Accueil Explorer Aide
Connexion
zorun
/
kea
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

[master] update verbose explanation, document query_acl, add some history

The query_acl now has some beginning docs here, but needs more.
Jeremy C. Reed il y a 13 ans
Parent
745ebcec89
commit
7cdda20613
1 fichiers modifiés avec 24 ajouts et 4 suppressions
Vue séparée Afficher les stats Diff
  1. 24 4
      src/bin/resolver/b10-resolver.xml

+ 24 - 4
src/bin/resolver/b10-resolver.xml
Voir le fichier 

@@ -20,7 +20,7 @@
 
 <refentry>
 
 
   <refentryinfo>
 
-    <date>February 17, 2011</date>
 
+    <date>August 16, 2011</date>
 
   </refentryinfo>
 
 
   <refmeta>
 
@@ -99,11 +99,14 @@
 
         </listitem>
 
       </varlistentry>
 
 
+<!-- TODO: this needs to be fixed as -v on command line
 
+should imply stdout or stderr output also -->
 
+<!-- TODO: can this -v be overidden by configuration or bindctl? -->
 
       <varlistentry>
 
         <term><option>-v</option></term>
 
         <listitem><para>
 
-          Enabled verbose mode. This enables diagnostic messages to
 
-          STDERR.
 
+          Enable verbose mode.
 
+          This sets logging to the maximum debugging level.
 
         </para></listitem>
 
       </varlistentry>
 
 
@@ -147,6 +150,22 @@ once that is merged you can for instance do 'config add Resolver/forward_address
 
     </para>
 
 
     <para>
 
+<!-- TODO: need more explanation or point to guide. -->
 
+<!-- TODO: what about a netmask or cidr? -->
 
+<!-- TODO: document "key" -->
 
+<!-- TODO: where are the TSIG keys defined? -->
 
+<!-- TODO: key and from are mutually exclusive? what if both defined? -->
 
+      <varname>query_acl</varname> is a list of query access control
 
+      rules. The list items are the <varname>action</varname> string
 
+      and the <varname>from</varname> or <varname>key</varname> strings.
 
+      The possible actions are ACCEPT, REJECT and DROP.
 
+      The <varname>from</varname> is a remote (source) IPv4 or IPv6
 
+      address or special keyword.
 
+      The <varname>key</varname> is a TSIG key name.
 
+      The default configuration accepts queries from 127.0.0.1 and ::1.
 
+    </para>
 
+
 
+    <para>
 
       <varname>retries</varname> is the number of times to retry
 
       (resend query) after a query timeout
 
       (<varname>timeout_query</varname>).
 
@@ -234,7 +253,8 @@ once that is merged you can for instance do 'config add Resolver/forward_address
 
       The <command>b10-resolver</command> daemon was first coded in
 
       September 2010. The initial implementation only provided
 
       forwarding. Iteration was introduced in January 2011.
 
-<!-- TODO: document when caching was added -->
 
+      Caching was implemented in February 2011.
 
+      Access control was introduced in June 2011.
 
 <!-- TODO: document when validation was added -->
 
     </para>
 
   </refsect1>