* bugfix: ldns-dane manpage correction
Thanks Erwin Lansing
* Spelling fixes. Thanks Andreas Schulze
+ * Hyphen used as minus in manpages. Thanks Andreas Schulze.
1.6.17 2014-01-10
* Fix ldns_dnssec_zone_new_frm_fp_l to allow the last parsed line of a
Show the MX records of the domain miek.nl
.TP
-\fBdrill -S jelte.nlnetlabs.nl\fR
+\fBdrill \-S jelte.nlnetlabs.nl\fR
Chase any signatures in the jelte.nlnetlab.nl domain. This option is
only available when ldns has been compiled with openssl-support.
.TP
-\fBdrill -TD www.example.com\fR
-Do a DNSSEC (-D) trace (-T) from the rootservers down to www.example.com.
+\fBdrill \-TD www.example.com\fR
+Do a DNSSEC (\-D) trace (\-T) from the rootservers down to www.example.com.
This option only works when ldns has been compiled with openssl support.
.TP
-\fBdrill -s dnskey jelte.nlnetlabs.nl\fR
+\fBdrill \-s dnskey jelte.nlnetlabs.nl\fR
Show the DNSKEY record(s) for jelte.nlnetlabs.nl. For each found DNSKEY
record also print the DS record.
.TP
\fB\-Q
-Quiet mode, this overrules -V.
+Quiet mode, this overrules \-V.
.TP
\fB\-f \fIfile\fR
-Read the query from a file. The query must be dumped with -w.
+Read the query from a file. The query must be dumped with \-w.
.TP
\fB\-i \fIfile\fR
.TP
\fB\-d \fIdomain\fR
-When tracing (-T), start from this domain instead of the root.
+When tracing (\-T), start from this domain instead of the root.
.TP
\fB\-t
.TP
\fB\-r \fIfile\fR
-When tracing (-T), use file as a root servers hint file.
+When tracing (\-T), use file as a root servers hint file.
.TP
\fB\-s
.TP
\fB\-w \fIfile\fR
write the answer to a file. The file will contain a hexadecimal dump
-of the query. This can be used in conjunction with -f.
+of the query. This can be used in conjunction with \-f.
.TP
\fB\-x
\fBldns-compare-zones\fR reads two DNS zone files and prints number of differences.
.nf
Output is formated to:
- +NUM_INS -NUM_DEL ~NUM_CHG
+ +NUM_INS \-NUM_DEL ~NUM_CHG
.fi
The major comparison is based on the owner name. If an owner name is present in zonefile 1, but not in zonefile 2, the resource records with this owner name are considered deleted, and counted as NUM_DEL. If an owner name is present in zonefile 2, but not in zonefile 1, the resource records with this owner name are considered inserted, and counted as NUM_INS. If an owner name is present in both, but there is a difference in the amount or content of the records, these are considered changed, and counted as NUM_CHG.
Print resource records whose owner names are present only in ZONEFILE1 (a.k.a. deleted)
.TP
\fB-a\fR
-Print all changes. Specifying this option is the same as specifying -c -i
-amd -d.
+Print all changes. Specifying this option is the same as specifying \-c \-i
+amd \-d.
.TP
\fB-z\fR
Suppress zone sorting; this option is not recommended; it can cause records
of the validation chain. 0 means the last certificate, 1 the one but last,
2 the second but last, etc.
-When \fIoffset\fR is -1 (the default), the last certificate
+When \fIoffset\fR is \-1 (the default), the last certificate
is used (like with 0) that MUST be self-signed. This can help to make
sure that the intended (self signed) trust anchor is actually present
in the server certificate chain (which is a DANE requirement).
.TP
\fB-p\fR
-Show the total number of correct DNS packets, and percentage of -u and
--c values (of the total of matching on the -f filter. if no filter is
+Show the total number of correct DNS packets, and percentage of \-u and
+\-c values (of the total of matching on the \-f filter. if no filter is
given, percentages are on all correct dns packets)
.TP
\fB-of\fR \fIfile\fR
-Write all packets that match the -f flag to file, as pcap data.
+Write all packets that match the \-f flag to file, as pcap data.
.TP
\fB-ofh\fR \fIfile\fR
-Write all packets that match the -f flag to file, in hexadecimal format,
+Write all packets that match the \-f flag to file, in hexadecimal format,
readable by drill.
.TP
.TP
\fB-sf\fR
-Only evaluate packets (in representation format) that match the -f filter.
-If no -f was given, evaluate all correct dns packets.
+Only evaluate packets (in representation format) that match the \-f filter.
+If no \-f was given, evaluate all correct dns packets.
.TP
\fB-u\fR \fImatchnamelist\fR
.TP
\fB-ua\fR
-For every matchname in -u, show the average value of all matches. Behaviour for match types that do not have an integer value is undefined.
+For every matchname in \-u, show the average value of all matches. Behaviour for match types that do not have an integer value is undefined.
.TP
\fB-uac\fR
-For every matchname in -u, show the average number of times this value was encountered.
+For every matchname in \-u, show the average number of times this value was encountered.
.TP
\fB-um\fR \fInumber\fR
-Only show the results from -u for values that occurred more than <number> times.
+Only show the results from \-u for values that occurred more than <number> times.
.TP
\fB-v\fR \fIlevel\fR
.SH LIST AND MATCHES
-A <matchnamelist> is a comma separated list of match names (use -s to see possible match names).
+A <matchnamelist> is a comma separated list of match names (use \-s to see possible match names).
A <expressionlist> is a comma separated list of expressions.
An expression has the following form:
<= lesser than or equal to <value>
~= contains <value>
-See the -s option for possible matchnames, operators and values.
+See the \-s option for possible matchnames, operators and values.
.SH EXAMPLES
.TP
-ldns-dpa -u packetsize -p test.tr
+ldns-dpa \-u packetsize \-p test.tr
Count all different packetsizes in test.tr and show the precentages.
.TP
-ldns-dpa -f "edns=1&qr=0" -of edns.tr test.tr
+ldns-dpa \-f "edns=1&qr=0" \-of edns.tr test.tr
Filter out all edns enable queries in test.tr and put them in edns.tr
.TP
-ldns-dpa -f edns=1 -c tc=1 -u rcode test.tr
+ldns-dpa \-f edns=1 \-c tc=1 \-u rcode test.tr
For all edns packets, count the number of truncated packets and all their rcodes in test.tr.
.TP
-ldns-dpa -c tc=1,qr=0,qr=1,opcode=QUERY test.tr
+ldns-dpa \-c tc=1,qr=0,qr=1,opcode=QUERY test.tr
For all packets, count the number of truncated packets, the number of packets with qr=0, the number of packets with qr=1 and the number of queries in test.tr.
.TP
-ldns-dpa -u packetsize -ua test.tr
+ldns-dpa \-u packetsize \-ua test.tr
Show all packet sizes and the average packet size per packet.
.TP
-ldns-dpa -u srcaddress -uac test.tr
+ldns-dpa \-u srcaddress \-uac test.tr
Show all packet source addresses and the average number of packets sent from this address.
.TP
-sudo tcpdump -i eth0 -s 0 -U -w - port 53 | ldns-dpa -f qr=0 -sf
+sudo tcpdump \-i eth0 \-s 0 \-U \-w \- port 53 | ldns-dpa \-f qr=0 \-sf
Print all query packets seen on the specified interface.
.SH EXAMPLES
.TP
-\fBldns-gen-zone -a 100000 -p 10 -s ./zonefile.txt\fR
+\fBldns-gen-zone \-a 100000 \-p 10 \-s ./zonefile.txt\fR
Read a zonefile, add 100.000 artificial NS RRSets and 10% of DS records,
print it to standard output. Don't sort (will only work well if the input
zonefile is already sorted and canonicalized).
.TP
-\fBldns-gen-zone -p 10 -s -o nl zonefile.txt | named-compilezone -s relative -i none -o zonefile_10.txt nl /dev/stdin\fR
+\fBldns-gen-zone \-p 10 \-s \-o nl zonefile.txt | named-compilezone \-s relative \-i none \-o zonefile_10.txt nl /dev/stdin\fR
This creates a nicely formatted zone file with the help of \fBnamed-compilezone\fR.
It adds 10% DS records to the .nl zone, reformats it and saves it as \fBzonefile_10.txt\fR.
.SH SYNOPSIS
.B ldns-notify
[options]
--z zone
+\-z zone
.IR servers
.SH DESCRIPTION
.TP
\fB-z\fR
-Sort the zone before printing (this implies -c)
+Sort the zone before printing (this implies \-c)
.SH AUTHOR
.SH ENGINE OPTIONS
You can modify the possible engines, if supported, by setting an
OpenSSL configuration file. This is done through the environment
-variable OPENSSL_CONF. If you use -E with a non-existent engine name,
+variable OPENSSL_CONF. If you use \-E with a non-existent engine name,
ldns-signzone will print a list of engines supported by your
configuration.
-The key options (-k and -K) work as follows; you specify a key id, and a DNSSEC algorithm number (for instance, 5 for RSASHA1). The key id can be any of the following:
+The key options (\-k and \-K) work as follows; you specify a key id, and a DNSSEC algorithm number (for instance, 5 for RSASHA1). The key id can be any of the following:
<id>
<slot>:<id>
.TP
\fB-S\fR
Chase signature(s) to a known key.
-The network may be accessed to validate the zone's DNSKEYs. (implies -k)
+The network may be accessed to validate the zone's DNSKEYs. (implies \-k)
.TP
\fB-t\fR \fIYYYYMMDDhhmmss | [+|-]offset\fR
projects / thirdparty / ldns.git / commitdiff
