mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity

Split negative and positive dig/mdig/delv options to support Sphinx 1.4.9

Browse Source 
Man pages for dig/mdig/delv used `.. option:: +[no]bla` to describe two
options at once, and very old Sphinx does not support that [] in option
names.

Solution is to split negative and positive options into `+bla, +nobla`
form. In the end it improves readability because it transforms hard to
read strings with double brackets from
`+[no]subnet=addr[/prefix-length]` to
`+subnet=addr[/prefix-length], +nosubnet`.

As a side-effect it also allows easier linking to dig/mdig/delv options
using their name directly instead of always overriding the link target
to `+[no]bla` form.

Transformation was done using regex:
    s/:: +\[no\]\(.*\)/:: +\1, +no\1
... and manual review around occurences matching regex
    +no.*=

Fixes: #3301
This commit is contained in:
Petr Špaček 2022-04-25 16:28:02 +02:00
parent 0d90b40bd2
commit 0342dddce7
No known key found for this signature in database
GPG Key ID: ABD587CDF06581AE
6 changed files with 238 additions and 238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
bin/delv/delv.rst
View File

@ -214,7 +214,7 @@ the string ``no`` to negate the meaning of that keyword. Other keywords
assign values to options like the timeout interval. They have the form
``+keyword=value``. The query options are:
.. option:: +[no]cdflag
.. option:: +cdflag, +nocdflag
This option controls whether to set the CD (checking disabled) bit in queries
sent by :program:`delv`. This may be useful when troubleshooting DNSSEC
@ -224,17 +224,17 @@ assign values to options like the timeout interval. They have the form
to return invalid responses, which :program:`delv` can then validate
internally and report the errors in detail.
.. option:: +[no]class
.. option:: +class, +noclass
This option controls whether to display the CLASS when printing a record. The
default is to display the CLASS.
.. option:: +[no]ttl
.. option:: +ttl, +nottl
This option controls whether to display the TTL when printing a record. The
default is to display the TTL.
.. option:: +[no]rtrace
.. option:: +rtrace, +nortrace
This option toggles resolver fetch logging. This reports the name and type of each
query sent by :program:`delv` in the process of carrying out the resolution
@ -247,7 +247,7 @@ assign values to options like the timeout interval. They have the form
:option:`-d` option produces the same output, but affects other
logging categories as well.
.. option:: +[no]mtrace
.. option:: +mtrace, +nomtrace
This option toggles message logging. This produces a detailed dump of the
responses received by :program:`delv` in the process of carrying out the
@ -258,7 +258,7 @@ assign values to options like the timeout interval. They have the form
debug level to 10 using the :option:`-d` option produces the same
output, but affects other logging categories as well.
.. option:: +[no]vtrace
.. option:: +vtrace, +novtrace
This option toggles validation logging. This shows the internal process of the
validator as it determines whether an answer is validly signed,
@ -269,23 +269,23 @@ assign values to options like the timeout interval. They have the form
systemwide debug level to 3 using the :option:`-d` option produces the
same output, but affects other logging categories as well.
.. option:: +[no]short
.. option:: +short, +noshort
This option toggles between verbose and terse answers. The default is to print the answer in a
verbose form.
.. option:: +[no]comments
.. option:: +comments, +nocomments
This option toggles the display of comment lines in the output. The default is to
print comments.
.. option:: +[no]rrcomments
.. option:: +rrcomments, +norrcomments
This option toggles the display of per-record comments in the output (for example,
human-readable key information about DNSKEY records). The default is
to print per-record comments.
.. option:: +[no]crypto
.. option:: +crypto, +nocrypto
This option toggles the display of cryptographic fields in DNSSEC records. The
contents of these fields are unnecessary to debug most DNSSEC
@ -294,12 +294,12 @@ assign values to options like the timeout interval. They have the form
they are replaced by the string ``[omitted]`` or, in the DNSKEY case, the
key ID is displayed as the replacement, e.g. ``[ key id = value ]``.
.. option:: +[no]trust
.. option:: +trust, +notrust
This option controls whether to display the trust level when printing a record.
The default is to display the trust level.
.. option:: +[no]split[=W]
.. option:: +split[=W], +nosplit
This option splits long hex- or base64-formatted fields in resource records into
chunks of ``W`` characters (where ``W`` is rounded up to the nearest
@ -307,19 +307,19 @@ assign values to options like the timeout interval. They have the form
split at all. The default is 56 characters, or 44 characters when
multiline mode is active.
.. option:: +[no]all
.. option:: +all, +noall
This option sets or clears the display options ``+[no]comments``,
``+[no]rrcomments``, and ``+[no]trust`` as a group.
.. option:: +[no]multiline
.. option:: +multiline, +nomultiline
This option prints long records (such as RRSIG, DNSKEY, and SOA records) in a
verbose multi-line format with human-readable comments. The default
is to print each record on a single line, to facilitate machine
parsing of the :program:`delv` output.
.. option:: +[no]dnssec
.. option:: +dnssec, +nodnssec
This option indicates whether to display RRSIG records in the :program:`delv` output.
The default is to do so. Note that (unlike in :iscman:`dig`) this does
@ -328,7 +328,7 @@ assign values to options like the timeout interval. They have the form
always occurs unless suppressed by the use of :option:`-i` or
``+noroot``.
.. option:: +[no]root[=ROOT]
.. option:: +root[=ROOT], +noroot
This option indicates whether to perform conventional DNSSEC validation, and if so,
specifies the name of a trust anchor. The default is to validate using a
@ -336,18 +336,18 @@ assign values to options like the timeout interval. They have the form
specifying a different trust anchor, then :option:`-a` must be used to specify a
file containing the key.
.. option:: +[no]tcp
.. option:: +tcp, +notcp
This option controls whether to use TCP when sending queries. The default is to
use UDP unless a truncated response has been received.
.. option:: +[no]unknownformat
.. option:: +unknownformat, +nounknownformat
This option prints all RDATA in unknown RR-type presentation format (:rfc:`3597`).
The default is to print RDATA for known types in the type's
presentation format.
.. option:: +[no]yaml
.. option:: +yaml, +noyaml
This option prints response data in YAML format.

134
bin/dig/dig.rst
View File

@ -227,20 +227,20 @@ assign values to options, like the timeout interval. They have the form
abbreviation is unambiguous; for example, ``+cd`` is equivalent to
``+cdflag``. The query options are:
.. option:: +[no]aaflag
.. option:: +aaflag, +noaaflag
This option is a synonym for ``+[no]aaonly``.
This option is a synonym for :option:`+aaonly`, :option:`+noaaonly`.
.. option:: +[no]aaonly
.. option:: +aaonly, +noaaonly
This option sets the ``aa`` flag in the query.
.. option:: +[no]additional
.. option:: +additional, +noadditional
This option displays [or does not display] the additional section of a reply. The
default is to display it.
.. option:: +[no]adflag
.. option:: +adflag, +noadflag
This option sets [or does not set] the AD (authentic data) bit in the query. This
requests the server to return whether all of the answer and authority
@ -250,26 +250,26 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
indicates that some part of the answer was insecure or not validated.
This bit is set by default.
.. option:: +[no]all
.. option:: +all, +noall
This option sets or clears all display flags.
.. option:: +[no]answer
.. option:: +answer, +noanswer
This option displays [or does not display] the answer section of a reply. The default
is to display it.
.. option:: +[no]authority
.. option:: +authority, +noauthority
This option displays [or does not display] the authority section of a reply. The
default is to display it.
.. option:: +[no]badcookie
.. option:: +badcookie, +nobadcookie
This option retries the lookup with a new server cookie if a BADCOOKIE response is
received.
.. option:: +[no]besteffort
.. option:: +besteffort, +nobesteffort
This option attempts to display the contents of messages which are malformed. The
default is to not display malformed answers.
@ -280,23 +280,23 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
``B`` bytes. The maximum and minimum sizes of this buffer are 65535 and
0, respectively. ``+bufsize`` restores the default buffer size.
.. option:: +[no]cdflag
.. option:: +cdflag, +nocdflag
This option sets [or does not set] the CD (checking disabled) bit in the query. This
requests the server to not perform DNSSEC validation of responses.
.. option:: +[no]class
.. option:: +class, +noclass
This option displays [or does not display] the CLASS when printing the record.
.. option:: +[no]cmd
.. option:: +cmd, +nocmd
This option toggles the printing of the initial comment in the output, identifying the
version of :program:`dig` and the query options that have been applied. This option
always has a global effect; it cannot be set globally and then overridden on a
per-lookup basis. The default is to print this comment.
.. option:: +[no]comments
.. option:: +comments, +nocomments
This option toggles the display of some comment lines in the output, with
information about the packet header and OPT pseudosection, and the names of
@ -306,7 +306,7 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
can be controlled using other command-line switches. These include
``+[no]cmd``, ``+[no]question``, ``+[no]stats``, and ``+[no]rrcomments``.
.. option:: +[no]cookie=####
.. option:: +cookie=####, +nocookie
This option sends [or does not send] a COOKIE EDNS option, with an optional value. Replaying a COOKIE
from a previous response allows the server to identify a previous
@ -315,7 +315,7 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
``+cookie`` is also set when ``+trace`` is set to better emulate the
default queries from a nameserver.
.. option:: +[no]crypto
.. option:: +crypto, +nocrypto
This option toggles the display of cryptographic fields in DNSSEC records. The
contents of these fields are unnecessary for debugging most DNSSEC
@ -324,15 +324,15 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
they are replaced by the string ``[omitted]`` or, in the DNSKEY case, the
key ID is displayed as the replacement, e.g. ``[ key id = value ]``.
.. option:: +[no]defname
.. option:: +defname, +nodefname
This option, which is deprecated, is treated as a synonym for ``+[no]search``.
.. option:: +[no]dns64prefix
.. option:: +dns64prefix, +nodns64prefix
Lookup IPV4ONLY.ARPA AAAA and print any DNS64 prefixes found.
.. option:: +[no]dnssec
.. option:: +dnssec, +nodnssec
This option requests that DNSSEC records be sent by setting the DNSSEC OK (DO) bit in
the OPT record in the additional section of the query.
@ -350,48 +350,48 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
code points are in the range [0...63]. By default no code point is
explicitly set.
.. option:: +[no]edns[=#]
.. option:: +edns[=#], +noedns
This option specifies the EDNS version to query with. Valid values are 0 to 255.
Setting the EDNS version causes an EDNS query to be sent.
``+noedns`` clears the remembered EDNS version. EDNS is set to 0 by
default.
.. option:: +[no]ednsflags[=#]
.. option:: +ednsflags[=#], +noednsflags
This option sets the must-be-zero EDNS flags bits (Z bits) to the specified value.
Decimal, hex, and octal encodings are accepted. Setting a named flag
(e.g., DO) is silently ignored. By default, no Z bits are set.
.. option:: +[no]ednsnegotiation
.. option:: +ednsnegotiation, +noednsnegotiation
This option enables/disables EDNS version negotiation. By default, EDNS version
negotiation is enabled.
.. option:: +[no]ednsopt[=code[:value]]
.. option:: +ednsopt[=code[:value]], +noednsopt
This option specifies the EDNS option with code point ``code`` and an optional payload
of ``value`` as a hexadecimal string. ``code`` can be either an EDNS
option name (for example, ``NSID`` or ``ECS``) or an arbitrary
numeric value. ``+noednsopt`` clears the EDNS options to be sent.
.. option:: +[no]expire
.. option:: +expire, +noexpire
This option sends an EDNS Expire option.
.. option:: +[no]fail
.. option:: +fail, +nofail
This option indicates that :iscman:`named` should try [or not try] the next server if a SERVFAIL is received. The default is
to not try the next server, which is the reverse of normal stub
resolver behavior.
.. option:: +[no]header-only
.. option:: +header-only, +noheader-only
This option sends a query with a DNS header without a question section. The
default is to add a question section. The query type and query name
are ignored when this is set.
.. option:: +[no]https[=value]
.. option:: +https[=value], +nohttps
This option indicates whether to use DNS over HTTPS (DoH) when querying
name servers. When this option is in use, the port number defaults to 443.
@ -401,37 +401,37 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
query URI; the default is ``/dns-query``. So, for example, ``dig
@example.com +https`` will use the URI ``https://example.com/dns-query``.
.. option:: +[no]https-get[=value]
.. option:: +https-get[=value], +nohttps-get
Similar to ``+https``, except that the HTTP GET request mode is used
when sending the query.
.. option:: +[no]https-post[=value]
.. option:: +https-post[=value], +nohttps-post
Same as ``+https``.
.. option:: +[no]http-plain[=value]
.. option:: +http-plain[=value], +nohttp-plain
Similar to ``+https``, except that HTTP queries will be sent over a
non-encrypted channel. When this option is in use, the port number
defaults to 80 and the HTTP request mode is POST.
.. option:: +[no]http-plain-get[=value]
.. option:: +http-plain-get[=value], +nohttp-plain-get
Similar to ``+http-plain``, except that the HTTP request mode is GET.
.. option:: +[no]http-plain-post[=value]
.. option:: +http-plain-post[=value], +nohttp-plain-post
Same as ``+http-plain``.
.. option:: +[no]identify
.. option:: +identify, +noidentify
This option shows [or does not show] the IP address and port number that
supplied the answer, when the ``+short`` option is enabled. If short
form answers are requested, the default is not to show the source
address and port number of the server that provided the answer.
.. option:: +[no]idnin
.. option:: +idnin, +noidnin
This option processes [or does not process] IDN domain names on input. This requires
``IDN SUPPORT`` to have been enabled at compile time.
@ -440,7 +440,7 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
The IDN processing on input is disabled when :program:`dig` output is redirected
to files, pipes, and other non-tty file descriptors.
.. option:: +[no]idnout
.. option:: +idnout, +noidnout
This option converts [or does not convert] puny code on output. This requires
``IDN SUPPORT`` to have been enabled at compile time.
@ -449,22 +449,22 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
a tty. The puny code processing on output is disabled when :program:`dig` output
is redirected to files, pipes, and other non-tty file descriptors.
.. option:: +[no]ignore
.. option:: +ignore, +noignore
This option ignores [or does not ignore] truncation in UDP responses instead of retrying with TCP. By
default, TCP retries are performed.
.. option:: +[no]keepalive
.. option:: +keepalive, +nokeepalive
This option sends [or does not send] an EDNS Keepalive option.
.. option:: +[no]keepopen
.. option:: +keepopen, +nokeepopen
This option keeps [or does not keep] the TCP socket open between queries, and reuses it rather than
creating a new TCP socket for each lookup. The default is
``+nokeepopen``.
.. option:: +[no]multiline
.. option:: +multiline, +nomultiline
This option prints [or does not print] records, like the SOA records, in a verbose multi-line format
with human-readable comments. The default is to print each record on
@ -480,23 +480,23 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
``search`` or ``domain`` directive in ``/etc/resolv.conf`` if
``+search`` is set.
.. option:: +[no]nsid
.. option:: +nsid, +nonsid
When enabled, this option includes an EDNS name server ID request when sending a query.
.. option:: +[no]nssearch
.. option:: +nssearch, +nonssearch
When this option is set, :program:`dig` attempts to find the authoritative
name servers for the zone containing the name being looked up, and
display the SOA record that each name server has for the zone.
Addresses of servers that did not respond are also printed.
.. option:: +[no]onesoa
.. option:: +onesoa, +noonesoa
When enabled, this option prints only one (starting) SOA record when performing an AXFR. The
default is to print both the starting and ending SOA records.
.. option:: +[no]opcode=value
.. option:: +opcode=value, +noopcode
When enabled, this option sets (restores) the DNS message opcode to the specified value. The
default value is QUERY (0).
@ -515,27 +515,27 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
This option specifies the query ID to use when sending queries.
.. option:: +[no]qr
.. option:: +qr, +noqr
This option toggles the display of the query message as it is sent. By default, the query
is not printed.
.. option:: +[no]question
.. option:: +question, +noquestion
This option toggles the display of the question section of a query when an answer is
returned. The default is to print the question section as a comment.
.. option:: +[no]raflag
.. option:: +raflag, +noraflag
This option sets [or does not set] the RA (Recursion Available) bit in the query. The
default is ``+noraflag``. This bit is ignored by the server for
QUERY.
.. option:: +[no]rdflag
.. option:: +rdflag, +nordflag
This option is a synonym for ``+[no]recurse``.
.. option:: +[no]recurse
.. option:: +recurse, +norecurse
This option toggles the setting of the RD (recursion desired) bit in the query.
This bit is set by default, which means :program:`dig` normally sends
@ -548,13 +548,13 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
instead of the default, 2. Unlike ``+tries``, this does not include
the initial query.
.. option:: +[no]rrcomments
.. option:: +rrcomments, +norrcomments
This option toggles the display of per-record comments in the output (for example,
human-readable key information about DNSKEY records). The default is
not to print record comments unless multiline mode is active.
.. option:: +[no]search
.. option:: +search, +nosearch
This option uses [or does not use] the search list defined by the searchlist or domain
directive in ``resolv.conf``, if any. The search list is not used by
@ -564,23 +564,23 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
``+ndots``, determines whether the name is treated as relative
and hence whether a search is eventually performed.
.. option:: +[no]short
.. option:: +short, +noshort
This option toggles whether a terse answer is provided. The default is to print the answer in a verbose
form. This option always has a global effect; it cannot be set globally and
then overridden on a per-lookup basis.
.. option:: +[no]showbadcookie
.. option:: +showbadcookie, +noshowbadcookie
This option toggles whether to show the message containing the
BADCOOKIE rcode before retrying the request or not. The default
is to not show the messages.
.. option:: +[no]showsearch
.. option:: +showsearch, +noshowsearch
This option performs [or does not perform] a search showing intermediate results.
.. option:: +[no]sigchase
.. option:: +sigchase, +nosigchase
This feature is now obsolete and has been removed; use :iscman:`delv`
instead.
@ -593,13 +593,13 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
split at all. The default is 56 characters, or 44 characters when
multiline mode is active.
.. option:: +[no]stats
.. option:: +stats, +nostats
This option toggles the printing of statistics: when the query was made, the size of the
reply, etc. The default behavior is to print the query statistics as a
comment after each lookup.
.. option:: +[no]subnet=addr[/prefix-length]
.. option:: +subnet=addr[/prefix-length], +nosubnet
This option sends [or does not send] an EDNS CLIENT-SUBNET option with the specified IP
address or network prefix.
@ -609,12 +609,12 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
prefix-length of zero, which signals a resolver that the client's
address information must *not* be used when resolving this query.
.. option:: +[no]tcflag
.. option:: +tcflag, +notcflag
This option sets [or does not set] the TC (TrunCation) bit in the query. The default is
``+notcflag``. This bit is ignored by the server for QUERY.
.. option:: +[no]tcp
.. option:: +tcp, +notcp
This option indicates whether to use TCP when querying name servers.
The default behavior is to use UDP unless a type ``any`` or ``ixfr=N``
@ -626,7 +626,7 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
This option sets the timeout for a query to ``T`` seconds. The default timeout is
5 seconds. An attempt to set ``T`` to less than 1 is silently set to 1.
.. option:: +[no]tls
.. option:: +tls, +notls
This option indicates whether to use DNS over TLS (DoT) when querying
name servers. When this option is in use, the port number defaults
@ -650,12 +650,12 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
server TLS certificate verification. Otherwise, the DNS server name
is used. This option has no effect if ``+tls-ca`` is not specified.
.. option:: +[no]topdown
.. option:: +topdown, +notopdown
This feature is related to ``dig +sigchase``, which is obsolete and
has been removed. Use :iscman:`delv` instead.
.. option:: +[no]trace
.. option:: +trace, +notrace
This option toggles tracing of the delegation path from the root name servers for
the name being looked up. Tracing is disabled by default. When
@ -681,34 +681,34 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to
This option formerly specified trusted keys for use with ``dig +sigchase``. This
feature is now obsolete and has been removed; use :iscman:`delv` instead.
.. option:: +[no]ttlid
.. option:: +ttlid, +nottlid
This option displays [or does not display] the TTL when printing the record.
.. option:: +[no]ttlunits
.. option:: +ttlunits, +nottlunits
This option displays [or does not display] the TTL in friendly human-readable time
units of ``s``, ``m``, ``h``, ``d``, and ``w``, representing seconds, minutes,
hours, days, and weeks. This implies ``+ttlid``.
.. option:: +[no]unknownformat
.. option:: +unknownformat, +nounknownformat
This option prints all RDATA in unknown RR type presentation format (:rfc:`3597`).
The default is to print RDATA for known types in the type's
presentation format.
.. option:: +[no]vc
.. option:: +vc, +novc
This option uses [or does not use] TCP when querying name servers. This alternate
syntax to ``+[no]tcp`` is provided for backwards compatibility. The
``vc`` stands for "virtual circuit."
.. option:: +[no]yaml
.. option:: +yaml, +noyaml
When enabled, this option prints the responses (and, if ``+qr`` is in use, also the
outgoing queries) in a detailed YAML format.
.. option:: +[no]zflag
.. option:: +zflag, +nozflag
This option sets [or does not set] the last unassigned DNS header flag in a DNS query.
This flag is off by default.

66
bin/tools/mdig.rst
View File

@ -111,26 +111,26 @@ Global Options
The global query options are:
.. option:: +[no]additional
.. option:: +additional, +noadditional
This option displays [or does not display] the additional section of a reply. The
default is to display it.
.. option:: +[no]all
.. option:: +all, +noall
This option sets or clears all display flags.
.. option:: +[no]answer
.. option:: +answer, +noanswer
This option displays [or does not display] the answer section of a reply. The default
is to display it.
.. option:: +[no]authority
.. option:: +authority, +noauthority
This option displays [or does not display] the authority section of a reply. The
default is to display it.
.. option:: +[no]besteffort
.. option:: +besteffort, +nobesteffort
This option attempts to display [or does not display] the contents of messages which are malformed. The
default is to not display malformed answers.
@ -139,20 +139,20 @@ The global query options are:
This option delays queries until the start of the next second.
.. option:: +[no]cl
.. option:: +cl, +nocl
This option displays [or does not display] the CLASS when printing the record.
.. option:: +[no]comments
.. option:: +comments, +nocomments
This option toggles the display of comment lines in the output. The default is to
print comments.
.. option:: +[no]continue
.. option:: +continue, +nocontinue
This option toggles continuation on errors (e.g. timeouts).
.. option:: +[no]crypto
.. option:: +crypto, +nocrypto
This option toggles the display of cryptographic fields in DNSSEC records. The
contents of these fields are unnecessary to debug most DNSSEC
@ -167,25 +167,25 @@ The global query options are:
code points are in the range [0...63]. By default no code point is
explicitly set.
.. option:: +[no]multiline
.. option:: +multiline, +nomultiline
This option toggles printing of records, like the SOA records, in a verbose multi-line format
with human-readable comments. The default is to print each record on
a single line, to facilitate machine parsing of the :program:`mdig` output.
.. option:: +[no]question
.. option:: +question, +noquestion
This option prints [or does not print] the question section of a query when an answer
is returned. The default is to print the question section as a
comment.
.. option:: +[no]rrcomments
.. option:: +rrcomments, +norrcomments
This option toggles the display of per-record comments in the output (for example,
human-readable key information about DNSKEY records). The default is
not to print record comments unless multiline mode is active.
.. option:: +[no]short
.. option:: +short, +noshort
This option provides [or does not provide] a terse answer. The default is to print the answer in a
verbose form.
@ -198,22 +198,22 @@ The global query options are:
split. The default is 56 characters, or 44 characters when
multiline mode is active.
.. option:: +[no]tcp
.. option:: +tcp, +notcp
This option uses [or does not use] TCP when querying name servers. The default behavior
is to use UDP.
.. option:: +[no]ttlid
.. option:: +ttlid, +nottlid
This option displays [or does not display] the TTL when printing the record.
.. option:: +[no]ttlunits
.. option:: +ttlunits, +nottlunits
This option displays [or does not display] the TTL in friendly human-readable time
units of "s", "m", "h", "d", and "w", representing seconds, minutes,
hours, days, and weeks. This implies +ttlid.
.. option:: +[no]vc
.. option:: +vc, +novc
This option uses [or does not use] TCP when querying name servers. This alternate
syntax to ``+[no]tcp`` is provided for backwards compatibility. The
@ -247,15 +247,15 @@ Local Options
The local query options are:
.. option:: +[no]aaflag
.. option:: +aaflag, +noaaflag
This is a synonym for ``+[no]aaonly``.
.. option:: +[no]aaonly
.. option:: +aaonly, +noaaonly
This sets the ``aa`` flag in the query.
.. option:: +[no]adflag
.. option:: +adflag, +noadflag
This sets [or does not set] the AD (authentic data) bit in the query. This
requests the server to return whether all of the answer and authority
@ -273,50 +273,50 @@ The local query options are:
appropriately. Values other than zero cause a EDNS query to be
sent.
.. option:: +[no]cdflag
.. option:: +cdflag, +nocdflag
This sets [or does not set] the CD (checking disabled) bit in the query. This
requests the server to not perform DNSSEC validation of responses.
.. option:: +[no]cookie=####
.. option:: +cookie=####, +nocookie
This sends [or does not send] a COOKIE EDNS option, with an optional value. Replaying a COOKIE
from a previous response allows the server to identify a previous
client. The default is ``+nocookie``.
.. option:: +[no]dnssec
.. option:: +dnssec, +nodnssec
This requests that DNSSEC records be sent by setting the DNSSEC OK (DO) bit in
the OPT record in the additional section of the query.
.. option:: +[no]edns[=#]
.. option:: +edns[=#], +noedns
This specifies [or does not specify] the EDNS version to query with. Valid values are 0 to 255.
Setting the EDNS version causes an EDNS query to be sent.
``+noedns`` clears the remembered EDNS version. EDNS is set to 0 by
default.
.. option:: +[no]ednsflags[=#]
.. option:: +ednsflags[=#], +noednsflags
This sets the must-be-zero EDNS flag bits (Z bits) to the specified value.
Decimal, hex, and octal encodings are accepted. Setting a named flag
(e.g. DO) is silently ignored. By default, no Z bits are set.
.. option:: +[no]ednsopt[=code[:value]]
.. option:: +ednsopt[=code[:value]], +noednsopt
This specifies [or does not specify] an EDNS option with code point ``code`` and an optional payload
of ``value`` as a hexadecimal string. ``+noednsopt`` clears the EDNS
options to be sent.
.. option:: +[no]expire
.. option:: +expire, +noexpire
This toggles sending of an EDNS Expire option.
.. option:: +[no]nsid
.. option:: +nsid, +nonsid
This toggles inclusion of an EDNS name server ID request when sending a query.
.. option:: +[no]recurse
.. option:: +recurse, +norecurse
This toggles the setting of the RD (recursion desired) bit in the query.
This bit is set by default, which means :program:`mdig` normally sends
@ -328,7 +328,7 @@ The local query options are:
instead of the default, 2. Unlike ``+tries``, this does not include
the initial query.
.. option:: +[no]subnet=addr[/prefix-length]
.. option:: +subnet=addr[/prefix-length], +nosubnet
This sends [or does not send] an EDNS Client Subnet option with the specified IP
address or network prefix.
@ -355,17 +355,17 @@ The local query options are:
This sets the timeout between UDP query retries to ``T``.
.. option:: +[no]unknownformat
.. option:: +unknownformat, +nounknownformat
This prints [or does not print] all RDATA in unknown RR-type presentation format (see :rfc:`3597`).
The default is to print RDATA for known types in the type's
presentation format.
.. option:: +[no]yaml
.. option:: +yaml, +noyaml
This toggles printing of the responses in a detailed YAML format.
.. option:: +[no]zflag
.. option:: +zflag, +nozflag
This sets [or does not set] the last unassigned DNS header flag in a DNS query.
This flag is off by default.

38
doc/man/delv.1in
View File

@ -241,7 +241,7 @@ assign values to options like the timeout interval. They have the form
\fB+keyword=value\fP\&. The query options are:
.INDENT 0.0
.TP
.B +[no]cdflag
.B +cdflag, +nocdflag
This option controls whether to set the CD (checking disabled) bit in queries
sent by \fBdelv\fP\&. This may be useful when troubleshooting DNSSEC
problems from behind a validating resolver. A validating resolver
@ -252,19 +252,19 @@ internally and report the errors in detail.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]class
.B +class, +noclass
This option controls whether to display the CLASS when printing a record. The
default is to display the CLASS.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ttl
.B +ttl, +nottl
This option controls whether to display the TTL when printing a record. The
default is to display the TTL.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]rtrace
.B +rtrace, +nortrace
This option toggles resolver fetch logging. This reports the name and type of each
query sent by \fBdelv\fP in the process of carrying out the resolution
and validation process, including the original query
@ -278,7 +278,7 @@ logging categories as well.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]mtrace
.B +mtrace, +nomtrace
This option toggles message logging. This produces a detailed dump of the
responses received by \fBdelv\fP in the process of carrying out the
resolution and validation process.
@ -290,7 +290,7 @@ output, but affects other logging categories as well.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]vtrace
.B +vtrace, +novtrace
This option toggles validation logging. This shows the internal process of the
validator as it determines whether an answer is validly signed,
unsigned, or invalid.
@ -302,26 +302,26 @@ same output, but affects other logging categories as well.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]short
.B +short, +noshort
This option toggles between verbose and terse answers. The default is to print the answer in a
verbose form.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]comments
.B +comments, +nocomments
This option toggles the display of comment lines in the output. The default is to
print comments.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]rrcomments
.B +rrcomments, +norrcomments
This option toggles the display of per\-record comments in the output (for example,
human\-readable key information about DNSKEY records). The default is
to print per\-record comments.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]crypto
.B +crypto, +nocrypto
This option toggles the display of cryptographic fields in DNSSEC records. The
contents of these fields are unnecessary to debug most DNSSEC
validation failures and removing them makes it easier to see the
@ -331,13 +331,13 @@ key ID is displayed as the replacement, e.g. \fB[ key id = value ]\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]trust
.B +trust, +notrust
This option controls whether to display the trust level when printing a record.
The default is to display the trust level.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]split[=W]
.B +split[=W], +nosplit
This option splits long hex\- or base64\-formatted fields in resource records into
chunks of \fBW\fP characters (where \fBW\fP is rounded up to the nearest
multiple of 4). \fB+nosplit\fP or \fB+split=0\fP causes fields not to be
@ -346,13 +346,13 @@ multiline mode is active.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]all
.B +all, +noall
This option sets or clears the display options \fB+[no]comments\fP,
\fB+[no]rrcomments\fP, and \fB+[no]trust\fP as a group.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]multiline
.B +multiline, +nomultiline
This option prints long records (such as RRSIG, DNSKEY, and SOA records) in a
verbose multi\-line format with human\-readable comments. The default
is to print each record on a single line, to facilitate machine
@ -360,7 +360,7 @@ parsing of the \fBdelv\fP output.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]dnssec
.B +dnssec, +nodnssec
This option indicates whether to display RRSIG records in the \fBdelv\fP output.
The default is to do so. Note that (unlike in \fI\%dig\fP) this does
\fInot\fP control whether to request DNSSEC records or to
@ -370,7 +370,7 @@ always occurs unless suppressed by the use of \fI\%\-i\fP or
.UNINDENT
.INDENT 0.0
.TP
.B +[no]root[=ROOT]
.B +root[=ROOT], +noroot
This option indicates whether to perform conventional DNSSEC validation, and if so,
specifies the name of a trust anchor. The default is to validate using a
trust anchor of "." (the root zone), for which there is a built\-in key. If
@ -379,20 +379,20 @@ file containing the key.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]tcp
.B +tcp, +notcp
This option controls whether to use TCP when sending queries. The default is to
use UDP unless a truncated response has been received.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]unknownformat
.B +unknownformat, +nounknownformat
This option prints all RDATA in unknown RR\-type presentation format (\fI\%RFC 3597\fP).
The default is to print RDATA for known types in the type\(aqs
presentation format.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]yaml
.B +yaml, +noyaml
This option prints response data in YAML format.
.UNINDENT
.SH FILES

134
doc/man/dig.1in
View File

@ -262,23 +262,23 @@ abbreviation is unambiguous; for example, \fB+cd\fP is equivalent to
\fB+cdflag\fP\&. The query options are:
.INDENT 0.0
.TP
.B +[no]aaflag
This option is a synonym for \fB+[no]aaonly\fP\&.
.B +aaflag, +noaaflag
This option is a synonym for \fI\%+aaonly\fP, \fI\%+noaaonly\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]aaonly
.B +aaonly, +noaaonly
This option sets the \fBaa\fP flag in the query.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]additional
.B +additional, +noadditional
This option displays [or does not display] the additional section of a reply. The
default is to display it.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]adflag
.B +adflag, +noadflag
This option sets [or does not set] the AD (authentic data) bit in the query. This
requests the server to return whether all of the answer and authority
sections have been validated as secure, according to the security
@ -289,30 +289,30 @@ This bit is set by default.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]all
.B +all, +noall
This option sets or clears all display flags.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]answer
.B +answer, +noanswer
This option displays [or does not display] the answer section of a reply. The default
is to display it.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]authority
.B +authority, +noauthority
This option displays [or does not display] the authority section of a reply. The
default is to display it.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]badcookie
.B +badcookie, +nobadcookie
This option retries the lookup with a new server cookie if a BADCOOKIE response is
received.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]besteffort
.B +besteffort, +nobesteffort
This option attempts to display the contents of messages which are malformed. The
default is to not display malformed answers.
.UNINDENT
@ -325,18 +325,18 @@ This option sets the UDP message buffer size advertised using EDNS0 to
.UNINDENT
.INDENT 0.0
.TP
.B +[no]cdflag
.B +cdflag, +nocdflag
This option sets [or does not set] the CD (checking disabled) bit in the query. This
requests the server to not perform DNSSEC validation of responses.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]class
.B +class, +noclass
This option displays [or does not display] the CLASS when printing the record.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]cmd
.B +cmd, +nocmd
This option toggles the printing of the initial comment in the output, identifying the
version of \fBdig\fP and the query options that have been applied. This option
always has a global effect; it cannot be set globally and then overridden on a
@ -344,7 +344,7 @@ per\-lookup basis. The default is to print this comment.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]comments
.B +comments, +nocomments
This option toggles the display of some comment lines in the output, with
information about the packet header and OPT pseudosection, and the names of
the response section. The default is to print these comments.
@ -355,7 +355,7 @@ can be controlled using other command\-line switches. These include
.UNINDENT
.INDENT 0.0
.TP
.B +[no]cookie=####
.B +cookie=####, +nocookie
This option sends [or does not send] a COOKIE EDNS option, with an optional value. Replaying a COOKIE
from a previous response allows the server to identify a previous
client. The default is \fB+cookie\fP\&.
@ -365,7 +365,7 @@ default queries from a nameserver.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]crypto
.B +crypto, +nocrypto
This option toggles the display of cryptographic fields in DNSSEC records. The
contents of these fields are unnecessary for debugging most DNSSEC
validation failures and removing them makes it easier to see the
@ -375,17 +375,17 @@ key ID is displayed as the replacement, e.g. \fB[ key id = value ]\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]defname
.B +defname, +nodefname
This option, which is deprecated, is treated as a synonym for \fB+[no]search\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]dns64prefix
.B +dns64prefix, +nodns64prefix
Lookup IPV4ONLY.ARPA AAAA and print any DNS64 prefixes found.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]dnssec
.B +dnssec, +nodnssec
This option requests that DNSSEC records be sent by setting the DNSSEC OK (DO) bit in
the OPT record in the additional section of the query.
.UNINDENT
@ -406,7 +406,7 @@ explicitly set.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]edns[=#]
.B +edns[=#], +noedns
This option specifies the EDNS version to query with. Valid values are 0 to 255.
Setting the EDNS version causes an EDNS query to be sent.
\fB+noedns\fP clears the remembered EDNS version. EDNS is set to 0 by
@ -414,20 +414,20 @@ default.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ednsflags[=#]
.B +ednsflags[=#], +noednsflags
This option sets the must\-be\-zero EDNS flags bits (Z bits) to the specified value.
Decimal, hex, and octal encodings are accepted. Setting a named flag
(e.g., DO) is silently ignored. By default, no Z bits are set.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ednsnegotiation
.B +ednsnegotiation, +noednsnegotiation
This option enables/disables EDNS version negotiation. By default, EDNS version
negotiation is enabled.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ednsopt[=code[:value]]
.B +ednsopt[=code[:value]], +noednsopt
This option specifies the EDNS option with code point \fBcode\fP and an optional payload
of \fBvalue\fP as a hexadecimal string. \fBcode\fP can be either an EDNS
option name (for example, \fBNSID\fP or \fBECS\fP) or an arbitrary
@ -435,26 +435,26 @@ numeric value. \fB+noednsopt\fP clears the EDNS options to be sent.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]expire
.B +expire, +noexpire
This option sends an EDNS Expire option.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]fail
.B +fail, +nofail
This option indicates that \fI\%named\fP should try [or not try] the next server if a SERVFAIL is received. The default is
to not try the next server, which is the reverse of normal stub
resolver behavior.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]header\-only
.B +header\-only, +noheader\-only
This option sends a query with a DNS header without a question section. The
default is to add a question section. The query type and query name
are ignored when this is set.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]https[=value]
.B +https[=value], +nohttps
This option indicates whether to use DNS over HTTPS (DoH) when querying
name servers. When this option is in use, the port number defaults to 443.
The HTTP POST request mode is used when sending the query.
@ -465,35 +465,35 @@ query URI; the default is \fB/dns\-query\fP\&. So, for example, \fBdig
.UNINDENT
.INDENT 0.0
.TP
.B +[no]https\-get[=value]
.B +https\-get[=value], +nohttps\-get
Similar to \fB+https\fP, except that the HTTP GET request mode is used
when sending the query.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]https\-post[=value]
.B +https\-post[=value], +nohttps\-post
Same as \fB+https\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]http\-plain[=value]
.B +http\-plain[=value], +nohttp\-plain
Similar to \fB+https\fP, except that HTTP queries will be sent over a
non\-encrypted channel. When this option is in use, the port number
defaults to 80 and the HTTP request mode is POST.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]http\-plain\-get[=value]
.B +http\-plain\-get[=value], +nohttp\-plain\-get
Similar to \fB+http\-plain\fP, except that the HTTP request mode is GET.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]http\-plain\-post[=value]
.B +http\-plain\-post[=value], +nohttp\-plain\-post
Same as \fB+http\-plain\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]identify
.B +identify, +noidentify
This option shows [or does not show] the IP address and port number that
supplied the answer, when the \fB+short\fP option is enabled. If short
form answers are requested, the default is not to show the source
@ -501,7 +501,7 @@ address and port number of the server that provided the answer.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]idnin
.B +idnin, +noidnin
This option processes [or does not process] IDN domain names on input. This requires
\fBIDN SUPPORT\fP to have been enabled at compile time.
.sp
@ -511,7 +511,7 @@ to files, pipes, and other non\-tty file descriptors.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]idnout
.B +idnout, +noidnout
This option converts [or does not convert] puny code on output. This requires
\fBIDN SUPPORT\fP to have been enabled at compile time.
.sp
@ -521,25 +521,25 @@ is redirected to files, pipes, and other non\-tty file descriptors.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ignore
.B +ignore, +noignore
This option ignores [or does not ignore] truncation in UDP responses instead of retrying with TCP. By
default, TCP retries are performed.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]keepalive
.B +keepalive, +nokeepalive
This option sends [or does not send] an EDNS Keepalive option.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]keepopen
.B +keepopen, +nokeepopen
This option keeps [or does not keep] the TCP socket open between queries, and reuses it rather than
creating a new TCP socket for each lookup. The default is
\fB+nokeepopen\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]multiline
.B +multiline, +nomultiline
This option prints [or does not print] records, like the SOA records, in a verbose multi\-line format
with human\-readable comments. The default is to print each record on
a single line to facilitate machine parsing of the \fBdig\fP output.
@ -557,12 +557,12 @@ relative names, and are searched for in the domains listed in the
.UNINDENT
.INDENT 0.0
.TP
.B +[no]nsid
.B +nsid, +nonsid
When enabled, this option includes an EDNS name server ID request when sending a query.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]nssearch
.B +nssearch, +nonssearch
When this option is set, \fBdig\fP attempts to find the authoritative
name servers for the zone containing the name being looked up, and
display the SOA record that each name server has for the zone.
@ -570,13 +570,13 @@ Addresses of servers that did not respond are also printed.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]onesoa
.B +onesoa, +noonesoa
When enabled, this option prints only one (starting) SOA record when performing an AXFR. The
default is to print both the starting and ending SOA records.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]opcode=value
.B +opcode=value, +noopcode
When enabled, this option sets (restores) the DNS message opcode to the specified value. The
default value is QUERY (0).
.UNINDENT
@ -598,31 +598,31 @@ This option specifies the query ID to use when sending queries.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]qr
.B +qr, +noqr
This option toggles the display of the query message as it is sent. By default, the query
is not printed.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]question
.B +question, +noquestion
This option toggles the display of the question section of a query when an answer is
returned. The default is to print the question section as a comment.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]raflag
.B +raflag, +noraflag
This option sets [or does not set] the RA (Recursion Available) bit in the query. The
default is \fB+noraflag\fP\&. This bit is ignored by the server for
QUERY.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]rdflag
.B +rdflag, +nordflag
This option is a synonym for \fB+[no]recurse\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]recurse
.B +recurse, +norecurse
This option toggles the setting of the RD (recursion desired) bit in the query.
This bit is set by default, which means \fBdig\fP normally sends
recursive queries. Recursion is automatically disabled when the
@ -637,14 +637,14 @@ the initial query.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]rrcomments
.B +rrcomments, +norrcomments
This option toggles the display of per\-record comments in the output (for example,
human\-readable key information about DNSKEY records). The default is
not to print record comments unless multiline mode is active.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]search
.B +search, +nosearch
This option uses [or does not use] the search list defined by the searchlist or domain
directive in \fBresolv.conf\fP, if any. The search list is not used by
default.
@ -655,26 +655,26 @@ and hence whether a search is eventually performed.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]short
.B +short, +noshort
This option toggles whether a terse answer is provided. The default is to print the answer in a verbose
form. This option always has a global effect; it cannot be set globally and
then overridden on a per\-lookup basis.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]showbadcookie
.B +showbadcookie, +noshowbadcookie
This option toggles whether to show the message containing the
BADCOOKIE rcode before retrying the request or not. The default
is to not show the messages.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]showsearch
.B +showsearch, +noshowsearch
This option performs [or does not perform] a search showing intermediate results.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]sigchase
.B +sigchase, +nosigchase
This feature is now obsolete and has been removed; use \fI\%delv\fP
instead.
.UNINDENT
@ -689,14 +689,14 @@ multiline mode is active.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]stats
.B +stats, +nostats
This option toggles the printing of statistics: when the query was made, the size of the
reply, etc. The default behavior is to print the query statistics as a
comment after each lookup.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]subnet=addr[/prefix\-length]
.B +subnet=addr[/prefix\-length], +nosubnet
This option sends [or does not send] an EDNS CLIENT\-SUBNET option with the specified IP
address or network prefix.
.sp
@ -707,13 +707,13 @@ address information must \fInot\fP be used when resolving this query.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]tcflag
.B +tcflag, +notcflag
This option sets [or does not set] the TC (TrunCation) bit in the query. The default is
\fB+notcflag\fP\&. This bit is ignored by the server for QUERY.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]tcp
.B +tcp, +notcp
This option indicates whether to use TCP when querying name servers.
The default behavior is to use UDP unless a type \fBany\fP or \fBixfr=N\fP
query is requested, in which case the default is TCP. AXFR queries
@ -727,7 +727,7 @@ This option sets the timeout for a query to \fBT\fP seconds. The default timeout
.UNINDENT
.INDENT 0.0
.TP
.B +[no]tls
.B +tls, +notls
This option indicates whether to use DNS over TLS (DoT) when querying
name servers. When this option is in use, the port number defaults
to 853.
@ -754,13 +754,13 @@ is used. This option has no effect if \fB+tls\-ca\fP is not specified.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]topdown
.B +topdown, +notopdown
This feature is related to \fBdig +sigchase\fP, which is obsolete and
has been removed. Use \fI\%delv\fP instead.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]trace
.B +trace, +notrace
This option toggles tracing of the delegation path from the root name servers for
the name being looked up. Tracing is disabled by default. When
tracing is enabled, \fBdig\fP makes iterative queries to resolve the
@ -789,39 +789,39 @@ feature is now obsolete and has been removed; use \fI\%delv\fP instead.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ttlid
.B +ttlid, +nottlid
This option displays [or does not display] the TTL when printing the record.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ttlunits
.B +ttlunits, +nottlunits
This option displays [or does not display] the TTL in friendly human\-readable time
units of \fBs\fP, \fBm\fP, \fBh\fP, \fBd\fP, and \fBw\fP, representing seconds, minutes,
hours, days, and weeks. This implies \fB+ttlid\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]unknownformat
.B +unknownformat, +nounknownformat
This option prints all RDATA in unknown RR type presentation format (\fI\%RFC 3597\fP).
The default is to print RDATA for known types in the type\(aqs
presentation format.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]vc
.B +vc, +novc
This option uses [or does not use] TCP when querying name servers. This alternate
syntax to \fB+[no]tcp\fP is provided for backwards compatibility. The
\fBvc\fP stands for "virtual circuit."
.UNINDENT
.INDENT 0.0
.TP
.B +[no]yaml
.B +yaml, +noyaml
When enabled, this option prints the responses (and, if \fB+qr\fP is in use, also the
outgoing queries) in a detailed YAML format.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]zflag
.B +zflag, +nozflag
This option sets [or does not set] the last unassigned DNS header flag in a DNS query.
This flag is off by default.
.UNINDENT

66
doc/man/mdig.1in
View File

@ -125,30 +125,30 @@ queries on a non\-standard port number.
The global query options are:
.INDENT 0.0
.TP
.B +[no]additional
.B +additional, +noadditional
This option displays [or does not display] the additional section of a reply. The
default is to display it.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]all
.B +all, +noall
This option sets or clears all display flags.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]answer
.B +answer, +noanswer
This option displays [or does not display] the answer section of a reply. The default
is to display it.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]authority
.B +authority, +noauthority
This option displays [or does not display] the authority section of a reply. The
default is to display it.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]besteffort
.B +besteffort, +nobesteffort
This option attempts to display [or does not display] the contents of messages which are malformed. The
default is to not display malformed answers.
.UNINDENT
@ -159,23 +159,23 @@ This option delays queries until the start of the next second.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]cl
.B +cl, +nocl
This option displays [or does not display] the CLASS when printing the record.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]comments
.B +comments, +nocomments
This option toggles the display of comment lines in the output. The default is to
print comments.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]continue
.B +continue, +nocontinue
This option toggles continuation on errors (e.g. timeouts).
.UNINDENT
.INDENT 0.0
.TP
.B +[no]crypto
.B +crypto, +nocrypto
This option toggles the display of cryptographic fields in DNSSEC records. The
contents of these fields are unnecessary to debug most DNSSEC
validation failures and removing them makes it easier to see the
@ -192,28 +192,28 @@ explicitly set.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]multiline
.B +multiline, +nomultiline
This option toggles printing of records, like the SOA records, in a verbose multi\-line format
with human\-readable comments. The default is to print each record on
a single line, to facilitate machine parsing of the \fBmdig\fP output.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]question
.B +question, +noquestion
This option prints [or does not print] the question section of a query when an answer
is returned. The default is to print the question section as a
comment.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]rrcomments
.B +rrcomments, +norrcomments
This option toggles the display of per\-record comments in the output (for example,
human\-readable key information about DNSKEY records). The default is
not to print record comments unless multiline mode is active.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]short
.B +short, +noshort
This option provides [or does not provide] a terse answer. The default is to print the answer in a
verbose form.
.UNINDENT
@ -228,25 +228,25 @@ multiline mode is active.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]tcp
.B +tcp, +notcp
This option uses [or does not use] TCP when querying name servers. The default behavior
is to use UDP.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ttlid
.B +ttlid, +nottlid
This option displays [or does not display] the TTL when printing the record.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ttlunits
.B +ttlunits, +nottlunits
This option displays [or does not display] the TTL in friendly human\-readable time
units of "s", "m", "h", "d", and "w", representing seconds, minutes,
hours, days, and weeks. This implies +ttlid.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]vc
.B +vc, +novc
This option uses [or does not use] TCP when querying name servers. This alternate
syntax to \fB+[no]tcp\fP is provided for backwards compatibility. The
\fBvc\fP stands for "virtual circuit".
@ -282,17 +282,17 @@ domain.
The local query options are:
.INDENT 0.0
.TP
.B +[no]aaflag
.B +aaflag, +noaaflag
This is a synonym for \fB+[no]aaonly\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]aaonly
.B +aaonly, +noaaonly
This sets the \fBaa\fP flag in the query.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]adflag
.B +adflag, +noadflag
This sets [or does not set] the AD (authentic data) bit in the query. This
requests the server to return whether all of the answer and authority
sections have all been validated as secure, according to the security
@ -312,26 +312,26 @@ sent.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]cdflag
.B +cdflag, +nocdflag
This sets [or does not set] the CD (checking disabled) bit in the query. This
requests the server to not perform DNSSEC validation of responses.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]cookie=####
.B +cookie=####, +nocookie
This sends [or does not send] a COOKIE EDNS option, with an optional value. Replaying a COOKIE
from a previous response allows the server to identify a previous
client. The default is \fB+nocookie\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]dnssec
.B +dnssec, +nodnssec
This requests that DNSSEC records be sent by setting the DNSSEC OK (DO) bit in
the OPT record in the additional section of the query.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]edns[=#]
.B +edns[=#], +noedns
This specifies [or does not specify] the EDNS version to query with. Valid values are 0 to 255.
Setting the EDNS version causes an EDNS query to be sent.
\fB+noedns\fP clears the remembered EDNS version. EDNS is set to 0 by
@ -339,31 +339,31 @@ default.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ednsflags[=#]
.B +ednsflags[=#], +noednsflags
This sets the must\-be\-zero EDNS flag bits (Z bits) to the specified value.
Decimal, hex, and octal encodings are accepted. Setting a named flag
(e.g. DO) is silently ignored. By default, no Z bits are set.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]ednsopt[=code[:value]]
.B +ednsopt[=code[:value]], +noednsopt
This specifies [or does not specify] an EDNS option with code point \fBcode\fP and an optional payload
of \fBvalue\fP as a hexadecimal string. \fB+noednsopt\fP clears the EDNS
options to be sent.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]expire
.B +expire, +noexpire
This toggles sending of an EDNS Expire option.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]nsid
.B +nsid, +nonsid
This toggles inclusion of an EDNS name server ID request when sending a query.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]recurse
.B +recurse, +norecurse
This toggles the setting of the RD (recursion desired) bit in the query.
This bit is set by default, which means \fBmdig\fP normally sends
recursive queries.
@ -377,7 +377,7 @@ the initial query.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]subnet=addr[/prefix\-length]
.B +subnet=addr[/prefix\-length], +nosubnet
This sends [or does not send] an EDNS Client Subnet option with the specified IP
address or network prefix.
.UNINDENT
@ -410,19 +410,19 @@ This sets the timeout between UDP query retries to \fBT\fP\&.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]unknownformat
.B +unknownformat, +nounknownformat
This prints [or does not print] all RDATA in unknown RR\-type presentation format (see \fI\%RFC 3597\fP).
The default is to print RDATA for known types in the type\(aqs
presentation format.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]yaml
.B +yaml, +noyaml
This toggles printing of the responses in a detailed YAML format.
.UNINDENT
.INDENT 0.0
.TP
.B +[no]zflag
.B +zflag, +nozflag
This sets [or does not set] the last unassigned DNS header flag in a DNS query.
This flag is off by default.
.UNINDENT