diff options
Diffstat (limited to 'contrib/bind/doc/man')
| -rw-r--r-- | contrib/bind/doc/man/dig.1 | 17 | ||||
| -rw-r--r-- | contrib/bind/doc/man/dnssigner.1 | 213 | ||||
| -rw-r--r-- | contrib/bind/doc/man/host.1 | 1 | ||||
| -rw-r--r-- | contrib/bind/doc/man/nslookup.8 | 6 |
4 files changed, 14 insertions, 223 deletions
diff --git a/contrib/bind/doc/man/dig.1 b/contrib/bind/doc/man/dig.1 index 40da7a0..e150b04 100644 --- a/contrib/bind/doc/man/dig.1 +++ b/contrib/bind/doc/man/dig.1 @@ -1,4 +1,5 @@ -.\" $Id: dig.1,v 8.11 2003/04/03 05:52:34 marka Exp $ +.\" $FreeBSD$ +.\" $Id: dig.1,v 8.9 2002/06/18 01:53:43 marka Exp $ .\" .\" ++Copyright++ 1993 .\" - @@ -99,7 +100,7 @@ may be either a domain name or a raw (IPv4 / IPv6) Internet address. If this optional field is omitted, .Ic dig will attempt to use the default name server for your machine. -.sp 1 +.Pp .Em Note : If a domain name is specified, this will be resolved using the domain name system resolver (i.e., BIND). If your @@ -128,11 +129,10 @@ environment variable to name a file which is to be used instead of .Pa /etc/resolv.conf -.Po Ns Ev LOCALRES +.Ns Ev (LOCALRES is specific to the .Ic dig -resolver and is not referenced by the standard resolver -.Pc . +resolver and is not referenced by the standard resolver). If the .Ev LOCALRES variable is not set or the specified file @@ -246,7 +246,7 @@ one can simply .It Fl x Ar IPv6-address Convenient form to specify inverse address mapping. Instead of -.Dq Ic dig 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa , +.Dq Ic dig 1.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa , one can simply .Dq Ic dig -x ::1 . .It Fl f Ar file @@ -645,7 +645,8 @@ structure. .Sh ENVIRONMENT .Bl -tag -width "LOCALRES " -compact .It Ev LOCALRES -file to use in place of Pa /etc/resolv.conf +file to use in place of +.Pa /etc/resolv.conf .It Ev LOCALDEF default environment file .El @@ -684,7 +685,7 @@ authored by Andrew Cherenson. .Sh BUGS .Ic Dig has a serious case of "creeping featurism" -- the result of -considering several potential uses during its development. It would +considering several potential uses during it's development. It would probably benefit from a rigorous diet. Similarly, the print flags and granularity of the items they specify make evident their rather ad hoc genesis. diff --git a/contrib/bind/doc/man/dnssigner.1 b/contrib/bind/doc/man/dnssigner.1 deleted file mode 100644 index 1fb4ce4..0000000 --- a/contrib/bind/doc/man/dnssigner.1 +++ /dev/null @@ -1,213 +0,0 @@ -.\" Copyright (c) 1996 by Internet Software Consortium -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS -.\" ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE -.\" CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL -.\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR -.\" PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS -.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS -.\" SOFTWARE. -.\" -.\" $Id: dnssigner.1,v 8.2 1997/03/14 02:29:42 vixie Exp $ -.\" -.Dd October 25, 1996 -.Dt DNSSIGNER @CMD_EXT_U@ -.Os BSD 4 -.Sh NAME -.Nm dnssigner -.Nd add signatures to DNS zone files -.Sh SYNOPSIS -.Nm dnssigner -.Op Cm signer-name Ar default_signer -.Op Cm boot-file Ar file -.Op Cm debug-file Ar file -.Op Cm out-dir Ar directory -.Op Cm seq-no Ar number -.Oo -.Cm expiration-time -.Oo Po Cm + -.Ns \&| -.Ns Cm = -.Pc Oc -.Ns Ar time -.Oc -.Op Cm hide -.Op Cm noaxfr -.Op Cm nosign -.Op Cm verify -.Op Cm update-zonekey -.Op Fl d Ns Ar level -.Sh DESCRIPTION -.Ic Dnssigner -(Sign DNS zone database) is a tool to generate signatures -for DNS (Domain Name System) resource records. It also generates -NXT records for each zone. -.Pp -.Bl -tag -width Fl -.It Cm signer-name Ar default_signer -Specifies a name of the key to use if no signer is defined using the -.Em Li $SIGNER -directive in the boot files. -.It Cm boot-file Ar file -Specifies the control file for -.Ic dnssigner , -which is in the same format as the BIND-4 -.Pa named.boot -file. -.It Cm debug-file Ar file -Redirect debug output to the specified -.Ar file ; -default is -.Pa signer_out -in the current directory. -.It Cm out-dir Ar directory -Write signed files to thie specified -.Ar directory ; -default is to use -.Pa /tmp . -.Pp -.Sy NOTE : -Specify the full path to this directory; relative paths may not work. -.It Xo Cm expiration-time -.Oo Po Cm + -.Ns \&| -.Ns Cm = -.Pc Oc -.Ns Ar time -.Xc -Time when the signature records are to -expire. Using either -.Dq Cm = -or -.Em no -sign before the -.Ar time -argument -.Po i.e., -.Do Op Cm = -.Ns Ar time -.Dc -.Pc , -the -.Ar time -is interpreted as an absolute time in seconds when the records will expire. -.Po Sy NOTE : - All such times are interpreted as Universal Times. -.Pc -With -.Dq Cm + -specified -.Pq i.e., Dq Cm + Ns Ar time , -the -.Ar time -time is interpreted as an offset into the future. -.Pp -If not specified on the command line, the default -.Cm expiration-time -is 3600*24*30 sec (30 days). -.It Cm seq-no Ar number -Force the serial number in the SOA records to the specified value. -If this parameter is not set, the serial number will be set to a value -based on the current time. -.It Cm hide -This flag will cause NXT records in zones with wildcard -records to point to -.Li *.<zone> -as the next host. The purpose of this -flag is to hide all information about valid names in a zone. -.It Cm noaxfr -Turn of generation of zone transfer signature records, -which validate the transfer of an entire zone. -.It Cm nosign -When this flag is specified, the boot files are read, NXT -records are generated and zone file is written to the output -directory. No SIG records are generated. This flag is useful for -quickly checking the format of the data in the boot files, and to -have boot files sorted into DNSSEC order. -.It Cm verify -When this flag is present, -.Ic dnssigner -will verify all -signed records and print out a confirmation message for each SIG -verified. The main use of this flag is to see how long it takes to -generate each signature. -.It Cm update-zonekey -If this flag is specified, then the zonekeys used -to sign files will be updated with new records. Specify this flag if -one or more of the keys have been updated. If there are no zonekeys -specified in the boot files, this flag will insert them. Omitting -zonekeys will cause primary nameservers to reject the zone. -.It Fl d Ns Ar level -Debug level to use for running -.Ic dnssigner ; -these levels are the same as those used by -.Xr @INDOT_U@NAMED @SYS_OPS_EXT_U@ -.El -.Ss DETAILS -.Ic Dnssigner -reads BIND-4 -.Pa named.boot -and zone files, adds SIG and NXT -records and writes out the records (to one file per zone, regardless of -how many include files the original zone was in). The files generated by -.Ic dnssigner -are ordinary textual zone files and are then normally -loaded by -.Xr @INDOT_U@NAMED @SYS_OPS_EXT_U@ -to serve the zone. -.Ic Dnssigner -\fBrequires that the PRIVATE key(s) reside in the input directory\fP. -.Pp -Making manual changes to the output files is hazardous, because most -changes will invalidate one or more signatures contained therein. This -will cause the zone to fail to load into -.Xr @INDOT_U@NAMED @SYS_OPS_EXT_U@ , -or will cause subsequent -failures in retrieving records from the zone. It is far better to make -changes in -.Ic dnssigner's -input files, and rerun -.Ic dnssigner . -.Pp -When -.Ic dnssigner -detects a delegation point, it creates a special file -.Pa <zone_name>.PARENT -which contains the RR's the parent zone signs for the -child zone (NS, KEY, NXT). The intent is that the child will include this -file when loading primary nameservers. Similarly, each zone file ends -with the -.Dq Li #include <zone_name>.PARENT -command. The records -in the -.Pa .PARENT -files are omitted from the SIG(AXFR) calculations as these -records usualy are on a different signing cycle. -.Pp -The -.Em Li Dq $SIGNER Op Ar keyname -directive can be used to change signers in a -zone. If -.Ar keyname -is omitted, signing is turned off. Keys are loaded the -first time the keys are accessed. Only records that are signed by the -zone signer (the key that signs the SOA) are included in the SIG(AXFR) -calculation. It is not generally recommended that multiple keys sign -records in the same zone, unless this is useful for dynamic updates. -.Sh ENVIRONMENT -No environmental variables are used. -.Sh SEE ALSO -.Xr @INDOT_U@NAMED @SYS_OPS_EXT_U@ , -RSAREF documentation, -Internet-Draft -.Em draft-ietf-dnssec-secext-10.txt -on Secure DNS, or its successor. -.Sh AUTHOR -Olafur Gudmundsson (ogud@tis.com) -.Sh ACKNOWLEDGMENTS -The underlying crypto math is done by the RSAREF or BSAFE libraries. diff --git a/contrib/bind/doc/man/host.1 b/contrib/bind/doc/man/host.1 index 858bd6e..ae5736a 100644 --- a/contrib/bind/doc/man/host.1 +++ b/contrib/bind/doc/man/host.1 @@ -1,3 +1,4 @@ +.\" $FreeBSD$ .\" ++Copyright++ 1993 .\" - .\" Copyright (c) 1993 diff --git a/contrib/bind/doc/man/nslookup.8 b/contrib/bind/doc/man/nslookup.8 index 54c45b6..e33993c 100644 --- a/contrib/bind/doc/man/nslookup.8 +++ b/contrib/bind/doc/man/nslookup.8 @@ -53,6 +53,7 @@ .\" --Copyright-- .\" .\" @(#)nslookup.8 5.3 (Berkeley) 6/24/90 +.\" $FreeBSD$ .\" .Dd June 24, 1990 .Dt NSLOOKUP @SYS_OPS_EXT_U@ @@ -111,8 +112,9 @@ or type The command line length must be less than 256 characters. To treat a built-in command as a host name, precede it with an escape character -.Pq .&\\ . -.Sy N.B.: An unrecognized command will be interpreted as a host name. +.Pq \e +.Sy N.B.: +An unrecognized command will be interpreted as a host name. .Bl -tag -width "lserver" .It Ar host Op Ar server Look up information for |
