Created
July 5, 2011 15:29
-
-
Save mat813/1065061 to your computer and use it in GitHub Desktop.
Bind's config augias lense (WIP)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(* | |
Module: Named | |
parses /etc/namedb/named.conf | |
Author: Mathieu Arnold <mat@FreeBSD.org> | |
About: Reference | |
This lens tries to keep as close as possible to the bind documentation where | |
possible. An online source being : | |
http://www.freebsd.org/cgi/man.cgi?query=syslog.conf&sektion=5 | |
About: Licence | |
This file is licensed under the BSD License. | |
About: Lens Usage | |
To be documented | |
About: Configuration files | |
This lens applies to /etc/namedb/named.conf. See <filter>. | |
*) | |
module Named = | |
autoload xfm | |
(************************************************************************ | |
* Group: USEFUL PRIMITIVES | |
*************************************************************************) | |
(* Group: Comments and empty lines *) | |
(* Variable: empty *) | |
let empty = Util.empty | |
(* Variable: eol *) | |
let eol = Util.eol | |
(* Variable: sep_tab *) | |
let sep_tab = Sep.tab | |
(* Variable: indent *) | |
let indent = Util.indent | |
let chr_blank = /[ \t]/ | |
let chr_nblank = /[^ \t\n]/ | |
let chr_any = /./ | |
let chr_star = /\*/ | |
let chr_nstar = /[^\* \t\n]/ | |
let chr_slash = /\// | |
let chr_nslash = /[^\/ \t\n]/ | |
let chr_nsemicolon = /[^ \t\n;\#\/\*\{\}]/ | |
let str_no_ip = /[^ \t\n;:\#\/\*\{\}]*[^ \t\n;:\#\/\*\{\}0-9]/ | |
let boolean = ("yes" | "no") | |
let warn_fail_ignore = ( "warn" | "fail" | "ignore" ) | |
(* Group: single characters macro *) | |
(* Variable: semicolon | |
Deletes a semicolon and default to it | |
*) | |
let semicolon = del /[ \t]*;/ ";" | |
let body_start = del /\{([ \t]*\n)?/ "{" | |
let body_end = del /[ \t]*\}/ "}" | |
let sto_to_eol = store /([^ \t\n].*[^ \t\n]|[^ \t\n])/ | |
let numbers = /[0-9]+/ | |
let subnet = Rx.ip | Rx.ip . /\// . numbers | |
let del_blank0 = del chr_blank* "" | |
let del_blank1 = del chr_blank+ " " | |
(************************************************************************ | |
* Group: LENSE DEFINITION | |
*************************************************************************) | |
(************************************************************************ | |
* COMMENTS | |
*************************************************************************) | |
let comment_re = chr_nblank | |
| ( chr_nblank . chr_any* | |
. ( chr_star . chr_nslash | |
| chr_nstar . chr_slash | |
| chr_nstar . chr_nslash | |
| chr_blank . chr_nblank ) ) | |
let comment_first_line | |
= [ del /([ \t]*\n)?[ \t]*/ "" | |
. seq "#comment" | |
. store comment_re | |
] | |
let comment_other_line | |
= [ del /[ \t]*\n[ \t\n]*/ "\n" | |
. seq "#comment" | |
. store comment_re | |
] | |
let comment_end | |
= del /[ \t\n]*/ "" . del (chr_star . chr_slash) "*/" | |
let comment_extended | |
= [ indent | |
. del (chr_slash . chr_star) "/*" | |
. label "#comment" | |
. counter "#comment" | |
. ( (comment_first_line . comment_other_line+) | |
| comment_first_line?) | |
. comment_end | |
. eol ] | |
let comment_inline | |
= [ indent | |
. del (chr_slash . chr_slash) "//" | |
. label "#inline" | |
. indent | |
. sto_to_eol | |
. eol ] | |
let comment = comment_extended | comment_inline | Util.comment | |
(**** | |
* Generic functions | |
*) | |
let quoted_string = Util.del_str "\"" . store /[^"]+/ . Util.del_str "\"" | |
let element (attr:lens) = | |
(comment | indent . attr . semicolon) . eol* | |
let list0 (attr:lens) = | |
(element attr)* | |
let list1 (attr:lens) = | |
(element attr)+ | |
let raw_body (attrs:lens) = | |
body_start . attrs . body_end | |
let body (attr:lens) = | |
raw_body (list0 attr) | |
let group (name:string) (attr:lens) = | |
[ key name | |
. del_blank1 | |
. store /[a-z]+/ | |
. del_blank0 | |
. body attr | |
] | |
let attr_one (k:regexp) (v:regexp) = | |
[key k . del_blank1 . store v] | |
let address_match_subnet = [label "ip" . store subnet] | |
let address_match_key = [key "key" . del_blank1 . store chr_nsemicolon+] | |
let address_match_acl_name = [label "acl" . store /[^ \t\n;:.\#\/\*\{\}]+/] | |
let address_match_list = body (address_match_subnet | address_match_key | address_match_acl_name) | |
let lns_port_raw (port:regexp) = key "port" . del_blank1 . store port | |
let lns_port = lns_port_raw numbers | |
let size_spec = | |
( "unlimited" | |
| "default" | |
| (numbers . (/[KkMmGg]/)?) | |
) | |
let port_list = | |
body [ label "port" . store numbers ] | |
| raw_body ( | |
[ del_blank0 | |
. key "range" | |
. del_blank1 | |
. [ label "port_low" . store numbers ] | |
. del_blank1 | |
. [ label "port_high" . store numbers ] | |
. semicolon ] ) | |
let string_port_raw (lb:string) (str:lens) (port:lens) = | |
[ label lb | |
. str | |
. [ del_blank1 . port ]? ] | |
let string_port (lb:string) (address:regexp) = | |
string_port_raw lb (store address) (lns_port) | |
let address_port_v46_raw (address:lens) (port:lens) = | |
string_port_raw "ip" address port | |
let address_port_v46 (address:regexp) = | |
address_port_v46_raw (store address) (lns_port) | |
(* ACL *) | |
(* missing the key possibility *) | |
let acl = | |
group "acl" address_match_subnet | |
(* Control *) | |
let controls_inet = | |
[ key "inet" . del_blank1 . store ( Rx.ip | "*" ) | |
. [ del_blank1 . lns_port ]? | |
. [ del_blank1 . key "allow" . del_blank1 . address_match_list ] | |
. [ del_blank1 . key "keys" . del_blank1 . body [ label "key" . quoted_string ] ] ] | |
let controls_unix = | |
[ key "unix" . del_blank1 . quoted_string | |
. [ del_blank1 . key "perm" . del_blank1 . store numbers ] | |
. [ del_blank1 . key "owner" . del_blank1 . store numbers ] | |
. [ del_blank1 . key "group" . del_blank1 . store numbers ] | |
. [ del_blank1 . key "keys" . del_blank1 . body [ label "key" . quoted_string ] ] ] | |
let controls = | |
[ key "controls" . del /[ \t]+/ " " . body ( controls_inet | controls_unix ) ] | |
(* Include *) | |
let include = [ key "include" . del_blank1 . quoted_string ] | |
(* Key *) | |
let tsig_key = | |
[ key "key" . del_blank1 . quoted_string . del_blank0 | |
. raw_body ( | |
[ del_blank0 . key "algorithm" . del_blank1 . store ( ( "hmac-md5" | "hmac-sha1" | "hmac-sha224" | "hmac-sha256" | "hmac-sha384" | "hmac-sha512" ) . (/-[0-9]+/)? ) ] | |
. semicolon | |
. [ del_blank0 . key "secret" . del_blank1 . quoted_string ] | |
. semicolon ) ] | |
(* Logging *) | |
let logging_channel = | |
let logging_destination = | |
[ del_blank0 . key "file" . del_blank1 . quoted_string | |
. [ del_blank0 . key "versions" . del_blank1 . store ( numbers | "unlimited" ) ]? | |
. [ del_blank0 . key "size" . del_blank1 . store size_spec ]? ] | |
| [ del_blank0 . key "syslog" . del_blank1 . store chr_nsemicolon+ ] | |
| [ del_blank0 . key ( "stderr" | "null" ) ] in | |
[ key "channel" | |
. del_blank1 | |
. store chr_nblank+ | |
. del_blank1 | |
. raw_body ( | |
logging_destination . semicolon | |
. [ del_blank1 . key "severity" . del_blank1 . ( | |
store ( "critical" | "error" | "warning" | "notice" | "info" | "debug" | "dynamic" ) | |
| ( store "debug" . [ del_blank1 . label "level" . store numbers ] ) ) . semicolon ]? | |
. [ del_blank1 . key ( "print-" . ( "category" | "severity" | "time" ) ) . del_blank1 . store boolean . semicolon ]? | |
) ] | |
let logging_category = | |
[ key "category" | |
. del_blank1 | |
. store chr_nblank+ | |
. del_blank1 | |
. body [ label "channel" . store chr_nsemicolon+ ] ] | |
let logging = [ key "logging" . del_blank1 . body (logging_channel | logging_category) ] | |
(* lwres *) | |
let lwres = | |
[ key "lwres" | |
. del_blank1 | |
. raw_body ( | |
[ del_blank0 . key "listen-on" . del_blank1 . address_port_v46 Rx.ip . semicolon ]? | |
. [ del_blank0 . key "view" . del_blank1 . store chr_nsemicolon+ . semicolon ]? | |
. [ del_blank0 . key "search" . del_blank1 . body [ label "domain_name" . store chr_nsemicolon+ ] . semicolon ]? | |
. [ del_blank0 . key "ndots" . del_blank1 . store numbers . semicolon ]? | |
) ] | |
(* masters *) | |
let masters_list_name = [ label "masters_list" . store str_no_ip ] | |
let masters_list_element = | |
[ label "master" | |
. store Rx.ip | |
. [ del_blank1 . lns_port ]? | |
. (del_blank1 . address_match_key)? ] | |
let masters = | |
let masters_list = (masters_list_name | masters_list_element) in | |
[ key "masters" | |
. del_blank1 | |
. store chr_nsemicolon+ | |
. [ del_blank1 . lns_port ]? | |
. del_blank0 | |
. body masters_list ] | |
(* Options *) | |
let options_attr_boolean = | |
attr_one ( "acache-enable" | "additional-from-auth" | "additional-from-cache" | "auth-nxdomain" | "check-integrity" | "check-sibling" | "check-wildcard" | "deallocate-on-exit" | "dnssec-accept-expired" | "dnssec-dnskey-kskonly" | "dnssec-enable" | "dnssec-must-be-secure" | "dnssec-secure-to-insecure" | "dnssec-validation" | "empty-zones-enable" | "fake-iquery" | "fetch-glue" | "flush-zones-on-shutdown" | "has-old-clients" | "host-statistics" | "maintain-ixfr-base" | "match-mapped-addresses" | "memstatistics" | "minimal-responses" | "multiple-cnames" | "notify-to-soa" | "provide-ixfr" | "querylog" | "recursion" | "request-ixfr" | "rfc2308-type1" | "treat-cr-as-space" | "try-tcp-refresh" | "update-check-ksk" | "use-alt-transfer-source" | "use-id-pool" | "use-ixfr" | "use-queryport-pool" | "zero-no-soa-ttl" | "zero-no-soa-ttl-cache" | "zone-statistics") boolean | |
let options_attr_number = | |
attr_one ("acache-cleaning-interval" | "cleaning-interval" | "clients-per-query" | "edns-udp-size" | "heartbeat-interval" | "host-statistics-max" | "interface-interval" | "lame-ttl" | "max-cache-ttl" | "max-clients-per-query" | "max-ixfr-log-size" | "max-ncache-ttl" | "max-refresh-time" | "max-retry-time" | "max-transfer-idle-in" | "max-transfer-idle-out" | "max-transfer-time-in" | "max-transfer-time-out" | "max-udp-size" | "min-refresh-time" | "min-retry-time" | "min-roots" | "port" | "queryport-pool-ports" | "queryport-pool-updateinterval" | "recursive-clients" | "reserved-sockets" | "serial-queries" | "serial-query-rate" | "sig-signing-nodes" | "sig-signing-signatures" | "sig-signing-type" | "statistics-interval" | "tcp-clients" | "tcp-listen-queue" | "transfers-in" | "transfers-out" | "transfers-per-ns") numbers | |
let options_attr_string = | |
[ key ("attach-cache" | "bindkeys-file" | "cache-file" | "directory" | "dump-file" | "hostname" | "key-directory" | "memstatistics-file" | "named-xfer" | "pid-file" | "random-device" | "recursing-file" | "statistics-file" | "tkey-domain" | "tkey-gssapi-credential" | "version") | |
. del_blank1 | |
. quoted_string ] | |
let options_dialup = | |
attr_one "dialup" ( boolean | "notify" | "refresh" | "passive" | "notify-passive" ) | |
let options_forwarders = | |
[ key "forwarders" | |
. del_blank1 | |
. body (address_port_v46 Rx.ip) ] | |
let options_address_match_list = | |
[ key ("allow-notify" | "allow-query" | "allow-query-cache" | "allow-query-cache-on" | "allow-query-on" | "allow-recursion" | "allow-recursion-on" | "allow-transfer" | "allow-update" | "allow-update-forwarding" | "allow-v6-synthesis" | "blackhole" | "sortlist" | "topology") | |
. del_blank1 | |
. address_match_list ] | |
let options_port_address_match_list = | |
let port = [ del_blank1 . lns_port ] in | |
let addr = [ del_blank1 . address_match_list ] in | |
[ key ("listen-on" | "listen-on-v6") | |
. ( port | addr | ( port . addr ) ) ] | |
let options_size_spec = | |
attr_one ("max-journal-size" | "coresize" | "datasize" | "files" | "stacksize" | "max-cache-size" | "max-acache-size") size_spec | |
let options_port_list = | |
[ key ("use-v4-udp-ports" | "avoid-v4-udp-ports" | "use-v6-udp-ports" | "avoid-v6-udp-ports") | |
. del_blank1 | |
. port_list ] | |
let options_address_port = | |
let options_address_port_v46 (k:regexp) (address:regexp) = | |
[ key k . del_blank1 . (address_port_v46 (address|"*")) ] in | |
options_address_port_v46 ("transfer-source" | "alt-transfer-source" | "notify-source") Rx.ipv4 | |
| options_address_port_v46 ("transfer-source-v6" | "alt-transfer-source-v6" | "notify-source-v6") Rx.ipv6 | |
let options_address_port2 = | |
let options_address_port_v46 (k:regexp) (address:regexp) = | |
[ key k | |
. del_blank1 | |
. (address_port_v46_raw (del /(address[ \t]+)?/ "" . store (address|"*")) (lns_port_raw (numbers|"*"))) ] in | |
options_address_port_v46 ("query-source") Rx.ipv4 | |
| options_address_port_v46 ("query-source-v6") Rx.ipv6 | |
let options_dnssec_lookaside = | |
[ key "dnssec-lookaside" | |
. del_blank1 | |
. ( store "auto" | |
| [ label "domain" | |
. store chr_nsemicolon+ | |
. del_blank1 ] | |
. [ key "trust-anchor" | |
. del_blank1 | |
. store chr_nsemicolon+ ]) ] | |
let options_preferred_glue = attr_one "preferred-glue" ( "A" | "AAAA" | "NONE" ) | |
let options_check_things = | |
attr_one ( "check-dup-records" | "check-mx" | "check-mx-cname" | "check-srv-cname" ) warn_fail_ignore | |
let options_check_names = | |
[ key "check-names" | |
. del_blank1 | |
. [ key ( "master" | "slave" | "response" ) | |
. del_blank1 | |
. store warn_fail_ignore ] ] | |
let options_filter_aaaa = attr_one "filter-aaaa-on-v4" ( boolean | "break-dnssec" ) | |
let options_also_notify = | |
[ key "also-notify" | |
. del_blank1 | |
. body (address_port_v46 Rx.ip) ] | |
let options_notify = attr_one "notify" (boolean | "explicit" | "master-only" ) | |
let options_masterfile_format = attr_one "masterfile-format" ("text"|"raw") | |
let options_root_delegation_only = | |
[ key "root-delegation-only" | |
. [ del_blank1 . key "exclude" . del_blank1 | |
. body [ label "name" . quoted_string ] | |
]? ] | |
let options_forward = attr_one "forward" ( "only" | "first" ) | |
let options_ixfr_from_differences = attr_one "ixfr-from-differences" (boolean | "master" | "slave" ) | |
let options_server_id = | |
[ key "server-id" | |
. del_blank1 | |
. ( store ( "none" | "hostname" ) | |
| [ label "name" . quoted_string ] ) ] | |
let options_transfer_format = attr_one "transfer-format" ( "one-answer" | "many-answer" ) | |
let options_disable_algorithms = | |
[ key "disable-algorithms" | |
. del_blank1 | |
. [ label "name" . store chr_nblank+ ] | |
. del_blank1 | |
. body [ label "algorithm" . store chr_nsemicolon+ ] ] | |
(* Not very proud of the domain_name regexp, as I can't use "- Rx.ipv4" | |
because of it's slowness, I have to say that it can't end with a number. *) | |
let options_dual_stack_servers = | |
[ key "dual-stack-servers" | |
. [ del_blank1 . lns_port ]? | |
. del_blank1 | |
. body ( address_port_v46 Rx.ip | |
| string_port "domain_name" (str_no_ip) ) ] | |
let options_tkey_dhkey = | |
[ key "tkey-dhkey" | |
. [ del_blank1 . label "key_name" . store chr_nblank+ ] | |
. [ del_blank1 . label "key_tag" . store chr_nsemicolon+ ] ] | |
let options_empty_stuff = | |
[ key ( "empty-contact" | "empty-server" ) | |
. del_blank1 | |
. quoted_string ] | |
let options_sig_validity_interval = | |
[ key "sig-validity-interval" | |
. [ del_blank1 . label "expire" . store numbers ] | |
. [ del_blank1 . label "resign" . store numbers ]? ] | |
let options_notify_delay = attr_one "notify-delay" numbers | |
let options_disable_empty_zone = [ key "disable-empty-zone" . del_blank1 . quoted_string ] | |
let options_deny_answer_addresses = | |
[ key "deny-answer-addresses" | |
. del_blank1 | |
. address_match_list | |
. [ del_blank1 . key "except-from" . del_blank1 . body [ label "domain_name" . store chr_nsemicolon+ ] ]? ] | |
let options_deny_answer_aliases = | |
let label_domain = [ label "domain_name" . store chr_nsemicolon+ ] in | |
[ key "deny-answer-aliases" | |
. del_blank1 | |
. body label_domain | |
. [ del_blank1 . key "except-from" . del_blank1 . body label_domain ]? ] | |
let options_rrset_order = | |
let order_spec = | |
[ [ key "class" . del_blank1 . store chr_nblank+ . del_blank1 ]? | |
. [ key "type" . del_blank1 . store chr_nblank+ . del_blank1 ]? | |
. [ key "name" . del_blank1 . quoted_string . del_blank1 ]? | |
. key "order" . del_blank1 . store ( "fixed" | "random" | "cyclic" ) ] | |
in | |
[ key "rrset-order" . del_blank1 . body order_spec ] | |
let options_re = | |
( options_attr_boolean | |
| options_attr_number | |
| options_attr_string | |
| options_dialup | |
| options_forwarders | |
| options_address_match_list | |
| options_port_address_match_list | |
| options_size_spec | |
| options_port_list | |
| options_address_port | |
| options_address_port2 | |
| options_dnssec_lookaside | |
| options_preferred_glue | |
| options_check_things | |
| options_check_names | |
| options_filter_aaaa | |
| options_also_notify | |
| options_notify | |
| options_masterfile_format | |
| options_root_delegation_only | |
| options_forward | |
| options_ixfr_from_differences | |
| options_server_id | |
| options_transfer_format | |
| options_disable_algorithms | |
| options_dual_stack_servers | |
| options_tkey_dhkey | |
| options_empty_stuff | |
| options_sig_validity_interval | |
| options_notify_delay | |
| options_disable_empty_zone | |
| options_deny_answer_addresses | |
| options_deny_answer_aliases | |
| options_rrset_order | |
) | |
let options = [ key "options" . del /[ \t]+/ " " . body options_re ] | |
(* server *) | |
let server_attr_boolean = | |
attr_one ( "bogus" | "provide-ixfr" | "request-ixfr" | "edns" | "use-queryport-pool" ) boolean | |
let server_attr_numbers = | |
attr_one ( "edns-udp-size" | "max-udp-size" | "transfers" | "queryport-pool-ports" | "queryport-pool-updateinterval" ) numbers | |
let server_address_port = | |
let options_address_port_v46 (k:regexp) (address:regexp) = | |
[ key k . del_blank1 . (address_port_v46 (address|"*")) ] in | |
options_address_port_v46 ("transfer-source" | "notify-source") Rx.ipv4 | |
| options_address_port_v46 ("transfer-source-v6" | "notify-source-v6") Rx.ipv6 | |
let server_keys = | |
[ key "keys" | |
. del_blank1 | |
. body [ label "key" . store chr_nsemicolon+ ] ] | |
let server_re = | |
( server_attr_boolean | |
| server_attr_numbers | |
| options_transfer_format | |
| options_address_port2 | |
| server_address_port | |
| server_keys | |
) | |
let server = | |
[ key "server" | |
. del_blank1 | |
. store subnet | |
. del_blank1 | |
. body server_re ] | |
(* statistics-chanels *) | |
let statistics_channels_body = | |
[ key "inet" . del_blank1 . store ( Rx.ip | "*" ) | |
. [ del_blank1 . lns_port ]? | |
. [ del_blank1 . key "allow" . del_blank1 . address_match_list ]? ] | |
let statistics_channels = | |
[ key "statistics-channels" | |
. del_blank1 | |
. body statistics_channels_body ] | |
(* trusted-keys *) | |
let trusted_keys_key = | |
[ label "key" | |
. [ label "domain" . store chr_nsemicolon+ ] | |
. [ del_blank1 . label "flag" . store numbers ] | |
. [ del_blank1 . label "protocol" . store numbers ] | |
. [ del_blank1 . label "algorithm" . store numbers ] | |
. del_blank1 . quoted_string ] | |
let trusted_keys = | |
[ key "trusted-keys" | |
. del_blank1 | |
. body trusted_keys_key ] | |
(* managed-keys *) | |
let managed_keys_key = | |
[ label "key" | |
. [ label "domain" . store chr_nsemicolon+ ] | |
. [ del_blank1 . label "initialization" . store ("initial-key") ] | |
. [ del_blank1 . label "flag" . store numbers ] | |
. [ del_blank1 . label "protocol" . store numbers ] | |
. [ del_blank1 . label "algorithm" . store numbers ] | |
. del_blank1 . quoted_string ] | |
let managed_keys = | |
[ key "managed-keys" | |
. del_blank1 | |
. body managed_keys_key ] | |
(* Entries *) | |
let entries = list0 (acl | controls | include | tsig_key | logging | lwres | masters | options | server | statistics_channels | trusted_keys | managed_keys ) | |
(* Group: Top of the tree *) | |
(* View: lns | |
generic entries then programs or hostnames matching blocs | |
*) | |
let lns = eol* . entries | |
(* Variable: filter | |
all you need is /etc/namedb/named.conf | |
*) | |
let filter = incl "/etc/namedb/named.conf" | |
let xfm = transform lns filter |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module Test_Named = | |
test (Named.address_port_v46 Rx.ipv4) get "1.2.3.4" = { "ip" = "1.2.3.4" } | |
test (Named.address_port_v46 Rx.ipv6) get "::1" = { "ip" = "::1" } | |
test (Named.address_port_v46 Rx.ipv4) get "1.2.3.4 port 53" = { "ip" = "1.2.3.4" { "port" = "53" } } | |
test (Named.string_port "dom" /[a-z]+/) get "foobar port 22" = { "dom" = "foobar" { "port" = "22" } } | |
test Named.address_match_subnet get "1.2.3.4" = { "ip" = "1.2.3.4" } | |
test Named.address_match_subnet get "1.2.3.4/32" = { "ip" = "1.2.3.4/32" } | |
test Named.address_match_subnet get "::1" = { "ip" = "::1" } | |
test Named.address_match_subnet get "::1/128" = { "ip" = "::1/128" } | |
test Named.address_match_key get "key foobar" = { "key" = "foobar" } | |
test Named.address_match_acl_name get "foobar" = { "acl" = "foobar" } | |
test Named.address_match_list get "{ 1.2.3.4; key foo; bar;\n }" = { "ip" = "1.2.3.4" } { "key" = "foo" } { "acl" = "bar" } | |
test [Named.lns_port] get "port 123" = { "port" = "123" } | |
test Named.controls_inet get "inet 1.2.3.4 allow { 1.2.3.4; } keys { \"tata\"; }" = | |
{ "inet" = "1.2.3.4" | |
{ "allow" { "ip" = "1.2.3.4" } } | |
{ "keys" { "key" = "tata" } } } | |
test Named.controls_inet get "inet * port 953 allow { 1.2.3.4; } keys { \"tata\"; }" = | |
{ "inet" = "*" | |
{ "port" = "953" } | |
{ "allow" { "ip" = "1.2.3.4" } } | |
{ "keys" { "key" = "tata" } } } | |
test Named.controls_unix get "unix \"/foo/bar\" perm 644 owner 123 group 234 keys { \"tutu\"; }" = | |
{ "unix" = "/foo/bar" | |
{ "perm" = "644" } { "owner" = "123" } { "group" = "234" } | |
{ "keys" { "key" = "tutu" } } } | |
test Named.controls get "controls {inet 1.2.3.4 allow { 1.2.3.4; } keys { \"tata\"; }; }" = | |
{ "controls" | |
{ "inet" = "1.2.3.4" | |
{ "allow" { "ip" = "1.2.3.4" } } | |
{ "keys" { "key" = "tata" } } } } | |
test Named.include get "include \"foo/bar\"" = { "include" = "foo/bar" } | |
test Named.tsig_key get "key \"foo\" { algorithm hmac-sha1-80; secret \"foobar\"; }" = | |
{ "key" = "foo" | |
{ "algorithm" = "hmac-sha1-80" } | |
{ "secret" = "foobar" } } | |
test Named.logging_channel get "channel foo { file \"foo\"; }" = | |
{ "channel" = "foo" | |
{ "file" = "foo" } } | |
test Named.logging_channel get "channel foo { file \"foo\" versions 3 size 2G; }" = | |
{ "channel" = "foo" | |
{ "file" = "foo" | |
{ "versions" = "3" } | |
{ "size" = "2G" } } } | |
test Named.logging_channel get "channel foo { syslog local0; }" = | |
{ "channel" = "foo" | |
{ "syslog" = "local0" } } | |
test Named.logging_channel get "channel foo { stderr; }" = | |
{ "channel" = "foo" | |
{ "stderr" } } | |
test Named.logging_channel get "channel foo { null; }" = | |
{ "channel" = "foo" | |
{ "null" } } | |
test Named.logging_channel get "channel foo { stderr; severity warning; print-time yes; }" = | |
{ "channel" = "foo" | |
{ "stderr" } | |
{ "severity" = "warning" } | |
{ "print-time" = "yes" } } | |
test Named.logging_channel get "channel foo { stderr; severity debug 4; }" = | |
{ "channel" = "foo" | |
{ "stderr" } | |
{ "severity" = "debug" | |
{ "level" = "4" } } } | |
test Named.logging_category get "category default { null; }" = | |
{ "category" = "default" { "channel" = "null" } } | |
test Named.logging get "logging { channel stderr { stderr; print-time yes; }; category dnssec { stderr; }; }" = | |
{ "logging" | |
{ "channel" = "stderr" | |
{ "stderr" } | |
{ "print-time" = "yes" } } | |
{ "category" = "dnssec" | |
{ "channel" = "stderr" } } } | |
test Named.lwres get "lwres { }" = { "lwres" } | |
test Named.lwres get "lwres { listen-on ::1 port 21; view tata; search { example.org; }; ndots 0; }" = | |
{ "lwres" | |
{ "listen-on" { "ip" = "::1" { "port" = "21" } } } | |
{ "view" = "tata" } | |
{ "search" { "domain_name" = "example.org" } } | |
{ "ndots" = "0" } } | |
test Named.masters_list_name get "foo" = { "masters_list" = "foo" } | |
test Named.masters_list_element get "1.2.3.4" = { "master" = "1.2.3.4" } | |
test Named.masters_list_element get "1.2.3.4 port 1 key foo" = | |
{ "master" = "1.2.3.4" { "port" = "1" } { "key" = "foo" } } | |
test Named.masters get "masters bar { }" = { "masters" = "bar" } | |
test Named.masters get "masters bar port 1 { foo; 1.2.3.4; }" = | |
{ "masters" = "bar" | |
{ "port" = "1" } | |
{ "masters_list" = "foo" } | |
{ "master" = "1.2.3.4" } } | |
test Named.options_attr_boolean get "querylog no" = { "querylog" = "no" } | |
test Named.options_attr_number get "port 12" = { "port" = "12" } | |
test Named.options_attr_string get "pid-file \"/var/run/named.pid\"" = { "pid-file" = "/var/run/named.pid" } | |
test Named.options_dialup get "dialup no" = { "dialup" = "no" } | |
test Named.options_forwarders get "forwarders {\n 1.2.3.4; \n::2; }" = | |
{ "forwarders" | |
{ "ip" = "1.2.3.4" } | |
{ "ip" = "::2" } } | |
test Named.options_address_match_list get "allow-query { 1.2.3.4; }" = { "allow-query" { "ip" = "1.2.3.4" } } | |
test Named.options_port_address_match_list get "listen-on port 53" = { "listen-on" { "port" = "53" } } | |
test Named.options_port_address_match_list get "listen-on { 1.2.3.4; }" = { "listen-on" { { "ip" = "1.2.3.4" } } } | |
test Named.options_port_address_match_list get "listen-on port 5353 { 1.2.3.4; }" = | |
{ "listen-on" { "port" = "5353" } { { "ip" = "1.2.3.4" } } } | |
test Named.options_size_spec get "files default" = { "files" = "default" } | |
test Named.options_size_spec get "files unlimited" = { "files" = "unlimited" } | |
test Named.options_size_spec get "files 1234" = { "files" = "1234" } | |
test Named.options_size_spec get "files 12M" = { "files" = "12M" } | |
test Named.port_list get "{ range 1 5; }" = { "range" { "port_low" = "1" } { "port_high" = "5" } } | |
test Named.port_list get "{ 1; 2; }" = { "port" = "1" } { "port" = "2" } | |
test Named.options_port_list get "use-v4-udp-ports { 1; 2; }" = | |
{ "use-v4-udp-ports" | |
{ "port" = "1" } | |
{ "port" = "2" } | |
} | |
test Named.options_address_port get "transfer-source 1.2.3.4" = { "transfer-source" { "ip" = "1.2.3.4" } } | |
test Named.options_address_port get "transfer-source *" = { "transfer-source" { "ip" = "*" } } | |
test Named.options_address_port get "transfer-source 1.2.3.4 port 53" = { "transfer-source" { "ip" = "1.2.3.4" { "port" = "53" } } } | |
test Named.options_address_port get "transfer-source-v6 2a01::" = { "transfer-source-v6" { "ip" = "2a01::" } } | |
test Named.options_address_port2 get "query-source-v6 2a01::" = { "query-source-v6" { "ip" = "2a01::" } } | |
test Named.options_address_port2 get "query-source * port *" = { "query-source" { "ip" = "*" { "port" = "*" } } } | |
test Named.options_address_port2 get "query-source address 1.2.3.4 port 1" = { "query-source" { "ip" = "1.2.3.4" { "port" = "1" } } } | |
test Named.options_dnssec_lookaside get "dnssec-lookaside auto" = { "dnssec-lookaside" = "auto" } | |
test Named.options_dnssec_lookaside get "dnssec-lookaside . trust-anchor dlv.isc.org." = { "dnssec-lookaside" { "domain" = "." } { "trust-anchor" = "dlv.isc.org." } } | |
test Named.options_preferred_glue get "preferred-glue A" = { "preferred-glue" = "A" } | |
test Named.options_check_things get "check-mx fail" = { "check-mx" = "fail" } | |
test Named.options_check_names get "check-names master fail" = { "check-names" { "master" = "fail" } } | |
test Named.options_filter_aaaa get "filter-aaaa-on-v4 no" = { "filter-aaaa-on-v4" = "no" } | |
test Named.options_also_notify get "also-notify { ::1; 1.2.3.4 port 900; }" = | |
{ "also-notify" { "ip" = "::1" } { "ip" = "1.2.3.4" { "port" = "900" } } } | |
test Named.options_notify get "notify explicit" = { "notify" = "explicit" } | |
test Named.options_masterfile_format get "masterfile-format raw" = { "masterfile-format" = "raw" } | |
test Named.options_root_delegation_only get "root-delegation-only" = { "root-delegation-only" } | |
test Named.options_root_delegation_only get "root-delegation-only exclude { \"fr\"; \"en\"; }" = | |
{ "root-delegation-only" | |
{ "exclude" | |
{ "name" = "fr" } | |
{ "name" = "en" } | |
} | |
} | |
test Named.options_ixfr_from_differences get "ixfr-from-differences master" = { "ixfr-from-differences" = "master" } | |
test Named.options_forward get "forward first" = { "forward" = "first" } | |
test Named.options_server_id get "server-id none" = { "server-id" = "none" } | |
test Named.options_server_id get "server-id \"foo.bar\"" = { "server-id" { "name" = "foo.bar" } } | |
test Named.options_disable_algorithms get "disable-algorithms foo.org { 7; }" = | |
{ "disable-algorithms" { "name" = "foo.org" } { "algorithm" = "7" } } | |
test Named.options_disable_algorithms get "disable-algorithms foo.org { NSEC3RSASHA1; }" = | |
{ "disable-algorithms" { "name" = "foo.org" } { "algorithm" = "NSEC3RSASHA1" } } | |
test Named.options_dual_stack_servers get "dual-stack-servers { 1.2.4.5; }" = | |
{ "dual-stack-servers" { "ip" = "1.2.4.5" } } | |
test Named.options_dual_stack_servers get "dual-stack-servers port 52 { foo.bar port 55; }" = | |
{ "dual-stack-servers" { "port" = "52" } { "domain_name" = "foo.bar" { "port" = "55" } } } | |
test Named.options_tkey_dhkey get "tkey-dhkey foo bar" = | |
{ "tkey-dhkey" { "key_name" = "foo" } { "key_tag" = "bar" } } | |
test Named.options_empty_stuff get "empty-contact \"foo\"" = { "empty-contact" = "foo" } | |
test Named.options_sig_validity_interval get "sig-validity-interval 3" = | |
{ "sig-validity-interval" { "expire" = "3" } } | |
test Named.options_sig_validity_interval get "sig-validity-interval 3 2" = | |
{ "sig-validity-interval" { "expire" = "3" } { "resign" = "2" } } | |
test Named.options_notify_delay get "notify-delay 12" = { "notify-delay" = "12" } | |
test Named.options_disable_empty_zone get "disable-empty-zone \"foo.bar\"" = { "disable-empty-zone" = "foo.bar" } | |
test Named.options_deny_answer_addresses get "deny-answer-addresses { 1.2.3.4; }" = | |
{ "deny-answer-addresses" { "ip" = "1.2.3.4" } } | |
test Named.options_deny_answer_addresses get "deny-answer-addresses { 1.2.3.4; } except-from { foo.org; }" = | |
{ "deny-answer-addresses" { "ip" = "1.2.3.4" } { "except-from" { "domain_name" = "foo.org" } } } | |
test Named.options_deny_answer_aliases get "deny-answer-aliases { foo.org; }" = | |
{ "deny-answer-aliases" { "domain_name" = "foo.org" } } | |
test Named.options_deny_answer_aliases get "deny-answer-aliases { foo.org; } except-from { bar.org; }" = | |
{ "deny-answer-aliases" { "domain_name" = "foo.org" } { "except-from" { "domain_name" = "bar.org" } } } | |
test Named.options_rrset_order get "rrset-order { order cyclic; }" = | |
{ "rrset-order" { "order" = "cyclic" } } | |
test Named.options_rrset_order get "rrset-order { class IN order cyclic; }" = | |
{ "rrset-order" { "order" = "cyclic" { "class" = "IN" } } } | |
test Named.options_rrset_order get "rrset-order { type A order cyclic; }" = | |
{ "rrset-order" { "order" = "cyclic" { "type" = "A" } } } | |
test Named.options_rrset_order get "rrset-order { name \"example.org\" order cyclic; }" = | |
{ "rrset-order" { "order" = "cyclic" { "name" = "example.org" } } } | |
test Named.options_rrset_order get "rrset-order { class IN type A name \"example.org\" order cyclic; }" = | |
{ "rrset-order" { "order" = "cyclic" { "class" = "IN" } { "type" = "A" } { "name" = "example.org" } } } | |
test Named.server_attr_boolean get "edns no" = { "edns" = "no" } | |
test Named.server_attr_numbers get "edns-udp-size 12" = { "edns-udp-size" = "12" } | |
test Named.server_address_port get "transfer-source 1.2.3.4" = { "transfer-source" { "ip" = "1.2.3.4" } } | |
test Named.server_keys get "keys { tata; tutu; }" = | |
{ "keys" | |
{ "key" = "tata" } | |
{ "key" = "tutu" } } | |
test Named.server get "server ::4/120 { }" = { "server" = "::4/120" } | |
test Named.server get "server ::4/120 { bogus no; keys { foo; }; }" = | |
{ "server" = "::4/120" | |
{ "bogus" = "no" } | |
{ "keys" | |
{ "key" = "foo" } } } | |
test Named.statistics_channels_body get "inet *" = { "inet" = "*" } | |
test Named.statistics_channels_body get "inet ::1 port 1 allow { 1.2.3.4; }" = | |
{ "inet" = "::1" | |
{ "port" = "1" } | |
{ "allow" | |
{ "ip" = "1.2.3.4" } } } | |
test Named.statistics_channels get "statistics-channels { inet 1.2.3.4; }" = { "statistics-channels" { "inet" = "1.2.3.4" } } | |
test Named.trusted_keys_key get "dlv.isc.org. 257 3 5 \"FoO\nBar\"" = | |
{ "key" = "FoO\nBar" | |
{ "domain" = "dlv.isc.org." } | |
{ "flag" = "257" } | |
{ "protocol" = "3" } | |
{ "algorithm" = "5" } } | |
test Named.trusted_keys get "trusted-keys { bar 1 2 3 \"foo\"; bam 2 3 4 \"baz\"; }" = | |
{ "trusted-keys" | |
{ "key" = "foo" { "domain" = "bar" } { "flag" = "1" } { "protocol" = "2" } { "algorithm" = "3" } } | |
{ "key" = "baz" { "domain" = "bam" } { "flag" = "2" } { "protocol" = "3" } { "algorithm" = "4" } } } | |
test Named.managed_keys_key get "dlv.isc.org. initial-key 257 3 5 \"FoO\nBar\"" = | |
{ "key" = "FoO\nBar" | |
{ "domain" = "dlv.isc.org." } | |
{ "initialization" = "initial-key" } | |
{ "flag" = "257" } | |
{ "protocol" = "3" } | |
{ "algorithm" = "5" } } | |
test Named.managed_keys get "managed-keys { bar initial-key 1 2 3 \"foo\"; }" = | |
{ "managed-keys" | |
{ "key" = "foo" { "domain" = "bar" } { "initialization" = "initial-key" } { "flag" = "1" } { "protocol" = "2" } { "algorithm" = "3" } } } | |
let full=" | |
# foo | |
// $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.4 2001/12/05 22:10:12 cjc Exp $ | |
/**/ | |
/* */ | |
/* bar */ | |
/* | |
* bar | |
*/ | |
acl friends { 192.0.2.0/25; # foo | |
127.0.0.1; | |
}; | |
options { | |
dnssec-enable yes; | |
request-ixfr yes; | |
tcp-clients 1234; | |
port 53; | |
version \"9.1\"; | |
dialup refresh; | |
forwarders { | |
1.2.3.4; | |
2.3.4.5 port 5353; | |
}; | |
blackhole { 4.5.6.7; polom; }; | |
allow-update { key toto; }; | |
listen-on port 53; | |
listen-on-v6 { ::1; }; | |
listen-on port 5353 { 127.0.0.1; }; | |
datasize 12M; | |
use-v6-udp-ports { range 1024 65000; }; | |
avoid-v4-udp-ports { 1; }; | |
avoid-v6-udp-ports { }; | |
notify-source * port 93; | |
query-source-v6 address 2a01:: port *; | |
dnssec-lookaside . trust-anchor dlv.isc.org.; | |
preferred-glue AAAA; | |
check-srv-cname warn; | |
check-names response warn; | |
filter-aaaa-on-v4 break-dnssec; | |
also-notify { ::2; }; | |
notify master-only; | |
masterfile-format text; | |
root-delegation-only exclude { \"fr\"; }; | |
forward first; | |
ixfr-from-differences master; | |
server-id none; | |
transfer-format one-answer; | |
disable-algorithms foo.org { NSEC3RSASHA1; }; | |
dual-stack-servers port 52 { 1.2.3.4 port 55; }; | |
tkey-dhkey foo bar; | |
empty-server \"foo\"; | |
sig-validity-interval 3 2; | |
notify-delay 12; | |
disable-empty-zone \"foo.bar\"; | |
deny-answer-addresses { 1.2.3.4; } except-from { foo.org; }; | |
deny-answer-aliases { foo.org; } except-from { bar.org; }; | |
rrset-order { | |
class IN type A name \"example.org\" order random; | |
order cyclic; | |
}; | |
};" | |
test Named.lns get full = | |
{ "#comment" = "foo" } | |
{ "#inline" = "$FreeBSD: src/etc/namedb/named.conf,v 1.6.2.4 2001/12/05 22:10:12 cjc Exp $" } | |
{ "#comment" } | |
{ "#comment" } | |
{ "#comment" | |
{ "1" = "bar" } | |
} | |
{ "#comment" | |
{ "1" = "* bar" } | |
} | |
{ "acl" = "friends" | |
{ "ip" = "192.0.2.0/25" } | |
{ "#comment" = "foo" } | |
{ "ip" = "127.0.0.1" } | |
} | |
{ "options" | |
{ "dnssec-enable" = "yes" } | |
{ "request-ixfr" = "yes" } | |
{ "tcp-clients" = "1234" } | |
{ "port" = "53" } | |
{ "version" = "9.1" } | |
{ "dialup" = "refresh" } | |
{ "forwarders" | |
{ "ip" = "1.2.3.4" } | |
{ "ip" = "2.3.4.5" { "port" = "5353" } } } | |
{ "blackhole" | |
{ "ip" = "4.5.6.7" } | |
{ "acl" = "polom" } | |
} | |
{ "allow-update" { "key" = "toto" } } | |
{ "listen-on" { "port" = "53" } } | |
{ "listen-on-v6" { { "ip" = "::1" } } } | |
{ "listen-on" { "port" = "5353" } { { "ip" = "127.0.0.1" } } } | |
{ "datasize" = "12M" } | |
{ "use-v6-udp-ports" | |
{ "range" { "port_low" = "1024" } { "port_high" = "65000" } } | |
} | |
{ "avoid-v4-udp-ports" { "port" = "1" } } | |
{ "avoid-v6-udp-ports" } | |
{ "notify-source" { "ip" = "*" { "port" = "93" } } } | |
{ "query-source-v6" { "ip" = "2a01::" { "port" = "*" } } } | |
{ "dnssec-lookaside" { "domain" = "." } { "trust-anchor" = "dlv.isc.org." } } | |
{ "preferred-glue" = "AAAA" } | |
{ "check-srv-cname" = "warn" } | |
{ "check-names" { "response" = "warn" } } | |
{ "filter-aaaa-on-v4" = "break-dnssec" } | |
{ "also-notify" { "ip" = "::2" } } | |
{ "notify" = "master-only" } | |
{ "masterfile-format" = "text" } | |
{ "root-delegation-only" { "exclude" { "name" = "fr" } } } | |
{ "forward" = "first" } | |
{ "ixfr-from-differences" = "master" } | |
{ "server-id" = "none" } | |
{ "transfer-format" = "one-answer" } | |
{ "disable-algorithms" { "name" = "foo.org" } { "algorithm" = "NSEC3RSASHA1" } } | |
{ "dual-stack-servers" { "port" = "52" } { "ip" = "1.2.3.4" { "port" = "55" } } } | |
{ "tkey-dhkey" { "key_name" = "foo" } { "key_tag" = "bar" } } | |
{ "empty-server" = "foo" } | |
{ "sig-validity-interval" { "expire" = "3" } { "resign" = "2" } } | |
{ "notify-delay" = "12" } | |
{ "disable-empty-zone" = "foo.bar" } | |
{ "deny-answer-addresses" { "ip" = "1.2.3.4" } { "except-from" { "domain_name" = "foo.org" } } } | |
{ "deny-answer-aliases" { "domain_name" = "foo.org" } { "except-from" { "domain_name" = "bar.org" } } } | |
{ "rrset-order" | |
{ "order" = "random" { "class" = "IN" } { "type" = "A" } { "name" = "example.org" } } | |
{ "order" = "cyclic" } | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am having trouble working out how to include this so that I can actually use it. Additionally I want to use it on Ubuntu's
/etc/bind/named.conf
and/etc/bind/named.conf.*
.