From 0d4d4dd840e06c18250d73f27de61261ff141944 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 3 Dec 2019 22:01:19 +0100 Subject: T1843: run interface-definitions though GCC preprocessor A lot of XML code is duplicated (VLAN, interface address) for instance. Such XML definitions should be moved to feature.xml.i files and then just pulled in via GCC preprocessor #include definition in e.g. bond or ethernet definitions. This will give us the ability to single-source repeating node definitions as: * Interface Address * Interface Description * Interface Disable * VLAN (both vif-s and vif-c) The .in suffix of the interface-definitions is a marker that those files are input files to the GCC preprocessor. They will be rendered into proper XML files in the build directory. Some node definitions have been reworder to remove escaped double quote occurances which would have been warned about by the GCC preprocessor. --- interface-definitions/dns-forwarding.xml.in | 177 ++++++++++++++++++++++++++++ 1 file changed, 177 insertions(+) create mode 100644 interface-definitions/dns-forwarding.xml.in (limited to 'interface-definitions/dns-forwarding.xml.in') diff --git a/interface-definitions/dns-forwarding.xml.in b/interface-definitions/dns-forwarding.xml.in new file mode 100644 index 000000000..8b89bf758 --- /dev/null +++ b/interface-definitions/dns-forwarding.xml.in @@ -0,0 +1,177 @@ + + + + + + + + Domain Name System related services + + + + + DNS forwarding + 918 + + + + + DNS forwarding cache size + + 0-10000 + DNS forwarding cache size + + + + + + + + + Use DNS servers received from DHCP server for specified interface + + + + + + + + + DNSSEC mode + + off process-no-validate process log-fail validate + + + off + No DNSSEC processing whatsoever! + + + process-no-validate + Respond with DNSSEC records to clients that ask for it. No validation done at all! + + + process + Respond with DNSSEC records to clients that ask for it. Validation for clients that request it. + + + log-fail + Similar behaviour to process, but validate RRSIGs on responses and log bogus responses. + + + validate + Full blown DNSSEC validation. Send SERVFAIL to clients on bogus responses. + + + (off|process-no-validate|process|log-fail|validate) + + + + + + Domain to forward to a custom DNS server + + + + + Domain Name Server (DNS) to forward queries to + + ipv4 + Domain Name Server (DNS) IPv4 address + + + ipv6 + Domain Name Server (DNS) IPv6 address + + + + + + + + + + + + + Do not use local /etc/hosts file in name resolution + + + + + + Networks allowed to query this server + + ipv4net + IP address and prefix length + + + ipv6net + IPv6 address and prefix length + + + + + + + + + + Addresses to listen for DNS queries [REQUIRED] + + ipv4 + Domain Name Server (DNS) IPv4 address + + + ipv6 + Domain Name Server (DNS) IPv6 address + + + + + + + + + + + Maximum amount of time negative entries are cached + + 0-7200 + Seconds to cache NXDOMAIN entries + + + + + + + + + Domain Name Servers (DNS) addresses [OPTIONAL] + + ipv4 + Domain Name Server (DNS) IPv4 address + + + ipv6 + Domain Name Server (DNS) IPv6 address + + + + + + + + + + + Use system name servers + + + + + + + + + + -- cgit v1.2.3