aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/bind/bind.xml262
1 files changed, 158 insertions, 104 deletions
diff --git a/config/bind/bind.xml b/config/bind/bind.xml
index c24bf351..0f6861fc 100644
--- a/config/bind/bind.xml
+++ b/config/bind/bind.xml
@@ -3,56 +3,50 @@
<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
<packagegui>
<copyright>
- <![CDATA[
+<![CDATA[
/* $Id$ */
-/* ========================================================================== */
+/* ====================================================================================== */
/*
- bind.xml
- part of pfSense (http://www.pfSense.com)
- part of the Bind package for pfSense
- Copyright (C) 2013 Juliano Oliveira/Adriano Brancher
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
+ bind.xml
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2013 Juliano Oliveira
+ Copyright (C) 2013 Adriano Brancher
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+*/
+/* ====================================================================================== */
/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+ ]]>
</copyright>
- <description>Describe your package here</description>
- <requirements>Describe your package requirements here</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
<name>bind</name>
- <version>1.0</version>
- <title>Bind: Domain Named Settings</title>
+ <version>0.4.0</version>
+ <title>BIND: DNS Settings</title>
<include_file>/usr/local/pkg/bind.inc</include_file>
<menu>
- <name>BIND Server</name>
+ <name>BIND DNS Server</name>
<tooltiptext>Modify BIND settings</tooltiptext>
<section>Services</section>
<url>/pkg_edit.php?xml=bind.xml</url>
@@ -87,45 +81,36 @@
</tab>
</tabs>
- <!-- Installation -->
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind_views.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind_zones.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind_acls.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/pkg/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind_sync.xml</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/shortcuts/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/pkg_bind.inc</item>
</additional_files_needed>
<additional_files_needed>
<prefix>/usr/local/www/widgets/widgets/</prefix>
- <chmod>0755</chmod>
<item>https://packages.pfsense.org/packages/config/bind/bind.widget.php</item>
</additional_files_needed>
<fields>
@@ -137,16 +122,24 @@
<field>
<fielddescr>Enable BIND</fielddescr>
<fieldname>enable_bind</fieldname>
- <description><![CDATA[Enable BIND DNS server<br>
- Disable DNS Forwarder and Resolver services on selected interfaces before enabling BIND.]]></description>
+ <description>
+ <![CDATA[
+ Enable BIND DNS server<br />
+ Disable DNS Forwarder and Resolver services on selected interfaces before enabling BIND.
+ ]]>
+ </description>
<type>checkbox</type>
<required/>
</field>
<field>
<fielddescr>IP Version</fielddescr>
<fieldname>bind_ip_version</fieldname>
- <description><![CDATA[Select IP transport version.<br>
- This controls which transports are used when resolving queries.]]></description>
+ <description>
+ <![CDATA[
+ Select IP transport version.<br />
+ This controls which transports are used when resolving queries.
+ ]]>
+ </description>
<type>select</type>
<options>
<option><name>IPv4+IPv6</name><value></value></option>
@@ -157,7 +150,7 @@
<field>
<fielddescr>Listen on</fielddescr>
<fieldname>listenon</fieldname>
- <description><![CDATA[Choose the interfaces on which to enable BIND.]]></description>
+ <description>Choose the interfaces on which to enable BIND.</description>
<type>interfaces_selection</type>
<showlistenall/>
<showvirtualips/>
@@ -178,34 +171,42 @@
<field>
<fielddescr>Limit Memory Use</fielddescr>
<fieldname>bind_ram_limit</fieldname>
- <description>Limits RAM use for DNS server, recommend 256M</description>
+ <description>Limits RAM use for DNS server (Recommended: 256M)</description>
<type>input</type>
<size>10</size>
<default_value>256M</default_value>
</field>
<field>
<type>listtopic</type>
- <name>Logging options</name>
+ <name>Logging Options</name>
<fieldname>temp01</fieldname>
</field>
<field>
<fielddescr>Enable Logging</fielddescr>
<fieldname>bind_logging</fieldname>
- <description><![CDATA[Enable BIND logs under Status > System logs, Resolver tab.]]></description>
+ <description>
+ <![CDATA[
+ Enable BIND logs under Status > System logs, Resolver tab.
+ ]]>
+ </description>
<type>checkbox</type>
</field>
<field>
- <fielddescr>Logging Serverity</fielddescr>
+ <fielddescr>Logging Severity</fielddescr>
<fieldname>log_severity</fieldname>
- <description><![CDATA[Choose logging level for selected categories.<BR>
- The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace.]]></description>
+ <description>
+ <![CDATA[
+ Choose logging level for selected categories.<br />
+ The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace.
+ ]]>
+ </description>
<type>select</type>
<options>
- <option><name>Critital</name><value>critical</value></option>
+ <option><name>Critical</name><value>critical</value></option>
<option><name>Error</name><value>error</value></option>
<option><name>Warning</name><value>warning</value></option>
<option><name>Notice</name><value>Notice</value></option>
- <option><name>info</name><value>info</value></option>
+ <option><name>Info</name><value>info</value></option>
<option><name>Debug level 1</name><value>debug 1</value></option>
<option><name>Debug level 3</name><value>debug 3</value></option>
<option><name>Debug level 5</name><value>debug 5</value></option>
@@ -215,27 +216,82 @@
<field>
<fielddescr>Logging Options</fielddescr>
<fieldname>log_options</fieldname>
- <description><![CDATA[Select categories to log.<BR>
- use CTRL+click to select/unselect.]]></description>
+ <description>
+ <![CDATA[
+ Select categories to log.<br />
+ (Use CTRL + click to select/unselect.
+ ]]>
+ </description>
<type>select</type>
<options>
- <option><name>Default-if this is the only category selected, it will log all categories except queries</name><value>default</value></option>
- <option><name>General-Anything that is not classified as any other item in this list defaults to this category</name><value>general</value></option>
- <option><name>Database-The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace</name><value>database</value></option>
- <option><name>Security-Approval and denial of requests</name><value>security</value></option>
- <option><name>Config-Configuration file parsing and processing</name><value>config</value></option>
- <option><name>Resolver-Name resolution including recursive lookups</name><value>resolver</value></option>
- <option><name>Xfer-in-Details of zone transfers the server is receiving.</name><value>xfer-in</value></option>
- <option><name>Xfer-out-Details of zone transfers the server is sending.</name><value>xfer-out</value></option>
- <option><name>Notify-Logs all NOTIFY operations.</name><value>notify</value></option>
- <option><name>Client-Processing of client requests</name><value>client</value></option>
- <option><name>Unmatched-No matching view clause or unrecognized class value.</name><value>unmatched</value></option>
- <option><name>Queries-Logs all query transactions</name><value>queries</value></option>
- <option><name>Network-Logs all network operations</name><value>network</value></option>
- <option><name>Update-Logging of all dynamic update (DDNS) transactions</name><value>update</value></option>
- <option><name>Dispatch-Dispatching of incoming packets to the server modules</name><value>dispatch</value></option>
- <option><name>DNSSEC-DNSSEC and TSIG protocol processing</name><value>dnssec</value></option>
- <option><name>lame-servers-Mis-configuration in the delegation of domains discovered by BIND</name><value>lame-servers</value></option>
+ <option>
+ <name>Default - If this is the only category selected, it will log all categories except queries.</name>
+ <value>default</value>
+ </option>
+ <option>
+ <name>General - Anything that is not classified as any other item in this list defaults to this category.</name>
+ <value>general</value>
+ </option>
+ <option>
+ <name>Database - Messages relating to the databases used internally by the name server to store zone and cache data.</name>
+ <value>database</value>
+ </option>
+ <option>
+ <name>Security - Approval and denial of requests.</name>
+ <value>security</value>
+ </option>
+ <option>
+ <name>Config - Configuration file parsing and processing.</name>
+ <value>config</value>
+ </option>
+ <option>
+ <name>Resolver - Name resolution including recursive lookups.</name>
+ <value>resolver</value>
+ </option>
+ <option>
+ <name>Xfer-in - Details of zone transfers the server is receiving.</name>
+ <value>xfer-in</value>
+ </option>
+ <option>
+ <name>Xfer-out - Details of zone transfers the server is sending.</name>
+ <value>xfer-out</value>
+ </option>
+ <option>
+ <name>Notify - Logs all NOTIFY operations.</name>
+ <value>notify</value>
+ </option>
+ <option>
+ <name>Client - Processing of client requests.</name>
+ <value>client</value>
+ </option>
+ <option>
+ <name>Unmatched - No matching view clause or unrecognized class value.</name>
+ <value>unmatched</value>
+ </option>
+ <option>
+ <name>Queries - Logs all query transactions.</name>
+ <value>queries</value>
+ </option>
+ <option>
+ <name>Network - Logs all network operations.</name>
+ <value>network</value>
+ </option>
+ <option>
+ <name>Update - Logging of all dynamic update (DDNS) transactions.</name>
+ <value>update</value>
+ </option>
+ <option>
+ <name>Dispatch - Dispatching of incoming packets to the server modules.</name>
+ <value>dispatch</value>
+ </option>
+ <option>
+ <name>DNSSEC - DNSSEC and TSIG protocol processing.</name>
+ <value>dnssec</value>
+ </option>
+ <option>
+ <name>lame-servers - Misconfiguration in the delegation of domains discovered by BIND.</name>
+ <value>lame-servers</value>
+ </option>
</options>
<multiple/>
<size>18</size>
@@ -248,8 +304,12 @@
<field>
<fielddescr>Rate Limit</fielddescr>
<fieldname>rate_enabled</fieldname>
- <description><![CDATA[<a target=_new href='https://kb.isc.org/article/AA-01000/189/A-Quick-Introduction-to-Response-Rate-Limiting.html?utm_source=isc&utm_medium=website&utm_term=rrl-kb&utm_content=kbarticle&utm_campaign=bind994_release_091913'>
- Limit/rate response queries</a> to prevent DOS attack.]]></description>
+ <description>
+ <![CDATA[
+ See <a href='https://kb.isc.org/article/AA-01000/189/A-Quick-Introduction-to-Response-Rate-Limiting.html'>A Quick Introduction to Response Rate Limiting</a>&nbsp;
+ to prevent DOS attack.
+ ]]>
+ </description>
<type>checkbox</type>
<enablefields>rate_limit,log_only</enablefields>
</field>
@@ -266,29 +326,30 @@
<field>
<fielddescr>Limit</fielddescr>
<fieldname>rate_limit</fieldname>
- <description>Set rate limit. Default to 15.</description>
+ <description>Set rate limit. (Default: 15)</description>
<type>input</type>
<size>10</size>
</field>
<field>
<type>listtopic</type>
- <name>Forwarder Config</name>
+ <name>Forwarder Configuration</name>
<fieldname>temp01</fieldname>
</field>
<field>
<fielddescr>Enable Forwarding</fielddescr>
<fieldname>bind_forwarder</fieldname>
- <description>Enable forwarding queries to other DNS servers listed below rather than this server
- performing its own recursion.
- </description>
+ <description>Enable forwarding queries to other DNS servers listed below rather than this server performing its own recursion.</description>
<type>checkbox</type>
<enablefields>bind_forwarder_ips</enablefields>
</field>
<field>
<fielddescr>Forwarder IPs</fielddescr>
<fieldname>bind_forwarder_ips</fieldname>
- <description>Enter IPs of DNS servers to use for recursion. Separate by semi-colons (;). Applies
- only if Enable Forwarding is chosen.
+ <description>
+ <![CDATA[
+ Enter IPs of DNS servers to use for recursion. Separate by semi-colons (;).<br />
+ Applies only if Enable Forwarding is chosen.
+ ]]>
</description>
<type>input</type>
<size>80</size>
@@ -302,8 +363,10 @@
<fielddescr>Custom Options</fielddescr>
<fieldname>bind_custom_options</fieldname>
<description>
- <![CDATA[You can put your own custom options here, one per line.<br>
- They'll be added to the configuration. They need to be named.conf native options.]]>
+ <![CDATA[
+ You can put your own custom options here, one per line. They'll be added to the configuration.<br />
+ They need to be <a href="http://www.freebsd.org/cgi/man.cgi?query=named.conf&apropos=0&sektion=0&manpath=FreeBSD+10.1-RELEASE+and+Ports&arch=default&format=html"named.conf</a> native settings.
+ ]]>
</description>
<type>textarea</type>
<cols>65</cols>
@@ -319,8 +382,10 @@
<fielddescr>Global Settings</fielddescr>
<fieldname>bind_global_settings</fieldname>
<description>
- <![CDATA[You can put your own global settings here.<br>
- They'll be added to the configuration. They need to be named.conf native settings.]]>
+ <![CDATA[
+ You can put your own global settings here. They'll be added to the configuration.<br />
+ They need to be <a href="http://www.freebsd.org/cgi/man.cgi?query=named.conf&apropos=0&sektion=0&manpath=FreeBSD+10.1-RELEASE+and+Ports&arch=default&format=html"named.conf</a> native settings.
+ ]]>
</description>
<type>textarea</type>
<cols>65</cols>
@@ -328,21 +393,10 @@
<encoding>base64</encoding>
</field>
</fields>
- <custom_php_after_head_command>
- </custom_php_after_head_command>
- <custom_php_command_before_form>
- </custom_php_command_before_form>
- <custom_add_php_command>
- </custom_add_php_command>
- <custom_php_validation_command>
- </custom_php_validation_command>
<custom_php_resync_config_command>
bind_sync();
</custom_php_resync_config_command>
<custom_php_install_command>
bind_write_rcfile();
</custom_php_install_command>
- <custom_php_deinstall_command>
- </custom_php_deinstall_command>
- <filter_rules_needed></filter_rules_needed>
</packagegui>