- Fix #678: [FR] modify behaviour of unbound-control rpz_enable zone,

  by updating unbound-control's documentation.

diff --git a/doc/Changelog b/doc/Changelog
index 0caa36e4e9ba282511be91796db9788090cd1d48..74e424a4612aee326184db83224cb563865ca313 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,7 @@
+15 May 2022: George
+       - Fix #678: [FR] modify behaviour of unbound-control rpz_enable zone,
+         by updating unbound-control's documentation.
+
 12 May 2022: George
        - Fix #417: prefetch and ECS causing cache corruption when used
          together.

diff --git a/doc/unbound-control.8.in b/doc/unbound-control.8.in
index 2f39104633fa21feaf2d28ba0b8b199865cc9555..b15ab79d0da2e12d73c827689bfba7f121f7bc42 100644 (file)
--- a/doc/unbound-control.8.in
+++ b/doc/unbound-control.8.in
@@ -289,20 +289,22 @@ just the ratelimited ips, with their estimated qps.  The ratelimited
 ips are dropped before checking the cache.
 .TP
 .B list_auth_zones
-List the auth zones that are configured.  Printed one per line with a
-status, indicating if the zone is expired and current serial number.
+List the auth zones that are configured.  Printed one per line with a status,
+indicating if the zone is expired and current serial number.  Configured RPZ
+zones are included.
 .TP
 .B auth_zone_reload \fIzone\fR
-Reload the auth zone from zonefile.  The zonefile is read in overwriting
-the current contents of the zone in memory.  This changes the auth zone
-contents itself, not the cache contents.  Such cache contents exists if
-you set Unbound to validate with for-upstream yes and that can be cleared
-with \fBflush_zone\fR \fIzone\fR.
+Reload the auth zone (or RPZ zone) from zonefile.  The zonefile is read in
+overwriting the current contents of the zone in memory.  This changes the auth
+zone contents itself, not the cache contents.  Such cache contents exists if
+you set Unbound to validate with for-upstream yes and that can be cleared with
+\fBflush_zone\fR \fIzone\fR.
 .TP
 .B auth_zone_transfer \fIzone\fR
-Transfer the auth zone from master.  The auth zone probe sequence is started,
-where the masters are probed to see if they have an updated zone (with the SOA
-serial check).  And then the zone is transferred for a newer zone version.
+Transfer the auth zone (or RPZ zone) from master.  The auth zone probe sequence
+is started, where the masters are probed to see if they have an updated zone
+(with the SOA serial check).  And then the zone is transferred for a newer zone
+version.
 .TP
 .B rpz_enable \fIzone\fR
 Enable the RPZ zone if it had previously been disabled.

diff --git a/smallapp/unbound-control.c b/smallapp/unbound-control.c
index a22ad5433697f2ee2864f16f8596bed37c4d8f3e..89543e45de7cfbbcf67d9e452be6ccb477a36742 100644 (file)
--- a/smallapp/unbound-control.c
+++ b/smallapp/unbound-control.c
@@ -155,9 +155,9 @@ usage(void)
        printf("  ratelimit_list [+a]           list ratelimited domains\n");
        printf("  ip_ratelimit_list [+a]        list ratelimited ip addresses\n");
        printf("                +a              list all, also not ratelimited\n");
-       printf("  list_auth_zones               list auth zones\n");
-       printf("  auth_zone_reload zone         reload auth zone from zonefile\n");
-       printf("  auth_zone_transfer zone       transfer auth zone from master\n");
+       printf("  list_auth_zones               list auth zones (includes RPZ zones)\n");
+       printf("  auth_zone_reload zone         reload auth zone (or RPZ zone) from zonefile\n");
+       printf("  auth_zone_transfer zone       transfer auth zone (or RPZ zone) from master\n");
        printf("  view_list_local_zones view    list local-zones in view\n");
        printf("  view_list_local_data  view    list local-data RRs in view\n");
        printf("  view_local_zone view name type        add local-zone in view\n");