diff options
Diffstat (limited to 'interface-definitions/dns-forwarding.xml.in')
| -rw-r--r-- | interface-definitions/dns-forwarding.xml.in | 703 |
1 files changed, 0 insertions, 703 deletions
diff --git a/interface-definitions/dns-forwarding.xml.in b/interface-definitions/dns-forwarding.xml.in deleted file mode 100644 index 5ca02acef..000000000 --- a/interface-definitions/dns-forwarding.xml.in +++ /dev/null @@ -1,703 +0,0 @@ -<?xml version="1.0"?> -<!-- DNS forwarder configuration --> -<interfaceDefinition> - <node name="service"> - <children> - <node name="dns"> - <properties> - <help>Domain Name System (DNS) related services</help> - </properties> - <children> - <node name="forwarding" owner="${vyos_conf_scripts_dir}/dns_forwarding.py"> - <properties> - <help>DNS forwarding</help> - <priority>918</priority> - </properties> - <children> - <leafNode name="cache-size"> - <properties> - <help>DNS forwarding cache size</help> - <valueHelp> - <format>u32:0-2147483647</format> - <description>DNS forwarding cache size</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-2147483647"/> - </constraint> - </properties> - <defaultValue>10000</defaultValue> - </leafNode> - <leafNode name="dhcp"> - <properties> - <help>Interfaces whose DHCP client nameservers to forward requests to</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces</script> - </completionHelp> - <multi/> - </properties> - </leafNode> - <leafNode name="dns64-prefix"> - <properties> - <help>Help to communicate between IPv6-only client and IPv4-only server</help> - <valueHelp> - <format>ipv6net</format> - <description>IPv6 address and /96 only prefix length</description> - </valueHelp> - <constraint> - <validator name="ipv6-prefix"/> - </constraint> - </properties> - </leafNode> - <leafNode name="dnssec"> - <properties> - <help>DNSSEC mode</help> - <completionHelp> - <list>off process-no-validate process log-fail validate</list> - </completionHelp> - <valueHelp> - <format>off</format> - <description>No DNSSEC processing whatsoever!</description> - </valueHelp> - <valueHelp> - <format>process-no-validate</format> - <description>Respond with DNSSEC records to clients that ask for it. No validation done at all!</description> - </valueHelp> - <valueHelp> - <format>process</format> - <description>Respond with DNSSEC records to clients that ask for it. Validation for clients that request it.</description> - </valueHelp> - <valueHelp> - <format>log-fail</format> - <description>Similar behaviour to process, but validate RRSIGs on responses and log bogus responses.</description> - </valueHelp> - <valueHelp> - <format>validate</format> - <description>Full blown DNSSEC validation. Send SERVFAIL to clients on bogus responses.</description> - </valueHelp> - <constraint> - <regex>(off|process-no-validate|process|log-fail|validate)</regex> - </constraint> - </properties> - <defaultValue>process-no-validate</defaultValue> - </leafNode> - <tagNode name="domain"> - <properties> - <help>Domain to forward to a custom DNS server</help> - <valueHelp> - <format>txt</format> - <description>An absolute DNS domain name</description> - </valueHelp> - <constraint> - <validator name="fqdn"/> - </constraint> - </properties> - <children> - #include <include/name-server-ipv4-ipv6-port.xml.i> - <leafNode name="addnta"> - <properties> - <help>Add NTA (negative trust anchor) for this domain (must be set if the domain does not support DNSSEC)</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="recursion-desired"> - <properties> - <help>Set the "recursion desired" bit in requests to the upstream nameserver</help> - <valueless/> - </properties> - </leafNode> - </children> - </tagNode> - <tagNode name="authoritative-domain"> - <properties> - <help>Domain to host authoritative records for</help> - <valueHelp> - <format>txt</format> - <description>An absolute DNS domain name</description> - </valueHelp> - <constraint> - <validator name="fqdn"/> - </constraint> - </properties> - <children> - <node name="records"> - <properties> - <help>DNS zone records</help> - </properties> - <children> - <tagNode name="a"> - <properties> - <help>A record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <valueHelp> - <format>@</format> - <description>Root record</description> - </valueHelp> - <valueHelp> - <format>any</format> - <description>Wildcard record (any subdomain)</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@|any)(?<!\.)</regex> - </constraint> - </properties> - <children> - <leafNode name="address"> - <properties> - <help>IPv4 address</help> - <valueHelp> - <format>ipv4</format> - <description>IPv4 address</description> - </valueHelp> - <multi/> - <constraint> - <validator name="ipv4-address"/> - </constraint> - </properties> - </leafNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <tagNode name="aaaa"> - <properties> - <help>AAAA record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <valueHelp> - <format>@</format> - <description>Root record</description> - </valueHelp> - <valueHelp> - <format>any</format> - <description>Wildcard record (any subdomain)</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@|any)(?<!\.)</regex> - </constraint> - </properties> - <children> - <leafNode name="address"> - <properties> - <help>IPv6 address</help> - <valueHelp> - <format>ipv6</format> - <description>IPv6 address</description> - </valueHelp> - <multi/> - <constraint> - <validator name="ipv6-address"/> - </constraint> - </properties> - </leafNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <tagNode name="cname"> - <properties> - <help>CNAME record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <valueHelp> - <format>@</format> - <description>Root record</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> - </constraint> - </properties> - <children> - <leafNode name="target"> - <properties> - <help>Target DNS name</help> - <valueHelp> - <format>name.example.com</format> - <description>Absolute DNS name</description> - </valueHelp> - <constraint> - <regex>[-_a-zA-Z0-9.]{1,63}(?<!\.)</regex> - </constraint> - </properties> - </leafNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <tagNode name="mx"> - <properties> - <help>MX record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <valueHelp> - <format>@</format> - <description>Root record</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> - </constraint> - </properties> - <children> - <tagNode name="server"> - <properties> - <help>Mail server</help> - <valueHelp> - <format>name.example.com</format> - <description>Absolute DNS name</description> - </valueHelp> - <constraint> - <regex>[-_a-zA-Z0-9.]{1,63}(?<!\.)</regex> - </constraint> - </properties> - <children> - <leafNode name="priority"> - <properties> - <help>Server priority</help> - <valueHelp> - <format>u32:1-999</format> - <description>Server priority (lower numbers are higher priority)</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-999"/> - </constraint> - </properties> - <defaultValue>10</defaultValue> - </leafNode> - </children> - </tagNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <tagNode name="ns"> - <properties> - <help>NS record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> - </constraint> - </properties> - <children> - <leafNode name="target"> - <properties> - <help>Target DNS server authoritative for subdomain</help> - <valueHelp> - <format>nsXX.example.com</format> - <description>Absolute DNS name</description> - </valueHelp> - <constraint> - <regex>[-_a-zA-Z0-9.]{1,63}(?<!\.)</regex> - </constraint> - </properties> - </leafNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <tagNode name="ptr"> - <properties> - <help>PTR record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <valueHelp> - <format>@</format> - <description>Root record</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> - </constraint> - </properties> - <children> - <leafNode name="target"> - <properties> - <help>Target DNS name</help> - <valueHelp> - <format>name.example.com</format> - <description>Absolute DNS name</description> - </valueHelp> - <constraint> - <regex>[-_a-zA-Z0-9.]{1,63}(?<!\.)</regex> - </constraint> - </properties> - </leafNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <tagNode name="txt"> - <properties> - <help>TXT record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <valueHelp> - <format>@</format> - <description>Root record</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> - </constraint> - </properties> - <children> - <leafNode name="value"> - <properties> - <help>Record contents</help> - <valueHelp> - <format>txt</format> - <description>Record contents</description> - </valueHelp> - <multi/> - </properties> - </leafNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <tagNode name="spf"> - <properties> - <help>SPF record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <valueHelp> - <format>@</format> - <description>Root record</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> - </constraint> - </properties> - <children> - <leafNode name="value"> - <properties> - <help>Record contents</help> - <valueHelp> - <format>txt</format> - <description>Record contents</description> - </valueHelp> - </properties> - </leafNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <tagNode name="srv"> - <properties> - <help>SRV record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <valueHelp> - <format>@</format> - <description>Root record</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> - </constraint> - </properties> - <children> - <tagNode name="entry"> - <properties> - <help>Service entry</help> - <valueHelp> - <format>u32:0-65535</format> - <description>Entry number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-65535"/> - </constraint> - </properties> - <children> - <leafNode name="hostname"> - <properties> - <help>Server hostname</help> - <valueHelp> - <format>name.example.com</format> - <description>Absolute DNS name</description> - </valueHelp> - <constraint> - <regex>[-_a-zA-Z0-9.]{1,63}(?<!\.)</regex> - </constraint> - </properties> - </leafNode> - <leafNode name="port"> - <properties> - <help>Port number</help> - <valueHelp> - <format>u32:0-65535</format> - <description>TCP/UDP port number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-65536"/> - </constraint> - </properties> - </leafNode> - <leafNode name="priority"> - <properties> - <help>Entry priority</help> - <valueHelp> - <format>u32:0-65535</format> - <description>Entry priority (lower numbers are higher priority)</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-65535"/> - </constraint> - </properties> - <defaultValue>10</defaultValue> - </leafNode> - <leafNode name="weight"> - <properties> - <help>Entry weight</help> - <valueHelp> - <format>u32:0-65535</format> - <description>Entry weight</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-65535"/> - </constraint> - </properties> - <defaultValue>0</defaultValue> - </leafNode> - </children> - </tagNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <tagNode name="naptr"> - <properties> - <help>NAPTR record</help> - <valueHelp> - <format>txt</format> - <description>A DNS name relative to the root record</description> - </valueHelp> - <valueHelp> - <format>@</format> - <description>Root record</description> - </valueHelp> - <constraint> - <regex>([-_a-zA-Z0-9.]{1,63}|@)(?<!\.)</regex> - </constraint> - </properties> - <children> - <tagNode name="rule"> - <properties> - <help>NAPTR rule</help> - <valueHelp> - <format>u32:0-65535</format> - <description>Rule number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-65535"/> - </constraint> - </properties> - <children> - <leafNode name="order"> - <properties> - <help>Rule order</help> - <valueHelp> - <format>u32:0-65535</format> - <description>Rule order (lower order is evaluated first)</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-65535"/> - </constraint> - </properties> - </leafNode> - <leafNode name="preference"> - <properties> - <help>Rule preference</help> - <valueHelp> - <format>u32:0-65535</format> - <description>Rule preference</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-65535"/> - </constraint> - </properties> - <defaultValue>0</defaultValue> - </leafNode> - <leafNode name="lookup-srv"> - <properties> - <help>S flag</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="lookup-a"> - <properties> - <help>A flag</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="resolve-uri"> - <properties> - <help>U flag</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="protocol-specific"> - <properties> - <help>P flag</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="service"> - <properties> - <help>Service type</help> - <constraint> - <regex>[a-zA-Z][a-zA-Z0-9]{0,31}(\+[a-zA-Z][a-zA-Z0-9]{0,31})?</regex> - </constraint> - </properties> - </leafNode> - <leafNode name="regexp"> - <properties> - <help>Regular expression</help> - </properties> - </leafNode> - <leafNode name="replacement"> - <properties> - <help>Replacement DNS name</help> - <valueHelp> - <format>name.example.com</format> - <description>Absolute DNS name</description> - </valueHelp> - <constraint> - <regex>[-_a-zA-Z0-9.]{1,63}(?<!\.)</regex> - </constraint> - </properties> - </leafNode> - </children> - </tagNode> - #include <include/dns/time-to-live.xml.i> - <leafNode name="ttl"> - <defaultValue>300</defaultValue> - </leafNode> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - </children> - </node> - #include <include/generic-disable-node.xml.i> - </children> - </tagNode> - <leafNode name="ignore-hosts-file"> - <properties> - <help>Do not use local /etc/hosts file in name resolution</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="no-serve-rfc1918"> - <properties> - <help>Makes the server authoritatively not aware of RFC1918 addresses</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="allow-from"> - <properties> - <help>Networks allowed to query this server</help> - <valueHelp> - <format>ipv4net</format> - <description>IP address and prefix length</description> - </valueHelp> - <valueHelp> - <format>ipv6net</format> - <description>IPv6 address and prefix length</description> - </valueHelp> - <multi/> - <constraint> - <validator name="ip-prefix"/> - </constraint> - </properties> - </leafNode> - #include <include/listen-address.xml.i> - #include <include/port-number.xml.i> - <leafNode name="port"> - <defaultValue>53</defaultValue> - </leafNode> - <leafNode name="negative-ttl"> - <properties> - <help>Maximum amount of time negative entries are cached</help> - <valueHelp> - <format>u32:0-7200</format> - <description>Seconds to cache NXDOMAIN entries</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-7200"/> - </constraint> - </properties> - <defaultValue>3600</defaultValue> - </leafNode> - <leafNode name="timeout"> - <properties> - <help>Number of milliseconds to wait for a remote authoritative server to respond</help> - <valueHelp> - <format>u32:10-60000</format> - <description>Network timeout in milliseconds</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 10-60000"/> - </constraint> - </properties> - <defaultValue>1500</defaultValue> - </leafNode> - #include <include/name-server-ipv4-ipv6-port.xml.i> - #include <include/source-address-ipv4-ipv6-multi.xml.i> - <leafNode name="source-address"> - <defaultValue>0.0.0.0 ::</defaultValue> - </leafNode> - <leafNode name="system"> - <properties> - <help>Use system name servers</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - </children> - </node> - </children> - </node> -</interfaceDefinition> |