print(worker.stats().concurrent)
+Using CLI tools
+===============
+
+* ``kresd-host.lua`` - a drop-in replacement for *host(1)* utility
+
+Queries the DNS for information.
+The hostname is looked up for IP4, IP6 and mail.
+
+Example:
+
+.. code-block:: bash
+
+ $ kresd-host.lua -f root.key -v nic.cz
+ nic.cz. has address 217.31.205.50 (secure)
+ nic.cz. has IPv6 address 2001:1488:0:3::2 (secure)
+ nic.cz. mail is handled by 10 mail.nic.cz. (secure)
+ nic.cz. mail is handled by 20 mx.nic.cz. (secure)
+ nic.cz. mail is handled by 30 bh.nic.cz. (secure)
+
+* ``kresd-query.lua`` - run the daemon in zero-configuration mode, perform a query and execute given callback.
+
+This is useful for executing one-shot queries and hooking into the processing of the result,
+for example to check if a domain is managed by a certain registrar or if it's signed.
+
+Example:
+
+.. code-block:: bash
+
+ $ kresd-query.lua www.sub.nic.cz 'assert(kres.dname2str(req:resolved().zone_cut.name) == "nic.cz.")' && echo "yes"
+ yes
+ $ kresd-query.lua -C 'trust_anchors.config("root.keys")' nic.cz 'assert(req:resolved():hasflag(kres.query.DNSSEC_WANT))'
+ $ echo $?
+ 0
+
.. _`JSON-encoded`: http://json.org/example
.. _`Learn Lua in 15 minutes`: http://tylerneylon.com/a/learn-lua/
.. _`PowerDNS Recursor`: https://doc.powerdns.com/md/recursor/scripting/
__index = {
current = function(req)
assert(req)
+ if req.current_query == nil then return nil end
return req.current_query
end,
resolved = function(req)
assert(req)
- return C.kr_rplan_resolved(C.kr_resolve_plan(req))
+ qry = C.kr_rplan_resolved(C.kr_resolve_plan(req))
+ if qry == nil then return nil end
+ return qry
+
end,
push = function(req, qname, qtype, qclass, flags, parent)
assert(req)
trust_anchors.keyset = {}
if trust_anchors.update(new_keys, true) then
if trust_anchors.refresh_ev ~= nil then event.cancel(trust_anchors.refresh_ev) end
- refresh_plan(trust_anchors, 5 * sec, active_refresh, true, false)
+ refresh_plan(trust_anchors, 10 * sec, active_refresh, true, false)
end
end,
-- Add DS/DNSKEY record(s) (unmanaged)
end,
}
-return trust_anchors
\ No newline at end of file
+return trust_anchors
[-f keyfile] hostname
Queries the DNS for information.
The hostname is looked up for IP4, IP6 and mail.
- If an ip-address is given a reverse lookup is done.
Use the -v option to see DNSSEC security information.
-t type what type to look for.
-c class what class to look for, if not class IN.
projects / thirdparty / knot-resolver.git / commitdiff
