ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,381 Commits 589 Branches 805 Tags
de7ba81cb4e777282827deb06fe7113a852635b5
Commit Graph

656 Commits

Author SHA1 Message Date
Mark Andrews
fa25ae3d4d whitespace 2015-07-23 19:52:07 +10:00
Evan Hunt
c41d5c2d5d [v9_10] remove accidentally duplicated section on clients-per-query 2015-07-20 15:28:17 -07:00
Evan Hunt
83d0b1ab69 [v9_10] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			These options are not available by default;
			use "configure --enable-fetchlimit" (or
			--enable-developer) to include them in the build.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:55:31 -07:00
Mark Andrews
be4b9178f0 4143. [bug] serial-query-rate was not effective for notify. 
[RT #39858]
 2015-06-24 20:54:56 +10:00
Witold Krecicki
2e02ab4e50 fix rpz-client-ip documentation [RT #39783] 2015-06-19 10:26:04 +02:00
Mark Andrews
1f0e687cfa update rpz doc as per rt39703 
(cherry picked from commit 94f7158d44)
 2015-06-05 11:14:38 +10:00
Mukund Sivaraman
5cbd509a3d Fix a bug in RPZ that could cause unwanted recursion (#39229) 
Conflicts:
	doc/arm/notes.xml

(cherry picked from commit b947e1a521)

Conflicts:
	CHANGES
	bin/tests/system/conf.sh.in
 2015-05-07 08:36:49 +05:30
Mark Andrews
3dbd0b7da5 4092. [bug] 'in-view' didn't work for zones beneath a empty zone. 
[RT #39173]

(cherry picked from commit febb020dce)
 2015-04-07 13:22:20 +10:00
Evan Hunt
0b6dfb95ee [v9_10] minor doc fixes 2015-04-06 13:48:48 -07:00
Mark Andrews
5e8cc6e868 Add warning about configuration inheritence with in-view 
(cherry picked from commit 7b52254bf3)
 2015-03-11 10:43:34 +11:00
Evan Hunt
039c916c48 [v9_10] clarify edns-udp-size doc 
(cherry picked from commit 7267d1f335)
 2015-02-03 13:36:54 -08:00
Evan Hunt
ce85d3132e [v9_10] oops, semicolons were still wrong 2015-01-21 11:43:56 -08:00
Evan Hunt
20377516b6 [v9_10] reformat response-policy grammar 
There was an overly long line that ran off the end of the
page in the PDF; also missing semicolons and close brace.
 2015-01-21 11:19:33 -08:00
Evan Hunt
351181c89d [v9_10] document dscp option 2015-01-13 09:16:00 -08:00
Tinderbox User
167beb6aa5 update copyright notice / whitespace 2015-01-08 23:45:50 +00:00
Evan Hunt
b21229de09 [v9_10] clean up release note stylesheets 2015-01-07 17:29:11 -08:00
Evan Hunt
b0e9108311 [v9_10] adjust max-recursion-queries 
4021.	[bug]		Adjust max-recursion-queries to accommodate
			the need for more queries when the cache is
			empty. [RT #38104]

(cherry picked from commit be7fba8019)
 2014-12-15 22:28:26 -08:00
Mark Andrews
b99cdea866 4015. [bug] Nameservers that are skipped due to them being 
CNAMEs were not being logged. They are now logged
                        to category 'cname' as per BIND 8. [RT #37935]

(cherry picked from commit ea3aa401bc)
 2014-12-03 11:42:16 +11:00
Mark Andrews
b233d5585d 4007. [doc] Remove acl forward reference restriction. [RT #37772] 
(cherry picked from commit 64d715c22a)
 2014-11-21 15:27:28 +11:00
Evan Hunt
af63f90b99 [v9_10] add missing grammar 2014-11-20 15:36:48 -08:00
Evan Hunt
b3aa528d7e [v9_10] add max-recursion-queries 
also fixes and documentation for max-recursion-depth

(cherry picked from commit c4f54e5bd1)
 2014-11-18 22:13:13 -08:00
Evan Hunt
6fd51d5088 [v9_10] limit recursion depth and iterative queries 
4006.	[security]	A flaw in delegation handling could be exploited
			to put named into an infinite loop.  This has
			been addressed by placing limits on the number
			of levels of recursion named will allow (default 7),
			and the number of iterative queries that it will
			send (default 50) before terminating a recursive
			query (CVE-2014-8500).

			The recursion depth limit is configured via the
			"max-recursion-depth" option.  [RT #35780]
 2014-11-17 23:48:20 -08:00
Evan Hunt
197c3286f8 [v9_10] document that serial-query-rate has a floor of 1/second 2014-10-30 14:33:56 -07:00
Evan Hunt
4186404ffc [v9_10] include relnotes in doc 
3982.	[doc]		Include release notes in product documentation.
			[RT #37272]

(cherry picked from commit 90e0af6bc6)
 2014-10-20 12:50:35 -07:00
Evan Hunt
7d4b6b5a69 [v9_10] backport grammar fixes 2014-10-01 10:33:23 -07:00
Mark Andrews
bfe741e7b6 fix response-policy synopsis 2014-09-27 11:30:07 +10:00
Evan Hunt
a099a11b79 [v9_10] add package version to scope statement 2014-09-05 12:18:22 -07:00
Evan Hunt
468281d88c [v9_10] retain release info when updating copyright 2014-09-05 11:29:12 -07:00
Tinderbox User
db6d18d1a8 update copyright notice 2014-09-04 23:45:52 +00:00
Evan Hunt
8cd1082584 [v9_10] add version number to ARM 
3941.	[doc]		Include the BIND version number in the ARM. [RT #37067]

(cherry picked from commit 7ae9399897)
 2014-09-03 20:30:03 -07:00
Evan Hunt
4ab9bb2b27 [v9_10] fix geoip asnum matching 
3935.	[bug]		"geoip asnum" ACL elements would not match unless
			the full organization name was specified.  They
			can now match against the AS number alone (e.g.,
			AS1234). [RT #36945]
 2014-08-28 21:39:43 -07:00
Mark Andrews
e30f7e362d 3934. [bug] Catch bad 'sit-secret' in named-checkconf. Improve 
sit-secrets documentation. [RT #36980]

(cherry picked from commit 7c73ac5e13)
 2014-08-29 14:36:55 +10:00
Jeremy C. Reed
8f2cb5b749 [36877] added doc about geoip-directory 2014-08-22 08:39:59 -05:00
Mark Andrews
d426add646 3918. [doc] Update check-spf documentation. [RT #36910] 2014-08-22 11:50:12 +10:00
Evan Hunt
1058966060 [v9_10] backport doc fixes from master 2014-08-18 14:01:40 -07:00
Mark Andrews
7616b6233c 3869. [doc] Document that in-view zones cannot be used for 
response policy zones. [RT #35941]
 2014-06-03 13:37:43 +10:00
Mark Andrews
a0184ac58c Revert "[master] improve RRL documentation" 
This reverts commit fe9a1e5bd6.
 2014-05-13 14:53:21 +10:00
Evan Hunt
8103fbabd5 [v9_10] globally rename "delve" to "delv" 
3817.	[func]		The "delve" command is now spelled "delv" to avoid
			a namespace collision with the Xapian project.
			[RT #35801]

(cherry picked from commit 2ae159b376)
 2014-04-23 11:15:36 -07:00
Mark Andrews
993cde8f0f 3809. [doc] Fix SIT and NSID documentation. 2014-04-16 15:53:30 +10:00
Evan Hunt
efa4dcc9da [master] more prefetch doc improvement 2014-04-14 16:36:06 -07:00
Jeremy C. Reed
4bda053938 Fix typo: word was repeated 2014-04-14 09:50:22 -05:00
Evan Hunt
2dc978b8a1 [master] fix "prefetch" doc 
3808.	[doc]		Clean up "prefetch" documentation. [RT #35751]
 2014-04-13 18:50:34 -07:00
Jeremy C. Reed
7ee973f74c fix typo 2014-04-10 17:13:46 -05:00
Jeremy C. Reed
02363b42ae This version of the manual corresponds to BIND version 9.10. 
Not 9.9
 2014-03-28 08:23:20 -05:00
Evan Hunt
5aae99fb1b [master] document behavior of localhost/localnets when interface changes 2014-03-25 20:08:04 -07:00
Evan Hunt
06236ea367 [master] work around db2latex bug by removing literal tag 2014-03-15 15:22:47 -07:00
Evan Hunt
997f513065 [master] whitespace 2014-03-10 11:57:02 -07:00
Evan Hunt
7b46a4aa41 [master] fix negative numbers in $GENERATE 
3780.	[bug]		$GENERATE handled negative numbers incorrectly.
			[RT #25528]
 2014-03-10 11:55:32 -07:00
Evan Hunt
78f79084fc [master] warn when wrong address family used in listen-on/-v6 
3778.	[bug]		Log a warning when the wrong address family is
			used in "listen-on" or "listen-on-v6". [RT #17848]
 2014-03-07 11:31:51 -08:00
Evan Hunt
3ef4b7383a [master] improved doc for "rndc signing -list" 
3769.   [doc]           Improved documentation of "rndc signing -list".
                        [RT #30652]
 2014-02-28 21:29:19 -08:00