From 0342dddce7c68cd92710bad6eb0c43323b95d420 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0pa=C4=8Dek?= Date: Mon, 25 Apr 2022 16:28:02 +0200 Subject: [PATCH] Split negative and positive dig/mdig/delv options to support Sphinx 1.4.9 Man pages for dig/mdig/delv used `.. option:: +[no]bla` to describe two options at once, and very old Sphinx does not support that [] in option names. Solution is to split negative and positive options into `+bla, +nobla` form. In the end it improves readability because it transforms hard to read strings with double brackets from `+[no]subnet=addr[/prefix-length]` to `+subnet=addr[/prefix-length], +nosubnet`. As a side-effect it also allows easier linking to dig/mdig/delv options using their name directly instead of always overriding the link target to `+[no]bla` form. Transformation was done using regex: s/:: +\[no\]\(.*\)/:: +\1, +no\1 ... and manual review around occurences matching regex +no.*= Fixes: #3301 --- bin/delv/delv.rst | 38 ++++++------- bin/dig/dig.rst | 134 ++++++++++++++++++++++----------------------- bin/tools/mdig.rst | 66 +++++++++++----------- doc/man/delv.1in | 38 ++++++------- doc/man/dig.1in | 134 ++++++++++++++++++++++----------------------- doc/man/mdig.1in | 66 +++++++++++----------- 6 files changed, 238 insertions(+), 238 deletions(-) diff --git a/bin/delv/delv.rst b/bin/delv/delv.rst index 3d06448563..5fe6f32287 100644 --- a/bin/delv/delv.rst +++ b/bin/delv/delv.rst @@ -214,7 +214,7 @@ the string ``no`` to negate the meaning of that keyword. Other keywords assign values to options like the timeout interval. They have the form ``+keyword=value``. The query options are: -.. option:: +[no]cdflag +.. option:: +cdflag, +nocdflag This option controls whether to set the CD (checking disabled) bit in queries sent by :program:`delv`. This may be useful when troubleshooting DNSSEC @@ -224,17 +224,17 @@ assign values to options like the timeout interval. They have the form to return invalid responses, which :program:`delv` can then validate internally and report the errors in detail. -.. option:: +[no]class +.. option:: +class, +noclass This option controls whether to display the CLASS when printing a record. The default is to display the CLASS. -.. option:: +[no]ttl +.. option:: +ttl, +nottl This option controls whether to display the TTL when printing a record. The default is to display the TTL. -.. option:: +[no]rtrace +.. option:: +rtrace, +nortrace This option toggles resolver fetch logging. This reports the name and type of each query sent by :program:`delv` in the process of carrying out the resolution @@ -247,7 +247,7 @@ assign values to options like the timeout interval. They have the form :option:`-d` option produces the same output, but affects other logging categories as well. -.. option:: +[no]mtrace +.. option:: +mtrace, +nomtrace This option toggles message logging. This produces a detailed dump of the responses received by :program:`delv` in the process of carrying out the @@ -258,7 +258,7 @@ assign values to options like the timeout interval. They have the form debug level to 10 using the :option:`-d` option produces the same output, but affects other logging categories as well. -.. option:: +[no]vtrace +.. option:: +vtrace, +novtrace This option toggles validation logging. This shows the internal process of the validator as it determines whether an answer is validly signed, @@ -269,23 +269,23 @@ assign values to options like the timeout interval. They have the form systemwide debug level to 3 using the :option:`-d` option produces the same output, but affects other logging categories as well. -.. option:: +[no]short +.. option:: +short, +noshort This option toggles between verbose and terse answers. The default is to print the answer in a verbose form. -.. option:: +[no]comments +.. option:: +comments, +nocomments This option toggles the display of comment lines in the output. The default is to print comments. -.. option:: +[no]rrcomments +.. option:: +rrcomments, +norrcomments This option toggles the display of per-record comments in the output (for example, human-readable key information about DNSKEY records). The default is to print per-record comments. -.. option:: +[no]crypto +.. option:: +crypto, +nocrypto This option toggles the display of cryptographic fields in DNSSEC records. The contents of these fields are unnecessary to debug most DNSSEC @@ -294,12 +294,12 @@ assign values to options like the timeout interval. They have the form they are replaced by the string ``[omitted]`` or, in the DNSKEY case, the key ID is displayed as the replacement, e.g. ``[ key id = value ]``. -.. option:: +[no]trust +.. option:: +trust, +notrust This option controls whether to display the trust level when printing a record. The default is to display the trust level. -.. option:: +[no]split[=W] +.. option:: +split[=W], +nosplit This option splits long hex- or base64-formatted fields in resource records into chunks of ``W`` characters (where ``W`` is rounded up to the nearest @@ -307,19 +307,19 @@ assign values to options like the timeout interval. They have the form split at all. The default is 56 characters, or 44 characters when multiline mode is active. -.. option:: +[no]all +.. option:: +all, +noall This option sets or clears the display options ``+[no]comments``, ``+[no]rrcomments``, and ``+[no]trust`` as a group. -.. option:: +[no]multiline +.. option:: +multiline, +nomultiline This option prints long records (such as RRSIG, DNSKEY, and SOA records) in a verbose multi-line format with human-readable comments. The default is to print each record on a single line, to facilitate machine parsing of the :program:`delv` output. -.. option:: +[no]dnssec +.. option:: +dnssec, +nodnssec This option indicates whether to display RRSIG records in the :program:`delv` output. The default is to do so. Note that (unlike in :iscman:`dig`) this does @@ -328,7 +328,7 @@ assign values to options like the timeout interval. They have the form always occurs unless suppressed by the use of :option:`-i` or ``+noroot``. -.. option:: +[no]root[=ROOT] +.. option:: +root[=ROOT], +noroot This option indicates whether to perform conventional DNSSEC validation, and if so, specifies the name of a trust anchor. The default is to validate using a @@ -336,18 +336,18 @@ assign values to options like the timeout interval. They have the form specifying a different trust anchor, then :option:`-a` must be used to specify a file containing the key. -.. option:: +[no]tcp +.. option:: +tcp, +notcp This option controls whether to use TCP when sending queries. The default is to use UDP unless a truncated response has been received. -.. option:: +[no]unknownformat +.. option:: +unknownformat, +nounknownformat This option prints all RDATA in unknown RR-type presentation format (:rfc:`3597`). The default is to print RDATA for known types in the type's presentation format. -.. option:: +[no]yaml +.. option:: +yaml, +noyaml This option prints response data in YAML format. diff --git a/bin/dig/dig.rst b/bin/dig/dig.rst index ac56d82ab3..c2111a5201 100644 --- a/bin/dig/dig.rst +++ b/bin/dig/dig.rst @@ -227,20 +227,20 @@ assign values to options, like the timeout interval. They have the form abbreviation is unambiguous; for example, ``+cd`` is equivalent to ``+cdflag``. The query options are: -.. option:: +[no]aaflag +.. option:: +aaflag, +noaaflag - This option is a synonym for ``+[no]aaonly``. + This option is a synonym for :option:`+aaonly`, :option:`+noaaonly`. -.. option:: +[no]aaonly +.. option:: +aaonly, +noaaonly This option sets the ``aa`` flag in the query. -.. option:: +[no]additional +.. option:: +additional, +noadditional This option displays [or does not display] the additional section of a reply. The default is to display it. -.. option:: +[no]adflag +.. option:: +adflag, +noadflag This option sets [or does not set] the AD (authentic data) bit in the query. This requests the server to return whether all of the answer and authority @@ -250,26 +250,26 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to indicates that some part of the answer was insecure or not validated. This bit is set by default. -.. option:: +[no]all +.. option:: +all, +noall This option sets or clears all display flags. -.. option:: +[no]answer +.. option:: +answer, +noanswer This option displays [or does not display] the answer section of a reply. The default is to display it. -.. option:: +[no]authority +.. option:: +authority, +noauthority This option displays [or does not display] the authority section of a reply. The default is to display it. -.. option:: +[no]badcookie +.. option:: +badcookie, +nobadcookie This option retries the lookup with a new server cookie if a BADCOOKIE response is received. -.. option:: +[no]besteffort +.. option:: +besteffort, +nobesteffort This option attempts to display the contents of messages which are malformed. The default is to not display malformed answers. @@ -280,23 +280,23 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to ``B`` bytes. The maximum and minimum sizes of this buffer are 65535 and 0, respectively. ``+bufsize`` restores the default buffer size. -.. option:: +[no]cdflag +.. option:: +cdflag, +nocdflag This option sets [or does not set] the CD (checking disabled) bit in the query. This requests the server to not perform DNSSEC validation of responses. -.. option:: +[no]class +.. option:: +class, +noclass This option displays [or does not display] the CLASS when printing the record. -.. option:: +[no]cmd +.. option:: +cmd, +nocmd This option toggles the printing of the initial comment in the output, identifying the version of :program:`dig` and the query options that have been applied. This option always has a global effect; it cannot be set globally and then overridden on a per-lookup basis. The default is to print this comment. -.. option:: +[no]comments +.. option:: +comments, +nocomments This option toggles the display of some comment lines in the output, with information about the packet header and OPT pseudosection, and the names of @@ -306,7 +306,7 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to can be controlled using other command-line switches. These include ``+[no]cmd``, ``+[no]question``, ``+[no]stats``, and ``+[no]rrcomments``. -.. option:: +[no]cookie=#### +.. option:: +cookie=####, +nocookie This option sends [or does not send] a COOKIE EDNS option, with an optional value. Replaying a COOKIE from a previous response allows the server to identify a previous @@ -315,7 +315,7 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to ``+cookie`` is also set when ``+trace`` is set to better emulate the default queries from a nameserver. -.. option:: +[no]crypto +.. option:: +crypto, +nocrypto This option toggles the display of cryptographic fields in DNSSEC records. The contents of these fields are unnecessary for debugging most DNSSEC @@ -324,15 +324,15 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to they are replaced by the string ``[omitted]`` or, in the DNSKEY case, the key ID is displayed as the replacement, e.g. ``[ key id = value ]``. -.. option:: +[no]defname +.. option:: +defname, +nodefname This option, which is deprecated, is treated as a synonym for ``+[no]search``. -.. option:: +[no]dns64prefix +.. option:: +dns64prefix, +nodns64prefix Lookup IPV4ONLY.ARPA AAAA and print any DNS64 prefixes found. -.. option:: +[no]dnssec +.. option:: +dnssec, +nodnssec This option requests that DNSSEC records be sent by setting the DNSSEC OK (DO) bit in the OPT record in the additional section of the query. @@ -350,48 +350,48 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to code points are in the range [0...63]. By default no code point is explicitly set. -.. option:: +[no]edns[=#] +.. option:: +edns[=#], +noedns This option specifies the EDNS version to query with. Valid values are 0 to 255. Setting the EDNS version causes an EDNS query to be sent. ``+noedns`` clears the remembered EDNS version. EDNS is set to 0 by default. -.. option:: +[no]ednsflags[=#] +.. option:: +ednsflags[=#], +noednsflags This option sets the must-be-zero EDNS flags bits (Z bits) to the specified value. Decimal, hex, and octal encodings are accepted. Setting a named flag (e.g., DO) is silently ignored. By default, no Z bits are set. -.. option:: +[no]ednsnegotiation +.. option:: +ednsnegotiation, +noednsnegotiation This option enables/disables EDNS version negotiation. By default, EDNS version negotiation is enabled. -.. option:: +[no]ednsopt[=code[:value]] +.. option:: +ednsopt[=code[:value]], +noednsopt This option specifies the EDNS option with code point ``code`` and an optional payload of ``value`` as a hexadecimal string. ``code`` can be either an EDNS option name (for example, ``NSID`` or ``ECS``) or an arbitrary numeric value. ``+noednsopt`` clears the EDNS options to be sent. -.. option:: +[no]expire +.. option:: +expire, +noexpire This option sends an EDNS Expire option. -.. option:: +[no]fail +.. option:: +fail, +nofail This option indicates that :iscman:`named` should try [or not try] the next server if a SERVFAIL is received. The default is to not try the next server, which is the reverse of normal stub resolver behavior. -.. option:: +[no]header-only +.. option:: +header-only, +noheader-only This option sends a query with a DNS header without a question section. The default is to add a question section. The query type and query name are ignored when this is set. -.. option:: +[no]https[=value] +.. option:: +https[=value], +nohttps This option indicates whether to use DNS over HTTPS (DoH) when querying name servers. When this option is in use, the port number defaults to 443. @@ -401,37 +401,37 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to query URI; the default is ``/dns-query``. So, for example, ``dig @example.com +https`` will use the URI ``https://example.com/dns-query``. -.. option:: +[no]https-get[=value] +.. option:: +https-get[=value], +nohttps-get Similar to ``+https``, except that the HTTP GET request mode is used when sending the query. -.. option:: +[no]https-post[=value] +.. option:: +https-post[=value], +nohttps-post Same as ``+https``. -.. option:: +[no]http-plain[=value] +.. option:: +http-plain[=value], +nohttp-plain Similar to ``+https``, except that HTTP queries will be sent over a non-encrypted channel. When this option is in use, the port number defaults to 80 and the HTTP request mode is POST. -.. option:: +[no]http-plain-get[=value] +.. option:: +http-plain-get[=value], +nohttp-plain-get Similar to ``+http-plain``, except that the HTTP request mode is GET. -.. option:: +[no]http-plain-post[=value] +.. option:: +http-plain-post[=value], +nohttp-plain-post Same as ``+http-plain``. -.. option:: +[no]identify +.. option:: +identify, +noidentify This option shows [or does not show] the IP address and port number that supplied the answer, when the ``+short`` option is enabled. If short form answers are requested, the default is not to show the source address and port number of the server that provided the answer. -.. option:: +[no]idnin +.. option:: +idnin, +noidnin This option processes [or does not process] IDN domain names on input. This requires ``IDN SUPPORT`` to have been enabled at compile time. @@ -440,7 +440,7 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to The IDN processing on input is disabled when :program:`dig` output is redirected to files, pipes, and other non-tty file descriptors. -.. option:: +[no]idnout +.. option:: +idnout, +noidnout This option converts [or does not convert] puny code on output. This requires ``IDN SUPPORT`` to have been enabled at compile time. @@ -449,22 +449,22 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to a tty. The puny code processing on output is disabled when :program:`dig` output is redirected to files, pipes, and other non-tty file descriptors. -.. option:: +[no]ignore +.. option:: +ignore, +noignore This option ignores [or does not ignore] truncation in UDP responses instead of retrying with TCP. By default, TCP retries are performed. -.. option:: +[no]keepalive +.. option:: +keepalive, +nokeepalive This option sends [or does not send] an EDNS Keepalive option. -.. option:: +[no]keepopen +.. option:: +keepopen, +nokeepopen This option keeps [or does not keep] the TCP socket open between queries, and reuses it rather than creating a new TCP socket for each lookup. The default is ``+nokeepopen``. -.. option:: +[no]multiline +.. option:: +multiline, +nomultiline This option prints [or does not print] records, like the SOA records, in a verbose multi-line format with human-readable comments. The default is to print each record on @@ -480,23 +480,23 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to ``search`` or ``domain`` directive in ``/etc/resolv.conf`` if ``+search`` is set. -.. option:: +[no]nsid +.. option:: +nsid, +nonsid When enabled, this option includes an EDNS name server ID request when sending a query. -.. option:: +[no]nssearch +.. option:: +nssearch, +nonssearch When this option is set, :program:`dig` attempts to find the authoritative name servers for the zone containing the name being looked up, and display the SOA record that each name server has for the zone. Addresses of servers that did not respond are also printed. -.. option:: +[no]onesoa +.. option:: +onesoa, +noonesoa When enabled, this option prints only one (starting) SOA record when performing an AXFR. The default is to print both the starting and ending SOA records. -.. option:: +[no]opcode=value +.. option:: +opcode=value, +noopcode When enabled, this option sets (restores) the DNS message opcode to the specified value. The default value is QUERY (0). @@ -515,27 +515,27 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to This option specifies the query ID to use when sending queries. -.. option:: +[no]qr +.. option:: +qr, +noqr This option toggles the display of the query message as it is sent. By default, the query is not printed. -.. option:: +[no]question +.. option:: +question, +noquestion This option toggles the display of the question section of a query when an answer is returned. The default is to print the question section as a comment. -.. option:: +[no]raflag +.. option:: +raflag, +noraflag This option sets [or does not set] the RA (Recursion Available) bit in the query. The default is ``+noraflag``. This bit is ignored by the server for QUERY. -.. option:: +[no]rdflag +.. option:: +rdflag, +nordflag This option is a synonym for ``+[no]recurse``. -.. option:: +[no]recurse +.. option:: +recurse, +norecurse This option toggles the setting of the RD (recursion desired) bit in the query. This bit is set by default, which means :program:`dig` normally sends @@ -548,13 +548,13 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to instead of the default, 2. Unlike ``+tries``, this does not include the initial query. -.. option:: +[no]rrcomments +.. option:: +rrcomments, +norrcomments This option toggles the display of per-record comments in the output (for example, human-readable key information about DNSKEY records). The default is not to print record comments unless multiline mode is active. -.. option:: +[no]search +.. option:: +search, +nosearch This option uses [or does not use] the search list defined by the searchlist or domain directive in ``resolv.conf``, if any. The search list is not used by @@ -564,23 +564,23 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to ``+ndots``, determines whether the name is treated as relative and hence whether a search is eventually performed. -.. option:: +[no]short +.. option:: +short, +noshort This option toggles whether a terse answer is provided. The default is to print the answer in a verbose form. This option always has a global effect; it cannot be set globally and then overridden on a per-lookup basis. -.. option:: +[no]showbadcookie +.. option:: +showbadcookie, +noshowbadcookie This option toggles whether to show the message containing the BADCOOKIE rcode before retrying the request or not. The default is to not show the messages. -.. option:: +[no]showsearch +.. option:: +showsearch, +noshowsearch This option performs [or does not perform] a search showing intermediate results. -.. option:: +[no]sigchase +.. option:: +sigchase, +nosigchase This feature is now obsolete and has been removed; use :iscman:`delv` instead. @@ -593,13 +593,13 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to split at all. The default is 56 characters, or 44 characters when multiline mode is active. -.. option:: +[no]stats +.. option:: +stats, +nostats This option toggles the printing of statistics: when the query was made, the size of the reply, etc. The default behavior is to print the query statistics as a comment after each lookup. -.. option:: +[no]subnet=addr[/prefix-length] +.. option:: +subnet=addr[/prefix-length], +nosubnet This option sends [or does not send] an EDNS CLIENT-SUBNET option with the specified IP address or network prefix. @@ -609,12 +609,12 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to prefix-length of zero, which signals a resolver that the client's address information must *not* be used when resolving this query. -.. option:: +[no]tcflag +.. option:: +tcflag, +notcflag This option sets [or does not set] the TC (TrunCation) bit in the query. The default is ``+notcflag``. This bit is ignored by the server for QUERY. -.. option:: +[no]tcp +.. option:: +tcp, +notcp This option indicates whether to use TCP when querying name servers. The default behavior is to use UDP unless a type ``any`` or ``ixfr=N`` @@ -626,7 +626,7 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to This option sets the timeout for a query to ``T`` seconds. The default timeout is 5 seconds. An attempt to set ``T`` to less than 1 is silently set to 1. -.. option:: +[no]tls +.. option:: +tls, +notls This option indicates whether to use DNS over TLS (DoT) when querying name servers. When this option is in use, the port number defaults @@ -650,12 +650,12 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to server TLS certificate verification. Otherwise, the DNS server name is used. This option has no effect if ``+tls-ca`` is not specified. -.. option:: +[no]topdown +.. option:: +topdown, +notopdown This feature is related to ``dig +sigchase``, which is obsolete and has been removed. Use :iscman:`delv` instead. -.. option:: +[no]trace +.. option:: +trace, +notrace This option toggles tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled by default. When @@ -681,34 +681,34 @@ abbreviation is unambiguous; for example, ``+cd`` is equivalent to This option formerly specified trusted keys for use with ``dig +sigchase``. This feature is now obsolete and has been removed; use :iscman:`delv` instead. -.. option:: +[no]ttlid +.. option:: +ttlid, +nottlid This option displays [or does not display] the TTL when printing the record. -.. option:: +[no]ttlunits +.. option:: +ttlunits, +nottlunits This option displays [or does not display] the TTL in friendly human-readable time units of ``s``, ``m``, ``h``, ``d``, and ``w``, representing seconds, minutes, hours, days, and weeks. This implies ``+ttlid``. -.. option:: +[no]unknownformat +.. option:: +unknownformat, +nounknownformat This option prints all RDATA in unknown RR type presentation format (:rfc:`3597`). The default is to print RDATA for known types in the type's presentation format. -.. option:: +[no]vc +.. option:: +vc, +novc This option uses [or does not use] TCP when querying name servers. This alternate syntax to ``+[no]tcp`` is provided for backwards compatibility. The ``vc`` stands for "virtual circuit." -.. option:: +[no]yaml +.. option:: +yaml, +noyaml When enabled, this option prints the responses (and, if ``+qr`` is in use, also the outgoing queries) in a detailed YAML format. -.. option:: +[no]zflag +.. option:: +zflag, +nozflag This option sets [or does not set] the last unassigned DNS header flag in a DNS query. This flag is off by default. diff --git a/bin/tools/mdig.rst b/bin/tools/mdig.rst index a3e1c056bc..054984905b 100644 --- a/bin/tools/mdig.rst +++ b/bin/tools/mdig.rst @@ -111,26 +111,26 @@ Global Options The global query options are: -.. option:: +[no]additional +.. option:: +additional, +noadditional This option displays [or does not display] the additional section of a reply. The default is to display it. -.. option:: +[no]all +.. option:: +all, +noall This option sets or clears all display flags. -.. option:: +[no]answer +.. option:: +answer, +noanswer This option displays [or does not display] the answer section of a reply. The default is to display it. -.. option:: +[no]authority +.. option:: +authority, +noauthority This option displays [or does not display] the authority section of a reply. The default is to display it. -.. option:: +[no]besteffort +.. option:: +besteffort, +nobesteffort This option attempts to display [or does not display] the contents of messages which are malformed. The default is to not display malformed answers. @@ -139,20 +139,20 @@ The global query options are: This option delays queries until the start of the next second. -.. option:: +[no]cl +.. option:: +cl, +nocl This option displays [or does not display] the CLASS when printing the record. -.. option:: +[no]comments +.. option:: +comments, +nocomments This option toggles the display of comment lines in the output. The default is to print comments. -.. option:: +[no]continue +.. option:: +continue, +nocontinue This option toggles continuation on errors (e.g. timeouts). -.. option:: +[no]crypto +.. option:: +crypto, +nocrypto This option toggles the display of cryptographic fields in DNSSEC records. The contents of these fields are unnecessary to debug most DNSSEC @@ -167,25 +167,25 @@ The global query options are: code points are in the range [0...63]. By default no code point is explicitly set. -.. option:: +[no]multiline +.. option:: +multiline, +nomultiline This option toggles printing of records, like the SOA records, in a verbose multi-line format with human-readable comments. The default is to print each record on a single line, to facilitate machine parsing of the :program:`mdig` output. -.. option:: +[no]question +.. option:: +question, +noquestion This option prints [or does not print] the question section of a query when an answer is returned. The default is to print the question section as a comment. -.. option:: +[no]rrcomments +.. option:: +rrcomments, +norrcomments This option toggles the display of per-record comments in the output (for example, human-readable key information about DNSKEY records). The default is not to print record comments unless multiline mode is active. -.. option:: +[no]short +.. option:: +short, +noshort This option provides [or does not provide] a terse answer. The default is to print the answer in a verbose form. @@ -198,22 +198,22 @@ The global query options are: split. The default is 56 characters, or 44 characters when multiline mode is active. -.. option:: +[no]tcp +.. option:: +tcp, +notcp This option uses [or does not use] TCP when querying name servers. The default behavior is to use UDP. -.. option:: +[no]ttlid +.. option:: +ttlid, +nottlid This option displays [or does not display] the TTL when printing the record. -.. option:: +[no]ttlunits +.. option:: +ttlunits, +nottlunits This option displays [or does not display] the TTL in friendly human-readable time units of "s", "m", "h", "d", and "w", representing seconds, minutes, hours, days, and weeks. This implies +ttlid. -.. option:: +[no]vc +.. option:: +vc, +novc This option uses [or does not use] TCP when querying name servers. This alternate syntax to ``+[no]tcp`` is provided for backwards compatibility. The @@ -247,15 +247,15 @@ Local Options The local query options are: -.. option:: +[no]aaflag +.. option:: +aaflag, +noaaflag This is a synonym for ``+[no]aaonly``. -.. option:: +[no]aaonly +.. option:: +aaonly, +noaaonly This sets the ``aa`` flag in the query. -.. option:: +[no]adflag +.. option:: +adflag, +noadflag This sets [or does not set] the AD (authentic data) bit in the query. This requests the server to return whether all of the answer and authority @@ -273,50 +273,50 @@ The local query options are: appropriately. Values other than zero cause a EDNS query to be sent. -.. option:: +[no]cdflag +.. option:: +cdflag, +nocdflag This sets [or does not set] the CD (checking disabled) bit in the query. This requests the server to not perform DNSSEC validation of responses. -.. option:: +[no]cookie=#### +.. option:: +cookie=####, +nocookie This sends [or does not send] a COOKIE EDNS option, with an optional value. Replaying a COOKIE from a previous response allows the server to identify a previous client. The default is ``+nocookie``. -.. option:: +[no]dnssec +.. option:: +dnssec, +nodnssec This requests that DNSSEC records be sent by setting the DNSSEC OK (DO) bit in the OPT record in the additional section of the query. -.. option:: +[no]edns[=#] +.. option:: +edns[=#], +noedns This specifies [or does not specify] the EDNS version to query with. Valid values are 0 to 255. Setting the EDNS version causes an EDNS query to be sent. ``+noedns`` clears the remembered EDNS version. EDNS is set to 0 by default. -.. option:: +[no]ednsflags[=#] +.. option:: +ednsflags[=#], +noednsflags This sets the must-be-zero EDNS flag bits (Z bits) to the specified value. Decimal, hex, and octal encodings are accepted. Setting a named flag (e.g. DO) is silently ignored. By default, no Z bits are set. -.. option:: +[no]ednsopt[=code[:value]] +.. option:: +ednsopt[=code[:value]], +noednsopt This specifies [or does not specify] an EDNS option with code point ``code`` and an optional payload of ``value`` as a hexadecimal string. ``+noednsopt`` clears the EDNS options to be sent. -.. option:: +[no]expire +.. option:: +expire, +noexpire This toggles sending of an EDNS Expire option. -.. option:: +[no]nsid +.. option:: +nsid, +nonsid This toggles inclusion of an EDNS name server ID request when sending a query. -.. option:: +[no]recurse +.. option:: +recurse, +norecurse This toggles the setting of the RD (recursion desired) bit in the query. This bit is set by default, which means :program:`mdig` normally sends @@ -328,7 +328,7 @@ The local query options are: instead of the default, 2. Unlike ``+tries``, this does not include the initial query. -.. option:: +[no]subnet=addr[/prefix-length] +.. option:: +subnet=addr[/prefix-length], +nosubnet This sends [or does not send] an EDNS Client Subnet option with the specified IP address or network prefix. @@ -355,17 +355,17 @@ The local query options are: This sets the timeout between UDP query retries to ``T``. -.. option:: +[no]unknownformat +.. option:: +unknownformat, +nounknownformat This prints [or does not print] all RDATA in unknown RR-type presentation format (see :rfc:`3597`). The default is to print RDATA for known types in the type's presentation format. -.. option:: +[no]yaml +.. option:: +yaml, +noyaml This toggles printing of the responses in a detailed YAML format. -.. option:: +[no]zflag +.. option:: +zflag, +nozflag This sets [or does not set] the last unassigned DNS header flag in a DNS query. This flag is off by default. diff --git a/doc/man/delv.1in b/doc/man/delv.1in index 5164901f76..c62c990218 100644 --- a/doc/man/delv.1in +++ b/doc/man/delv.1in @@ -241,7 +241,7 @@ assign values to options like the timeout interval. They have the form \fB+keyword=value\fP\&. The query options are: .INDENT 0.0 .TP -.B +[no]cdflag +.B +cdflag, +nocdflag This option controls whether to set the CD (checking disabled) bit in queries sent by \fBdelv\fP\&. This may be useful when troubleshooting DNSSEC problems from behind a validating resolver. A validating resolver @@ -252,19 +252,19 @@ internally and report the errors in detail. .UNINDENT .INDENT 0.0 .TP -.B +[no]class +.B +class, +noclass This option controls whether to display the CLASS when printing a record. The default is to display the CLASS. .UNINDENT .INDENT 0.0 .TP -.B +[no]ttl +.B +ttl, +nottl This option controls whether to display the TTL when printing a record. The default is to display the TTL. .UNINDENT .INDENT 0.0 .TP -.B +[no]rtrace +.B +rtrace, +nortrace This option toggles resolver fetch logging. This reports the name and type of each query sent by \fBdelv\fP in the process of carrying out the resolution and validation process, including the original query @@ -278,7 +278,7 @@ logging categories as well. .UNINDENT .INDENT 0.0 .TP -.B +[no]mtrace +.B +mtrace, +nomtrace This option toggles message logging. This produces a detailed dump of the responses received by \fBdelv\fP in the process of carrying out the resolution and validation process. @@ -290,7 +290,7 @@ output, but affects other logging categories as well. .UNINDENT .INDENT 0.0 .TP -.B +[no]vtrace +.B +vtrace, +novtrace This option toggles validation logging. This shows the internal process of the validator as it determines whether an answer is validly signed, unsigned, or invalid. @@ -302,26 +302,26 @@ same output, but affects other logging categories as well. .UNINDENT .INDENT 0.0 .TP -.B +[no]short +.B +short, +noshort This option toggles between verbose and terse answers. The default is to print the answer in a verbose form. .UNINDENT .INDENT 0.0 .TP -.B +[no]comments +.B +comments, +nocomments This option toggles the display of comment lines in the output. The default is to print comments. .UNINDENT .INDENT 0.0 .TP -.B +[no]rrcomments +.B +rrcomments, +norrcomments This option toggles the display of per\-record comments in the output (for example, human\-readable key information about DNSKEY records). The default is to print per\-record comments. .UNINDENT .INDENT 0.0 .TP -.B +[no]crypto +.B +crypto, +nocrypto This option toggles the display of cryptographic fields in DNSSEC records. The contents of these fields are unnecessary to debug most DNSSEC validation failures and removing them makes it easier to see the @@ -331,13 +331,13 @@ key ID is displayed as the replacement, e.g. \fB[ key id = value ]\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]trust +.B +trust, +notrust This option controls whether to display the trust level when printing a record. The default is to display the trust level. .UNINDENT .INDENT 0.0 .TP -.B +[no]split[=W] +.B +split[=W], +nosplit This option splits long hex\- or base64\-formatted fields in resource records into chunks of \fBW\fP characters (where \fBW\fP is rounded up to the nearest multiple of 4). \fB+nosplit\fP or \fB+split=0\fP causes fields not to be @@ -346,13 +346,13 @@ multiline mode is active. .UNINDENT .INDENT 0.0 .TP -.B +[no]all +.B +all, +noall This option sets or clears the display options \fB+[no]comments\fP, \fB+[no]rrcomments\fP, and \fB+[no]trust\fP as a group. .UNINDENT .INDENT 0.0 .TP -.B +[no]multiline +.B +multiline, +nomultiline This option prints long records (such as RRSIG, DNSKEY, and SOA records) in a verbose multi\-line format with human\-readable comments. The default is to print each record on a single line, to facilitate machine @@ -360,7 +360,7 @@ parsing of the \fBdelv\fP output. .UNINDENT .INDENT 0.0 .TP -.B +[no]dnssec +.B +dnssec, +nodnssec This option indicates whether to display RRSIG records in the \fBdelv\fP output. The default is to do so. Note that (unlike in \fI\%dig\fP) this does \fInot\fP control whether to request DNSSEC records or to @@ -370,7 +370,7 @@ always occurs unless suppressed by the use of \fI\%\-i\fP or .UNINDENT .INDENT 0.0 .TP -.B +[no]root[=ROOT] +.B +root[=ROOT], +noroot This option indicates whether to perform conventional DNSSEC validation, and if so, specifies the name of a trust anchor. The default is to validate using a trust anchor of "." (the root zone), for which there is a built\-in key. If @@ -379,20 +379,20 @@ file containing the key. .UNINDENT .INDENT 0.0 .TP -.B +[no]tcp +.B +tcp, +notcp This option controls whether to use TCP when sending queries. The default is to use UDP unless a truncated response has been received. .UNINDENT .INDENT 0.0 .TP -.B +[no]unknownformat +.B +unknownformat, +nounknownformat This option prints all RDATA in unknown RR\-type presentation format (\fI\%RFC 3597\fP). The default is to print RDATA for known types in the type\(aqs presentation format. .UNINDENT .INDENT 0.0 .TP -.B +[no]yaml +.B +yaml, +noyaml This option prints response data in YAML format. .UNINDENT .SH FILES diff --git a/doc/man/dig.1in b/doc/man/dig.1in index f88c16b66f..db86a1b2b9 100644 --- a/doc/man/dig.1in +++ b/doc/man/dig.1in @@ -262,23 +262,23 @@ abbreviation is unambiguous; for example, \fB+cd\fP is equivalent to \fB+cdflag\fP\&. The query options are: .INDENT 0.0 .TP -.B +[no]aaflag -This option is a synonym for \fB+[no]aaonly\fP\&. +.B +aaflag, +noaaflag +This option is a synonym for \fI\%+aaonly\fP, \fI\%+noaaonly\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]aaonly +.B +aaonly, +noaaonly This option sets the \fBaa\fP flag in the query. .UNINDENT .INDENT 0.0 .TP -.B +[no]additional +.B +additional, +noadditional This option displays [or does not display] the additional section of a reply. The default is to display it. .UNINDENT .INDENT 0.0 .TP -.B +[no]adflag +.B +adflag, +noadflag This option sets [or does not set] the AD (authentic data) bit in the query. This requests the server to return whether all of the answer and authority sections have been validated as secure, according to the security @@ -289,30 +289,30 @@ This bit is set by default. .UNINDENT .INDENT 0.0 .TP -.B +[no]all +.B +all, +noall This option sets or clears all display flags. .UNINDENT .INDENT 0.0 .TP -.B +[no]answer +.B +answer, +noanswer This option displays [or does not display] the answer section of a reply. The default is to display it. .UNINDENT .INDENT 0.0 .TP -.B +[no]authority +.B +authority, +noauthority This option displays [or does not display] the authority section of a reply. The default is to display it. .UNINDENT .INDENT 0.0 .TP -.B +[no]badcookie +.B +badcookie, +nobadcookie This option retries the lookup with a new server cookie if a BADCOOKIE response is received. .UNINDENT .INDENT 0.0 .TP -.B +[no]besteffort +.B +besteffort, +nobesteffort This option attempts to display the contents of messages which are malformed. The default is to not display malformed answers. .UNINDENT @@ -325,18 +325,18 @@ This option sets the UDP message buffer size advertised using EDNS0 to .UNINDENT .INDENT 0.0 .TP -.B +[no]cdflag +.B +cdflag, +nocdflag This option sets [or does not set] the CD (checking disabled) bit in the query. This requests the server to not perform DNSSEC validation of responses. .UNINDENT .INDENT 0.0 .TP -.B +[no]class +.B +class, +noclass This option displays [or does not display] the CLASS when printing the record. .UNINDENT .INDENT 0.0 .TP -.B +[no]cmd +.B +cmd, +nocmd This option toggles the printing of the initial comment in the output, identifying the version of \fBdig\fP and the query options that have been applied. This option always has a global effect; it cannot be set globally and then overridden on a @@ -344,7 +344,7 @@ per\-lookup basis. The default is to print this comment. .UNINDENT .INDENT 0.0 .TP -.B +[no]comments +.B +comments, +nocomments This option toggles the display of some comment lines in the output, with information about the packet header and OPT pseudosection, and the names of the response section. The default is to print these comments. @@ -355,7 +355,7 @@ can be controlled using other command\-line switches. These include .UNINDENT .INDENT 0.0 .TP -.B +[no]cookie=#### +.B +cookie=####, +nocookie This option sends [or does not send] a COOKIE EDNS option, with an optional value. Replaying a COOKIE from a previous response allows the server to identify a previous client. The default is \fB+cookie\fP\&. @@ -365,7 +365,7 @@ default queries from a nameserver. .UNINDENT .INDENT 0.0 .TP -.B +[no]crypto +.B +crypto, +nocrypto This option toggles the display of cryptographic fields in DNSSEC records. The contents of these fields are unnecessary for debugging most DNSSEC validation failures and removing them makes it easier to see the @@ -375,17 +375,17 @@ key ID is displayed as the replacement, e.g. \fB[ key id = value ]\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]defname +.B +defname, +nodefname This option, which is deprecated, is treated as a synonym for \fB+[no]search\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]dns64prefix +.B +dns64prefix, +nodns64prefix Lookup IPV4ONLY.ARPA AAAA and print any DNS64 prefixes found. .UNINDENT .INDENT 0.0 .TP -.B +[no]dnssec +.B +dnssec, +nodnssec This option requests that DNSSEC records be sent by setting the DNSSEC OK (DO) bit in the OPT record in the additional section of the query. .UNINDENT @@ -406,7 +406,7 @@ explicitly set. .UNINDENT .INDENT 0.0 .TP -.B +[no]edns[=#] +.B +edns[=#], +noedns This option specifies the EDNS version to query with. Valid values are 0 to 255. Setting the EDNS version causes an EDNS query to be sent. \fB+noedns\fP clears the remembered EDNS version. EDNS is set to 0 by @@ -414,20 +414,20 @@ default. .UNINDENT .INDENT 0.0 .TP -.B +[no]ednsflags[=#] +.B +ednsflags[=#], +noednsflags This option sets the must\-be\-zero EDNS flags bits (Z bits) to the specified value. Decimal, hex, and octal encodings are accepted. Setting a named flag (e.g., DO) is silently ignored. By default, no Z bits are set. .UNINDENT .INDENT 0.0 .TP -.B +[no]ednsnegotiation +.B +ednsnegotiation, +noednsnegotiation This option enables/disables EDNS version negotiation. By default, EDNS version negotiation is enabled. .UNINDENT .INDENT 0.0 .TP -.B +[no]ednsopt[=code[:value]] +.B +ednsopt[=code[:value]], +noednsopt This option specifies the EDNS option with code point \fBcode\fP and an optional payload of \fBvalue\fP as a hexadecimal string. \fBcode\fP can be either an EDNS option name (for example, \fBNSID\fP or \fBECS\fP) or an arbitrary @@ -435,26 +435,26 @@ numeric value. \fB+noednsopt\fP clears the EDNS options to be sent. .UNINDENT .INDENT 0.0 .TP -.B +[no]expire +.B +expire, +noexpire This option sends an EDNS Expire option. .UNINDENT .INDENT 0.0 .TP -.B +[no]fail +.B +fail, +nofail This option indicates that \fI\%named\fP should try [or not try] the next server if a SERVFAIL is received. The default is to not try the next server, which is the reverse of normal stub resolver behavior. .UNINDENT .INDENT 0.0 .TP -.B +[no]header\-only +.B +header\-only, +noheader\-only This option sends a query with a DNS header without a question section. The default is to add a question section. The query type and query name are ignored when this is set. .UNINDENT .INDENT 0.0 .TP -.B +[no]https[=value] +.B +https[=value], +nohttps This option indicates whether to use DNS over HTTPS (DoH) when querying name servers. When this option is in use, the port number defaults to 443. The HTTP POST request mode is used when sending the query. @@ -465,35 +465,35 @@ query URI; the default is \fB/dns\-query\fP\&. So, for example, \fBdig .UNINDENT .INDENT 0.0 .TP -.B +[no]https\-get[=value] +.B +https\-get[=value], +nohttps\-get Similar to \fB+https\fP, except that the HTTP GET request mode is used when sending the query. .UNINDENT .INDENT 0.0 .TP -.B +[no]https\-post[=value] +.B +https\-post[=value], +nohttps\-post Same as \fB+https\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]http\-plain[=value] +.B +http\-plain[=value], +nohttp\-plain Similar to \fB+https\fP, except that HTTP queries will be sent over a non\-encrypted channel. When this option is in use, the port number defaults to 80 and the HTTP request mode is POST. .UNINDENT .INDENT 0.0 .TP -.B +[no]http\-plain\-get[=value] +.B +http\-plain\-get[=value], +nohttp\-plain\-get Similar to \fB+http\-plain\fP, except that the HTTP request mode is GET. .UNINDENT .INDENT 0.0 .TP -.B +[no]http\-plain\-post[=value] +.B +http\-plain\-post[=value], +nohttp\-plain\-post Same as \fB+http\-plain\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]identify +.B +identify, +noidentify This option shows [or does not show] the IP address and port number that supplied the answer, when the \fB+short\fP option is enabled. If short form answers are requested, the default is not to show the source @@ -501,7 +501,7 @@ address and port number of the server that provided the answer. .UNINDENT .INDENT 0.0 .TP -.B +[no]idnin +.B +idnin, +noidnin This option processes [or does not process] IDN domain names on input. This requires \fBIDN SUPPORT\fP to have been enabled at compile time. .sp @@ -511,7 +511,7 @@ to files, pipes, and other non\-tty file descriptors. .UNINDENT .INDENT 0.0 .TP -.B +[no]idnout +.B +idnout, +noidnout This option converts [or does not convert] puny code on output. This requires \fBIDN SUPPORT\fP to have been enabled at compile time. .sp @@ -521,25 +521,25 @@ is redirected to files, pipes, and other non\-tty file descriptors. .UNINDENT .INDENT 0.0 .TP -.B +[no]ignore +.B +ignore, +noignore This option ignores [or does not ignore] truncation in UDP responses instead of retrying with TCP. By default, TCP retries are performed. .UNINDENT .INDENT 0.0 .TP -.B +[no]keepalive +.B +keepalive, +nokeepalive This option sends [or does not send] an EDNS Keepalive option. .UNINDENT .INDENT 0.0 .TP -.B +[no]keepopen +.B +keepopen, +nokeepopen This option keeps [or does not keep] the TCP socket open between queries, and reuses it rather than creating a new TCP socket for each lookup. The default is \fB+nokeepopen\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]multiline +.B +multiline, +nomultiline This option prints [or does not print] records, like the SOA records, in a verbose multi\-line format with human\-readable comments. The default is to print each record on a single line to facilitate machine parsing of the \fBdig\fP output. @@ -557,12 +557,12 @@ relative names, and are searched for in the domains listed in the .UNINDENT .INDENT 0.0 .TP -.B +[no]nsid +.B +nsid, +nonsid When enabled, this option includes an EDNS name server ID request when sending a query. .UNINDENT .INDENT 0.0 .TP -.B +[no]nssearch +.B +nssearch, +nonssearch When this option is set, \fBdig\fP attempts to find the authoritative name servers for the zone containing the name being looked up, and display the SOA record that each name server has for the zone. @@ -570,13 +570,13 @@ Addresses of servers that did not respond are also printed. .UNINDENT .INDENT 0.0 .TP -.B +[no]onesoa +.B +onesoa, +noonesoa When enabled, this option prints only one (starting) SOA record when performing an AXFR. The default is to print both the starting and ending SOA records. .UNINDENT .INDENT 0.0 .TP -.B +[no]opcode=value +.B +opcode=value, +noopcode When enabled, this option sets (restores) the DNS message opcode to the specified value. The default value is QUERY (0). .UNINDENT @@ -598,31 +598,31 @@ This option specifies the query ID to use when sending queries. .UNINDENT .INDENT 0.0 .TP -.B +[no]qr +.B +qr, +noqr This option toggles the display of the query message as it is sent. By default, the query is not printed. .UNINDENT .INDENT 0.0 .TP -.B +[no]question +.B +question, +noquestion This option toggles the display of the question section of a query when an answer is returned. The default is to print the question section as a comment. .UNINDENT .INDENT 0.0 .TP -.B +[no]raflag +.B +raflag, +noraflag This option sets [or does not set] the RA (Recursion Available) bit in the query. The default is \fB+noraflag\fP\&. This bit is ignored by the server for QUERY. .UNINDENT .INDENT 0.0 .TP -.B +[no]rdflag +.B +rdflag, +nordflag This option is a synonym for \fB+[no]recurse\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]recurse +.B +recurse, +norecurse This option toggles the setting of the RD (recursion desired) bit in the query. This bit is set by default, which means \fBdig\fP normally sends recursive queries. Recursion is automatically disabled when the @@ -637,14 +637,14 @@ the initial query. .UNINDENT .INDENT 0.0 .TP -.B +[no]rrcomments +.B +rrcomments, +norrcomments This option toggles the display of per\-record comments in the output (for example, human\-readable key information about DNSKEY records). The default is not to print record comments unless multiline mode is active. .UNINDENT .INDENT 0.0 .TP -.B +[no]search +.B +search, +nosearch This option uses [or does not use] the search list defined by the searchlist or domain directive in \fBresolv.conf\fP, if any. The search list is not used by default. @@ -655,26 +655,26 @@ and hence whether a search is eventually performed. .UNINDENT .INDENT 0.0 .TP -.B +[no]short +.B +short, +noshort This option toggles whether a terse answer is provided. The default is to print the answer in a verbose form. This option always has a global effect; it cannot be set globally and then overridden on a per\-lookup basis. .UNINDENT .INDENT 0.0 .TP -.B +[no]showbadcookie +.B +showbadcookie, +noshowbadcookie This option toggles whether to show the message containing the BADCOOKIE rcode before retrying the request or not. The default is to not show the messages. .UNINDENT .INDENT 0.0 .TP -.B +[no]showsearch +.B +showsearch, +noshowsearch This option performs [or does not perform] a search showing intermediate results. .UNINDENT .INDENT 0.0 .TP -.B +[no]sigchase +.B +sigchase, +nosigchase This feature is now obsolete and has been removed; use \fI\%delv\fP instead. .UNINDENT @@ -689,14 +689,14 @@ multiline mode is active. .UNINDENT .INDENT 0.0 .TP -.B +[no]stats +.B +stats, +nostats This option toggles the printing of statistics: when the query was made, the size of the reply, etc. The default behavior is to print the query statistics as a comment after each lookup. .UNINDENT .INDENT 0.0 .TP -.B +[no]subnet=addr[/prefix\-length] +.B +subnet=addr[/prefix\-length], +nosubnet This option sends [or does not send] an EDNS CLIENT\-SUBNET option with the specified IP address or network prefix. .sp @@ -707,13 +707,13 @@ address information must \fInot\fP be used when resolving this query. .UNINDENT .INDENT 0.0 .TP -.B +[no]tcflag +.B +tcflag, +notcflag This option sets [or does not set] the TC (TrunCation) bit in the query. The default is \fB+notcflag\fP\&. This bit is ignored by the server for QUERY. .UNINDENT .INDENT 0.0 .TP -.B +[no]tcp +.B +tcp, +notcp This option indicates whether to use TCP when querying name servers. The default behavior is to use UDP unless a type \fBany\fP or \fBixfr=N\fP query is requested, in which case the default is TCP. AXFR queries @@ -727,7 +727,7 @@ This option sets the timeout for a query to \fBT\fP seconds. The default timeout .UNINDENT .INDENT 0.0 .TP -.B +[no]tls +.B +tls, +notls This option indicates whether to use DNS over TLS (DoT) when querying name servers. When this option is in use, the port number defaults to 853. @@ -754,13 +754,13 @@ is used. This option has no effect if \fB+tls\-ca\fP is not specified. .UNINDENT .INDENT 0.0 .TP -.B +[no]topdown +.B +topdown, +notopdown This feature is related to \fBdig +sigchase\fP, which is obsolete and has been removed. Use \fI\%delv\fP instead. .UNINDENT .INDENT 0.0 .TP -.B +[no]trace +.B +trace, +notrace This option toggles tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled by default. When tracing is enabled, \fBdig\fP makes iterative queries to resolve the @@ -789,39 +789,39 @@ feature is now obsolete and has been removed; use \fI\%delv\fP instead. .UNINDENT .INDENT 0.0 .TP -.B +[no]ttlid +.B +ttlid, +nottlid This option displays [or does not display] the TTL when printing the record. .UNINDENT .INDENT 0.0 .TP -.B +[no]ttlunits +.B +ttlunits, +nottlunits This option displays [or does not display] the TTL in friendly human\-readable time units of \fBs\fP, \fBm\fP, \fBh\fP, \fBd\fP, and \fBw\fP, representing seconds, minutes, hours, days, and weeks. This implies \fB+ttlid\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]unknownformat +.B +unknownformat, +nounknownformat This option prints all RDATA in unknown RR type presentation format (\fI\%RFC 3597\fP). The default is to print RDATA for known types in the type\(aqs presentation format. .UNINDENT .INDENT 0.0 .TP -.B +[no]vc +.B +vc, +novc This option uses [or does not use] TCP when querying name servers. This alternate syntax to \fB+[no]tcp\fP is provided for backwards compatibility. The \fBvc\fP stands for "virtual circuit." .UNINDENT .INDENT 0.0 .TP -.B +[no]yaml +.B +yaml, +noyaml When enabled, this option prints the responses (and, if \fB+qr\fP is in use, also the outgoing queries) in a detailed YAML format. .UNINDENT .INDENT 0.0 .TP -.B +[no]zflag +.B +zflag, +nozflag This option sets [or does not set] the last unassigned DNS header flag in a DNS query. This flag is off by default. .UNINDENT diff --git a/doc/man/mdig.1in b/doc/man/mdig.1in index df1dbf83a9..9b27e6cb10 100644 --- a/doc/man/mdig.1in +++ b/doc/man/mdig.1in @@ -125,30 +125,30 @@ queries on a non\-standard port number. The global query options are: .INDENT 0.0 .TP -.B +[no]additional +.B +additional, +noadditional This option displays [or does not display] the additional section of a reply. The default is to display it. .UNINDENT .INDENT 0.0 .TP -.B +[no]all +.B +all, +noall This option sets or clears all display flags. .UNINDENT .INDENT 0.0 .TP -.B +[no]answer +.B +answer, +noanswer This option displays [or does not display] the answer section of a reply. The default is to display it. .UNINDENT .INDENT 0.0 .TP -.B +[no]authority +.B +authority, +noauthority This option displays [or does not display] the authority section of a reply. The default is to display it. .UNINDENT .INDENT 0.0 .TP -.B +[no]besteffort +.B +besteffort, +nobesteffort This option attempts to display [or does not display] the contents of messages which are malformed. The default is to not display malformed answers. .UNINDENT @@ -159,23 +159,23 @@ This option delays queries until the start of the next second. .UNINDENT .INDENT 0.0 .TP -.B +[no]cl +.B +cl, +nocl This option displays [or does not display] the CLASS when printing the record. .UNINDENT .INDENT 0.0 .TP -.B +[no]comments +.B +comments, +nocomments This option toggles the display of comment lines in the output. The default is to print comments. .UNINDENT .INDENT 0.0 .TP -.B +[no]continue +.B +continue, +nocontinue This option toggles continuation on errors (e.g. timeouts). .UNINDENT .INDENT 0.0 .TP -.B +[no]crypto +.B +crypto, +nocrypto This option toggles the display of cryptographic fields in DNSSEC records. The contents of these fields are unnecessary to debug most DNSSEC validation failures and removing them makes it easier to see the @@ -192,28 +192,28 @@ explicitly set. .UNINDENT .INDENT 0.0 .TP -.B +[no]multiline +.B +multiline, +nomultiline This option toggles printing of records, like the SOA records, in a verbose multi\-line format with human\-readable comments. The default is to print each record on a single line, to facilitate machine parsing of the \fBmdig\fP output. .UNINDENT .INDENT 0.0 .TP -.B +[no]question +.B +question, +noquestion This option prints [or does not print] the question section of a query when an answer is returned. The default is to print the question section as a comment. .UNINDENT .INDENT 0.0 .TP -.B +[no]rrcomments +.B +rrcomments, +norrcomments This option toggles the display of per\-record comments in the output (for example, human\-readable key information about DNSKEY records). The default is not to print record comments unless multiline mode is active. .UNINDENT .INDENT 0.0 .TP -.B +[no]short +.B +short, +noshort This option provides [or does not provide] a terse answer. The default is to print the answer in a verbose form. .UNINDENT @@ -228,25 +228,25 @@ multiline mode is active. .UNINDENT .INDENT 0.0 .TP -.B +[no]tcp +.B +tcp, +notcp This option uses [or does not use] TCP when querying name servers. The default behavior is to use UDP. .UNINDENT .INDENT 0.0 .TP -.B +[no]ttlid +.B +ttlid, +nottlid This option displays [or does not display] the TTL when printing the record. .UNINDENT .INDENT 0.0 .TP -.B +[no]ttlunits +.B +ttlunits, +nottlunits This option displays [or does not display] the TTL in friendly human\-readable time units of "s", "m", "h", "d", and "w", representing seconds, minutes, hours, days, and weeks. This implies +ttlid. .UNINDENT .INDENT 0.0 .TP -.B +[no]vc +.B +vc, +novc This option uses [or does not use] TCP when querying name servers. This alternate syntax to \fB+[no]tcp\fP is provided for backwards compatibility. The \fBvc\fP stands for "virtual circuit". @@ -282,17 +282,17 @@ domain. The local query options are: .INDENT 0.0 .TP -.B +[no]aaflag +.B +aaflag, +noaaflag This is a synonym for \fB+[no]aaonly\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]aaonly +.B +aaonly, +noaaonly This sets the \fBaa\fP flag in the query. .UNINDENT .INDENT 0.0 .TP -.B +[no]adflag +.B +adflag, +noadflag This sets [or does not set] the AD (authentic data) bit in the query. This requests the server to return whether all of the answer and authority sections have all been validated as secure, according to the security @@ -312,26 +312,26 @@ sent. .UNINDENT .INDENT 0.0 .TP -.B +[no]cdflag +.B +cdflag, +nocdflag This sets [or does not set] the CD (checking disabled) bit in the query. This requests the server to not perform DNSSEC validation of responses. .UNINDENT .INDENT 0.0 .TP -.B +[no]cookie=#### +.B +cookie=####, +nocookie This sends [or does not send] a COOKIE EDNS option, with an optional value. Replaying a COOKIE from a previous response allows the server to identify a previous client. The default is \fB+nocookie\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]dnssec +.B +dnssec, +nodnssec This requests that DNSSEC records be sent by setting the DNSSEC OK (DO) bit in the OPT record in the additional section of the query. .UNINDENT .INDENT 0.0 .TP -.B +[no]edns[=#] +.B +edns[=#], +noedns This specifies [or does not specify] the EDNS version to query with. Valid values are 0 to 255. Setting the EDNS version causes an EDNS query to be sent. \fB+noedns\fP clears the remembered EDNS version. EDNS is set to 0 by @@ -339,31 +339,31 @@ default. .UNINDENT .INDENT 0.0 .TP -.B +[no]ednsflags[=#] +.B +ednsflags[=#], +noednsflags This sets the must\-be\-zero EDNS flag bits (Z bits) to the specified value. Decimal, hex, and octal encodings are accepted. Setting a named flag (e.g. DO) is silently ignored. By default, no Z bits are set. .UNINDENT .INDENT 0.0 .TP -.B +[no]ednsopt[=code[:value]] +.B +ednsopt[=code[:value]], +noednsopt This specifies [or does not specify] an EDNS option with code point \fBcode\fP and an optional payload of \fBvalue\fP as a hexadecimal string. \fB+noednsopt\fP clears the EDNS options to be sent. .UNINDENT .INDENT 0.0 .TP -.B +[no]expire +.B +expire, +noexpire This toggles sending of an EDNS Expire option. .UNINDENT .INDENT 0.0 .TP -.B +[no]nsid +.B +nsid, +nonsid This toggles inclusion of an EDNS name server ID request when sending a query. .UNINDENT .INDENT 0.0 .TP -.B +[no]recurse +.B +recurse, +norecurse This toggles the setting of the RD (recursion desired) bit in the query. This bit is set by default, which means \fBmdig\fP normally sends recursive queries. @@ -377,7 +377,7 @@ the initial query. .UNINDENT .INDENT 0.0 .TP -.B +[no]subnet=addr[/prefix\-length] +.B +subnet=addr[/prefix\-length], +nosubnet This sends [or does not send] an EDNS Client Subnet option with the specified IP address or network prefix. .UNINDENT @@ -410,19 +410,19 @@ This sets the timeout between UDP query retries to \fBT\fP\&. .UNINDENT .INDENT 0.0 .TP -.B +[no]unknownformat +.B +unknownformat, +nounknownformat This prints [or does not print] all RDATA in unknown RR\-type presentation format (see \fI\%RFC 3597\fP). The default is to print RDATA for known types in the type\(aqs presentation format. .UNINDENT .INDENT 0.0 .TP -.B +[no]yaml +.B +yaml, +noyaml This toggles printing of the responses in a detailed YAML format. .UNINDENT .INDENT 0.0 .TP -.B +[no]zflag +.B +zflag, +nozflag This sets [or does not set] the last unassigned DNS header flag in a DNS query. This flag is off by default. .UNINDENT