[5407] Updated legal logging configuration for subnets.

diff --git a/doc/guide/dhcp4-srv.xml b/doc/guide/dhcp4-srv.xml
index b0070184be427c4bee809de44fe6622b1bd68bbf..572ed8f83f46bc347a863c32cbaafd09daf223f8 100644 (file)
--- a/doc/guide/dhcp4-srv.xml
+++ b/doc/guide/dhcp4-srv.xml
@@ -4617,7 +4617,7 @@ autogenerated IDs are not stable across configuration changes.</para>
       </itemizedlist>
     </section>
 
-      <section>
+      <section id="dhcp4-user-contexts">
         <title>User contexts in IPv4</title>
         <para>
           Kea allows loading hook libraries that sometimes could benefit from

diff --git a/doc/guide/dhcp6-srv.xml b/doc/guide/dhcp6-srv.xml
index 06d5717aede1433e238fc011cb732005fb064f9d..158c06bfddab8ddf65d7fb00b1358387a1ce23f6 100644 (file)
--- a/doc/guide/dhcp6-srv.xml
+++ b/doc/guide/dhcp6-srv.xml
@@ -4578,7 +4578,7 @@ autogenerated IDs are not stable across configuration changes.
 
     </section>
 
-      <section>
+      <section id="dhcp6-user-contexts">
         <title>User contexts in IPv6</title>
         <para>
           Kea allows loading hook libraries that sometimes could benefit from

diff --git a/doc/guide/hooks.xml b/doc/guide/hooks.xml
index 3be72d337b114dc0638be41ac21624978668de22..a288ec57c1ee8a1c8842d1f12ca01ec126822a86 100644 (file)
--- a/doc/guide/hooks.xml
+++ b/doc/guide/hooks.xml
@@ -685,6 +685,59 @@ Administrator deleted a lease for a device identified by: duid of 1a:1b:1c:1d:1e
             </para></listitem>
           </itemizedlist>
           </para>
+
+          <para>
+            If it is desired to restrict forensic logging to certain subnets, the
+            "legal-logging" boolean parameter can be specified within a user context of
+            these subnets. For example:
+<screen>
+"Dhcpv4" {
+    "subnet4": [
+        {
+            "subnet": "192.0.2.0/24",
+            "pools": [
+                {
+                     "pool": "192.0.2.1 - 192.0.2.200"
+                }
+            ],
+            <userinput>"user-context": {
+                "legal-logging": false
+            }</userinput>
+        }
+    ]
+}
+</screen>
+              disables legal logging for the subnet "192.0.2.0/24". If this parameter
+              is not specified, it defaults to 'true', which enables legal logging for
+              the subnet.
+          </para>
+
+          <para>
+            The following example demonstrates how to selectively disable legal logging
+            for an IPv6 subnet.
+<screen>
+"Dhcpv6": {
+    "subnet6": [
+        {
+            "subnet": "2001:db8:1::/64",
+            "pools": [
+                 {
+                     "pool": "2001:db8:1::1-2001:db8:1::ffff"
+                 }
+            ],
+            <userinput>"user-context": {
+                "legal-logging": false
+            }</userinput>
+        }
+    ]
+}
+</screen>
+          </para>
+
+          <para>
+            See <xref linkend="dhcp4-user-contexts"/> and <xref linkend="dhcp6-user-contexts"/>
+            to learn more about user contexts in Kea configuration.
+          </para>
         </section>
       </section>