIquoted_string\fR | none );
allow-recursion { \fIaddress_match_element\fR; ... };
sortlist { \fIaddress_match_element\fR; ... };
topology { \fIaddress_match_element\fR; ... }; // not implemented
auth-nxdomain \fIboolean\fR; // default changed
minimal-responses \fIboolean\fR;
allow\-recursion { \fIaddress_match_element\fR; \&.\&.\&. };
sortlist { \fIaddress_match_element\fR; \&.\&.\&. };
topology { \fIaddress_match_element\fR; \&.\&.\&. }; // not implemented
auth\-nxdomain \fIboolean\fR; // default changed
minimal\-responses \fIboolean\fR;
recursion \fIboolean\fR;
rrset-order {
rrset\-order {
[ class \fIstring\fR ] [ type \fIstring\fR ]
[ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
[ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; \&.\&.\&.
};
provide-ixfr \fIboolean\fR;
request-ixfr \fIboolean\fR;
rfc2308-type1 \fIboolean\fR; // not yet implemented
additional-from-auth \fIboolean\fR;
additional-from-cache \fIboolean\fR;
query-source \fIquerysource4\fR;
query-source-v6 \fIquerysource6\fR;
cleaning-interval \fIinteger\fR;
min-roots \fIinteger\fR; // not implemented
lame-ttl \fIinteger\fR;
max-ncache-ttl \fIinteger\fR;
max-cache-ttl \fIinteger\fR;
transfer-format ( many-answers | one-answer );
max-cache-size \fIsize_no_default\fR;
check-names ( master | slave | response )
provide\-ixfr \fIboolean\fR;
request\-ixfr \fIboolean\fR;
rfc2308\-type1 \fIboolean\fR; // not yet implemented
additional\-from\-auth \fIboolean\fR;
additional\-from\-cache \fIboolean\fR;
query\-source \fIquerysource4\fR;
query\-source\-v6 \fIquerysource6\fR;
cleaning\-interval \fIinteger\fR;
min\-roots \fIinteger\fR; // not implemented
lame\-ttl \fIinteger\fR;
max\-ncache\-ttl \fIinteger\fR;
max\-cache\-ttl \fIinteger\fR;
transfer\-format ( many\-answers | one\-answer );
max\-cache\-size \fIsize_no_default\fR;
check\-names ( master | slave | response )
( fail | warn | ignore );
cache-file \fIquoted_string\fR;
suppress-initial-notify \fIboolean\fR; // not yet implemented
preferred-glue \fIstring\fR;
dual-stack-servers [ port \fIinteger\fR ] {
cache\-file \fIquoted_string\fR;
suppress\-initial\-notify \fIboolean\fR; // not yet implemented
preferred\-glue \fIstring\fR;
dual\-stack\-servers [ port \fIinteger\fR ] {
( \fIquoted_string\fR [port \fIinteger\fR] |
\fIipv4_address\fR [port \fIinteger\fR] |
\fIipv6_address\fR [port \fIinteger\fR] ); ...
\fIipv6_address\fR [port \fIinteger\fR] ); \&.\&.\&.
}
edns-udp-size \fIinteger\fR;
root-delegation-only [ exclude { \fIquoted_string\fR; ... } ];
disable-algorithms \fIstring\fR { \fIstring\fR; ... };
dnssec-enable \fIboolean\fR;
dnssec-lookaside \fIstring\fR trust-anchor \fIstring\fR;
dnssec-must-be-secure \fIstring\fR \fIboolean\fR;
edns\-udp\-size \fIinteger\fR;
root\-delegation\-only [ exclude { \fIquoted_string\fR; \&.\&.\&. } ];
disable\-algorithms \fIstring\fR { \fIstring\fR; \&.\&.\&. };
dnssec\-enable \fIboolean\fR;
dnssec\-lookaside \fIstring\fR trust\-anchor \fIstring\fR;
dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR;
dialup \fIdialuptype\fR;
ixfr-from-differences \fIixfrdiff\fR;
allow-query { \fIaddress_match_element\fR; ... };
allow-query-cache { \fIaddress_match_element\fR; ... };
allow-transfer { \fIaddress_match_element\fR; ... };
allow-update { \fIaddress_match_element\fR; ... };
allow-update-forwarding { \fIaddress_match_element\fR; ... };
ixfr\-from\-differences \fIixfrdiff\fR;
allow\-query { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-query\-cache { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-transfer { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-update { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-update\-forwarding { \fIaddress_match_element\fR; \&.\&.\&. };
notify \fInotifytype\fR;
notify-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify-source-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify-delay \fIseconds\fR;
also-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
[ port \fIinteger\fR ]; ... };
allow-notify { \fIaddress_match_element\fR; ... };
notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify\-delay \fIseconds\fR;
also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
[ port \fIinteger\fR ]; \&.\&.\&. };
allow\-notify { \fIaddress_match_element\fR; \&.\&.\&. };
forward ( first | only );
forwarders [ port \fIinteger\fR ] {
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; \&.\&.\&.
};
max-journal-size \fIsize_no_default\fR;
max-transfer-time-in \fIinteger\fR;
max-transfer-time-out \fIinteger\fR;
max-transfer-idle-in \fIinteger\fR;
max-transfer-idle-out \fIinteger\fR;
max-retry-time \fIinteger\fR;
min-retry-time \fIinteger\fR;
max-refresh-time \fIinteger\fR;
min-refresh-time \fIinteger\fR;
multi-master \fIboolean\fR;
sig-validity-interval \fIinteger\fR;
transfer-source ( \fIipv4_address\fR | * )
max\-journal\-size \fIsize_no_default\fR;
max\-transfer\-time\-in \fIinteger\fR;
max\-transfer\-time\-out \fIinteger\fR;
max\-transfer\-idle\-in \fIinteger\fR;
max\-transfer\-idle\-out \fIinteger\fR;
max\-retry\-time \fIinteger\fR;
min\-retry\-time \fIinteger\fR;
max\-refresh\-time \fIinteger\fR;
min\-refresh\-time \fIinteger\fR;
multi\-master \fIboolean\fR;
sig\-validity\-interval \fIinteger\fR;
transfer\-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
transfer-source-v6 ( \fIipv6_address\fR | * )
transfer\-source\-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source ( \fIipv4_address\fR | * )
alt\-transfer\-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source-v6 ( \fIipv6_address\fR | * )
alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
use-alt-transfer-source \fIboolean\fR;
zone-statistics \fIboolean\fR;
key-directory \fIquoted_string\fR;
allow-v6-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
deallocate-on-exit \fIboolean\fR; // obsolete
fake-iquery \fIboolean\fR; // obsolete
fetch-glue \fIboolean\fR; // obsolete
has-old-clients \fIboolean\fR; // obsolete
maintain-ixfr-base \fIboolean\fR; // obsolete
max-ixfr-log-size \fIsize\fR; // obsolete
multiple-cnames \fIboolean\fR; // obsolete
named-xfer \fIquoted_string\fR; // obsolete
serial-queries \fIinteger\fR; // obsolete
treat-cr-as-space \fIboolean\fR; // obsolete
use-id-pool \fIboolean\fR; // obsolete
use\-alt\-transfer\-source \fIboolean\fR;
zone\-statistics \fIboolean\fR;
key\-directory \fIquoted_string\fR;
allow\-v6\-synthesis { \fIaddress_match_element\fR; \&.\&.\&. }; // obsolete
deallocate\-on\-exit \fIboolean\fR; // obsolete
fake\-iquery \fIboolean\fR; // obsolete
fetch\-glue \fIboolean\fR; // obsolete
has\-old\-clients \fIboolean\fR; // obsolete
maintain\-ixfr\-base \fIboolean\fR; // obsolete
max\-ixfr\-log\-size \fIsize\fR; // obsolete
multiple\-cnames \fIboolean\fR; // obsolete
named\-xfer \fIquoted_string\fR; // obsolete
serial\-queries \fIinteger\fR; // obsolete
treat\-cr\-as\-space \fIboolean\fR; // obsolete
use\-id\-pool \fIboolean\fR; // obsolete
};
.sp
.fi
.SH "VIEW"
.sp
.nf
view \fIstring\fR \fIoptional_class\fR {
match-clients { \fIaddress_match_element\fR; ... };
match-destinations { \fIaddress_match_element\fR; ... };
match-recursive-only \fIboolean\fR;
match\-clients { \fIaddress_match_element\fR; \&.\&.\&. };
match\-destinations { \fIaddress_match_element\fR; \&.\&.\&. };
match\-recursive\-only \fIboolean\fR;
key \fIstring\fR {
algorithm \fIstring\fR;
secret \fIstring\fR;
};
zone \fIstring\fR \fIoptional_class\fR {
...
\&.\&.\&.
};
server ( \fIipv4_address[/prefixlen]\fR | \fIipv6_address[/prefixlen]\fR ) {
...
\&.\&.\&.
};
trusted-keys {
\fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; ...
trusted\-keys {
\fIstring\fR \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; \&.\&.\&.
};
allow-recursion { \fIaddress_match_element\fR; ... };
sortlist { \fIaddress_match_element\fR; ... };
topology { \fIaddress_match_element\fR; ... }; // not implemented
auth-nxdomain \fIboolean\fR; // default changed
minimal-responses \fIboolean\fR;
allow\-recursion { \fIaddress_match_element\fR; \&.\&.\&. };
sortlist { \fIaddress_match_element\fR; \&.\&.\&. };
topology { \fIaddress_match_element\fR; \&.\&.\&. }; // not implemented
auth\-nxdomain \fIboolean\fR; // default changed
minimal\-responses \fIboolean\fR;
recursion \fIboolean\fR;
rrset-order {
rrset\-order {
[ class \fIstring\fR ] [ type \fIstring\fR ]
[ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; ...
[ name \fIquoted_string\fR ] \fIstring\fR \fIstring\fR; \&.\&.\&.
};
provide-ixfr \fIboolean\fR;
request-ixfr \fIboolean\fR;
rfc2308-type1 \fIboolean\fR; // not yet implemented
additional-from-auth \fIboolean\fR;
additional-from-cache \fIboolean\fR;
query-source \fIquerysource4\fR;
query-source-v6 \fIquerysource6\fR;
cleaning-interval \fIinteger\fR;
min-roots \fIinteger\fR; // not implemented
lame-ttl \fIinteger\fR;
max-ncache-ttl \fIinteger\fR;
max-cache-ttl \fIinteger\fR;
transfer-format ( many-answers | one-answer );
max-cache-size \fIsize_no_default\fR;
check-names ( master | slave | response )
provide\-ixfr \fIboolean\fR;
request\-ixfr \fIboolean\fR;
rfc2308\-type1 \fIboolean\fR; // not yet implemented
additional\-from\-auth \fIboolean\fR;
additional\-from\-cache \fIboolean\fR;
query\-source \fIquerysource4\fR;
query\-source\-v6 \fIquerysource6\fR;
cleaning\-interval \fIinteger\fR;
min\-roots \fIinteger\fR; // not implemented
lame\-ttl \fIinteger\fR;
max\-ncache\-ttl \fIinteger\fR;
max\-cache\-ttl \fIinteger\fR;
transfer\-format ( many\-answers | one\-answer );
max\-cache\-size \fIsize_no_default\fR;
check\-names ( master | slave | response )
( fail | warn | ignore );
cache-file \fIquoted_string\fR;
suppress-initial-notify \fIboolean\fR; // not yet implemented
preferred-glue \fIstring\fR;
dual-stack-servers [ port \fIinteger\fR ] {
cache\-file \fIquoted_string\fR;
suppress\-initial\-notify \fIboolean\fR; // not yet implemented
preferred\-glue \fIstring\fR;
dual\-stack\-servers [ port \fIinteger\fR ] {
( \fIquoted_string\fR [port \fIinteger\fR] |
\fIipv4_address\fR [port \fIinteger\fR] |
\fIipv6_address\fR [port \fIinteger\fR] ); ...
\fIipv6_address\fR [port \fIinteger\fR] ); \&.\&.\&.
};
edns-udp-size \fIinteger\fR;
root-delegation-only [ exclude { \fIquoted_string\fR; ... } ];
disable-algorithms \fIstring\fR { \fIstring\fR; ... };
dnssec-enable \fIboolean\fR;
dnssec-lookaside \fIstring\fR trust-anchor \fIstring\fR;
dnssec-must-be-secure \fIstring\fR \fIboolean\fR;
edns\-udp\-size \fIinteger\fR;
root\-delegation\-only [ exclude { \fIquoted_string\fR; \&.\&.\&. } ];
disable\-algorithms \fIstring\fR { \fIstring\fR; \&.\&.\&. };
dnssec\-enable \fIboolean\fR;
dnssec\-lookaside \fIstring\fR trust\-anchor \fIstring\fR;
dnssec\-must\-be\-secure \fIstring\fR \fIboolean\fR;
dialup \fIdialuptype\fR;
ixfr-from-differences \fIixfrdiff\fR;
allow-query { \fIaddress_match_element\fR; ... };
allow-query-cache { \fIaddress_match_element\fR; ... };
allow-transfer { \fIaddress_match_element\fR; ... };
allow-update { \fIaddress_match_element\fR; ... };
allow-update-forwarding { \fIaddress_match_element\fR; ... };
ixfr\-from\-differences \fIixfrdiff\fR;
allow\-query { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-query\-cache { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-transfer { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-update { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-update\-forwarding { \fIaddress_match_element\fR; \&.\&.\&. };
notify \fInotifytype\fR;
notify-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify-source-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify-delay \fIseconds\fR;
also-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
[ port \fIinteger\fR ]; ... };
allow-notify { \fIaddress_match_element\fR; ... };
notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify\-delay \fIseconds\fR;
also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
[ port \fIinteger\fR ]; \&.\&.\&. };
allow\-notify { \fIaddress_match_element\fR; \&.\&.\&. };
forward ( first | only );
forwarders [ port \fIinteger\fR ] {
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; \&.\&.\&.
};
max-journal-size \fIsize_no_default\fR;
max-transfer-time-in \fIinteger\fR;
max-transfer-time-out \fIinteger\fR;
max-transfer-idle-in \fIinteger\fR;
max-transfer-idle-out \fIinteger\fR;
max-retry-time \fIinteger\fR;
min-retry-time \fIinteger\fR;
max-refresh-time \fIinteger\fR;
min-refresh-time \fIinteger\fR;
multi-master \fIboolean\fR;
sig-validity-interval \fIinteger\fR;
transfer-source ( \fIipv4_address\fR | * )
max\-journal\-size \fIsize_no_default\fR;
max\-transfer\-time\-in \fIinteger\fR;
max\-transfer\-time\-out \fIinteger\fR;
max\-transfer\-idle\-in \fIinteger\fR;
max\-transfer\-idle\-out \fIinteger\fR;
max\-retry\-time \fIinteger\fR;
min\-retry\-time \fIinteger\fR;
max\-refresh\-time \fIinteger\fR;
min\-refresh\-time \fIinteger\fR;
multi\-master \fIboolean\fR;
sig\-validity\-interval \fIinteger\fR;
transfer\-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
transfer-source-v6 ( \fIipv6_address\fR | * )
transfer\-source\-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source ( \fIipv4_address\fR | * )
alt\-transfer\-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source-v6 ( \fIipv6_address\fR | * )
alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
use-alt-transfer-source \fIboolean\fR;
zone-statistics \fIboolean\fR;
key-directory \fIquoted_string\fR;
allow-v6-synthesis { \fIaddress_match_element\fR; ... }; // obsolete
fetch-glue \fIboolean\fR; // obsolete
maintain-ixfr-base \fIboolean\fR; // obsolete
max-ixfr-log-size \fIsize\fR; // obsolete
use\-alt\-transfer\-source \fIboolean\fR;
zone\-statistics \fIboolean\fR;
key\-directory \fIquoted_string\fR;
allow\-v6\-synthesis { \fIaddress_match_element\fR; \&.\&.\&. }; // obsolete
fetch\-glue \fIboolean\fR; // obsolete
maintain\-ixfr\-base \fIboolean\fR; // obsolete
max\-ixfr\-log\-size \fIsize\fR; // obsolete
};
.sp
.fi
.SH "ZONE"
.sp
.nf
zone \fIstring\fR \fIoptional_class\fR {
type ( master | slave | stub | hint |
forward | delegation-only );
forward | delegation\-only );
file \fIquoted_string\fR;
masters [ port \fIinteger\fR ] {
( \fImasters\fR |
\fIipv4_address\fR [port \fIinteger\fR] |
\fIipv6_address\fR [ port \fIinteger\fR ] ) [ key \fIstring\fR ]; ...
\fIipv6_address\fR [ port \fIinteger\fR ] ) [ key \fIstring\fR ]; \&.\&.\&.
};
database \fIstring\fR;
delegation-only \fIboolean\fR;
check-names ( fail | warn | ignore );
delegation\-only \fIboolean\fR;
check\-names ( fail | warn | ignore );
dialup \fIdialuptype\fR;
ixfr-from-differences \fIboolean\fR;
ixfr\-from\-differences \fIboolean\fR;
journal \fIquoted_string\fR;
allow-query { \fIaddress_match_element\fR; ... };
allow-transfer { \fIaddress_match_element\fR; ... };
allow-update { \fIaddress_match_element\fR; ... };
allow-update-forwarding { \fIaddress_match_element\fR; ... };
update-policy {
allow\-query { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-transfer { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-update { \fIaddress_match_element\fR; \&.\&.\&. };
allow\-update\-forwarding { \fIaddress_match_element\fR; \&.\&.\&. };
update\-policy {
( grant | deny ) \fIstring\fR
( name | subdomain | wildcard | self ) \fIstring\fR
\fIrrtypelist\fR; ...
\fIrrtypelist\fR; \&.\&.\&.
};
notify \fInotifytype\fR;
notify-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify-source-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify-delay \fIseconds\fR;
also-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
[ port \fIinteger\fR ]; ... };
allow-notify { \fIaddress_match_element\fR; ... };
notify\-source ( \fIipv4_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify\-source\-v6 ( \fIipv6_address\fR | * ) [ port ( \fIinteger\fR | * ) ];
notify\-delay \fIseconds\fR;
also\-notify [ port \fIinteger\fR ] { ( \fIipv4_address\fR | \fIipv6_address\fR )
[ port \fIinteger\fR ]; \&.\&.\&. };
allow\-notify { \fIaddress_match_element\fR; \&.\&.\&. };
forward ( first | only );
forwarders [ port \fIinteger\fR ] {
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; ...
( \fIipv4_address\fR | \fIipv6_address\fR ) [ port \fIinteger\fR ]; \&.\&.\&.
};
max-journal-size \fIsize_no_default\fR;
max-transfer-time-in \fIinteger\fR;
max-transfer-time-out \fIinteger\fR;
max-transfer-idle-in \fIinteger\fR;
max-transfer-idle-out \fIinteger\fR;
max-retry-time \fIinteger\fR;
min-retry-time \fIinteger\fR;
max-refresh-time \fIinteger\fR;
min-refresh-time \fIinteger\fR;
multi-master \fIboolean\fR;
sig-validity-interval \fIinteger\fR;
transfer-source ( \fIipv4_address\fR | * )
max\-journal\-size \fIsize_no_default\fR;
max\-transfer\-time\-in \fIinteger\fR;
max\-transfer\-time\-out \fIinteger\fR;
max\-transfer\-idle\-in \fIinteger\fR;
max\-transfer\-idle\-out \fIinteger\fR;
max\-retry\-time \fIinteger\fR;
min\-retry\-time \fIinteger\fR;
max\-refresh\-time \fIinteger\fR;
min\-refresh\-time \fIinteger\fR;
multi\-master \fIboolean\fR;
sig\-validity\-interval \fIinteger\fR;
transfer\-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
transfer-source-v6 ( \fIipv6_address\fR | * )
transfer\-source\-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source ( \fIipv4_address\fR | * )
alt\-transfer\-source ( \fIipv4_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
alt-transfer-source-v6 ( \fIipv6_address\fR | * )
alt\-transfer\-source\-v6 ( \fIipv6_address\fR | * )
[ port ( \fIinteger\fR | * ) ];
use-alt-transfer-source \fIboolean\fR;
zone-statistics \fIboolean\fR;
key-directory \fIquoted_string\fR;
ixfr-base \fIquoted_string\fR; // obsolete
ixfr-tmp-file \fIquoted_string\fR; // obsolete
maintain-ixfr-base \fIboolean\fR; // obsolete
max-ixfr-log-size \fIsize\fR; // obsolete
use\-alt\-transfer\-source \fIboolean\fR;
zone\-statistics \fIboolean\fR;
key\-directory \fIquoted_string\fR;
ixfr\-base \fIquoted_string\fR; // obsolete
ixfr\-tmp\-file \fIquoted_string\fR; // obsolete
maintain\-ixfr\-base \fIboolean\fR; // obsolete
max\-ixfr\-log\-size \fIsize\fR; // obsolete
pubkey \fIinteger\fR \fIinteger\fR \fIinteger\fR \fIquoted_string\fR; // obsolete
};
.sp
.fi
.SH "FILES"
.PP
\fI/etc/named.conf\fR
\fI/etc/named\&.conf\fR
.SH "SEE ALSO"
.PP
\fBnamed\fR(8),
\fBrndc\fR(8),
\fBBIND 9 Adminstrators Reference Manual\fR.
\fBnamed\fR(8), \fBrndc\fR(8), \fBBIND 9 Administrator Reference Manual\fR()\&.

3056
bin/named/named.conf.html
View file

File diff suppressed because it is too large Load diff

887
bin/named/named.html
View file

@ -1,669 +1,240 @@
<!--
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
-
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: named.html,v 1.11 2005/04/03 03:31:33 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>named</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
><SPAN
CLASS="APPLICATION"
>named</SPAN
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>named</SPAN
>&nbsp;--&nbsp;Internet domain name server</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>named</B
> [<CODE
CLASS="OPTION"
>-4</CODE
>] [<CODE
CLASS="OPTION"
>-6</CODE
>] [<CODE
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-f</CODE
>] [<CODE
CLASS="OPTION"
>-g</CODE
>] [<CODE
CLASS="OPTION"
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-s</CODE
>] [<CODE
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-v</CODE
>] [<CODE
CLASS="OPTION"
>-x <TT
CLASS="REPLACEABLE"
><I
>cache-file</I
></TT
></CODE
>]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN49"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>named</B
> is a Domain Name System (DNS) server,
part of the BIND 9 distribution from ISC. For more
information on the DNS, see RFCs 1033, 1034, and 1035.
</P
><P
> When invoked without arguments, <B
CLASS="COMMAND"
>named</B
> will
read the default configuration file
<TT
CLASS="FILENAME"
>/etc/named.conf</TT
>, read any initial
data, and listen for queries.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN56"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-4</DT
><DD
><P
> Use IPv4 only even if the host machine is capable of IPv6.
<CODE
CLASS="OPTION"
>-4</CODE
> and <CODE
CLASS="OPTION"
>-6</CODE
> are mutually
exclusive.
</P
></DD
><DT
>-6</DT
><DD
><P
> Use IPv6 only even if the host machine is capable of IPv4.
<CODE
CLASS="OPTION"
>-4</CODE
> and <CODE
CLASS="OPTION"
>-6</CODE
> are mutually
exclusive.
</P
></DD
><DT
>-c <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></DT
><DD
><P
> Use <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
> as the
configuration file instead of the default,
<TT
CLASS="FILENAME"
>/etc/named.conf</TT
>. To
ensure that reloading the configuration file continues
to work after the server has changed its working
directory due to to a possible
<CODE
CLASS="OPTION"
>directory</CODE
> option in the configuration
file, <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
> should be
an absolute pathname.
</P
></DD
><DT
>-d <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
></DT
><DD
><P
> Set the daemon's debug level to <TT
CLASS="REPLACEABLE"
><I
>debug-level</I
></TT
>.
Debugging traces from <B
CLASS="COMMAND"
>named</B
> become
more verbose as the debug level increases.
</P
></DD
><DT
>-f</DT
><DD
><P
> Run the server in the foreground (i.e. do not daemonize).
</P
></DD
><DT
>-g</DT
><DD
><P
> Run the server in the foreground and force all logging
to <TT
CLASS="FILENAME"
>stderr</TT
>.
</P
></DD
><DT
>-n <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
></DT
><DD
><P
> Create <TT
CLASS="REPLACEABLE"
><I
>#cpus</I
></TT
> worker threads
to take advantage of multiple CPUs. If not specified,
<B
CLASS="COMMAND"
>named</B
> will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
</P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
> Listen for queries on port <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
>. If not
specified, the default is port 53.
</P
></DD
><DT
>-s</DT
><DD
><P
> Write memory usage statistics to <TT
CLASS="FILENAME"
>stdout</TT
> on exit.
</P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
> This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
</P
></BLOCKQUOTE
></DIV
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
></DT
><DD
><P
> <CODE
CLASS="FUNCTION"
>chroot()</CODE
> to <TT
CLASS="REPLACEABLE"
><I
>directory</I
></TT
> after
processing the command line arguments, but before
reading the configuration file.
</P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
BORDER="1"
WIDTH="90%"
><TR
><TD
ALIGN="CENTER"
><B
>Warning</B
></TD
></TR
><TR
><TD
ALIGN="LEFT"
><P
> This option should be used in conjunction with the
<CODE
CLASS="OPTION"
>-u</CODE
> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <CODE
CLASS="FUNCTION"
>chroot()</CODE
> is
defined allows a process with root privileges to
escape a chroot jail.
</P
></TD
></TR
></TABLE
></DIV
></DD
><DT
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></DT
><DD
><P
> <CODE
CLASS="FUNCTION"
>setuid()</CODE
> to <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
</P
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Note: </B
> On Linux, <B
CLASS="COMMAND"
>named</B
> uses the kernel's
capability mechanism to drop all root privileges
except the ability to <CODE
CLASS="FUNCTION"
>bind()</CODE
> to a
privileged port and set process resource limits.
Unfortunately, this means that the <CODE
CLASS="OPTION"
>-u</CODE
>
option only works when <B
CLASS="COMMAND"
>named</B
> is run
on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
later, since previous kernels did not allow privileges
to be retained after <CODE
CLASS="FUNCTION"
>setuid()</CODE
>.
</P
></BLOCKQUOTE
></DIV
></DD
><DT
>-v</DT
><DD
><P
> Report the version number and exit.
</P
></DD
><DT
>-x <TT
CLASS="REPLACEABLE"
><I
>cache-file</I
></TT
></DT
><DD
><P
> Load data from <TT
CLASS="REPLACEABLE"
><I
>cache-file</I
></TT
> into the
cache of the default view.
</P
><DIV
CLASS="WARNING"
><P
></P
><TABLE
CLASS="WARNING"
BORDER="1"
WIDTH="90%"
><TR
><TD
ALIGN="CENTER"
><B
>Warning</B
></TD
></TR
><TR
><TD
ALIGN="LEFT"
><P
> This option must not be used. It is only of interest
to BIND 9 developers and may be removed or changed in a
future release.
</P
></TD
></TR
></TABLE
></DIV
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN153"
></A
><H2
>SIGNALS</H2
><P
> In routine operation, signals should not be used to control
the nameserver; <B
CLASS="COMMAND"
>rndc</B
> should be used
instead.
</P
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>SIGHUP</DT
><DD
><P
> Force a reload of the server.
</P
></DD
><DT
>SIGINT, SIGTERM</DT
><DD
><P
> Shut down the server.
</P
></DD
></DL
></DIV
><P
> The result of sending any other signals to the server is undefined.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN167"
></A
><H2
>CONFIGURATION</H2
><P
> The <B
CLASS="COMMAND"
>named</B
> configuration file is too complex
to describe in detail here. A complete description is
provided in the <I
CLASS="CITETITLE"
>BIND 9 Administrator Reference
Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN172"
></A
><H2
>FILES</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><TT
CLASS="FILENAME"
>/etc/named.conf</TT
></DT
><DD
><P
> The default configuration file.
</P
></DD
><DT
><TT
CLASS="FILENAME"
>/var/run/named.pid</TT
></DT
><DD
><P
> The default process-id file.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN185"
></A
><H2
>SEE ALSO</H2
><P
> <I
CLASS="CITETITLE"
>RFC 1033</I
>,
<I
CLASS="CITETITLE"
>RFC 1034</I
>,
<I
CLASS="CITETITLE"
>RFC 1035</I
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc</SPAN
>(8)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwresd</SPAN
>(8)</SPAN
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN198"
></A
><H2
>AUTHOR</H2
><P
> Internet Systems Consortium
</P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>named</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">named</span> &#8212; Internet domain name server</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">named</code> [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514050"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">named</strong></span>
is a Domain Name System (DNS) server,
part of the BIND 9 distribution from ISC. For more
information on the DNS, see RFCs 1033, 1034, and 1035.
</p>
<p>
When invoked without arguments, <span><strong class="command">named</strong></span>
will
read the default configuration file
<code class="filename">/etc/named.conf</code>, read any initial
data, and listen for queries.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514074"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-4</span></dt>
<dd><p>
Use IPv4 only even if the host machine is capable of IPv6.
<code class="option">-4</code> and <code class="option">-6</code> are mutually
exclusive.
</p></dd>
<dt><span class="term">-6</span></dt>
<dd><p>
Use IPv6 only even if the host machine is capable of IPv4.
<code class="option">-4</code> and <code class="option">-6</code> are mutually
exclusive.
</p></dd>
<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
<dd><p>
Use <em class="replaceable"><code>config-file</code></em> as the
configuration file instead of the default,
<code class="filename">/etc/named.conf</code>. To
ensure that reloading the configuration file continues
to work after the server has changed its working
directory due to to a possible
<code class="option">directory</code> option in the configuration
file, <em class="replaceable"><code>config-file</code></em> should be
an absolute pathname.
</p></dd>
<dt><span class="term">-d <em class="replaceable"><code>debug-level</code></em></span></dt>
<dd><p>
Set the daemon's debug level to <em class="replaceable"><code>debug-level</code></em>.
Debugging traces from <span><strong class="command">named</strong></span> become
more verbose as the debug level increases.
</p></dd>
<dt><span class="term">-f</span></dt>
<dd><p>
Run the server in the foreground (i.e. do not daemonize).
</p></dd>
<dt><span class="term">-g</span></dt>
<dd><p>
Run the server in the foreground and force all logging
to <code class="filename">stderr</code>.
</p></dd>
<dt><span class="term">-n <em class="replaceable"><code>#cpus</code></em></span></dt>
<dd><p>
Create <em class="replaceable"><code>#cpus</code></em> worker threads
to take advantage of multiple CPUs. If not specified,
<span><strong class="command">named</strong></span> will try to determine the
number of CPUs present and create one thread per CPU.
If it is unable to determine the number of CPUs, a
single worker thread will be created.
</p></dd>
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
<dd><p>
Listen for queries on port <em class="replaceable"><code>port</code></em>. If not
specified, the default is port 53.
</p></dd>
<dt><span class="term">-s</span></dt>
<dd>
<p>
Write memory usage statistics to <code class="filename">stdout</code> on exit.
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
<p>
This option is mainly of interest to BIND 9 developers
and may be removed or changed in a future release.
</p>
</div>
</dd>
<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
<dd>
<p><code class="function">chroot()</code>
to <em class="replaceable"><code>directory</code></em> after
processing the command line arguments, but before
reading the configuration file.
</p>
<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Warning</h3>
<p>
This option should be used in conjunction with the
<code class="option">-u</code> option, as chrooting a process
running as root doesn't enhance security on most
systems; the way <code class="function">chroot()</code> is
defined allows a process with root privileges to
escape a chroot jail.
</p>
</div>
</dd>
<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
<dd>
<p><code class="function">setuid()</code>
to <em class="replaceable"><code>user</code></em> after completing
privileged operations, such as creating sockets that
listen on privileged ports.
</p>
<div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Note</h3>
<p>
On Linux, <span><strong class="command">named</strong></span> uses the kernel's
capability mechanism to drop all root privileges
except the ability to <code class="function">bind()</code> to
a
privileged port and set process resource limits.
Unfortunately, this means that the <code class="option">-u</code>
option only works when <span><strong class="command">named</strong></span> is
run
on kernel 2.2.18 or later, or kernel 2.3.99-pre3 or
later, since previous kernels did not allow privileges
to be retained after <code class="function">setuid()</code>.
</p>
</div>
</dd>
<dt><span class="term">-v</span></dt>
<dd><p>
Report the version number and exit.
</p></dd>
<dt><span class="term">-x <em class="replaceable"><code>cache-file</code></em></span></dt>
<dd>
<p>
Load data from <em class="replaceable"><code>cache-file</code></em> into the
cache of the default view.
</p>
<div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;">
<h3 class="title">Warning</h3>
<p>
This option must not be used. It is only of interest
to BIND 9 developers and may be removed or changed in a
future release.
</p>
</div>
</dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514555"></a><h2>SIGNALS</h2>
<p>
In routine operation, signals should not be used to control
the nameserver; <span><strong class="command">rndc</strong></span> should be used
instead.
</p>
<div class="variablelist"><dl>
<dt><span class="term">SIGHUP</span></dt>
<dd><p>
Force a reload of the server.
</p></dd>
<dt><span class="term">SIGINT, SIGTERM</span></dt>
<dd><p>
Shut down the server.
</p></dd>
</dl></div>
<p>
The result of sending any other signals to the server is undefined.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514603"></a><h2>CONFIGURATION</h2>
<p>
The <span><strong class="command">named</strong></span> configuration file is too complex
to describe in detail here. A complete description is provided
in the
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514620"></a><h2>FILES</h2>
<div class="variablelist"><dl>
<dt><span class="term"><code class="filename">/etc/named.conf</code></span></dt>
<dd><p>
The default configuration file.
</p></dd>
<dt><span class="term"><code class="filename">/var/run/named.pid</code></span></dt>
<dd><p>
The default process-id file.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514660"></a><h2>SEE ALSO</h2>
<p><em class="citetitle">RFC 1033</em>,
<em class="citetitle">RFC 1034</em>,
<em class="citetitle">RFC 1035</em>,
<span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">lwresd</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514699"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
</div></body>
</html>

395
bin/nsupdate/nsupdate.8
View file

@ -1,369 +1,154 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000-2003 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: nsupdate.8,v 1.33 2005/04/07 03:49:58 marka Exp $
.\"
.TH "NSUPDATE" "8" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "NSUPDATE" 8 "Jun 30, 2000" "" ""
.SH NAME
nsupdate \- Dynamic DNS update utility
.SH SYNOPSIS
.sp
\fBnsupdate\fR [ \fB-d\fR ] [ \fB [ -y \fIkeyname:secret\fB ] [ -k \fIkeyfile\fB ] \fR ] [ \fB-t \fItimeout\fB\fR ] [ \fB-u \fIudptimeout\fB\fR ] [ \fB-r \fIudpretries\fB\fR ] [ \fB-v\fR ] [ \fBfilename\fR ]
.SH "SYNOPSIS"
.HP 9
\fBnsupdate\fR [\fB\-d\fR] [\fB\fB\-y\ \fIkeyname:secret\fR\fR\fR | \fB\fB\-k\ \fIkeyfile\fR\fR\fR] [\fB\-t\ \fItimeout\fR\fR] [\fB\-u\ \fIudptimeout\fR\fR] [\fB\-r\ \fIudpretries\fR\fR] [\fB\-v\fR] [filename]
.SH "DESCRIPTION"
.PP
\fBnsupdate\fR
is used to submit Dynamic DNS Update requests as defined in RFC2136
to a name server.
This allows resource records to be added or removed from a zone
without manually editing the zone file.
A single update request can contain requests to add or remove more than one
resource record.
\fBnsupdate\fR is used to submit Dynamic DNS Update requests as defined in RFC2136 to a name server\&. This allows resource records to be added or removed from a zone without manually editing the zone file\&. A single update request can contain requests to add or remove more than one resource record\&.
.PP
Zones that are under dynamic control via
\fBnsupdate\fR
or a DHCP server should not be edited by hand.
Manual edits could
conflict with dynamic updates and cause data to be lost.
Zones that are under dynamic control via \fBnsupdate\fR or a DHCP server should not be edited by hand\&. Manual edits could conflict with dynamic updates and cause data to be lost\&.
.PP
The resource records that are dynamically added or removed with
\fBnsupdate\fR
have to be in the same zone.
Requests are sent to the zone's master server.
This is identified by the MNAME field of the zone's SOA record.
The resource records that are dynamically added or removed with \fBnsupdate\fR have to be in the same zone\&. Requests are sent to the zone's master server\&. This is identified by the MNAME field of the zone's SOA record\&.
.PP
The
\fB-d\fR
option makes
\fBnsupdate\fR
operate in debug mode.
This provides tracing information about the update requests that are
made and the replies received from the name server.
The \fB\-d\fR option makes \fBnsupdate\fR operate in debug mode\&. This provides tracing information about the update requests that are made and the replies received from the name server\&.
.PP
Transaction signatures can be used to authenticate the Dynamic DNS
updates.
These use the TSIG resource record type described in RFC2845 or the
SIG(0) record described in RFC3535 and RFC2931.
TSIG relies on a shared secret that should only be known to
\fBnsupdate\fR and the name server.
Currently, the only supported encryption algorithm for TSIG is
HMAC-MD5, which is defined in RFC 2104.
Once other algorithms are defined for TSIG, applications will need to
ensure they select the appropriate algorithm as well as the key when
authenticating each other.
For instance suitable
\fBkey\fR
and
\fBserver\fR
statements would be added to
\fI/etc/named.conf\fR
so that the name server can associate the appropriate secret key
and algorithm with the IP address of the
client application that will be using TSIG authentication.
SIG(0) uses public key cryptography. To use a SIG(0) key, the public
key must be stored in a KEY record in a zone served by the name server.
\fBnsupdate\fR
does not read
\fI/etc/named.conf\fR.
Transaction signatures can be used to authenticate the Dynamic DNS updates\&. These use the TSIG resource record type described in RFC2845 or the SIG(0) record described in RFC3535 and RFC2931\&. TSIG relies on a shared secret that should only be known to \fBnsupdate\fR and the name server\&. Currently, the only supported encryption algorithm for TSIG is HMAC\-MD5, which is defined in RFC 2104\&. Once other algorithms are defined for TSIG, applications will need to ensure they select the appropriate algorithm as well as the key when authenticating each other\&. For instance suitable \fBkey\fR and \fBserver\fR statements would be added to \fI/etc/named\&.conf\fR so that the name server can associate the appropriate secret key and algorithm with the IP address of the client application that will be using TSIG authentication\&. SIG(0) uses public key cryptography\&. To use a SIG(0) key, the public key must be stored in a KEY record in a zone served by the name server\&. \fBnsupdate\fR does not read \fI/etc/named\&.conf\fR\&.
.PP
\fBnsupdate\fR
uses the
\fB-y\fR
or
\fB-k\fR
option (with an HMAC-MD5 key) to provide the shared secret needed to generate
a TSIG record for authenticating Dynamic DNS update requests.
These options are mutually exclusive.
With the
\fB-k\fR
option,
\fBnsupdate\fR
reads the shared secret from the file
\fIkeyfile\fR,
whose name is of the form
\fIK{name}.+157.+{random}.private\fR.
For historical
reasons, the file
\fIK{name}.+157.+{random}.key\fR
must also be present. When the
\fB-y\fR
option is used, a signature is generated from
\fIkeyname:secret.\fR
\fIkeyname\fR
is the name of the key,
and
\fIsecret\fR
is the base64 encoded shared secret.
Use of the
\fB-y\fR
option is discouraged because the shared secret is supplied as a command
line argument in clear text.
This may be visible in the output from
\fBps\fR(1)
or in a history file maintained by the user's shell.
\fBnsupdate\fR uses the \fB\-y\fR or \fB\-k\fR option (with an HMAC\-MD5 key) to provide the shared secret needed to generate a TSIG record for authenticating Dynamic DNS update requests\&. These options are mutually exclusive\&. With the \fB\-k\fR option, \fBnsupdate\fR reads the shared secret from the file \fIkeyfile\fR, whose name is of the form \fIK{name}\&.+157\&.+{random}\&.private\fR\&. For historical reasons, the file \fIK{name}\&.+157\&.+{random}\&.key\fR must also be present\&. When the \fB\-y\fR option is used, a signature is generated from \fIkeyname:secret\&.\fR \fIkeyname\fR is the name of the key, and \fIsecret\fR is the base64 encoded shared secret\&. Use of the \fB\-y\fR option is discouraged because the shared secret is supplied as a command line argument in clear text\&. This may be visible in the output from \fBps\fR(1) or in a history file maintained by the user's shell\&.
.PP
The \fB-k\fR may also be used to specify a SIG(0) key used
to authenticate Dynamic DNS update requests. In this case, the key
specified is not an HMAC-MD5 key.
The \fB\-k\fR may also be used to specify a SIG(0) key used to authenticate Dynamic DNS update requests\&. In this case, the key specified is not an HMAC\-MD5 key\&.
.PP
By default
\fBnsupdate\fR
uses UDP to send update requests to the name server unless they are too
large to fit in a UDP request in which case TCP will be used.
The
\fB-v\fR
option makes
\fBnsupdate\fR
use a TCP connection.
This may be preferable when a batch of update requests is made.
By default \fBnsupdate\fR uses UDP to send update requests to the name server unless they are too large to fit in a UDP request in which case TCP will be used\&. The \fB\-v\fR option makes \fBnsupdate\fR use a TCP connection\&. This may be preferable when a batch of update requests is made\&.
.PP
The \fB-t\fR option sets the maximum time a update request can
take before it is aborted. The default is 300 seconds. Zero can be used
to disable the timeout.
The \fB\-t\fR option sets the maximum time a update request can take before it is aborted\&. The default is 300 seconds\&. Zero can be used to disable the timeout\&.
.PP
The \fB-u\fR option sets the UDP retry interval. The default is
3 seconds. If zero the interval will be computed from the timeout interval
and number of UDP retries.
The \fB\-u\fR option sets the UDP retry interval\&. The default is 3 seconds\&. If zero the interval will be computed from the timeout interval and number of UDP retries\&.
.PP
The \fB-r\fR option sets the number of UDP retries. The default is
3. If zero only one update request will be made.
The \fB\-r\fR option sets the number of UDP retries\&. The default is 3\&. If zero only one update request will be made\&.
.SH "INPUT FORMAT"
.PP
\fBnsupdate\fR
reads input from
\fIfilename\fR
or standard input.
Each command is supplied on exactly one line of input.
Some commands are for administrative purposes.
The others are either update instructions or prerequisite checks on the
contents of the zone.
These checks set conditions that some name or set of
resource records (RRset) either exists or is absent from the zone.
These conditions must be met if the entire update request is to succeed.
Updates will be rejected if the tests for the prerequisite conditions fail.
\fBnsupdate\fR reads input from \fIfilename\fR or standard input\&. Each command is supplied on exactly one line of input\&. Some commands are for administrative purposes\&. The others are either update instructions or prerequisite checks on the contents of the zone\&. These checks set conditions that some name or set of resource records (RRset) either exists or is absent from the zone\&. These conditions must be met if the entire update request is to succeed\&. Updates will be rejected if the tests for the prerequisite conditions fail\&.
.PP
Every update request consists of zero or more prerequisites
and zero or more updates.
This allows a suitably authenticated update request to proceed if some
specified resource records are present or missing from the zone.
A blank input line (or the \fBsend\fR command) causes the
accumulated commands to be sent as one Dynamic DNS update request to the
name server.
Every update request consists of zero or more prerequisites and zero or more updates\&. This allows a suitably authenticated update request to proceed if some specified resource records are present or missing from the zone\&. A blank input line (or the \fBsend\fR command) causes the accumulated commands to be sent as one Dynamic DNS update request to the name server\&.
.PP
The command formats and their meaning are as follows:
The command formats and their meaning are as follows:
.TP
\fBserver servername [ port ]\fR
Sends all dynamic update requests to the name server
\fIservername\fR.
When no server statement is provided,
\fBnsupdate\fR
will send updates to the master server of the correct zone.
The MNAME field of that zone's SOA record will identify the master
server for that zone.
\fIport\fR
is the port number on
\fIservername\fR
where the dynamic update requests get sent.
If no port number is specified, the default DNS port number of 53 is
used.
.HP 7 \fBserver\fR {servername} [port]
Sends all dynamic update requests to the name server \fIservername\fR\&. When no server statement is provided, \fBnsupdate\fR will send updates to the master server of the correct zone\&. The MNAME field of that zone's SOA record will identify the master server for that zone\&. \fIport\fR is the port number on \fIservername\fR where the dynamic update requests get sent\&. If no port number is specified, the default DNS port number of 53 is used\&.
.TP
\fBlocal address [ port ]\fR
Sends all dynamic update requests using the local
\fIaddress\fR.
When no local statement is provided,
\fBnsupdate\fR
will send updates using an address and port chosen by the system.
\fIport\fR
can additionally be used to make requests come from a specific port.
If no port number is specified, the system will assign one.
.HP 6 \fBlocal\fR {address} [port]
Sends all dynamic update requests using the local \fIaddress\fR\&. When no local statement is provided, \fBnsupdate\fR will send updates using an address and port chosen by the system\&. \fIport\fR can additionally be used to make requests come from a specific port\&. If no port number is specified, the system will assign one\&.
.TP
\fBzone zonename\fR
Specifies that all updates are to be made to the zone
\fIzonename\fR.
If no
\fIzone\fR
statement is provided,
\fBnsupdate\fR
will attempt determine the correct zone to update based on the rest of the input.
.HP 5 \fBzone\fR {zonename}
Specifies that all updates are to be made to the zone \fIzonename\fR\&. If no \fIzone\fR statement is provided, \fBnsupdate\fR will attempt determine the correct zone to update based on the rest of the input\&.
.TP
\fBclass classname\fR
Specify the default class.
If no \fIclass\fR is specified the default class is
\fIIN\fR.
.HP 6 \fBclass\fR {classname}
Specify the default class\&. If no \fIclass\fR is specified the default class is \fIIN\fR\&.
.TP
\fBkey name secret\fR
Specifies that all updates are to be TSIG signed using the
\fIkeyname\fR \fIkeysecret\fR pair.
The \fBkey\fR command
overrides any key specified on the command line via
\fB-y\fR or \fB-k\fR.
.HP 4 \fBkey\fR {name} {secret}
Specifies that all updates are to be TSIG signed using the \fIkeyname\fR \fIkeysecret\fR pair\&. The \fBkey\fR command overrides any key specified on the command line via \fB\-y\fR or \fB\-k\fR\&.
.TP
\fBprereq nxdomain domain-name\fR
Requires that no resource record of any type exists with name
\fIdomain-name\fR.
.HP 16 \fBprereq nxdomain\fR {domain\-name}
Requires that no resource record of any type exists with name \fIdomain\-name\fR\&.
.TP
\fBprereq yxdomain domain-name\fR
Requires that
\fIdomain-name\fR
exists (has as at least one resource record, of any type).
.HP 16 \fBprereq yxdomain\fR {domain\-name}
Requires that \fIdomain\-name\fR exists (has as at least one resource record, of any type)\&.
.TP
\fBprereq nxrrset domain-name [ class ] type\fR
Requires that no resource record exists of the specified
\fItype\fR,
\fIclass\fR
and
\fIdomain-name\fR.
If
\fIclass\fR
is omitted, IN (internet) is assumed.
.HP 15 \fBprereq nxrrset\fR {domain\-name} [class] {type}
Requires that no resource record exists of the specified \fItype\fR, \fIclass\fR and \fIdomain\-name\fR\&. If \fIclass\fR is omitted, IN (internet) is assumed\&.
.TP
\fBprereq yxrrset domain-name [ class ] type\fR
This requires that a resource record of the specified
\fItype\fR,
\fIclass\fR
and
\fIdomain-name\fR
must exist.
If
\fIclass\fR
is omitted, IN (internet) is assumed.
.HP 15 \fBprereq yxrrset\fR {domain\-name} [class] {type}
This requires that a resource record of the specified \fItype\fR, \fIclass\fR and \fIdomain\-name\fR must exist\&. If \fIclass\fR is omitted, IN (internet) is assumed\&.
.TP
\fBprereq yxrrset domain-name [ class ] type data\fI...\fB\fR
The
\fIdata\fR
from each set of prerequisites of this form
sharing a common
\fItype\fR,
\fIclass\fR,
and
\fIdomain-name\fR
are combined to form a set of RRs. This set of RRs must
exactly match the set of RRs existing in the zone at the
given
\fItype\fR,
\fIclass\fR,
and
\fIdomain-name\fR.
The
\fIdata\fR
are written in the standard text representation of the resource record's
RDATA.
.HP 15 \fBprereq yxrrset\fR {domain\-name} [class] {type} {data...}
The \fIdata\fR from each set of prerequisites of this form sharing a common \fItype\fR, \fIclass\fR, and \fIdomain\-name\fR are combined to form a set of RRs\&. This set of RRs must exactly match the set of RRs existing in the zone at the given \fItype\fR, \fIclass\fR, and \fIdomain\-name\fR\&. The \fIdata\fR are written in the standard text representation of the resource record's RDATA\&.
.TP
\fBupdate delete domain-name [ ttl ] [ class ] [ type [ data\fI...\fB ] ]\fR
Deletes any resource records named
\fIdomain-name\fR.
If
\fItype\fR
and
\fIdata\fR
is provided, only matching resource records will be removed.
The internet class is assumed if
\fIclass\fR
is not supplied. The
\fIttl\fR
is ignored, and is only allowed for compatibility.
.HP 14 \fBupdate delete\fR {domain\-name} [ttl] [class] [type\ [data...]]
Deletes any resource records named \fIdomain\-name\fR\&. If \fItype\fR and \fIdata\fR is provided, only matching resource records will be removed\&. The internet class is assumed if \fIclass\fR is not supplied\&. The \fIttl\fR is ignored, and is only allowed for compatibility\&.
.TP
\fBupdate add domain-name ttl [ class ] type data\fI...\fB\fR
Adds a new resource record with the specified
\fIttl\fR,
\fIclass\fR
and
\fIdata\fR.
.HP 11 \fBupdate add\fR {domain\-name} {ttl} [class] {type} {data...}
Adds a new resource record with the specified \fIttl\fR, \fIclass\fR and \fIdata\fR\&.
.TP
\fBshow\fR
Displays the current message, containing all of the prerequisites and
updates specified since the last send.
.HP 5 \fBshow\fR
Displays the current message, containing all of the prerequisites and updates specified since the last send\&.
.TP
\fBsend\fR
Sends the current message. This is equivalent to entering a blank line.
.HP 5 \fBsend\fR
Sends the current message\&. This is equivalent to entering a blank line\&.
.TP
\fBanswer\fR
Displays the answer.
.HP 7 \fBanswer\fR
Displays the answer\&.
.PP
Lines beginning with a semicolon are comments and are ignored.
Lines beginning with a semicolon are comments and are ignored\&.
.SH "EXAMPLES"
.PP
The examples below show how
\fBnsupdate\fR
could be used to insert and delete resource records from the
\fBexample.com\fR
zone.
Notice that the input in each example contains a trailing blank line so that
a group of commands are sent as one dynamic update request to the
master name server for
\fBexample.com\fR.
.sp
The examples below show how \fBnsupdate\fR could be used to insert and delete resource records from the \fBexample\&.com\fR zone\&. Notice that the input in each example contains a trailing blank line so that a group of commands are sent as one dynamic update request to the master name server for \fBexample\&.com\fR\&.
.nf
# nsupdate
> update delete oldhost.example.com A
> update add newhost.example.com 86400 A 172.16.1.1
> update delete oldhost\&.example\&.com A
> update add newhost\&.example\&.com 86400 A 172\&.16\&.1\&.1
> send
.sp
.fi
.PP
Any A records for
\fBoldhost.example.com\fR
are deleted.
and an A record for
\fBnewhost.example.com\fR
it IP address 172.16.1.1 is added.
The newly-added record has a 1 day TTL (86400 seconds)
.sp
Any A records for \fBoldhost\&.example\&.com\fR are deleted\&. and an A record for \fBnewhost\&.example\&.com\fR it IP address 172\&.16\&.1\&.1 is added\&. The newly\-added record has a 1 day TTL (86400 seconds)
.nf
# nsupdate
> prereq nxdomain nickname.example.com
> update add nickname.example.com 86400 CNAME somehost.example.com
> prereq nxdomain nickname\&.example\&.com
> update add nickname\&.example\&.com 86400 CNAME somehost\&.example\&.com
> send
.sp
.fi
.PP
The prerequisite condition gets the name server to check that there
are no resource records of any type for
\fBnickname.example.com\fR.
If there are, the update request fails.
If this name does not exist, a CNAME for it is added.
This ensures that when the CNAME is added, it cannot conflict with the
long-standing rule in RFC1034 that a name must not exist as any other
record type if it exists as a CNAME.
(The rule has been updated for DNSSEC in RFC2535 to allow CNAMEs to have
RRSIG, DNSKEY and NSEC records.)
The prerequisite condition gets the name server to check that there are no resource records of any type for \fBnickname\&.example\&.com\fR\&. If there are, the update request fails\&. If this name does not exist, a CNAME for it is added\&. This ensures that when the CNAME is added, it cannot conflict with the long\-standing rule in RFC1034 that a name must not exist as any other record type if it exists as a CNAME\&. (The rule has been updated for DNSSEC in RFC2535 to allow CNAMEs to have RRSIG, DNSKEY and NSEC records\&.)
.SH "FILES"
.TP
\fB/etc/resolv.conf\fR
\fB/etc/resolv\&.conf\fR
used to identify default name server
.TP
\fBK{name}.+157.+{random}.key\fR
base-64 encoding of HMAC-MD5 key created by
\fBdnssec-keygen\fR(8).
\fBK{name}\&.+157\&.+{random}\&.key\fR
base\-64 encoding of HMAC\-MD5 key created by \fBdnssec\-keygen\fR(8)\&.
.TP
\fBK{name}.+157.+{random}.private\fR
base-64 encoding of HMAC-MD5 key created by
\fBdnssec-keygen\fR(8).
\fBK{name}\&.+157\&.+{random}\&.private\fR
base\-64 encoding of HMAC\-MD5 key created by \fBdnssec\-keygen\fR(8)\&.
.SH "SEE ALSO"
.PP
\fBRFC2136\fR,
\fBRFC3007\fR,
\fBRFC2104\fR,
\fBRFC2845\fR,
\fBRFC1034\fR,
\fBRFC2535\fR,
\fBRFC2931\fR,
\fBnamed\fR(8),
\fBdnssec-keygen\fR(8).
\fBRFC2136\fR(), \fBRFC3007\fR(), \fBRFC2104\fR(), \fBRFC2845\fR(), \fBRFC1034\fR(), \fBRFC2535\fR(), \fBRFC2931\fR(), \fBnamed\fR(8), \fBdnssec\-keygen\fR(8)\&.
.SH "BUGS"
.PP
The TSIG key is redundantly stored in two separate files.
This is a consequence of nsupdate using the DST library
for its cryptographic operations, and may change in future
releases.
The TSIG key is redundantly stored in two separate files\&. This is a consequence of nsupdate using the DST library for its cryptographic operations, and may change in future releases\&.

1395
bin/nsupdate/nsupdate.html
View file

File diff suppressed because it is too large Load diff

167
bin/rndc/rndc-confgen.8
View file

@ -1,140 +1,93 @@
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2001, 2003 Internet Software Consortium.
.\"
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2001, 2003 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: rndc-confgen.8,v 1.13 2005/04/07 03:49:59 marka Exp $
.\"
.TH "RNDC-CONFGEN" "8" "Aug 27, 2001" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "RNDC-CONFGEN" 8 "Aug 27, 2001" "" ""
.SH NAME
rndc-confgen \- rndc key generation tool
.SH SYNOPSIS
.sp
\fBrndc-confgen\fR [ \fB-a\fR ] [ \fB-b \fIkeysize\fB\fR ] [ \fB-c \fIkeyfile\fB\fR ] [ \fB-h\fR ] [ \fB-k \fIkeyname\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-r \fIrandomfile\fB\fR ] [ \fB-s \fIaddress\fB\fR ] [ \fB-t \fIchrootdir\fB\fR ] [ \fB-u \fIuser\fB\fR ]
.SH "SYNOPSIS"
.HP 13
\fBrndc\-confgen\fR [\fB\-a\fR] [\fB\-b\ \fIkeysize\fR\fR] [\fB\-c\ \fIkeyfile\fR\fR] [\fB\-h\fR] [\fB\-k\ \fIkeyname\fR\fR] [\fB\-p\ \fIport\fR\fR] [\fB\-r\ \fIrandomfile\fR\fR] [\fB\-s\ \fIaddress\fR\fR] [\fB\-t\ \fIchrootdir\fR\fR] [\fB\-u\ \fIuser\fR\fR]
.SH "DESCRIPTION"
.PP
\fBrndc-confgen\fR generates configuration files
for \fBrndc\fR. It can be used as a
convenient alternative to writing the
\fIrndc.conf\fR file
and the corresponding \fBcontrols\fR
and \fBkey\fR
statements in \fInamed.conf\fR by hand.
Alternatively, it can be run with the \fB-a\fR
option to set up a \fIrndc.key\fR file and
avoid the need for a \fIrndc.conf\fR file
and a \fBcontrols\fR statement altogether.
\fBrndc\-confgen\fR generates configuration files for \fBrndc\fR\&. It can be used as a convenient alternative to writing the \fIrndc\&.conf\fR file and the corresponding \fBcontrols\fR and \fBkey\fR statements in \fInamed\&.conf\fR by hand\&. Alternatively, it can be run with the \fB\-a\fR option to set up a \fIrndc\&.key\fR file and avoid the need for a \fIrndc\&.conf\fR file and a \fBcontrols\fR statement altogether\&.
.SH "OPTIONS"
.TP
\fB-a\fR
Do automatic \fBrndc\fR configuration.
This creates a file \fIrndc.key\fR
in \fI/etc\fR (or whatever
sysconfdir
was specified as when BIND was built)
that is read by both \fBrndc\fR
and \fBnamed\fR on startup. The
\fIrndc.key\fR file defines a default
command channel and authentication key allowing
\fBrndc\fR to communicate with
\fBnamed\fR on the local host
with no further configuration.
Running \fBrndc-confgen -a\fR allows
BIND 9 and \fBrndc\fR to be used as drop-in
replacements for BIND 8 and \fBndc\fR,
with no changes to the existing BIND 8
\fInamed.conf\fR file.
If a more elaborate configuration than that
generated by \fBrndc-confgen -a\fR
is required, for example if rndc is to be used remotely,
you should run \fBrndc-confgen\fR without the
\fB-a\fR option and set up a
\fIrndc.conf\fR and
\fInamed.conf\fR
as directed.
\-a
Do automatic \fBrndc\fR configuration\&. This creates a file \fIrndc\&.key\fR in \fI/etc\fR (or whatever \fIsysconfdir\fR was specified as when BIND was built) that is read by both \fBrndc\fR and \fBnamed\fR on startup\&. The \fIrndc\&.key\fR file defines a default command channel and authentication key allowing \fBrndc\fR to communicate with \fBnamed\fR on the local host with no further configuration\&.
Running \fBrndc\-confgen \-a\fR allows BIND 9 and \fBrndc\fR to be used as drop\-in replacements for BIND 8 and \fBndc\fR, with no changes to the existing BIND 8 \fInamed\&.conf\fR file\&.
If a more elaborate configuration than that generated by \fBrndc\-confgen \-a\fR is required, for example if rndc is to be used remotely, you should run \fBrndc\-confgen\fR without the \fB\-a\fR option and set up a \fIrndc\&.conf\fR and \fInamed\&.conf\fR as directed\&.
.TP
\fB-b \fIkeysize\fB\fR
Specifies the size of the authentication key in bits.
Must be between 1 and 512 bits; the default is 128.
\-b \fIkeysize\fR
Specifies the size of the authentication key in bits\&. Must be between 1 and 512 bits; the default is 128\&.
.TP
\fB-c \fIkeyfile\fB\fR
Used with the \fB-a\fR option to specify
an alternate location for \fIrndc.key\fR.
\-c \fIkeyfile\fR
Used with the \fB\-a\fR option to specify an alternate location for \fIrndc\&.key\fR\&.
.TP
\fB-h\fR
Prints a short summary of the options and arguments to
\fBrndc-confgen\fR.
\-h
Prints a short summary of the options and arguments to \fBrndc\-confgen\fR\&.
.TP
\fB-k \fIkeyname\fB\fR
Specifies the key name of the rndc authentication key.
This must be a valid domain name.
The default is rndc-key.
\-k \fIkeyname\fR
Specifies the key name of the rndc authentication key\&. This must be a valid domain name\&. The default is \fBrndc\-key\fR\&.
.TP
\fB-p \fIport\fB\fR
Specifies the command channel port where \fBnamed\fR
listens for connections from \fBrndc\fR.
The default is 953.
\-p \fIport\fR
Specifies the command channel port where \fBnamed\fR listens for connections from \fBrndc\fR\&. The default is 953\&.
.TP
\fB-r \fIrandomfile\fB\fR
Specifies a source of random data for generating the
authorization. If the operating
system does not provide a \fI/dev/random\fR
or equivalent device, the default source of randomness
is keyboard input. \fIrandomdev\fR specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
\fIkeyboard\fR indicates that keyboard
input should be used.
\-r \fIrandomfile\fR
Specifies a source of random data for generating the authorization\&. If the operating system does not provide a \fI/dev/random\fR or equivalent device, the default source of randomness is keyboard input\&. \fIrandomdev\fR specifies the name of a character device or file containing random data to be used instead of the default\&. The special value \fIkeyboard\fR indicates that keyboard input should be used\&.
.TP
\fB-s \fIaddress\fB\fR
Specifies the IP address where \fBnamed\fR
listens for command channel connections from
\fBrndc\fR. The default is the loopback
address 127.0.0.1.
\-s \fIaddress\fR
Specifies the IP address where \fBnamed\fR listens for command channel connections from \fBrndc\fR\&. The default is the loopback address 127\&.0\&.0\&.1\&.
.TP
\fB-t \fIchrootdir\fB\fR
Used with the \fB-a\fR option to specify
a directory where \fBnamed\fR will run
chrooted. An additional copy of the \fIrndc.key\fR
will be written relative to this directory so that
it will be found by the chrooted \fBnamed\fR.
\-t \fIchrootdir\fR
Used with the \fB\-a\fR option to specify a directory where \fBnamed\fR will run chrooted\&. An additional copy of the \fIrndc\&.key\fR will be written relative to this directory so that it will be found by the chrooted \fBnamed\fR\&.
.TP
\fB-u \fIuser\fB\fR
Used with the \fB-a\fR option to set the owner
of the \fIrndc.key\fR file generated. If
\fB-t\fR is also specified only the file in
the chroot area has its owner changed.
\-u \fIuser\fR
Used with the \fB\-a\fR option to set the owner of the \fIrndc\&.key\fR file generated\&. If \fB\-t\fR is also specified only the file in the chroot area has its owner changed\&.
.SH "EXAMPLES"
.PP
To allow \fBrndc\fR to be used with
no manual configuration, run
To allow \fBrndc\fR to be used with no manual configuration, run
.PP
\fBrndc-confgen -a\fR
\fBrndc\-confgen \-a\fR
.PP
To print a sample \fIrndc.conf\fR file and
corresponding \fBcontrols\fR and \fBkey\fR
statements to be manually inserted into \fInamed.conf\fR,
run
To print a sample \fIrndc\&.conf\fR file and corresponding \fBcontrols\fR and \fBkey\fR statements to be manually inserted into \fInamed\&.conf\fR, run
.PP
\fBrndc-confgen\fR
\fBrndc\-confgen\fR
.SH "SEE ALSO"
.PP
\fBrndc\fR(8),
\fBrndc.conf\fR(5),
\fBnamed\fR(8),
\fIBIND 9 Administrator Reference Manual\fR.
\fBrndc\fR(8), \fBrndc\&.conf\fR(5), \fBnamed\fR(8), BIND 9 Administrator Reference Manual\&.
.SH "AUTHOR"
.PP
Internet Systems Consortium
Internet Systems Consortium

735
bin/rndc/rndc-confgen.html
View file

@ -1,570 +1,187 @@
<!--
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2001, 2003 Internet Software Consortium.
-
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2001, 2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: rndc-confgen.html,v 1.14 2005/04/07 03:49:59 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>rndc-confgen</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
><SPAN
CLASS="APPLICATION"
>rndc-confgen</SPAN
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>rndc-confgen</SPAN
>&nbsp;--&nbsp;rndc key generation tool</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>rndc-confgen</B
> [<CODE
CLASS="OPTION"
>-a</CODE
>] [<CODE
CLASS="OPTION"
>-b <TT
CLASS="REPLACEABLE"
><I
>keysize</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>keyfile</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-h</CODE
>] [<CODE
CLASS="OPTION"
>-k <TT
CLASS="REPLACEABLE"
><I
>keyname</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-r <TT
CLASS="REPLACEABLE"
><I
>randomfile</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-s <TT
CLASS="REPLACEABLE"
><I
>address</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-t <TT
CLASS="REPLACEABLE"
><I
>chrootdir</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></CODE
>]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN44"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>rndc-confgen</B
> generates configuration files
for <B
CLASS="COMMAND"
>rndc</B
>. It can be used as a
convenient alternative to writing the
<TT
CLASS="FILENAME"
>rndc.conf</TT
> file
and the corresponding <B
CLASS="COMMAND"
>controls</B
>
and <B
CLASS="COMMAND"
>key</B
>
statements in <TT
CLASS="FILENAME"
>named.conf</TT
> by hand.
Alternatively, it can be run with the <B
CLASS="COMMAND"
>-a</B
>
option to set up a <TT
CLASS="FILENAME"
>rndc.key</TT
> file and
avoid the need for a <TT
CLASS="FILENAME"
>rndc.conf</TT
> file
and a <B
CLASS="COMMAND"
>controls</B
> statement altogether.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN57"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-a</DT
><DD
><P
> Do automatic <B
CLASS="COMMAND"
>rndc</B
> configuration.
This creates a file <TT
CLASS="FILENAME"
>rndc.key</TT
>
in <TT
CLASS="FILENAME"
>/etc</TT
> (or whatever
<CODE
CLASS="VARNAME"
>sysconfdir</CODE
>
was specified as when <ACRONYM
CLASS="ACRONYM"
>BIND</ACRONYM
> was built)
that is read by both <B
CLASS="COMMAND"
>rndc</B
>
and <B
CLASS="COMMAND"
>named</B
> on startup. The
<TT
CLASS="FILENAME"
>rndc.key</TT
> file defines a default
command channel and authentication key allowing
<B
CLASS="COMMAND"
>rndc</B
> to communicate with
<B
CLASS="COMMAND"
>named</B
> on the local host
with no further configuration.
</P
><P
> Running <B
CLASS="COMMAND"
>rndc-confgen -a</B
> allows
BIND 9 and <B
CLASS="COMMAND"
>rndc</B
> to be used as drop-in
replacements for BIND 8 and <B
CLASS="COMMAND"
>ndc</B
>,
with no changes to the existing BIND 8
<TT
CLASS="FILENAME"
>named.conf</TT
> file.
</P
><P
> If a more elaborate configuration than that
generated by <B
CLASS="COMMAND"
>rndc-confgen -a</B
>
is required, for example if rndc is to be used remotely,
you should run <B
CLASS="COMMAND"
>rndc-confgen</B
> without the
<B
CLASS="COMMAND"
>-a</B
> option and set up a
<TT
CLASS="FILENAME"
>rndc.conf</TT
> and
<TT
CLASS="FILENAME"
>named.conf</TT
>
as directed.
</P
></DD
><DT
>-b <TT
CLASS="REPLACEABLE"
><I
>keysize</I
></TT
></DT
><DD
><P
> Specifies the size of the authentication key in bits.
Must be between 1 and 512 bits; the default is 128.
</P
></DD
><DT
>-c <TT
CLASS="REPLACEABLE"
><I
>keyfile</I
></TT
></DT
><DD
><P
> Used with the <B
CLASS="COMMAND"
>-a</B
> option to specify
an alternate location for <TT
CLASS="FILENAME"
>rndc.key</TT
>.
</P
></DD
><DT
>-h</DT
><DD
><P
> Prints a short summary of the options and arguments to
<B
CLASS="COMMAND"
>rndc-confgen</B
>.
</P
></DD
><DT
>-k <TT
CLASS="REPLACEABLE"
><I
>keyname</I
></TT
></DT
><DD
><P
> Specifies the key name of the rndc authentication key.
This must be a valid domain name.
The default is <CODE
CLASS="CONSTANT"
>rndc-key</CODE
>.
</P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
> Specifies the command channel port where <B
CLASS="COMMAND"
>named</B
>
listens for connections from <B
CLASS="COMMAND"
>rndc</B
>.
The default is 953.
</P
></DD
><DT
>-r <TT
CLASS="REPLACEABLE"
><I
>randomfile</I
></TT
></DT
><DD
><P
> Specifies a source of random data for generating the
authorization. If the operating
system does not provide a <TT
CLASS="FILENAME"
>/dev/random</TT
>
or equivalent device, the default source of randomness
is keyboard input. <TT
CLASS="FILENAME"
>randomdev</TT
> specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<TT
CLASS="FILENAME"
>keyboard</TT
> indicates that keyboard
input should be used.
</P
></DD
><DT
>-s <TT
CLASS="REPLACEABLE"
><I
>address</I
></TT
></DT
><DD
><P
> Specifies the IP address where <B
CLASS="COMMAND"
>named</B
>
listens for command channel connections from
<B
CLASS="COMMAND"
>rndc</B
>. The default is the loopback
address 127.0.0.1.
</P
></DD
><DT
>-t <TT
CLASS="REPLACEABLE"
><I
>chrootdir</I
></TT
></DT
><DD
><P
> Used with the <B
CLASS="COMMAND"
>-a</B
> option to specify
a directory where <B
CLASS="COMMAND"
>named</B
> will run
chrooted. An additional copy of the <TT
CLASS="FILENAME"
>rndc.key</TT
>
will be written relative to this directory so that
it will be found by the chrooted <B
CLASS="COMMAND"
>named</B
>.
</P
></DD
><DT
>-u <TT
CLASS="REPLACEABLE"
><I
>user</I
></TT
></DT
><DD
><P
> Used with the <B
CLASS="COMMAND"
>-a</B
> option to set the owner
of the <TT
CLASS="FILENAME"
>rndc.key</TT
> file generated. If
<B
CLASS="COMMAND"
>-t</B
> is also specified only the file in
the chroot area has its owner changed.
</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN147"
></A
><H2
>EXAMPLES</H2
><P
> To allow <B
CLASS="COMMAND"
>rndc</B
> to be used with
no manual configuration, run
</P
><P
> <KBD
CLASS="USERINPUT"
>rndc-confgen -a</KBD
>
</P
><P
> To print a sample <TT
CLASS="FILENAME"
>rndc.conf</TT
> file and
corresponding <B
CLASS="COMMAND"
>controls</B
> and <B
CLASS="COMMAND"
>key</B
>
statements to be manually inserted into <TT
CLASS="FILENAME"
>named.conf</TT
>,
run
</P
><P
> <KBD
CLASS="USERINPUT"
>rndc-confgen</KBD
>
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN160"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc</SPAN
>(8)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc.conf</SPAN
>(5)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN173"
></A
><H2
>AUTHOR</H2
><P
> Internet Systems Consortium
</P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>rndc-confgen</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">rndc-confgen</span> &#8212; rndc key generation tool</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">rndc-confgen</code> [<code class="option">-a</code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s <em class="replaceable"><code>address</code></em></code>] [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514038"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">rndc-confgen</strong></span>
generates configuration files
for <span><strong class="command">rndc</strong></span>. It can be used as a
convenient alternative to writing the
<code class="filename">rndc.conf</code> file
and the corresponding <span><strong class="command">controls</strong></span>
and <span><strong class="command">key</strong></span>
statements in <code class="filename">named.conf</code> by hand.
Alternatively, it can be run with the <span><strong class="command">-a</strong></span>
option to set up a <code class="filename">rndc.key</code> file and
avoid the need for a <code class="filename">rndc.conf</code> file
and a <span><strong class="command">controls</strong></span> statement altogether.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514083"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a</span></dt>
<dd>
<p>
Do automatic <span><strong class="command">rndc</strong></span> configuration.
This creates a file <code class="filename">rndc.key</code>
in <code class="filename">/etc</code> (or whatever
<code class="varname">sysconfdir</code>
was specified as when <span class="acronym">BIND</span> was
built)
that is read by both <span><strong class="command">rndc</strong></span>
and <span><strong class="command">named</strong></span> on startup. The
<code class="filename">rndc.key</code> file defines a default
command channel and authentication key allowing
<span><strong class="command">rndc</strong></span> to communicate with
<span><strong class="command">named</strong></span> on the local host
with no further configuration.
</p>
<p>
Running <span><strong class="command">rndc-confgen -a</strong></span> allows
BIND 9 and <span><strong class="command">rndc</strong></span> to be used as
drop-in
replacements for BIND 8 and <span><strong class="command">ndc</strong></span>,
with no changes to the existing BIND 8
<code class="filename">named.conf</code> file.
</p>
<p>
If a more elaborate configuration than that
generated by <span><strong class="command">rndc-confgen -a</strong></span>
is required, for example if rndc is to be used remotely,
you should run <span><strong class="command">rndc-confgen</strong></span> without
the
<span><strong class="command">-a</strong></span> option and set up a
<code class="filename">rndc.conf</code> and
<code class="filename">named.conf</code>
as directed.
</p>
</dd>
<dt><span class="term">-b <em class="replaceable"><code>keysize</code></em></span></dt>
<dd><p>
Specifies the size of the authentication key in bits.
Must be between 1 and 512 bits; the default is 128.
</p></dd>
<dt><span class="term">-c <em class="replaceable"><code>keyfile</code></em></span></dt>
<dd><p>
Used with the <span><strong class="command">-a</strong></span> option to specify
an alternate location for <code class="filename">rndc.key</code>.
</p></dd>
<dt><span class="term">-h</span></dt>
<dd><p>
Prints a short summary of the options and arguments to
<span><strong class="command">rndc-confgen</strong></span>.
</p></dd>
<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
<dd><p>
Specifies the key name of the rndc authentication key.
This must be a valid domain name.
The default is <code class="constant">rndc-key</code>.
</p></dd>
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
<dd><p>
Specifies the command channel port where <span><strong class="command">named</strong></span>
listens for connections from <span><strong class="command">rndc</strong></span>.
The default is 953.
</p></dd>
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
<dd><p>
Specifies a source of random data for generating the
authorization. If the operating
system does not provide a <code class="filename">/dev/random</code>
or equivalent device, the default source of randomness
is keyboard input. <code class="filename">randomdev</code>
specifies
the name of a character device or file containing random
data to be used instead of the default. The special value
<code class="filename">keyboard</code> indicates that keyboard
input should be used.
</p></dd>
<dt><span class="term">-s <em class="replaceable"><code>address</code></em></span></dt>
<dd><p>
Specifies the IP address where <span><strong class="command">named</strong></span>
listens for command channel connections from
<span><strong class="command">rndc</strong></span>. The default is the loopback
address 127.0.0.1.
</p></dd>
<dt><span class="term">-t <em class="replaceable"><code>chrootdir</code></em></span></dt>
<dd><p>
Used with the <span><strong class="command">-a</strong></span> option to specify
a directory where <span><strong class="command">named</strong></span> will run
chrooted. An additional copy of the <code class="filename">rndc.key</code>
will be written relative to this directory so that
it will be found by the chrooted <span><strong class="command">named</strong></span>.
</p></dd>
<dt><span class="term">-u <em class="replaceable"><code>user</code></em></span></dt>
<dd><p>
Used with the <span><strong class="command">-a</strong></span> option to set the
owner
of the <code class="filename">rndc.key</code> file generated.
If
<span><strong class="command">-t</strong></span> is also specified only the file
in
the chroot area has its owner changed.
</p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514533"></a><h2>EXAMPLES</h2>
<p>
To allow <span><strong class="command">rndc</strong></span> to be used with
no manual configuration, run
</p>
<p><strong class="userinput"><code>rndc-confgen -a</code></strong>
</p>
<p>
To print a sample <code class="filename">rndc.conf</code> file and
corresponding <span><strong class="command">controls</strong></span> and <span><strong class="command">key</strong></span>
statements to be manually inserted into <code class="filename">named.conf</code>,
run
</p>
<p><strong class="userinput"><code>rndc-confgen</code></strong>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514574"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514613"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
</div></body>
</html>

146
bin/rndc/rndc.8
View file

@ -1,124 +1,86 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: rndc.8,v 1.31 2005/04/07 03:49:59 marka Exp $
.\"
.TH "RNDC" "8" "June 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "RNDC" 8 "June 30, 2000" "" ""
.SH NAME
rndc \- name server control utility
.SH SYNOPSIS
.sp
\fBrndc\fR [ \fB-b \fIsource-address\fB\fR ] [ \fB-c \fIconfig-file\fB\fR ] [ \fB-k \fIkey-file\fB\fR ] [ \fB-s \fIserver\fB\fR ] [ \fB-p \fIport\fB\fR ] [ \fB-V\fR ] [ \fB-y \fIkey_id\fB\fR ] \fBcommand\fR
.SH "SYNOPSIS"
.HP 5
\fBrndc\fR [\fB\-b\ \fIsource\-address\fR\fR] [\fB\-c\ \fIconfig\-file\fR\fR] [\fB\-k\ \fIkey\-file\fR\fR] [\fB\-s\ \fIserver\fR\fR] [\fB\-p\ \fIport\fR\fR] [\fB\-V\fR] [\fB\-y\ \fIkey_id\fR\fR] {command}
.SH "DESCRIPTION"
.PP
\fBrndc\fR controls the operation of a name
server. It supersedes the \fBndc\fR utility
that was provided in old BIND releases. If
\fBrndc\fR is invoked with no command line
options or arguments, it prints a short summary of the
supported commands and the available options and their
arguments.
\fBrndc\fR controls the operation of a name server\&. It supersedes the \fBndc\fR utility that was provided in old BIND releases\&. If \fBrndc\fR is invoked with no command line options or arguments, it prints a short summary of the supported commands and the available options and their arguments\&.
.PP
\fBrndc\fR communicates with the name server
over a TCP connection, sending commands authenticated with
digital signatures. In the current versions of
\fBrndc\fR and \fBnamed\fR named
the only supported authentication algorithm is HMAC-MD5,
which uses a shared secret on each end of the connection.
This provides TSIG-style authentication for the command
request and the name server's response. All commands sent
over the channel must be signed by a key_id known to the
server.
\fBrndc\fR communicates with the name server over a TCP connection, sending commands authenticated with digital signatures\&. In the current versions of \fBrndc\fR and \fBnamed\fR named the only supported authentication algorithm is HMAC\-MD5, which uses a shared secret on each end of the connection\&. This provides TSIG\-style authentication for the command request and the name server's response\&. All commands sent over the channel must be signed by a key_id known to the server\&.
.PP
\fBrndc\fR reads a configuration file to
determine how to contact the name server and decide what
algorithm and key it should use.
\fBrndc\fR reads a configuration file to determine how to contact the name server and decide what algorithm and key it should use\&.
.SH "OPTIONS"
.TP
\fB-b \fIsource-address\fB\fR
Use \fIsource-address\fR
as the source address for the connection to the server.
Multiple instances are permitted to allow setting of both
the IPv4 and IPv6 source addresses.
\-b \fIsource\-address\fR
Use \fIsource\-address\fR as the source address for the connection to the server\&. Multiple instances are permitted to allow setting of both the IPv4 and IPv6 source addresses\&.
.TP
\fB-c \fIconfig-file\fB\fR
Use \fIconfig-file\fR
as the configuration file instead of the default,
\fI/etc/rndc.conf\fR.
\-c \fIconfig\-file\fR
Use \fIconfig\-file\fR as the configuration file instead of the default, \fI/etc/rndc\&.conf\fR\&.
.TP
\fB-k \fIkey-file\fB\fR
Use \fIkey-file\fR
as the key file instead of the default,
\fI/etc/rndc.key\fR. The key in
\fI/etc/rndc.key\fR will be used to authenticate
commands sent to the server if the \fIconfig-file\fR
does not exist.
\-k \fIkey\-file\fR
Use \fIkey\-file\fR as the key file instead of the default, \fI/etc/rndc\&.key\fR\&. The key in \fI/etc/rndc\&.key\fR will be used to authenticate commands sent to the server if the \fIconfig\-file\fR does not exist\&.
.TP
\fB-s \fIserver\fB\fR
\fIserver\fR is
the name or address of the server which matches a
server statement in the configuration file for
\fBrndc\fR. If no server is supplied on the
command line, the host named by the default-server clause
in the option statement of the configuration file will be
used.
\-s \fIserver\fR
\fIserver\fR is the name or address of the server which matches a server statement in the configuration file for \fBrndc\fR\&. If no server is supplied on the command line, the host named by the default\-server clause in the option statement of the configuration file will be used\&.
.TP
\fB-p \fIport\fB\fR
Send commands to TCP port
\fIport\fR instead
of BIND 9's default control channel port, 953.
\-p \fIport\fR
Send commands to TCP port \fIport\fR instead of BIND 9's default control channel port, 953\&.
.TP
\fB-V\fR
Enable verbose logging.
\-V
Enable verbose logging\&.
.TP
\fB-y \fIkeyid\fB\fR
Use the key \fIkeyid\fR
from the configuration file.
\fIkeyid\fR must be
known by named with the same algorithm and secret string
in order for control message validation to succeed.
If no \fIkeyid\fR
is specified, \fBrndc\fR will first look
for a key clause in the server statement of the server
being used, or if no server statement is present for that
host, then the default-key clause of the options statement.
Note that the configuration file contains shared secrets
which are used to send authenticated control commands
to name servers. It should therefore not have general read
or write access.
.PP
For the complete set of commands supported by \fBrndc\fR,
see the BIND 9 Administrator Reference Manual or run
\fBrndc\fR without arguments to see its help message.
\-y \fIkeyid\fR
Use the key \fIkeyid\fR from the configuration file\&. \fIkeyid\fR must be known by named with the same algorithm and secret string in order for control message validation to succeed\&. If no \fIkeyid\fR is specified, \fBrndc\fR will first look for a key clause in the server statement of the server being used, or if no server statement is present for that host, then the default\-key clause of the options statement\&. Note that the configuration file contains shared secrets which are used to send authenticated control commands to name servers\&. It should therefore not have general read or write access\&.
.PP
For the complete set of commands supported by \fBrndc\fR, see the BIND 9 Administrator Reference Manual or run \fBrndc\fR without arguments to see its help message\&.
.SH "LIMITATIONS"
.PP
\fBrndc\fR does not yet support all the commands of
the BIND 8 \fBndc\fR utility.
\fBrndc\fR does not yet support all the commands of the BIND 8 \fBndc\fR utility\&.
.PP
There is currently no way to provide the shared secret for a
\fBkey_id\fR without using the configuration file.
There is currently no way to provide the shared secret for a \fBkey_id\fR without using the configuration file\&.
.PP
Several error messages could be clearer.
Several error messages could be clearer\&.
.SH "SEE ALSO"
.PP
\fBrndc.conf\fR(5),
\fBnamed\fR(8),
\fBnamed.conf\fR(5)
\fBndc\fR(8),
\fIBIND 9 Administrator Reference Manual\fR.
\fBrndc\&.conf\fR(5), \fBnamed\fR(8), \fBnamed\&.conf\fR(5) \fBndc\fR(8), BIND 9 Administrator Reference Manual\&.
.SH "AUTHOR"
.PP
Internet Systems Consortium
Internet Systems Consortium

186
bin/rndc/rndc.conf.5
View file

@ -1,35 +1,48 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: rndc.conf.5,v 1.29 2005/04/07 03:49:59 marka Exp $
.\"
.TH "RNDC.CONF" "5" "June 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "RNDC.CONF" 5 "June 30, 2000" "" ""
.SH NAME
rndc.conf \- rndc configuration file
.SH SYNOPSIS
.sp
\fBrndc.conf\fR
.SH "SYNOPSIS"
.HP 10
\fBrndc\&.conf\fR
.SH "DESCRIPTION"
.PP
\fIrndc.conf\fR is the configuration file
for \fBrndc\fR, the BIND 9 name server control
utility. This file has a similar structure and syntax to
\fInamed.conf\fR. Statements are enclosed
in braces and terminated with a semi-colon. Clauses in
the statements are also semi-colon terminated. The usual
comment styles are supported:
\fIrndc\&.conf\fR is the configuration file for \fBrndc\fR, the BIND 9 name server control utility\&. This file has a similar structure and syntax to \fInamed\&.conf\fR\&. Statements are enclosed in braces and terminated with a semi\-colon\&. Clauses in the statements are also semi\-colon terminated\&. The usual comment styles are supported:
.PP
C style: /* */
.PP
@ -37,129 +50,70 @@ C++ style: // to end of line
.PP
Unix style: # to end of line
.PP
\fIrndc.conf\fR is much simpler than
\fInamed.conf\fR. The file uses three
statements: an options statement, a server statement
and a key statement.
\fIrndc\&.conf\fR is much simpler than \fInamed\&.conf\fR\&. The file uses three statements: an options statement, a server statement and a key statement\&.
.PP
The \fBoptions\fR statement contains five clauses.
The \fBdefault-server\fR clause is followed by the
name or address of a name server. This host will be used when
no name server is given as an argument to
\fBrndc\fR. The \fBdefault-key\fR
clause is followed by the name of a key which is identified by
a \fBkey\fR statement. If no
\fBkeyid\fR is provided on the rndc command line,
and no \fBkey\fR clause is found in a matching
\fBserver\fR statement, this default key will be
used to authenticate the server's commands and responses. The
\fBdefault-port\fR clause is followed by the port
to connect to on the remote name server. If no
\fBport\fR option is provided on the rndc command
line, and no \fBport\fR clause is found in a
matching \fBserver\fR statement, this default port
will be used to connect.
The \fBdefault-source-address\fR and
\fBdefault-source-address-v6\fR clauses which
can be used to set the IPv4 and IPv6 source addresses
respectively.
The \fBoptions\fR statement contains five clauses\&. The \fBdefault\-server\fR clause is followed by the name or address of a name server\&. This host will be used when no name server is given as an argument to \fBrndc\fR\&. The \fBdefault\-key\fR clause is followed by the name of a key which is identified by a \fBkey\fR statement\&. If no \fBkeyid\fR is provided on the rndc command line, and no \fBkey\fR clause is found in a matching \fBserver\fR statement, this default key will be used to authenticate the server's commands and responses\&. The \fBdefault\-port\fR clause is followed by the port to connect to on the remote name server\&. If no \fBport\fR option is provided on the rndc command line, and no \fBport\fR clause is found in a matching \fBserver\fR statement, this default port will be used to connect\&. The \fBdefault\-source\-address\fR and \fBdefault\-source\-address\-v6\fR clauses which can be used to set the IPv4 and IPv6 source addresses respectively\&.
.PP
After the \fBserver\fR keyword, the server
statement includes a string which is the hostname or address
for a name server. The statement has three possible clauses:
\fBkey\fR, \fBport\fR and
\fBaddresses\fR. The key name must match the
name of a key statement in the file. The port number
specifies the port to connect to. If an \fBaddresses\fR
clause is supplied these addresses will be used instead of
the server name. Each address can take a optional port.
If an \fBsource-address\fR or \fBsource-address-v6\fR
of supplied then these will be used to specify the IPv4 and IPv6
source addresses respectively.
After the \fBserver\fR keyword, the server statement includes a string which is the hostname or address for a name server\&. The statement has three possible clauses: \fBkey\fR, \fBport\fR and \fBaddresses\fR\&. The key name must match the name of a key statement in the file\&. The port number specifies the port to connect to\&. If an \fBaddresses\fR clause is supplied these addresses will be used instead of the server name\&. Each address can take a optional port\&. If an \fBsource\-address\fR or \fBsource\-address\-v6\fR of supplied then these will be used to specify the IPv4 and IPv6 source addresses respectively\&.
.PP
The \fBkey\fR statement begins with an identifying
string, the name of the key. The statement has two clauses.
\fBalgorithm\fR identifies the encryption algorithm
for \fBrndc\fR to use; currently only HMAC-MD5 is
supported. This is followed by a secret clause which contains
the base-64 encoding of the algorithm's encryption key. The
base-64 string is enclosed in double quotes.
The \fBkey\fR statement begins with an identifying string, the name of the key\&. The statement has two clauses\&. \fBalgorithm\fR identifies the encryption algorithm for \fBrndc\fR to use; currently only HMAC\-MD5 is supported\&. This is followed by a secret clause which contains the base\-64 encoding of the algorithm's encryption key\&. The base\-64 string is enclosed in double quotes\&.
.PP
There are two common ways to generate the base-64 string for the
secret. The BIND 9 program \fBrndc-confgen\fR can
be used to generate a random key, or the
\fBmmencode\fR program, also known as
\fBmimencode\fR, can be used to generate a base-64
string from known input. \fBmmencode\fR does not
ship with BIND 9 but is available on many systems. See the
EXAMPLE section for sample command lines for each.
There are two common ways to generate the base\-64 string for the secret\&. The BIND 9 program \fBrndc\-confgen\fR can be used to generate a random key, or the \fBmmencode\fR program, also known as \fBmimencode\fR, can be used to generate a base\-64 string from known input\&. \fBmmencode\fR does not ship with BIND 9 but is available on many systems\&. See the EXAMPLE section for sample command lines for each\&.
.SH "EXAMPLE"
.sp
.PP
.nf
options {
default-server localhost;
default-key samplekey;
default\-server localhost;
default\-key samplekey;
};
.fi
.PP
.nf
server localhost {
key samplekey;
};
.fi
.PP
.nf
server testserver {
key testkey;
addresses { localhost port 5353; };
};
key samplekey {
algorithm hmac-md5;
secret "6FMfj43Osz4lyb24OIe2iGEz9lf1llJO+lz";
};
key testkey {
algorithm hmac-md5;
secret "R3HI8P6BKw9ZwXwN3VZKuQ==";
}
.sp
.fi
.PP
In the above example, \fBrndc\fR will by default use
the server at localhost (127.0.0.1) and the key called samplekey.
Commands to the localhost server will use the samplekey key, which
must also be defined in the server's configuration file with the
same name and secret. The key statement indicates that samplekey
uses the HMAC-MD5 algorithm and its secret clause contains the
base-64 encoding of the HMAC-MD5 secret enclosed in double quotes.
.nf
key samplekey {
algorithm hmac\-md5;
secret "6FMfj43Osz4lyb24OIe2iGEz9lf1llJO+lz";
};
.fi
.PP
If \fBrndc -s testserver\fR is used then \fBrndc\fR will
connect to server on localhost port 5353 using the key testkey.
.nf
key testkey {
algorithm hmac\-md5;
secret "R3HI8P6BKw9ZwXwN3VZKuQ==";
}
.fi
.PP
To generate a random secret with \fBrndc-confgen\fR:
In the above example, \fBrndc\fR will by default use the server at localhost (127\&.0\&.0\&.1) and the key called samplekey\&. Commands to the localhost server will use the samplekey key, which must also be defined in the server's configuration file with the same name and secret\&. The key statement indicates that samplekey uses the HMAC\-MD5 algorithm and its secret clause contains the base\-64 encoding of the HMAC\-MD5 secret enclosed in double quotes\&.
.PP
\fBrndc-confgen\fR
If \fBrndc \-s testserver\fR is used then \fBrndc\fR will connect to server on localhost port 5353 using the key testkey\&.
.PP
A complete \fIrndc.conf\fR file, including the
randomly generated key, will be written to the standard
output. Commented out \fBkey\fR and
\fBcontrols\fR statements for
\fInamed.conf\fR are also printed.
To generate a random secret with \fBrndc\-confgen\fR:
.PP
To generate a base-64 secret with \fBmmencode\fR:
\fBrndc\-confgen\fR
.PP
\fBecho "known plaintext for a secret" | mmencode\fR
A complete \fIrndc\&.conf\fR file, including the randomly generated key, will be written to the standard output\&. Commented out \fBkey\fR and \fBcontrols\fR statements for \fInamed\&.conf\fR are also printed\&.
.PP
To generate a base\-64 secret with \fBmmencode\fR:
.PP
\fBecho "known plaintext for a secret" | mmencode\fR
.SH "NAME SERVER CONFIGURATION"
.PP
The name server must be configured to accept rndc connections and
to recognize the key specified in the \fIrndc.conf\fR
file, using the controls statement in \fInamed.conf\fR.
See the sections on the \fBcontrols\fR statement in the
BIND 9 Administrator Reference Manual for details.
The name server must be configured to accept rndc connections and to recognize the key specified in the \fIrndc\&.conf\fR file, using the controls statement in \fInamed\&.conf\fR\&. See the sections on the \fBcontrols\fR statement in the BIND 9 Administrator Reference Manual for details\&.
.SH "SEE ALSO"
.PP
\fBrndc\fR(8),
\fBrndc-confgen\fR(8),
\fBmmencode\fR(1),
\fIBIND 9 Administrator Reference Manual\fR.
\fBrndc\fR(8), \fBrndc\-confgen\fR(8), \fBmmencode\fR(1), BIND 9 Administrator Reference Manual\&.
.SH "AUTHOR"
.PP
Internet Systems Consortium
Internet Systems Consortium

583
bin/rndc/rndc.conf.html
View file

@ -1,425 +1,216 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: rndc.conf.html,v 1.14 2005/04/07 03:50:00 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>rndc.conf</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
><TT
CLASS="FILENAME"
>rndc.conf</TT
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><TT
CLASS="FILENAME"
>rndc.conf</TT
>&nbsp;--&nbsp;rndc configuration file</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>rndc.conf</B
> </P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN16"
></A
><H2
>DESCRIPTION</H2
><P
> <TT
CLASS="FILENAME"
>rndc.conf</TT
> is the configuration file
for <B
CLASS="COMMAND"
>rndc</B
>, the BIND 9 name server control
utility. This file has a similar structure and syntax to
<TT
CLASS="FILENAME"
>named.conf</TT
>. Statements are enclosed
in braces and terminated with a semi-colon. Clauses in
the statements are also semi-colon terminated. The usual
comment styles are supported:
</P
><P
> C style: /* */
</P
><P
> C++ style: // to end of line
</P
><P
> Unix style: # to end of line
</P
><P
> <TT
CLASS="FILENAME"
>rndc.conf</TT
> is much simpler than
<TT
CLASS="FILENAME"
>named.conf</TT
>. The file uses three
statements: an options statement, a server statement
and a key statement.
</P
><P
> The <CODE
CLASS="OPTION"
>options</CODE
> statement contains five clauses.
The <CODE
CLASS="OPTION"
>default-server</CODE
> clause is followed by the
name or address of a name server. This host will be used when
no name server is given as an argument to
<B
CLASS="COMMAND"
>rndc</B
>. The <CODE
CLASS="OPTION"
>default-key</CODE
>
clause is followed by the name of a key which is identified by
a <CODE
CLASS="OPTION"
>key</CODE
> statement. If no
<CODE
CLASS="OPTION"
>keyid</CODE
> is provided on the rndc command line,
and no <CODE
CLASS="OPTION"
>key</CODE
> clause is found in a matching
<CODE
CLASS="OPTION"
>server</CODE
> statement, this default key will be
used to authenticate the server's commands and responses. The
<CODE
CLASS="OPTION"
>default-port</CODE
> clause is followed by the port
to connect to on the remote name server. If no
<CODE
CLASS="OPTION"
>port</CODE
> option is provided on the rndc command
line, and no <CODE
CLASS="OPTION"
>port</CODE
> clause is found in a
matching <CODE
CLASS="OPTION"
>server</CODE
> statement, this default port
will be used to connect.
The <CODE
CLASS="OPTION"
>default-source-address</CODE
> and
<CODE
CLASS="OPTION"
>default-source-address-v6</CODE
> clauses which
can be used to set the IPv4 and IPv6 source addresses
respectively.
</P
><P
> After the <CODE
CLASS="OPTION"
>server</CODE
> keyword, the server
statement includes a string which is the hostname or address
for a name server. The statement has three possible clauses:
<CODE
CLASS="OPTION"
>key</CODE
>, <CODE
CLASS="OPTION"
>port</CODE
> and
<CODE
CLASS="OPTION"
>addresses</CODE
>. The key name must match the
name of a key statement in the file. The port number
specifies the port to connect to. If an <CODE
CLASS="OPTION"
>addresses</CODE
>
clause is supplied these addresses will be used instead of
the server name. Each address can take a optional port.
If an <CODE
CLASS="OPTION"
>source-address</CODE
> or <CODE
CLASS="OPTION"
>source-address-v6</CODE
>
of supplied then these will be used to specify the IPv4 and IPv6
source addresses respectively.
</P
><P
> The <CODE
CLASS="OPTION"
>key</CODE
> statement begins with an identifying
string, the name of the key. The statement has two clauses.
<CODE
CLASS="OPTION"
>algorithm</CODE
> identifies the encryption algorithm
for <B
CLASS="COMMAND"
>rndc</B
> to use; currently only HMAC-MD5 is
supported. This is followed by a secret clause which contains
the base-64 encoding of the algorithm's encryption key. The
base-64 string is enclosed in double quotes.
</P
><P
> There are two common ways to generate the base-64 string for the
secret. The BIND 9 program <B
CLASS="COMMAND"
>rndc-confgen</B
> can
be used to generate a random key, or the
<B
CLASS="COMMAND"
>mmencode</B
> program, also known as
<B
CLASS="COMMAND"
>mimencode</B
>, can be used to generate a base-64
string from known input. <B
CLASS="COMMAND"
>mmencode</B
> does not
ship with BIND 9 but is available on many systems. See the
EXAMPLE section for sample command lines for each.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN60"
></A
><H2
>EXAMPLE</H2
><PRE
CLASS="PROGRAMLISTING"
> options {
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>rndc.conf</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><code class="filename">rndc.conf</code> &#8212; rndc configuration file</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">rndc.conf</code> </p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2512598"></a><h2>DESCRIPTION</h2>
<p><code class="filename">rndc.conf</code> is the configuration file
for <span><strong class="command">rndc</strong></span>, the BIND 9 name server control
utility. This file has a similar structure and syntax to
<code class="filename">named.conf</code>. Statements are enclosed
in braces and terminated with a semi-colon. Clauses in
the statements are also semi-colon terminated. The usual
comment styles are supported:
</p>
<p>
C style: /* */
</p>
<p>
C++ style: // to end of line
</p>
<p>
Unix style: # to end of line
</p>
<p><code class="filename">rndc.conf</code> is much simpler than
<code class="filename">named.conf</code>. The file uses three
statements: an options statement, a server statement
and a key statement.
</p>
<p>
The <code class="option">options</code> statement contains five clauses.
The <code class="option">default-server</code> clause is followed by the
name or address of a name server. This host will be used when
no name server is given as an argument to
<span><strong class="command">rndc</strong></span>. The <code class="option">default-key</code>
clause is followed by the name of a key which is identified by
a <code class="option">key</code> statement. If no
<code class="option">keyid</code> is provided on the rndc command line,
and no <code class="option">key</code> clause is found in a matching
<code class="option">server</code> statement, this default key will be
used to authenticate the server's commands and responses. The
<code class="option">default-port</code> clause is followed by the port
to connect to on the remote name server. If no
<code class="option">port</code> option is provided on the rndc command
line, and no <code class="option">port</code> clause is found in a
matching <code class="option">server</code> statement, this default port
will be used to connect.
The <code class="option">default-source-address</code> and
<code class="option">default-source-address-v6</code> clauses which
can be used to set the IPv4 and IPv6 source addresses
respectively.
</p>
<p>
After the <code class="option">server</code> keyword, the server
statement includes a string which is the hostname or address
for a name server. The statement has three possible clauses:
<code class="option">key</code>, <code class="option">port</code> and
<code class="option">addresses</code>. The key name must match the
name of a key statement in the file. The port number
specifies the port to connect to. If an <code class="option">addresses</code>
clause is supplied these addresses will be used instead of
the server name. Each address can take a optional port.
If an <code class="option">source-address</code> or <code class="option">source-address-v6</code>
of supplied then these will be used to specify the IPv4 and IPv6
source addresses respectively.
</p>
<p>
The <code class="option">key</code> statement begins with an identifying
string, the name of the key. The statement has two clauses.
<code class="option">algorithm</code> identifies the encryption algorithm
for <span><strong class="command">rndc</strong></span> to use; currently only HMAC-MD5
is
supported. This is followed by a secret clause which contains
the base-64 encoding of the algorithm's encryption key. The
base-64 string is enclosed in double quotes.
</p>
<p>
There are two common ways to generate the base-64 string for the
secret. The BIND 9 program <span><strong class="command">rndc-confgen</strong></span>
can
be used to generate a random key, or the
<span><strong class="command">mmencode</strong></span> program, also known as
<span><strong class="command">mimencode</strong></span>, can be used to generate a
base-64
string from known input. <span><strong class="command">mmencode</strong></span> does
not
ship with BIND 9 but is available on many systems. See the
EXAMPLE section for sample command lines for each.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514248"></a><h2>EXAMPLE</h2>
<pre class="programlisting">
options {
default-server localhost;
default-key samplekey;
};
</pre>
<p>
</p>
<pre class="programlisting">
server localhost {
key samplekey;
};
</pre>
<p>
</p>
<pre class="programlisting">
server testserver {
key testkey;
addresses { localhost port 5353; };
};
</pre>
<p>
</p>
<pre class="programlisting">
key samplekey {
algorithm hmac-md5;
secret "6FMfj43Osz4lyb24OIe2iGEz9lf1llJO+lz";
};
</pre>
<p>
</p>
<pre class="programlisting">
key testkey {
algorithm hmac-md5;
secret "R3HI8P6BKw9ZwXwN3VZKuQ==";
}
</PRE
><P
> In the above example, <B
CLASS="COMMAND"
>rndc</B
> will by default use
the server at localhost (127.0.0.1) and the key called samplekey.
Commands to the localhost server will use the samplekey key, which
must also be defined in the server's configuration file with the
same name and secret. The key statement indicates that samplekey
uses the HMAC-MD5 algorithm and its secret clause contains the
base-64 encoding of the HMAC-MD5 secret enclosed in double quotes.
</P
><P
> If <B
CLASS="COMMAND"
>rndc -s testserver</B
> is used then <B
CLASS="COMMAND"
>rndc</B
> will
connect to server on localhost port 5353 using the key testkey.
</P
><P
> To generate a random secret with <B
CLASS="COMMAND"
>rndc-confgen</B
>:
</P
><P
> <KBD
CLASS="USERINPUT"
>rndc-confgen</KBD
>
</P
><P
> A complete <TT
CLASS="FILENAME"
>rndc.conf</TT
> file, including the
randomly generated key, will be written to the standard
output. Commented out <CODE
CLASS="OPTION"
>key</CODE
> and
<CODE
CLASS="OPTION"
>controls</CODE
> statements for
<TT
CLASS="FILENAME"
>named.conf</TT
> are also printed.
</P
><P
> To generate a base-64 secret with <B
CLASS="COMMAND"
>mmencode</B
>:
</P
><P
> <KBD
CLASS="USERINPUT"
>echo "known plaintext for a secret" | mmencode</KBD
>
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN81"
></A
><H2
>NAME SERVER CONFIGURATION</H2
><P
> The name server must be configured to accept rndc connections and
to recognize the key specified in the <TT
CLASS="FILENAME"
>rndc.conf</TT
>
file, using the controls statement in <TT
CLASS="FILENAME"
>named.conf</TT
>.
See the sections on the <CODE
CLASS="OPTION"
>controls</CODE
> statement in the
BIND 9 Administrator Reference Manual for details.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN87"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc</SPAN
>(8)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc-confgen</SPAN
>(8)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>mmencode</SPAN
>(1)</SPAN
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN100"
></A
><H2
>AUTHOR</H2
><P
> Internet Systems Consortium
</P
></DIV
></BODY
></HTML
>
</pre>
<p>
</p>
<p>
In the above example, <span><strong class="command">rndc</strong></span> will by
default use
the server at localhost (127.0.0.1) and the key called samplekey.
Commands to the localhost server will use the samplekey key, which
must also be defined in the server's configuration file with the
same name and secret. The key statement indicates that samplekey
uses the HMAC-MD5 algorithm and its secret clause contains the
base-64 encoding of the HMAC-MD5 secret enclosed in double quotes.
</p>
<p>
If <span><strong class="command">rndc -s testserver</strong></span> is used then <span><strong class="command">rndc</strong></span> will
connect to server on localhost port 5353 using the key testkey.
</p>
<p>
To generate a random secret with <span><strong class="command">rndc-confgen</strong></span>:
</p>
<p><strong class="userinput"><code>rndc-confgen</code></strong>
</p>
<p>
A complete <code class="filename">rndc.conf</code> file, including
the
randomly generated key, will be written to the standard
output. Commented out <code class="option">key</code> and
<code class="option">controls</code> statements for
<code class="filename">named.conf</code> are also printed.
</p>
<p>
To generate a base-64 secret with <span><strong class="command">mmencode</strong></span>:
</p>
<p><strong class="userinput"><code>echo "known plaintext for a secret" | mmencode</code></strong>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514340"></a><h2>NAME SERVER CONFIGURATION</h2>
<p>
The name server must be configured to accept rndc connections and
to recognize the key specified in the <code class="filename">rndc.conf</code>
file, using the controls statement in <code class="filename">named.conf</code>.
See the sections on the <code class="option">controls</code> statement in the
BIND 9 Administrator Reference Manual for details.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514361"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">mmencode</span>(1)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514400"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
</div></body>
</html>

592
bin/rndc/rndc.html
View file

@ -1,452 +1,164 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: rndc.html,v 1.15 2005/04/07 03:50:00 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>rndc</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
><SPAN
CLASS="APPLICATION"
>rndc</SPAN
></H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN9"
></A
><H2
>Name</H2
><SPAN
CLASS="APPLICATION"
>rndc</SPAN
>&nbsp;--&nbsp;name server control utility</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>rndc</B
> [<CODE
CLASS="OPTION"
>-b <TT
CLASS="REPLACEABLE"
><I
>source-address</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-c <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-k <TT
CLASS="REPLACEABLE"
><I
>key-file</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-s <TT
CLASS="REPLACEABLE"
><I
>server</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></CODE
>] [<CODE
CLASS="OPTION"
>-V</CODE
>] [<CODE
CLASS="OPTION"
>-y <TT
CLASS="REPLACEABLE"
><I
>key_id</I
></TT
></CODE
>] {command}</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN37"
></A
><H2
>DESCRIPTION</H2
><P
> <B
CLASS="COMMAND"
>rndc</B
> controls the operation of a name
server. It supersedes the <B
CLASS="COMMAND"
>ndc</B
> utility
that was provided in old BIND releases. If
<B
CLASS="COMMAND"
>rndc</B
> is invoked with no command line
options or arguments, it prints a short summary of the
supported commands and the available options and their
arguments.
</P
><P
> <B
CLASS="COMMAND"
>rndc</B
> communicates with the name server
over a TCP connection, sending commands authenticated with
digital signatures. In the current versions of
<B
CLASS="COMMAND"
>rndc</B
> and <B
CLASS="COMMAND"
>named</B
> named
the only supported authentication algorithm is HMAC-MD5,
which uses a shared secret on each end of the connection.
This provides TSIG-style authentication for the command
request and the name server's response. All commands sent
over the channel must be signed by a key_id known to the
server.
</P
><P
> <B
CLASS="COMMAND"
>rndc</B
> reads a configuration file to
determine how to contact the name server and decide what
algorithm and key it should use.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN49"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-b <TT
CLASS="REPLACEABLE"
><I
>source-address</I
></TT
></DT
><DD
><P
> Use <TT
CLASS="REPLACEABLE"
><I
>source-address</I
></TT
>
as the source address for the connection to the server.
Multiple instances are permitted to allow setting of both
the IPv4 and IPv6 source addresses.
</P
></DD
><DT
>-c <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
></DT
><DD
><P
> Use <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
>
as the configuration file instead of the default,
<TT
CLASS="FILENAME"
>/etc/rndc.conf</TT
>.
</P
></DD
><DT
>-k <TT
CLASS="REPLACEABLE"
><I
>key-file</I
></TT
></DT
><DD
><P
> Use <TT
CLASS="REPLACEABLE"
><I
>key-file</I
></TT
>
as the key file instead of the default,
<TT
CLASS="FILENAME"
>/etc/rndc.key</TT
>. The key in
<TT
CLASS="FILENAME"
>/etc/rndc.key</TT
> will be used to authenticate
commands sent to the server if the <TT
CLASS="REPLACEABLE"
><I
>config-file</I
></TT
>
does not exist.
</P
></DD
><DT
>-s <TT
CLASS="REPLACEABLE"
><I
>server</I
></TT
></DT
><DD
><P
> <TT
CLASS="REPLACEABLE"
><I
>server</I
></TT
> is
the name or address of the server which matches a
server statement in the configuration file for
<B
CLASS="COMMAND"
>rndc</B
>. If no server is supplied on the
command line, the host named by the default-server clause
in the option statement of the configuration file will be
used.
</P
></DD
><DT
>-p <TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
></DT
><DD
><P
> Send commands to TCP port
<TT
CLASS="REPLACEABLE"
><I
>port</I
></TT
> instead
of BIND 9's default control channel port, 953.
</P
></DD
><DT
>-V</DT
><DD
><P
> Enable verbose logging.
</P
></DD
><DT
>-y <TT
CLASS="REPLACEABLE"
><I
>keyid</I
></TT
></DT
><DD
><P
> Use the key <TT
CLASS="REPLACEABLE"
><I
>keyid</I
></TT
>
from the configuration file.
<TT
CLASS="REPLACEABLE"
><I
>keyid</I
></TT
> must be
known by named with the same algorithm and secret string
in order for control message validation to succeed.
If no <TT
CLASS="REPLACEABLE"
><I
>keyid</I
></TT
>
is specified, <B
CLASS="COMMAND"
>rndc</B
> will first look
for a key clause in the server statement of the server
being used, or if no server statement is present for that
host, then the default-key clause of the options statement.
Note that the configuration file contains shared secrets
which are used to send authenticated control commands
to name servers. It should therefore not have general read
or write access.
</P
></DD
></DL
></DIV
><P
> For the complete set of commands supported by <B
CLASS="COMMAND"
>rndc</B
>,
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>rndc</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456614"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">rndc</span> &#8212; name server control utility</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">rndc</code> [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2514026"></a><h2>DESCRIPTION</h2>
<p><span><strong class="command">rndc</strong></span>
controls the operation of a name
server. It supersedes the <span><strong class="command">ndc</strong></span> utility
that was provided in old BIND releases. If
<span><strong class="command">rndc</strong></span> is invoked with no command line
options or arguments, it prints a short summary of the
supported commands and the available options and their
arguments.
</p>
<p><span><strong class="command">rndc</strong></span>
communicates with the name server
over a TCP connection, sending commands authenticated with
digital signatures. In the current versions of
<span><strong class="command">rndc</strong></span> and <span><strong class="command">named</strong></span> named
the only supported authentication algorithm is HMAC-MD5,
which uses a shared secret on each end of the connection.
This provides TSIG-style authentication for the command
request and the name server's response. All commands sent
over the channel must be signed by a key_id known to the
server.
</p>
<p><span><strong class="command">rndc</strong></span>
reads a configuration file to
determine how to contact the name server and decide what
algorithm and key it should use.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514130"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
<dd><p>
Use <em class="replaceable"><code>source-address</code></em>
as the source address for the connection to the server.
Multiple instances are permitted to allow setting of both
the IPv4 and IPv6 source addresses.
</p></dd>
<dt><span class="term">-c <em class="replaceable"><code>config-file</code></em></span></dt>
<dd><p>
Use <em class="replaceable"><code>config-file</code></em>
as the configuration file instead of the default,
<code class="filename">/etc/rndc.conf</code>.
</p></dd>
<dt><span class="term">-k <em class="replaceable"><code>key-file</code></em></span></dt>
<dd><p>
Use <em class="replaceable"><code>key-file</code></em>
as the key file instead of the default,
<code class="filename">/etc/rndc.key</code>. The key in
<code class="filename">/etc/rndc.key</code> will be used to
authenticate
commands sent to the server if the <em class="replaceable"><code>config-file</code></em>
does not exist.
</p></dd>
<dt><span class="term">-s <em class="replaceable"><code>server</code></em></span></dt>
<dd><p><em class="replaceable"><code>server</code></em> is
the name or address of the server which matches a
server statement in the configuration file for
<span><strong class="command">rndc</strong></span>. If no server is supplied on
the
command line, the host named by the default-server clause
in the option statement of the configuration file will be
used.
</p></dd>
<dt><span class="term">-p <em class="replaceable"><code>port</code></em></span></dt>
<dd><p>
Send commands to TCP port
<em class="replaceable"><code>port</code></em>
instead
of BIND 9's default control channel port, 953.
</p></dd>
<dt><span class="term">-V</span></dt>
<dd><p>
Enable verbose logging.
</p></dd>
<dt><span class="term">-y <em class="replaceable"><code>keyid</code></em></span></dt>
<dd><p>
Use the key <em class="replaceable"><code>keyid</code></em>
from the configuration file.
<em class="replaceable"><code>keyid</code></em>
must be
known by named with the same algorithm and secret string
in order for control message validation to succeed.
If no <em class="replaceable"><code>keyid</code></em>
is specified, <span><strong class="command">rndc</strong></span> will first look
for a key clause in the server statement of the server
being used, or if no server statement is present for that
host, then the default-key clause of the options statement.
Note that the configuration file contains shared secrets
which are used to send authenticated control commands
to name servers. It should therefore not have general read
or write access.
</p></dd>
</dl></div>
<p>
For the complete set of commands supported by <span><strong class="command">rndc</strong></span>,
see the BIND 9 Administrator Reference Manual or run
<B
CLASS="COMMAND"
>rndc</B
> without arguments to see its help message.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN103"
></A
><H2
>LIMITATIONS</H2
><P
> <B
CLASS="COMMAND"
>rndc</B
> does not yet support all the commands of
the BIND 8 <B
CLASS="COMMAND"
>ndc</B
> utility.
</P
><P
> There is currently no way to provide the shared secret for a
<CODE
CLASS="OPTION"
>key_id</CODE
> without using the configuration file.
</P
><P
> Several error messages could be clearer.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN111"
></A
><H2
>SEE ALSO</H2
><P
> <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>rndc.conf</SPAN
>(5)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named</SPAN
>(8)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>named.conf</SPAN
>(5)</SPAN
>
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>ndc</SPAN
>(8)</SPAN
>,
<I
CLASS="CITETITLE"
>BIND 9 Administrator Reference Manual</I
>.
</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN127"
></A
><H2
>AUTHOR</H2
><P
> Internet Systems Consortium
</P
></DIV
></BODY
></HTML
>
<span><strong class="command">rndc</strong></span> without arguments to see its help
message.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514470"></a><h2>LIMITATIONS</h2>
<p><span><strong class="command">rndc</strong></span>
does not yet support all the commands of
the BIND 8 <span><strong class="command">ndc</strong></span> utility.
</p>
<p>
There is currently no way to provide the shared secret for a
<code class="option">key_id</code> without using the configuration file.
</p>
<p>
Several error messages could be clearer.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514497"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>
<span class="citerefentry"><span class="refentrytitle">ndc</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514544"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
</div>
</div></body>
</html>

74
config.h.in
View file

@ -1,6 +1,6 @@
/* config.h.in. Generated from configure.in by autoheader. */
/*
* Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
@ -16,102 +16,106 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: config.h.in,v 1.65 2005/02/23 01:09:23 marka Exp $ */
/* $Id: config.h.in,v 1.66 2005/05/11 06:05:28 sra Exp $ */
/*! \file */
/***
*** This file is not to be included by any public header files, because
*** it does not get installed.
***/
/* define to `int' if <sys/types.h> doesn't define. */
/** define to `int' if <sys/types.h> doesn't define. */
#undef ssize_t
/* define on DEC OSF to enable 4.4BSD style sa_len support */
/** define on DEC OSF to enable 4.4BSD style sa_len support */
#undef _SOCKADDR_LEN
/* define if your system needs pthread_init() before using pthreads */
/** define if your system needs pthread_init() before using pthreads */
#undef NEED_PTHREAD_INIT
/* define if your system has sigwait() */
/** define if your system has sigwait() */
#undef HAVE_SIGWAIT
/* define if sigwait() is the UnixWare flavor */
/** define if sigwait() is the UnixWare flavor */
#undef HAVE_UNIXWARE_SIGWAIT
/* define on Solaris to get sigwait() to work using pthreads semantics */
/** define on Solaris to get sigwait() to work using pthreads semantics */
#undef _POSIX_PTHREAD_SEMANTICS
/* define if LinuxThreads is in use */
/** define if LinuxThreads is in use */
#undef HAVE_LINUXTHREADS
/* define if sysconf() is available */
/** define if sysconf() is available */
#undef HAVE_SYSCONF
/* define if sysctlbyname() is available */
/** define if sysctlbyname() is available */
#undef HAVE_SYSCTLBYNAME
/* define if catgets() is available */
/** define if catgets() is available */
#undef HAVE_CATGETS
/* define if getifaddrs() exists */
/** define if getifaddrs() exists */
#undef HAVE_GETIFADDRS
/* define if you have the NET_RT_IFLIST sysctl variable and sys/sysctl.h */
/** define if you have the NET_RT_IFLIST sysctl variable and sys/sysctl.h */
#undef HAVE_IFLIST_SYSCTL
/* define if chroot() is available */
/** define if chroot() is available */
#undef HAVE_CHROOT
/* define if tzset() is available */
/** define if tzset() is available */
#undef HAVE_TZSET
/* define if struct addrinfo exists */
/** define if struct addrinfo exists */
#undef HAVE_ADDRINFO
/* define if getaddrinfo() exists */
/** define if getaddrinfo() exists */
#undef HAVE_GETADDRINFO
/* define if gai_strerror() exists */
/** define if gai_strerror() exists */
#undef HAVE_GAISTRERROR
/* define if arc4random() exists */
/** define if arc4random() exists */
#undef HAVE_ARC4RANDOM
/* define if pthread_setconcurrency() should be called to tell the
/**
* define if pthread_setconcurrency() should be called to tell the
* OS how many threads we might want to run.
*/
#undef CALL_PTHREAD_SETCONCURRENCY
/* define if IPv6 is not disabled */
/** define if IPv6 is not disabled */
#undef WANT_IPV6
/* define if flockfile() is available */
/** define if flockfile() is available */
#undef HAVE_FLOCKFILE
/* define if getc_unlocked() is available */
/** define if getc_unlocked() is available */
#undef HAVE_GETCUNLOCKED
/* Shut up warnings about sputaux in stdio.h on BSD/OS pre-4.1 */
/** Shut up warnings about sputaux in stdio.h on BSD/OS pre-4.1 */
#undef SHUTUP_SPUTAUX
#ifdef SHUTUP_SPUTAUX
struct __sFILE;
extern __inline int __sputaux(int _c, struct __sFILE *_p);
#endif
/* Shut up warnings about missing sigwait prototype on BSD/OS 4.0* */
/** Shut up warnings about missing sigwait prototype on BSD/OS 4.0* */
#undef SHUTUP_SIGWAIT
#ifdef SHUTUP_SIGWAIT
int sigwait(const unsigned int *set, int *sig);
#endif
/* Shut up warnings from gcc -Wcast-qual on BSD/OS 4.1. */
/** Shut up warnings from gcc -Wcast-qual on BSD/OS 4.1. */
#undef SHUTUP_STDARG_CAST
#if defined(SHUTUP_STDARG_CAST) && defined(__GNUC__)
#include <stdarg.h> /* Grr. Must be included *every time*. */
/*
#include <stdarg.h> /** Grr. Must be included *every time*. */
/**
* The silly continuation line is to keep configure from
* commenting out the #undef.
*/
#undef \
va_start
#define va_start(ap, last) \
@ -120,21 +124,21 @@ int sigwait(const unsigned int *set, int *sig);
_u.konst = &(last); \
ap = (va_list)(_u.var + __va_words(__typeof(last))); \
} while (0)
#endif /* SHUTUP_STDARG_CAST && __GNUC__ */
#endif /** SHUTUP_STDARG_CAST && __GNUC__ */
/* define if the system has a random number generating device */
/** define if the system has a random number generating device */
#undef PATH_RANDOMDEV
/* define if pthread_attr_getstacksize() is available */
/** define if pthread_attr_getstacksize() is available */
#undef HAVE_PTHREAD_ATTR_GETSTACKSIZE
/* define if pthread_attr_setstacksize() is available */
/** define if pthread_attr_setstacksize() is available */
#undef HAVE_PTHREAD_ATTR_SETSTACKSIZE
/* define if you have strerror in the C library. */
/** define if you have strerror in the C library. */
#undef HAVE_STRERROR
/* Define if you are running under Compaq TruCluster. */
/** Define if you are running under Compaq TruCluster. */
#undef HAVE_TRUCLUSTER
/* Define if OpenSSL includes DSA support */

577
configure vendored
View file

@ -14,7 +14,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
#
# $Id: configure,v 1.360 2005/05/06 02:12:48 marka Exp $
# $Id: configure,v 1.362 2005/05/12 23:54:19 sra Exp $
#
# Portions Copyright (C) 1996-2001 Nominum, Inc.
#
@ -29,7 +29,7 @@
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# From configure.in Revision: 1.375 .
# From configure.in Revision: 1.376 .
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.59.
#
@ -495,7 +495,7 @@ ac_includes_default="\
# include <unistd.h>
#endif"
ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS subdirs build build_cpu build_vendor build_os host host_cpu host_vendor host_os SET_MAKE RANLIB ac_ct_RANLIB INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA STD_CINCLUDES STD_CDEFINES STD_CWARNINGS CCOPT AR ARFLAGS LN ETAGS PERL CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP EGREP ISC_SOCKADDR_LEN_T ISC_PLATFORM_HAVELONGLONG ISC_PLATFORM_HAVELIFCONF ISC_PLATFORM_NEEDSYSSELECTH LWRES_PLATFORM_NEEDSYSSELECTH USE_OPENSSL DST_OPENSSL_INC USE_GSSAPI DST_GSSAPI_INC DNS_CRYPTO_LIBS ALWAYS_DEFINES ISC_PLATFORM_USETHREADS ISC_THREAD_DIR MKDEPCC MKDEPCFLAGS MKDEPPROG IRIX_DNSSEC_WARNINGS_HACK purify_path PURIFY LN_S ECHO ac_ct_AR STRIP ac_ct_STRIP CXX CXXFLAGS ac_ct_CXX CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL O A SA LIBTOOL_MKDEP_SED LIBTOOL_MODE_COMPILE LIBTOOL_MODE_INSTALL LIBTOOL_MODE_LINK LIBTOOL_ALLOW_UNDEFINED LIBTOOL_IN_MAIN LIBBIND ISC_PLATFORM_HAVEIPV6 LWRES_PLATFORM_HAVEIPV6 ISC_PLATFORM_NEEDNETINETIN6H LWRES_PLATFORM_NEEDNETINETIN6H ISC_PLATFORM_NEEDNETINET6IN6H LWRES_PLATFORM_NEEDNETINET6IN6H ISC_PLATFORM_HAVEINADDR6 LWRES_PLATFORM_HAVEINADDR6 ISC_PLATFORM_NEEDIN6ADDRANY LWRES_PLATFORM_NEEDIN6ADDRANY ISC_PLATFORM_NEEDIN6ADDRLOOPBACK LWRES_PLATFORM_NEEDIN6ADDRLOOPBACK ISC_PLATFORM_HAVEIN6PKTINFO ISC_PLATFORM_FIXIN6ISADDR ISC_IPV6_H ISC_IPV6_O ISC_ISCIPV6_O ISC_IPV6_C LWRES_HAVE_SIN6_SCOPE_ID ISC_PLATFORM_HAVESCOPEID ISC_PLATFORM_HAVEIF_LADDRREQ ISC_PLATFORM_HAVEIF_LADDRCONF ISC_PLATFORM_NEEDNTOP ISC_PLATFORM_NEEDPTON ISC_PLATFORM_NEEDATON ISC_PLATFORM_HAVESALEN LWRES_PLATFORM_HAVESALEN ISC_PLATFORM_MSGHDRFLAVOR ISC_PLATFORM_NEEDPORTT ISC_LWRES_NEEDADDRINFO ISC_LWRES_NEEDRRSETINFO ISC_LWRES_SETHOSTENTINT ISC_LWRES_ENDHOSTENTINT ISC_LWRES_GETNETBYADDRINADDR ISC_LWRES_SETNETENTINT ISC_LWRES_ENDNETENTINT ISC_LWRES_GETHOSTBYADDRVOID ISC_LWRES_NEEDHERRNO ISC_LWRES_GETIPNODEPROTO ISC_LWRES_GETADDRINFOPROTO ISC_LWRES_GETNAMEINFOPROTO ISC_PLATFORM_NEEDSTRSEP ISC_PLATFORM_NEEDMEMMOVE ISC_PLATFORM_NEEDSTRTOUL ISC_PLATFORM_NEEDSTRLCPY ISC_PLATFORM_NEEDSTRLCAT ISC_PLATFORM_NEEDSPRINTF LWRES_PLATFORM_NEEDSPRINTF ISC_PLATFORM_NEEDVSNPRINTF LWRES_PLATFORM_NEEDVSNPRINTF ISC_EXTRA_OBJS ISC_EXTRA_SRCS ISC_PLATFORM_QUADFORMAT LWRES_PLATFORM_QUADFORMAT ISC_PLATFORM_HAVESYSUNH ISC_PLATFORM_RLIMITTYPE ISC_PLATFORM_USEDECLSPEC LWRES_PLATFORM_USEDECLSPEC ISC_PLATFORM_BRACEPTHREADONCEINIT ISC_PLATFORM_HAVEIFNAMETOINDEX OPENJADE JADETEX PDFJADETEX SGMLCATALOG HTMLSTYLE PRINTSTYLE XMLDCL DOCBOOK2MANSPEC BIND9_TOP_BUILDDIR BIND9_ISC_BUILDINCLUDE BIND9_ISCCC_BUILDINCLUDE BIND9_ISCCFG_BUILDINCLUDE BIND9_DNS_BUILDINCLUDE BIND9_LWRES_BUILDINCLUDE BIND9_BIND9_BUILDINCLUDE BIND9_VERSION LIBOBJS LTLIBOBJS'
ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS subdirs build build_cpu build_vendor build_os host host_cpu host_vendor host_os SET_MAKE RANLIB ac_ct_RANLIB INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA STD_CINCLUDES STD_CDEFINES STD_CWARNINGS CCOPT AR ARFLAGS LN ETAGS PERL CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP EGREP ISC_SOCKADDR_LEN_T ISC_PLATFORM_HAVELONGLONG ISC_PLATFORM_HAVELIFCONF ISC_PLATFORM_NEEDSYSSELECTH LWRES_PLATFORM_NEEDSYSSELECTH USE_OPENSSL DST_OPENSSL_INC USE_GSSAPI DST_GSSAPI_INC DNS_CRYPTO_LIBS ALWAYS_DEFINES ISC_PLATFORM_USETHREADS ISC_THREAD_DIR MKDEPCC MKDEPCFLAGS MKDEPPROG IRIX_DNSSEC_WARNINGS_HACK purify_path PURIFY LN_S ECHO ac_ct_AR STRIP ac_ct_STRIP CXX CXXFLAGS ac_ct_CXX CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL O A SA LIBTOOL_MKDEP_SED LIBTOOL_MODE_COMPILE LIBTOOL_MODE_INSTALL LIBTOOL_MODE_LINK LIBTOOL_ALLOW_UNDEFINED LIBTOOL_IN_MAIN LIBBIND ISC_PLATFORM_HAVEIPV6 LWRES_PLATFORM_HAVEIPV6 ISC_PLATFORM_NEEDNETINETIN6H LWRES_PLATFORM_NEEDNETINETIN6H ISC_PLATFORM_NEEDNETINET6IN6H LWRES_PLATFORM_NEEDNETINET6IN6H ISC_PLATFORM_HAVEINADDR6 LWRES_PLATFORM_HAVEINADDR6 ISC_PLATFORM_NEEDIN6ADDRANY LWRES_PLATFORM_NEEDIN6ADDRANY ISC_PLATFORM_NEEDIN6ADDRLOOPBACK LWRES_PLATFORM_NEEDIN6ADDRLOOPBACK ISC_PLATFORM_HAVEIN6PKTINFO ISC_PLATFORM_FIXIN6ISADDR ISC_IPV6_H ISC_IPV6_O ISC_ISCIPV6_O ISC_IPV6_C LWRES_HAVE_SIN6_SCOPE_ID ISC_PLATFORM_HAVESCOPEID ISC_PLATFORM_HAVEIF_LADDRREQ ISC_PLATFORM_HAVEIF_LADDRCONF ISC_PLATFORM_NEEDNTOP ISC_PLATFORM_NEEDPTON ISC_PLATFORM_NEEDATON ISC_PLATFORM_HAVESALEN LWRES_PLATFORM_HAVESALEN ISC_PLATFORM_MSGHDRFLAVOR ISC_PLATFORM_NEEDPORTT ISC_LWRES_NEEDADDRINFO ISC_LWRES_NEEDRRSETINFO ISC_LWRES_SETHOSTENTINT ISC_LWRES_ENDHOSTENTINT ISC_LWRES_GETNETBYADDRINADDR ISC_LWRES_SETNETENTINT ISC_LWRES_ENDNETENTINT ISC_LWRES_GETHOSTBYADDRVOID ISC_LWRES_NEEDHERRNO ISC_LWRES_GETIPNODEPROTO ISC_LWRES_GETADDRINFOPROTO ISC_LWRES_GETNAMEINFOPROTO ISC_PLATFORM_NEEDSTRSEP ISC_PLATFORM_NEEDMEMMOVE ISC_PLATFORM_NEEDSTRTOUL ISC_PLATFORM_NEEDSTRLCPY ISC_PLATFORM_NEEDSTRLCAT ISC_PLATFORM_NEEDSPRINTF LWRES_PLATFORM_NEEDSPRINTF ISC_PLATFORM_NEEDVSNPRINTF LWRES_PLATFORM_NEEDVSNPRINTF ISC_EXTRA_OBJS ISC_EXTRA_SRCS ISC_PLATFORM_QUADFORMAT LWRES_PLATFORM_QUADFORMAT ISC_PLATFORM_HAVESYSUNH ISC_PLATFORM_RLIMITTYPE ISC_PLATFORM_USEDECLSPEC LWRES_PLATFORM_USEDECLSPEC ISC_PLATFORM_BRACEPTHREADONCEINIT ISC_PLATFORM_HAVEIFNAMETOINDEX LATEX PDFLATEX XSLTPROC XMLLINT XSLT_DOCBOOK_STYLE_HTML XSLT_DOCBOOK_STYLE_XHTML XSLT_DOCBOOK_STYLE_MAN XSLT_DOCBOOK_CHUNK_HTML XSLT_DOCBOOK_CHUNK_XHTML XSLT_DB2LATEX_STYLE XSLT_DB2LATEX_ADMONITIONS BIND9_TOP_BUILDDIR BIND9_ISC_BUILDINCLUDE BIND9_ISCCC_BUILDINCLUDE BIND9_ISCCFG_BUILDINCLUDE BIND9_DNS_BUILDINCLUDE BIND9_LWRES_BUILDINCLUDE BIND9_BIND9_BUILDINCLUDE BIND9_VERSION LIBOBJS LTLIBOBJS'
ac_subst_files='BIND9_MAKE_INCLUDES BIND9_MAKE_RULES LIBISC_API LIBISCCC_API LIBISCCFG_API LIBDNS_API LIBBIND9_API LIBLWRES_API'
# Initialize some variables set by options.
@ -27378,76 +27378,22 @@ esac
# a developer editing the documentation source.
#
# Directory trees where SGML files are commonly found.
sgmltrees="/usr/pkg/share/sgml /usr/local/share/sgml /usr/share/sgml"
#
# Look for openjade. Plain jade is no longer supported.
#
for ac_prog in openjade
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
echo "$as_me:$LINENO: checking for $ac_word" >&5
echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
if test "${ac_cv_path_OPENJADE+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
case $OPENJADE in
[\\/]* | ?:[\\/]*)
ac_cv_path_OPENJADE="$OPENJADE" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_OPENJADE="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
;;
esac
fi
OPENJADE=$ac_cv_path_OPENJADE
if test -n "$OPENJADE"; then
echo "$as_me:$LINENO: result: $OPENJADE" >&5
echo "${ECHO_T}$OPENJADE" >&6
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi
test -n "$OPENJADE" && break
done
test -n "$OPENJADE" || OPENJADE="openjade"
#
# Look for TeX.
#
for ac_prog in jadetex
for ac_prog in latex
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
echo "$as_me:$LINENO: checking for $ac_word" >&5
echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
if test "${ac_cv_path_JADETEX+set}" = set; then
if test "${ac_cv_path_LATEX+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
case $JADETEX in
case $LATEX in
[\\/]* | ?:[\\/]*)
ac_cv_path_JADETEX="$JADETEX" # Let the user override the test with a path.
ac_cv_path_LATEX="$LATEX" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
@ -27457,7 +27403,7 @@ do
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_JADETEX="$as_dir/$ac_word$ac_exec_ext"
ac_cv_path_LATEX="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
@ -27467,34 +27413,34 @@ done
;;
esac
fi
JADETEX=$ac_cv_path_JADETEX
LATEX=$ac_cv_path_LATEX
if test -n "$JADETEX"; then
echo "$as_me:$LINENO: result: $JADETEX" >&5
echo "${ECHO_T}$JADETEX" >&6
if test -n "$LATEX"; then
echo "$as_me:$LINENO: result: $LATEX" >&5
echo "${ECHO_T}$LATEX" >&6
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi
test -n "$JADETEX" && break
test -n "$LATEX" && break
done
test -n "$JADETEX" || JADETEX="jadetex"
test -n "$LATEX" || LATEX="latex"
for ac_prog in pdfjadetex
for ac_prog in pdflatex
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
echo "$as_me:$LINENO: checking for $ac_word" >&5
echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
if test "${ac_cv_path_PDFJADETEX+set}" = set; then
if test "${ac_cv_path_PDFLATEX+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
case $PDFJADETEX in
case $PDFLATEX in
[\\/]* | ?:[\\/]*)
ac_cv_path_PDFJADETEX="$PDFJADETEX" # Let the user override the test with a path.
ac_cv_path_PDFLATEX="$PDFLATEX" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
@ -27504,7 +27450,7 @@ do
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_PDFJADETEX="$as_dir/$ac_word$ac_exec_ext"
ac_cv_path_PDFLATEX="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
@ -27514,19 +27460,111 @@ done
;;
esac
fi
PDFJADETEX=$ac_cv_path_PDFJADETEX
PDFLATEX=$ac_cv_path_PDFLATEX
if test -n "$PDFJADETEX"; then
echo "$as_me:$LINENO: result: $PDFJADETEX" >&5
echo "${ECHO_T}$PDFJADETEX" >&6
if test -n "$PDFLATEX"; then
echo "$as_me:$LINENO: result: $PDFLATEX" >&5
echo "${ECHO_T}$PDFLATEX" >&6
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi
test -n "$PDFJADETEX" && break
test -n "$PDFLATEX" && break
done
test -n "$PDFJADETEX" || PDFJADETEX="pdfjadetex"
test -n "$PDFLATEX" || PDFLATEX="pdflatex"
#
# Look for xsltproc (libxslt)
#
# Extract the first word of "xsltproc", so it can be a program name with args.
set dummy xsltproc; ac_word=$2
echo "$as_me:$LINENO: checking for $ac_word" >&5
echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
if test "${ac_cv_path_XSLTPROC+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
case $XSLTPROC in
[\\/]* | ?:[\\/]*)
ac_cv_path_XSLTPROC="$XSLTPROC" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_XSLTPROC="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
test -z "$ac_cv_path_XSLTPROC" && ac_cv_path_XSLTPROC="xsltproc"
;;
esac
fi
XSLTPROC=$ac_cv_path_XSLTPROC
if test -n "$XSLTPROC"; then
echo "$as_me:$LINENO: result: $XSLTPROC" >&5
echo "${ECHO_T}$XSLTPROC" >&6
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi
#
# Look for xmllint (libxml2)
#
# Extract the first word of "xmllint", so it can be a program name with args.
set dummy xmllint; ac_word=$2
echo "$as_me:$LINENO: checking for $ac_word" >&5
echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6
if test "${ac_cv_path_XMLLINT+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
case $XMLLINT in
[\\/]* | ?:[\\/]*)
ac_cv_path_XMLLINT="$XMLLINT" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
ac_cv_path_XMLLINT="$as_dir/$ac_word$ac_exec_ext"
echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
test -z "$ac_cv_path_XMLLINT" && ac_cv_path_XMLLINT="xmllint"
;;
esac
fi
XMLLINT=$ac_cv_path_XMLLINT
if test -n "$XMLLINT"; then
echo "$as_me:$LINENO: result: $XMLLINT" >&5
echo "${ECHO_T}$XMLLINT" >&6
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi
@ -27546,185 +27584,196 @@ test -n "$PDFJADETEX" || PDFJADETEX="pdfjadetex"
#
# Look for the SGML catalog.
# Its location varies, so far we have seen:
# Look for Docbook-XSL stylesheets. Location probably varies by
# system. Guessing where it might be found, based on where SGML stuff
# lives on some systems. FreeBSD is the only one I'm sure of at the
# moment.
#
# NetBSD /usr/pkg/share/sgml/docbook/catalog
# FreeBSD /usr/local/share/sgml/docbook/catalog
# Linux /usr/local/share/dsssl/docbook/catalog
# /usr/share/sgml/docbook/dsssl-stylesheets/catalog
#
catalogpath=""
for d in $sgmltrees
do
catalogpath="$catalogpath $d"
for s in docbook/dsssl-stylesheets
do
catalogpath="$catalogpath $d/$s"
done
done
SGMLCATALOG=""
echo "$as_me:$LINENO: checking for catalog" >&5
echo $ECHO_N "checking for catalog... $ECHO_C" >&6
for d in $catalogpath
docbook_xsl_trees="/usr/pkg/share/xsl /usr/local/share/xsl /usr/share/xsl"
#
# Look for stylesheets we need.
#
XSLT_DOCBOOK_STYLE_HTML=""
echo "$as_me:$LINENO: checking for docbook/html/docbook.xsl" >&5
echo $ECHO_N "checking for docbook/html/docbook.xsl... $ECHO_C" >&6
for d in $docbook_xsl_trees
do
f=$d/catalog
f=$d/docbook/html/docbook.xsl
if test -f $f
then
SGMLCATALOG=$f
XSLT_DOCBOOK_STYLE_HTML=$f
echo "$as_me:$LINENO: result: $f" >&5
echo "${ECHO_T}$f" >&6
break
fi
done
if test "X$SGMLCATALOG" = "X"
if test "X$XSLT_DOCBOOK_STYLE_HTML" = "X"
then
echo "$as_me:$LINENO: result: \"not found\"" >&5
echo "${ECHO_T}\"not found\"" >&6;
SGMLCATALOG=catalog
XSLT_DOCBOOK_STYLE_HTML=docbook/html/docbook.xsl
fi
#
# Look for the HTML stylesheet html/docbook.dsl, used for
# formatting man pages in HTML. Its location varies,
# so far we have seen:
#
# NetBSD /usr/pkg/share/sgml/docbook/dsssl/modular/
# FreeBSD /usr/local/share/sgml/docbook/dsssl/modular/
# Linux /usr/local/share/dsssl/docbook/
# /usr/share/sgml/docbook/dsssl-stylesheets/
#
# Ditto for the print stylesheet print/docbook.dsl.
#
stylepath=""
for d in $sgmltrees
XSLT_DOCBOOK_STYLE_XHTML=""
echo "$as_me:$LINENO: checking for docbook/xhtml/docbook.xsl" >&5
echo $ECHO_N "checking for docbook/xhtml/docbook.xsl... $ECHO_C" >&6
for d in $docbook_xsl_trees
do
for s in docbook/dsssl/modular dsssl/docbook docbook/dsssl-stylesheets
do
stylepath="$stylepath $d/$s"
done
done
HTMLSTYLE=""
echo "$as_me:$LINENO: checking for html/docbook.dsl" >&5
echo $ECHO_N "checking for html/docbook.dsl... $ECHO_C" >&6
for d in $stylepath
do
f=$d/html/docbook.dsl
f=$d/docbook/xhtml/docbook.xsl
if test -f $f
then
HTMLSTYLE=$f
XSLT_DOCBOOK_STYLE_XHTML=$f
echo "$as_me:$LINENO: result: $f" >&5
echo "${ECHO_T}$f" >&6
break
fi
done
if test "X$HTMLSTYLE" = "X"
if test "X$XSLT_DOCBOOK_STYLE_XHTML" = "X"
then
echo "$as_me:$LINENO: result: \"not found\"" >&5
echo "${ECHO_T}\"not found\"" >&6;
HTMLSTYLE=html/docbook.dsl
XSLT_DOCBOOK_STYLE_XHTML=docbook/xhtml/docbook.xsl
fi
PRINTSTYLE=""
echo "$as_me:$LINENO: checking for print/docbook.dsl" >&5
echo $ECHO_N "checking for print/docbook.dsl... $ECHO_C" >&6
for d in $stylepath
XSLT_DOCBOOK_STYLE_MAN=""
echo "$as_me:$LINENO: checking for docbook/manpages/docbook.xsl" >&5
echo $ECHO_N "checking for docbook/manpages/docbook.xsl... $ECHO_C" >&6
for d in $docbook_xsl_trees
do
f=$d/print/docbook.dsl
f=$d/docbook/manpages/docbook.xsl
if test -f $f
then
PRINTSTYLE=$f
XSLT_DOCBOOK_STYLE_MAN=$f
echo "$as_me:$LINENO: result: $f" >&5
echo "${ECHO_T}$f" >&6
break
fi
done
if test "X$PRINTSTYLE" = "X"
if test "X$XSLT_DOCBOOK_STYLE_MAN" = "X"
then
echo "$as_me:$LINENO: result: \"not found\"" >&5
echo "${ECHO_T}\"not found\"" >&6;
PRINTSTYLE=print/docbook.dsl
XSLT_DOCBOOK_STYLE_MAN=docbook/manpages/docbook.xsl
fi
#
# Look for XML declarations.
# Its location varies, so far we have seen:
#
# NetBSD /usr/pkg/share/sgml/docbook/dsssl/modular/dtds/decls/
# FreeBSD /usr/local/share/sgml/docbook/dsssl/modular/dtds/decls/
# Linux /usr/local/share/dsssl/docbook/dtds/decls/
# /usr/share/sgml/docbook/dsssl-stylesheets/dtds/decls/
#
xmlpath=""
for d in $sgmltrees
XSLT_DOCBOOK_CHUNK_HTML=""
echo "$as_me:$LINENO: checking for docbook/html/chunk.xsl" >&5
echo $ECHO_N "checking for docbook/html/chunk.xsl... $ECHO_C" >&6
for d in $docbook_xsl_trees
do
for s in docbook/dsssl/modular dsssl/docbook docbook/dsssl-stylesheets
do
xmlpath="$xmlpath $d/$s"
done
done
XMLDCL=""
echo "$as_me:$LINENO: checking for dtds/decls/xml.dcl" >&5
echo $ECHO_N "checking for dtds/decls/xml.dcl... $ECHO_C" >&6
for d in $xmlpath
do
f=$d/dtds/decls/xml.dcl
f=$d/docbook/html/chunk.xsl
if test -f $f
then
XMLDCL=$f
XSLT_DOCBOOK_CHUNK_HTML=$f
echo "$as_me:$LINENO: result: $f" >&5
echo "${ECHO_T}$f" >&6
break
fi
done
if test "X$XMLDCL" = "X"
if test "X$XSLT_DOCBOOK_CHUNK_HTML" = "X"
then
echo "$as_me:$LINENO: result: \"not found\"" >&5
echo "${ECHO_T}\"not found\"" >&6;
XMLDCL=dtds/decls/xml.dcl
XSLT_DOCBOOK_CHUNK_HTML=docbook/html/chunk.xsl
fi
#
# Look for docbook2man-spec.pl
#
DOCBOOK2MANSPEC=""
echo "$as_me:$LINENO: checking for docbook2X/docbook2man-spec.pl" >&5
echo $ECHO_N "checking for docbook2X/docbook2man-spec.pl... $ECHO_C" >&6
for d in $sgmltrees
XSLT_DOCBOOK_CHUNK_XHTML=""
echo "$as_me:$LINENO: checking for docbook/xhtml/chunk.xsl" >&5
echo $ECHO_N "checking for docbook/xhtml/chunk.xsl... $ECHO_C" >&6
for d in $docbook_xsl_trees
do
f=$d/docbook2X/docbook2man-spec.pl
f=$d/docbook/xhtml/chunk.xsl
if test -f $f
then
DOCBOOK2MANSPEC=$f
XSLT_DOCBOOK_CHUNK_XHTML=$f
echo "$as_me:$LINENO: result: $f" >&5
echo "${ECHO_T}$f" >&6
break
fi
done
if test "X$DOCBOOK2MANSPEC" = "X"
if test "X$XSLT_DOCBOOK_CHUNK_XHTML" = "X"
then
echo "$as_me:$LINENO: result: \"not found\"" >&5
echo "${ECHO_T}\"not found\"" >&6;
DOCBOOK2MANSPEC=docbook2X/docbook2man-spec.pl
XSLT_DOCBOOK_CHUNK_XHTML=docbook/xhtml/chunk.xsl
fi
#
# Same dance for db2latex
#
# No idea where this lives except on FreeBSD.
#
db2latex_xsl_trees="/usr/local/share"
#
# Look for stylesheets we need.
#
XSLT_DB2LATEX_STYLE=""
echo "$as_me:$LINENO: checking for db2latex/xsl/docbook.xsl" >&5
echo $ECHO_N "checking for db2latex/xsl/docbook.xsl... $ECHO_C" >&6
for d in $db2latex_xsl_trees
do
f=$d/db2latex/xsl/docbook.xsl
if test -f $f
then
XSLT_DB2LATEX_STYLE=$f
echo "$as_me:$LINENO: result: $f" >&5
echo "${ECHO_T}$f" >&6
break
fi
done
if test "X$XSLT_DB2LATEX_STYLE" = "X"
then
echo "$as_me:$LINENO: result: \"not found\"" >&5
echo "${ECHO_T}\"not found\"" >&6;
XSLT_DB2LATEX_STYLE=db2latex/xsl/docbook.xsl
fi
#
# Look for "admonition" image directory. Can't use NOM_PATH_FILE()
# because it's a directory, so just do the same things, inline.
#
echo "$as_me:$LINENO: checking for db2latex/xsl/figures" >&5
echo $ECHO_N "checking for db2latex/xsl/figures... $ECHO_C" >&6
for d in $db2latex_xsl_trees
do
dd=$d/db2latex/xsl/figures
if test -d $dd
then
XSLT_DB2LATEX_ADMONITIONS=$dd
echo "$as_me:$LINENO: result: $dd" >&5
echo "${ECHO_T}$dd" >&6
break
fi
done
if test "X$XSLT_DB2LATEX_ADMONITIONS" = "X"
then
echo "$as_me:$LINENO: result: not found" >&5
echo "${ECHO_T}not found" >&6
XSLT_DB2LATEX_ADMONITIONS=db2latex/xsl/figures
fi
#
# Substitutions
#
@ -27781,7 +27830,20 @@ LIBBIND9_API=$srcdir/lib/bind9/api
LIBLWRES_API=$srcdir/lib/lwres/api
ac_config_files="$ac_config_files make/rules make/includes Makefile make/Makefile make/mkdep lib/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/nls/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/include/dst/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/lwres/Makefile lib/lwres/include/Makefile lib/lwres/include/lwres/Makefile lib/lwres/include/lwres/netdb.h lib/lwres/include/lwres/platform.h lib/lwres/man/Makefile lib/lwres/unix/Makefile lib/lwres/unix/include/Makefile lib/lwres/unix/include/lwres/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile bin/Makefile bin/check/Makefile bin/named/Makefile bin/named/unix/Makefile bin/rndc/Makefile bin/rndc/unix/Makefile bin/dig/Makefile bin/nsupdate/Makefile bin/tests/Makefile bin/tests/names/Makefile bin/tests/master/Makefile bin/tests/rbt/Makefile bin/tests/db/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/dst/Makefile bin/tests/mem/Makefile bin/tests/net/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/lwresd/Makefile bin/tests/system/tkey/Makefile bin/tests/headerdep_test.sh bin/dnssec/Makefile doc/Makefile doc/arm/Makefile doc/arm/nominum-docbook-html.dsl doc/arm/nominum-docbook-print.dsl doc/arm/validate.sh doc/misc/Makefile docutil/docbook2man-wrapper.sh isc-config.sh"
#
# Commands to run at the end of config.status.
# Don't just put these into configure, it won't work right if somebody
# runs config.status directly (which autoconf allows).
#
ac_config_commands="$ac_config_commands chmod"
#
# Do it
#
ac_config_files="$ac_config_files make/rules make/includes Makefile make/Makefile make/mkdep lib/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/nls/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/include/dst/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/lwres/Makefile lib/lwres/include/Makefile lib/lwres/include/lwres/Makefile lib/lwres/include/lwres/netdb.h lib/lwres/include/lwres/platform.h lib/lwres/man/Makefile lib/lwres/unix/Makefile lib/lwres/unix/include/Makefile lib/lwres/unix/include/lwres/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile bin/Makefile bin/check/Makefile bin/named/Makefile bin/named/unix/Makefile bin/rndc/Makefile bin/rndc/unix/Makefile bin/dig/Makefile bin/nsupdate/Makefile bin/tests/Makefile bin/tests/names/Makefile bin/tests/master/Makefile bin/tests/rbt/Makefile bin/tests/db/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/dst/Makefile bin/tests/mem/Makefile bin/tests/net/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/lwresd/Makefile bin/tests/system/tkey/Makefile bin/tests/headerdep_test.sh bin/dnssec/Makefile doc/Makefile doc/arm/Makefile doc/misc/Makefile isc-config.sh doc/xsl/isc-docbook-chunk.xsl doc/xsl/isc-docbook-html.xsl doc/xsl/isc-docbook-latex.xsl doc/xsl/isc-manpage.xsl"
cat >confcache <<\_ACEOF
# This file is a shell script that caches the results of configure
# tests run on this system so they can be shared between configure
@ -28199,6 +28261,9 @@ $config_files
Configuration headers:
$config_headers
Configuration commands:
$config_commands
Report bugs to <bug-autoconf@gnu.org>."
_ACEOF
@ -28376,12 +28441,13 @@ do
"bin/dnssec/Makefile" ) CONFIG_FILES="$CONFIG_FILES bin/dnssec/Makefile" ;;
"doc/Makefile" ) CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;;
"doc/arm/Makefile" ) CONFIG_FILES="$CONFIG_FILES doc/arm/Makefile" ;;
"doc/arm/nominum-docbook-html.dsl" ) CONFIG_FILES="$CONFIG_FILES doc/arm/nominum-docbook-html.dsl" ;;
"doc/arm/nominum-docbook-print.dsl" ) CONFIG_FILES="$CONFIG_FILES doc/arm/nominum-docbook-print.dsl" ;;
"doc/arm/validate.sh" ) CONFIG_FILES="$CONFIG_FILES doc/arm/validate.sh" ;;
"doc/misc/Makefile" ) CONFIG_FILES="$CONFIG_FILES doc/misc/Makefile" ;;
"docutil/docbook2man-wrapper.sh" ) CONFIG_FILES="$CONFIG_FILES docutil/docbook2man-wrapper.sh" ;;
"isc-config.sh" ) CONFIG_FILES="$CONFIG_FILES isc-config.sh" ;;
"doc/xsl/isc-docbook-chunk.xsl" ) CONFIG_FILES="$CONFIG_FILES doc/xsl/isc-docbook-chunk.xsl" ;;
"doc/xsl/isc-docbook-html.xsl" ) CONFIG_FILES="$CONFIG_FILES doc/xsl/isc-docbook-html.xsl" ;;
"doc/xsl/isc-docbook-latex.xsl" ) CONFIG_FILES="$CONFIG_FILES doc/xsl/isc-docbook-latex.xsl" ;;
"doc/xsl/isc-manpage.xsl" ) CONFIG_FILES="$CONFIG_FILES doc/xsl/isc-manpage.xsl" ;;
"chmod" ) CONFIG_COMMANDS="$CONFIG_COMMANDS chmod" ;;
"config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
*) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5
echo "$as_me: error: invalid argument: $ac_config_target" >&2;}
@ -28396,6 +28462,7 @@ done
if $ac_need_defaults; then
test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands
fi
# Have a temporary directory for convenience. Make it in the build tree
@ -28602,14 +28669,17 @@ s,@ISC_PLATFORM_USEDECLSPEC@,$ISC_PLATFORM_USEDECLSPEC,;t t
s,@LWRES_PLATFORM_USEDECLSPEC@,$LWRES_PLATFORM_USEDECLSPEC,;t t
s,@ISC_PLATFORM_BRACEPTHREADONCEINIT@,$ISC_PLATFORM_BRACEPTHREADONCEINIT,;t t
s,@ISC_PLATFORM_HAVEIFNAMETOINDEX@,$ISC_PLATFORM_HAVEIFNAMETOINDEX,;t t
s,@OPENJADE@,$OPENJADE,;t t
s,@JADETEX@,$JADETEX,;t t
s,@PDFJADETEX@,$PDFJADETEX,;t t
s,@SGMLCATALOG@,$SGMLCATALOG,;t t
s,@HTMLSTYLE@,$HTMLSTYLE,;t t
s,@PRINTSTYLE@,$PRINTSTYLE,;t t
s,@XMLDCL@,$XMLDCL,;t t
s,@DOCBOOK2MANSPEC@,$DOCBOOK2MANSPEC,;t t
s,@LATEX@,$LATEX,;t t
s,@PDFLATEX@,$PDFLATEX,;t t
s,@XSLTPROC@,$XSLTPROC,;t t
s,@XMLLINT@,$XMLLINT,;t t
s,@XSLT_DOCBOOK_STYLE_HTML@,$XSLT_DOCBOOK_STYLE_HTML,;t t
s,@XSLT_DOCBOOK_STYLE_XHTML@,$XSLT_DOCBOOK_STYLE_XHTML,;t t
s,@XSLT_DOCBOOK_STYLE_MAN@,$XSLT_DOCBOOK_STYLE_MAN,;t t
s,@XSLT_DOCBOOK_CHUNK_HTML@,$XSLT_DOCBOOK_CHUNK_HTML,;t t
s,@XSLT_DOCBOOK_CHUNK_XHTML@,$XSLT_DOCBOOK_CHUNK_XHTML,;t t
s,@XSLT_DB2LATEX_STYLE@,$XSLT_DB2LATEX_STYLE,;t t
s,@XSLT_DB2LATEX_ADMONITIONS@,$XSLT_DB2LATEX_ADMONITIONS,;t t
s,@BIND9_TOP_BUILDDIR@,$BIND9_TOP_BUILDDIR,;t t
s,@BIND9_ISC_BUILDINCLUDE@,$BIND9_ISC_BUILDINCLUDE,;t t
s,@BIND9_ISCCC_BUILDINCLUDE@,$BIND9_ISCCC_BUILDINCLUDE,;t t
@ -29097,6 +29167,124 @@ echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
fi
done
_ACEOF
cat >>$CONFIG_STATUS <<\_ACEOF
#
# CONFIG_COMMANDS section.
#
for ac_file in : $CONFIG_COMMANDS; do test "x$ac_file" = x: && continue
ac_dest=`echo "$ac_file" | sed 's,:.*,,'`
ac_source=`echo "$ac_file" | sed 's,[^:]*:,,'`
ac_dir=`(dirname "$ac_dest") 2>/dev/null ||
$as_expr X"$ac_dest" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$ac_dest" : 'X\(//\)[^/]' \| \
X"$ac_dest" : 'X\(//\)$' \| \
X"$ac_dest" : 'X\(/\)' \| \
. : '\(.\)' 2>/dev/null ||
echo X"$ac_dest" |
sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
/^X\(\/\/\)[^/].*/{ s//\1/; q; }
/^X\(\/\/\)$/{ s//\1/; q; }
/^X\(\/\).*/{ s//\1/; q; }
s/.*/./; q'`
{ if $as_mkdir_p; then
mkdir -p "$ac_dir"
else
as_dir="$ac_dir"
as_dirs=
while test ! -d "$as_dir"; do
as_dirs="$as_dir $as_dirs"
as_dir=`(dirname "$as_dir") 2>/dev/null ||
$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$as_dir" : 'X\(//\)[^/]' \| \
X"$as_dir" : 'X\(//\)$' \| \
X"$as_dir" : 'X\(/\)' \| \
. : '\(.\)' 2>/dev/null ||
echo X"$as_dir" |
sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; }
/^X\(\/\/\)[^/].*/{ s//\1/; q; }
/^X\(\/\/\)$/{ s//\1/; q; }
/^X\(\/\).*/{ s//\1/; q; }
s/.*/./; q'`
done
test ! -n "$as_dirs" || mkdir $as_dirs
fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5
echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;}
{ (exit 1); exit 1; }; }; }
ac_builddir=.
if test "$ac_dir" != .; then
ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'`
# A "../" for each directory in $ac_dir_suffix.
ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'`
else
ac_dir_suffix= ac_top_builddir=
fi
case $srcdir in
.) # No --srcdir option. We are building in place.
ac_srcdir=.
if test -z "$ac_top_builddir"; then
ac_top_srcdir=.
else
ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'`
fi ;;
[\\/]* | ?:[\\/]* ) # Absolute path.
ac_srcdir=$srcdir$ac_dir_suffix;
ac_top_srcdir=$srcdir ;;
*) # Relative path.
ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix
ac_top_srcdir=$ac_top_builddir$srcdir ;;
esac
# Do not use `cd foo && pwd` to compute absolute paths, because
# the directories may not exist.
case `pwd` in
.) ac_abs_builddir="$ac_dir";;
*)
case "$ac_dir" in
.) ac_abs_builddir=`pwd`;;
[\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";;
*) ac_abs_builddir=`pwd`/"$ac_dir";;
esac;;
esac
case $ac_abs_builddir in
.) ac_abs_top_builddir=${ac_top_builddir}.;;
*)
case ${ac_top_builddir}. in
.) ac_abs_top_builddir=$ac_abs_builddir;;
[\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;;
*) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;;
esac;;
esac
case $ac_abs_builddir in
.) ac_abs_srcdir=$ac_srcdir;;
*)
case $ac_srcdir in
.) ac_abs_srcdir=$ac_abs_builddir;;
[\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;;
*) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;;
esac;;
esac
case $ac_abs_builddir in
.) ac_abs_top_srcdir=$ac_top_srcdir;;
*)
case $ac_top_srcdir in
.) ac_abs_top_srcdir=$ac_abs_builddir;;
[\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;;
*) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;;
esac;;
esac
{ echo "$as_me:$LINENO: executing $ac_dest commands" >&5
echo "$as_me: executing $ac_dest commands" >&6;}
case $ac_dest in
chmod ) chmod a+x isc-config.sh ;;
esac
done
_ACEOF
cat >>$CONFIG_STATUS <<\_ACEOF
@ -29304,7 +29492,6 @@ echo "$as_me: error: $ac_sub_configure failed for $ac_dir" >&2;}
done
fi
chmod a+x isc-config.sh
# Tell Emacs to edit this file in shell mode.
# Local Variables:

1686
doc/arm/Bv9ARM.ch01.html
View file

File diff suppressed because it is too large Load diff

451
doc/arm/Bv9ARM.ch02.html
View file

@ -1,295 +1,156 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>BIND Resource Requirements</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
REL="PREVIOUS"
TITLE="Introduction "
HREF="Bv9ARM.ch01.html"><LINK
REL="NEXT"
TITLE="Name Server Configuration"
HREF="Bv9ARM.ch03.html"></HEAD
><BODY
CLASS="chapter"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>BIND 9 Administrator Reference Manual</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch01.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch03.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="chapter"
><H1
><A
NAME="ch02"
></A
>Chapter 2. <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> Resource Requirements</H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>2.1. <A
HREF="Bv9ARM.ch02.html#AEN228"
>Hardware requirements</A
></DT
><DT
>2.2. <A
HREF="Bv9ARM.ch02.html#AEN236"
>CPU Requirements</A
></DT
><DT
>2.3. <A
HREF="Bv9ARM.ch02.html#AEN240"
>Memory Requirements</A
></DT
><DT
>2.4. <A
HREF="Bv9ARM.ch02.html#AEN247"
>Name Server Intensive Environment Issues</A
></DT
><DT
>2.5. <A
HREF="Bv9ARM.ch02.html#AEN250"
>Supported Operating Systems</A
></DT
></DL
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN228"
>2.1. Hardware requirements</A
></H1
><P
><ACRONYM
CLASS="acronym"
>DNS</ACRONYM
> hardware requirements have traditionally been quite modest.
For many installations, servers that have been pensioned off from
active duty have performed admirably as <ACRONYM
CLASS="acronym"
>DNS</ACRONYM
> servers.</P
><P
>The DNSSEC and IPv6 features of <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 may prove to be quite
CPU intensive however, so organizations that make heavy use of these
features may wish to consider larger systems for these applications.
<ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 is fully multithreaded, allowing full utilization of
multiprocessor systems for installations that need it.</P
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN236"
>2.2. CPU Requirements</A
></H1
><P
>CPU requirements for <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 range from i486-class machines
for serving of static zones without caching, to enterprise-class
machines if you intend to process many dynamic updates and DNSSEC
signed zones, serving many thousands of queries per second.</P
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN240"
>2.3. Memory Requirements</A
></H1
><P
>The memory of the server has to be large enough to fit the
cache and zones loaded off disk. The <B
CLASS="command"
>max-cache-size</B
>
option can be used to limit the amount of memory used by the cache,
at the expense of reducing cache hit rates and causing more <ACRONYM
CLASS="acronym"
>DNS</ACRONYM
>
traffic.
Additionally, if additional section caching
(<A
HREF="Bv9ARM.ch06.html#acache"
>Section 6.2.16.18</A
>) is enabled,
the <B
CLASS="command"
>max-acache-size</B
> can be used to limit the amount
of memory used by the mechanism.
It is still good practice to have enough memory to load
all zone and cache data into memory &#8212; unfortunately, the best way
to determine this for a given installation is to watch the name server
in operation. After a few weeks the server process should reach
a relatively stable size where entries are expiring from the cache as
fast as they are being inserted.</P
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN247"
>2.4. Name Server Intensive Environment Issues</A
></H1
><P
>For name server intensive environments, there are two alternative
configurations that may be used. The first is where clients and
any second-level internal name servers query a main name server, which
has enough memory to build a large cache. This approach minimizes
the bandwidth used by external name lookups. The second alternative
is to set up second-level internal name servers to make queries independently.
In this configuration, none of the individual machines needs to
have as much memory or CPU power as in the first alternative, but
this has the disadvantage of making many more external queries,
as none of the name servers share their cached data.</P
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN250"
>2.5. Supported Operating Systems</A
></H1
><P
>ISC <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 compiles and runs on a large number
of Unix-like operating system and on Windows NT / 2000. For an up-to-date
list of supported systems, see the README file in the top level directory
of the BIND 9 source distribution.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="Bv9ARM.ch01.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="Bv9ARM.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="Bv9ARM.ch03.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Introduction</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Name Server Configuration</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Chapter 2. BIND Resource Requirements</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="prev" href="Bv9ARM.ch01.html" title="Chapter 1. Introduction">
<link rel="next" href="Bv9ARM.ch03.html" title="Chapter 3. Name Server Configuration">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center">Chapter 2. <span class="acronym">BIND</span> Resource Requirements</th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="Bv9ARM.ch01.html">Prev</a> </td>
<th width="60%" align="center"> </th>
<td width="20%" align="right"> <a accesskey="n" href="Bv9ARM.ch03.html">Next</a>
</td>
</tr>
</table>
<hr>
</div>
<div class="chapter" lang="en">
<div class="titlepage"><div><div><h2 class="title">
<a name="Bv9ARM.ch02"></a>Chapter 2. <span class="acronym">BIND</span> Resource Requirements</h2></div></div></div>
<div class="toc">
<p><b>Table of Contents</b></p>
<dl>
<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2536987">Hardware requirements</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2537014">CPU Requirements</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2537027">Memory Requirements</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2537051">Name Server Intensive Environment Issues</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2537130">Supported Operating Systems</a></span></dt>
</dl>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2536987"></a>Hardware requirements</h2></div></div></div>
<p>
<span class="acronym">DNS</span> hardware requirements have
traditionally been quite modest.
For many installations, servers that have been pensioned off from
active duty have performed admirably as <span class="acronym">DNS</span> servers.
</p>
<p>
The DNSSEC and IPv6 features of <span class="acronym">BIND</span> 9
may prove to be quite
CPU intensive however, so organizations that make heavy use of these
features may wish to consider larger systems for these applications.
<span class="acronym">BIND</span> 9 is fully multithreaded, allowing
full utilization of
multiprocessor systems for installations that need it.
</p>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2537014"></a>CPU Requirements</h2></div></div></div>
<p>
CPU requirements for <span class="acronym">BIND</span> 9 range from
i486-class machines
for serving of static zones without caching, to enterprise-class
machines if you intend to process many dynamic updates and DNSSEC
signed zones, serving many thousands of queries per second.
</p>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2537027"></a>Memory Requirements</h2></div></div></div>
<p>
The memory of the server has to be large enough to fit the
cache and zones loaded off disk. The <span><strong class="command">max-cache-size</strong></span>
option can be used to limit the amount of memory used by the cache,
at the expense of reducing cache hit rates and causing more <span class="acronym">DNS</span>
traffic.
Additionally, if additional section caching
(<a href="Bv9ARM.ch06.html#acache" title="Additional Section Caching">the section called &#8220;Additional Section Caching&#8221;</a>) is enabled,
the <span><strong class="command">max-acache-size</strong></span> can be used to
limit the amount
of memory used by the mechanism.
It is still good practice to have enough memory to load
all zone and cache data into memory &#8212; unfortunately, the best
way
to determine this for a given installation is to watch the name server
in operation. After a few weeks the server process should reach
a relatively stable size where entries are expiring from the cache as
fast as they are being inserted.
</p>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2537051"></a>Name Server Intensive Environment Issues</h2></div></div></div>
<p>
For name server intensive environments, there are two alternative
configurations that may be used. The first is where clients and
any second-level internal name servers query a main name server, which
has enough memory to build a large cache. This approach minimizes
the bandwidth used by external name lookups. The second alternative
is to set up second-level internal name servers to make queries
independently.
In this configuration, none of the individual machines needs to
have as much memory or CPU power as in the first alternative, but
this has the disadvantage of making many more external queries,
as none of the name servers share their cached data.
</p>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2537130"></a>Supported Operating Systems</h2></div></div></div>
<p>
ISC <span class="acronym">BIND</span> 9 compiles and runs on a large
number
of Unix-like operating system and on Windows NT / 2000. For an
up-to-date
list of supported systems, see the README file in the top level
directory
of the BIND 9 source distribution.
</p>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="Bv9ARM.ch01.html">Prev</a> </td>
<td width="20%" align="center"> </td>
<td width="40%" align="right"> <a accesskey="n" href="Bv9ARM.ch03.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">Chapter 1. Introduction </td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"> Chapter 3. Name Server Configuration</td>
</tr>
</table>
</div>
</body>
</html>

2368
doc/arm/Bv9ARM.ch03.html
View file

File diff suppressed because it is too large Load diff

2382
doc/arm/Bv9ARM.ch04.html
View file

File diff suppressed because it is too large Load diff

407
doc/arm/Bv9ARM.ch05.html
View file

@ -1,265 +1,142 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>The BIND 9 Lightweight Resolver</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
REL="PREVIOUS"
TITLE="Advanced DNS Features"
HREF="Bv9ARM.ch04.html"><LINK
REL="NEXT"
TITLE="BIND 9 Configuration Reference"
HREF="Bv9ARM.ch06.html"></HEAD
><BODY
CLASS="chapter"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>BIND 9 Administrator Reference Manual</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch04.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch06.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="chapter"
><H1
><A
NAME="ch05"
></A
>Chapter 5. The <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 Lightweight Resolver</H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>5.1. <A
HREF="Bv9ARM.ch05.html#AEN1077"
>The Lightweight Resolver Library</A
></DT
><DT
>5.2. <A
HREF="Bv9ARM.ch05.html#lwresd"
>Running a Resolver Daemon</A
></DT
></DL
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN1077"
>5.1. The Lightweight Resolver Library</A
></H1
><P
>Traditionally applications have been linked with a stub resolver
library that sends recursive DNS queries to a local caching name
server.</P
><P
>IPv6 once introduced new complexity into the resolution process,
such as following A6 chains and DNAME records, and simultaneous
lookup of IPv4 and IPv6 addresses. Though most of the complexity was
then removed, these are hard or impossible
to implement in a traditional stub resolver.</P
><P
>Instead, <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 provides resolution services to local clients
using a combination of a lightweight resolver library and a resolver
daemon process running on the local host. These communicate using
a simple UDP-based protocol, the "lightweight resolver protocol"
that is distinct from and simpler than the full DNS protocol.</P
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="lwresd"
>5.2. Running a Resolver Daemon</A
></H1
><P
>To use the lightweight resolver interface, the system must
run the resolver daemon <B
CLASS="command"
>lwresd</B
> or a local
name server configured with a <B
CLASS="command"
>lwres</B
> statement.</P
><P
>By default, applications using the lightweight resolver library will make
UDP requests to the IPv4 loopback address (127.0.0.1) on port 921. The
address can be overridden by <B
CLASS="command"
>lwserver</B
> lines in
<TT
CLASS="filename"
>/etc/resolv.conf</TT
>.</P
><P
>The daemon currently only looks in the DNS, but in the future
it may use other sources such as <TT
CLASS="filename"
>/etc/hosts</TT
>,
NIS, etc.</P
><P
>The <B
CLASS="command"
>lwresd</B
> daemon is essentially a
caching-only name server that responds to requests using the lightweight
resolver protocol rather than the DNS protocol. Because it needs
to run on each host, it is designed to require no or minimal configuration.
Unless configured otherwise, it uses the name servers listed on
<B
CLASS="command"
>nameserver</B
> lines in <TT
CLASS="filename"
>/etc/resolv.conf</TT
>
as forwarders, but is also capable of doing the resolution autonomously if
none are specified.</P
><P
>The <B
CLASS="command"
>lwresd</B
> daemon may also be configured with a
<TT
CLASS="filename"
>named.conf</TT
> style configuration file, in
<TT
CLASS="filename"
>/etc/lwresd.conf</TT
> by default. A name server may also
be configured to act as a lightweight resolver daemon using the
<B
CLASS="command"
>lwres</B
> statement in <TT
CLASS="filename"
>named.conf</TT
>.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="Bv9ARM.ch04.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="Bv9ARM.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="Bv9ARM.ch06.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Advanced DNS Features</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 Configuration Reference</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Chapter 5. The BIND 9 Lightweight Resolver</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="prev" href="Bv9ARM.ch04.html" title="Chapter 4. Advanced DNS Features">
<link rel="next" href="Bv9ARM.ch06.html" title="Chapter 6. BIND 9 Configuration Reference">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center">Chapter 5. The <span class="acronym">BIND</span> 9 Lightweight Resolver</th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="Bv9ARM.ch04.html">Prev</a> </td>
<th width="60%" align="center"> </th>
<td width="20%" align="right"> <a accesskey="n" href="Bv9ARM.ch06.html">Next</a>
</td>
</tr>
</table>
<hr>
</div>
<div class="chapter" lang="en">
<div class="titlepage"><div><div><h2 class="title">
<a name="Bv9ARM.ch05"></a>Chapter 5. The <span class="acronym">BIND</span> 9 Lightweight Resolver</h2></div></div></div>
<div class="toc">
<p><b>Table of Contents</b></p>
<dl>
<dt><span class="sect1"><a href="Bv9ARM.ch05.html#id2541275">The Lightweight Resolver Library</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch05.html#lwresd">Running a Resolver Daemon</a></span></dt>
</dl>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2541275"></a>The Lightweight Resolver Library</h2></div></div></div>
<p>
Traditionally applications have been linked with a stub resolver
library that sends recursive DNS queries to a local caching name
server.
</p>
<p>
IPv6 once introduced new complexity into the resolution process,
such as following A6 chains and DNAME records, and simultaneous
lookup of IPv4 and IPv6 addresses. Though most of the complexity was
then removed, these are hard or impossible
to implement in a traditional stub resolver.
</p>
<p>
Instead, <span class="acronym">BIND</span> 9 provides resolution
services to local clients
using a combination of a lightweight resolver library and a resolver
daemon process running on the local host. These communicate using
a simple UDP-based protocol, the "lightweight resolver protocol"
that is distinct from and simpler than the full DNS protocol.
</p>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="lwresd"></a>Running a Resolver Daemon</h2></div></div></div>
<p>
To use the lightweight resolver interface, the system must
run the resolver daemon <span><strong class="command">lwresd</strong></span> or a
local
name server configured with a <span><strong class="command">lwres</strong></span>
statement.
</p>
<p>
By default, applications using the lightweight resolver library will
make
UDP requests to the IPv4 loopback address (127.0.0.1) on port 921.
The
address can be overridden by <span><strong class="command">lwserver</strong></span>
lines in
<code class="filename">/etc/resolv.conf</code>.
</p>
<p>
The daemon currently only looks in the DNS, but in the future
it may use other sources such as <code class="filename">/etc/hosts</code>,
NIS, etc.
</p>
<p>
The <span><strong class="command">lwresd</strong></span> daemon is essentially a
caching-only name server that responds to requests using the
lightweight
resolver protocol rather than the DNS protocol. Because it needs
to run on each host, it is designed to require no or minimal
configuration.
Unless configured otherwise, it uses the name servers listed on
<span><strong class="command">nameserver</strong></span> lines in <code class="filename">/etc/resolv.conf</code>
as forwarders, but is also capable of doing the resolution
autonomously if
none are specified.
</p>
<p>
The <span><strong class="command">lwresd</strong></span> daemon may also be
configured with a
<code class="filename">named.conf</code> style configuration file,
in
<code class="filename">/etc/lwresd.conf</code> by default. A name
server may also
be configured to act as a lightweight resolver daemon using the
<span><strong class="command">lwres</strong></span> statement in <code class="filename">named.conf</code>.
</p>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="Bv9ARM.ch04.html">Prev</a> </td>
<td width="20%" align="center"> </td>
<td width="40%" align="right"> <a accesskey="n" href="Bv9ARM.ch06.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">Chapter 4. Advanced DNS Features </td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"> Chapter 6. <span class="acronym">BIND</span> 9 Configuration Reference</td>
</tr>
</table>
</div>
</body>
</html>

18778
doc/arm/Bv9ARM.ch06.html
View file

File diff suppressed because it is too large Load diff

712
doc/arm/Bv9ARM.ch07.html
View file

@ -1,160 +1,85 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>BIND 9 Security Considerations</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
REL="PREVIOUS"
TITLE="BIND 9 Configuration Reference"
HREF="Bv9ARM.ch06.html"><LINK
REL="NEXT"
TITLE="Troubleshooting"
HREF="Bv9ARM.ch08.html"></HEAD
><BODY
CLASS="chapter"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>BIND 9 Administrator Reference Manual</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch06.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch08.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="chapter"
><H1
><A
NAME="ch07"
></A
>Chapter 7. <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 Security Considerations</H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>7.1. <A
HREF="Bv9ARM.ch07.html#Access_Control_Lists"
>Access Control Lists</A
></DT
><DT
>7.2. <A
HREF="Bv9ARM.ch07.html#AEN4841"
><B
CLASS="command"
>chroot</B
> and <B
CLASS="command"
>setuid</B
> (for
UNIX servers)</A
></DT
><DT
>7.3. <A
HREF="Bv9ARM.ch07.html#dynamic_update_security"
>Dynamic Update Security</A
></DT
></DL
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="Access_Control_Lists"
>7.1. Access Control Lists</A
></H1
><P
>Access Control Lists (ACLs), are address match lists that
you can set up and nickname for future use in <B
CLASS="command"
>allow-notify</B
>,
<B
CLASS="command"
>allow-query</B
>, <B
CLASS="command"
>allow-recursion</B
>,
<B
CLASS="command"
>blackhole</B
>, <B
CLASS="command"
>allow-transfer</B
>,
etc.</P
><P
>Using ACLs allows you to have finer control over who can access
your name server, without cluttering up your config files with huge
lists of IP addresses.</P
><P
>It is a <SPAN
CLASS="emphasis"
><I
CLASS="emphasis"
>good idea</I
></SPAN
> to use ACLs, and to
control access to your server. Limiting access to your server by
outside parties can help prevent spoofing and DoS attacks against
your server.</P
><P
>Here is an example of how to properly apply ACLs:</P
><PRE
CLASS="programlisting"
>&#13;// Set up an ACL named "bogusnets" that will block RFC1918 space,
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Chapter 7. BIND 9 Security Considerations</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="prev" href="Bv9ARM.ch06.html" title="Chapter 6. BIND 9 Configuration Reference">
<link rel="next" href="Bv9ARM.ch08.html" title="Chapter 8. Troubleshooting">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center">Chapter 7. <span class="acronym">BIND</span> 9 Security Considerations</th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="Bv9ARM.ch06.html">Prev</a> </td>
<th width="60%" align="center"> </th>
<td width="20%" align="right"> <a accesskey="n" href="Bv9ARM.ch08.html">Next</a>
</td>
</tr>
</table>
<hr>
</div>
<div class="chapter" lang="en">
<div class="titlepage"><div><div><h2 class="title">
<a name="Bv9ARM.ch07"></a>Chapter 7. <span class="acronym">BIND</span> 9 Security Considerations</h2></div></div></div>
<div class="toc">
<p><b>Table of Contents</b></p>
<dl>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#Access_Control_Lists">Access Control Lists</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#id2559133"><span><strong class="command">chroot</strong></span> and <span><strong class="command">setuid</strong></span> (for
UNIX servers)</a></span></dt>
<dd><dl>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2559278">The <span><strong class="command">chroot</strong></span> Environment</a></span></dt>
<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2559338">Using the <span><strong class="command">setuid</strong></span> Function</a></span></dt>
</dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch07.html#dynamic_update_security">Dynamic Update Security</a></span></dt>
</dl>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="Access_Control_Lists"></a>Access Control Lists</h2></div></div></div>
<p>
Access Control Lists (ACLs), are address match lists that
you can set up and nickname for future use in <span><strong class="command">allow-notify</strong></span>,
<span><strong class="command">allow-query</strong></span>, <span><strong class="command">allow-recursion</strong></span>,
<span><strong class="command">blackhole</strong></span>, <span><strong class="command">allow-transfer</strong></span>,
etc.
</p>
<p>
Using ACLs allows you to have finer control over who can access
your name server, without cluttering up your config files with huge
lists of IP addresses.
</p>
<p>
It is a <span class="emphasis"><em>good idea</em></span> to use ACLs, and to
control access to your server. Limiting access to your server by
outside parties can help prevent spoofing and DoS attacks against
your server.
</p>
<p>
Here is an example of how to properly apply ACLs:
</p>
<pre class="programlisting">
// Set up an ACL named "bogusnets" that will block RFC1918 space,
// which is commonly used in spoofing attacks.
acl bogusnets { 0.0.0.0/8; 1.0.0.0/8; 2.0.0.0/8; 192.0.2.0/24; 224.0.0.0/3; 10.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16; };
// Set up an ACL called our-nets. Replace this with the real IP numbers.
@ -173,330 +98,149 @@ zone "example.com" {
file "m/example.com";
allow-query { any; };
};
</PRE
><P
>This allows recursive queries of the server from the outside
unless recursion has been previously disabled.</P
><P
>For more information on how to use ACLs to protect your server,
see the <SPAN
CLASS="emphasis"
><I
CLASS="emphasis"
>AUSCERT</I
></SPAN
> advisory at
<A
HREF="ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004.dns_dos"
TARGET="_top"
>ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004.dns_dos</A
></P
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4841"
>7.2. <B
CLASS="command"
>chroot</B
> and <B
CLASS="command"
>setuid</B
> (for
UNIX servers)</A
></H1
><P
>On UNIX servers, it is possible to run <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> in a <SPAN
CLASS="emphasis"
><I
CLASS="emphasis"
>chrooted</I
></SPAN
> environment
(<B
CLASS="command"
>chroot()</B
>) by specifying the "<CODE
CLASS="option"
>-t</CODE
>"
option. This can help improve system security by placing <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> in
a "sandbox", which will limit the damage done if a server is compromised.</P
><P
>Another useful feature in the UNIX version of <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> is the
ability to run the daemon as an unprivileged user ( <CODE
CLASS="option"
>-u</CODE
> <TT
CLASS="replaceable"
><I
>user</I
></TT
> ).
We suggest running as an unprivileged user when using the <B
CLASS="command"
>chroot</B
> feature.</P
><P
>Here is an example command line to load <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> in a <B
CLASS="command"
>chroot()</B
> sandbox,
<B
CLASS="command"
>/var/named</B
>, and to run <B
CLASS="command"
>named</B
> <B
CLASS="command"
>setuid</B
> to
user 202:</P
><P
><KBD
CLASS="userinput"
>/usr/local/bin/named -u 202 -t /var/named</KBD
></P
><DIV
CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4864"
>7.2.1. The <B
CLASS="command"
>chroot</B
> Environment</A
></H2
><P
>In order for a <B
CLASS="command"
>chroot()</B
> environment to
work properly in a particular directory
(for example, <TT
CLASS="filename"
>/var/named</TT
>),
you will need to set up an environment that includes everything
<ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> needs to run.
From <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
>'s point of view, <TT
CLASS="filename"
>/var/named</TT
> is
the root of the filesystem. You will need to adjust the values of options like
like <B
CLASS="command"
>directory</B
> and <B
CLASS="command"
>pid-file</B
> to account
for this.
</P
><P
>&#13;Unlike with earlier versions of BIND, you will typically
<SPAN
CLASS="emphasis"
><I
CLASS="emphasis"
>not</I
></SPAN
> need to compile <B
CLASS="command"
>named</B
>
statically nor install shared libraries under the new root.
However, depending on your operating system, you may need
to set up things like
<TT
CLASS="filename"
>/dev/zero</TT
>,
<TT
CLASS="filename"
>/dev/random</TT
>,
<TT
CLASS="filename"
>/dev/log</TT
>, and/or
<TT
CLASS="filename"
>/etc/localtime</TT
>.
</P
></DIV
><DIV
CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4882"
>7.2.2. Using the <B
CLASS="command"
>setuid</B
> Function</A
></H2
><P
>Prior to running the <B
CLASS="command"
>named</B
> daemon, use
the <B
CLASS="command"
>touch</B
> utility (to change file access and
modification times) or the <B
CLASS="command"
>chown</B
> utility (to
set the user id and/or group id) on files
to which you want <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
>
to write. Note that if the <B
CLASS="command"
>named</B
> daemon is running as an
unprivileged user, it will not be able to bind to new restricted ports if the
server is reloaded.</P
></DIV
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="dynamic_update_security"
>7.3. Dynamic Update Security</A
></H1
><P
>Access to the dynamic
update facility should be strictly limited. In earlier versions of
<ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> the only way to do this was based on the IP
address of the host requesting the update, by listing an IP address or
network prefix in the <B
CLASS="command"
>allow-update</B
> zone option.
This method is insecure since the source address of the update UDP packet
is easily forged. Also note that if the IP addresses allowed by the
<B
CLASS="command"
>allow-update</B
> option include the address of a slave
server which performs forwarding of dynamic updates, the master can be
trivially attacked by sending the update to the slave, which will
forward it to the master with its own source IP address causing the
master to approve it without question.</P
><P
>For these reasons, we strongly recommend that updates be
cryptographically authenticated by means of transaction signatures
(TSIG). That is, the <B
CLASS="command"
>allow-update</B
> option should
list only TSIG key names, not IP addresses or network
prefixes. Alternatively, the new <B
CLASS="command"
>update-policy</B
>
option can be used.</P
><P
>Some sites choose to keep all dynamically updated DNS data
in a subdomain and delegate that subdomain to a separate zone. This
way, the top-level zone containing critical data such as the IP addresses
of public web and mail servers need not allow dynamic update at
all.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="Bv9ARM.ch06.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="Bv9ARM.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="Bv9ARM.ch08.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 Configuration Reference</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Troubleshooting</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
</pre>
<p>
This allows recursive queries of the server from the outside
unless recursion has been previously disabled.
</p>
<p>
For more information on how to use ACLs to protect your server,
see the <span class="emphasis"><em>AUSCERT</em></span> advisory at
<a href="ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004.dns_dos" target="_top">
ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004.dns_dos
</a>
</p>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2559133"></a><span><strong class="command">chroot</strong></span> and <span><strong class="command">setuid</strong></span> (for
UNIX servers)</h2></div></div></div>
<p>
On UNIX servers, it is possible to run <span class="acronym">BIND</span> in a <span class="emphasis"><em>chrooted</em></span> environment
(<span><strong class="command">chroot()</strong></span>) by specifying the "<code class="option">-t</code>"
option. This can help improve system security by placing <span class="acronym">BIND</span> in
a "sandbox", which will limit the damage done if a server is
compromised.
</p>
<p>
Another useful feature in the UNIX version of <span class="acronym">BIND</span> is the
ability to run the daemon as an unprivileged user ( <code class="option">-u</code> <em class="replaceable"><code>user</code></em> ).
We suggest running as an unprivileged user when using the <span><strong class="command">chroot</strong></span> feature.
</p>
<p>
Here is an example command line to load <span class="acronym">BIND</span> in a <span><strong class="command">chroot()</strong></span> sandbox,
<span><strong class="command">/var/named</strong></span>, and to run <span><strong class="command">named</strong></span> <span><strong class="command">setuid</strong></span> to
user 202:
</p>
<p>
<strong class="userinput"><code>/usr/local/bin/named -u 202 -t /var/named</code></strong>
</p>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="id2559278"></a>The <span><strong class="command">chroot</strong></span> Environment</h3></div></div></div>
<p>
In order for a <span><strong class="command">chroot()</strong></span> environment
to
work properly in a particular directory
(for example, <code class="filename">/var/named</code>),
you will need to set up an environment that includes everything
<span class="acronym">BIND</span> needs to run.
From <span class="acronym">BIND</span>'s point of view, <code class="filename">/var/named</code> is
the root of the filesystem. You will need to adjust the values of
options like
like <span><strong class="command">directory</strong></span> and <span><strong class="command">pid-file</strong></span> to account
for this.
</p>
<p>
Unlike with earlier versions of BIND, you will typically
<span class="emphasis"><em>not</em></span> need to compile <span><strong class="command">named</strong></span>
statically nor install shared libraries under the new root.
However, depending on your operating system, you may need
to set up things like
<code class="filename">/dev/zero</code>,
<code class="filename">/dev/random</code>,
<code class="filename">/dev/log</code>, and/or
<code class="filename">/etc/localtime</code>.
</p>
</div>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="id2559338"></a>Using the <span><strong class="command">setuid</strong></span> Function</h3></div></div></div>
<p>
Prior to running the <span><strong class="command">named</strong></span> daemon,
use
the <span><strong class="command">touch</strong></span> utility (to change file
access and
modification times) or the <span><strong class="command">chown</strong></span>
utility (to
set the user id and/or group id) on files
to which you want <span class="acronym">BIND</span>
to write. Note that if the <span><strong class="command">named</strong></span>
daemon is running as an
unprivileged user, it will not be able to bind to new restricted
ports if the
server is reloaded.
</p>
</div>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="dynamic_update_security"></a>Dynamic Update Security</h2></div></div></div>
<p>
Access to the dynamic
update facility should be strictly limited. In earlier versions of
<span class="acronym">BIND</span> the only way to do this was
based on the IP
address of the host requesting the update, by listing an IP address
or
network prefix in the <span><strong class="command">allow-update</strong></span>
zone option.
This method is insecure since the source address of the update UDP
packet
is easily forged. Also note that if the IP addresses allowed by the
<span><strong class="command">allow-update</strong></span> option include the
address of a slave
server which performs forwarding of dynamic updates, the master can
be
trivially attacked by sending the update to the slave, which will
forward it to the master with its own source IP address causing the
master to approve it without question.
</p>
<p>
For these reasons, we strongly recommend that updates be
cryptographically authenticated by means of transaction signatures
(TSIG). That is, the <span><strong class="command">allow-update</strong></span>
option should
list only TSIG key names, not IP addresses or network
prefixes. Alternatively, the new <span><strong class="command">update-policy</strong></span>
option can be used.
</p>
<p>
Some sites choose to keep all dynamically updated DNS data
in a subdomain and delegate that subdomain to a separate zone. This
way, the top-level zone containing critical data such as the IP
addresses
of public web and mail servers need not allow dynamic update at
all.
</p>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="Bv9ARM.ch06.html">Prev</a> </td>
<td width="20%" align="center"> </td>
<td width="40%" align="right"> <a accesskey="n" href="Bv9ARM.ch08.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">Chapter 6. <span class="acronym">BIND</span> 9 Configuration Reference </td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"> Chapter 8. Troubleshooting</td>
</tr>
</table>
</div>
</body>
</html>

411
doc/arm/Bv9ARM.ch08.html
View file

@ -1,272 +1,139 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Troubleshooting</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="BIND 9 Administrator Reference Manual"
HREF="Bv9ARM.html"><LINK
REL="PREVIOUS"
TITLE="BIND 9 Security Considerations"
HREF="Bv9ARM.ch07.html"><LINK
REL="NEXT"
TITLE="Appendices"
HREF="Bv9ARM.ch09.html"></HEAD
><BODY
CLASS="chapter"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>BIND 9 Administrator Reference Manual</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch07.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="Bv9ARM.ch09.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="chapter"
><H1
><A
NAME="ch08"
></A
>Chapter 8. Troubleshooting</H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>8.1. <A
HREF="Bv9ARM.ch08.html#AEN4903"
>Common Problems</A
></DT
><DT
>8.2. <A
HREF="Bv9ARM.ch08.html#AEN4908"
>Incrementing and Changing the Serial Number</A
></DT
><DT
>8.3. <A
HREF="Bv9ARM.ch08.html#AEN4913"
>Where Can I Get Help?</A
></DT
></DL
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4903"
>8.1. Common Problems</A
></H1
><DIV
CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN4905"
>8.1.1. It's not working; how can I figure out what's wrong?</A
></H2
><P
>The best solution to solving installation and
configuration issues is to take preventative measures by setting
up logging files beforehand. The log files provide a
source of hints and information that can be used to figure out
what went wrong and how to fix the problem.</P
></DIV
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4908"
>8.2. Incrementing and Changing the Serial Number</A
></H1
><P
>Zone serial numbers are just numbers-they aren't date
related. A lot of people set them to a number that represents a
date, usually of the form YYYYMMDDRR. A number of people have been
testing these numbers for Y2K compliance and have set the number
to the year 2000 to see if it will work. They then try to restore
the old serial number. This will cause problems because serial
numbers are used to indicate that a zone has been updated. If the
serial number on the slave server is lower than the serial number
on the master, the slave server will attempt to update its copy of
the zone.</P
><P
>Setting the serial number to a lower number on the master
server than the slave server means that the slave will not perform
updates to its copy of the zone.</P
><P
>The solution to this is to add 2147483647 (2^31-1) to the
number, reload the zone and make sure all slaves have updated to
the new zone serial number, then reset the number to what you want
it to be, and reload the zone again.</P
></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="AEN4913"
>8.3. Where Can I Get Help?</A
></H1
><P
>The Internet Software Consortium (<ACRONYM
CLASS="acronym"
>ISC</ACRONYM
>) offers a wide range
of support and service agreements for <ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> and <ACRONYM
CLASS="acronym"
>DHCP</ACRONYM
> servers. Four
levels of premium support are available and each level includes
support for all <ACRONYM
CLASS="acronym"
>ISC</ACRONYM
> programs, significant discounts on products
and training, and a recognized priority on bug fixes and
non-funded feature requests. In addition, <ACRONYM
CLASS="acronym"
>ISC</ACRONYM
> offers a standard
support agreement package which includes services ranging from bug
fix announcements to remote support. It also includes training in
<ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> and <ACRONYM
CLASS="acronym"
>DHCP</ACRONYM
>.</P
><P
>To discuss arrangements for support, contact
<A
HREF="mailto:info@isc.org"
TARGET="_top"
>info@isc.org</A
> or visit the
<ACRONYM
CLASS="acronym"
>ISC</ACRONYM
> web page at <A
HREF="http://www.isc.org/services/support/"
TARGET="_top"
>http://www.isc.org/services/support/</A
>
to read more.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="Bv9ARM.ch07.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="Bv9ARM.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="Bv9ARM.ch09.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><ACRONYM
CLASS="acronym"
>BIND</ACRONYM
> 9 Security Considerations</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Appendices</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000-2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Chapter 8. Troubleshooting</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="prev" href="Bv9ARM.ch07.html" title="Chapter 7. BIND 9 Security Considerations">
<link rel="next" href="Bv9ARM.ch09.html" title="Appendix A. Appendices">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center">Chapter 8. Troubleshooting</th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="Bv9ARM.ch07.html">Prev</a> </td>
<th width="60%" align="center"> </th>
<td width="20%" align="right"> <a accesskey="n" href="Bv9ARM.ch09.html">Next</a>
</td>
</tr>
</table>
<hr>
</div>
<div class="chapter" lang="en">
<div class="titlepage"><div><div><h2 class="title">
<a name="Bv9ARM.ch08"></a>Chapter 8. Troubleshooting</h2></div></div></div>
<div class="toc">
<p><b>Table of Contents</b></p>
<dl>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2559415">Common Problems</a></span></dt>
<dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch08.html#id2559420">It's not working; how can I figure out what's wrong?</a></span></dt></dl></dd>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2559432">Incrementing and Changing the Serial Number</a></span></dt>
<dt><span class="sect1"><a href="Bv9ARM.ch08.html#id2559449">Where Can I Get Help?</a></span></dt>
</dl>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2559415"></a>Common Problems</h2></div></div></div>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="id2559420"></a>It's not working; how can I figure out what's wrong?</h3></div></div></div>
<p>
The best solution to solving installation and
configuration issues is to take preventative measures by setting
up logging files beforehand. The log files provide a
source of hints and information that can be used to figure out
what went wrong and how to fix the problem.
</p>
</div>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2559432"></a>Incrementing and Changing the Serial Number</h2></div></div></div>
<p>
Zone serial numbers are just numbers-they aren't date
related. A lot of people set them to a number that represents a
date, usually of the form YYYYMMDDRR. A number of people have been
testing these numbers for Y2K compliance and have set the number
to the year 2000 to see if it will work. They then try to restore
the old serial number. This will cause problems because serial
numbers are used to indicate that a zone has been updated. If the
serial number on the slave server is lower than the serial number
on the master, the slave server will attempt to update its copy of
the zone.
</p>
<p>
Setting the serial number to a lower number on the master
server than the slave server means that the slave will not perform
updates to its copy of the zone.
</p>
<p>
The solution to this is to add 2147483647 (2^31-1) to the
number, reload the zone and make sure all slaves have updated to
the new zone serial number, then reset the number to what you want
it to be, and reload the zone again.
</p>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id2559449"></a>Where Can I Get Help?</h2></div></div></div>
<p>
The Internet Software Consortium
(<span class="acronym">ISC</span>) offers a wide range
of support and service agreements for <span class="acronym">BIND</span> and <span class="acronym">DHCP</span> servers. Four
levels of premium support are available and each level includes
support for all <span class="acronym">ISC</span> programs,
significant discounts on products
and training, and a recognized priority on bug fixes and
non-funded feature requests. In addition, <span class="acronym">ISC</span> offers a standard
support agreement package which includes services ranging from bug
fix announcements to remote support. It also includes training in
<span class="acronym">BIND</span> and <span class="acronym">DHCP</span>.
</p>
<p>
To discuss arrangements for support, contact
<a href="mailto:info@isc.org" target="_top">info@isc.org</a> or visit the
<span class="acronym">ISC</span> web page at <a href="http://www.isc.org/services/support/" target="_top">
http://www.isc.org/services/support/
</a>
to read more.
</p>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="Bv9ARM.ch07.html">Prev</a> </td>
<td width="20%" align="center"> </td>
<td width="40%" align="right"> <a accesskey="n" href="Bv9ARM.ch09.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">Chapter 7. <span class="acronym">BIND</span> 9 Security Considerations </td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"> Appendix A. Appendices</td>
</tr>
</table>
</div>
</body>
</html>

2212
doc/arm/Bv9ARM.ch09.html
View file

File diff suppressed because it is too large Load diff

1078
doc/arm/Bv9ARM.html
View file

File diff suppressed because it is too large Load diff

173
lib/lwres/man/lwres.3
View file

@ -1,159 +1,94 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres.3,v 1.20 2005/04/07 03:50:00 marka Exp $
.\"
.TH "LWRES" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres \- introduction to the lightweight resolver library
.SH SYNOPSIS
\fB#include <lwres/lwres.h>\fR
.SH "SYNOPSIS"
#include <lwres/lwres\&.h>
.sp
.SH "DESCRIPTION"
.PP
The BIND 9 lightweight resolver library is a simple, name service
independent stub resolver library. It provides hostname-to-address
and address-to-hostname lookup services to applications by
transmitting lookup requests to a resolver daemon
\fBlwresd\fR
running on the local host. The resover daemon performs the
lookup using the DNS or possibly other name service protocols,
and returns the results to the application through the library.
The library and resolver daemon communicate using a simple
UDP-based protocol.
The BIND 9 lightweight resolver library is a simple, name service independent stub resolver library\&. It provides hostname\-to\-address and address\-to\-hostname lookup services to applications by transmitting lookup requests to a resolver daemon \fBlwresd\fR running on the local host\&. The resover daemon performs the lookup using the DNS or possibly other name service protocols, and returns the results to the application through the library\&. The library and resolver daemon communicate using a simple UDP\-based protocol\&.
.SH "OVERVIEW"
.PP
The lwresd library implements multiple name service APIs.
The standard
\fBgethostbyname()\fR,
\fBgethostbyaddr()\fR,
\fBgethostbyname_r()\fR,
\fBgethostbyaddr_r()\fR,
\fBgetaddrinfo()\fR,
\fBgetipnodebyname()\fR,
and
\fBgetipnodebyaddr()\fR
functions are all supported. To allow the lwres library to coexist
with system libraries that define functions of the same name,
the library defines these functions with names prefixed by
lwres_.
To define the standard names, applications must include the
header file
\fI<lwres/netdb.h>\fR
which contains macro definitions mapping the standard function names
into
lwres_
prefixed ones. Operating system vendors who integrate the lwres
library into their base distributions should rename the functions
in the library proper so that the renaming macros are not needed.
The lwresd library implements multiple name service APIs\&. The standard \fBgethostbyname()\fR, \fBgethostbyaddr()\fR, \fBgethostbyname_r()\fR, \fBgethostbyaddr_r()\fR, \fBgetaddrinfo()\fR, \fBgetipnodebyname()\fR, and \fBgetipnodebyaddr()\fR functions are all supported\&. To allow the lwres library to coexist with system libraries that define functions of the same name, the library defines these functions with names prefixed by lwres_\&. To define the standard names, applications must include the header file \fI<lwres/netdb\&.h>\fR which contains macro definitions mapping the standard function names into lwres_ prefixed ones\&. Operating system vendors who integrate the lwres library into their base distributions should rename the functions in the library proper so that the renaming macros are not needed\&.
.PP
The library also provides a native API consisting of the functions
\fBlwres_getaddrsbyname()\fR
and
\fBlwres_getnamebyaddr()\fR.
These may be called by applications that require more detailed
control over the lookup process than the standard functions
provide.
The library also provides a native API consisting of the functions \fBlwres_getaddrsbyname()\fR and \fBlwres_getnamebyaddr()\fR\&. These may be called by applications that require more detailed control over the lookup process than the standard functions provide\&.
.PP
In addition to these name service independent address lookup
functions, the library implements a new, experimental API
for looking up arbitrary DNS resource records, using the
\fBlwres_getaddrsbyname()\fR
function.
In addition to these name service independent address lookup functions, the library implements a new, experimental API for looking up arbitrary DNS resource records, using the \fBlwres_getaddrsbyname()\fR function\&.
.PP
Finally, there is a low-level API for converting lookup
requests and responses to and from raw lwres protocol packets.
This API can be used by clients requiring nonblocking operation,
and is also used when implementing the server side of the lwres
protocol, for example in the
\fBlwresd\fR
resolver daemon. The use of this low-level API in clients
and servers is outlined in the following sections.
Finally, there is a low\-level API for converting lookup requests and responses to and from raw lwres protocol packets\&. This API can be used by clients requiring nonblocking operation, and is also used when implementing the server side of the lwres protocol, for example in the \fBlwresd\fR resolver daemon\&. The use of this low\-level API in clients and servers is outlined in the following sections\&.
.SH "CLIENT-SIDE LOW-LEVEL API CALL FLOW"
.PP
When a client program wishes to make an lwres request using the
native low-level API, it typically performs the following
sequence of actions.
When a client program wishes to make an lwres request using the native low\-level API, it typically performs the following sequence of actions\&.
.PP
(1) Allocate or use an existing \fBlwres_packet_t\fR,
called pkt below.
(1) Allocate or use an existing \fBlwres_packet_t\fR, called \fIpkt\fR below\&.
.PP
(2) Set \fBpkt.recvlength\fR to the maximum length we will accept.
This is done so the receiver of our packets knows how large our receive
buffer is. The "default" is a constant in
\fIlwres.h\fR: LWRES_RECVLENGTH = 4096.
(2) Set pkt\&.recvlength to the maximum length we will accept\&. This is done so the receiver of our packets knows how large our receive buffer is\&. The "default" is a constant in \fIlwres\&.h\fR: \fBLWRES_RECVLENGTH = 4096\fR\&.
.PP
(3) Set \fBpkt.serial\fR
to a unique serial number. This value is echoed
back to the application by the remote server.
(3) Set pkt\&.serial to a unique serial number\&. This value is echoed back to the application by the remote server\&.
.PP
(4) Set \fBpkt.pktflags\fR. Usually this is set to 0.
(4) Set pkt\&.pktflags\&. Usually this is set to 0\&.
.PP
(5) Set \fBpkt.result\fR to 0.
(5) Set pkt\&.result to 0\&.
.PP
(6) Call \fBlwres_*request_render()\fR,
or marshall in the data using the primitives
such as \fBlwres_packet_render()\fR
and storing the packet data.
(6) Call \fBlwres_*request_render()\fR, or marshall in the data using the primitives such as \fBlwres_packet_render()\fR and storing the packet data\&.
.PP
(7) Transmit the resulting buffer.
(7) Transmit the resulting buffer\&.
.PP
(8) Call \fBlwres_*response_parse()\fR
to parse any packets received.
(8) Call \fBlwres_*response_parse()\fR to parse any packets received\&.
.PP
(9) Verify that the opcode and serial match a request, and process the
packet specific information contained in the body.
(9) Verify that the opcode and serial match a request, and process the packet specific information contained in the body\&.
.SH "SERVER-SIDE LOW-LEVEL API CALL FLOW"
.PP
When implementing the server side of the lightweight resolver
protocol using the lwres library, a sequence of actions like the
following is typically involved in processing each request packet.
When implementing the server side of the lightweight resolver protocol using the lwres library, a sequence of actions like the following is typically involved in processing each request packet\&.
.PP
Note that the same \fBlwres_packet_t\fR is used
in both the \fB_parse()\fR and \fB_render()\fR calls,
with only a few modifications made
to the packet header's contents between uses. This method is recommended
as it keeps the serial, opcode, and other fields correct.
Note that the same \fBlwres_packet_t\fR is used in both the \fB_parse()\fR and \fB_render()\fR calls, with only a few modifications made to the packet header's contents between uses\&. This method is recommended as it keeps the serial, opcode, and other fields correct\&.
.PP
(1) When a packet is received, call \fBlwres_*request_parse()\fR to
unmarshall it. This returns a \fBlwres_packet_t\fR (also called pkt, below)
as well as a data specific type, such as \fBlwres_gabnrequest_t\fR.
(1) When a packet is received, call \fBlwres_*request_parse()\fR to unmarshall it\&. This returns a \fBlwres_packet_t\fR (also called \fIpkt\fR, below) as well as a data specific type, such as \fBlwres_gabnrequest_t\fR\&.
.PP
(2) Process the request in the data specific type.
(2) Process the request in the data specific type\&.
.PP
(3) Set the \fBpkt.result\fR,
\fBpkt.recvlength\fR as above. All other fields can
be left untouched since they were filled in by the \fB*_parse()\fR call
above. If using \fBlwres_*response_render()\fR,
\fBpkt.pktflags\fR will be set up
properly. Otherwise, the LWRES_LWPACKETFLAG_RESPONSE bit should be
set.
(3) Set the pkt\&.result, pkt\&.recvlength as above\&. All other fields can be left untouched since they were filled in by the \fB*_parse()\fR call above\&. If using \fBlwres_*response_render()\fR, pkt\&.pktflags will be set up properly\&. Otherwise, the \fBLWRES_LWPACKETFLAG_RESPONSE\fR bit should be set\&.
.PP
(4) Call the data specific rendering function, such as
\fBlwres_gabnresponse_render()\fR.
(4) Call the data specific rendering function, such as \fBlwres_gabnresponse_render()\fR\&.
.PP
(5) Send the resulting packet to the client.
(5) Send the resulting packet to the client\&.
.PP
.SH "SEE ALSO"
.PP
\fBlwres_gethostent\fR(3),
\fBlwres_getipnode\fR(3),
\fBlwres_getnameinfo\fR(3),
\fBlwres_noop\fR(3),
\fBlwres_gabn\fR(3),
\fBlwres_gnba\fR(3),
\fBlwres_context\fR(3),
\fBlwres_config\fR(3),
\fBresolver\fR(5),
\fBlwresd\fR(8).
\fBlwres_gethostent\fR(3), \fBlwres_getipnode\fR(3), \fBlwres_getnameinfo\fR(3), \fBlwres_noop\fR(3), \fBlwres_gabn\fR(3), \fBlwres_gnba\fR(3), \fBlwres_context\fR(3), \fBlwres_config\fR(3), \fBresolver\fR(5), \fBlwresd\fR(8)\&.

608
lib/lwres/man/lwres.html
View file

@ -1,433 +1,217 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456614"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres &#8212; introduction to the lightweight resolver library</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis"><pre class="funcsynopsisinfo">#include &lt;lwres/lwres.h&gt;</pre></div>
</div>
<div class="refsect1" lang="en">
<a name="id2512598"></a><h2>DESCRIPTION</h2>
<p>
The BIND 9 lightweight resolver library is a simple, name service
independent stub resolver library. It provides hostname-to-address
and address-to-hostname lookup services to applications by
transmitting lookup requests to a resolver daemon
<span><strong class="command">lwresd</strong></span>
running on the local host. The resover daemon performs the
lookup using the DNS or possibly other name service protocols,
and returns the results to the application through the library.
The library and resolver daemon communicate using a simple
UDP-based protocol.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2512611"></a><h2>OVERVIEW</h2>
<p>
The lwresd library implements multiple name service APIs.
The standard
<code class="function">gethostbyname()</code>,
<code class="function">gethostbyaddr()</code>,
<code class="function">gethostbyname_r()</code>,
<code class="function">gethostbyaddr_r()</code>,
<code class="function">getaddrinfo()</code>,
<code class="function">getipnodebyname()</code>,
and
<code class="function">getipnodebyaddr()</code>
functions are all supported. To allow the lwres library to coexist
with system libraries that define functions of the same name,
the library defines these functions with names prefixed by
<code class="literal">lwres_</code>.
To define the standard names, applications must include the
header file
<code class="filename">&lt;lwres/netdb.h&gt;</code>
which contains macro definitions mapping the standard function names
into
<code class="literal">lwres_</code>
prefixed ones. Operating system vendors who integrate the lwres
library into their base distributions should rename the functions
in the library proper so that the renaming macros are not needed.
</p>
<p>
The library also provides a native API consisting of the functions
<code class="function">lwres_getaddrsbyname()</code>
and
<code class="function">lwres_getnamebyaddr()</code>.
These may be called by applications that require more detailed
control over the lookup process than the standard functions
provide.
</p>
<p>
In addition to these name service independent address lookup
functions, the library implements a new, experimental API
for looking up arbitrary DNS resource records, using the
<code class="function">lwres_getaddrsbyname()</code>
function.
</p>
<p>
Finally, there is a low-level API for converting lookup
requests and responses to and from raw lwres protocol packets.
This API can be used by clients requiring nonblocking operation,
and is also used when implementing the server side of the lwres
protocol, for example in the
<span><strong class="command">lwresd</strong></span>
resolver daemon. The use of this low-level API in clients
and servers is outlined in the following sections.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514108"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2>
<p>
When a client program wishes to make an lwres request using the
native low-level API, it typically performs the following
sequence of actions.
</p>
<p>
(1) Allocate or use an existing <span class="type">lwres_packet_t</span>,
called <code class="varname">pkt</code> below.
</p>
<p>
(2) Set <em class="structfield"><code>pkt.recvlength</code></em> to the maximum length
we will accept.
This is done so the receiver of our packets knows how large our receive
buffer is. The "default" is a constant in
<code class="filename">lwres.h</code>: <code class="constant">LWRES_RECVLENGTH = 4096</code>.
</p>
<p>
(3) Set <em class="structfield"><code>pkt.serial</code></em>
to a unique serial number. This value is echoed
back to the application by the remote server.
</p>
<p>
(4) Set <em class="structfield"><code>pkt.pktflags</code></em>. Usually this is set to
0.
</p>
<p>
(5) Set <em class="structfield"><code>pkt.result</code></em> to 0.
</p>
<p>
(6) Call <code class="function">lwres_*request_render()</code>,
or marshall in the data using the primitives
such as <code class="function">lwres_packet_render()</code>
and storing the packet data.
</p>
<p>
(7) Transmit the resulting buffer.
</p>
<p>
(8) Call <code class="function">lwres_*response_parse()</code>
to parse any packets received.
</p>
<p>
(9) Verify that the opcode and serial match a request, and process the
packet specific information contained in the body.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514325"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2>
<p>
When implementing the server side of the lightweight resolver
protocol using the lwres library, a sequence of actions like the
following is typically involved in processing each request packet.
</p>
<p>
Note that the same <span class="type">lwres_packet_t</span> is used
in both the <code class="function">_parse()</code> and <code class="function">_render()</code> calls,
with only a few modifications made
to the packet header's contents between uses. This method is
recommended
as it keeps the serial, opcode, and other fields correct.
</p>
<p>
(1) When a packet is received, call <code class="function">lwres_*request_parse()</code> to
unmarshall it. This returns a <span class="type">lwres_packet_t</span> (also called <code class="varname">pkt</code>, below)
as well as a data specific type, such as <span class="type">lwres_gabnrequest_t</span>.
</p>
<p>
(2) Process the request in the data specific type.
</p>
<p>
(3) Set the <em class="structfield"><code>pkt.result</code></em>,
<em class="structfield"><code>pkt.recvlength</code></em> as above. All other fields
can
be left untouched since they were filled in by the <code class="function">*_parse()</code> call
above. If using <code class="function">lwres_*response_render()</code>,
<em class="structfield"><code>pkt.pktflags</code></em> will be set up
properly. Otherwise, the <code class="constant">LWRES_LWPACKETFLAG_RESPONSE</code> bit should be
set.
</p>
<p>
(4) Call the data specific rendering function, such as
<code class="function">lwres_gabnresponse_render()</code>.
</p>
<p>
(5) Send the resulting packet to the client.
</p>
<p></p>
</div>
<div class="refsect1" lang="en">
<a name="id2514408"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_gethostent</span>(3)</span>,
<!-- $Id: lwres.html,v 1.10 2005/04/07 03:50:00 marka Exp $ -->
<span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>,
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres&nbsp;--&nbsp;introduction to the lightweight resolver library</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN11"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN12"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/lwres.h&gt;</PRE
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN14"
></A
><H2
>DESCRIPTION</H2
><P
>The BIND 9 lightweight resolver library is a simple, name service
independent stub resolver library. It provides hostname-to-address
and address-to-hostname lookup services to applications by
transmitting lookup requests to a resolver daemon
<B
CLASS="COMMAND"
>lwresd</B
>
running on the local host. The resover daemon performs the
lookup using the DNS or possibly other name service protocols,
and returns the results to the application through the library.
The library and resolver daemon communicate using a simple
UDP-based protocol.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN18"
></A
><H2
>OVERVIEW</H2
><P
>The lwresd library implements multiple name service APIs.
The standard
<CODE
CLASS="FUNCTION"
>gethostbyname()</CODE
>,
<CODE
CLASS="FUNCTION"
>gethostbyaddr()</CODE
>,
<CODE
CLASS="FUNCTION"
>gethostbyname_r()</CODE
>,
<CODE
CLASS="FUNCTION"
>gethostbyaddr_r()</CODE
>,
<CODE
CLASS="FUNCTION"
>getaddrinfo()</CODE
>,
<CODE
CLASS="FUNCTION"
>getipnodebyname()</CODE
>,
and
<CODE
CLASS="FUNCTION"
>getipnodebyaddr()</CODE
>
functions are all supported. To allow the lwres library to coexist
with system libraries that define functions of the same name,
the library defines these functions with names prefixed by
<TT
CLASS="LITERAL"
>lwres_</TT
>.
To define the standard names, applications must include the
header file
<TT
CLASS="FILENAME"
>&lt;lwres/netdb.h&gt;</TT
>
which contains macro definitions mapping the standard function names
into
<TT
CLASS="LITERAL"
>lwres_</TT
>
prefixed ones. Operating system vendors who integrate the lwres
library into their base distributions should rename the functions
in the library proper so that the renaming macros are not needed.</P
><P
>The library also provides a native API consisting of the functions
<CODE
CLASS="FUNCTION"
>lwres_getaddrsbyname()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_getnamebyaddr()</CODE
>.
These may be called by applications that require more detailed
control over the lookup process than the standard functions
provide.</P
><P
>In addition to these name service independent address lookup
functions, the library implements a new, experimental API
for looking up arbitrary DNS resource records, using the
<CODE
CLASS="FUNCTION"
>lwres_getaddrsbyname()</CODE
>
function.</P
><P
>Finally, there is a low-level API for converting lookup
requests and responses to and from raw lwres protocol packets.
This API can be used by clients requiring nonblocking operation,
and is also used when implementing the server side of the lwres
protocol, for example in the
<B
CLASS="COMMAND"
>lwresd</B
>
resolver daemon. The use of this low-level API in clients
and servers is outlined in the following sections.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN38"
></A
><H2
>CLIENT-SIDE LOW-LEVEL API CALL FLOW</H2
><P
>When a client program wishes to make an lwres request using the
native low-level API, it typically performs the following
sequence of actions.</P
><P
>(1) Allocate or use an existing <SPAN
CLASS="TYPE"
>lwres_packet_t</SPAN
>,
called <CODE
CLASS="VARNAME"
>pkt</CODE
> below.</P
><P
>(2) Set <CODE
CLASS="STRUCTFIELD"
>pkt.recvlength</CODE
> to the maximum length we will accept.
This is done so the receiver of our packets knows how large our receive
buffer is. The "default" is a constant in
<TT
CLASS="FILENAME"
>lwres.h</TT
>: <CODE
CLASS="CONSTANT"
>LWRES_RECVLENGTH = 4096</CODE
>.</P
><P
>(3) Set <CODE
CLASS="STRUCTFIELD"
>pkt.serial</CODE
>
to a unique serial number. This value is echoed
back to the application by the remote server.</P
><P
>(4) Set <CODE
CLASS="STRUCTFIELD"
>pkt.pktflags</CODE
>. Usually this is set to 0.</P
><P
>(5) Set <CODE
CLASS="STRUCTFIELD"
>pkt.result</CODE
> to 0.</P
><P
>(6) Call <CODE
CLASS="FUNCTION"
>lwres_*request_render()</CODE
>,
or marshall in the data using the primitives
such as <CODE
CLASS="FUNCTION"
>lwres_packet_render()</CODE
>
and storing the packet data.</P
><P
>(7) Transmit the resulting buffer.</P
><P
>(8) Call <CODE
CLASS="FUNCTION"
>lwres_*response_parse()</CODE
>
to parse any packets received.</P
><P
>(9) Verify that the opcode and serial match a request, and process the
packet specific information contained in the body.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN61"
></A
><H2
>SERVER-SIDE LOW-LEVEL API CALL FLOW</H2
><P
>When implementing the server side of the lightweight resolver
protocol using the lwres library, a sequence of actions like the
following is typically involved in processing each request packet.</P
><P
>Note that the same <SPAN
CLASS="TYPE"
>lwres_packet_t</SPAN
> is used
in both the <CODE
CLASS="FUNCTION"
>_parse()</CODE
> and <CODE
CLASS="FUNCTION"
>_render()</CODE
> calls,
with only a few modifications made
to the packet header's contents between uses. This method is recommended
as it keeps the serial, opcode, and other fields correct.</P
><P
>(1) When a packet is received, call <CODE
CLASS="FUNCTION"
>lwres_*request_parse()</CODE
> to
unmarshall it. This returns a <SPAN
CLASS="TYPE"
>lwres_packet_t</SPAN
> (also called <CODE
CLASS="VARNAME"
>pkt</CODE
>, below)
as well as a data specific type, such as <SPAN
CLASS="TYPE"
>lwres_gabnrequest_t</SPAN
>.</P
><P
>(2) Process the request in the data specific type.</P
><P
>(3) Set the <CODE
CLASS="STRUCTFIELD"
>pkt.result</CODE
>,
<CODE
CLASS="STRUCTFIELD"
>pkt.recvlength</CODE
> as above. All other fields can
be left untouched since they were filled in by the <CODE
CLASS="FUNCTION"
>*_parse()</CODE
> call
above. If using <CODE
CLASS="FUNCTION"
>lwres_*response_render()</CODE
>,
<CODE
CLASS="STRUCTFIELD"
>pkt.pktflags</CODE
> will be set up
properly. Otherwise, the <CODE
CLASS="CONSTANT"
>LWRES_LWPACKETFLAG_RESPONSE</CODE
> bit should be
set.</P
><P
>(4) Call the data specific rendering function, such as
<CODE
CLASS="FUNCTION"
>lwres_gabnresponse_render()</CODE
>.</P
><P
>(5) Send the resulting packet to the client.</P
><P
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN85"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_gethostent</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_getnameinfo</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_getipnode</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_noop</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_getnameinfo</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_gabn</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_noop</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_gnba</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_gabn</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_context</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_gnba</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_config</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_context</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_config</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwresd</span>(8)</span>.
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>resolver</SPAN
>(5)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwresd</SPAN
>(8)</SPAN
>.&#13;</P
></DIV
></BODY
></HTML
>
</p>
</div>
</div></body>
</html>

343
lib/lwres/man/lwres_buffer.3
View file

@ -1,279 +1,126 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_buffer.3,v 1.18 2005/04/07 03:50:00 marka Exp $
.\"
.TH "LWRES_BUFFER" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_BUFFER" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_buffer_init, lwres_buffer_invalidate, lwres_buffer_add, lwres_buffer_subtract, lwres_buffer_clear, lwres_buffer_first, lwres_buffer_forward, lwres_buffer_back, lwres_buffer_getuint8, lwres_buffer_putuint8, lwres_buffer_getuint16, lwres_buffer_putuint16, lwres_buffer_getuint32, lwres_buffer_putuint32, lwres_buffer_putmem, lwres_buffer_getmem \- lightweight resolver buffer management
.SH SYNOPSIS
\fB#include <lwres/lwbuffer.h>
.SH "SYNOPSIS"
#include <lwres/lwbuffer\&.h>
.sp
.na
void
lwres_buffer_init(lwres_buffer_t *b, void *base, unsigned int length);
.ad
.sp
.na
void
lwres_buffer_invalidate(lwres_buffer_t *b);
.ad
.sp
.na
void
lwres_buffer_add(lwres_buffer_t *b, unsigned int n);
.ad
.sp
.na
void
lwres_buffer_subtract(lwres_buffer_t *b, unsigned int n);
.ad
.sp
.na
void
lwres_buffer_clear(lwres_buffer_t *b);
.ad
.sp
.na
void
lwres_buffer_first(lwres_buffer_t *b);
.ad
.sp
.na
void
lwres_buffer_forward(lwres_buffer_t *b, unsigned int n);
.ad
.sp
.na
void
lwres_buffer_back(lwres_buffer_t *b, unsigned int n);
.ad
.sp
.na
lwres_uint8_t
lwres_buffer_getuint8(lwres_buffer_t *b);
.ad
.sp
.na
void
lwres_buffer_putuint8(lwres_buffer_t *b, lwres_uint8_t val);
.ad
.sp
.na
lwres_uint16_t
lwres_buffer_getuint16(lwres_buffer_t *b);
.ad
.sp
.na
void
lwres_buffer_putuint16(lwres_buffer_t *b, lwres_uint16_t val);
.ad
.sp
.na
lwres_uint32_t
lwres_buffer_getuint32(lwres_buffer_t *b);
.ad
.sp
.na
void
lwres_buffer_putuint32(lwres_buffer_t *b, lwres_uint32_t val);
.ad
.sp
.na
void
lwres_buffer_putmem(lwres_buffer_t *b, const unsigned char *base, unsigned int length);
.ad
.sp
.na
void
lwres_buffer_getmem(lwres_buffer_t *b, unsigned char *base, unsigned int length);
.ad
\fR
.HP 24
void\ \fBlwres_buffer_init\fR\ (lwres_buffer_t\ *\fIb\fR, void\ *\fIbase\fR, unsigned\ int\ \fIlength\fR);
.HP 30
void\ \fBlwres_buffer_invalidate\fR\ (lwres_buffer_t\ *\fIb\fR);
.HP 23
void\ \fBlwres_buffer_add\fR\ (lwres_buffer_t\ *\fIb\fR, unsigned\ int\ \fIn\fR);
.HP 28
void\ \fBlwres_buffer_subtract\fR\ (lwres_buffer_t\ *\fIb\fR, unsigned\ int\ \fIn\fR);
.HP 25
void\ \fBlwres_buffer_clear\fR\ (lwres_buffer_t\ *\fIb\fR);
.HP 25
void\ \fBlwres_buffer_first\fR\ (lwres_buffer_t\ *\fIb\fR);
.HP 27
void\ \fBlwres_buffer_forward\fR\ (lwres_buffer_t\ *\fIb\fR, unsigned\ int\ \fIn\fR);
.HP 24
void\ \fBlwres_buffer_back\fR\ (lwres_buffer_t\ *\fIb\fR, unsigned\ int\ \fIn\fR);
.HP 37
lwres_uint8_t\ \fBlwres_buffer_getuint8\fR\ (lwres_buffer_t\ *\fIb\fR);
.HP 28
void\ \fBlwres_buffer_putuint8\fR\ (lwres_buffer_t\ *\fIb\fR, lwres_uint8_t\ \fIval\fR);
.HP 39
lwres_uint16_t\ \fBlwres_buffer_getuint16\fR\ (lwres_buffer_t\ *\fIb\fR);
.HP 29
void\ \fBlwres_buffer_putuint16\fR\ (lwres_buffer_t\ *\fIb\fR, lwres_uint16_t\ \fIval\fR);
.HP 39
lwres_uint32_t\ \fBlwres_buffer_getuint32\fR\ (lwres_buffer_t\ *\fIb\fR);
.HP 29
void\ \fBlwres_buffer_putuint32\fR\ (lwres_buffer_t\ *\fIb\fR, lwres_uint32_t\ \fIval\fR);
.HP 26
void\ \fBlwres_buffer_putmem\fR\ (lwres_buffer_t\ *\fIb\fR, const\ unsigned\ char\ *\fIbase\fR, unsigned\ int\ \fIlength\fR);
.HP 26
void\ \fBlwres_buffer_getmem\fR\ (lwres_buffer_t\ *\fIb\fR, unsigned\ char\ *\fIbase\fR, unsigned\ int\ \fIlength\fR);
.SH "DESCRIPTION"
.PP
These functions provide bounds checked access to a region of memory
where data is being read or written.
They are based on, and similar to, the
isc_buffer_
functions in the ISC library.
These functions provide bounds checked access to a region of memory where data is being read or written\&. They are based on, and similar to, the isc_buffer_ functions in the ISC library\&.
.PP
A buffer is a region of memory, together with a set of related
subregions.
The \fBused region\fR and the
\fBavailable\fR region are disjoint, and
their union is the buffer's region.
The used region extends from the beginning of the buffer region to the
last used byte.
The available region extends from one byte greater than the last used
byte to the end of the buffer's region.
The size of the used region can be changed using various
buffer commands.
Initially, the used region is empty.
A buffer is a region of memory, together with a set of related subregions\&. The \fIused region\fR and the \fIavailable\fR region are disjoint, and their union is the buffer's region\&. The used region extends from the beginning of the buffer region to the last used byte\&. The available region extends from one byte greater than the last used byte to the end of the buffer's region\&. The size of the used region can be changed using various buffer commands\&. Initially, the used region is empty\&.
.PP
The used region is further subdivided into two disjoint regions: the
\fBconsumed region\fR and the \fBremaining region\fR.
The union of these two regions is the used region.
The consumed region extends from the beginning of the used region to
the byte before the \fBcurrent\fR offset (if any).
The \fBremaining\fR region the current pointer to the end of the used
region.
The size of the consumed region can be changed using various
buffer commands.
Initially, the consumed region is empty.
The used region is further subdivided into two disjoint regions: the \fIconsumed region\fR and the \fIremaining region\fR\&. The union of these two regions is the used region\&. The consumed region extends from the beginning of the used region to the byte before the \fIcurrent\fR offset (if any)\&. The \fIremaining\fR region the current pointer to the end of the used region\&. The size of the consumed region can be changed using various buffer commands\&. Initially, the consumed region is empty\&.
.PP
The \fBactive region\fR is an (optional) subregion of the remaining
region.
It extends from the current offset to an offset in the
remaining region.
Initially, the active region is empty.
If the current offset advances beyond the chosen offset,
the active region will also be empty.
The \fIactive region\fR is an (optional) subregion of the remaining region\&. It extends from the current offset to an offset in the remaining region\&. Initially, the active region is empty\&. If the current offset advances beyond the chosen offset, the active region will also be empty\&.
.PP
.sp
.nf
/------------entire length---------------\\\\
/----- used region -----\\\\/-- available --\\\\
+----------------------------------------+
/\-\-\-\-\-\-\-\-\-\-\-\-entire length\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\\\\
/\-\-\-\-\- used region \-\-\-\-\-\\\\/\-\- available \-\-\\\\
+\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
| consumed | remaining | |
+----------------------------------------+
+\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
a b c d e
a == base of buffer.
b == current pointer. Can be anywhere between a and d.
c == active pointer. Meaningful between b and d.
d == used pointer.
e == length of buffer.
a-e == entire length of buffer.
a-d == used region.
a-b == consumed region.
b-d == remaining region.
b-c == optional active region.
.sp
.fi
.PP
\fBlwres_buffer_init()\fR
initializes the
\fBlwres_buffer_t\fR
\fI*b\fR
and assocates it with the memory region of size
\fIlength\fR
bytes starting at location
\fIbase.\fR
.nf
a == base of buffer\&.
b == current pointer\&. Can be anywhere between a and d\&.
c == active pointer\&. Meaningful between b and d\&.
d == used pointer\&.
e == length of buffer\&.
.fi
.PP
\fBlwres_buffer_invalidate()\fR
marks the buffer
\fI*b\fR
as invalid. Invalidating a buffer after use is not required,
but makes it possible to catch its possible accidental use.
.nf
a\-e == entire length of buffer\&.
a\-d == used region\&.
a\-b == consumed region\&.
b\-d == remaining region\&.
b\-c == optional active region\&.
.fi
.PP
The functions
\fBlwres_buffer_add()\fR
and
\fBlwres_buffer_subtract()\fR
respectively increase and decrease the used space in
buffer
\fI*b\fR
by
\fIn\fR
bytes.
\fBlwres_buffer_add()\fR
checks for buffer overflow and
\fBlwres_buffer_subtract()\fR
checks for underflow.
These functions do not allocate or deallocate memory.
They just change the value of
\fBused\fR.
\fBlwres_buffer_init()\fR initializes the \fBlwres_buffer_t\fR \fI*b\fR and assocates it with the memory region of size \fIlength\fR bytes starting at location \fIbase\&.\fR
.PP
A buffer is re-initialised by
\fBlwres_buffer_clear()\fR.
The function sets
\fBused\fR ,
\fBcurrent\fR
and
\fBactive\fR
to zero.
\fBlwres_buffer_invalidate()\fR marks the buffer \fI*b\fR as invalid\&. Invalidating a buffer after use is not required, but makes it possible to catch its possible accidental use\&.
.PP
\fBlwres_buffer_first\fR
makes the consumed region of buffer
\fI*p\fR
empty by setting
\fBcurrent\fR
to zero (the start of the buffer).
The functions \fBlwres_buffer_add()\fR and \fBlwres_buffer_subtract()\fR respectively increase and decrease the used space in buffer \fI*b\fR by \fIn\fR bytes\&. \fBlwres_buffer_add()\fR checks for buffer overflow and \fBlwres_buffer_subtract()\fR checks for underflow\&. These functions do not allocate or deallocate memory\&. They just change the value of used\&.
.PP
\fBlwres_buffer_forward()\fR
increases the consumed region of buffer
\fI*b\fR
by
\fIn\fR
bytes, checking for overflow.
Similarly,
\fBlwres_buffer_back()\fR
decreases buffer
\fIb\fR's
consumed region by
\fIn\fR
bytes and checks for underflow.
A buffer is re\-initialised by \fBlwres_buffer_clear()\fR\&. The function sets used, current and active to zero\&.
.PP
\fBlwres_buffer_getuint8()\fR
reads an unsigned 8-bit integer from
\fI*b\fR
and returns it.
\fBlwres_buffer_putuint8()\fR
writes the unsigned 8-bit integer
\fIval\fR
to buffer
\fI*b\fR.
\fBlwres_buffer_first\fR makes the consumed region of buffer \fI*p\fR empty by setting current to zero (the start of the buffer)\&.
.PP
\fBlwres_buffer_getuint16()\fR
and
\fBlwres_buffer_getuint32()\fR
are identical to
\fBlwres_buffer_putuint8()\fR
except that they respectively read an unsigned 16-bit or 32-bit integer
in network byte order from
\fIb\fR.
Similarly,
\fBlwres_buffer_putuint16()\fR
and
\fBlwres_buffer_putuint32()\fR
writes the unsigned 16-bit or 32-bit integer
\fIval\fR
to buffer
\fIb\fR,
in network byte order.
\fBlwres_buffer_forward()\fR increases the consumed region of buffer \fI*b\fR by \fIn\fR bytes, checking for overflow\&. Similarly, \fBlwres_buffer_back()\fR decreases buffer \fIb\fR's consumed region by \fIn\fR bytes and checks for underflow\&.
.PP
Arbitrary amounts of data are read or written from a lightweight
resolver buffer with
\fBlwres_buffer_getmem()\fR
and
\fBlwres_buffer_putmem()\fR
respectively.
\fBlwres_buffer_putmem()\fR
copies
\fIlength\fR
bytes of memory at
\fIbase\fR
to
\fIb\fR.
Conversely,
\fBlwres_buffer_getmem()\fR
copies
\fIlength\fR
bytes of memory from
\fIb\fR
to
\fIbase\fR.
\fBlwres_buffer_getuint8()\fR reads an unsigned 8\-bit integer from \fI*b\fR and returns it\&. \fBlwres_buffer_putuint8()\fR writes the unsigned 8\-bit integer \fIval\fR to buffer \fI*b\fR\&.
.PP
\fBlwres_buffer_getuint16()\fR and \fBlwres_buffer_getuint32()\fR are identical to \fBlwres_buffer_putuint8()\fR except that they respectively read an unsigned 16\-bit or 32\-bit integer in network byte order from \fIb\fR\&. Similarly, \fBlwres_buffer_putuint16()\fR and \fBlwres_buffer_putuint32()\fR writes the unsigned 16\-bit or 32\-bit integer \fIval\fR to buffer \fIb\fR, in network byte order\&.
.PP
Arbitrary amounts of data are read or written from a lightweight resolver buffer with \fBlwres_buffer_getmem()\fR and \fBlwres_buffer_putmem()\fR respectively\&. \fBlwres_buffer_putmem()\fR copies \fIlength\fR bytes of memory at \fIbase\fR to \fIb\fR\&. Conversely, \fBlwres_buffer_getmem()\fR copies \fIlength\fR bytes of memory from \fIb\fR to \fIbase\fR\&.

978
lib/lwres/man/lwres_buffer.html
View file

File diff suppressed because it is too large Load diff

131
lib/lwres/man/lwres_config.3
View file

@ -1,107 +1,72 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_config.3,v 1.18 2005/04/07 03:50:01 marka Exp $
.\"
.TH "LWRES_CONFIG" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_CONFIG" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get \- lightweight resolver configuration
.SH SYNOPSIS
\fB#include <lwres/lwres.h>
.SH "SYNOPSIS"
#include <lwres/lwres\&.h>
.sp
.na
void
lwres_conf_init(lwres_context_t *ctx);
.ad
.sp
.na
void
lwres_conf_clear(lwres_context_t *ctx);
.ad
.sp
.na
lwres_result_t
lwres_conf_parse(lwres_context_t *ctx, const char *filename);
.ad
.sp
.na
lwres_result_t
lwres_conf_print(lwres_context_t *ctx, FILE *fp);
.ad
.sp
.na
lwres_conf_t *
lwres_conf_get(lwres_context_t *ctx);
.ad
\fR
.HP 22
void\ \fBlwres_conf_init\fR\ (lwres_context_t\ *\fIctx\fR);
.HP 23
void\ \fBlwres_conf_clear\fR\ (lwres_context_t\ *\fIctx\fR);
.HP 33
lwres_result_t\ \fBlwres_conf_parse\fR\ (lwres_context_t\ *\fIctx\fR, const\ char\ *\fIfilename\fR);
.HP 33
lwres_result_t\ \fBlwres_conf_print\fR\ (lwres_context_t\ *\fIctx\fR, FILE\ *\fIfp\fR);
.HP 32
lwres_conf_t\ *\ \fBlwres_conf_get\fR\ (lwres_context_t\ *\fIctx\fR);
.SH "DESCRIPTION"
.PP
\fBlwres_conf_init()\fR
creates an empty
\fBlwres_conf_t\fR
structure for lightweight resolver context
\fIctx\fR.
\fBlwres_conf_init()\fR creates an empty \fBlwres_conf_t\fR structure for lightweight resolver context \fIctx\fR\&.
.PP
\fBlwres_conf_clear()\fR
frees up all the internal memory used by
that
\fBlwres_conf_t\fR
structure in resolver context
\fIctx\fR.
\fBlwres_conf_clear()\fR frees up all the internal memory used by that \fBlwres_conf_t\fR structure in resolver context \fIctx\fR\&.
.PP
\fBlwres_conf_parse()\fR
opens the file
\fIfilename\fR
and parses it to initialise the resolver context
\fIctx\fR's
\fBlwres_conf_t\fR
structure.
\fBlwres_conf_parse()\fR opens the file \fIfilename\fR and parses it to initialise the resolver context \fIctx\fR's \fBlwres_conf_t\fR structure\&.
.PP
\fBlwres_conf_print()\fR
prints the
\fBlwres_conf_t\fR
structure for resolver context
\fIctx\fR
to the
\fBFILE\fR
\fIfp\fR.
\fBlwres_conf_print()\fR prints the \fBlwres_conf_t\fR structure for resolver context \fIctx\fR to the \fBFILE\fR \fIfp\fR\&.
.SH "RETURN VALUES"
.PP
\fBlwres_conf_parse()\fR
returns
LWRES_R_SUCCESS
if it successfully read and parsed
\fIfilename\fR.
It returns
LWRES_R_FAILURE
if
\fIfilename\fR
could not be opened or contained incorrect
resolver statements.
\fBlwres_conf_parse()\fR returns \fBLWRES_R_SUCCESS\fR if it successfully read and parsed \fIfilename\fR\&. It returns \fBLWRES_R_FAILURE\fR if \fIfilename\fR could not be opened or contained incorrect resolver statements\&.
.PP
\fBlwres_conf_print()\fR
returns
LWRES_R_SUCCESS
unless an error occurred when converting the network addresses to a
numeric host address string.
If this happens, the function returns
LWRES_R_FAILURE.
\fBlwres_conf_print()\fR returns \fBLWRES_R_SUCCESS\fR unless an error occurred when converting the network addresses to a numeric host address string\&. If this happens, the function returns \fBLWRES_R_FAILURE\fR\&.
.SH "SEE ALSO"
.PP
\fBstdio\fR(3),
\fBresolver\fR(5).
\fBstdio\fR(3), \fBresolver\fR(5)\&.
.SH "FILES"
.PP
\fI/etc/resolv.conf\fR
\fI/etc/resolv\&.conf\fR

415
lib/lwres/man/lwres_config.html
View file

@ -1,282 +1,155 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_config.html,v 1.10 2005/04/07 03:50:01 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_config</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_config</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get&nbsp;--&nbsp;lightweight resolver configuration</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN15"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN16"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/lwres.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_conf_init</CODE
>(lwres_context_t *ctx);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_conf_clear</CODE
>(lwres_context_t *ctx);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_conf_parse</CODE
>(lwres_context_t *ctx, const char *filename);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_conf_print</CODE
>(lwres_context_t *ctx, FILE *fp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_conf_t *
lwres_conf_get</CODE
>(lwres_context_t *ctx);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN40"
></A
><H2
>DESCRIPTION</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_conf_init()</CODE
>
creates an empty
<SPAN
CLASS="TYPE"
>lwres_conf_t</SPAN
>
structure for lightweight resolver context
<CODE
CLASS="PARAMETER"
>ctx</CODE
>.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_conf_clear()</CODE
>
frees up all the internal memory used by
that
<SPAN
CLASS="TYPE"
>lwres_conf_t</SPAN
>
structure in resolver context
<CODE
CLASS="PARAMETER"
>ctx</CODE
>.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_conf_parse()</CODE
>
opens the file
<CODE
CLASS="PARAMETER"
>filename</CODE
>
and parses it to initialise the resolver context
<CODE
CLASS="PARAMETER"
>ctx</CODE
>'s
<SPAN
CLASS="TYPE"
>lwres_conf_t</SPAN
>
structure.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_conf_print()</CODE
>
prints the
<SPAN
CLASS="TYPE"
>lwres_conf_t</SPAN
>
structure for resolver context
<CODE
CLASS="PARAMETER"
>ctx</CODE
>
to the
<SPAN
CLASS="TYPE"
>FILE</SPAN
>
<CODE
CLASS="PARAMETER"
>fp</CODE
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN61"
></A
><H2
>RETURN VALUES</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_conf_parse()</CODE
>
returns
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>
if it successfully read and parsed
<CODE
CLASS="PARAMETER"
>filename</CODE
>.
It returns
<SPAN
CLASS="ERRORCODE"
>LWRES_R_FAILURE</SPAN
>
if
<CODE
CLASS="PARAMETER"
>filename</CODE
>
could not be opened or contained incorrect
resolver statements.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_conf_print()</CODE
>
returns
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>
unless an error occurred when converting the network addresses to a
numeric host address string.
If this happens, the function returns
<SPAN
CLASS="ERRORCODE"
>LWRES_R_FAILURE</SPAN
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN73"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>stdio</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>resolver</SPAN
>(5)</SPAN
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN82"
></A
><H2
>FILES</H2
><P
><TT
CLASS="FILENAME"
>/etc/resolv.conf</TT
></P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_config</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get &#8212; lightweight resolver configuration</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/lwres.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em"><tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_conf_init</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var><code>)</code>;</td>
</tr></table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em"><tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_conf_clear</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var><code>)</code>;</td>
</tr></table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_conf_parse</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>const char * </td>
<td>
<var class="pdparam">filename</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_conf_print</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>FILE * </td>
<td>
<var class="pdparam">fp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0"><tr>
<td><code class="funcdef">
lwres_conf_t *
<b class="fsfunc">lwres_conf_get</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var><code>)</code>;</td>
</tr></table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2514055"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_conf_init()</code>
creates an empty
<span class="type">lwres_conf_t</span>
structure for lightweight resolver context
<em class="parameter"><code>ctx</code></em>.
</p>
<p><code class="function">lwres_conf_clear()</code>
frees up all the internal memory used by
that
<span class="type">lwres_conf_t</span>
structure in resolver context
<em class="parameter"><code>ctx</code></em>.
</p>
<p><code class="function">lwres_conf_parse()</code>
opens the file
<em class="parameter"><code>filename</code></em>
and parses it to initialise the resolver context
<em class="parameter"><code>ctx</code></em>'s
<span class="type">lwres_conf_t</span>
structure.
</p>
<p><code class="function">lwres_conf_print()</code>
prints the
<span class="type">lwres_conf_t</span>
structure for resolver context
<em class="parameter"><code>ctx</code></em>
to the
<span class="type">FILE</span>
<em class="parameter"><code>fp</code></em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514122"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_conf_parse()</code>
returns <span class="errorcode">LWRES_R_SUCCESS</span>
if it successfully read and parsed
<em class="parameter"><code>filename</code></em>.
It returns <span class="errorcode">LWRES_R_FAILURE</span>
if <em class="parameter"><code>filename</code></em>
could not be opened or contained incorrect
resolver statements.
</p>
<p><code class="function">lwres_conf_print()</code>
returns <span class="errorcode">LWRES_R_SUCCESS</span>
unless an error occurred when converting the network addresses to a
numeric host address string.
If this happens, the function returns
<span class="errorcode">LWRES_R_FAILURE</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514228"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">stdio</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514253"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
</div></body>
</html>

225
lib/lwres/man/lwres_context.3
View file

@ -1,196 +1,81 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_context.3,v 1.20 2005/04/07 03:50:01 marka Exp $
.\"
.TH "LWRES_CONTEXT" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_CONTEXT" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv \- lightweight resolver context management
.SH SYNOPSIS
\fB#include <lwres/lwres.h>
.SH "SYNOPSIS"
#include <lwres/lwres\&.h>
.sp
.na
lwres_result_t
lwres_context_create(lwres_context_t **contextp, void *arg, lwres_malloc_t malloc_function, lwres_free_t free_function);
.ad
.sp
.na
lwres_result_t
lwres_context_destroy(lwres_context_t **contextp);
.ad
.sp
.na
void
lwres_context_initserial(lwres_context_t *ctx, lwres_uint32_t serial);
.ad
.sp
.na
lwres_uint32_t
lwres_context_nextserial(lwres_context_t *ctx);
.ad
.sp
.na
void
lwres_context_freemem(lwres_context_t *ctx, void *mem, size_t len);
.ad
.sp
.na
void
lwres_context_allocmem(lwres_context_t *ctx, size_t len);
.ad
.sp
.na
void *
lwres_context_sendrecv(lwres_context_t *ctx, void *sendbase, int sendlen, void *recvbase, int recvlen, int *recvd_len);
.ad
\fR
.HP 37
lwres_result_t\ \fBlwres_context_create\fR\ (lwres_context_t\ **\fIcontextp\fR, void\ *\fIarg\fR, lwres_malloc_t\ \fImalloc_function\fR, lwres_free_t\ \fIfree_function\fR);
.HP 38
lwres_result_t\ \fBlwres_context_destroy\fR\ (lwres_context_t\ **\fIcontextp\fR);
.HP 31
void\ \fBlwres_context_initserial\fR\ (lwres_context_t\ *\fIctx\fR, lwres_uint32_t\ \fIserial\fR);
.HP 41
lwres_uint32_t\ \fBlwres_context_nextserial\fR\ (lwres_context_t\ *\fIctx\fR);
.HP 28
void\ \fBlwres_context_freemem\fR\ (lwres_context_t\ *\fIctx\fR, void\ *\fImem\fR, size_t\ \fIlen\fR);
.HP 29
void\ \fBlwres_context_allocmem\fR\ (lwres_context_t\ *\fIctx\fR, size_t\ \fIlen\fR);
.HP 32
void\ *\ \fBlwres_context_sendrecv\fR\ (lwres_context_t\ *\fIctx\fR, void\ *\fIsendbase\fR, int\ \fIsendlen\fR, void\ *\fIrecvbase\fR, int\ \fIrecvlen\fR, int\ *\fIrecvd_len\fR);
.SH "DESCRIPTION"
.PP
\fBlwres_context_create()\fR
creates a
\fBlwres_context_t\fR
structure for use in lightweight resolver operations.
It holds a socket and other data needed for communicating
with a resolver daemon.
The new
\fBlwres_context_t\fR
is returned through
\fIcontextp\fR,
a pointer to a
\fBlwres_context_t\fR
pointer. This
\fBlwres_context_t\fR
pointer must initially be NULL, and is modified
to point to the newly created
\fBlwres_context_t\fR.
\fBlwres_context_create()\fR creates a \fBlwres_context_t\fR structure for use in lightweight resolver operations\&. It holds a socket and other data needed for communicating with a resolver daemon\&. The new \fBlwres_context_t\fR is returned through \fIcontextp\fR, a pointer to a \fBlwres_context_t\fR pointer\&. This \fBlwres_context_t\fR pointer must initially be NULL, and is modified to point to the newly created \fBlwres_context_t\fR\&.
.PP
When the lightweight resolver needs to perform dynamic memory
allocation, it will call
\fImalloc_function\fR
to allocate memory and
\fIfree_function\fR
to free it. If
\fImalloc_function\fR
and
\fIfree_function\fR
are NULL, memory is allocated using
\&.Xr malloc 3
and
\fBfree\fR(3).
It is not permitted to have a NULL
\fImalloc_function\fR
and a non-NULL
\fIfree_function\fR
or vice versa.
\fIarg\fR
is passed as the first parameter to the memory
allocation functions.
If
\fImalloc_function\fR
and
\fIfree_function\fR
are NULL,
\fIarg\fR
is unused and should be passed as NULL.
When the lightweight resolver needs to perform dynamic memory allocation, it will call \fImalloc_function\fR to allocate memory and \fIfree_function\fR to free it\&. If \fImalloc_function\fR and \fIfree_function\fR are NULL, memory is allocated using \fBmalloc\fR(3)\&. and \fBfree\fR(3)\&. It is not permitted to have a NULL \fImalloc_function\fR and a non\-NULL \fIfree_function\fR or vice versa\&. \fIarg\fR is passed as the first parameter to the memory allocation functions\&. If \fImalloc_function\fR and \fIfree_function\fR are NULL, \fIarg\fR is unused and should be passed as NULL\&.
.PP
Once memory for the structure has been allocated,
it is initialized using
\fBlwres_conf_init\fR(3)
and returned via
\fI*contextp\fR.
Once memory for the structure has been allocated, it is initialized using \fBlwres_conf_init\fR(3) and returned via \fI*contextp\fR\&.
.PP
\fBlwres_context_destroy()\fR
destroys a
\fBlwres_context_t\fR,
closing its socket.
\fIcontextp\fR
is a pointer to a pointer to the context that is to be destroyed.
The pointer will be set to NULL when the context has been destroyed.
\fBlwres_context_destroy()\fR destroys a \fBlwres_context_t\fR, closing its socket\&. \fIcontextp\fR is a pointer to a pointer to the context that is to be destroyed\&. The pointer will be set to NULL when the context has been destroyed\&.
.PP
The context holds a serial number that is used to identify resolver
request packets and associate responses with the corresponding requests.
This serial number is controlled using
\fBlwres_context_initserial()\fR
and
\fBlwres_context_nextserial()\fR.
\fBlwres_context_initserial()\fR
sets the serial number for context
\fI*ctx\fR
to
\fIserial\fR.
\fBlwres_context_nextserial()\fR
increments the serial number and returns the previous value.
The context holds a serial number that is used to identify resolver request packets and associate responses with the corresponding requests\&. This serial number is controlled using \fBlwres_context_initserial()\fR and \fBlwres_context_nextserial()\fR\&. \fBlwres_context_initserial()\fR sets the serial number for context \fI*ctx\fR to \fIserial\fR\&. \fBlwres_context_nextserial()\fR increments the serial number and returns the previous value\&.
.PP
Memory for a lightweight resolver context is allocated and freed using
\fBlwres_context_allocmem()\fR
and
\fBlwres_context_freemem()\fR.
These use whatever allocations were defined when the context was
created with
\fBlwres_context_create()\fR.
\fBlwres_context_allocmem()\fR
allocates
\fIlen\fR
bytes of memory and if successful returns a pointer to the allocated
storage.
\fBlwres_context_freemem()\fR
frees
\fIlen\fR
bytes of space starting at location
\fImem\fR.
Memory for a lightweight resolver context is allocated and freed using \fBlwres_context_allocmem()\fR and \fBlwres_context_freemem()\fR\&. These use whatever allocations were defined when the context was created with \fBlwres_context_create()\fR\&. \fBlwres_context_allocmem()\fR allocates \fIlen\fR bytes of memory and if successful returns a pointer to the allocated storage\&. \fBlwres_context_freemem()\fR frees \fIlen\fR bytes of space starting at location \fImem\fR\&.
.PP
\fBlwres_context_sendrecv()\fR
performs I/O for the context
\fIctx\fR.
Data are read and written from the context's socket.
It writes data from
\fIsendbase\fR
\(em typically a lightweight resolver query packet \(em
and waits for a reply which is copied to the receive buffer at
\fIrecvbase\fR.
The number of bytes that were written to this receive buffer is
returned in
\fI*recvd_len\fR.
\fBlwres_context_sendrecv()\fR performs I/O for the context \fIctx\fR\&. Data are read and written from the context's socket\&. It writes data from \fIsendbase\fR -- typically a lightweight resolver query packet -- and waits for a reply which is copied to the receive buffer at \fIrecvbase\fR\&. The number of bytes that were written to this receive buffer is returned in \fI*recvd_len\fR\&.
.SH "RETURN VALUES"
.PP
\fBlwres_context_create()\fR
returns
LWRES_R_NOMEMORY
if memory for the
\fBstruct lwres_context\fR
could not be allocated,
LWRES_R_SUCCESS
otherwise.
\fBlwres_context_create()\fR returns \fBLWRES_R_NOMEMORY\fR if memory for the \fBstruct lwres_context\fR could not be allocated, \fBLWRES_R_SUCCESS\fR otherwise\&.
.PP
Successful calls to the memory allocator
\fBlwres_context_allocmem()\fR
return a pointer to the start of the allocated space.
It returns NULL if memory could not be allocated.
Successful calls to the memory allocator \fBlwres_context_allocmem()\fR return a pointer to the start of the allocated space\&. It returns NULL if memory could not be allocated\&.
.PP
LWRES_R_SUCCESS
is returned when
\fBlwres_context_sendrecv()\fR
completes successfully.
LWRES_R_IOERROR
is returned if an I/O error occurs and
LWRES_R_TIMEOUT
is returned if
\fBlwres_context_sendrecv()\fR
times out waiting for a response.
\fBLWRES_R_SUCCESS\fR is returned when \fBlwres_context_sendrecv()\fR completes successfully\&. \fBLWRES_R_IOERROR\fR is returned if an I/O error occurs and \fBLWRES_R_TIMEOUT\fR is returned if \fBlwres_context_sendrecv()\fR times out waiting for a response\&.
.SH "SEE ALSO"
.PP
\fBlwres_conf_init\fR(3),
\fBmalloc\fR(3),
\fBfree\fR(3).
\fBlwres_conf_init\fR(3), \fBmalloc\fR(3), \fBfree\fR(3)\&.

744
lib/lwres/man/lwres_context.html
View file

@ -1,478 +1,294 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_context</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv &#8212; lightweight resolver context management</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/lwres.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_context_create</b>(</code></td>
<td>lwres_context_t ** </td>
<td>
<var class="pdparam">contextp</var>, </td>
</tr>
<tr>
<td> </td>
<td>void * </td>
<td>
<var class="pdparam">arg</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_malloc_t  </td>
<td>
<var class="pdparam">malloc_function</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_free_t  </td>
<td>
<var class="pdparam">free_function</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em"><tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_context_destroy</b>(</code></td>
<td>lwres_context_t ** </td>
<td>
<var class="pdparam">contextp</var><code>)</code>;</td>
</tr></table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_context_initserial</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_uint32_t  </td>
<td>
<var class="pdparam">serial</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em"><tr>
<td><code class="funcdef">
lwres_uint32_t
<b class="fsfunc">lwres_context_nextserial</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var><code>)</code>;</td>
</tr></table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_context_freemem</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>void * </td>
<td>
<var class="pdparam">mem</var>, </td>
</tr>
<tr>
<td> </td>
<td>size_t  </td>
<td>
<var class="pdparam">len</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_context_allocmem</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>size_t  </td>
<td>
<var class="pdparam">len</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0">
<tr>
<td><code class="funcdef">
void *
<b class="fsfunc">lwres_context_sendrecv</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>void * </td>
<td>
<var class="pdparam">sendbase</var>, </td>
</tr>
<tr>
<td> </td>
<td>int  </td>
<td>
<var class="pdparam">sendlen</var>, </td>
</tr>
<tr>
<td> </td>
<td>void * </td>
<td>
<var class="pdparam">recvbase</var>, </td>
</tr>
<tr>
<td> </td>
<td>int  </td>
<td>
<var class="pdparam">recvlen</var>, </td>
</tr>
<tr>
<td> </td>
<td>int * </td>
<td>
<var class="pdparam">recvd_len</var><code>)</code>;</td>
</tr>
</table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2514146"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_context_create()</code>
creates a <span class="type">lwres_context_t</span> structure for use in
lightweight resolver operations. It holds a socket and other
data needed for communicating with a resolver daemon. The new
<span class="type">lwres_context_t</span> is returned through
<em class="parameter"><code>contextp</code></em>, a pointer to a
<span class="type">lwres_context_t</span> pointer. This
<span class="type">lwres_context_t</span> pointer must initially be NULL, and
is modified to point to the newly created
<span class="type">lwres_context_t</span>.
</p>
<p>
When the lightweight resolver needs to perform dynamic memory
allocation, it will call
<em class="parameter"><code>malloc_function</code></em>
to allocate memory and
<em class="parameter"><code>free_function</code></em>
to free it. If
<em class="parameter"><code>malloc_function</code></em>
and
<em class="parameter"><code>free_function</code></em>
are NULL, memory is allocated using
<span class="citerefentry"><span class="refentrytitle">malloc</span>(3)</span>.
and
<span class="citerefentry"><span class="refentrytitle">free</span>(3)</span>.
<!-- $Id: lwres_context.html,v 1.12 2005/04/07 03:50:01 marka Exp $ -->
It is not permitted to have a NULL
<em class="parameter"><code>malloc_function</code></em> and a non-NULL
<em class="parameter"><code>free_function</code></em> or vice versa.
<em class="parameter"><code>arg</code></em> is passed as the first parameter to
the memory allocation functions. If
<em class="parameter"><code>malloc_function</code></em> and
<em class="parameter"><code>free_function</code></em> are NULL,
<em class="parameter"><code>arg</code></em> is unused and should be passed as
NULL.
</p>
<p>
Once memory for the structure has been allocated,
it is initialized using
<span class="citerefentry"><span class="refentrytitle">lwres_conf_init</span>(3)</span>
and returned via <em class="parameter"><code>*contextp</code></em>.
</p>
<p><code class="function">lwres_context_destroy()</code>
destroys a <span class="type">lwres_context_t</span>, closing its socket.
<em class="parameter"><code>contextp</code></em> is a pointer to a pointer to the
context that is to be destroyed. The pointer will be set to
NULL when the context has been destroyed.
</p>
<p>
The context holds a serial number that is used to identify
resolver request packets and associate responses with the
corresponding requests. This serial number is controlled using
<code class="function">lwres_context_initserial()</code> and
<code class="function">lwres_context_nextserial()</code>.
<code class="function">lwres_context_initserial()</code> sets the serial
number for context <em class="parameter"><code>*ctx</code></em> to
<em class="parameter"><code>serial</code></em>.
<code class="function">lwres_context_nextserial()</code> increments the
serial number and returns the previous value.
</p>
<p>
Memory for a lightweight resolver context is allocated and freed
using <code class="function">lwres_context_allocmem()</code> and
<code class="function">lwres_context_freemem()</code>. These use
whatever allocations were defined when the context was created
with <code class="function">lwres_context_create()</code>.
<code class="function">lwres_context_allocmem()</code> allocates
<em class="parameter"><code>len</code></em> bytes of memory and if successful
returns a pointer to the allocated storage.
<code class="function">lwres_context_freemem()</code> frees
<em class="parameter"><code>len</code></em> bytes of space starting at location
<em class="parameter"><code>mem</code></em>.
</p>
<p><code class="function">lwres_context_sendrecv()</code>
performs I/O for the context <em class="parameter"><code>ctx</code></em>. Data
are read and written from the context's socket. It writes data
from <em class="parameter"><code>sendbase</code></em> &#8212; typically a
lightweight resolver query packet &#8212; and waits for a reply
which is copied to the receive buffer at
<em class="parameter"><code>recvbase</code></em>. The number of bytes that were
written to this receive buffer is returned in
<em class="parameter"><code>*recvd_len</code></em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514470"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_context_create()</code>
returns <span class="errorcode">LWRES_R_NOMEMORY</span> if memory for
the <span class="type">struct lwres_context</span> could not be allocated,
<span class="errorcode">LWRES_R_SUCCESS</span> otherwise.
</p>
<p>
Successful calls to the memory allocator
<code class="function">lwres_context_allocmem()</code>
return a pointer to the start of the allocated space.
It returns NULL if memory could not be allocated.
</p>
<p><span class="errorcode">LWRES_R_SUCCESS</span>
is returned when
<code class="function">lwres_context_sendrecv()</code>
completes successfully.
<span class="errorcode">LWRES_R_IOERROR</span>
is returned if an I/O error occurs and
<span class="errorcode">LWRES_R_TIMEOUT</span>
is returned if
<code class="function">lwres_context_sendrecv()</code>
times out waiting for a response.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514520"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_conf_init</span>(3)</span>,
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_context</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_context</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv&nbsp;--&nbsp;lightweight resolver context management</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN17"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN18"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/lwres.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_context_create</CODE
>(lwres_context_t **contextp, void *arg, lwres_malloc_t malloc_function, lwres_free_t free_function);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_context_destroy</CODE
>(lwres_context_t **contextp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_context_initserial</CODE
>(lwres_context_t *ctx, lwres_uint32_t serial);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_uint32_t
lwres_context_nextserial</CODE
>(lwres_context_t *ctx);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_context_freemem</CODE
>(lwres_context_t *ctx, void *mem, size_t len);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_context_allocmem</CODE
>(lwres_context_t *ctx, size_t len);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void *
lwres_context_sendrecv</CODE
>(lwres_context_t *ctx, void *sendbase, int sendlen, void *recvbase, int recvlen, int *recvd_len);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN60"
></A
><H2
>DESCRIPTION</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_context_create()</CODE
>
creates a
<SPAN
CLASS="TYPE"
>lwres_context_t</SPAN
>
structure for use in lightweight resolver operations.
It holds a socket and other data needed for communicating
with a resolver daemon.
The new
<SPAN
CLASS="TYPE"
>lwres_context_t</SPAN
>
is returned through
<CODE
CLASS="PARAMETER"
>contextp</CODE
>,
<span class="citerefentry"><span class="refentrytitle">malloc</span>(3)</span>,
a pointer to a
<SPAN
CLASS="TYPE"
>lwres_context_t</SPAN
>
pointer. This
<SPAN
CLASS="TYPE"
>lwres_context_t</SPAN
>
pointer must initially be NULL, and is modified
to point to the newly created
<SPAN
CLASS="TYPE"
>lwres_context_t</SPAN
>.&#13;</P
><P
>When the lightweight resolver needs to perform dynamic memory
allocation, it will call
<CODE
CLASS="PARAMETER"
>malloc_function</CODE
>
to allocate memory and
<CODE
CLASS="PARAMETER"
>free_function</CODE
>
to free it. If
<CODE
CLASS="PARAMETER"
>malloc_function</CODE
>
and
<CODE
CLASS="PARAMETER"
>free_function</CODE
>
are NULL, memory is allocated using
.Xr malloc 3
and
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>free</SPAN
>(3)</SPAN
>.
It is not permitted to have a NULL
<CODE
CLASS="PARAMETER"
>malloc_function</CODE
>
and a non-NULL
<CODE
CLASS="PARAMETER"
>free_function</CODE
>
or vice versa.
<CODE
CLASS="PARAMETER"
>arg</CODE
>
is passed as the first parameter to the memory
allocation functions.
If
<CODE
CLASS="PARAMETER"
>malloc_function</CODE
>
and
<CODE
CLASS="PARAMETER"
>free_function</CODE
>
are NULL,
<CODE
CLASS="PARAMETER"
>arg</CODE
>
is unused and should be passed as NULL.</P
><P
>Once memory for the structure has been allocated,
it is initialized using
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_conf_init</SPAN
>(3)</SPAN
>
and returned via
<CODE
CLASS="PARAMETER"
>*contextp</CODE
>.&#13;</P
><P
><CODE
CLASS="FUNCTION"
>lwres_context_destroy()</CODE
>
destroys a
<SPAN
CLASS="TYPE"
>lwres_context_t</SPAN
>,
closing its socket.
<CODE
CLASS="PARAMETER"
>contextp</CODE
>
is a pointer to a pointer to the context that is to be destroyed.
The pointer will be set to NULL when the context has been destroyed.</P
><P
>The context holds a serial number that is used to identify resolver
request packets and associate responses with the corresponding requests.
This serial number is controlled using
<CODE
CLASS="FUNCTION"
>lwres_context_initserial()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_context_nextserial()</CODE
>.
<CODE
CLASS="FUNCTION"
>lwres_context_initserial()</CODE
>
sets the serial number for context
<CODE
CLASS="PARAMETER"
>*ctx</CODE
>
to
<CODE
CLASS="PARAMETER"
>serial</CODE
>.
<CODE
CLASS="FUNCTION"
>lwres_context_nextserial()</CODE
>
increments the serial number and returns the previous value.</P
><P
>Memory for a lightweight resolver context is allocated and freed using
<CODE
CLASS="FUNCTION"
>lwres_context_allocmem()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_context_freemem()</CODE
>.
These use whatever allocations were defined when the context was
created with
<CODE
CLASS="FUNCTION"
>lwres_context_create()</CODE
>.
<CODE
CLASS="FUNCTION"
>lwres_context_allocmem()</CODE
>
allocates
<CODE
CLASS="PARAMETER"
>len</CODE
>
bytes of memory and if successful returns a pointer to the allocated
storage.
<CODE
CLASS="FUNCTION"
>lwres_context_freemem()</CODE
>
frees
<CODE
CLASS="PARAMETER"
>len</CODE
>
bytes of space starting at location
<CODE
CLASS="PARAMETER"
>mem</CODE
>.&#13;</P
><P
><CODE
CLASS="FUNCTION"
>lwres_context_sendrecv()</CODE
>
performs I/O for the context
<CODE
CLASS="PARAMETER"
>ctx</CODE
>.
Data are read and written from the context's socket.
It writes data from
<CODE
CLASS="PARAMETER"
>sendbase</CODE
>
&mdash; typically a lightweight resolver query packet &mdash;
and waits for a reply which is copied to the receive buffer at
<CODE
CLASS="PARAMETER"
>recvbase</CODE
>.
The number of bytes that were written to this receive buffer is
returned in
<CODE
CLASS="PARAMETER"
>*recvd_len</CODE
>.&#13;</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN115"
></A
><H2
>RETURN VALUES</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_context_create()</CODE
>
returns
<SPAN
CLASS="ERRORCODE"
>LWRES_R_NOMEMORY</SPAN
>
if memory for the
<SPAN
CLASS="TYPE"
>struct lwres_context</SPAN
>
could not be allocated,
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>
otherwise.</P
><P
>Successful calls to the memory allocator
<CODE
CLASS="FUNCTION"
>lwres_context_allocmem()</CODE
>
return a pointer to the start of the allocated space.
It returns NULL if memory could not be allocated.</P
><P
><SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>
is returned when
<CODE
CLASS="FUNCTION"
>lwres_context_sendrecv()</CODE
>
completes successfully.
<SPAN
CLASS="ERRORCODE"
>LWRES_R_IOERROR</SPAN
>
is returned if an I/O error occurs and
<SPAN
CLASS="ERRORCODE"
>LWRES_R_TIMEOUT</SPAN
>
is returned if
<CODE
CLASS="FUNCTION"
>lwres_context_sendrecv()</CODE
>
times out waiting for a response.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN130"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_conf_init</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>malloc</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>free</SPAN
>(3)</SPAN
>.</P
></DIV
></BODY
></HTML
>
<span class="citerefentry"><span class="refentrytitle">free</span>(3)</span>.
</p>
</div>
</div></body>
</html>

209
lib/lwres/man/lwres_gabn.3
View file

@ -1,91 +1,84 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_gabn.3,v 1.19 2005/04/07 03:50:01 marka Exp $
.\"
.TH "LWRES_GABN" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_GABN" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free \- lightweight resolver getaddrbyname message handling
.SH SYNOPSIS
\fB#include <lwres/lwres.h>
.SH "SYNOPSIS"
#include <lwres/lwres\&.h>
.sp
.na
lwres_result_t
lwres_gabnrequest_render(lwres_context_t *ctx, lwres_gabnrequest_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);
.ad
.sp
.na
lwres_result_t
lwres_gabnresponse_render(lwres_context_t *ctx, lwres_gabnresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);
.ad
.sp
.na
lwres_result_t
lwres_gabnrequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gabnrequest_t **structp);
.ad
.sp
.na
lwres_result_t
lwres_gabnresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gabnresponse_t **structp);
.ad
.sp
.na
void
lwres_gabnresponse_free(lwres_context_t *ctx, lwres_gabnresponse_t **structp);
.ad
.sp
.na
void
lwres_gabnrequest_free(lwres_context_t *ctx, lwres_gabnrequest_t **structp);
.ad
\fR
.HP 41
lwres_result_t\ \fBlwres_gabnrequest_render\fR\ (lwres_context_t\ *\fIctx\fR, lwres_gabnrequest_t\ *\fIreq\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_buffer_t\ *\fIb\fR);
.HP 42
lwres_result_t\ \fBlwres_gabnresponse_render\fR\ (lwres_context_t\ *\fIctx\fR, lwres_gabnresponse_t\ *\fIreq\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_buffer_t\ *\fIb\fR);
.HP 40
lwres_result_t\ \fBlwres_gabnrequest_parse\fR\ (lwres_context_t\ *\fIctx\fR, lwres_buffer_t\ *\fIb\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_gabnrequest_t\ **\fIstructp\fR);
.HP 41
lwres_result_t\ \fBlwres_gabnresponse_parse\fR\ (lwres_context_t\ *\fIctx\fR, lwres_buffer_t\ *\fIb\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_gabnresponse_t\ **\fIstructp\fR);
.HP 30
void\ \fBlwres_gabnresponse_free\fR\ (lwres_context_t\ *\fIctx\fR, lwres_gabnresponse_t\ **\fIstructp\fR);
.HP 29
void\ \fBlwres_gabnrequest_free\fR\ (lwres_context_t\ *\fIctx\fR, lwres_gabnrequest_t\ **\fIstructp\fR);
.SH "DESCRIPTION"
.PP
These are low-level routines for creating and parsing
lightweight resolver name-to-address lookup request and
response messages.
These are low\-level routines for creating and parsing lightweight resolver name\-to\-address lookup request and response messages\&.
.PP
There are four main functions for the getaddrbyname opcode.
One render function converts a getaddrbyname request structure \(em
\fBlwres_gabnrequest_t\fR \(em
to the lighweight resolver's canonical format.
It is complemented by a parse function that converts a packet in this
canonical format to a getaddrbyname request structure.
Another render function converts the getaddrbyname response structure \(em
\fBlwres_gabnresponse_t\fR \(em
to the canonical format.
This is complemented by a parse function which converts a packet in
canonical format to a getaddrbyname response structure.
There are four main functions for the getaddrbyname opcode\&. One render function converts a getaddrbyname request structure -- \fBlwres_gabnrequest_t\fR -- to the lighweight resolver's canonical format\&. It is complemented by a parse function that converts a packet in this canonical format to a getaddrbyname request structure\&. Another render function converts the getaddrbyname response structure -- \fBlwres_gabnresponse_t\fR -- to the canonical format\&. This is complemented by a parse function which converts a packet in canonical format to a getaddrbyname response structure\&.
.PP
These structures are defined in \fI<lwres/lwres\&.h>\fR\&. They are shown below\&.
.PP
These structures are defined in
\fI<lwres/lwres.h>\fR.
They are shown below.
.sp
.nf
#define LWRES_OPCODE_GETADDRSBYNAME 0x00010001U
.fi
.PP
.nf
typedef struct lwres_addr lwres_addr_t;
typedef LWRES_LIST(lwres_addr_t) lwres_addrlist_t;
.fi
.PP
.nf
typedef struct {
lwres_uint32_t flags;
lwres_uint32_t addrtypes;
lwres_uint16_t namelen;
char *name;
} lwres_gabnrequest_t;
.fi
.PP
.nf
typedef struct {
lwres_uint32_t flags;
lwres_uint16_t naliases;
@ -98,98 +91,16 @@ typedef struct {
void *base;
size_t baselen;
} lwres_gabnresponse_t;
.sp
.fi
.PP
\fBlwres_gabnrequest_render()\fR
uses resolver context
\fIctx\fR
to convert getaddrbyname request structure
\fIreq\fR
to canonical format.
The packet header structure
\fIpkt\fR
is initialised and transferred to
buffer
\fIb\fR.
The contents of
\fI*req\fR
are then appended to the buffer in canonical format.
\fBlwres_gabnresponse_render()\fR
performs the same task, except it converts a getaddrbyname response structure
\fBlwres_gabnresponse_t\fR
to the lightweight resolver's canonical format.
\fBlwres_gabnrequest_render()\fR uses resolver context \fIctx\fR to convert getaddrbyname request structure \fIreq\fR to canonical format\&. The packet header structure \fIpkt\fR is initialised and transferred to buffer \fIb\fR\&. The contents of \fI*req\fR are then appended to the buffer in canonical format\&. \fBlwres_gabnresponse_render()\fR performs the same task, except it converts a getaddrbyname response structure \fBlwres_gabnresponse_t\fR to the lightweight resolver's canonical format\&.
.PP
\fBlwres_gabnrequest_parse()\fR
uses context
\fIctx\fR
to convert the contents of packet
\fIpkt\fR
to a
\fBlwres_gabnrequest_t\fR
structure.
Buffer
\fIb\fR
provides space to be used for storing this structure.
When the function succeeds, the resulting
\fBlwres_gabnrequest_t\fR
is made available through
\fI*structp\fR.
\fBlwres_gabnresponse_parse()\fR
offers the same semantics as
\fBlwres_gabnrequest_parse()\fR
except it yields a
\fBlwres_gabnresponse_t\fR
structure.
\fBlwres_gabnrequest_parse()\fR uses context \fIctx\fR to convert the contents of packet \fIpkt\fR to a \fBlwres_gabnrequest_t\fR structure\&. Buffer \fIb\fR provides space to be used for storing this structure\&. When the function succeeds, the resulting \fBlwres_gabnrequest_t\fR is made available through \fI*structp\fR\&. \fBlwres_gabnresponse_parse()\fR offers the same semantics as \fBlwres_gabnrequest_parse()\fR except it yields a \fBlwres_gabnresponse_t\fR structure\&.
.PP
\fBlwres_gabnresponse_free()\fR
and
\fBlwres_gabnrequest_free()\fR
release the memory in resolver context
\fIctx\fR
that was allocated to the
\fBlwres_gabnresponse_t\fR
or
\fBlwres_gabnrequest_t\fR
structures referenced via
\fIstructp\fR.
Any memory associated with ancillary buffers and strings for those
structures is also discarded.
\fBlwres_gabnresponse_free()\fR and \fBlwres_gabnrequest_free()\fR release the memory in resolver context \fIctx\fR that was allocated to the \fBlwres_gabnresponse_t\fR or \fBlwres_gabnrequest_t\fR structures referenced via \fIstructp\fR\&. Any memory associated with ancillary buffers and strings for those structures is also discarded\&.
.SH "RETURN VALUES"
.PP
The getaddrbyname opcode functions
\fBlwres_gabnrequest_render()\fR,
\fBlwres_gabnresponse_render()\fR
\fBlwres_gabnrequest_parse()\fR
and
\fBlwres_gabnresponse_parse()\fR
all return
LWRES_R_SUCCESS
on success.
They return
LWRES_R_NOMEMORY
if memory allocation fails.
LWRES_R_UNEXPECTEDEND
is returned if the available space in the buffer
\fIb\fR
is too small to accommodate the packet header or the
\fBlwres_gabnrequest_t\fR
and
\fBlwres_gabnresponse_t\fR
structures.
\fBlwres_gabnrequest_parse()\fR
and
\fBlwres_gabnresponse_parse()\fR
will return
LWRES_R_UNEXPECTEDEND
if the buffer is not empty after decoding the received packet.
These functions will return
LWRES_R_FAILURE
if
\fBpktflags\fR
in the packet header structure
\fBlwres_lwpacket_t\fR
indicate that the packet is not a response to an earlier query.
The getaddrbyname opcode functions \fBlwres_gabnrequest_render()\fR, \fBlwres_gabnresponse_render()\fR \fBlwres_gabnrequest_parse()\fR and \fBlwres_gabnresponse_parse()\fR all return \fBLWRES_R_SUCCESS\fR on success\&. They return \fBLWRES_R_NOMEMORY\fR if memory allocation fails\&. \fBLWRES_R_UNEXPECTEDEND\fR is returned if the available space in the buffer \fIb\fR is too small to accommodate the packet header or the \fBlwres_gabnrequest_t\fR and \fBlwres_gabnresponse_t\fR structures\&. \fBlwres_gabnrequest_parse()\fR and \fBlwres_gabnresponse_parse()\fR will return \fBLWRES_R_UNEXPECTEDEND\fR if the buffer is not empty after decoding the received packet\&. These functions will return \fBLWRES_R_FAILURE\fR if pktflags in the packet header structure \fBlwres_lwpacket_t\fR indicate that the packet is not a response to an earlier query\&.
.SH "SEE ALSO"
.PP
\fBlwres_packet\fR(3)
\fBlwres_packet\fR(3)

676
lib/lwres/man/lwres_gabn.html
View file

@ -1,169 +1,228 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_gabn.html,v 1.12 2005/04/07 03:50:01 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_gabn</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_gabn</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free&nbsp;--&nbsp;lightweight resolver getaddrbyname message handling</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN16"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN17"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/lwres.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_gabnrequest_render</CODE
>(lwres_context_t *ctx, lwres_gabnrequest_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_gabnresponse_render</CODE
>(lwres_context_t *ctx, lwres_gabnresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_gabnrequest_parse</CODE
>(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gabnrequest_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_gabnresponse_parse</CODE
>(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gabnresponse_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_gabnresponse_free</CODE
>(lwres_context_t *ctx, lwres_gabnresponse_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_gabnrequest_free</CODE
>(lwres_context_t *ctx, lwres_gabnrequest_t **structp);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN57"
></A
><H2
>DESCRIPTION</H2
><P
>These are low-level routines for creating and parsing
lightweight resolver name-to-address lookup request and
response messages.</P
><P
>There are four main functions for the getaddrbyname opcode.
One render function converts a getaddrbyname request structure &mdash;
<SPAN
CLASS="TYPE"
>lwres_gabnrequest_t</SPAN
> &mdash;
to the lighweight resolver's canonical format.
It is complemented by a parse function that converts a packet in this
canonical format to a getaddrbyname request structure.
Another render function converts the getaddrbyname response structure &mdash;
<SPAN
CLASS="TYPE"
>lwres_gabnresponse_t</SPAN
> &mdash;
to the canonical format.
This is complemented by a parse function which converts a packet in
canonical format to a getaddrbyname response structure.</P
><P
>These structures are defined in
<TT
CLASS="FILENAME"
>&lt;lwres/lwres.h&gt;</TT
>.
They are shown below.
<PRE
CLASS="PROGRAMLISTING"
>#define LWRES_OPCODE_GETADDRSBYNAME 0x00010001U
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_gabn</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free &#8212; lightweight resolver getaddrbyname message handling</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/lwres.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_gabnrequest_render</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gabnrequest_t * </td>
<td>
<var class="pdparam">req</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_gabnresponse_render</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gabnresponse_t * </td>
<td>
<var class="pdparam">req</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_gabnrequest_parse</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gabnrequest_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_gabnresponse_parse</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gabnresponse_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_gabnresponse_free</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gabnresponse_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0">
<tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_gabnrequest_free</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gabnrequest_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2514136"></a><h2>DESCRIPTION</h2>
<p>
These are low-level routines for creating and parsing
lightweight resolver name-to-address lookup request and
response messages.
</p>
<p>
There are four main functions for the getaddrbyname opcode.
One render function converts a getaddrbyname request structure &#8212;
<span class="type">lwres_gabnrequest_t</span> &#8212;
to the lighweight resolver's canonical format.
It is complemented by a parse function that converts a packet in this
canonical format to a getaddrbyname request structure.
Another render function converts the getaddrbyname response structure
&#8212; <span class="type">lwres_gabnresponse_t</span> &#8212;
to the canonical format.
This is complemented by a parse function which converts a packet in
canonical format to a getaddrbyname response structure.
</p>
<p>
These structures are defined in
<code class="filename">&lt;lwres/lwres.h&gt;</code>.
They are shown below.
</p>
<pre class="programlisting">
#define LWRES_OPCODE_GETADDRSBYNAME 0x00010001U
</pre>
<p>
</p>
<pre class="programlisting">
typedef struct lwres_addr lwres_addr_t;
typedef LWRES_LIST(lwres_addr_t) lwres_addrlist_t;
</pre>
<p>
</p>
<pre class="programlisting">
typedef struct {
lwres_uint32_t flags;
lwres_uint32_t addrtypes;
lwres_uint16_t namelen;
char *name;
} lwres_gabnrequest_t;
</pre>
<p>
</p>
<pre class="programlisting">
typedef struct {
lwres_uint32_t flags;
lwres_uint16_t naliases;
@ -175,245 +234,90 @@ typedef struct {
lwres_addrlist_t addrs;
void *base;
size_t baselen;
} lwres_gabnresponse_t;</PRE
></P
><P
><CODE
CLASS="FUNCTION"
>lwres_gabnrequest_render()</CODE
>
uses resolver context
<CODE
CLASS="PARAMETER"
>ctx</CODE
>
to convert getaddrbyname request structure
<CODE
CLASS="PARAMETER"
>req</CODE
>
to canonical format.
The packet header structure
<CODE
CLASS="PARAMETER"
>pkt</CODE
>
is initialised and transferred to
buffer
<CODE
CLASS="PARAMETER"
>b</CODE
>.
} lwres_gabnresponse_t;
</pre>
<p>
</p>
<p><code class="function">lwres_gabnrequest_render()</code>
uses resolver context <em class="parameter"><code>ctx</code></em> to convert
getaddrbyname request structure <em class="parameter"><code>req</code></em> to
canonical format. The packet header structure
<em class="parameter"><code>pkt</code></em> is initialised and transferred to
buffer <em class="parameter"><code>b</code></em>.
The contents of
<CODE
CLASS="PARAMETER"
>*req</CODE
>
are then appended to the buffer in canonical format.
<CODE
CLASS="FUNCTION"
>lwres_gabnresponse_render()</CODE
>
performs the same task, except it converts a getaddrbyname response structure
<SPAN
CLASS="TYPE"
>lwres_gabnresponse_t</SPAN
>
to the lightweight resolver's canonical format.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_gabnrequest_parse()</CODE
>
uses context
<CODE
CLASS="PARAMETER"
>ctx</CODE
>
to convert the contents of packet
<CODE
CLASS="PARAMETER"
>pkt</CODE
>
to a
<SPAN
CLASS="TYPE"
>lwres_gabnrequest_t</SPAN
>
structure.
Buffer
<CODE
CLASS="PARAMETER"
>b</CODE
>
provides space to be used for storing this structure.
When the function succeeds, the resulting
<SPAN
CLASS="TYPE"
>lwres_gabnrequest_t</SPAN
>
is made available through
<CODE
CLASS="PARAMETER"
>*structp</CODE
>.
The contents of <em class="parameter"><code>*req</code></em> are then appended to
the buffer in canonical format.
<code class="function">lwres_gabnresponse_render()</code> performs the
same task, except it converts a getaddrbyname response structure
<span class="type">lwres_gabnresponse_t</span> to the lightweight resolver's
canonical format.
</p>
<p><code class="function">lwres_gabnrequest_parse()</code>
uses context <em class="parameter"><code>ctx</code></em> to convert the contents
of packet <em class="parameter"><code>pkt</code></em> to a
<span class="type">lwres_gabnrequest_t</span> structure. Buffer
<em class="parameter"><code>b</code></em> provides space to be used for storing
this structure. When the function succeeds, the resulting
<span class="type">lwres_gabnrequest_t</span> is made available through
<em class="parameter"><code>*structp</code></em>.
<CODE
CLASS="FUNCTION"
>lwres_gabnresponse_parse()</CODE
>
offers the same semantics as
<CODE
CLASS="FUNCTION"
>lwres_gabnrequest_parse()</CODE
>
except it yields a
<SPAN
CLASS="TYPE"
>lwres_gabnresponse_t</SPAN
>
structure.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_gabnresponse_free()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_gabnrequest_free()</CODE
>
release the memory in resolver context
<CODE
CLASS="PARAMETER"
>ctx</CODE
>
that was allocated to the
<SPAN
CLASS="TYPE"
>lwres_gabnresponse_t</SPAN
>
or
<SPAN
CLASS="TYPE"
>lwres_gabnrequest_t</SPAN
>
structures referenced via
<CODE
CLASS="PARAMETER"
>structp</CODE
>.
<code class="function">lwres_gabnresponse_parse()</code> offers the same
semantics as <code class="function">lwres_gabnrequest_parse()</code>
except it yields a <span class="type">lwres_gabnresponse_t</span> structure.
</p>
<p><code class="function">lwres_gabnresponse_free()</code>
and <code class="function">lwres_gabnrequest_free()</code> release the
memory in resolver context <em class="parameter"><code>ctx</code></em> that was
allocated to the <span class="type">lwres_gabnresponse_t</span> or
<span class="type">lwres_gabnrequest_t</span> structures referenced via
<em class="parameter"><code>structp</code></em>.
Any memory associated with ancillary buffers and strings for those
structures is also discarded.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN93"
></A
><H2
>RETURN VALUES</H2
><P
>The getaddrbyname opcode functions
<CODE
CLASS="FUNCTION"
>lwres_gabnrequest_render()</CODE
>,
<CODE
CLASS="FUNCTION"
>lwres_gabnresponse_render()</CODE
>
<CODE
CLASS="FUNCTION"
>lwres_gabnrequest_parse()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_gabnresponse_parse()</CODE
>
all return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>
on success.
They return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_NOMEMORY</SPAN
>
if memory allocation fails.
<SPAN
CLASS="ERRORCODE"
>LWRES_R_UNEXPECTEDEND</SPAN
>
is returned if the available space in the buffer
<CODE
CLASS="PARAMETER"
>b</CODE
>
is too small to accommodate the packet header or the
<SPAN
CLASS="TYPE"
>lwres_gabnrequest_t</SPAN
>
and
<SPAN
CLASS="TYPE"
>lwres_gabnresponse_t</SPAN
>
structures.
<CODE
CLASS="FUNCTION"
>lwres_gabnrequest_parse()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_gabnresponse_parse()</CODE
>
will return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_UNEXPECTEDEND</SPAN
>
if the buffer is not empty after decoding the received packet.
These functions will return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_FAILURE</SPAN
>
if
<CODE
CLASS="STRUCTFIELD"
>pktflags</CODE
>
in the packet header structure
<SPAN
CLASS="TYPE"
>lwres_lwpacket_t</SPAN
>
indicate that the packet is not a response to an earlier query.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN112"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_packet</SPAN
>(3)</SPAN
></P
></DIV
></BODY
></HTML
>
Any memory associated with ancillary buffers and strings for
those structures is also discarded.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514486"></a><h2>RETURN VALUES</h2>
<p>
The getaddrbyname opcode functions
<code class="function">lwres_gabnrequest_render()</code>,
<code class="function">lwres_gabnresponse_render()</code>
<code class="function">lwres_gabnrequest_parse()</code>
and
<code class="function">lwres_gabnresponse_parse()</code>
all return
<span class="errorcode">LWRES_R_SUCCESS</span>
on success.
They return
<span class="errorcode">LWRES_R_NOMEMORY</span>
if memory allocation fails.
<span class="errorcode">LWRES_R_UNEXPECTEDEND</span>
is returned if the available space in the buffer
<em class="parameter"><code>b</code></em>
is too small to accommodate the packet header or the
<span class="type">lwres_gabnrequest_t</span>
and
<span class="type">lwres_gabnresponse_t</span>
structures.
<code class="function">lwres_gabnrequest_parse()</code>
and
<code class="function">lwres_gabnresponse_parse()</code>
will return
<span class="errorcode">LWRES_R_UNEXPECTEDEND</span>
if the buffer is not empty after decoding the received packet.
These functions will return
<span class="errorcode">LWRES_R_FAILURE</span>
if
<em class="structfield"><code>pktflags</code></em>
in the packet header structure
<span class="type">lwres_lwpacket_t</span>
indicate that the packet is not a response to an earlier query.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514552"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>
</p>
</div>
</div></body>
</html>

86
lib/lwres/man/lwres_gai_strerror.3
View file

@ -1,38 +1,50 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_gai_strerror.3,v 1.19 2005/04/07 03:50:02 marka Exp $
.\"
.TH "LWRES_GAI_STRERROR" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_GAI_STRERROR" 3 "Jun 30, 2000" "" ""
.SH NAME
gai_strerror \- print suitable error string
.SH SYNOPSIS
\fB#include <lwres/netdb.h>
lwres_gai_strerror \- print suitable error string
.SH "SYNOPSIS"
#include <lwres/netdb\&.h>
.sp
.na
char *
gai_strerror(int ecode);
.ad
\fR
.HP 22
char\ *\ \fBgai_strerror\fR\ (int\ \fIecode\fR);
.SH "DESCRIPTION"
.PP
\fBlwres_gai_strerror()\fR
returns an error message corresponding to an error code returned by
\fBgetaddrinfo()\fR.
The following error codes and their meaning are defined in
\fIinclude/lwres/netdb.h\fR.
\fBlwres_gai_strerror()\fR returns an error message corresponding to an error code returned by \fBgetaddrinfo()\fR\&. The following error codes and their meaning are defined in \fIinclude/lwres/netdb\&.h\fR\&.
.TP
\fBEAI_ADDRFAMILY\fR
address family for hostname not supported
@ -41,14 +53,13 @@ address family for hostname not supported
temporary failure in name resolution
.TP
\fBEAI_BADFLAGS\fR
invalid value for
ai_flags
invalid value for \fBai_flags\fR
.TP
\fBEAI_FAIL\fR
non-recoverable failure in name resolution
non\-recoverable failure in name resolution
.TP
\fBEAI_FAMILY\fR
ai_family not supported
\fBai_family\fR not supported
.TP
\fBEAI_MEMORY\fR
memory allocation failure
@ -60,29 +71,16 @@ no address associated with hostname
hostname or servname not provided, or not known
.TP
\fBEAI_SERVICE\fR
servname not supported for ai_socktype
servname not supported for \fBai_socktype\fR
.TP
\fBEAI_SOCKTYPE\fR
ai_socktype not supported
\fBai_socktype\fR not supported
.TP
\fBEAI_SYSTEM\fR
system error returned in errno
The message invalid error code is returned if \fIecode\fR is out of range\&.
.PP
The message \fBinvalid error code\fR is returned if
\fIecode\fR
is out of range.
.PP
ai_flags,
ai_family
and
ai_socktype
are elements of the
\fBstruct addrinfo\fR
used by
\fBlwres_getaddrinfo()\fR.
\fBai_flags\fR, \fBai_family\fR and \fBai_socktype\fR are elements of the \fBstruct addrinfo\fR used by \fBlwres_getaddrinfo()\fR\&.
.SH "SEE ALSO"
.PP
\fBstrerror\fR(3),
\fBlwres_getaddrinfo\fR(3),
\fBgetaddrinfo\fR(3),
\fBRFC2133\fR.
\fBstrerror\fR(3), \fBlwres_getaddrinfo\fR(3), \fBgetaddrinfo\fR(3), \fBRFC2133\fR()\&.

385
lib/lwres/man/lwres_gai_strerror.html
View file

@ -1,295 +1,118 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_gai_strerror</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_gai_strerror &#8212; print suitable error string</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/netdb.h&gt;</pre>
<p><code class="funcdef">
char *
<b class="fsfunc">gai_strerror</b>(</code>int <var class="pdparam">ecode</var><code>)</code>;</p>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2512610"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_gai_strerror()</code>
returns an error message corresponding to an error code returned by
<code class="function">getaddrinfo()</code>.
The following error codes and their meaning are defined in
<code class="filename">include/lwres/netdb.h</code>.
</p>
<div class="variablelist"><dl>
<dt><span class="term"><span class="errorcode">EAI_ADDRFAMILY</span></span></dt>
<dd><p>
address family for hostname not supported
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_AGAIN</span></span></dt>
<dd><p>
temporary failure in name resolution
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_BADFLAGS</span></span></dt>
<dd><p>
invalid value for
<code class="constant">ai_flags</code>
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_FAIL</span></span></dt>
<dd><p>
non-recoverable failure in name resolution
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_FAMILY</span></span></dt>
<dd><p><code class="constant">ai_family</code> not supported
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_MEMORY</span></span></dt>
<dd><p>
memory allocation failure
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_NODATA</span></span></dt>
<dd><p>
no address associated with hostname
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_NONAME</span></span></dt>
<dd><p>
hostname or servname not provided, or not known
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_SERVICE</span></span></dt>
<dd><p>
servname not supported for <code class="constant">ai_socktype</code>
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_SOCKTYPE</span></span></dt>
<dd><p><code class="constant">ai_socktype</code> not supported
</p></dd>
<dt><span class="term"><span class="errorcode">EAI_SYSTEM</span></span></dt>
<dd><p>
system error returned in errno
</p></dd>
</dl></div>
<p>
The message <span class="errorname">invalid error code</span> is returned if
<em class="parameter"><code>ecode</code></em>
is out of range.
</p>
<p><code class="constant">ai_flags</code>,
<code class="constant">ai_family</code>
and
<code class="constant">ai_socktype</code>
are elements of the
<span class="type">struct addrinfo</span>
used by
<code class="function">lwres_getaddrinfo()</code>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514259"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">strerror</span>(3)</span>,
<!-- $Id: lwres_gai_strerror.html,v 1.11 2005/04/07 03:50:02 marka Exp $ -->
<span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>,
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_gai_strerror</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_gai_strerror</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>gai_strerror&nbsp;--&nbsp;print suitable error string</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN11"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN12"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/netdb.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>char *
gai_strerror</CODE
>(int ecode);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN18"
></A
><H2
>DESCRIPTION</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_gai_strerror()</CODE
>
returns an error message corresponding to an error code returned by
<CODE
CLASS="FUNCTION"
>getaddrinfo()</CODE
>.
The following error codes and their meaning are defined in
<TT
CLASS="FILENAME"
>include/lwres/netdb.h</TT
>.
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_ADDRFAMILY</SPAN
></DT
><DD
><P
>address family for hostname not supported</P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_AGAIN</SPAN
></DT
><DD
><P
>temporary failure in name resolution</P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_BADFLAGS</SPAN
></DT
><DD
><P
>invalid value for
<CODE
CLASS="CONSTANT"
>ai_flags</CODE
></P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_FAIL</SPAN
></DT
><DD
><P
>non-recoverable failure in name resolution</P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_FAMILY</SPAN
></DT
><DD
><P
><CODE
CLASS="CONSTANT"
>ai_family</CODE
> not supported</P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_MEMORY</SPAN
></DT
><DD
><P
>memory allocation failure</P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_NODATA</SPAN
></DT
><DD
><P
>no address associated with hostname</P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_NONAME</SPAN
></DT
><DD
><P
>hostname or servname not provided, or not known</P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_SERVICE</SPAN
></DT
><DD
><P
>servname not supported for <CODE
CLASS="CONSTANT"
>ai_socktype</CODE
></P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_SOCKTYPE</SPAN
></DT
><DD
><P
><CODE
CLASS="CONSTANT"
>ai_socktype</CODE
> not supported</P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>EAI_SYSTEM</SPAN
></DT
><DD
><P
>system error returned in errno</P
></DD
></DL
></DIV
>
The message <SPAN
CLASS="ERRORNAME"
>invalid error code</SPAN
> is returned if
<CODE
CLASS="PARAMETER"
>ecode</CODE
>
is out of range.</P
><P
><CODE
CLASS="CONSTANT"
>ai_flags</CODE
>,
<CODE
CLASS="CONSTANT"
>ai_family</CODE
>
and
<CODE
CLASS="CONSTANT"
>ai_socktype</CODE
>
are elements of the
<SPAN
CLASS="TYPE"
>struct addrinfo</SPAN
>
used by
<CODE
CLASS="FUNCTION"
>lwres_getaddrinfo()</CODE
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN92"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>strerror</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">getaddrinfo</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_getaddrinfo</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>getaddrinfo</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>RFC2133</SPAN
></SPAN
>.</P
></DIV
></BODY
></HTML
>
<span class="citerefentry"><span class="refentrytitle">RFC2133</span></span>.
</p>
</div>
</div></body>
</html>

255
lib/lwres/man/lwres_getaddrinfo.3
View file

@ -1,41 +1,52 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_getaddrinfo.3,v 1.23 2005/04/07 03:50:02 marka Exp $
.\"
.TH "LWRES_GETADDRINFO" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_GETADDRINFO" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_getaddrinfo, lwres_freeaddrinfo \- socket address structure to host and service name
.SH SYNOPSIS
\fB#include <lwres/netdb.h>
.SH "SYNOPSIS"
#include <lwres/netdb\&.h>
.sp
.na
int
lwres_getaddrinfo(const char *hostname, const char *servname, const struct addrinfo *hints, struct addrinfo **res);
.ad
.sp
.na
void
lwres_freeaddrinfo(struct addrinfo *ai);
.ad
\fR
.HP 23
int\ \fBlwres_getaddrinfo\fR\ (const\ char\ *\fIhostname\fR, const\ char\ *\fIservname\fR, const\ struct\ addrinfo\ *\fIhints\fR, struct\ addrinfo\ **\fIres\fR);
.HP 25
void\ \fBlwres_freeaddrinfo\fR\ (struct\ addrinfo\ *\fIai\fR);
.PP
If the operating system does not provide a \fBstruct addrinfo\fR, the following structure is used:
.PP
If the operating system does not provide a
\fBstruct addrinfo\fR,
the following structure is used:
.sp
.nf
struct addrinfo {
int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
@ -47,203 +58,37 @@ struct addrinfo {
struct sockaddr *ai_addr; /* binary address */
struct addrinfo *ai_next; /* next structure in linked list */
};
.sp
.fi
.SH "DESCRIPTION"
.PP
\fBlwres_getaddrinfo()\fR
is used to get a list of IP addresses and port numbers for host
\fIhostname\fR
and service
\fIservname\fR.
The function is the lightweight resolver's implementation of
\fBgetaddrinfo()\fR
as defined in RFC2133.
\fIhostname\fR
and
\fIservname\fR
are pointers to null-terminated
strings or
\fBNULL\fR.
\fIhostname\fR
is either a host name or a numeric host address string: a dotted decimal
IPv4 address or an IPv6 address.
\fIservname\fR
is either a decimal port number or a service name as listed in
\fI/etc/services\fR.
\fBlwres_getaddrinfo()\fR is used to get a list of IP addresses and port numbers for host \fIhostname\fR and service \fIservname\fR\&. The function is the lightweight resolver's implementation of \fBgetaddrinfo()\fR as defined in RFC2133\&. \fIhostname\fR and \fIservname\fR are pointers to null\-terminated strings or \fBNULL\fR\&. \fIhostname\fR is either a host name or a numeric host address string: a dotted decimal IPv4 address or an IPv6 address\&. \fIservname\fR is either a decimal port number or a service name as listed in \fI/etc/services\fR\&.
.PP
\fIhints\fR
is an optional pointer to a
\fBstruct addrinfo\fR.
This structure can be used to provide hints concerning the type of socket
that the caller supports or wishes to use.
The caller can supply the following structure elements in
\fI*hints\fR:
\fIhints\fR is an optional pointer to a \fBstruct addrinfo\fR\&. This structure can be used to provide hints concerning the type of socket that the caller supports or wishes to use\&. The caller can supply the following structure elements in \fI*hints\fR:
.TP
\fBai_family\fR
The protocol family that should be used.
When
ai_family
is set to
\fBPF_UNSPEC\fR,
it means the caller will accept any protocol family supported by the
operating system.
The protocol family that should be used\&. When \fBai_family\fR is set to \fBPF_UNSPEC\fR, it means the caller will accept any protocol family supported by the operating system\&.
.TP
\fBai_socktype\fR
denotes the type of socket \(em
\fBSOCK_STREAM\fR,
\fBSOCK_DGRAM\fR
or
\fBSOCK_RAW\fR
\(em that is wanted.
When
ai_socktype
is zero the caller will accept any socket type.
denotes the type of socket -- \fBSOCK_STREAM\fR, \fBSOCK_DGRAM\fR or \fBSOCK_RAW\fR -- that is wanted\&. When \fBai_socktype\fR is zero the caller will accept any socket type\&.
.TP
\fBai_protocol\fR
indicates which transport protocol is wanted: IPPROTO_UDP or
IPPROTO_TCP.
If
ai_protocol
is zero the caller will accept any protocol.
indicates which transport protocol is wanted: IPPROTO_UDP or IPPROTO_TCP\&. If \fBai_protocol\fR is zero the caller will accept any protocol\&.
.TP
\fBai_flags\fR
Flag bits.
If the
\fBAI_CANONNAME\fR
bit is set, a successful call to
\fBlwres_getaddrinfo()\fR
will return a null-terminated string containing the canonical name
of the specified hostname in
ai_canonname
of the first
\fBaddrinfo\fR
structure returned.
Setting the
\fBAI_PASSIVE\fR
bit indicates that the returned socket address structure is intended
for used in a call to
\fBbind\fR(2).
In this case, if the hostname argument is a
\fBNULL\fR
pointer, then the IP address portion of the socket
address structure will be set to
\fBINADDR_ANY\fR
for an IPv4 address or
\fBIN6ADDR_ANY_INIT\fR
for an IPv6 address.
When
ai_flags
does not set the
\fBAI_PASSIVE\fR
bit, the returned socket address structure will be ready
for use in a call to
\fBconnect\fR(2)
for a connection-oriented protocol or
\fBconnect\fR(2),
\fBsendto\fR(2),
or
\fBsendmsg\fR(2)
if a connectionless protocol was chosen.
The IP address portion of the socket address structure will be
set to the loopback address if
\fIhostname\fR
is a
\fBNULL\fR
pointer and
\fBAI_PASSIVE\fR
is not set in
ai_flags.
If
ai_flags
is set to
\fBAI_NUMERICHOST\fR
it indicates that
\fIhostname\fR
should be treated as a numeric string defining an IPv4 or IPv6 address
and no name resolution should be attempted.
Flag bits\&. If the \fBAI_CANONNAME\fR bit is set, a successful call to \fBlwres_getaddrinfo()\fR will return a null\-terminated string containing the canonical name of the specified hostname in \fBai_canonname\fR of the first \fBaddrinfo\fR structure returned\&. Setting the \fBAI_PASSIVE\fR bit indicates that the returned socket address structure is intended for used in a call to \fBbind\fR(2)\&. In this case, if the hostname argument is a \fBNULL\fR pointer, then the IP address portion of the socket address structure will be set to \fBINADDR_ANY\fR for an IPv4 address or \fBIN6ADDR_ANY_INIT\fR for an IPv6 address\&.
When \fBai_flags\fR does not set the \fBAI_PASSIVE\fR bit, the returned socket address structure will be ready for use in a call to \fBconnect\fR(2) for a connection\-oriented protocol or \fBconnect\fR(2), \fBsendto\fR(2), or \fBsendmsg\fR(2) if a connectionless protocol was chosen\&. The IP address portion of the socket address structure will be set to the loopback address if \fIhostname\fR is a \fBNULL\fR pointer and \fBAI_PASSIVE\fR is not set in \fBai_flags\fR\&.
If \fBai_flags\fR is set to \fBAI_NUMERICHOST\fR it indicates that \fIhostname\fR should be treated as a numeric string defining an IPv4 or IPv6 address and no name resolution should be attempted\&.
.PP
All other elements of the \fBstruct addrinfo\fR passed
via \fIhints\fR must be zero.
All other elements of the \fBstruct addrinfo\fR passed via \fIhints\fR must be zero\&.
.PP
A \fIhints\fR of \fBNULL\fR is treated as if
the caller provided a \fBstruct addrinfo\fR initialized to zero
with ai_familyset to
PF_UNSPEC.
A \fIhints\fR of \fBNULL\fR is treated as if the caller provided a \fBstruct addrinfo\fR initialized to zero with \fBai_family\fRset to \fBPF_UNSPEC\fR\&.
.PP
After a successful call to
\fBlwres_getaddrinfo()\fR,
\fI*res\fR
is a pointer to a linked list of one or more
\fBaddrinfo\fR
structures.
Each
\fBstruct addrinfo\fR
in this list cn be processed by following
the
ai_next
pointer, until a
\fBNULL\fR
pointer is encountered.
The three members
ai_family,
ai_socktype,
and
ai_protocol
in each
returned
\fBaddrinfo\fR
structure contain the corresponding arguments for a call to
\fBsocket\fR(2).
For each
\fBaddrinfo\fR
structure in the list, the
ai_addr
member points to a filled-in socket address structure of length
ai_addrlen.
After a successful call to \fBlwres_getaddrinfo()\fR, \fI*res\fR is a pointer to a linked list of one or more \fBaddrinfo\fR structures\&. Each \fBstruct addrinfo\fR in this list cn be processed by following the \fBai_next\fR pointer, until a \fBNULL\fR pointer is encountered\&. The three members \fBai_family\fR, \fBai_socktype\fR, and \fBai_protocol\fR in each returned \fBaddrinfo\fR structure contain the corresponding arguments for a call to \fBsocket\fR(2)\&. For each \fBaddrinfo\fR structure in the list, the \fBai_addr\fR member points to a filled\-in socket address structure of length \fBai_addrlen\fR\&.
.PP
All of the information returned by
\fBlwres_getaddrinfo()\fR
is dynamically allocated: the addrinfo structures, and the socket
address structures and canonical host name strings pointed to by the
addrinfostructures.
Memory allocated for the dynamically allocated structures created by
a successful call to
\fBlwres_getaddrinfo()\fR
is released by
\fBlwres_freeaddrinfo()\fR.
\fIai\fR
is a pointer to a
\fBstruct addrinfo\fR
created by a call to
\fBlwres_getaddrinfo()\fR.
All of the information returned by \fBlwres_getaddrinfo()\fR is dynamically allocated: the addrinfo structures, and the socket address structures and canonical host name strings pointed to by the \fBaddrinfo\fRstructures\&. Memory allocated for the dynamically allocated structures created by a successful call to \fBlwres_getaddrinfo()\fR is released by \fBlwres_freeaddrinfo()\fR\&. \fIai\fR is a pointer to a \fBstruct addrinfo\fR created by a call to \fBlwres_getaddrinfo()\fR\&.
.SH "RETURN VALUES"
.PP
\fBlwres_getaddrinfo()\fR
returns zero on success or one of the error codes listed in
\fBgai_strerror\fR(3)
if an error occurs.
If both
\fIhostname\fR
and
\fIservname\fR
are
\fBNULL\fR
\fBlwres_getaddrinfo()\fR
returns
EAI_NONAME.
\fBlwres_getaddrinfo()\fR returns zero on success or one of the error codes listed in \fBgai_strerror\fR(3) if an error occurs\&. If both \fIhostname\fR and \fIservname\fR are \fBNULL\fR \fBlwres_getaddrinfo()\fR returns \fBEAI_NONAME\fR\&.
.SH "SEE ALSO"
.PP
\fBlwres\fR(3),
\fBlwres_getaddrinfo\fR(3),
\fBlwres_freeaddrinfo\fR(3),
\fBlwres_gai_strerror\fR(3),
\fBRFC2133\fR,
\fBgetservbyname\fR(3),
\fBbind\fR(2),
\fBconnect\fR(2),
\fBsendto\fR(2),
\fBsendmsg\fR(2),
\fBsocket\fR(2).
\fBlwres\fR(3), \fBlwres_getaddrinfo\fR(3), \fBlwres_freeaddrinfo\fR(3), \fBlwres_gai_strerror\fR(3), \fBRFC2133\fR(), \fBgetservbyname\fR(3), \fBbind\fR(2), \fBconnect\fR(2), \fBsendto\fR(2), \fBsendmsg\fR(2), \fBsocket\fR(2)\&.

944
lib/lwres/man/lwres_getaddrinfo.html
View file

@ -1,97 +1,79 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_getaddrinfo.html,v 1.15 2005/04/07 03:50:02 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_getaddrinfo</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_getaddrinfo</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_getaddrinfo, lwres_freeaddrinfo&nbsp;--&nbsp;socket address structure to host and service name</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN12"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN13"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/netdb.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>int
lwres_getaddrinfo</CODE
>(const char *hostname, const char *servname, const struct addrinfo *hints, struct addrinfo **res);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_freeaddrinfo</CODE
>(struct addrinfo *ai);</CODE
></P
><P
></P
></DIV
><P
>If the operating system does not provide a
<SPAN
CLASS="TYPE"
>struct addrinfo</SPAN
>,
the following structure is used:
<PRE
CLASS="PROGRAMLISTING"
>struct addrinfo {
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_getaddrinfo</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_getaddrinfo, lwres_freeaddrinfo &#8212; socket address structure to host and service name</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/netdb.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
int
<b class="fsfunc">lwres_getaddrinfo</b>(</code></td>
<td>const char * </td>
<td>
<var class="pdparam">hostname</var>, </td>
</tr>
<tr>
<td> </td>
<td>const char * </td>
<td>
<var class="pdparam">servname</var>, </td>
</tr>
<tr>
<td> </td>
<td>const struct addrinfo * </td>
<td>
<var class="pdparam">hints</var>, </td>
</tr>
<tr>
<td> </td>
<td>struct addrinfo ** </td>
<td>
<var class="pdparam">res</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0"><tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_freeaddrinfo</b>(</code></td>
<td>struct addrinfo * </td>
<td>
<var class="pdparam">ai</var><code>)</code>;</td>
</tr></table>
</div>
<p>
If the operating system does not provide a
<span class="type">struct addrinfo</span>,
the following structure is used:
</p>
<pre class="programlisting">
struct addrinfo {
int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
int ai_family; /* PF_xxx */
int ai_socktype; /* SOCK_xxx */
@ -100,594 +82,240 @@ CLASS="PROGRAMLISTING"
char *ai_canonname; /* canonical name for hostname */
struct sockaddr *ai_addr; /* binary address */
struct addrinfo *ai_next; /* next structure in linked list */
};</PRE
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN29"
></A
><H2
>DESCRIPTION</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_getaddrinfo()</CODE
>
is used to get a list of IP addresses and port numbers for host
<CODE
CLASS="PARAMETER"
>hostname</CODE
>
and service
<CODE
CLASS="PARAMETER"
>servname</CODE
>.
};
</pre>
<p>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514026"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_getaddrinfo()</code>
is used to get a list of IP addresses and port numbers for host
<em class="parameter"><code>hostname</code></em> and service
<em class="parameter"><code>servname</code></em>.
The function is the lightweight resolver's implementation of
<CODE
CLASS="FUNCTION"
>getaddrinfo()</CODE
>
as defined in RFC2133.
<CODE
CLASS="PARAMETER"
>hostname</CODE
>
and
<CODE
CLASS="PARAMETER"
>servname</CODE
>
are pointers to null-terminated
strings or
<SPAN
CLASS="TYPE"
>NULL</SPAN
>.
The function is the lightweight resolver's implementation of
<code class="function">getaddrinfo()</code> as defined in RFC2133.
<em class="parameter"><code>hostname</code></em> and
<em class="parameter"><code>servname</code></em> are pointers to null-terminated
strings or <span class="type">NULL</span>.
<CODE
CLASS="PARAMETER"
>hostname</CODE
>
is either a host name or a numeric host address string: a dotted decimal
IPv4 address or an IPv6 address.
<CODE
CLASS="PARAMETER"
>servname</CODE
>
is either a decimal port number or a service name as listed in
<TT
CLASS="FILENAME"
>/etc/services</TT
>.</P
><P
><CODE
CLASS="PARAMETER"
>hints</CODE
>
is an optional pointer to a
<SPAN
CLASS="TYPE"
>struct addrinfo</SPAN
>.
This structure can be used to provide hints concerning the type of socket
that the caller supports or wishes to use.
The caller can supply the following structure elements in
<CODE
CLASS="PARAMETER"
>*hints</CODE
>:
<em class="parameter"><code>hostname</code></em> is either a host name or a
numeric host address string: a dotted decimal IPv4 address or an
IPv6 address. <em class="parameter"><code>servname</code></em> is either a
decimal port number or a service name as listed in
<code class="filename">/etc/services</code>.
</p>
<p><em class="parameter"><code>hints</code></em>
is an optional pointer to a
<span class="type">struct addrinfo</span>.
This structure can be used to provide hints concerning the type of
socket
that the caller supports or wishes to use.
The caller can supply the following structure elements in
<em class="parameter"><code>*hints</code></em>:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>ai_family</CODE
></DT
><DD
><P
>The protocol family that should be used.
When
<CODE
CLASS="CONSTANT"
>ai_family</CODE
>
is set to
<SPAN
CLASS="TYPE"
>PF_UNSPEC</SPAN
>,
it means the caller will accept any protocol family supported by the
operating system.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>ai_socktype</CODE
></DT
><DD
><P
>denotes the type of socket &mdash;
<SPAN
CLASS="TYPE"
>SOCK_STREAM</SPAN
>,
<SPAN
CLASS="TYPE"
>SOCK_DGRAM</SPAN
>
or
<SPAN
CLASS="TYPE"
>SOCK_RAW</SPAN
>
&mdash; that is wanted.
When
<CODE
CLASS="CONSTANT"
>ai_socktype</CODE
>
is zero the caller will accept any socket type.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>ai_protocol</CODE
></DT
><DD
><P
>indicates which transport protocol is wanted: IPPROTO_UDP or
IPPROTO_TCP.
If
<CODE
CLASS="CONSTANT"
>ai_protocol</CODE
>
is zero the caller will accept any protocol.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>ai_flags</CODE
></DT
><DD
><P
>Flag bits.
If the
<SPAN
CLASS="TYPE"
>AI_CANONNAME</SPAN
>
bit is set, a successful call to
<CODE
CLASS="FUNCTION"
>lwres_getaddrinfo()</CODE
>
will return a null-terminated string containing the canonical name
of the specified hostname in
<CODE
CLASS="CONSTANT"
>ai_canonname</CODE
>
of the first
<SPAN
CLASS="TYPE"
>addrinfo</SPAN
>
structure returned.
Setting the
<SPAN
CLASS="TYPE"
>AI_PASSIVE</SPAN
>
bit indicates that the returned socket address structure is intended
for used in a call to
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>bind</SPAN
>(2)</SPAN
>.
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">ai_family</code></span></dt>
<dd><p>
The protocol family that should be used.
When
<code class="constant">ai_family</code>
is set to
<span class="type">PF_UNSPEC</span>,
it means the caller will accept any protocol family supported by
the
operating system.
</p></dd>
<dt><span class="term"><code class="constant">ai_socktype</code></span></dt>
<dd><p>
denotes the type of socket &#8212;
<span class="type">SOCK_STREAM</span>,
<span class="type">SOCK_DGRAM</span>
or
<span class="type">SOCK_RAW</span>
&#8212; that is wanted.
When
<code class="constant">ai_socktype</code>
is zero the caller will accept any socket type.
</p></dd>
<dt><span class="term"><code class="constant">ai_protocol</code></span></dt>
<dd><p>
indicates which transport protocol is wanted: IPPROTO_UDP or
IPPROTO_TCP.
If
<code class="constant">ai_protocol</code>
is zero the caller will accept any protocol.
</p></dd>
<dt><span class="term"><code class="constant">ai_flags</code></span></dt>
<dd>
<p>
Flag bits.
If the
<span class="type">AI_CANONNAME</span>
bit is set, a successful call to
<code class="function">lwres_getaddrinfo()</code>
will return a null-terminated string containing the canonical
name
of the specified hostname in
<code class="constant">ai_canonname</code>
of the first
<span class="type">addrinfo</span>
structure returned.
Setting the
<span class="type">AI_PASSIVE</span>
bit indicates that the returned socket address structure is
intended
for used in a call to
<span class="citerefentry"><span class="refentrytitle">bind</span>(2)</span>.
In this case, if the hostname argument is a
<SPAN
CLASS="TYPE"
>NULL</SPAN
>
pointer, then the IP address portion of the socket
address structure will be set to
<SPAN
CLASS="TYPE"
>INADDR_ANY</SPAN
>
for an IPv4 address or
<SPAN
CLASS="TYPE"
>IN6ADDR_ANY_INIT</SPAN
>
for an IPv6 address.</P
><P
>When
<CODE
CLASS="CONSTANT"
>ai_flags</CODE
>
does not set the
<SPAN
CLASS="TYPE"
>AI_PASSIVE</SPAN
>
bit, the returned socket address structure will be ready
for use in a call to
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>connect</SPAN
>(2)</SPAN
>
for a connection-oriented protocol or
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>connect</SPAN
>(2)</SPAN
>,
In this case, if the hostname argument is a
<span class="type">NULL</span>
pointer, then the IP address portion of the socket
address structure will be set to
<span class="type">INADDR_ANY</span>
for an IPv4 address or
<span class="type">IN6ADDR_ANY_INIT</span>
for an IPv6 address.
</p>
<p>
When
<code class="constant">ai_flags</code>
does not set the
<span class="type">AI_PASSIVE</span>
bit, the returned socket address structure will be ready
for use in a call to
<span class="citerefentry"><span class="refentrytitle">connect</span>(2)</span>
for a connection-oriented protocol or
<span class="citerefentry"><span class="refentrytitle">connect</span>(2)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>sendto</SPAN
>(2)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">sendto</span>(2)</span>,
or
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>sendmsg</SPAN
>(2)</SPAN
>
if a connectionless protocol was chosen.
The IP address portion of the socket address structure will be
set to the loopback address if
<CODE
CLASS="PARAMETER"
>hostname</CODE
>
is a
<SPAN
CLASS="TYPE"
>NULL</SPAN
>
pointer and
<SPAN
CLASS="TYPE"
>AI_PASSIVE</SPAN
>
is not set in
<CODE
CLASS="CONSTANT"
>ai_flags</CODE
>.</P
><P
>If
<CODE
CLASS="CONSTANT"
>ai_flags</CODE
>
is set to
<SPAN
CLASS="TYPE"
>AI_NUMERICHOST</SPAN
>
it indicates that
<CODE
CLASS="PARAMETER"
>hostname</CODE
>
should be treated as a numeric string defining an IPv4 or IPv6 address
and no name resolution should be attempted.</P
></DD
></DL
></DIV
></P
><P
>All other elements of the <SPAN
CLASS="TYPE"
>struct addrinfo</SPAN
> passed
via <CODE
CLASS="PARAMETER"
>hints</CODE
> must be zero.</P
><P
>A <CODE
CLASS="PARAMETER"
>hints</CODE
> of <SPAN
CLASS="TYPE"
>NULL</SPAN
> is treated as if
the caller provided a <SPAN
CLASS="TYPE"
>struct addrinfo</SPAN
> initialized to zero
with <CODE
CLASS="CONSTANT"
>ai_family</CODE
>set to
<CODE
CLASS="CONSTANT"
>PF_UNSPEC</CODE
>.</P
><P
>After a successful call to
<CODE
CLASS="FUNCTION"
>lwres_getaddrinfo()</CODE
>,
<CODE
CLASS="PARAMETER"
>*res</CODE
>
is a pointer to a linked list of one or more
<SPAN
CLASS="TYPE"
>addrinfo</SPAN
>
structures.
Each
<SPAN
CLASS="TYPE"
>struct addrinfo</SPAN
>
in this list cn be processed by following
the
<CODE
CLASS="CONSTANT"
>ai_next</CODE
>
pointer, until a
<SPAN
CLASS="TYPE"
>NULL</SPAN
>
pointer is encountered.
The three members
<CODE
CLASS="CONSTANT"
>ai_family</CODE
>,
<CODE
CLASS="CONSTANT"
>ai_socktype</CODE
>,
and
<CODE
CLASS="CONSTANT"
>ai_protocol</CODE
>
in each
returned
<SPAN
CLASS="TYPE"
>addrinfo</SPAN
>
structure contain the corresponding arguments for a call to
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>socket</SPAN
>(2)</SPAN
>.
For each
<SPAN
CLASS="TYPE"
>addrinfo</SPAN
>
structure in the list, the
<CODE
CLASS="CONSTANT"
>ai_addr</CODE
>
member points to a filled-in socket address structure of length
<CODE
CLASS="CONSTANT"
>ai_addrlen</CODE
>.</P
><P
>All of the information returned by
<CODE
CLASS="FUNCTION"
>lwres_getaddrinfo()</CODE
>
is dynamically allocated: the addrinfo structures, and the socket
address structures and canonical host name strings pointed to by the
<CODE
CLASS="CONSTANT"
>addrinfo</CODE
>structures.
Memory allocated for the dynamically allocated structures created by
a successful call to
<CODE
CLASS="FUNCTION"
>lwres_getaddrinfo()</CODE
>
is released by
<CODE
CLASS="FUNCTION"
>lwres_freeaddrinfo()</CODE
>.
<CODE
CLASS="PARAMETER"
>ai</CODE
>
is a pointer to a
<SPAN
CLASS="TYPE"
>struct addrinfo</SPAN
>
created by a call to
<CODE
CLASS="FUNCTION"
>lwres_getaddrinfo()</CODE
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN142"
></A
><H2
>RETURN VALUES</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_getaddrinfo()</CODE
>
returns zero on success or one of the error codes listed in
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>gai_strerror</SPAN
>(3)</SPAN
>
if an error occurs.
If both
<CODE
CLASS="PARAMETER"
>hostname</CODE
>
and
<CODE
CLASS="PARAMETER"
>servname</CODE
>
are
<SPAN
CLASS="TYPE"
>NULL</SPAN
>
<CODE
CLASS="FUNCTION"
>lwres_getaddrinfo()</CODE
>
returns
<SPAN
CLASS="ERRORCODE"
>EAI_NONAME</SPAN
>.&#13;</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN154"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres</SPAN
>(3)</SPAN
>,
or
<span class="citerefentry"><span class="refentrytitle">sendmsg</span>(2)</span>
if a connectionless protocol was chosen.
The IP address portion of the socket address structure will be
set to the loopback address if
<em class="parameter"><code>hostname</code></em>
is a
<span class="type">NULL</span>
pointer and
<span class="type">AI_PASSIVE</span>
is not set in
<code class="constant">ai_flags</code>.
</p>
<p>
If
<code class="constant">ai_flags</code>
is set to
<span class="type">AI_NUMERICHOST</span>
it indicates that
<em class="parameter"><code>hostname</code></em>
should be treated as a numeric string defining an IPv4 or IPv6
address
and no name resolution should be attempted.
</p>
</dd>
</dl></div>
<p>
</p>
<p>
All other elements of the <span class="type">struct addrinfo</span> passed
via <em class="parameter"><code>hints</code></em> must be zero.
</p>
<p>
A <em class="parameter"><code>hints</code></em> of <span class="type">NULL</span> is
treated as if
the caller provided a <span class="type">struct addrinfo</span> initialized to zero
with <code class="constant">ai_family</code>set to
<code class="constant">PF_UNSPEC</code>.
</p>
<p>
After a successful call to
<code class="function">lwres_getaddrinfo()</code>,
<em class="parameter"><code>*res</code></em>
is a pointer to a linked list of one or more
<span class="type">addrinfo</span>
structures.
Each
<span class="type">struct addrinfo</span>
in this list cn be processed by following
the
<code class="constant">ai_next</code>
pointer, until a
<span class="type">NULL</span>
pointer is encountered.
The three members
<code class="constant">ai_family</code>,
<code class="constant">ai_socktype</code>,
and
<code class="constant">ai_protocol</code>
in each
returned
<span class="type">addrinfo</span>
structure contain the corresponding arguments for a call to
<span class="citerefentry"><span class="refentrytitle">socket</span>(2)</span>.
For each
<span class="type">addrinfo</span>
structure in the list, the
<code class="constant">ai_addr</code>
member points to a filled-in socket address structure of length
<code class="constant">ai_addrlen</code>.
</p>
<p>
All of the information returned by
<code class="function">lwres_getaddrinfo()</code>
is dynamically allocated: the addrinfo structures, and the socket
address structures and canonical host name strings pointed to by the
<code class="constant">addrinfo</code>structures.
Memory allocated for the dynamically allocated structures created by
a successful call to
<code class="function">lwres_getaddrinfo()</code>
is released by
<code class="function">lwres_freeaddrinfo()</code>.
<em class="parameter"><code>ai</code></em>
is a pointer to a
<span class="type">struct addrinfo</span>
created by a call to
<code class="function">lwres_getaddrinfo()</code>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514609"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_getaddrinfo()</code>
returns zero on success or one of the error codes listed in
<span class="citerefentry"><span class="refentrytitle">gai_strerror</span>(3)</span>
if an error occurs. If both <em class="parameter"><code>hostname</code></em> and
<em class="parameter"><code>servname</code></em> are <span class="type">NULL</span>
<code class="function">lwres_getaddrinfo()</code> returns
<span class="errorcode">EAI_NONAME</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514646"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_getaddrinfo</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_freeaddrinfo</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_freeaddrinfo</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_gai_strerror</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_gai_strerror</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>RFC2133</SPAN
></SPAN
>,
<span class="citerefentry"><span class="refentrytitle">RFC2133</span></span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>getservbyname</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">getservbyname</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>bind</SPAN
>(2)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">bind</span>(2)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>connect</SPAN
>(2)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">connect</span>(2)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>sendto</SPAN
>(2)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">sendto</span>(2)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>sendmsg</SPAN
>(2)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">sendmsg</span>(2)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>socket</SPAN
>(2)</SPAN
>.</P
></DIV
></BODY
></HTML
>
<span class="citerefentry"><span class="refentrytitle">socket</span>(2)</span>.
</p>
</div>
</div></body>
</html>

290
lib/lwres/man/lwres_gethostent.3
View file

@ -1,93 +1,71 @@
.\" Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_gethostent.3,v 1.21 2004/04/07 00:57:03 marka Exp $
.\"
.TH "LWRES_GETHOSTENT" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_GETHOSTENT" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_gethostbyname, lwres_gethostbyname2, lwres_gethostbyaddr, lwres_gethostent, lwres_sethostent, lwres_endhostent, lwres_gethostbyname_r, lwres_gethostbyaddr_r, lwres_gethostent_r, lwres_sethostent_r, lwres_endhostent_r \- lightweight resolver get network host entry
.SH SYNOPSIS
\fB#include <lwres/netdb.h>
.SH "SYNOPSIS"
#include <lwres/netdb\&.h>
.sp
.na
struct hostent *
lwres_gethostbyname(const char *name);
.ad
.sp
.na
struct hostent *
lwres_gethostbyname2(const char *name, int af);
.ad
.sp
.na
struct hostent *
lwres_gethostbyaddr(const char *addr, int len, int type);
.ad
.sp
.na
struct hostent *
lwres_gethostent(void);
.ad
.sp
.na
void
lwres_sethostent(int stayopen);
.ad
.sp
.na
void
lwres_endhostent(void);
.ad
.sp
.na
struct hostent *
lwres_gethostbyname_r(const char *name, struct hostent *resbuf, char *buf, int buflen, int *error);
.ad
.sp
.na
struct hostent *
lwres_gethostbyaddr_r(const char *addr, int len, int type, struct hostent *resbuf, char *buf, int buflen, int *error);
.ad
.sp
.na
struct hostent *
lwres_gethostent_r(struct hostent *resbuf, char *buf, int buflen, int *error);
.ad
.sp
.na
void
lwres_sethostent_r(int stayopen);
.ad
.sp
.na
void
lwres_endhostent_r(void);
.ad
\fR
.HP 40
struct\ hostent\ *\ \fBlwres_gethostbyname\fR\ (const\ char\ *\fIname\fR);
.HP 41
struct\ hostent\ *\ \fBlwres_gethostbyname2\fR\ (const\ char\ *\fIname\fR, int\ \fIaf\fR);
.HP 40
struct\ hostent\ *\ \fBlwres_gethostbyaddr\fR\ (const\ char\ *\fIaddr\fR, int\ \fIlen\fR, int\ \fItype\fR);
.HP 37
struct\ hostent\ *\ \fBlwres_gethostent\fR\ (void);
.HP 23
void\ \fBlwres_sethostent\fR\ (int\ \fIstayopen\fR);
.HP 23
void\ \fBlwres_endhostent\fR\ (void);
.HP 42
struct\ hostent\ *\ \fBlwres_gethostbyname_r\fR\ (const\ char\ *\fIname\fR, struct\ hostent\ *\fIresbuf\fR, char\ *\fIbuf\fR, int\ \fIbuflen\fR, int\ *\fIerror\fR);
.HP 42
struct\ hostent\ *\ \fBlwres_gethostbyaddr_r\fR\ (const\ char\ *\fIaddr\fR, int\ \fIlen\fR, int\ \fItype\fR, struct\ hostent\ *\fIresbuf\fR, char\ *\fIbuf\fR, int\ \fIbuflen\fR, int\ *\fIerror\fR);
.HP 39
struct\ hostent\ *\ \fBlwres_gethostent_r\fR\ (struct\ hostent\ *\fIresbuf\fR, char\ *\fIbuf\fR, int\ \fIbuflen\fR, int\ *\fIerror\fR);
.HP 25
void\ \fBlwres_sethostent_r\fR\ (int\ \fIstayopen\fR);
.HP 25
void\ \fBlwres_endhostent_r\fR\ (void);
.SH "DESCRIPTION"
.PP
These functions provide hostname-to-address and
address-to-hostname lookups by means of the lightweight resolver.
They are similar to the standard
\fBgethostent\fR(3)
functions provided by most operating systems.
They use a
\fBstruct hostent\fR
which is usually defined in
\fI<namedb.h>\fR.
.sp
These functions provide hostname\-to\-address and address\-to\-hostname lookups by means of the lightweight resolver\&. They are similar to the standard \fBgethostent\fR(3) functions provided by most operating systems\&. They use a \fBstruct hostent\fR which is usually defined in \fI<namedb\&.h>\fR\&.
.PP
.nf
struct hostent {
char *h_name; /* official name of host */
@ -97,176 +75,60 @@ struct hostent {
char **h_addr_list; /* list of addresses from name server */
};
#define h_addr h_addr_list[0] /* address, for backward compatibility */
.sp
.fi
.PP
The members of this structure are:
The members of this structure are:
.TP
\fBh_name\fR
The official (canonical) name of the host.
The official (canonical) name of the host\&.
.TP
\fBh_aliases\fR
A NULL-terminated array of alternate names (nicknames) for the host.
A NULL\-terminated array of alternate names (nicknames) for the host\&.
.TP
\fBh_addrtype\fR
The type of address being returned \(em
\fBPF_INET\fR
or
\fBPF_INET6\fR.
The type of address being returned -- \fBPF_INET\fR or \fBPF_INET6\fR\&.
.TP
\fBh_length\fR
The length of the address in bytes.
The length of the address in bytes\&.
.TP
\fBh_addr_list\fR
A \fBNULL\fR
terminated array of network addresses for the host.
Host addresses are returned in network byte order.
A \fBNULL\fR terminated array of network addresses for the host\&. Host addresses are returned in network byte order\&.
.PP
For backward compatibility with very old software,
h_addr
is the first address in
h_addr_list.
For backward compatibility with very old software, \fBh_addr\fR is the first address in \fBh_addr_list\&.\fR
.PP
\fBlwres_gethostent()\fR,
\fBlwres_sethostent()\fR,
\fBlwres_endhostent()\fR,
\fBlwres_gethostent_r()\fR,
\fBlwres_sethostent_r()\fR
and
\fBlwres_endhostent_r()\fR
provide iteration over the known host entries on systems that
provide such functionality through facilities like
\fI/etc/hosts\fR
or NIS. The lightweight resolver does not currently implement
these functions; it only provides them as stub functions that always
return failure.
\fBlwres_gethostent()\fR, \fBlwres_sethostent()\fR, \fBlwres_endhostent()\fR, \fBlwres_gethostent_r()\fR, \fBlwres_sethostent_r()\fR and \fBlwres_endhostent_r()\fR provide iteration over the known host entries on systems that provide such functionality through facilities like \fI/etc/hosts\fR or NIS\&. The lightweight resolver does not currently implement these functions; it only provides them as stub functions that always return failure\&.
.PP
\fBlwres_gethostbyname()\fR and
\fBlwres_gethostbyname2()\fR look up the hostname
\fIname\fR.
\fBlwres_gethostbyname()\fR always looks for an IPv4
address while \fBlwres_gethostbyname2()\fR looks for an
address of protocol family \fIaf\fR: either
\fBPF_INET\fR or \fBPF_INET6\fR \(em IPv4 or IPV6
addresses respectively. Successful calls of the functions return a
\fBstruct hostent\fRfor the name that was looked up.
\fBNULL\fR is returned if the lookups by
\fBlwres_gethostbyname()\fR or
\fBlwres_gethostbyname2()\fR fail.
\fBlwres_gethostbyname()\fR and \fBlwres_gethostbyname2()\fR look up the hostname \fIname\fR\&. \fBlwres_gethostbyname()\fR always looks for an IPv4 address while \fBlwres_gethostbyname2()\fR looks for an address of protocol family \fIaf\fR: either \fBPF_INET\fR or \fBPF_INET6\fR -- IPv4 or IPV6 addresses respectively\&. Successful calls of the functions return a \fBstruct hostent\fRfor the name that was looked up\&. \fBNULL\fR is returned if the lookups by \fBlwres_gethostbyname()\fR or \fBlwres_gethostbyname2()\fR fail\&.
.PP
Reverse lookups of addresses are performed by
\fBlwres_gethostbyaddr()\fR.
\fIaddr\fR is an address of length
\fIlen\fR bytes and protocol family
\fItype\fR \(em \fBPF_INET\fR or
\fBPF_INET6\fR.
\fBlwres_gethostbyname_r()\fR is a thread-safe function
for forward lookups. If an error occurs, an error code is returned in
\fI*error\fR.
\fIresbuf\fR is a pointer to a \fBstruct
hostent\fR which is initialised by a successful call to
\fBlwres_gethostbyname_r()\fR .
\fIbuf\fR is a buffer of length
\fIlen\fR bytes which is used to store the
h_name, h_aliases, and
h_addr_list elements of the \fBstruct
hostent\fR returned in \fIresbuf\fR.
Successful calls to \fBlwres_gethostbyname_r()\fR
return \fIresbuf\fR,
which is a pointer to the \fBstruct hostent\fR it created.
Reverse lookups of addresses are performed by \fBlwres_gethostbyaddr()\fR\&. \fIaddr\fR is an address of length \fIlen\fR bytes and protocol family \fItype\fR -- \fBPF_INET\fR or \fBPF_INET6\fR\&. \fBlwres_gethostbyname_r()\fR is a thread\-safe function for forward lookups\&. If an error occurs, an error code is returned in \fI*error\fR\&. \fIresbuf\fR is a pointer to a \fBstruct hostent\fR which is initialised by a successful call to \fBlwres_gethostbyname_r()\fR\&. \fIbuf\fR is a buffer of length \fIlen\fR bytes which is used to store the \fBh_name\fR, \fBh_aliases\fR, and \fBh_addr_list\fR elements of the \fBstruct hostent\fR returned in \fIresbuf\fR\&. Successful calls to \fBlwres_gethostbyname_r()\fR return \fIresbuf\fR, which is a pointer to the \fBstruct hostent\fR it created\&.
.PP
\fBlwres_gethostbyaddr_r()\fR is a thread-safe function
that performs a reverse lookup of address \fIaddr\fR
which is \fIlen\fR bytes long and is of protocol
family \fItype\fR \(em \fBPF_INET\fR or
\fBPF_INET6\fR. If an error occurs, the error code is returned
in \fI*error\fR. The other function parameters are
identical to those in \fBlwres_gethostbyname_r()\fR.
\fIresbuf\fR is a pointer to a \fBstruct
hostent\fR which is initialised by a successful call to
\fBlwres_gethostbyaddr_r()\fR.
\fIbuf\fR is a buffer of length
\fIlen\fR bytes which is used to store the
h_name, h_aliases, and
h_addr_list elements of the \fBstruct
hostent\fR returned in \fIresbuf\fR. Successful
calls to \fBlwres_gethostbyaddr_r()\fR return
\fIresbuf\fR, which is a pointer to the
\fBstruct hostent()\fR it created.
\fBlwres_gethostbyaddr_r()\fR is a thread\-safe function that performs a reverse lookup of address \fIaddr\fR which is \fIlen\fR bytes long and is of protocol family \fItype\fR -- \fBPF_INET\fR or \fBPF_INET6\fR\&. If an error occurs, the error code is returned in \fI*error\fR\&. The other function parameters are identical to those in \fBlwres_gethostbyname_r()\fR\&. \fIresbuf\fR is a pointer to a \fBstruct hostent\fR which is initialised by a successful call to \fBlwres_gethostbyaddr_r()\fR\&. \fIbuf\fR is a buffer of length \fIlen\fR bytes which is used to store the \fBh_name\fR, \fBh_aliases\fR, and \fBh_addr_list\fR elements of the \fBstruct hostent\fR returned in \fIresbuf\fR\&. Successful calls to \fBlwres_gethostbyaddr_r()\fR return \fIresbuf\fR, which is a pointer to the \fBstruct hostent()\fR it created\&.
.SH "RETURN VALUES"
.PP
The functions
\fBlwres_gethostbyname()\fR,
\fBlwres_gethostbyname2()\fR,
\fBlwres_gethostbyaddr()\fR,
and
\fBlwres_gethostent()\fR
return NULL to indicate an error. In this case the global variable
\fBlwres_h_errno\fR
will contain one of the following error codes defined in
\fI<lwres/netdb.h>\fR:
The functions \fBlwres_gethostbyname()\fR, \fBlwres_gethostbyname2()\fR, \fBlwres_gethostbyaddr()\fR, and \fBlwres_gethostent()\fR return NULL to indicate an error\&. In this case the global variable \fBlwres_h_errno\fR will contain one of the following error codes defined in \fI<lwres/netdb\&.h>\fR:
.TP
\fBHOST_NOT_FOUND\fR
The host or address was not found.
The host or address was not found\&.
.TP
\fBTRY_AGAIN\fR
A recoverable error occurred, e.g., a timeout.
Retrying the lookup may succeed.
A recoverable error occurred, e\&.g\&., a timeout\&. Retrying the lookup may succeed\&.
.TP
\fBNO_RECOVERY\fR
A non-recoverable error occurred.
A non\-recoverable error occurred\&.
.TP
\fBNO_DATA\fR
The name exists, but has no address information
associated with it (or vice versa in the case
of a reverse lookup). The code NO_ADDRESS
is accepted as a synonym for NO_DATA for backwards
compatibility.
The name exists, but has no address information associated with it (or vice versa in the case of a reverse lookup)\&. The code NO_ADDRESS is accepted as a synonym for NO_DATA for backwards compatibility\&.
.PP
\fBlwres_hstrerror\fR(3)
translates these error codes to suitable error messages.
\fBlwres_hstrerror\fR(3) translates these error codes to suitable error messages\&.
.PP
\fBlwres_gethostent()\fR
and
\fBlwres_gethostent_r()\fR
always return
\fBNULL\fR.
\fBlwres_gethostent()\fR and \fBlwres_gethostent_r()\fR always return \fBNULL\fR\&.
.PP
Successful calls to \fBlwres_gethostbyname_r()\fR and
\fBlwres_gethostbyaddr_r()\fR return
\fIresbuf\fR, a pointer to the \fBstruct
hostent\fR that was initialised by these functions. They return
\fBNULL\fR if the lookups fail or if \fIbuf\fR
was too small to hold the list of addresses and names referenced by
the h_name, h_aliases, and
h_addr_list elements of the \fBstruct
hostent\fR. If \fIbuf\fR was too small, both
\fBlwres_gethostbyname_r()\fR and
\fBlwres_gethostbyaddr_r()\fR set the global variable
\fBerrno\fR to ERANGE.
Successful calls to \fBlwres_gethostbyname_r()\fR and \fBlwres_gethostbyaddr_r()\fR return \fIresbuf\fR, a pointer to the \fBstruct hostent\fR that was initialised by these functions\&. They return \fBNULL\fR if the lookups fail or if \fIbuf\fR was too small to hold the list of addresses and names referenced by the \fBh_name\fR, \fBh_aliases\fR, and \fBh_addr_list\fR elements of the \fBstruct hostent\fR\&. If \fIbuf\fR was too small, both \fBlwres_gethostbyname_r()\fR and \fBlwres_gethostbyaddr_r()\fR set the global variable \fBerrno\fR to \fBERANGE\fR\&.
.SH "SEE ALSO"
.PP
\fBgethostent\fR(3),
\fBlwres_getipnode\fR(3),
\fBlwres_hstrerror\fR(3)
\fBgethostent\fR(3), \fBlwres_getipnode\fR(3), \fBlwres_hstrerror\fR(3)
.SH "BUGS"
.PP
\fBlwres_gethostbyname()\fR,
\fBlwres_gethostbyname2()\fR,
\fBlwres_gethostbyaddr()\fR
and
\fBlwres_endhostent()\fR
are not thread safe; they return pointers to static data and
provide error codes through a global variable.
Thread-safe versions for name and address lookup are provided by
\fBlwres_gethostbyname_r()\fR,
and
\fBlwres_gethostbyaddr_r()\fR
respectively.
\fBlwres_gethostbyname()\fR, \fBlwres_gethostbyname2()\fR, \fBlwres_gethostbyaddr()\fR and \fBlwres_endhostent()\fR are not thread safe; they return pointers to static data and provide error codes through a global variable\&. Thread\-safe versions for name and address lookup are provided by \fBlwres_gethostbyname_r()\fR, and \fBlwres_gethostbyaddr_r()\fR respectively\&.
.PP
The resolver daemon does not currently support any non-DNS
name services such as
\fI/etc/hosts\fR
or
\fBNIS\fR,
consequently the above functions don't, either.
The resolver daemon does not currently support any non\-DNS name services such as \fI/etc/hosts\fR or \fBNIS\fR, consequently the above functions don't, either\&.

1184
lib/lwres/man/lwres_gethostent.html
View file

File diff suppressed because it is too large Load diff

188
lib/lwres/man/lwres_getipnode.3
View file

@ -1,52 +1,57 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_getipnode.3,v 1.20 2005/04/07 03:50:02 marka Exp $
.\"
.TH "LWRES_GETIPNODE" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_GETIPNODE" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent \- lightweight resolver nodename / address translation API
.SH SYNOPSIS
\fB#include <lwres/netdb.h>
.SH "SYNOPSIS"
#include <lwres/netdb\&.h>
.sp
.na
struct hostent *
lwres_getipnodebyname(const char *name, int af, int flags, int *error_num);
.ad
.sp
.na
struct hostent *
lwres_getipnodebyaddr(const void *src, size_t len, int af, int *error_num);
.ad
.sp
.na
void
lwres_freehostent(struct hostent *he);
.ad
\fR
.HP 42
struct\ hostent\ *\ \fBlwres_getipnodebyname\fR\ (const\ char\ *\fIname\fR, int\ \fIaf\fR, int\ \fIflags\fR, int\ *\fIerror_num\fR);
.HP 42
struct\ hostent\ *\ \fBlwres_getipnodebyaddr\fR\ (const\ void\ *\fIsrc\fR, size_t\ \fIlen\fR, int\ \fIaf\fR, int\ *\fIerror_num\fR);
.HP 24
void\ \fBlwres_freehostent\fR\ (struct\ hostent\ *\fIhe\fR);
.SH "DESCRIPTION"
.PP
These functions perform thread safe, protocol independent
nodename-to-address and address-to-nodename
translation as defined in RFC2553.
These functions perform thread safe, protocol independent nodename\-to\-address and address\-to\-nodename translation as defined in RFC2553\&.
.PP
They use a \fBstruct hostent\fR which is defined in \fInamedb\&.h\fR:
.PP
They use a
\fBstruct hostent\fR
which is defined in
\fInamedb.h\fR:
.sp
.nf
struct hostent {
char *h_name; /* official name of host */
@ -56,134 +61,59 @@ struct hostent {
char **h_addr_list; /* list of addresses from name server */
};
#define h_addr h_addr_list[0] /* address, for backward compatibility */
.sp
.fi
.PP
The members of this structure are:
The members of this structure are:
.TP
\fBh_name\fR
The official (canonical) name of the host.
The official (canonical) name of the host\&.
.TP
\fBh_aliases\fR
A NULL-terminated array of alternate names (nicknames) for the host.
A NULL\-terminated array of alternate names (nicknames) for the host\&.
.TP
\fBh_addrtype\fR
The type of address being returned - usually
\fBPF_INET\fR
or
\fBPF_INET6\fR.
The type of address being returned \- usually \fBPF_INET\fR or \fBPF_INET6\fR\&.
.TP
\fBh_length\fR
The length of the address in bytes.
The length of the address in bytes\&.
.TP
\fBh_addr_list\fR
A
\fBNULL\fR
terminated array of network addresses for the host.
Host addresses are returned in network byte order.
A \fBNULL\fR terminated array of network addresses for the host\&. Host addresses are returned in network byte order\&.
.PP
\fBlwres_getipnodebyname()\fR
looks up addresses of protocol family
\fIaf\fR
for the hostname
\fIname\fR.
The
\fIflags\fR
parameter contains ORed flag bits to
specify the types of addresses that are searched
for, and the types of addresses that are returned.
The flag bits are:
\fBlwres_getipnodebyname()\fR looks up addresses of protocol family \fIaf\fR for the hostname \fIname\fR\&. The \fIflags\fR parameter contains ORed flag bits to specify the types of addresses that are searched for, and the types of addresses that are returned\&. The flag bits are:
.TP
\fBAI_V4MAPPED\fR
This is used with an
\fIaf\fR
of AF_INET6, and causes IPv4 addresses to be returned as IPv4-mapped
IPv6 addresses.
This is used with an \fIaf\fR of AF_INET6, and causes IPv4 addresses to be returned as IPv4\-mapped IPv6 addresses\&.
.TP
\fBAI_ALL\fR
This is used with an
\fIaf\fR
of AF_INET6, and causes all known addresses (IPv6 and IPv4) to be returned.
If AI_V4MAPPED is also set, the IPv4 addresses are return as mapped
IPv6 addresses.
This is used with an \fIaf\fR of AF_INET6, and causes all known addresses (IPv6 and IPv4) to be returned\&. If AI_V4MAPPED is also set, the IPv4 addresses are return as mapped IPv6 addresses\&.
.TP
\fBAI_ADDRCONFIG\fR
Only return an IPv6 or IPv4 address if here is an active network
interface of that type. This is not currently implemented
in the BIND 9 lightweight resolver, and the flag is ignored.
Only return an IPv6 or IPv4 address if here is an active network interface of that type\&. This is not currently implemented in the BIND 9 lightweight resolver, and the flag is ignored\&.
.TP
\fBAI_DEFAULT\fR
This default sets the
AI_V4MAPPED
and
AI_ADDRCONFIG
flag bits.
This default sets the \fBAI_V4MAPPED\fR and \fBAI_ADDRCONFIG\fR flag bits\&.
.PP
\fBlwres_getipnodebyaddr()\fR
performs a reverse lookup
of address
\fIsrc\fR
which is
\fIlen\fR
bytes long.
\fIaf\fR
denotes the protocol family, typically
\fBPF_INET\fR
or
\fBPF_INET6\fR.
\fBlwres_getipnodebyaddr()\fR performs a reverse lookup of address \fIsrc\fR which is \fIlen\fR bytes long\&. \fIaf\fR denotes the protocol family, typically \fBPF_INET\fR or \fBPF_INET6\fR\&.
.PP
\fBlwres_freehostent()\fR
releases all the memory associated with
the
\fBstruct hostent\fR
pointer
\fIhe\fR.
Any memory allocated for the
h_name,
h_addr_list
and
h_aliases
is freed, as is the memory for the
\fBhostent\fR
structure itself.
\fBlwres_freehostent()\fR releases all the memory associated with the \fBstruct hostent\fR pointer \fIhe\fR\&. Any memory allocated for the \fBh_name\fR, \fBh_addr_list\fR and \fBh_aliases\fR is freed, as is the memory for the \fBhostent\fR structure itself\&.
.SH "RETURN VALUES"
.PP
If an error occurs,
\fBlwres_getipnodebyname()\fR
and
\fBlwres_getipnodebyaddr()\fR
set
\fI*error_num\fR
to an appropriate error code and the function returns a
\fBNULL\fR
pointer.
The error codes and their meanings are defined in
\fI<lwres/netdb.h>\fR:
If an error occurs, \fBlwres_getipnodebyname()\fR and \fBlwres_getipnodebyaddr()\fR set \fI*error_num\fR to an appropriate error code and the function returns a \fBNULL\fR pointer\&. The error codes and their meanings are defined in \fI<lwres/netdb\&.h>\fR:
.TP
\fBHOST_NOT_FOUND\fR
No such host is known.
No such host is known\&.
.TP
\fBNO_ADDRESS\fR
The server recognised the request and the name but no address is
available. Another type of request to the name server for the
domain might return an answer.
The server recognised the request and the name but no address is available\&. Another type of request to the name server for the domain might return an answer\&.
.TP
\fBTRY_AGAIN\fR
A temporary and possibly transient error occurred, such as a
failure of a server to respond. The request may succeed if
retried.
A temporary and possibly transient error occurred, such as a failure of a server to respond\&. The request may succeed if retried\&.
.TP
\fBNO_RECOVERY\fR
An unexpected failure occurred, and retrying the request
is pointless.
An unexpected failure occurred, and retrying the request is pointless\&.
.PP
\fBlwres_hstrerror\fR(3)
translates these error codes to suitable error messages.
\fBlwres_hstrerror\fR(3) translates these error codes to suitable error messages\&.
.SH "SEE ALSO"
.PP
\fBRFC2553\fR,
\fBlwres\fR(3),
\fBlwres_gethostent\fR(3),
\fBlwres_getaddrinfo\fR(3),
\fBlwres_getnameinfo\fR(3),
\fBlwres_hstrerror\fR(3).
\fBRFC2553\fR(), \fBlwres\fR(3), \fBlwres_gethostent\fR(3), \fBlwres_getaddrinfo\fR(3), \fBlwres_getnameinfo\fR(3), \fBlwres_hstrerror\fR(3)\&.

742
lib/lwres/man/lwres_getipnode.html
View file

@ -1,512 +1,278 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_getipnode.html,v 1.14 2005/04/07 03:50:02 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_getipnode</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_getipnode</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent&nbsp;--&nbsp;lightweight resolver nodename / address translation API</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN13"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN14"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/netdb.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>struct hostent *
lwres_getipnodebyname</CODE
>(const char *name, int af, int flags, int *error_num);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>struct hostent *
lwres_getipnodebyaddr</CODE
>(const void *src, size_t len, int af, int *error_num);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_freehostent</CODE
>(struct hostent *he);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN34"
></A
><H2
>DESCRIPTION</H2
><P
>These functions perform thread safe, protocol independent
nodename-to-address and address-to-nodename
translation as defined in RFC2553.</P
><P
>They use a
<SPAN
CLASS="TYPE"
>struct hostent</SPAN
>
which is defined in
<TT
CLASS="FILENAME"
>namedb.h</TT
>:
<PRE
CLASS="PROGRAMLISTING"
>struct hostent {
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_getipnode</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent &#8212; lightweight resolver nodename / address translation API</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/netdb.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
struct hostent *
<b class="fsfunc">lwres_getipnodebyname</b>(</code></td>
<td>const char * </td>
<td>
<var class="pdparam">name</var>, </td>
</tr>
<tr>
<td> </td>
<td>int  </td>
<td>
<var class="pdparam">af</var>, </td>
</tr>
<tr>
<td> </td>
<td>int  </td>
<td>
<var class="pdparam">flags</var>, </td>
</tr>
<tr>
<td> </td>
<td>int * </td>
<td>
<var class="pdparam">error_num</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
struct hostent *
<b class="fsfunc">lwres_getipnodebyaddr</b>(</code></td>
<td>const void * </td>
<td>
<var class="pdparam">src</var>, </td>
</tr>
<tr>
<td> </td>
<td>size_t  </td>
<td>
<var class="pdparam">len</var>, </td>
</tr>
<tr>
<td> </td>
<td>int  </td>
<td>
<var class="pdparam">af</var>, </td>
</tr>
<tr>
<td> </td>
<td>int * </td>
<td>
<var class="pdparam">error_num</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0"><tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_freehostent</b>(</code></td>
<td>struct hostent * </td>
<td>
<var class="pdparam">he</var><code>)</code>;</td>
</tr></table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2514045"></a><h2>DESCRIPTION</h2>
<p>
These functions perform thread safe, protocol independent
nodename-to-address and address-to-nodename
translation as defined in RFC2553.
</p>
<p>
They use a
<span class="type">struct hostent</span>
which is defined in
<code class="filename">namedb.h</code>:
</p>
<pre class="programlisting">
struct hostent {
char *h_name; /* official name of host */
char **h_aliases; /* alias list */
int h_addrtype; /* host address type */
int h_length; /* length of address */
char **h_addr_list; /* list of addresses from name server */
};
#define h_addr h_addr_list[0] /* address, for backward compatibility */</PRE
></P
><P
>The members of this structure are:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>h_name</CODE
></DT
><DD
><P
>The official (canonical) name of the host.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>h_aliases</CODE
></DT
><DD
><P
>A NULL-terminated array of alternate names (nicknames) for the host.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>h_addrtype</CODE
></DT
><DD
><P
>The type of address being returned - usually
<SPAN
CLASS="TYPE"
>PF_INET</SPAN
>
or
<SPAN
CLASS="TYPE"
>PF_INET6</SPAN
>.&#13;</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>h_length</CODE
></DT
><DD
><P
>The length of the address in bytes.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>h_addr_list</CODE
></DT
><DD
><P
>A
<SPAN
CLASS="TYPE"
>NULL</SPAN
>
terminated array of network addresses for the host.
Host addresses are returned in network byte order.</P
></DD
></DL
></DIV
></P
><P
><CODE
CLASS="FUNCTION"
>lwres_getipnodebyname()</CODE
>
looks up addresses of protocol family
<CODE
CLASS="PARAMETER"
>af</CODE
>
#define h_addr h_addr_list[0] /* address, for backward compatibility */
</pre>
<p>
</p>
<p>
The members of this structure are:
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">h_name</code></span></dt>
<dd><p>
The official (canonical) name of the host.
</p></dd>
<dt><span class="term"><code class="constant">h_aliases</code></span></dt>
<dd><p>
A NULL-terminated array of alternate names (nicknames) for the
host.
</p></dd>
<dt><span class="term"><code class="constant">h_addrtype</code></span></dt>
<dd><p>
The type of address being returned - usually
<span class="type">PF_INET</span>
or
<span class="type">PF_INET6</span>.
for the hostname
<CODE
CLASS="PARAMETER"
>name</CODE
>.
</p></dd>
<dt><span class="term"><code class="constant">h_length</code></span></dt>
<dd><p>
The length of the address in bytes.
</p></dd>
<dt><span class="term"><code class="constant">h_addr_list</code></span></dt>
<dd><p>
A
<span class="type">NULL</span>
terminated array of network addresses for the host.
Host addresses are returned in network byte order.
</p></dd>
</dl></div>
<p>
</p>
<p><code class="function">lwres_getipnodebyname()</code>
looks up addresses of protocol family <em class="parameter"><code>af</code></em>
for the hostname <em class="parameter"><code>name</code></em>. The
<em class="parameter"><code>flags</code></em> parameter contains ORed flag bits
to specify the types of addresses that are searched for, and the
types of addresses that are returned. The flag bits are:
The
<CODE
CLASS="PARAMETER"
>flags</CODE
>
parameter contains ORed flag bits to
specify the types of addresses that are searched
for, and the types of addresses that are returned.
The flag bits are:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>AI_V4MAPPED</CODE
></DT
><DD
><P
>This is used with an
<CODE
CLASS="PARAMETER"
>af</CODE
>
of AF_INET6, and causes IPv4 addresses to be returned as IPv4-mapped
IPv6 addresses.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>AI_ALL</CODE
></DT
><DD
><P
>This is used with an
<CODE
CLASS="PARAMETER"
>af</CODE
>
of AF_INET6, and causes all known addresses (IPv6 and IPv4) to be returned.
If AI_V4MAPPED is also set, the IPv4 addresses are return as mapped
IPv6 addresses.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>AI_ADDRCONFIG</CODE
></DT
><DD
><P
>Only return an IPv6 or IPv4 address if here is an active network
interface of that type. This is not currently implemented
in the BIND 9 lightweight resolver, and the flag is ignored.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>AI_DEFAULT</CODE
></DT
><DD
><P
>This default sets the
<CODE
CLASS="CONSTANT"
>AI_V4MAPPED</CODE
>
and
<CODE
CLASS="CONSTANT"
>AI_ADDRCONFIG</CODE
>
flag bits.</P
></DD
></DL
></DIV
></P
><P
><CODE
CLASS="FUNCTION"
>lwres_getipnodebyaddr()</CODE
>
performs a reverse lookup
of address
<CODE
CLASS="PARAMETER"
>src</CODE
>
which is
<CODE
CLASS="PARAMETER"
>len</CODE
>
bytes long.
<CODE
CLASS="PARAMETER"
>af</CODE
>
denotes the protocol family, typically
<SPAN
CLASS="TYPE"
>PF_INET</SPAN
>
or
<SPAN
CLASS="TYPE"
>PF_INET6</SPAN
>.&#13;</P
><P
><CODE
CLASS="FUNCTION"
>lwres_freehostent()</CODE
>
releases all the memory associated with
the
<SPAN
CLASS="TYPE"
>struct hostent</SPAN
>
pointer
<CODE
CLASS="PARAMETER"
>he</CODE
>.
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">AI_V4MAPPED</code></span></dt>
<dd><p>
This is used with an
<em class="parameter"><code>af</code></em>
of AF_INET6, and causes IPv4 addresses to be returned as
IPv4-mapped
IPv6 addresses.
</p></dd>
<dt><span class="term"><code class="constant">AI_ALL</code></span></dt>
<dd><p>
This is used with an
<em class="parameter"><code>af</code></em>
of AF_INET6, and causes all known addresses (IPv6 and IPv4) to
be returned.
If AI_V4MAPPED is also set, the IPv4 addresses are return as
mapped
IPv6 addresses.
</p></dd>
<dt><span class="term"><code class="constant">AI_ADDRCONFIG</code></span></dt>
<dd><p>
Only return an IPv6 or IPv4 address if here is an active network
interface of that type. This is not currently implemented
in the BIND 9 lightweight resolver, and the flag is ignored.
</p></dd>
<dt><span class="term"><code class="constant">AI_DEFAULT</code></span></dt>
<dd><p>
This default sets the
<code class="constant">AI_V4MAPPED</code>
and
<code class="constant">AI_ADDRCONFIG</code>
flag bits.
</p></dd>
</dl></div>
<p>
</p>
<p><code class="function">lwres_getipnodebyaddr()</code>
performs a reverse lookup of address <em class="parameter"><code>src</code></em>
which is <em class="parameter"><code>len</code></em> bytes long.
<em class="parameter"><code>af</code></em> denotes the protocol family, typically
<span class="type">PF_INET</span> or <span class="type">PF_INET6</span>.
</p>
<p><code class="function">lwres_freehostent()</code>
releases all the memory associated with the <span class="type">struct
hostent</span> pointer <em class="parameter"><code>he</code></em>. Any memory
allocated for the <code class="constant">h_name</code>,
<code class="constant">h_addr_list</code> and
<code class="constant">h_aliases</code> is freed, as is the memory for
the <span class="type">hostent</span> structure itself.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514440"></a><h2>RETURN VALUES</h2>
<p>
If an error occurs,
<code class="function">lwres_getipnodebyname()</code>
and
<code class="function">lwres_getipnodebyaddr()</code>
set
<em class="parameter"><code>*error_num</code></em>
to an appropriate error code and the function returns a
<span class="type">NULL</span>
pointer.
The error codes and their meanings are defined in
<code class="filename">&lt;lwres/netdb.h&gt;</code>:
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">HOST_NOT_FOUND</code></span></dt>
<dd><p>
No such host is known.
</p></dd>
<dt><span class="term"><code class="constant">NO_ADDRESS</code></span></dt>
<dd><p>
The server recognised the request and the name but no address is
available. Another type of request to the name server for the
domain might return an answer.
</p></dd>
<dt><span class="term"><code class="constant">TRY_AGAIN</code></span></dt>
<dd><p>
A temporary and possibly transient error occurred, such as a
failure of a server to respond. The request may succeed if
retried.
</p></dd>
<dt><span class="term"><code class="constant">NO_RECOVERY</code></span></dt>
<dd><p>
An unexpected failure occurred, and retrying the request
is pointless.
</p></dd>
</dl></div>
<p>
</p>
<p><span class="citerefentry"><span class="refentrytitle">lwres_hstrerror</span>(3)</span>
translates these error codes to suitable error messages.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514537"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">RFC2553</span></span>,
Any memory allocated for the
<CODE
CLASS="CONSTANT"
>h_name</CODE
>,
<span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
<CODE
CLASS="CONSTANT"
>h_addr_list</CODE
>
and
<CODE
CLASS="CONSTANT"
>h_aliases</CODE
>
is freed, as is the memory for the
<SPAN
CLASS="TYPE"
>hostent</SPAN
>
structure itself.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN116"
></A
><H2
>RETURN VALUES</H2
><P
>If an error occurs,
<CODE
CLASS="FUNCTION"
>lwres_getipnodebyname()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_getipnodebyaddr()</CODE
>
set
<CODE
CLASS="PARAMETER"
>*error_num</CODE
>
to an appropriate error code and the function returns a
<SPAN
CLASS="TYPE"
>NULL</SPAN
>
pointer.
The error codes and their meanings are defined in
<TT
CLASS="FILENAME"
>&lt;lwres/netdb.h&gt;</TT
>:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>HOST_NOT_FOUND</CODE
></DT
><DD
><P
>No such host is known.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>NO_ADDRESS</CODE
></DT
><DD
><P
>The server recognised the request and the name but no address is
available. Another type of request to the name server for the
domain might return an answer.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>TRY_AGAIN</CODE
></DT
><DD
><P
>A temporary and possibly transient error occurred, such as a
failure of a server to respond. The request may succeed if
retried.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>NO_RECOVERY</CODE
></DT
><DD
><P
>An unexpected failure occurred, and retrying the request
is pointless.</P
></DD
></DL
></DIV
></P
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_hstrerror</SPAN
>(3)</SPAN
>
translates these error codes to suitable error messages.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN149"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>RFC2553</SPAN
></SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_gethostent</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_gethostent</SPAN
>(3)</SPAN
>,
<span class="citerefentry"><span class="refentrytitle">lwres_getnameinfo</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_getaddrinfo</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_getnameinfo</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_hstrerror</SPAN
>(3)</SPAN
>.</P
></DIV
></BODY
></HTML
>
<span class="citerefentry"><span class="refentrytitle">lwres_hstrerror</span>(3)</span>.
</p>
</div>
</div></body>
</html>

97
lib/lwres/man/lwres_getnameinfo.3
View file

@ -1,86 +1,75 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_getnameinfo.3,v 1.21 2005/04/07 03:50:02 marka Exp $
.\"
.TH "LWRES_GETNAMEINFO" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_GETNAMEINFO" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_getnameinfo \- lightweight resolver socket address structure to hostname and service name
.SH SYNOPSIS
\fB#include <lwres/netdb.h>
.SH "SYNOPSIS"
#include <lwres/netdb\&.h>
.sp
.na
int
lwres_getnameinfo(const struct sockaddr *sa, size_t salen, char *host, size_t hostlen, char *serv, size_t servlen, int flags);
.ad
\fR
.HP 23
int\ \fBlwres_getnameinfo\fR\ (const\ struct\ sockaddr\ *\fIsa\fR, size_t\ \fIsalen\fR, char\ *\fIhost\fR, size_t\ \fIhostlen\fR, char\ *\fIserv\fR, size_t\ \fIservlen\fR, int\ \fIflags\fR);
.SH "DESCRIPTION"
.PP
This function is equivalent to the \fBgetnameinfo\fR(3) function defined in RFC2133.
\fBlwres_getnameinfo()\fR returns the hostname for the
\fBstruct sockaddr\fR \fIsa\fR which is
\fIsalen\fR bytes long. The hostname is of length
\fIhostlen\fR and is returned via
\fI*host.\fR The maximum length of the hostname is
1025 bytes: NI_MAXHOST.
This function is equivalent to the \fBgetnameinfo\fR(3) function defined in RFC2133\&. \fBlwres_getnameinfo()\fR returns the hostname for the \fBstruct sockaddr\fR \fIsa\fR which is \fIsalen\fR bytes long\&. The hostname is of length \fIhostlen\fR and is returned via \fI*host\&.\fR The maximum length of the hostname is 1025 bytes: \fBNI_MAXHOST\fR\&.
.PP
The name of the service associated with the port number in
\fIsa\fR is returned in \fI*serv.\fR
It is \fIservlen\fR bytes long. The maximum length
of the service name is NI_MAXSERV - 32 bytes.
The name of the service associated with the port number in \fIsa\fR is returned in \fI*serv\&.\fR It is \fIservlen\fR bytes long\&. The maximum length of the service name is \fBNI_MAXSERV\fR \- 32 bytes\&.
.PP
The \fIflags\fR argument sets the following
bits:
The \fIflags\fR argument sets the following bits:
.TP
\fBNI_NOFQDN\fR
A fully qualified domain name is not required for local hosts.
The local part of the fully qualified domain name is returned instead.
A fully qualified domain name is not required for local hosts\&. The local part of the fully qualified domain name is returned instead\&.
.TP
\fBNI_NUMERICHOST\fR
Return the address in numeric form, as if calling inet_ntop(),
instead of a host name.
Return the address in numeric form, as if calling inet_ntop(), instead of a host name\&.
.TP
\fBNI_NAMEREQD\fR
A name is required. If the hostname cannot be found in the DNS and
this flag is set, a non-zero error code is returned.
If the hostname is not found and the flag is not set, the
address is returned in numeric form.
A name is required\&. If the hostname cannot be found in the DNS and this flag is set, a non\-zero error code is returned\&. If the hostname is not found and the flag is not set, the address is returned in numeric form\&.
.TP
\fBNI_NUMERICSERV\fR
The service name is returned as a digit string representing the port number.
The service name is returned as a digit string representing the port number\&.
.TP
\fBNI_DGRAM\fR
Specifies that the service being looked up is a datagram
service, and causes getservbyport() to be called with a second
argument of "udp" instead of its default of "tcp". This is required
for the few ports (512-514) that have different services for UDP and
TCP.
Specifies that the service being looked up is a datagram service, and causes getservbyport() to be called with a second argument of "udp" instead of its default of "tcp"\&. This is required for the few ports (512\-514) that have different services for UDP and TCP\&.
.SH "RETURN VALUES"
.PP
\fBlwres_getnameinfo()\fR
returns 0 on success or a non-zero error code if an error occurs.
\fBlwres_getnameinfo()\fR returns 0 on success or a non\-zero error code if an error occurs\&.
.SH "SEE ALSO"
.PP
\fBRFC2133\fR,
\fBgetservbyport\fR(3),
\fBlwres\fR(3),
\fBlwres_getnameinfo\fR(3),
\fBlwres_getnamebyaddr\fR(3).
\fBlwres_net_ntop\fR(3).
\fBRFC2133\fR(), \fBgetservbyport\fR(3), \fBlwres\fR(3), \fBlwres_getnameinfo\fR(3), \fBlwres_getnamebyaddr\fR(3)\&. \fBlwres_net_ntop\fR(3)\&.
.SH "BUGS"
.PP
RFC2133 fails to define what the nonzero return values of
\fBgetnameinfo\fR(3)
are.
RFC2133 fails to define what the nonzero return values of \fBgetnameinfo\fR(3) are\&.

443
lib/lwres/man/lwres_getnameinfo.html
View file

@ -1,290 +1,175 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_getnameinfo.html,v 1.11 2005/04/07 03:50:02 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_getnameinfo</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_getnameinfo</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_getnameinfo&nbsp;--&nbsp;lightweight resolver socket address structure to hostname and service name</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN11"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN12"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/netdb.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>int
lwres_getnameinfo</CODE
>(const struct sockaddr *sa, size_t salen, char *host, size_t hostlen, char *serv, size_t servlen, int flags);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN24"
></A
><H2
>DESCRIPTION</H2
><P
> This function is equivalent to the <SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>getnameinfo</SPAN
>(3)</SPAN
> function defined in RFC2133.
<CODE
CLASS="FUNCTION"
>lwres_getnameinfo()</CODE
> returns the hostname for the
<SPAN
CLASS="TYPE"
>struct sockaddr</SPAN
> <CODE
CLASS="PARAMETER"
>sa</CODE
> which is
<CODE
CLASS="PARAMETER"
>salen</CODE
> bytes long. The hostname is of length
<CODE
CLASS="PARAMETER"
>hostlen</CODE
> and is returned via
<CODE
CLASS="PARAMETER"
>*host.</CODE
> The maximum length of the hostname is
1025 bytes: <CODE
CLASS="CONSTANT"
>NI_MAXHOST</CODE
>.</P
><P
> The name of the service associated with the port number in
<CODE
CLASS="PARAMETER"
>sa</CODE
> is returned in <CODE
CLASS="PARAMETER"
>*serv.</CODE
>
It is <CODE
CLASS="PARAMETER"
>servlen</CODE
> bytes long. The maximum length
of the service name is <CODE
CLASS="CONSTANT"
>NI_MAXSERV</CODE
> - 32 bytes.</P
><P
> The <CODE
CLASS="PARAMETER"
>flags</CODE
> argument sets the following
bits:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>NI_NOFQDN</CODE
></DT
><DD
><P
>A fully qualified domain name is not required for local hosts.
The local part of the fully qualified domain name is returned instead.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>NI_NUMERICHOST</CODE
></DT
><DD
><P
>Return the address in numeric form, as if calling inet_ntop(),
instead of a host name.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>NI_NAMEREQD</CODE
></DT
><DD
><P
>A name is required. If the hostname cannot be found in the DNS and
this flag is set, a non-zero error code is returned.
If the hostname is not found and the flag is not set, the
address is returned in numeric form.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>NI_NUMERICSERV</CODE
></DT
><DD
><P
>The service name is returned as a digit string representing the port number.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>NI_DGRAM</CODE
></DT
><DD
><P
>Specifies that the service being looked up is a datagram
service, and causes getservbyport() to be called with a second
argument of "udp" instead of its default of "tcp". This is required
for the few ports (512-514) that have different services for UDP and
TCP.</P
></DD
></DL
></DIV
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN70"
></A
><H2
>RETURN VALUES</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_getnameinfo()</CODE
>
returns 0 on success or a non-zero error code if an error occurs.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN74"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>RFC2133</SPAN
></SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>getservbyport</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_getnameinfo</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_getnamebyaddr</SPAN
>(3)</SPAN
>.
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_net_ntop</SPAN
>(3)</SPAN
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN94"
></A
><H2
>BUGS</H2
><P
>RFC2133 fails to define what the nonzero return values of
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>getnameinfo</SPAN
>(3)</SPAN
>
are.</P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_getnameinfo</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_getnameinfo &#8212; lightweight resolver socket address structure to hostname and
service name
</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/netdb.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0">
<tr>
<td><code class="funcdef">
int
<b class="fsfunc">lwres_getnameinfo</b>(</code></td>
<td>const struct sockaddr * </td>
<td>
<var class="pdparam">sa</var>, </td>
</tr>
<tr>
<td> </td>
<td>size_t  </td>
<td>
<var class="pdparam">salen</var>, </td>
</tr>
<tr>
<td> </td>
<td>char * </td>
<td>
<var class="pdparam">host</var>, </td>
</tr>
<tr>
<td> </td>
<td>size_t  </td>
<td>
<var class="pdparam">hostlen</var>, </td>
</tr>
<tr>
<td> </td>
<td>char * </td>
<td>
<var class="pdparam">serv</var>, </td>
</tr>
<tr>
<td> </td>
<td>size_t  </td>
<td>
<var class="pdparam">servlen</var>, </td>
</tr>
<tr>
<td> </td>
<td>int  </td>
<td>
<var class="pdparam">flags</var><code>)</code>;</td>
</tr>
</table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2514075"></a><h2>DESCRIPTION</h2>
<p>
This function is equivalent to the
<span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span> function defined in RFC2133.
<code class="function">lwres_getnameinfo()</code> returns the
hostname for the
<span class="type">struct sockaddr</span> <em class="parameter"><code>sa</code></em> which
is
<em class="parameter"><code>salen</code></em> bytes long. The hostname is of
length
<em class="parameter"><code>hostlen</code></em> and is returned via
<em class="parameter"><code>*host.</code></em> The maximum length of the
hostname is
1025 bytes: <code class="constant">NI_MAXHOST</code>.
</p>
<p> The name of the service associated with the port number in
<em class="parameter"><code>sa</code></em> is returned in <em class="parameter"><code>*serv.</code></em>
It is <em class="parameter"><code>servlen</code></em> bytes long. The
maximum length
of the service name is <code class="constant">NI_MAXSERV</code> - 32
bytes.
</p>
<p>
The <em class="parameter"><code>flags</code></em> argument sets the
following
bits:
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">NI_NOFQDN</code></span></dt>
<dd><p>
A fully qualified domain name is not required for local hosts.
The local part of the fully qualified domain name is returned
instead.
</p></dd>
<dt><span class="term"><code class="constant">NI_NUMERICHOST</code></span></dt>
<dd><p>
Return the address in numeric form, as if calling inet_ntop(),
instead of a host name.
</p></dd>
<dt><span class="term"><code class="constant">NI_NAMEREQD</code></span></dt>
<dd><p>
A name is required. If the hostname cannot be found in the DNS
and
this flag is set, a non-zero error code is returned.
If the hostname is not found and the flag is not set, the
address is returned in numeric form.
</p></dd>
<dt><span class="term"><code class="constant">NI_NUMERICSERV</code></span></dt>
<dd><p>
The service name is returned as a digit string representing the
port number.
</p></dd>
<dt><span class="term"><code class="constant">NI_DGRAM</code></span></dt>
<dd><p>
Specifies that the service being looked up is a datagram
service, and causes getservbyport() to be called with a second
argument of "udp" instead of its default of "tcp". This is
required
for the few ports (512-514) that have different services for UDP
and
TCP.
</p></dd>
</dl></div>
<p>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514285"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_getnameinfo()</code>
returns 0 on success or a non-zero error code if an error occurs.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514297"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">RFC2133</span></span>,
<span class="citerefentry"><span class="refentrytitle">getservbyport</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres_getnameinfo</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres_getnamebyaddr</span>(3)</span>.
<span class="citerefentry"><span class="refentrytitle">lwres_net_ntop</span>(3)</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514423"></a><h2>BUGS</h2>
<p>
RFC2133 fails to define what the nonzero return values of
<span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span>
are.
</p>
</div>
</div></body>
</html>

132
lib/lwres/man/lwres_getrrsetbyname.3
View file

@ -1,47 +1,62 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_getrrsetbyname.3,v 1.17 2005/04/07 03:50:02 marka Exp $
.\"
.TH "LWRES_GETRRSETBYNAME" "3" "Oct 18, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_GETRRSETBYNA" 3 "Oct 18, 2000" "" ""
.SH NAME
lwres_getrrsetbyname, lwres_freerrset \- retrieve DNS records
.SH SYNOPSIS
\fB#include <lwres/netdb.h>
.SH "SYNOPSIS"
#include <lwres/netdb\&.h>
.sp
.na
int
lwres_getrrsetbyname(const char *hostname, unsigned int rdclass, unsigned int rdtype, unsigned int flags, struct rrsetinfo **res);
.ad
.sp
.na
void
lwres_freerrset(struct rrsetinfo *rrset);
.ad
\fR
.HP 26
int\ \fBlwres_getrrsetbyname\fR\ (const\ char\ *\fIhostname\fR, unsigned\ int\ \fIrdclass\fR, unsigned\ int\ \fIrdtype\fR, unsigned\ int\ \fIflags\fR, struct\ rrsetinfo\ **\fIres\fR);
.HP 22
void\ \fBlwres_freerrset\fR\ (struct\ rrsetinfo\ *\fIrrset\fR);
.PP
The following structures are used:
.sp
.PP
.nf
struct rdatainfo {
unsigned int rdi_length; /* length of data */
unsigned char *rdi_data; /* record data */
};
.fi
.PP
.nf
struct rrsetinfo {
unsigned int rri_flags; /* RRSET_VALIDATED... */
unsigned int rri_flags; /* RRSET_VALIDATED\&.\&.\&. */
unsigned int rri_rdclass; /* class number */
unsigned int rri_rdtype; /* RR type number */
unsigned int rri_ttl; /* time to live */
@ -51,77 +66,18 @@ struct rrsetinfo {
struct rdatainfo *rri_rdatas; /* individual records */
struct rdatainfo *rri_sigs; /* individual signatures */
};
.sp
.fi
.SH "DESCRIPTION"
.PP
\fBlwres_getrrsetbyname()\fR
gets a set of resource records associated with a
\fIhostname\fR,
\fIclass\fR,
and
\fItype\fR.
\fIhostname\fR
is
a pointer a to null-terminated string. The
\fIflags\fR
field is currently unused and must be zero.
\fBlwres_getrrsetbyname()\fR gets a set of resource records associated with a \fIhostname\fR, \fIclass\fR, and \fItype\fR\&. \fIhostname\fR is a pointer a to null\-terminated string\&. The \fIflags\fR field is currently unused and must be zero\&.
.PP
After a successful call to
\fBlwres_getrrsetbyname()\fR,
\fI*res\fR
is a pointer to an
\fBrrsetinfo\fR
structure, containing a list of one or more
\fBrdatainfo\fR
structures containing resource records and potentially another list of
\fBrdatainfo\fR
structures containing SIG resource records
associated with those records.
The members
rri_rdclass
and
rri_rdtype
are copied from the parameters.
rri_ttl
and
rri_name
are properties of the obtained rrset.
The resource records contained in
rri_rdatas
and
rri_sigs
are in uncompressed DNS wire format.
Properties of the rdataset are represented in the
rri_flags
bitfield. If the RRSET_VALIDATED bit is set, the data has been DNSSEC
validated and the signatures verified.
After a successful call to \fBlwres_getrrsetbyname()\fR, \fI*res\fR is a pointer to an \fBrrsetinfo\fR structure, containing a list of one or more \fBrdatainfo\fR structures containing resource records and potentially another list of \fBrdatainfo\fR structures containing SIG resource records associated with those records\&. The members \fBrri_rdclass\fR and \fBrri_rdtype\fR are copied from the parameters\&. \fBrri_ttl\fR and \fBrri_name\fR are properties of the obtained rrset\&. The resource records contained in \fBrri_rdatas\fR and \fBrri_sigs\fR are in uncompressed DNS wire format\&. Properties of the rdataset are represented in the \fBrri_flags\fR bitfield\&. If the RRSET_VALIDATED bit is set, the data has been DNSSEC validated and the signatures verified\&.
.PP
All of the information returned by
\fBlwres_getrrsetbyname()\fR
is dynamically allocated: the
rrsetinfo
and
rdatainfo
structures,
and the canonical host name strings pointed to by the
rrsetinfostructure.
Memory allocated for the dynamically allocated structures created by
a successful call to
\fBlwres_getrrsetbyname()\fR
is released by
\fBlwres_freerrset()\fR.
\fIrrset\fR
is a pointer to a
\fBstruct rrset\fR
created by a call to
\fBlwres_getrrsetbyname()\fR.
All of the information returned by \fBlwres_getrrsetbyname()\fR is dynamically allocated: the \fBrrsetinfo\fR and \fBrdatainfo\fR structures, and the canonical host name strings pointed to by the \fBrrsetinfo\fRstructure\&. Memory allocated for the dynamically allocated structures created by a successful call to \fBlwres_getrrsetbyname()\fR is released by \fBlwres_freerrset()\fR\&. \fIrrset\fR is a pointer to a \fBstruct rrset\fR created by a call to \fBlwres_getrrsetbyname()\fR\&.
.PP
.SH "RETURN VALUES"
.PP
\fBlwres_getrrsetbyname()\fR
returns zero on success, and one of the following error
codes if an error occurred:
\fBlwres_getrrsetbyname()\fR returns zero on success, and one of the following error codes if an error occurred:
.TP
\fBERRSET_NONAME\fR
the name does not exist
@ -141,4 +97,4 @@ other failure
\fB\fR
.SH "SEE ALSO"
.PP
\fBlwres\fR(3).
\fBlwres\fR(3)\&.

497
lib/lwres/man/lwres_getrrsetbyname.html
View file

@ -1,95 +1,90 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_getrrsetbyname.html,v 1.11 2005/04/07 03:50:03 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_getrrsetbyname</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_getrrsetbyname</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_getrrsetbyname, lwres_freerrset&nbsp;--&nbsp;retrieve DNS records</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN12"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN13"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/netdb.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>int
lwres_getrrsetbyname</CODE
>(const char *hostname, unsigned int rdclass, unsigned int rdtype, unsigned int flags, struct rrsetinfo **res);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_freerrset</CODE
>(struct rrsetinfo *rrset);</CODE
></P
><P
></P
></DIV
><P
>The following structures are used:
<PRE
CLASS="PROGRAMLISTING"
>struct rdatainfo {
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_getrrsetbyname</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_getrrsetbyname, lwres_freerrset &#8212; retrieve DNS records</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/netdb.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
int
<b class="fsfunc">lwres_getrrsetbyname</b>(</code></td>
<td>const char * </td>
<td>
<var class="pdparam">hostname</var>, </td>
</tr>
<tr>
<td> </td>
<td>unsigned int  </td>
<td>
<var class="pdparam">rdclass</var>, </td>
</tr>
<tr>
<td> </td>
<td>unsigned int  </td>
<td>
<var class="pdparam">rdtype</var>, </td>
</tr>
<tr>
<td> </td>
<td>unsigned int  </td>
<td>
<var class="pdparam">flags</var>, </td>
</tr>
<tr>
<td> </td>
<td>struct rrsetinfo ** </td>
<td>
<var class="pdparam">res</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0"><tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_freerrset</b>(</code></td>
<td>struct rrsetinfo * </td>
<td>
<var class="pdparam">rrset</var><code>)</code>;</td>
</tr></table>
</div>
<p>
The following structures are used:
</p>
<pre class="programlisting">
struct rdatainfo {
unsigned int rdi_length; /* length of data */
unsigned char *rdi_data; /* record data */
};
</pre>
<p>
</p>
<pre class="programlisting">
struct rrsetinfo {
unsigned int rri_flags; /* RRSET_VALIDATED... */
unsigned int rri_rdclass; /* class number */
@ -100,261 +95,97 @@ struct rrsetinfo {
char *rri_name; /* canonical name */
struct rdatainfo *rri_rdatas; /* individual records */
struct rdatainfo *rri_sigs; /* individual signatures */
};</PRE
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN29"
></A
><H2
>DESCRIPTION</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_getrrsetbyname()</CODE
>
gets a set of resource records associated with a
<CODE
CLASS="PARAMETER"
>hostname</CODE
>,
};
</pre>
<p>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514028"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_getrrsetbyname()</code>
gets a set of resource records associated with a
<em class="parameter"><code>hostname</code></em>, <em class="parameter"><code>class</code></em>,
and <em class="parameter"><code>type</code></em>.
<em class="parameter"><code>hostname</code></em> is a pointer a to
null-terminated string. The <em class="parameter"><code>flags</code></em> field
is currently unused and must be zero.
</p>
<p>
After a successful call to
<code class="function">lwres_getrrsetbyname()</code>,
<em class="parameter"><code>*res</code></em> is a pointer to an
<span class="type">rrsetinfo</span> structure, containing a list of one or
more <span class="type">rdatainfo</span> structures containing resource
records and potentially another list of <span class="type">rdatainfo</span>
structures containing SIG resource records associated with those
records. The members <code class="constant">rri_rdclass</code> and
<code class="constant">rri_rdtype</code> are copied from the parameters.
<code class="constant">rri_ttl</code> and <code class="constant">rri_name</code>
are properties of the obtained rrset. The resource records
contained in <code class="constant">rri_rdatas</code> and
<code class="constant">rri_sigs</code> are in uncompressed DNS wire
format. Properties of the rdataset are represented in the
<code class="constant">rri_flags</code> bitfield. If the RRSET_VALIDATED
bit is set, the data has been DNSSEC validated and the
signatures verified.
</p>
<p>
All of the information returned by
<code class="function">lwres_getrrsetbyname()</code> is dynamically
allocated: the <code class="constant">rrsetinfo</code> and
<code class="constant">rdatainfo</code> structures, and the canonical
host name strings pointed to by the
<code class="constant">rrsetinfo</code>structure.
<CODE
CLASS="PARAMETER"
>class</CODE
>,
Memory allocated for the dynamically allocated structures
created by a successful call to
<code class="function">lwres_getrrsetbyname()</code> is released by
<code class="function">lwres_freerrset()</code>.
and
<CODE
CLASS="PARAMETER"
>type</CODE
>.
<em class="parameter"><code>rrset</code></em> is a pointer to a <span class="type">struct
rrset</span> created by a call to
<code class="function">lwres_getrrsetbyname()</code>.
</p>
<p></p>
</div>
<div class="refsect1" lang="en">
<a name="id2514277"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_getrrsetbyname()</code>
returns zero on success, and one of the following error codes if
an error occurred:
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">ERRSET_NONAME</code></span></dt>
<dd><p>
the name does not exist
</p></dd>
<dt><span class="term"><code class="constant">ERRSET_NODATA</code></span></dt>
<dd><p>
the name exists, but does not have data of the desired type
</p></dd>
<dt><span class="term"><code class="constant">ERRSET_NOMEMORY</code></span></dt>
<dd><p>
memory could not be allocated
</p></dd>
<dt><span class="term"><code class="constant">ERRSET_INVAL</code></span></dt>
<dd><p>
a parameter is invalid
</p></dd>
<dt><span class="term"><code class="constant">ERRSET_FAIL</code></span></dt>
<dd><p>
other failure
</p></dd>
<dt><span class="term"><code class="constant"></code></span></dt>
<dd><p></p></dd>
</dl></div>
<p>
<CODE
CLASS="PARAMETER"
>hostname</CODE
>
is
a pointer a to null-terminated string. The
<CODE
CLASS="PARAMETER"
>flags</CODE
>
field is currently unused and must be zero.</P
><P
>After a successful call to
<CODE
CLASS="FUNCTION"
>lwres_getrrsetbyname()</CODE
>,
<CODE
CLASS="PARAMETER"
>*res</CODE
>
is a pointer to an
<SPAN
CLASS="TYPE"
>rrsetinfo</SPAN
>
structure, containing a list of one or more
<SPAN
CLASS="TYPE"
>rdatainfo</SPAN
>
structures containing resource records and potentially another list of
<SPAN
CLASS="TYPE"
>rdatainfo</SPAN
>
structures containing SIG resource records
associated with those records.
The members
<CODE
CLASS="CONSTANT"
>rri_rdclass</CODE
>
and
<CODE
CLASS="CONSTANT"
>rri_rdtype</CODE
>
are copied from the parameters.
<CODE
CLASS="CONSTANT"
>rri_ttl</CODE
>
and
<CODE
CLASS="CONSTANT"
>rri_name</CODE
>
are properties of the obtained rrset.
The resource records contained in
<CODE
CLASS="CONSTANT"
>rri_rdatas</CODE
>
and
<CODE
CLASS="CONSTANT"
>rri_sigs</CODE
>
are in uncompressed DNS wire format.
Properties of the rdataset are represented in the
<CODE
CLASS="CONSTANT"
>rri_flags</CODE
>
bitfield. If the RRSET_VALIDATED bit is set, the data has been DNSSEC
validated and the signatures verified. </P
><P
>All of the information returned by
<CODE
CLASS="FUNCTION"
>lwres_getrrsetbyname()</CODE
>
is dynamically allocated: the
<CODE
CLASS="CONSTANT"
>rrsetinfo</CODE
>
and
<CODE
CLASS="CONSTANT"
>rdatainfo</CODE
>
structures,
and the canonical host name strings pointed to by the
<CODE
CLASS="CONSTANT"
>rrsetinfo</CODE
>structure.
Memory allocated for the dynamically allocated structures created by
a successful call to
<CODE
CLASS="FUNCTION"
>lwres_getrrsetbyname()</CODE
>
is released by
<CODE
CLASS="FUNCTION"
>lwres_freerrset()</CODE
>.
<CODE
CLASS="PARAMETER"
>rrset</CODE
>
is a pointer to a
<SPAN
CLASS="TYPE"
>struct rrset</SPAN
>
created by a call to
<CODE
CLASS="FUNCTION"
>lwres_getrrsetbyname()</CODE
>.&#13;</P
><P
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN62"
></A
><H2
>RETURN VALUES</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_getrrsetbyname()</CODE
>
returns zero on success, and one of the following error
codes if an error occurred:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>ERRSET_NONAME</CODE
></DT
><DD
><P
>the name does not exist</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>ERRSET_NODATA</CODE
></DT
><DD
><P
>the name exists, but does not have data of the desired type</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>ERRSET_NOMEMORY</CODE
></DT
><DD
><P
>memory could not be allocated</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>ERRSET_INVAL</CODE
></DT
><DD
><P
>a parameter is invalid</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>ERRSET_FAIL</CODE
></DT
><DD
><P
>other failure</P
></DD
><DT
><CODE
CLASS="CONSTANT"
></CODE
></DT
><DD
><P
></P
></DD
></DL
></DIV
>&#13;</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN97"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres</SPAN
>(3)</SPAN
>.</P
></DIV
></BODY
></HTML
>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514377"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>.
</p>
</div>
</div></body>
</html>

205
lib/lwres/man/lwres_gnba.3
View file

@ -1,86 +1,77 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_gnba.3,v 1.19 2005/04/07 03:50:03 marka Exp $
.\"
.TH "LWRES_GNBA" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_GNBA" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free \- lightweight resolver getnamebyaddress message handling
.SH SYNOPSIS
\fB#include <lwres/lwres.h>
.SH "SYNOPSIS"
#include <lwres/lwres\&.h>
.sp
.na
lwres_result_t
lwres_gnbarequest_render(lwres_context_t *\fIctx\fB, lwres_gnbarequest_t *\fIreq\fB, lwres_lwpacket_t *\fIpkt\fB, lwres_buffer_t *\fIb\fB);
.ad
.sp
.na
lwres_result_t
lwres_gnbaresponse_render(lwres_context_t *ctx, lwres_gnbaresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);
.ad
.sp
.na
lwres_result_t
lwres_gnbarequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gnbarequest_t **structp);
.ad
.sp
.na
lwres_result_t
lwres_gnbaresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gnbaresponse_t **structp);
.ad
.sp
.na
void
lwres_gnbaresponse_free(lwres_context_t *ctx, lwres_gnbaresponse_t **structp);
.ad
.sp
.na
void
lwres_gnbarequest_free(lwres_context_t *ctx, lwres_gnbarequest_t **structp);
.ad
\fR
.HP 41
lwres_result_t\ \fBlwres_gnbarequest_render\fR\ (lwres_context_t\ *\fIctx\fR, lwres_gnbarequest_t\ *\fIreq\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_buffer_t\ *\fIb\fR);
.HP 42
lwres_result_t\ \fBlwres_gnbaresponse_render\fR\ (lwres_context_t\ *\fIctx\fR, lwres_gnbaresponse_t\ *\fIreq\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_buffer_t\ *\fIb\fR);
.HP 40
lwres_result_t\ \fBlwres_gnbarequest_parse\fR\ (lwres_context_t\ *\fIctx\fR, lwres_buffer_t\ *\fIb\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_gnbarequest_t\ **\fIstructp\fR);
.HP 41
lwres_result_t\ \fBlwres_gnbaresponse_parse\fR\ (lwres_context_t\ *\fIctx\fR, lwres_buffer_t\ *\fIb\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_gnbaresponse_t\ **\fIstructp\fR);
.HP 30
void\ \fBlwres_gnbaresponse_free\fR\ (lwres_context_t\ *\fIctx\fR, lwres_gnbaresponse_t\ **\fIstructp\fR);
.HP 29
void\ \fBlwres_gnbarequest_free\fR\ (lwres_context_t\ *\fIctx\fR, lwres_gnbarequest_t\ **\fIstructp\fR);
.SH "DESCRIPTION"
.PP
These are low-level routines for creating and parsing
lightweight resolver address-to-name lookup request and
response messages.
These are low\-level routines for creating and parsing lightweight resolver address\-to\-name lookup request and response messages\&.
.PP
There are four main functions for the getnamebyaddr opcode.
One render function converts a getnamebyaddr request structure \(em
\fBlwres_gnbarequest_t\fR \(em
to the lightweight resolver's canonical format.
It is complemented by a parse function that converts a packet in this
canonical format to a getnamebyaddr request structure.
Another render function converts the getnamebyaddr response structure \(em
\fBlwres_gnbaresponse_t\fR
to the canonical format.
This is complemented by a parse function which converts a packet in
canonical format to a getnamebyaddr response structure.
There are four main functions for the getnamebyaddr opcode\&. One render function converts a getnamebyaddr request structure -- \fBlwres_gnbarequest_t\fR -- to the lightweight resolver's canonical format\&. It is complemented by a parse function that converts a packet in this canonical format to a getnamebyaddr request structure\&. Another render function converts the getnamebyaddr response structure -- \fBlwres_gnbaresponse_t\fR to the canonical format\&. This is complemented by a parse function which converts a packet in canonical format to a getnamebyaddr response structure\&.
.PP
These structures are defined in \fIlwres/lwres\&.h\fR\&. They are shown below\&.
.PP
These structures are defined in
\fIlwres/lwres.h\fR.
They are shown below.
.sp
.nf
#define LWRES_OPCODE_GETNAMEBYADDR 0x00010002U
.fi
.PP
.nf
typedef struct {
lwres_uint32_t flags;
lwres_addr_t addr;
} lwres_gnbarequest_t;
.fi
.PP
.nf
typedef struct {
lwres_uint32_t flags;
lwres_uint16_t naliases;
@ -91,98 +82,16 @@ typedef struct {
void *base;
size_t baselen;
} lwres_gnbaresponse_t;
.sp
.fi
.PP
\fBlwres_gnbarequest_render()\fR
uses resolver context
ctx
to convert getnamebyaddr request structure
req
to canonical format.
The packet header structure
pkt
is initialised and transferred to
buffer
b.
The contents of
*req
are then appended to the buffer in canonical format.
\fBlwres_gnbaresponse_render()\fR
performs the same task, except it converts a getnamebyaddr response structure
\fBlwres_gnbaresponse_t\fR
to the lightweight resolver's canonical format.
\fBlwres_gnbarequest_render()\fR uses resolver context \fIctx\fR to convert getnamebyaddr request structure \fIreq\fR to canonical format\&. The packet header structure \fIpkt\fR is initialised and transferred to buffer \fIb\fR\&. The contents of \fI*req\fR are then appended to the buffer in canonical format\&. \fBlwres_gnbaresponse_render()\fR performs the same task, except it converts a getnamebyaddr response structure \fBlwres_gnbaresponse_t\fR to the lightweight resolver's canonical format\&.
.PP
\fBlwres_gnbarequest_parse()\fR
uses context
ctx
to convert the contents of packet
pkt
to a
\fBlwres_gnbarequest_t\fR
structure.
Buffer
b
provides space to be used for storing this structure.
When the function succeeds, the resulting
\fBlwres_gnbarequest_t\fR
is made available through
*structp.
\fBlwres_gnbaresponse_parse()\fR
offers the same semantics as
\fBlwres_gnbarequest_parse()\fR
except it yields a
\fBlwres_gnbaresponse_t\fR
structure.
\fBlwres_gnbarequest_parse()\fR uses context \fIctx\fR to convert the contents of packet \fIpkt\fR to a \fBlwres_gnbarequest_t\fR structure\&. Buffer \fIb\fR provides space to be used for storing this structure\&. When the function succeeds, the resulting \fBlwres_gnbarequest_t\fR is made available through \fI*structp\fR\&. \fBlwres_gnbaresponse_parse()\fR offers the same semantics as \fBlwres_gnbarequest_parse()\fR except it yields a \fBlwres_gnbaresponse_t\fR structure\&.
.PP
\fBlwres_gnbaresponse_free()\fR
and
\fBlwres_gnbarequest_free()\fR
release the memory in resolver context
ctx
that was allocated to the
\fBlwres_gnbaresponse_t\fR
or
\fBlwres_gnbarequest_t\fR
structures referenced via
structp.
Any memory associated with ancillary buffers and strings for those
structures is also discarded.
\fBlwres_gnbaresponse_free()\fR and \fBlwres_gnbarequest_free()\fR release the memory in resolver context \fIctx\fR that was allocated to the \fBlwres_gnbaresponse_t\fR or \fBlwres_gnbarequest_t\fR structures referenced via \fIstructp\fR\&. Any memory associated with ancillary buffers and strings for those structures is also discarded\&.
.SH "RETURN VALUES"
.PP
The getnamebyaddr opcode functions
\fBlwres_gnbarequest_render()\fR,
\fBlwres_gnbaresponse_render()\fR
\fBlwres_gnbarequest_parse()\fR
and
\fBlwres_gnbaresponse_parse()\fR
all return
LWRES_R_SUCCESS
on success.
They return
LWRES_R_NOMEMORY
if memory allocation fails.
LWRES_R_UNEXPECTEDEND
is returned if the available space in the buffer
b
is too small to accommodate the packet header or the
\fBlwres_gnbarequest_t\fR
and
\fBlwres_gnbaresponse_t\fR
structures.
\fBlwres_gnbarequest_parse()\fR
and
\fBlwres_gnbaresponse_parse()\fR
will return
LWRES_R_UNEXPECTEDEND
if the buffer is not empty after decoding the received packet.
These functions will return
LWRES_R_FAILURE
if
\fBpktflags\fR
in the packet header structure
\fBlwres_lwpacket_t\fR
indicate that the packet is not a response to an earlier query.
The getnamebyaddr opcode functions \fBlwres_gnbarequest_render()\fR, \fBlwres_gnbaresponse_render()\fR \fBlwres_gnbarequest_parse()\fR and \fBlwres_gnbaresponse_parse()\fR all return \fBLWRES_R_SUCCESS\fR on success\&. They return \fBLWRES_R_NOMEMORY\fR if memory allocation fails\&. \fBLWRES_R_UNEXPECTEDEND\fR is returned if the available space in the buffer \fIb\fR is too small to accommodate the packet header or the \fBlwres_gnbarequest_t\fR and \fBlwres_gnbaresponse_t\fR structures\&. \fBlwres_gnbarequest_parse()\fR and \fBlwres_gnbaresponse_parse()\fR will return \fBLWRES_R_UNEXPECTEDEND\fR if the buffer is not empty after decoding the received packet\&. These functions will return \fBLWRES_R_FAILURE\fR if pktflags in the packet header structure \fBlwres_lwpacket_t\fR indicate that the packet is not a response to an earlier query\&.
.SH "SEE ALSO"
.PP
\fBlwres_packet\fR(3).
\fBlwres_packet\fR(3)\&.

676
lib/lwres/man/lwres_gnba.html
View file

@ -1,164 +1,226 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_gnba.html,v 1.12 2005/04/07 03:50:03 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_gnba</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_gnba</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free&nbsp;--&nbsp;lightweight resolver getnamebyaddress message handling</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN16"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN17"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/lwres.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_gnbarequest_render</CODE
>(lwres_context_t *ctx, lwres_gnbarequest_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_gnbaresponse_render</CODE
>(lwres_context_t *ctx, lwres_gnbaresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_gnbarequest_parse</CODE
>(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gnbarequest_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_gnbaresponse_parse</CODE
>(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_gnbaresponse_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_gnbaresponse_free</CODE
>(lwres_context_t *ctx, lwres_gnbaresponse_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_gnbarequest_free</CODE
>(lwres_context_t *ctx, lwres_gnbarequest_t **structp);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN61"
></A
><H2
>DESCRIPTION</H2
><P
>These are low-level routines for creating and parsing
lightweight resolver address-to-name lookup request and
response messages.</P
><P
>There are four main functions for the getnamebyaddr opcode.
One render function converts a getnamebyaddr request structure &mdash;
<SPAN
CLASS="TYPE"
>lwres_gnbarequest_t</SPAN
> &mdash;
to the lightweight resolver's canonical format.
It is complemented by a parse function that converts a packet in this
canonical format to a getnamebyaddr request structure.
Another render function converts the getnamebyaddr response structure &mdash;
<SPAN
CLASS="TYPE"
>lwres_gnbaresponse_t</SPAN
>
to the canonical format.
This is complemented by a parse function which converts a packet in
canonical format to a getnamebyaddr response structure.</P
><P
>These structures are defined in
<TT
CLASS="FILENAME"
>lwres/lwres.h</TT
>.
They are shown below.
<PRE
CLASS="PROGRAMLISTING"
>#define LWRES_OPCODE_GETNAMEBYADDR 0x00010002U
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_gnba</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free &#8212; lightweight resolver getnamebyaddress message handling</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">
#include &lt;lwres/lwres.h&gt;
</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_gnbarequest_render</b>
(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gnbarequest_t * </td>
<td>
<var class="pdparam">req</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_gnbaresponse_render</b>
(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gnbaresponse_t * </td>
<td>
<var class="pdparam">req</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_gnbarequest_parse</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gnbarequest_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_gnbaresponse_parse</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gnbaresponse_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_gnbaresponse_free</b>
(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gnbaresponse_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0">
<tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_gnbarequest_free</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gnbarequest_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2514139"></a><h2>DESCRIPTION</h2>
<p>
These are low-level routines for creating and parsing
lightweight resolver address-to-name lookup request and
response messages.
</p>
<p>
There are four main functions for the getnamebyaddr opcode.
One render function converts a getnamebyaddr request structure &#8212;
<span class="type">lwres_gnbarequest_t</span> &#8212;
to the lightweight resolver's canonical format.
It is complemented by a parse function that converts a packet in this
canonical format to a getnamebyaddr request structure.
Another render function converts the getnamebyaddr response structure
&#8212;
<span class="type">lwres_gnbaresponse_t</span>
to the canonical format.
This is complemented by a parse function which converts a packet in
canonical format to a getnamebyaddr response structure.
</p>
<p>
These structures are defined in
<code class="filename">lwres/lwres.h</code>.
They are shown below.
</p>
<pre class="programlisting">
#define LWRES_OPCODE_GETNAMEBYADDR 0x00010002U
</pre>
<p>
</p>
<pre class="programlisting">
typedef struct {
lwres_uint32_t flags;
lwres_addr_t addr;
} lwres_gnbarequest_t;
</pre>
<p>
</p>
<pre class="programlisting">
typedef struct {
lwres_uint32_t flags;
lwres_uint16_t naliases;
@ -168,242 +230,86 @@ typedef struct {
lwres_uint16_t *aliaslen;
void *base;
size_t baselen;
} lwres_gnbaresponse_t;</PRE
></P
><P
><CODE
CLASS="FUNCTION"
>lwres_gnbarequest_render()</CODE
>
uses resolver context
<CODE
CLASS="VARNAME"
>ctx</CODE
>
to convert getnamebyaddr request structure
<CODE
CLASS="VARNAME"
>req</CODE
>
to canonical format.
The packet header structure
<CODE
CLASS="VARNAME"
>pkt</CODE
>
is initialised and transferred to
buffer
<CODE
CLASS="VARNAME"
>b</CODE
>.
The contents of
<CODE
CLASS="VARNAME"
>*req</CODE
>
are then appended to the buffer in canonical format.
<CODE
CLASS="FUNCTION"
>lwres_gnbaresponse_render()</CODE
>
performs the same task, except it converts a getnamebyaddr response structure
<SPAN
CLASS="TYPE"
>lwres_gnbaresponse_t</SPAN
>
to the lightweight resolver's canonical format.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_gnbarequest_parse()</CODE
>
uses context
<CODE
CLASS="VARNAME"
>ctx</CODE
>
to convert the contents of packet
<CODE
CLASS="VARNAME"
>pkt</CODE
>
to a
<SPAN
CLASS="TYPE"
>lwres_gnbarequest_t</SPAN
>
structure.
Buffer
<CODE
CLASS="VARNAME"
>b</CODE
>
provides space to be used for storing this structure.
When the function succeeds, the resulting
<SPAN
CLASS="TYPE"
>lwres_gnbarequest_t</SPAN
>
is made available through
<CODE
CLASS="VARNAME"
>*structp</CODE
>.
<CODE
CLASS="FUNCTION"
>lwres_gnbaresponse_parse()</CODE
>
offers the same semantics as
<CODE
CLASS="FUNCTION"
>lwres_gnbarequest_parse()</CODE
>
except it yields a
<SPAN
CLASS="TYPE"
>lwres_gnbaresponse_t</SPAN
>
structure.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_gnbaresponse_free()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_gnbarequest_free()</CODE
>
release the memory in resolver context
<CODE
CLASS="VARNAME"
>ctx</CODE
>
that was allocated to the
<SPAN
CLASS="TYPE"
>lwres_gnbaresponse_t</SPAN
>
or
<SPAN
CLASS="TYPE"
>lwres_gnbarequest_t</SPAN
>
structures referenced via
<CODE
CLASS="VARNAME"
>structp</CODE
>.
Any memory associated with ancillary buffers and strings for those
structures is also discarded.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN97"
></A
><H2
>RETURN VALUES</H2
><P
>The getnamebyaddr opcode functions
<CODE
CLASS="FUNCTION"
>lwres_gnbarequest_render()</CODE
>,
<CODE
CLASS="FUNCTION"
>lwres_gnbaresponse_render()</CODE
>
<CODE
CLASS="FUNCTION"
>lwres_gnbarequest_parse()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_gnbaresponse_parse()</CODE
>
all return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>
on success.
They return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_NOMEMORY</SPAN
>
if memory allocation fails.
<SPAN
CLASS="ERRORCODE"
>LWRES_R_UNEXPECTEDEND</SPAN
>
is returned if the available space in the buffer
<CODE
CLASS="VARNAME"
>b</CODE
>
is too small to accommodate the packet header or the
<SPAN
CLASS="TYPE"
>lwres_gnbarequest_t</SPAN
>
and
<SPAN
CLASS="TYPE"
>lwres_gnbaresponse_t</SPAN
>
structures.
<CODE
CLASS="FUNCTION"
>lwres_gnbarequest_parse()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_gnbaresponse_parse()</CODE
>
will return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_UNEXPECTEDEND</SPAN
>
if the buffer is not empty after decoding the received packet.
These functions will return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_FAILURE</SPAN
>
if
<CODE
CLASS="STRUCTFIELD"
>pktflags</CODE
>
in the packet header structure
<SPAN
CLASS="TYPE"
>lwres_lwpacket_t</SPAN
>
indicate that the packet is not a response to an earlier query.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN116"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_packet</SPAN
>(3)</SPAN
>.</P
></DIV
></BODY
></HTML
>
} lwres_gnbaresponse_t;
</pre>
<p>
</p>
<p><code class="function">lwres_gnbarequest_render()</code>
uses resolver context <code class="varname">ctx</code> to convert
getnamebyaddr request structure <code class="varname">req</code> to
canonical format. The packet header structure
<code class="varname">pkt</code> is initialised and transferred to buffer
<code class="varname">b</code>. The contents of <code class="varname">*req</code>
are then appended to the buffer in canonical format.
<code class="function">lwres_gnbaresponse_render()</code> performs the
same task, except it converts a getnamebyaddr response structure
<span class="type">lwres_gnbaresponse_t</span> to the lightweight resolver's
canonical format.
</p>
<p><code class="function">lwres_gnbarequest_parse()</code>
uses context <code class="varname">ctx</code> to convert the contents of
packet <code class="varname">pkt</code> to a
<span class="type">lwres_gnbarequest_t</span> structure. Buffer
<code class="varname">b</code> provides space to be used for storing this
structure. When the function succeeds, the resulting
<span class="type">lwres_gnbarequest_t</span> is made available through
<code class="varname">*structp</code>.
<code class="function">lwres_gnbaresponse_parse()</code> offers the same
semantics as <code class="function">lwres_gnbarequest_parse()</code>
except it yields a <span class="type">lwres_gnbaresponse_t</span> structure.
</p>
<p><code class="function">lwres_gnbaresponse_free()</code>
and <code class="function">lwres_gnbarequest_free()</code> release the
memory in resolver context <code class="varname">ctx</code> that was
allocated to the <span class="type">lwres_gnbaresponse_t</span> or
<span class="type">lwres_gnbarequest_t</span> structures referenced via
<code class="varname">structp</code>. Any memory associated with
ancillary buffers and strings for those structures is also
discarded.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514484"></a><h2>RETURN VALUES</h2>
<p>
The getnamebyaddr opcode functions
<code class="function">lwres_gnbarequest_render()</code>,
<code class="function">lwres_gnbaresponse_render()</code>
<code class="function">lwres_gnbarequest_parse()</code>
and
<code class="function">lwres_gnbaresponse_parse()</code>
all return
<span class="errorcode">LWRES_R_SUCCESS</span>
on success.
They return
<span class="errorcode">LWRES_R_NOMEMORY</span>
if memory allocation fails.
<span class="errorcode">LWRES_R_UNEXPECTEDEND</span>
is returned if the available space in the buffer
<code class="varname">b</code>
is too small to accommodate the packet header or the
<span class="type">lwres_gnbarequest_t</span>
and
<span class="type">lwres_gnbaresponse_t</span>
structures.
<code class="function">lwres_gnbarequest_parse()</code>
and
<code class="function">lwres_gnbaresponse_parse()</code>
will return
<span class="errorcode">LWRES_R_UNEXPECTEDEND</span>
if the buffer is not empty after decoding the received packet.
These functions will return
<span class="errorcode">LWRES_R_FAILURE</span>
if
<em class="structfield"><code>pktflags</code></em>
in the packet header structure
<span class="type">lwres_lwpacket_t</span>
indicate that the packet is not a response to an earlier query.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514550"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>.
</p>
</div>
</div></body>
</html>

83
lib/lwres/man/lwres_hstrerror.3
View file

@ -1,69 +1,72 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_hstrerror.3,v 1.19 2005/04/07 03:50:03 marka Exp $
.\"
.TH "LWRES_HSTRERROR" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_HSTRERROR" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_herror, lwres_hstrerror \- lightweight resolver error message generation
.SH SYNOPSIS
\fB#include <lwres/netdb.h>
.SH "SYNOPSIS"
#include <lwres/netdb\&.h>
.sp
.na
void
lwres_herror(const char *s);
.ad
.sp
.na
const char *
lwres_hstrerror(int err);
.ad
\fR
.HP 19
void\ \fBlwres_herror\fR\ (const\ char\ *\fIs\fR);
.HP 32
const\ char\ *\ \fBlwres_hstrerror\fR\ (int\ \fIerr\fR);
.SH "DESCRIPTION"
.PP
\fBlwres_herror()\fR prints the string
\fIs\fR on \fBstderr\fR followed by the string
generated by \fBlwres_hstrerror()\fR for the error code
stored in the global variable lwres_h_errno.
\fBlwres_herror()\fR prints the string \fIs\fR on \fBstderr\fR followed by the string generated by \fBlwres_hstrerror()\fR for the error code stored in the global variable \fBlwres_h_errno\fR\&.
.PP
\fBlwres_hstrerror()\fR returns an appropriate string
for the error code gievn by \fIerr\fR. The values of
the error codes and messages are as follows:
\fBlwres_hstrerror()\fR returns an appropriate string for the error code gievn by \fIerr\fR\&. The values of the error codes and messages are as follows:
.TP
\fBNETDB_SUCCESS\fR
\fBResolver Error 0 (no error)\fR
Resolver Error 0 (no error)
.TP
\fBHOST_NOT_FOUND\fR
\fBUnknown host\fR
Unknown host
.TP
\fBTRY_AGAIN\fR
\fBHost name lookup failure\fR
Host name lookup failure
.TP
\fBNO_RECOVERY\fR
\fBUnknown server error\fR
Unknown server error
.TP
\fBNO_DATA\fR
\fBNo address associated with name\fR
No address associated with name
.SH "RETURN VALUES"
.PP
The string \fBUnknown resolver error\fR is returned by
\fBlwres_hstrerror()\fR
when the value of
lwres_h_errno
is not a valid error code.
The string Unknown resolver error is returned by \fBlwres_hstrerror()\fR when the value of \fBlwres_h_errno\fR is not a valid error code\&.
.SH "SEE ALSO"
.PP
\fBherror\fR(3),
\fBlwres_hstrerror\fR(3).
\fBherror\fR(3), \fBlwres_hstrerror\fR(3)\&.

308
lib/lwres/man/lwres_hstrerror.html
View file

@ -1,241 +1,93 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_hstrerror</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_herror, lwres_hstrerror &#8212; lightweight resolver error message generation</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/netdb.h&gt;</pre>
<p><code class="funcdef">
void
<b class="fsfunc">lwres_herror</b>(</code>const char *<var class="pdparam">s</var><code>)</code>;</p>
<p><code class="funcdef">
const char *
<b class="fsfunc">lwres_hstrerror</b>(</code>int <var class="pdparam">err</var><code>)</code>;</p>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2513993"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_herror()</code>
prints the string <em class="parameter"><code>s</code></em> on
<span class="type">stderr</span> followed by the string generated by
<code class="function">lwres_hstrerror()</code> for the error code stored
in the global variable <code class="constant">lwres_h_errno</code>.
</p>
<p><code class="function">lwres_hstrerror()</code>
returns an appropriate string for the error code gievn by
<em class="parameter"><code>err</code></em>. The values of the error codes and
messages are as follows:
<!-- $Id: lwres_hstrerror.html,v 1.11 2005/04/07 03:50:03 marka Exp $ -->
</p>
<div class="variablelist"><dl>
<dt><span class="term"><span class="errorcode">NETDB_SUCCESS</span></span></dt>
<dd><p><span class="errorname">Resolver Error 0 (no error)</span>
</p></dd>
<dt><span class="term"><span class="errorcode">HOST_NOT_FOUND</span></span></dt>
<dd><p><span class="errorname">Unknown host</span>
</p></dd>
<dt><span class="term"><span class="errorcode">TRY_AGAIN</span></span></dt>
<dd><p><span class="errorname">Host name lookup failure</span>
</p></dd>
<dt><span class="term"><span class="errorcode">NO_RECOVERY</span></span></dt>
<dd><p><span class="errorname">Unknown server error</span>
</p></dd>
<dt><span class="term"><span class="errorcode">NO_DATA</span></span></dt>
<dd><p><span class="errorname">No address associated with name</span>
</p></dd>
</dl></div>
<p>
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514180"></a><h2>RETURN VALUES</h2>
<p>
The string <span class="errorname">Unknown resolver error</span> is returned by
<code class="function">lwres_hstrerror()</code>
when the value of
<code class="constant">lwres_h_errno</code>
is not a valid error code.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514200"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">herror</span>(3)</span>,
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_hstrerror</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_hstrerror</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_herror, lwres_hstrerror&nbsp;--&nbsp;lightweight resolver error message generation</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN12"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN13"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/netdb.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_herror</CODE
>(const char *s);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>const char *
lwres_hstrerror</CODE
>(int err);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN23"
></A
><H2
>DESCRIPTION</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_herror()</CODE
> prints the string
<CODE
CLASS="PARAMETER"
>s</CODE
> on <SPAN
CLASS="TYPE"
>stderr</SPAN
> followed by the string
generated by <CODE
CLASS="FUNCTION"
>lwres_hstrerror()</CODE
> for the error code
stored in the global variable <CODE
CLASS="CONSTANT"
>lwres_h_errno</CODE
>.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_hstrerror()</CODE
> returns an appropriate string
for the error code gievn by <CODE
CLASS="PARAMETER"
>err</CODE
>. The values of
the error codes and messages are as follows:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><SPAN
CLASS="ERRORCODE"
>NETDB_SUCCESS</SPAN
></DT
><DD
><P
><SPAN
CLASS="ERRORNAME"
>Resolver Error 0 (no error)</SPAN
></P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>HOST_NOT_FOUND</SPAN
></DT
><DD
><P
><SPAN
CLASS="ERRORNAME"
>Unknown host</SPAN
></P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>TRY_AGAIN</SPAN
></DT
><DD
><P
><SPAN
CLASS="ERRORNAME"
>Host name lookup failure</SPAN
></P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>NO_RECOVERY</SPAN
></DT
><DD
><P
><SPAN
CLASS="ERRORNAME"
>Unknown server error</SPAN
></P
></DD
><DT
><SPAN
CLASS="ERRORCODE"
>NO_DATA</SPAN
></DT
><DD
><P
><SPAN
CLASS="ERRORNAME"
>No address associated with name</SPAN
></P
></DD
></DL
></DIV
></P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN65"
></A
><H2
>RETURN VALUES</H2
><P
>The string <SPAN
CLASS="ERRORNAME"
>Unknown resolver error</SPAN
> is returned by
<CODE
CLASS="FUNCTION"
>lwres_hstrerror()</CODE
>
when the value of
<CODE
CLASS="CONSTANT"
>lwres_h_errno</CODE
>
is not a valid error code.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN71"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>herror</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_hstrerror</SPAN
>(3)</SPAN
>.</P
></DIV
></BODY
></HTML
>
<span class="citerefentry"><span class="refentrytitle">lwres_hstrerror</span>(3)</span>.
</p>
</div>
</div></body>
</html>

71
lib/lwres/man/lwres_inetntop.3
View file

@ -1,54 +1,55 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_inetntop.3,v 1.18 2005/04/07 03:50:03 marka Exp $
.\"
.TH "LWRES_INETNTOP" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_INETNTOP" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_net_ntop \- lightweight resolver IP address presentation
.SH SYNOPSIS
\fB#include <lwres/net.h>
.SH "SYNOPSIS"
#include <lwres/net\&.h>
.sp
.na
const char *
lwres_net_ntop(int af, const void *src, char *dst, size_t size);
.ad
\fR
.HP 31
const\ char\ *\ \fBlwres_net_ntop\fR\ (int\ \fIaf\fR, const\ void\ *\fIsrc\fR, char\ *\fIdst\fR, size_t\ \fIsize\fR);
.SH "DESCRIPTION"
.PP
\fBlwres_net_ntop()\fR converts an IP address of
protocol family \fIaf\fR \(em IPv4 or IPv6 \(em
at location \fIsrc\fR from network format to its
conventional representation as a string. For IPv4 addresses, that
string would be a dotted-decimal. An IPv6 address would be
represented in colon notation as described in RFC1884.
\fBlwres_net_ntop()\fR converts an IP address of protocol family \fIaf\fR -- IPv4 or IPv6 -- at location \fIsrc\fR from network format to its conventional representation as a string\&. For IPv4 addresses, that string would be a dotted\-decimal\&. An IPv6 address would be represented in colon notation as described in RFC1884\&.
.PP
The generated string is copied to \fIdst\fR provided
\fIsize\fR indicates it is long enough to store the
ASCII representation of the address.
The generated string is copied to \fIdst\fR provided \fIsize\fR indicates it is long enough to store the ASCII representation of the address\&.
.SH "RETURN VALUES"
.PP
If successful, the function returns \fIdst\fR:
a pointer to a string containing the presentation format of the
address. \fBlwres_net_ntop()\fR returns
\fBNULL\fR and sets the global variable
errno to EAFNOSUPPORT if
the protocol family given in \fIaf\fR is not
supported.
If successful, the function returns \fIdst\fR: a pointer to a string containing the presentation format of the address\&. \fBlwres_net_ntop()\fR returns \fBNULL\fR and sets the global variable \fBerrno\fR to \fBEAFNOSUPPORT\fR if the protocol family given in \fIaf\fR is not supported\&.
.SH "SEE ALSO"
.PP
\fBRFC1884\fR,
\fBinet_ntop\fR(3),
\fBerrno\fR(3).
\fBRFC1884\fR(), \fBinet_ntop\fR(3), \fBerrno\fR(3)\&.

257
lib/lwres/man/lwres_inetntop.html
View file

@ -1,177 +1,102 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_inetntop.html,v 1.11 2005/04/07 03:50:03 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_inetntop</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_inetntop</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_net_ntop&nbsp;--&nbsp;lightweight resolver IP address presentation</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN11"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN12"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/net.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>const char *
lwres_net_ntop</CODE
>(int af, const void *src, char *dst, size_t size);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN21"
></A
><H2
>DESCRIPTION</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_net_ntop()</CODE
> converts an IP address of
protocol family <CODE
CLASS="PARAMETER"
>af</CODE
> &mdash; IPv4 or IPv6 &mdash;
at location <CODE
CLASS="PARAMETER"
>src</CODE
> from network format to its
conventional representation as a string. For IPv4 addresses, that
string would be a dotted-decimal. An IPv6 address would be
represented in colon notation as described in RFC1884.</P
><P
>The generated string is copied to <CODE
CLASS="PARAMETER"
>dst</CODE
> provided
<CODE
CLASS="PARAMETER"
>size</CODE
> indicates it is long enough to store the
ASCII representation of the address.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN30"
></A
><H2
>RETURN VALUES</H2
><P
>If successful, the function returns <CODE
CLASS="PARAMETER"
>dst</CODE
>:
a pointer to a string containing the presentation format of the
address. <CODE
CLASS="FUNCTION"
>lwres_net_ntop()</CODE
> returns
<SPAN
CLASS="TYPE"
>NULL</SPAN
> and sets the global variable
<CODE
CLASS="CONSTANT"
>errno</CODE
> to <SPAN
CLASS="ERRORCODE"
>EAFNOSUPPORT</SPAN
> if
the protocol family given in <CODE
CLASS="PARAMETER"
>af</CODE
> is not
supported.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN39"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>RFC1884</SPAN
></SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>inet_ntop</SPAN
>(3)</SPAN
>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>errno</SPAN
>(3)</SPAN
>.</P
></DIV
></BODY
></HTML
>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_inetntop</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_net_ntop &#8212; lightweight resolver IP address presentation</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/net.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0">
<tr>
<td><code class="funcdef">
const char *
<b class="fsfunc">lwres_net_ntop</b>(</code></td>
<td>int  </td>
<td>
<var class="pdparam">af</var>, </td>
</tr>
<tr>
<td> </td>
<td>const void * </td>
<td>
<var class="pdparam">src</var>, </td>
</tr>
<tr>
<td> </td>
<td>char * </td>
<td>
<var class="pdparam">dst</var>, </td>
</tr>
<tr>
<td> </td>
<td>size_t  </td>
<td>
<var class="pdparam">size</var><code>)</code>;</td>
</tr>
</table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2513993"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_net_ntop()</code>
converts an IP address of protocol family
<em class="parameter"><code>af</code></em> &#8212; IPv4 or IPv6 &#8212; at
location <em class="parameter"><code>src</code></em> from network format to its
conventional representation as a string. For IPv4 addresses,
that string would be a dotted-decimal. An IPv6 address would be
represented in colon notation as described in RFC1884.
</p>
<p>
The generated string is copied to <em class="parameter"><code>dst</code></em>
provided
<em class="parameter"><code>size</code></em> indicates it is long enough to
store the
ASCII representation of the address.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514025"></a><h2>RETURN VALUES</h2>
<p>
If successful, the function returns <em class="parameter"><code>dst</code></em>:
a pointer to a string containing the presentation format of the
address. <code class="function">lwres_net_ntop()</code> returns
<span class="type">NULL</span> and sets the global variable
<code class="constant">errno</code> to <span class="errorcode">EAFNOSUPPORT</span> if
the protocol family given in <em class="parameter"><code>af</code></em> is
not
supported.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514126"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">RFC1884</span></span>,
<span class="citerefentry"><span class="refentrytitle">inet_ntop</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">errno</span>(3)</span>.
</p>
</div>
</div></body>
</html>

187
lib/lwres/man/lwres_noop.3
View file

@ -1,162 +1,95 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_noop.3,v 1.20 2005/04/07 03:50:03 marka Exp $
.\"
.TH "LWRES_NOOP" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_NOOP" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free \- lightweight resolver no-op message handling
.SH SYNOPSIS
\fB#include <lwres/lwres.h>
.SH "SYNOPSIS"
#include <lwres/lwres\&.h>
.sp
.na
lwres_result_t
lwres_nooprequest_render(lwres_context_t *ctx, lwres_nooprequest_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);
.ad
.sp
.na
lwres_result_t
lwres_noopresponse_render(lwres_context_t *ctx, lwres_noopresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);
.ad
.sp
.na
lwres_result_t
lwres_nooprequest_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_nooprequest_t **structp);
.ad
.sp
.na
lwres_result_t
lwres_noopresponse_parse(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_noopresponse_t **structp);
.ad
.sp
.na
void
lwres_noopresponse_free(lwres_context_t *ctx, lwres_noopresponse_t **structp);
.ad
.sp
.na
void
lwres_nooprequest_free(lwres_context_t *ctx, lwres_nooprequest_t **structp);
.ad
\fR
.HP 41
lwres_result_t\ \fBlwres_nooprequest_render\fR\ (lwres_context_t\ *\fIctx\fR, lwres_nooprequest_t\ *\fIreq\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_buffer_t\ *\fIb\fR);
.HP 42
lwres_result_t\ \fBlwres_noopresponse_render\fR\ (lwres_context_t\ *\fIctx\fR, lwres_noopresponse_t\ *\fIreq\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_buffer_t\ *\fIb\fR);
.HP 40
lwres_result_t\ \fBlwres_nooprequest_parse\fR\ (lwres_context_t\ *\fIctx\fR, lwres_buffer_t\ *\fIb\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_nooprequest_t\ **\fIstructp\fR);
.HP 41
lwres_result_t\ \fBlwres_noopresponse_parse\fR\ (lwres_context_t\ *\fIctx\fR, lwres_buffer_t\ *\fIb\fR, lwres_lwpacket_t\ *\fIpkt\fR, lwres_noopresponse_t\ **\fIstructp\fR);
.HP 30
void\ \fBlwres_noopresponse_free\fR\ (lwres_context_t\ *\fIctx\fR, lwres_noopresponse_t\ **\fIstructp\fR);
.HP 29
void\ \fBlwres_nooprequest_free\fR\ (lwres_context_t\ *\fIctx\fR, lwres_nooprequest_t\ **\fIstructp\fR);
.SH "DESCRIPTION"
.PP
These are low-level routines for creating and parsing
lightweight resolver no-op request and response messages.
These are low\-level routines for creating and parsing lightweight resolver no\-op request and response messages\&.
.PP
The no-op message is analogous to a \fBping\fR packet:
a packet is sent to the resolver daemon and is simply echoed back.
The opcode is intended to allow a client to determine if the server is
operational or not.
The no\-op message is analogous to a \fBping\fR packet: a packet is sent to the resolver daemon and is simply echoed back\&. The opcode is intended to allow a client to determine if the server is operational or not\&.
.PP
There are four main functions for the no-op opcode.
One render function converts a no-op request structure \(em
\fBlwres_nooprequest_t\fR \(em
to the lighweight resolver's canonical format.
It is complemented by a parse function that converts a packet in this
canonical format to a no-op request structure.
Another render function converts the no-op response structure \(em
\fBlwres_noopresponse_t\fR
to the canonical format.
This is complemented by a parse function which converts a packet in
canonical format to a no-op response structure.
There are four main functions for the no\-op opcode\&. One render function converts a no\-op request structure -- \fBlwres_nooprequest_t\fR -- to the lighweight resolver's canonical format\&. It is complemented by a parse function that converts a packet in this canonical format to a no\-op request structure\&. Another render function converts the no\-op response structure -- \fBlwres_noopresponse_t\fR to the canonical format\&. This is complemented by a parse function which converts a packet in canonical format to a no\-op response structure\&.
.PP
These structures are defined in \fIlwres/lwres\&.h\fR\&. They are shown below\&.
.PP
These structures are defined in
\fIlwres/lwres.h\fR.
They are shown below.
.sp
.nf
#define LWRES_OPCODE_NOOP 0x00000000U
.fi
.PP
.nf
typedef struct {
lwres_uint16_t datalength;
unsigned char *data;
} lwres_nooprequest_t;
.fi
.PP
.nf
typedef struct {
lwres_uint16_t datalength;
unsigned char *data;
} lwres_noopresponse_t;
.sp
.fi
Although the structures have different types, they are identical.
This is because the no-op opcode simply echos whatever data was sent:
the response is therefore identical to the request.
.PP
\fBlwres_nooprequest_render()\fR uses resolver
context \fIctx\fR to convert no-op request structure
\fIreq\fR to canonical format. The packet header
structure \fIpkt\fR is initialised and transferred to
buffer \fIb\fR. The contents of
\fI*req\fR are then appended to the buffer in
canonical format. \fBlwres_noopresponse_render()\fR
performs the same task, except it converts a no-op response structure
\fBlwres_noopresponse_t\fR to the lightweight resolver's
canonical format.
Although the structures have different types, they are identical\&. This is because the no\-op opcode simply echos whatever data was sent: the response is therefore identical to the request\&.
.PP
\fBlwres_nooprequest_parse()\fR uses context
\fIctx\fR to convert the contents of packet
\fIpkt\fR to a \fBlwres_nooprequest_t\fR
structure. Buffer \fIb\fR provides space to be used
for storing this structure. When the function succeeds, the resulting
\fBlwres_nooprequest_t\fR is made available through
\fI*structp\fR.
\fBlwres_noopresponse_parse()\fR offers the same
semantics as \fBlwres_nooprequest_parse()\fR except it
yields a \fBlwres_noopresponse_t\fR structure.
\fBlwres_nooprequest_render()\fR uses resolver context \fIctx\fR to convert no\-op request structure \fIreq\fR to canonical format\&. The packet header structure \fIpkt\fR is initialised and transferred to buffer \fIb\fR\&. The contents of \fI*req\fR are then appended to the buffer in canonical format\&. \fBlwres_noopresponse_render()\fR performs the same task, except it converts a no\-op response structure \fBlwres_noopresponse_t\fR to the lightweight resolver's canonical format\&.
.PP
\fBlwres_noopresponse_free()\fR and
\fBlwres_nooprequest_free()\fR release the memory in
resolver context \fIctx\fR that was allocated to the
\fBlwres_noopresponse_t\fR or \fBlwres_nooprequest_t\fR
structures referenced via \fIstructp\fR.
\fBlwres_nooprequest_parse()\fR uses context \fIctx\fR to convert the contents of packet \fIpkt\fR to a \fBlwres_nooprequest_t\fR structure\&. Buffer \fIb\fR provides space to be used for storing this structure\&. When the function succeeds, the resulting \fBlwres_nooprequest_t\fR is made available through \fI*structp\fR\&. \fBlwres_noopresponse_parse()\fR offers the same semantics as \fBlwres_nooprequest_parse()\fR except it yields a \fBlwres_noopresponse_t\fR structure\&.
.PP
\fBlwres_noopresponse_free()\fR and \fBlwres_nooprequest_free()\fR release the memory in resolver context \fIctx\fR that was allocated to the \fBlwres_noopresponse_t\fR or \fBlwres_nooprequest_t\fR structures referenced via \fIstructp\fR\&.
.SH "RETURN VALUES"
.PP
The no-op opcode functions
\fBlwres_nooprequest_render()\fR,
\fBlwres_noopresponse_render()\fR
\fBlwres_nooprequest_parse()\fR
and
\fBlwres_noopresponse_parse()\fR
all return
LWRES_R_SUCCESS
on success.
They return
LWRES_R_NOMEMORY
if memory allocation fails.
LWRES_R_UNEXPECTEDEND
is returned if the available space in the buffer
\fIb\fR
is too small to accommodate the packet header or the
\fBlwres_nooprequest_t\fR
and
\fBlwres_noopresponse_t\fR
structures.
\fBlwres_nooprequest_parse()\fR
and
\fBlwres_noopresponse_parse()\fR
will return
LWRES_R_UNEXPECTEDEND
if the buffer is not empty after decoding the received packet.
These functions will return
LWRES_R_FAILURE
if
pktflags
in the packet header structure
\fBlwres_lwpacket_t\fR
indicate that the packet is not a response to an earlier query.
The no\-op opcode functions \fBlwres_nooprequest_render()\fR, \fBlwres_noopresponse_render()\fR \fBlwres_nooprequest_parse()\fR and \fBlwres_noopresponse_parse()\fR all return \fBLWRES_R_SUCCESS\fR on success\&. They return \fBLWRES_R_NOMEMORY\fR if memory allocation fails\&. \fBLWRES_R_UNEXPECTEDEND\fR is returned if the available space in the buffer \fIb\fR is too small to accommodate the packet header or the \fBlwres_nooprequest_t\fR and \fBlwres_noopresponse_t\fR structures\&. \fBlwres_nooprequest_parse()\fR and \fBlwres_noopresponse_parse()\fR will return \fBLWRES_R_UNEXPECTEDEND\fR if the buffer is not empty after decoding the received packet\&. These functions will return \fBLWRES_R_FAILURE\fR if \fBpktflags\fR in the packet header structure \fBlwres_lwpacket_t\fR indicate that the packet is not a response to an earlier query\&.
.SH "SEE ALSO"
.PP
\fBlwres_packet\fR(3)
\fBlwres_packet\fR(3)

664
lib/lwres/man/lwres_noop.html
View file

@ -1,388 +1,316 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_noop</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free &#8212; lightweight resolver no-op message handling</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">
#include &lt;lwres/lwres.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_nooprequest_render</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_nooprequest_t * </td>
<td>
<var class="pdparam">req</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_noopresponse_render</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_noopresponse_t * </td>
<td>
<var class="pdparam">req</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_nooprequest_parse</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_nooprequest_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_noopresponse_parse</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_noopresponse_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_noopresponse_free</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_noopresponse_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0">
<tr>
<td><code class="funcdef">
void
<b class="fsfunc">lwres_nooprequest_free</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_nooprequest_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2514136"></a><h2>DESCRIPTION</h2>
<p>
These are low-level routines for creating and parsing
lightweight resolver no-op request and response messages.
</p>
<p>
The no-op message is analogous to a <span><strong class="command">ping</strong></span>
packet:
a packet is sent to the resolver daemon and is simply echoed back.
The opcode is intended to allow a client to determine if the server is
operational or not.
</p>
<p>
There are four main functions for the no-op opcode.
One render function converts a no-op request structure &#8212;
<span class="type">lwres_nooprequest_t</span> &#8212;
to the lighweight resolver's canonical format.
It is complemented by a parse function that converts a packet in this
canonical format to a no-op request structure.
Another render function converts the no-op response structure &#8212;
<span class="type">lwres_noopresponse_t</span>
to the canonical format.
This is complemented by a parse function which converts a packet in
canonical format to a no-op response structure.
</p>
<p>
These structures are defined in
<code class="filename">lwres/lwres.h</code>.
<!-- $Id: lwres_noop.html,v 1.13 2005/04/07 03:50:04 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_noop</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_noop</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free&nbsp;--&nbsp;lightweight resolver no-op message handling</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN16"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN17"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/lwres.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_nooprequest_render</CODE
>(lwres_context_t *ctx, lwres_nooprequest_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_noopresponse_render</CODE
>(lwres_context_t *ctx, lwres_noopresponse_t *req, lwres_lwpacket_t *pkt, lwres_buffer_t *b);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_nooprequest_parse</CODE
>(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_nooprequest_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_noopresponse_parse</CODE
>(lwres_context_t *ctx, lwres_buffer_t *b, lwres_lwpacket_t *pkt, lwres_noopresponse_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_noopresponse_free</CODE
>(lwres_context_t *ctx, lwres_noopresponse_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>void
lwres_nooprequest_free</CODE
>(lwres_context_t *ctx, lwres_nooprequest_t **structp);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN57"
></A
><H2
>DESCRIPTION</H2
><P
>These are low-level routines for creating and parsing
lightweight resolver no-op request and response messages.</P
><P
>The no-op message is analogous to a <B
CLASS="COMMAND"
>ping</B
> packet:
a packet is sent to the resolver daemon and is simply echoed back.
The opcode is intended to allow a client to determine if the server is
operational or not.</P
><P
>There are four main functions for the no-op opcode.
One render function converts a no-op request structure &mdash;
<SPAN
CLASS="TYPE"
>lwres_nooprequest_t</SPAN
> &mdash;
to the lighweight resolver's canonical format.
It is complemented by a parse function that converts a packet in this
canonical format to a no-op request structure.
Another render function converts the no-op response structure &mdash;
<SPAN
CLASS="TYPE"
>lwres_noopresponse_t</SPAN
>
to the canonical format.
This is complemented by a parse function which converts a packet in
canonical format to a no-op response structure.</P
><P
>These structures are defined in
<TT
CLASS="FILENAME"
>lwres/lwres.h</TT
>.
They are shown below.
<PRE
CLASS="PROGRAMLISTING"
>#define LWRES_OPCODE_NOOP 0x00000000U
They are shown below.
</p>
<pre class="programlisting">
#define LWRES_OPCODE_NOOP 0x00000000U
</pre>
<p>
</p>
<pre class="programlisting">
typedef struct {
lwres_uint16_t datalength;
unsigned char *data;
} lwres_nooprequest_t;
</pre>
<p>
</p>
<pre class="programlisting">
typedef struct {
lwres_uint16_t datalength;
unsigned char *data;
} lwres_noopresponse_t;</PRE
>
Although the structures have different types, they are identical.
This is because the no-op opcode simply echos whatever data was sent:
the response is therefore identical to the request.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_nooprequest_render()</CODE
> uses resolver
context <CODE
CLASS="PARAMETER"
>ctx</CODE
> to convert no-op request structure
<CODE
CLASS="PARAMETER"
>req</CODE
> to canonical format. The packet header
structure <CODE
CLASS="PARAMETER"
>pkt</CODE
> is initialised and transferred to
buffer <CODE
CLASS="PARAMETER"
>b</CODE
>. The contents of
<CODE
CLASS="PARAMETER"
>*req</CODE
> are then appended to the buffer in
canonical format. <CODE
CLASS="FUNCTION"
>lwres_noopresponse_render()</CODE
>
performs the same task, except it converts a no-op response structure
<SPAN
CLASS="TYPE"
>lwres_noopresponse_t</SPAN
> to the lightweight resolver's
canonical format.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_nooprequest_parse()</CODE
> uses context
<CODE
CLASS="PARAMETER"
>ctx</CODE
> to convert the contents of packet
<CODE
CLASS="PARAMETER"
>pkt</CODE
> to a <SPAN
CLASS="TYPE"
>lwres_nooprequest_t</SPAN
>
structure. Buffer <CODE
CLASS="PARAMETER"
>b</CODE
> provides space to be used
for storing this structure. When the function succeeds, the resulting
<SPAN
CLASS="TYPE"
>lwres_nooprequest_t</SPAN
> is made available through
<CODE
CLASS="PARAMETER"
>*structp</CODE
>.
<CODE
CLASS="FUNCTION"
>lwres_noopresponse_parse()</CODE
> offers the same
semantics as <CODE
CLASS="FUNCTION"
>lwres_nooprequest_parse()</CODE
> except it
yields a <SPAN
CLASS="TYPE"
>lwres_noopresponse_t</SPAN
> structure.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_noopresponse_free()</CODE
> and
<CODE
CLASS="FUNCTION"
>lwres_nooprequest_free()</CODE
> release the memory in
resolver context <CODE
CLASS="PARAMETER"
>ctx</CODE
> that was allocated to the
<SPAN
CLASS="TYPE"
>lwres_noopresponse_t</SPAN
> or <SPAN
CLASS="TYPE"
>lwres_nooprequest_t</SPAN
>
structures referenced via <CODE
CLASS="PARAMETER"
>structp</CODE
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN95"
></A
><H2
>RETURN VALUES</H2
><P
>The no-op opcode functions
<CODE
CLASS="FUNCTION"
>lwres_nooprequest_render()</CODE
>,
} lwres_noopresponse_t;
</pre>
<p>
</p>
<p>
Although the structures have different types, they are identical.
This is because the no-op opcode simply echos whatever data was sent:
the response is therefore identical to the request.
</p>
<p><code class="function">lwres_nooprequest_render()</code>
uses resolver context <em class="parameter"><code>ctx</code></em> to convert
no-op request structure <em class="parameter"><code>req</code></em> to canonical
format. The packet header structure <em class="parameter"><code>pkt</code></em>
is initialised and transferred to buffer
<em class="parameter"><code>b</code></em>. The contents of
<em class="parameter"><code>*req</code></em> are then appended to the buffer in
canonical format.
<code class="function">lwres_noopresponse_render()</code> performs the
same task, except it converts a no-op response structure
<span class="type">lwres_noopresponse_t</span> to the lightweight resolver's
canonical format.
</p>
<p><code class="function">lwres_nooprequest_parse()</code>
uses context <em class="parameter"><code>ctx</code></em> to convert the contents
of packet <em class="parameter"><code>pkt</code></em> to a
<span class="type">lwres_nooprequest_t</span> structure. Buffer
<em class="parameter"><code>b</code></em> provides space to be used for storing
this structure. When the function succeeds, the resulting
<span class="type">lwres_nooprequest_t</span> is made available through
<em class="parameter"><code>*structp</code></em>.
<code class="function">lwres_noopresponse_parse()</code> offers the same
semantics as <code class="function">lwres_nooprequest_parse()</code>
except it yields a <span class="type">lwres_noopresponse_t</span> structure.
</p>
<p><code class="function">lwres_noopresponse_free()</code>
and <code class="function">lwres_nooprequest_free()</code> release the
memory in resolver context <em class="parameter"><code>ctx</code></em> that was
allocated to the <span class="type">lwres_noopresponse_t</span> or
<span class="type">lwres_nooprequest_t</span> structures referenced via
<em class="parameter"><code>structp</code></em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514423"></a><h2>RETURN VALUES</h2>
<p>
The no-op opcode functions
<code class="function">lwres_nooprequest_render()</code>,
<CODE
CLASS="FUNCTION"
>lwres_noopresponse_render()</CODE
>
<CODE
CLASS="FUNCTION"
>lwres_nooprequest_parse()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_noopresponse_parse()</CODE
>
all return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>
on success.
They return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_NOMEMORY</SPAN
>
if memory allocation fails.
<SPAN
CLASS="ERRORCODE"
>LWRES_R_UNEXPECTEDEND</SPAN
>
is returned if the available space in the buffer
<CODE
CLASS="PARAMETER"
>b</CODE
>
is too small to accommodate the packet header or the
<SPAN
CLASS="TYPE"
>lwres_nooprequest_t</SPAN
>
and
<SPAN
CLASS="TYPE"
>lwres_noopresponse_t</SPAN
>
structures.
<CODE
CLASS="FUNCTION"
>lwres_nooprequest_parse()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_noopresponse_parse()</CODE
>
will return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_UNEXPECTEDEND</SPAN
>
if the buffer is not empty after decoding the received packet.
These functions will return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_FAILURE</SPAN
>
if
<CODE
CLASS="CONSTANT"
>pktflags</CODE
>
in the packet header structure
<SPAN
CLASS="TYPE"
>lwres_lwpacket_t</SPAN
>
indicate that the packet is not a response to an earlier query.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN114"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_packet</SPAN
>(3)</SPAN
></P
></DIV
></BODY
></HTML
>
<code class="function">lwres_noopresponse_render()</code>
<code class="function">lwres_nooprequest_parse()</code>
and
<code class="function">lwres_noopresponse_parse()</code>
all return
<span class="errorcode">LWRES_R_SUCCESS</span>
on success.
They return
<span class="errorcode">LWRES_R_NOMEMORY</span>
if memory allocation fails.
<span class="errorcode">LWRES_R_UNEXPECTEDEND</span>
is returned if the available space in the buffer
<em class="parameter"><code>b</code></em>
is too small to accommodate the packet header or the
<span class="type">lwres_nooprequest_t</span>
and
<span class="type">lwres_noopresponse_t</span>
structures.
<code class="function">lwres_nooprequest_parse()</code>
and
<code class="function">lwres_noopresponse_parse()</code>
will return
<span class="errorcode">LWRES_R_UNEXPECTEDEND</span>
if the buffer is not empty after decoding the received packet.
These functions will return
<span class="errorcode">LWRES_R_FAILURE</span>
if
<code class="constant">pktflags</code>
in the packet header structure
<span class="type">lwres_lwpacket_t</span>
indicate that the packet is not a response to an earlier query.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514489"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>
</p>
</div>
</div></body>
</html>

149
lib/lwres/man/lwres_packet.3
View file

@ -1,46 +1,58 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_packet.3,v 1.21 2005/04/07 03:50:04 marka Exp $
.\"
.TH "LWRES_PACKET" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_PACKET" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_lwpacket_renderheader, lwres_lwpacket_parseheader \- lightweight resolver packet handling functions
.SH SYNOPSIS
\fB#include <lwres/lwpacket.h>
.SH "SYNOPSIS"
#include <lwres/lwpacket\&.h>
.sp
.na
lwres_result_t
lwres_lwpacket_renderheader(lwres_buffer_t *b, lwres_lwpacket_t *pkt);
.ad
.sp
.na
lwres_result_t
lwres_lwpacket_parseheader(lwres_buffer_t *b, lwres_lwpacket_t *pkt);
.ad
\fR
.HP 44
lwres_result_t\ \fBlwres_lwpacket_renderheader\fR\ (lwres_buffer_t\ *\fIb\fR, lwres_lwpacket_t\ *\fIpkt\fR);
.HP 43
lwres_result_t\ \fBlwres_lwpacket_parseheader\fR\ (lwres_buffer_t\ *\fIb\fR, lwres_lwpacket_t\ *\fIpkt\fR);
.SH "DESCRIPTION"
.PP
These functions rely on a
\fBstruct lwres_lwpacket\fR
which is defined in
\fIlwres/lwpacket.h\fR.
.sp
These functions rely on a \fBstruct lwres_lwpacket\fR which is defined in \fIlwres/lwpacket\&.h\fR\&.
.PP
.nf
typedef struct lwres_lwpacket lwres_lwpacket_t;
.fi
.PP
.nf
struct lwres_lwpacket {
lwres_uint32_t length;
lwres_uint16_t version;
@ -52,100 +64,51 @@ struct lwres_lwpacket {
lwres_uint16_t authtype;
lwres_uint16_t authlength;
};
.sp
.fi
.PP
The elements of this structure are:
The elements of this structure are:
.TP
\fBlength\fR
the overall packet length, including the entire packet header.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.
the overall packet length, including the entire packet header\&. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls\&.
.TP
\fBversion\fR
the header format. There is currently only one format,
\fBLWRES_LWPACKETVERSION_0\fR.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.
the header format\&. There is currently only one format, \fBLWRES_LWPACKETVERSION_0\fR\&. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls\&.
.TP
\fBpktflags\fR
library-defined flags for this packet: for instance whether the packet
is a request or a reply. Flag values can be set, but not defined by
the caller.
This field is filled in by the application wit the exception of the
LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library in the
lwres_gabn_*() and lwres_gnba_*() calls.
library\-defined flags for this packet: for instance whether the packet is a request or a reply\&. Flag values can be set, but not defined by the caller\&. This field is filled in by the application wit the exception of the LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library in the lwres_gabn_*() and lwres_gnba_*() calls\&.
.TP
\fBserial\fR
is set by the requestor and is returned in all replies. If two or more
packets from the same source have the same serial number and are from
the same source, they are assumed to be duplicates and the latter ones
may be dropped.
This field must be set by the application.
is set by the requestor and is returned in all replies\&. If two or more packets from the same source have the same serial number and are from the same source, they are assumed to be duplicates and the latter ones may be dropped\&. This field must be set by the application\&.
.TP
\fBopcode\fR
indicates the operation.
Opcodes between 0x00000000 and 0x03ffffff are
reserved for use by the lightweight resolver library. Opcodes between
0x04000000 and 0xffffffff are application defined.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.
indicates the operation\&. Opcodes between 0x00000000 and 0x03ffffff are reserved for use by the lightweight resolver library\&. Opcodes between 0x04000000 and 0xffffffff are application defined\&. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls\&.
.TP
\fBresult\fR
is only valid for replies.
Results between 0x04000000 and 0xffffffff are application defined.
Results between 0x00000000 and 0x03ffffff are reserved for library use.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.
is only valid for replies\&. Results between 0x04000000 and 0xffffffff are application defined\&. Results between 0x00000000 and 0x03ffffff are reserved for library use\&. This field is filled in by the lwres_gabn_*() and lwres_gnba_*() calls\&.
.TP
\fBrecvlength\fR
is the maximum buffer size that the receiver can handle on requests
and the size of the buffer needed to satisfy a request when the buffer
is too large for replies.
This field is supplied by the application.
is the maximum buffer size that the receiver can handle on requests and the size of the buffer needed to satisfy a request when the buffer is too large for replies\&. This field is supplied by the application\&.
.TP
\fBauthtype\fR
defines the packet level authentication that is used.
Authorisation types between 0x1000 and 0xffff are application defined
and types between 0x0000 and 0x0fff are reserved for library use.
Currently these are not used and must be zero.
defines the packet level authentication that is used\&. Authorisation types between 0x1000 and 0xffff are application defined and types between 0x0000 and 0x0fff are reserved for library use\&. Currently these are not used and must be zero\&.
.TP
\fBauthlen\fR
gives the length of the authentication data.
Since packet authentication is currently not used, this must be zero.
gives the length of the authentication data\&. Since packet authentication is currently not used, this must be zero\&.
.PP
The following opcodes are currently defined:
The following opcodes are currently defined:
.TP
\fBNOOP\fR
Success is always returned and the packet contents are echoed.
The lwres_noop_*() functions should be used for this type.
Success is always returned and the packet contents are echoed\&. The lwres_noop_*() functions should be used for this type\&.
.TP
\fBGETADDRSBYNAME\fR
returns all known addresses for a given name.
The lwres_gabn_*() functions should be used for this type.
returns all known addresses for a given name\&. The lwres_gabn_*() functions should be used for this type\&.
.TP
\fBGETNAMEBYADDR\fR
return the hostname for the given address.
The lwres_gnba_*() functions should be used for this type.
return the hostname for the given address\&. The lwres_gnba_*() functions should be used for this type\&.
.PP
\fBlwres_lwpacket_renderheader()\fR transfers the
contents of lightweight resolver packet structure
\fBlwres_lwpacket_t\fR \fI*pkt\fR in network
byte order to the lightweight resolver buffer,
\fI*b\fR.
\fBlwres_lwpacket_renderheader()\fR transfers the contents of lightweight resolver packet structure \fBlwres_lwpacket_t\fR \fI*pkt\fR in network byte order to the lightweight resolver buffer, \fI*b\fR\&.
.PP
\fBlwres_lwpacket_parseheader()\fR performs the
converse operation. It transfers data in network byte order from
buffer \fI*b\fR to resolver packet
\fI*pkt\fR. The contents of the buffer
\fIb\fR should correspond to a
\fBlwres_lwpacket_t\fR.
\fBlwres_lwpacket_parseheader()\fR performs the converse operation\&. It transfers data in network byte order from buffer \fI*b\fR to resolver packet \fI*pkt\fR\&. The contents of the buffer \fIb\fR should correspond to a \fBlwres_lwpacket_t\fR\&.
.SH "RETURN VALUES"
.PP
Successful calls to
\fBlwres_lwpacket_renderheader()\fR and
\fBlwres_lwpacket_parseheader()\fR return
LWRES_R_SUCCESS. If there is insufficient
space to copy data between the buffer \fI*b\fR and
lightweight resolver packet \fI*pkt\fR both functions
return LWRES_R_UNEXPECTEDEND.
Successful calls to \fBlwres_lwpacket_renderheader()\fR and \fBlwres_lwpacket_parseheader()\fR return \fBLWRES_R_SUCCESS\fR\&. If there is insufficient space to copy data between the buffer \fI*b\fR and lightweight resolver packet \fI*pkt\fR both functions return \fBLWRES_R_UNEXPECTEDEND\fR\&.

552
lib/lwres/man/lwres_packet.html
View file

@ -1,110 +1,83 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_packet.html,v 1.14 2005/04/07 03:50:04 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_packet</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_packet</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_lwpacket_renderheader, lwres_lwpacket_parseheader&nbsp;--&nbsp;lightweight resolver packet handling functions</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN12"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN13"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/lwpacket.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_lwpacket_renderheader</CODE
>(lwres_buffer_t *b, lwres_lwpacket_t *pkt);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_lwpacket_parseheader</CODE
>(lwres_buffer_t *b, lwres_lwpacket_t *pkt);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN25"
></A
><H2
>DESCRIPTION</H2
><P
>These functions rely on a
<SPAN
CLASS="TYPE"
>struct lwres_lwpacket</SPAN
>
which is defined in
<TT
CLASS="FILENAME"
>lwres/lwpacket.h</TT
>.
<PRE
CLASS="PROGRAMLISTING"
>typedef struct lwres_lwpacket lwres_lwpacket_t;
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_packet</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_lwpacket_renderheader, lwres_lwpacket_parseheader &#8212; lightweight resolver packet handling functions</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/lwpacket.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_lwpacket_renderheader</b>(</code></td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_lwpacket_parseheader</b>(</code></td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_lwpacket_t * </td>
<td>
<var class="pdparam">pkt</var><code>)</code>;</td>
</tr>
</table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2514004"></a><h2>DESCRIPTION</h2>
<p>
These functions rely on a
<span class="type">struct lwres_lwpacket</span>
which is defined in
<code class="filename">lwres/lwpacket.h</code>.
</p>
<pre class="programlisting">
typedef struct lwres_lwpacket lwres_lwpacket_t;
</pre>
<p>
</p>
<pre class="programlisting">
struct lwres_lwpacket {
lwres_uint32_t length;
lwres_uint16_t version;
@ -115,248 +88,147 @@ struct lwres_lwpacket {
lwres_uint32_t recvlength;
lwres_uint16_t authtype;
lwres_uint16_t authlength;
};</PRE
></P
><P
>The elements of this structure are:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>length</CODE
></DT
><DD
><P
>the overall packet length, including the entire packet header.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>version</CODE
></DT
><DD
><P
>the header format. There is currently only one format,
<SPAN
CLASS="TYPE"
>LWRES_LWPACKETVERSION_0</SPAN
>.
};
</pre>
<p>
</p>
<p>
The elements of this structure are:
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">length</code></span></dt>
<dd><p>
the overall packet length, including the entire packet header.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.
</p></dd>
<dt><span class="term"><code class="constant">version</code></span></dt>
<dd><p>
the header format. There is currently only one format,
<span class="type">LWRES_LWPACKETVERSION_0</span>.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>pktflags</CODE
></DT
><DD
><P
>library-defined flags for this packet: for instance whether the packet
is a request or a reply. Flag values can be set, but not defined by
the caller.
This field is filled in by the application wit the exception of the
LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library in the
lwres_gabn_*() and lwres_gnba_*() calls.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>serial</CODE
></DT
><DD
><P
>is set by the requestor and is returned in all replies. If two or more
packets from the same source have the same serial number and are from
the same source, they are assumed to be duplicates and the latter ones
may be dropped.
This field must be set by the application.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>opcode</CODE
></DT
><DD
><P
>indicates the operation.
Opcodes between 0x00000000 and 0x03ffffff are
reserved for use by the lightweight resolver library. Opcodes between
0x04000000 and 0xffffffff are application defined.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>result</CODE
></DT
><DD
><P
>is only valid for replies.
Results between 0x04000000 and 0xffffffff are application defined.
Results between 0x00000000 and 0x03ffffff are reserved for library use.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>recvlength</CODE
></DT
><DD
><P
>is the maximum buffer size that the receiver can handle on requests
and the size of the buffer needed to satisfy a request when the buffer
is too large for replies.
This field is supplied by the application.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>authtype</CODE
></DT
><DD
><P
>defines the packet level authentication that is used.
Authorisation types between 0x1000 and 0xffff are application defined
and types between 0x0000 and 0x0fff are reserved for library use.
Currently these are not used and must be zero.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>authlen</CODE
></DT
><DD
><P
>gives the length of the authentication data.
Since packet authentication is currently not used, this must be zero.</P
></DD
></DL
></DIV
></P
><P
>The following opcodes are currently defined:
<P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
><CODE
CLASS="CONSTANT"
>NOOP</CODE
></DT
><DD
><P
>Success is always returned and the packet contents are echoed.
The lwres_noop_*() functions should be used for this type.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>GETADDRSBYNAME</CODE
></DT
><DD
><P
>returns all known addresses for a given name.
The lwres_gabn_*() functions should be used for this type.</P
></DD
><DT
><CODE
CLASS="CONSTANT"
>GETNAMEBYADDR</CODE
></DT
><DD
><P
>return the hostname for the given address.
The lwres_gnba_*() functions should be used for this type.</P
></DD
></DL
></DIV
></P
><P
><CODE
CLASS="FUNCTION"
>lwres_lwpacket_renderheader()</CODE
> transfers the
contents of lightweight resolver packet structure
<SPAN
CLASS="TYPE"
>lwres_lwpacket_t</SPAN
> <CODE
CLASS="PARAMETER"
>*pkt</CODE
> in network
byte order to the lightweight resolver buffer,
<CODE
CLASS="PARAMETER"
>*b</CODE
>.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_lwpacket_parseheader()</CODE
> performs the
converse operation. It transfers data in network byte order from
buffer <CODE
CLASS="PARAMETER"
>*b</CODE
> to resolver packet
<CODE
CLASS="PARAMETER"
>*pkt</CODE
>. The contents of the buffer
<CODE
CLASS="PARAMETER"
>b</CODE
> should correspond to a
<SPAN
CLASS="TYPE"
>lwres_lwpacket_t</SPAN
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN107"
></A
><H2
>RETURN VALUES</H2
><P
> Successful calls to
<CODE
CLASS="FUNCTION"
>lwres_lwpacket_renderheader()</CODE
> and
<CODE
CLASS="FUNCTION"
>lwres_lwpacket_parseheader()</CODE
> return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>. If there is insufficient
space to copy data between the buffer <CODE
CLASS="PARAMETER"
>*b</CODE
> and
lightweight resolver packet <CODE
CLASS="PARAMETER"
>*pkt</CODE
> both functions
return <SPAN
CLASS="ERRORCODE"
>LWRES_R_UNEXPECTEDEND</SPAN
>.</P
></DIV
></BODY
></HTML
>
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.
</p></dd>
<dt><span class="term"><code class="constant">pktflags</code></span></dt>
<dd><p>
library-defined flags for this packet: for instance whether the
packet
is a request or a reply. Flag values can be set, but not defined
by
the caller.
This field is filled in by the application wit the exception of
the
LWRES_LWPACKETFLAG_RESPONSE bit, which is set by the library in
the
lwres_gabn_*() and lwres_gnba_*() calls.
</p></dd>
<dt><span class="term"><code class="constant">serial</code></span></dt>
<dd><p>
is set by the requestor and is returned in all replies. If two
or more
packets from the same source have the same serial number and are
from
the same source, they are assumed to be duplicates and the
latter ones
may be dropped.
This field must be set by the application.
</p></dd>
<dt><span class="term"><code class="constant">opcode</code></span></dt>
<dd><p>
indicates the operation.
Opcodes between 0x00000000 and 0x03ffffff are
reserved for use by the lightweight resolver library. Opcodes
between
0x04000000 and 0xffffffff are application defined.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.
</p></dd>
<dt><span class="term"><code class="constant">result</code></span></dt>
<dd><p>
is only valid for replies.
Results between 0x04000000 and 0xffffffff are application
defined.
Results between 0x00000000 and 0x03ffffff are reserved for
library use.
This field is filled in by the lwres_gabn_*() and lwres_gnba_*()
calls.
</p></dd>
<dt><span class="term"><code class="constant">recvlength</code></span></dt>
<dd><p>
is the maximum buffer size that the receiver can handle on
requests
and the size of the buffer needed to satisfy a request when the
buffer
is too large for replies.
This field is supplied by the application.
</p></dd>
<dt><span class="term"><code class="constant">authtype</code></span></dt>
<dd><p>
defines the packet level authentication that is used.
Authorisation types between 0x1000 and 0xffff are application
defined
and types between 0x0000 and 0x0fff are reserved for library
use.
Currently these are not used and must be zero.
</p></dd>
<dt><span class="term"><code class="constant">authlen</code></span></dt>
<dd><p>
gives the length of the authentication data.
Since packet authentication is currently not used, this must be
zero.
</p></dd>
</dl></div>
<p>
</p>
<p>
The following opcodes are currently defined:
</p>
<div class="variablelist"><dl>
<dt><span class="term"><code class="constant">NOOP</code></span></dt>
<dd><p>
Success is always returned and the packet contents are echoed.
The lwres_noop_*() functions should be used for this type.
</p></dd>
<dt><span class="term"><code class="constant">GETADDRSBYNAME</code></span></dt>
<dd><p>
returns all known addresses for a given name.
The lwres_gabn_*() functions should be used for this type.
</p></dd>
<dt><span class="term"><code class="constant">GETNAMEBYADDR</code></span></dt>
<dd><p>
return the hostname for the given address.
The lwres_gnba_*() functions should be used for this type.
</p></dd>
</dl></div>
<p>
</p>
<p><code class="function">lwres_lwpacket_renderheader()</code>
transfers the contents of lightweight resolver packet structure
<span class="type">lwres_lwpacket_t</span> <em class="parameter"><code>*pkt</code></em> in
network byte order to the lightweight resolver buffer,
<em class="parameter"><code>*b</code></em>.
</p>
<p><code class="function">lwres_lwpacket_parseheader()</code>
performs the converse operation. It transfers data in network
byte order from buffer <em class="parameter"><code>*b</code></em> to resolver
packet <em class="parameter"><code>*pkt</code></em>. The contents of the buffer
<em class="parameter"><code>b</code></em> should correspond to a
<span class="type">lwres_lwpacket_t</span>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514457"></a><h2>RETURN VALUES</h2>
<p>
Successful calls to
<code class="function">lwres_lwpacket_renderheader()</code> and
<code class="function">lwres_lwpacket_parseheader()</code> return
<span class="errorcode">LWRES_R_SUCCESS</span>. If there is insufficient
space to copy data between the buffer <em class="parameter"><code>*b</code></em> and
lightweight resolver packet <em class="parameter"><code>*pkt</code></em> both
functions
return <span class="errorcode">LWRES_R_UNEXPECTEDEND</span>.
</p>
</div>
</div></body>
</html>

165
lib/lwres/man/lwres_resutil.3
View file

@ -1,76 +1,61 @@
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
.\" Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: lwres_resutil.3,v 1.20 2005/04/07 03:50:04 marka Exp $
.\"
.TH "LWRES_RESUTIL" "3" "Jun 30, 2000" "BIND9" ""
.\"
.hy 0
.ad l
.\"Generated by db2man.xsl. Don't modify this, modify the source.
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "LWRES_RESUTIL" 3 "Jun 30, 2000" "" ""
.SH NAME
lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr \- lightweight resolver utility functions
.SH SYNOPSIS
\fB#include <lwres/lwres.h>
.SH "SYNOPSIS"
#include <lwres/lwres\&.h>
.sp
.na
lwres_result_t
lwres_string_parse(lwres_buffer_t *b, char **c, lwres_uint16_t *len);
.ad
.sp
.na
lwres_result_t
lwres_addr_parse(lwres_buffer_t *b, lwres_addr_t *addr);
.ad
.sp
.na
lwres_result_t
lwres_getaddrsbyname(lwres_context_t *ctx, const char *name, lwres_uint32_t addrtypes, lwres_gabnresponse_t **structp);
.ad
.sp
.na
lwres_result_t
lwres_getnamebyaddr(lwres_context_t *ctx, lwres_uint32_t addrtype, lwres_uint16_t addrlen, const unsigned char *addr, lwres_gnbaresponse_t **structp);
.ad
\fR
.HP 35
lwres_result_t\ \fBlwres_string_parse\fR\ (lwres_buffer_t\ *\fIb\fR, char\ **\fIc\fR, lwres_uint16_t\ *\fIlen\fR);
.HP 33
lwres_result_t\ \fBlwres_addr_parse\fR\ (lwres_buffer_t\ *\fIb\fR, lwres_addr_t\ *\fIaddr\fR);
.HP 37
lwres_result_t\ \fBlwres_getaddrsbyname\fR\ (lwres_context_t\ *\fIctx\fR, const\ char\ *\fIname\fR, lwres_uint32_t\ \fIaddrtypes\fR, lwres_gabnresponse_t\ **\fIstructp\fR);
.HP 36
lwres_result_t\ \fBlwres_getnamebyaddr\fR\ (lwres_context_t\ *\fIctx\fR, lwres_uint32_t\ \fIaddrtype\fR, lwres_uint16_t\ \fIaddrlen\fR, const\ unsigned\ char\ *\fIaddr\fR, lwres_gnbaresponse_t\ **\fIstructp\fR);
.SH "DESCRIPTION"
.PP
\fBlwres_string_parse()\fR retrieves a DNS-encoded
string starting the current pointer of lightweight resolver buffer
\fIb\fR: i.e. b->current.
When the function returns, the address of the first byte of the
encoded string is returned via \fI*c\fR and the
length of that string is given by \fI*len\fR. The
buffer's current pointer is advanced to point at the character
following the string length, the encoded string, and the trailing
\fBNULL\fR character.
\fBlwres_string_parse()\fR retrieves a DNS\-encoded string starting the current pointer of lightweight resolver buffer \fIb\fR: i\&.e\&. \fBb\->current\fR\&. When the function returns, the address of the first byte of the encoded string is returned via \fI*c\fR and the length of that string is given by \fI*len\fR\&. The buffer's current pointer is advanced to point at the character following the string length, the encoded string, and the trailing \fBNULL\fR character\&.
.PP
\fBlwres_addr_parse()\fR extracts an address from the
buffer \fIb\fR. The buffer's current pointer
b->current is presumed to point at an encoded
address: the address preceded by a 32-bit protocol family identifier
and a 16-bit length field. The encoded address is copied to
addr->address and
addr->length indicates the size in bytes of
the address that was copied. b->current is
advanced to point at the next byte of available data in the buffer
following the encoded address.
\fBlwres_addr_parse()\fR extracts an address from the buffer \fIb\fR\&. The buffer's current pointer \fBb\->current\fR is presumed to point at an encoded address: the address preceded by a 32\-bit protocol family identifier and a 16\-bit length field\&. The encoded address is copied to \fBaddr\->address\fR and \fBaddr\->length\fR indicates the size in bytes of the address that was copied\&. \fBb\->current\fR is advanced to point at the next byte of available data in the buffer following the encoded address\&.
.PP
\fBlwres_getaddrsbyname()\fR and \fBlwres_getnamebyaddr()\fR use the \fBlwres_gnbaresponse_t\fR structure defined below:
.PP
\fBlwres_getaddrsbyname()\fR
and
\fBlwres_getnamebyaddr()\fR
use the
\fBlwres_gnbaresponse_t\fR
structure defined below:
.sp
.nf
typedef struct {
lwres_uint32_t flags;
@ -84,70 +69,22 @@ typedef struct {
void *base;
size_t baselen;
} lwres_gabnresponse_t;
.sp
.fi
The contents of this structure are not manipulated directly but
they are controlled through the
\fBlwres_gabn\fR(3)
functions.
.PP
The lightweight resolver uses
\fBlwres_getaddrsbyname()\fR to perform foward lookups.
Hostname \fIname\fR is looked up using the resolver
context \fIctx\fR for memory allocation.
\fIaddrtypes\fR is a bitmask indicating which type of
addresses are to be looked up. Current values for this bitmask are
\fBLWRES_ADDRTYPE_V4\fR for IPv4 addresses and
\fBLWRES_ADDRTYPE_V6\fR for IPv6 addresses. Results of the
lookup are returned in \fI*structp\fR.
The contents of this structure are not manipulated directly but they are controlled through the \fBlwres_gabn\fR(3) functions\&.
.PP
\fBlwres_getnamebyaddr()\fR performs reverse lookups.
Resolver context \fIctx\fR is used for memory
allocation. The address type is indicated by
\fIaddrtype\fR: \fBLWRES_ADDRTYPE_V4\fR or
\fBLWRES_ADDRTYPE_V6\fR. The address to be looked up is given
by \fIaddr\fR and its length is
\fIaddrlen\fR bytes. The result of the function call
is made available through \fI*structp\fR.
The lightweight resolver uses \fBlwres_getaddrsbyname()\fR to perform foward lookups\&. Hostname \fIname\fR is looked up using the resolver context \fIctx\fR for memory allocation\&. \fIaddrtypes\fR is a bitmask indicating which type of addresses are to be looked up\&. Current values for this bitmask are \fBLWRES_ADDRTYPE_V4\fR for IPv4 addresses and \fBLWRES_ADDRTYPE_V6\fR for IPv6 addresses\&. Results of the lookup are returned in \fI*structp\fR\&.
.PP
\fBlwres_getnamebyaddr()\fR performs reverse lookups\&. Resolver context \fIctx\fR is used for memory allocation\&. The address type is indicated by \fIaddrtype\fR: \fBLWRES_ADDRTYPE_V4\fR or \fBLWRES_ADDRTYPE_V6\fR\&. The address to be looked up is given by \fIaddr\fR and its length is \fIaddrlen\fR bytes\&. The result of the function call is made available through \fI*structp\fR\&.
.SH "RETURN VALUES"
.PP
Successful calls to
\fBlwres_string_parse()\fR
and
\fBlwres_addr_parse()\fR
return
LWRES_R_SUCCESS.
Both functions return
LWRES_R_FAILURE
if the buffer is corrupt or
LWRES_R_UNEXPECTEDEND
if the buffer has less space than expected for the components of the
encoded string or address.
Successful calls to \fBlwres_string_parse()\fR and \fBlwres_addr_parse()\fR return \fBLWRES_R_SUCCESS\&.\fR Both functions return \fBLWRES_R_FAILURE\fR if the buffer is corrupt or \fBLWRES_R_UNEXPECTEDEND\fR if the buffer has less space than expected for the components of the encoded string or address\&.
.PP
\fBlwres_getaddrsbyname()\fR
returns
LWRES_R_SUCCESS
on success and it returns
LWRES_R_NOTFOUND
if the hostname
\fIname\fR
could not be found.
\fBlwres_getaddrsbyname()\fR returns \fBLWRES_R_SUCCESS\fR on success and it returns \fBLWRES_R_NOTFOUND\fR if the hostname \fIname\fR could not be found\&.
.PP
LWRES_R_SUCCESS
is returned by a successful call to
\fBlwres_getnamebyaddr()\fR.
\fBLWRES_R_SUCCESS\fR is returned by a successful call to \fBlwres_getnamebyaddr()\fR\&.
.PP
Both
\fBlwres_getaddrsbyname()\fR
and
\fBlwres_getnamebyaddr()\fR
return
LWRES_R_NOMEMORY
when memory allocation requests fail and
LWRES_R_UNEXPECTEDEND
if the buffers used for sending queries and receiving replies are too
small.
Both \fBlwres_getaddrsbyname()\fR and \fBlwres_getnamebyaddr()\fR return \fBLWRES_R_NOMEMORY\fR when memory allocation requests fail and \fBLWRES_R_UNEXPECTEDEND\fR if the buffers used for sending queries and receiving replies are too small\&.
.SH "SEE ALSO"
.PP
\fBlwres_buffer\fR(3),
\fBlwres_gabn\fR(3).
\fBlwres_buffer\fR(3), \fBlwres_gabn\fR(3)\&.

600
lib/lwres/man/lwres_resutil.html
View file

@ -1,186 +1,169 @@
<!--
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium
-
- Permission to use, copy, modify, and distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
-
- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: lwres_resutil.html,v 1.14 2005/04/07 03:50:04 marka Exp $ -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>lwres_resutil</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="AEN1"
></A
>lwres_resutil</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN8"
></A
><H2
>Name</H2
>lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr&nbsp;--&nbsp;lightweight resolver utility functions</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN14"
></A
><H2
>Synopsis</H2
><DIV
CLASS="FUNCSYNOPSIS"
><P
></P
><A
NAME="AEN15"
></A
><PRE
CLASS="FUNCSYNOPSISINFO"
>#include &lt;lwres/lwres.h&gt;</PRE
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_string_parse</CODE
>(lwres_buffer_t *b, char **c, lwres_uint16_t *len);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_addr_parse</CODE
>(lwres_buffer_t *b, lwres_addr_t *addr);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_getaddrsbyname</CODE
>(lwres_context_t *ctx, const char *name, lwres_uint32_t addrtypes, lwres_gabnresponse_t **structp);</CODE
></P
><P
><CODE
><CODE
CLASS="FUNCDEF"
>lwres_result_t
lwres_getnamebyaddr</CODE
>(lwres_context_t *ctx, lwres_uint32_t addrtype, lwres_uint16_t addrlen, const unsigned char *addr, lwres_gnbaresponse_t **structp);</CODE
></P
><P
></P
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN43"
></A
><H2
>DESCRIPTION</H2
><P
><CODE
CLASS="FUNCTION"
>lwres_string_parse()</CODE
> retrieves a DNS-encoded
string starting the current pointer of lightweight resolver buffer
<CODE
CLASS="PARAMETER"
>b</CODE
>: i.e. <CODE
CLASS="CONSTANT"
>b-&gt;current</CODE
>.
When the function returns, the address of the first byte of the
encoded string is returned via <CODE
CLASS="PARAMETER"
>*c</CODE
> and the
length of that string is given by <CODE
CLASS="PARAMETER"
>*len</CODE
>. The
buffer's current pointer is advanced to point at the character
following the string length, the encoded string, and the trailing
<SPAN
CLASS="TYPE"
>NULL</SPAN
> character.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_addr_parse()</CODE
> extracts an address from the
buffer <CODE
CLASS="PARAMETER"
>b</CODE
>. The buffer's current pointer
<CODE
CLASS="CONSTANT"
>b-&gt;current</CODE
> is presumed to point at an encoded
address: the address preceded by a 32-bit protocol family identifier
and a 16-bit length field. The encoded address is copied to
<CODE
CLASS="CONSTANT"
>addr-&gt;address</CODE
> and
<CODE
CLASS="CONSTANT"
>addr-&gt;length</CODE
> indicates the size in bytes of
the address that was copied. <CODE
CLASS="CONSTANT"
>b-&gt;current</CODE
> is
advanced to point at the next byte of available data in the buffer
following the encoded address.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_getaddrsbyname()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_getnamebyaddr()</CODE
>
use the
<SPAN
CLASS="TYPE"
>lwres_gnbaresponse_t</SPAN
>
structure defined below:
<PRE
CLASS="PROGRAMLISTING"
>typedef struct {
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>lwres_resutil</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.68.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
<a name="id2456618"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr &#8212; lightweight resolver utility functions</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="funcsynopsis">
<pre class="funcsynopsisinfo">#include &lt;lwres/lwres.h&gt;</pre>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_string_parse</b>(</code></td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>char ** </td>
<td>
<var class="pdparam">c</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_uint16_t * </td>
<td>
<var class="pdparam">len</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_addr_parse</b>(</code></td>
<td>lwres_buffer_t * </td>
<td>
<var class="pdparam">b</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_addr_t * </td>
<td>
<var class="pdparam">addr</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0" style="padding-bottom: 1em">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_getaddrsbyname</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>const char * </td>
<td>
<var class="pdparam">name</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_uint32_t  </td>
<td>
<var class="pdparam">addrtypes</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gabnresponse_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
<table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0">
<tr>
<td><code class="funcdef">
lwres_result_t
<b class="fsfunc">lwres_getnamebyaddr</b>(</code></td>
<td>lwres_context_t * </td>
<td>
<var class="pdparam">ctx</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_uint32_t  </td>
<td>
<var class="pdparam">addrtype</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_uint16_t  </td>
<td>
<var class="pdparam">addrlen</var>, </td>
</tr>
<tr>
<td> </td>
<td>const unsigned char * </td>
<td>
<var class="pdparam">addr</var>, </td>
</tr>
<tr>
<td> </td>
<td>lwres_gnbaresponse_t ** </td>
<td>
<var class="pdparam">structp</var><code>)</code>;</td>
</tr>
</table>
</div>
</div>
<div class="refsect1" lang="en">
<a name="id2514081"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_string_parse()</code>
retrieves a DNS-encoded string starting the current pointer of
lightweight resolver buffer <em class="parameter"><code>b</code></em>: i.e.
<code class="constant">b-&gt;current</code>. When the function returns,
the address of the first byte of the encoded string is returned
via <em class="parameter"><code>*c</code></em> and the length of that string is
given by <em class="parameter"><code>*len</code></em>. The buffer's current
pointer is advanced to point at the character following the
string length, the encoded string, and the trailing
<span class="type">NULL</span> character.
</p>
<p><code class="function">lwres_addr_parse()</code>
extracts an address from the buffer <em class="parameter"><code>b</code></em>.
The buffer's current pointer <code class="constant">b-&gt;current</code>
is presumed to point at an encoded address: the address preceded
by a 32-bit protocol family identifier and a 16-bit length
field. The encoded address is copied to
<code class="constant">addr-&gt;address</code> and
<code class="constant">addr-&gt;length</code> indicates the size in bytes
of the address that was copied.
<code class="constant">b-&gt;current</code> is advanced to point at the
next byte of available data in the buffer following the encoded
address.
</p>
<p><code class="function">lwres_getaddrsbyname()</code>
and <code class="function">lwres_getnamebyaddr()</code> use the
<span class="type">lwres_gnbaresponse_t</span> structure defined below:
</p>
<pre class="programlisting">
typedef struct {
lwres_uint32_t flags;
lwres_uint16_t naliases;
lwres_uint16_t naddrs;
@ -191,197 +174,84 @@ CLASS="PROGRAMLISTING"
lwres_addrlist_t addrs;
void *base;
size_t baselen;
} lwres_gabnresponse_t;</PRE
>
The contents of this structure are not manipulated directly but
they are controlled through the
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_gabn</SPAN
>(3)</SPAN
>
functions.</P
><P
>The lightweight resolver uses
<CODE
CLASS="FUNCTION"
>lwres_getaddrsbyname()</CODE
> to perform foward lookups.
Hostname <CODE
CLASS="PARAMETER"
>name</CODE
> is looked up using the resolver
context <CODE
CLASS="PARAMETER"
>ctx</CODE
> for memory allocation.
<CODE
CLASS="PARAMETER"
>addrtypes</CODE
> is a bitmask indicating which type of
addresses are to be looked up. Current values for this bitmask are
<SPAN
CLASS="TYPE"
>LWRES_ADDRTYPE_V4</SPAN
> for IPv4 addresses and
<SPAN
CLASS="TYPE"
>LWRES_ADDRTYPE_V6</SPAN
> for IPv6 addresses. Results of the
lookup are returned in <CODE
CLASS="PARAMETER"
>*structp</CODE
>.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_getnamebyaddr()</CODE
> performs reverse lookups.
Resolver context <CODE
CLASS="PARAMETER"
>ctx</CODE
> is used for memory
allocation. The address type is indicated by
<CODE
CLASS="PARAMETER"
>addrtype</CODE
>: <SPAN
CLASS="TYPE"
>LWRES_ADDRTYPE_V4</SPAN
> or
<SPAN
CLASS="TYPE"
>LWRES_ADDRTYPE_V6</SPAN
>. The address to be looked up is given
by <CODE
CLASS="PARAMETER"
>addr</CODE
> and its length is
<CODE
CLASS="PARAMETER"
>addrlen</CODE
> bytes. The result of the function call
is made available through <CODE
CLASS="PARAMETER"
>*structp</CODE
>.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN84"
></A
><H2
>RETURN VALUES</H2
><P
>Successful calls to
<CODE
CLASS="FUNCTION"
>lwres_string_parse()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_addr_parse()</CODE
>
return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS.</SPAN
>
Both functions return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_FAILURE</SPAN
>
if the buffer is corrupt or
<SPAN
CLASS="ERRORCODE"
>LWRES_R_UNEXPECTEDEND</SPAN
>
if the buffer has less space than expected for the components of the
encoded string or address.</P
><P
><CODE
CLASS="FUNCTION"
>lwres_getaddrsbyname()</CODE
>
returns
<SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>
on success and it returns
<SPAN
CLASS="ERRORCODE"
>LWRES_R_NOTFOUND</SPAN
>
if the hostname
<CODE
CLASS="PARAMETER"
>name</CODE
>
could not be found.</P
><P
><SPAN
CLASS="ERRORCODE"
>LWRES_R_SUCCESS</SPAN
>
is returned by a successful call to
<CODE
CLASS="FUNCTION"
>lwres_getnamebyaddr()</CODE
>.</P
><P
>Both
<CODE
CLASS="FUNCTION"
>lwres_getaddrsbyname()</CODE
>
and
<CODE
CLASS="FUNCTION"
>lwres_getnamebyaddr()</CODE
>
return
<SPAN
CLASS="ERRORCODE"
>LWRES_R_NOMEMORY</SPAN
>
when memory allocation requests fail and
<SPAN
CLASS="ERRORCODE"
>LWRES_R_UNEXPECTEDEND</SPAN
>
if the buffers used for sending queries and receiving replies are too
small.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN105"
></A
><H2
>SEE ALSO</H2
><P
><SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_buffer</SPAN
>(3)</SPAN
>,
} lwres_gabnresponse_t;
</pre>
<p>
The contents of this structure are not manipulated directly but
they are controlled through the
<span class="citerefentry"><span class="refentrytitle">lwres_gabn</span>(3)</span>
functions.
</p>
<p>
The lightweight resolver uses
<code class="function">lwres_getaddrsbyname()</code> to perform
foward lookups.
Hostname <em class="parameter"><code>name</code></em> is looked up using the
resolver
context <em class="parameter"><code>ctx</code></em> for memory allocation.
<em class="parameter"><code>addrtypes</code></em> is a bitmask indicating
which type of
addresses are to be looked up. Current values for this bitmask are
<span class="type">LWRES_ADDRTYPE_V4</span> for IPv4 addresses and
<span class="type">LWRES_ADDRTYPE_V6</span> for IPv6 addresses. Results of the
lookup are returned in <em class="parameter"><code>*structp</code></em>.
</p>
<p><code class="function">lwres_getnamebyaddr()</code>
performs reverse lookups. Resolver context
<em class="parameter"><code>ctx</code></em> is used for memory allocation. The
address type is indicated by <em class="parameter"><code>addrtype</code></em>:
<span class="type">LWRES_ADDRTYPE_V4</span> or
<span class="type">LWRES_ADDRTYPE_V6</span>. The address to be looked up is
given by <em class="parameter"><code>addr</code></em> and its length is
<em class="parameter"><code>addrlen</code></em> bytes. The result of the
function call is made available through
<em class="parameter"><code>*structp</code></em>.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514356"></a><h2>RETURN VALUES</h2>
<p>
Successful calls to
<code class="function">lwres_string_parse()</code>
and
<code class="function">lwres_addr_parse()</code>
return
<span class="errorcode">LWRES_R_SUCCESS.</span>
Both functions return
<span class="errorcode">LWRES_R_FAILURE</span>
if the buffer is corrupt or
<span class="errorcode">LWRES_R_UNEXPECTEDEND</span>
if the buffer has less space than expected for the components of the
encoded string or address.
</p>
<p><code class="function">lwres_getaddrsbyname()</code>
returns <span class="errorcode">LWRES_R_SUCCESS</span> on success and it
returns <span class="errorcode">LWRES_R_NOTFOUND</span> if the hostname
<em class="parameter"><code>name</code></em> could not be found.
</p>
<p><span class="errorcode">LWRES_R_SUCCESS</span>
is returned by a successful call to
<code class="function">lwres_getnamebyaddr()</code>.
</p>
<p>
Both
<code class="function">lwres_getaddrsbyname()</code>
and
<code class="function">lwres_getnamebyaddr()</code>
return
<span class="errorcode">LWRES_R_NOMEMORY</span>
when memory allocation requests fail and
<span class="errorcode">LWRES_R_UNEXPECTEDEND</span>
if the buffers used for sending queries and receiving replies are too
small.
</p>
</div>
<div class="refsect1" lang="en">
<a name="id2514427"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_buffer</span>(3)</span>,
<SPAN
CLASS="CITEREFENTRY"
><SPAN
CLASS="REFENTRYTITLE"
>lwres_gabn</SPAN
>(3)</SPAN
>.</P
></DIV
></BODY
></HTML
>
<span class="citerefentry"><span class="refentrytitle">lwres_gabn</span>(3)</span>.
</p>
</div>
</div></body>
</html>