diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/bind/bind.xml | 262 |
1 files changed, 158 insertions, 104 deletions
diff --git a/config/bind/bind.xml b/config/bind/bind.xml index c24bf351..0f6861fc 100644 --- a/config/bind/bind.xml +++ b/config/bind/bind.xml @@ -3,56 +3,50 @@ <?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> - <![CDATA[ +<![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - bind.xml - part of pfSense (http://www.pfSense.com) - part of the Bind package for pfSense - Copyright (C) 2013 Juliano Oliveira/Adriano Brancher - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + bind.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2013 Juliano Oliveira + Copyright (C) 2013 Adriano Brancher + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + ]]> </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> <name>bind</name> - <version>1.0</version> - <title>Bind: Domain Named Settings</title> + <version>0.4.0</version> + <title>BIND: DNS Settings</title> <include_file>/usr/local/pkg/bind.inc</include_file> <menu> - <name>BIND Server</name> + <name>BIND DNS Server</name> <tooltiptext>Modify BIND settings</tooltiptext> <section>Services</section> <url>/pkg_edit.php?xml=bind.xml</url> @@ -87,45 +81,36 @@ </tab> </tabs> - <!-- Installation --> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/bind/bind.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/bind/bind_views.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/bind/bind_zones.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/bind/bind_acls.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/bind/bind.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/bind/bind_sync.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/shortcuts/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/bind/pkg_bind.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/widgets/widgets/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/bind/bind.widget.php</item> </additional_files_needed> <fields> @@ -137,16 +122,24 @@ <field> <fielddescr>Enable BIND</fielddescr> <fieldname>enable_bind</fieldname> - <description><![CDATA[Enable BIND DNS server<br> - Disable DNS Forwarder and Resolver services on selected interfaces before enabling BIND.]]></description> + <description> + <![CDATA[ + Enable BIND DNS server<br /> + Disable DNS Forwarder and Resolver services on selected interfaces before enabling BIND. + ]]> + </description> <type>checkbox</type> <required/> </field> <field> <fielddescr>IP Version</fielddescr> <fieldname>bind_ip_version</fieldname> - <description><![CDATA[Select IP transport version.<br> - This controls which transports are used when resolving queries.]]></description> + <description> + <![CDATA[ + Select IP transport version.<br /> + This controls which transports are used when resolving queries. + ]]> + </description> <type>select</type> <options> <option><name>IPv4+IPv6</name><value></value></option> @@ -157,7 +150,7 @@ <field> <fielddescr>Listen on</fielddescr> <fieldname>listenon</fieldname> - <description><![CDATA[Choose the interfaces on which to enable BIND.]]></description> + <description>Choose the interfaces on which to enable BIND.</description> <type>interfaces_selection</type> <showlistenall/> <showvirtualips/> @@ -178,34 +171,42 @@ <field> <fielddescr>Limit Memory Use</fielddescr> <fieldname>bind_ram_limit</fieldname> - <description>Limits RAM use for DNS server, recommend 256M</description> + <description>Limits RAM use for DNS server (Recommended: 256M)</description> <type>input</type> <size>10</size> <default_value>256M</default_value> </field> <field> <type>listtopic</type> - <name>Logging options</name> + <name>Logging Options</name> <fieldname>temp01</fieldname> </field> <field> <fielddescr>Enable Logging</fielddescr> <fieldname>bind_logging</fieldname> - <description><![CDATA[Enable BIND logs under Status > System logs, Resolver tab.]]></description> + <description> + <![CDATA[ + Enable BIND logs under Status > System logs, Resolver tab. + ]]> + </description> <type>checkbox</type> </field> <field> - <fielddescr>Logging Serverity</fielddescr> + <fielddescr>Logging Severity</fielddescr> <fieldname>log_severity</fieldname> - <description><![CDATA[Choose logging level for selected categories.<BR> - The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace.]]></description> + <description> + <![CDATA[ + Choose logging level for selected categories.<br /> + The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace. + ]]> + </description> <type>select</type> <options> - <option><name>Critital</name><value>critical</value></option> + <option><name>Critical</name><value>critical</value></option> <option><name>Error</name><value>error</value></option> <option><name>Warning</name><value>warning</value></option> <option><name>Notice</name><value>Notice</value></option> - <option><name>info</name><value>info</value></option> + <option><name>Info</name><value>info</value></option> <option><name>Debug level 1</name><value>debug 1</value></option> <option><name>Debug level 3</name><value>debug 3</value></option> <option><name>Debug level 5</name><value>debug 5</value></option> @@ -215,27 +216,82 @@ <field> <fielddescr>Logging Options</fielddescr> <fieldname>log_options</fieldname> - <description><![CDATA[Select categories to log.<BR> - use CTRL+click to select/unselect.]]></description> + <description> + <![CDATA[ + Select categories to log.<br /> + (Use CTRL + click to select/unselect. + ]]> + </description> <type>select</type> <options> - <option><name>Default-if this is the only category selected, it will log all categories except queries</name><value>default</value></option> - <option><name>General-Anything that is not classified as any other item in this list defaults to this category</name><value>general</value></option> - <option><name>Database-The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace</name><value>database</value></option> - <option><name>Security-Approval and denial of requests</name><value>security</value></option> - <option><name>Config-Configuration file parsing and processing</name><value>config</value></option> - <option><name>Resolver-Name resolution including recursive lookups</name><value>resolver</value></option> - <option><name>Xfer-in-Details of zone transfers the server is receiving.</name><value>xfer-in</value></option> - <option><name>Xfer-out-Details of zone transfers the server is sending.</name><value>xfer-out</value></option> - <option><name>Notify-Logs all NOTIFY operations.</name><value>notify</value></option> - <option><name>Client-Processing of client requests</name><value>client</value></option> - <option><name>Unmatched-No matching view clause or unrecognized class value.</name><value>unmatched</value></option> - <option><name>Queries-Logs all query transactions</name><value>queries</value></option> - <option><name>Network-Logs all network operations</name><value>network</value></option> - <option><name>Update-Logging of all dynamic update (DDNS) transactions</name><value>update</value></option> - <option><name>Dispatch-Dispatching of incoming packets to the server modules</name><value>dispatch</value></option> - <option><name>DNSSEC-DNSSEC and TSIG protocol processing</name><value>dnssec</value></option> - <option><name>lame-servers-Mis-configuration in the delegation of domains discovered by BIND</name><value>lame-servers</value></option> + <option> + <name>Default - If this is the only category selected, it will log all categories except queries.</name> + <value>default</value> + </option> + <option> + <name>General - Anything that is not classified as any other item in this list defaults to this category.</name> + <value>general</value> + </option> + <option> + <name>Database - Messages relating to the databases used internally by the name server to store zone and cache data.</name> + <value>database</value> + </option> + <option> + <name>Security - Approval and denial of requests.</name> + <value>security</value> + </option> + <option> + <name>Config - Configuration file parsing and processing.</name> + <value>config</value> + </option> + <option> + <name>Resolver - Name resolution including recursive lookups.</name> + <value>resolver</value> + </option> + <option> + <name>Xfer-in - Details of zone transfers the server is receiving.</name> + <value>xfer-in</value> + </option> + <option> + <name>Xfer-out - Details of zone transfers the server is sending.</name> + <value>xfer-out</value> + </option> + <option> + <name>Notify - Logs all NOTIFY operations.</name> + <value>notify</value> + </option> + <option> + <name>Client - Processing of client requests.</name> + <value>client</value> + </option> + <option> + <name>Unmatched - No matching view clause or unrecognized class value.</name> + <value>unmatched</value> + </option> + <option> + <name>Queries - Logs all query transactions.</name> + <value>queries</value> + </option> + <option> + <name>Network - Logs all network operations.</name> + <value>network</value> + </option> + <option> + <name>Update - Logging of all dynamic update (DDNS) transactions.</name> + <value>update</value> + </option> + <option> + <name>Dispatch - Dispatching of incoming packets to the server modules.</name> + <value>dispatch</value> + </option> + <option> + <name>DNSSEC - DNSSEC and TSIG protocol processing.</name> + <value>dnssec</value> + </option> + <option> + <name>lame-servers - Misconfiguration in the delegation of domains discovered by BIND.</name> + <value>lame-servers</value> + </option> </options> <multiple/> <size>18</size> @@ -248,8 +304,12 @@ <field> <fielddescr>Rate Limit</fielddescr> <fieldname>rate_enabled</fieldname> - <description><![CDATA[<a target=_new href='https://kb.isc.org/article/AA-01000/189/A-Quick-Introduction-to-Response-Rate-Limiting.html?utm_source=isc&utm_medium=website&utm_term=rrl-kb&utm_content=kbarticle&utm_campaign=bind994_release_091913'> - Limit/rate response queries</a> to prevent DOS attack.]]></description> + <description> + <![CDATA[ + See <a href='https://kb.isc.org/article/AA-01000/189/A-Quick-Introduction-to-Response-Rate-Limiting.html'>A Quick Introduction to Response Rate Limiting</a> + to prevent DOS attack. + ]]> + </description> <type>checkbox</type> <enablefields>rate_limit,log_only</enablefields> </field> @@ -266,29 +326,30 @@ <field> <fielddescr>Limit</fielddescr> <fieldname>rate_limit</fieldname> - <description>Set rate limit. Default to 15.</description> + <description>Set rate limit. (Default: 15)</description> <type>input</type> <size>10</size> </field> <field> <type>listtopic</type> - <name>Forwarder Config</name> + <name>Forwarder Configuration</name> <fieldname>temp01</fieldname> </field> <field> <fielddescr>Enable Forwarding</fielddescr> <fieldname>bind_forwarder</fieldname> - <description>Enable forwarding queries to other DNS servers listed below rather than this server - performing its own recursion. - </description> + <description>Enable forwarding queries to other DNS servers listed below rather than this server performing its own recursion.</description> <type>checkbox</type> <enablefields>bind_forwarder_ips</enablefields> </field> <field> <fielddescr>Forwarder IPs</fielddescr> <fieldname>bind_forwarder_ips</fieldname> - <description>Enter IPs of DNS servers to use for recursion. Separate by semi-colons (;). Applies - only if Enable Forwarding is chosen. + <description> + <![CDATA[ + Enter IPs of DNS servers to use for recursion. Separate by semi-colons (;).<br /> + Applies only if Enable Forwarding is chosen. + ]]> </description> <type>input</type> <size>80</size> @@ -302,8 +363,10 @@ <fielddescr>Custom Options</fielddescr> <fieldname>bind_custom_options</fieldname> <description> - <![CDATA[You can put your own custom options here, one per line.<br> - They'll be added to the configuration. They need to be named.conf native options.]]> + <![CDATA[ + You can put your own custom options here, one per line. They'll be added to the configuration.<br /> + They need to be <a href="http://www.freebsd.org/cgi/man.cgi?query=named.conf&apropos=0&sektion=0&manpath=FreeBSD+10.1-RELEASE+and+Ports&arch=default&format=html"named.conf</a> native settings. + ]]> </description> <type>textarea</type> <cols>65</cols> @@ -319,8 +382,10 @@ <fielddescr>Global Settings</fielddescr> <fieldname>bind_global_settings</fieldname> <description> - <![CDATA[You can put your own global settings here.<br> - They'll be added to the configuration. They need to be named.conf native settings.]]> + <![CDATA[ + You can put your own global settings here. They'll be added to the configuration.<br /> + They need to be <a href="http://www.freebsd.org/cgi/man.cgi?query=named.conf&apropos=0&sektion=0&manpath=FreeBSD+10.1-RELEASE+and+Ports&arch=default&format=html"named.conf</a> native settings. + ]]> </description> <type>textarea</type> <cols>65</cols> @@ -328,21 +393,10 @@ <encoding>base64</encoding> </field> </fields> - <custom_php_after_head_command> - </custom_php_after_head_command> - <custom_php_command_before_form> - </custom_php_command_before_form> - <custom_add_php_command> - </custom_add_php_command> - <custom_php_validation_command> - </custom_php_validation_command> <custom_php_resync_config_command> bind_sync(); </custom_php_resync_config_command> <custom_php_install_command> bind_write_rcfile(); </custom_php_install_command> - <custom_php_deinstall_command> - </custom_php_deinstall_command> - <filter_rules_needed></filter_rules_needed> </packagegui> |