use vars qw(%glue); # $glue{$name}{$addr_list} = [ $whosaidandwhy ]
use vars qw(%soas); # $soa{"$origin $serial"} = [ $whosaidandwhy ]
use vars qw(%addr_is_ok %warned_glueless %warned_mynameaddr);
+use vars qw($delg_to_us);
use vars qw(@to_check); # ($addr,$whyask,$is_auth,$glueless_ok, ...)
use vars qw(@to_check_soa); # ($addr,$whyask, ...)
%delgs= %auths= %glue= %soas=
%warned_glueless= %warned_mynameaddr=
%addr_is_ok= ();
+ $delg_to_us= 0;
@to_check= @to_check_soa= ();
}
" us [$addr] with wrong name $name, (eg) $ww")
unless $warned_mynameaddr{$name}{$addr}++;
}
+ $delg_to_us=1 if $name_is_self;
}
sub zone_check_soa ($$$) {
}
}
}
+ if ($cfg->{'s'} =~ m/s/ && !$delg_to_us) {
+ zone_warnmore("we are supposedly published secondary,".
+ " but not listed as a nameserver");
+ }
}
sub zone_consistency_set ($%) {
.B ?
zone style modifier in the configuration.
.TP
-\fB\-C\fP|\-\-config \fIconfig\-file\fP
+.BR \-C | \-\-config " \fIconfig\-file\fP"
Use
.I config\-file
instead of
appear before directives specifying zones, as each will affect only
later zone directives.
.TP
-\fBself\-addr\fP \fIfqdn ...\fP
+\fBself\-addr\fP \fIip-address ...\fP
Specifies the list of addresses that this server may be known by in
A records. There is no default.
.TP
Origin server's data: The set of nameservers in the origin server's
version of the zone should be a superset of those in the delegations.
-Our zone configuration: For
-.B primary
-zones, the SOA origin should be one of the names specified with
-.BR self\-soa " (or " self ). For
-.B published
-zones, the address should be that of the SOA origin. For
-.B stealth
-zones, the address should be that of the SOA origin or one of the
-published nameservers.
+Our zone configuration: For primary zones, the SOA origin should be
+one of the names specified with
+.BR self\-soa " (or " self ).
+For published zones, the address should be that of the SOA origin.
+For stealth zones, the address should be that of the SOA origin or one
+of the published nameservers.
.SH SECURITY
chiark\-named\-conf is supposed to be resistant to malicious data in
the DNS. It is not resistant to malicious data in its own options,
Avoid messing with these if possible.
.LP
.B PATH
-Used to find subprograms such as
+is used to find subprograms such as
.BR dig " and " adnshost .
.SH BUGS
The determination of the parent zone for each zone to be checked, and