- Better documentation for unblock-lan-zones and insecure-lan-zones

  config statements.

git-svn-id: file:///svn/unbound/trunk@4768 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index 46f08d2943a93e94f38bff08eec553f787020b13..79746e4b81e39c6a22138f244d87a8a26d539c95 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,7 @@
+3 July 2018: Wouter
+       - Better documentation for unblock-lan-zones and insecure-lan-zones
+         config statements.
+
 2 July 2018: Wouter
        - Fix checking for libhiredis printout in configure output.
        - Fix typo on man page in ip-address description.

diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in
index e29bdf1b91b4d4a3df0b95d0d306c46ff497d80d..b5429fdf92648c18a0c5771574c3787598d722f4 100644 (file)
--- a/doc/unbound.conf.5.in
+++ b/doc/unbound.conf.5.in
@@ -1012,7 +1012,7 @@ Number of bytes size of the aggressive negative cache. Default is 1 megabyte.
 A plain number is in bytes, append 'k', 'm' or 'g' for kilobytes, megabytes
 or gigabytes (1024*1024 bytes in a megabyte).
 .TP
-.B unblock\-lan\-zones: \fI<yesno>
+.B unblock\-lan\-zones: \fI<yes or no>
 Default is disabled.  If enabled, then for private address space,
 the reverse lookups are no longer filtered.  This allows unbound when
 running as dns service on a host where it provides service for that host,
@@ -1023,7 +1023,7 @@ as a (DHCP-) DNS network resolver for a group of machines, where such
 lookups should be filtered (RFC compliance), this also stops potential
 data leakage about the local network to the upstream DNS servers.
 .TP
-.B insecure\-lan\-zones: \fI<yesno>
+.B insecure\-lan\-zones: \fI<yes or no>
 Default is disabled.  If enabled, then reverse lookups in private
 address space are not validated.  This is usually required whenever
 \fIunblock\-lan\-zones\fR is used.