aboutsummaryrefslogtreecommitdiffstats
path: root/resolvconf.conf.5.in
diff options
context:
space:
mode:
Diffstat (limited to 'resolvconf.conf.5.in')
-rw-r--r--resolvconf.conf.5.in157
1 files changed, 105 insertions, 52 deletions
diff --git a/resolvconf.conf.5.in b/resolvconf.conf.5.in
index fcebd864e367..1b0c47160845 100644
--- a/resolvconf.conf.5.in
+++ b/resolvconf.conf.5.in
@@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd December 29, 2016
+.Dd September 8, 2019
.Dt RESOLVCONF.CONF 5
.Os
.Sh NAME
@@ -64,19 +64,25 @@ Defaults to YES.
.It Sy interface_order
These interfaces will always be processed first.
If unset, defaults to the following:-
-.D1 lo lo[0-9]*
+.Bd -compact -literal -offset indent
+lo lo[0-9]*
+.Ed
.It Sy dynamic_order
These interfaces will be processed next, unless they have a metric.
If unset, defaults to the following:-
-.D1 tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*
+.Bd -compact -literal -offset indent
+tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*
+.Ed
.It Sy inclusive_interfaces
-Ignore any exlcusive marking for these interfaces.
+Ignore any exclusive marking for these interfaces.
This is handy when 3rd party integrations force the
.Nm resolvconf -x
option and you want to disable it easily.
.It Sy local_nameservers
If unset, defaults to the following:-
-.D1 127.* 0.0.0.0 255.255.255.255 ::1
+.Bd -compact -literal -offset indent
+127.* 0.0.0.0 255.255.255.255 ::1
+.Ed
.It Sy search_domains
Prepend search domains to the dynamically generated list.
.It Sy search_domains_append
@@ -118,16 +124,24 @@ The syntax is this:
.Va $keyword Ns / Ns Va $match Ns / Ns Va $replacement
.Pp
Example, given this resolv.conf:
-.D1 domain foo.org
-.D1 search foo.org dead.beef
-.D1 nameserver 1.2.3.4
-.D1 nameserver 2.3.4.5
+.Bd -compact -literal -offset indent
+domain foo.org
+search foo.org dead.beef
+nameserver 1.2.3.4
+nameserver 2.3.4.5
+.Ed
and this configuaration:
-.D1 replace="search/foo*/bar.com nameserver/1.2.3.4/5.6.7.8 nameserver/2.3.4.5/"
+.Bd -compact -literal -offset indent
+replace="search/foo*/bar.com"
+replace="$replace nameserver/1.2.3.4/5.6.7.8"
+replace="$replace nameserver/2.3.4.5/"
+.Ed
you would get this resolv.conf instead:
-.D1 domain foo.org
-.D1 search bar.com
-.D1 nameserver 5.6.7.8
+.Bd -compact -literal -offset indent
+domain foo.org
+search bar.com
+nameserver 5.6.7.8
+.Ed
.It Sy replace_sub
Works the same way as
.Sy replace
@@ -138,9 +152,11 @@ Using the same example resolv.conf and changing
to
.Sy replace_sub ,
you would get this resolv.conf instead:
-.D1 domain foo.org
-.D1 search bar.com dead.beef
-.D1 nameserver 5.6.7.8
+.Bd -compact -literal -offset indent
+domain foo.org
+search bar.com dead.beef
+nameserver 5.6.7.8
+.Ed
.It Sy state_dir
Override the default state directory of
.Pa @VARDIR@ .
@@ -195,7 +211,8 @@ Prepend search domains to the dynamically generated list.
openresolv ships with subscribers for the name servers
.Xr dnsmasq 8 ,
.Xr named 8 ,
-.Xr pdnsd 8
+.Xr pdnsd 8 ,
+.Xr pdns_recursor 8 ,
and
.Xr unbound 8 .
Each subscriber can create configuration files which should be included in
@@ -203,7 +220,9 @@ in the subscribers main configuration file.
.Pp
To disable a subscriber, simply set it's name to NO.
For example, to disable the libc subscriber you would set:
-.D1 libc=NO
+.Bd -compact -literal -offset indent
+libc=NO
+.Ed
.Bl -tag -width indent
.It Sy dnsmasq_conf
This file tells dnsmasq which name servers to use for specific domains.
@@ -211,17 +230,21 @@ This file tells dnsmasq which name servers to use for specific domains.
This file tells dnsmasq which name servers to use for global lookups.
.Pp
Example resolvconf.conf for dnsmasq:
-.D1 name_servers=127.0.0.1
-.D1 dnsmasq_conf=/etc/dnsmasq-conf.conf
-.D1 dnsmasq_resolv=/etc/dnsmasq-resolv.conf
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+dnsmasq_conf=/etc/dnsmasq-conf.conf
+dnsmasq_resolv=/etc/dnsmasq-resolv.conf
+.Ed
.Pp
Example dnsmasq.conf:
-.D1 listen-address=127.0.0.1
-.D1 # If dnsmasq is compiled for DBus then we can take
-.D1 # advantage of not having to restart dnsmasq.
-.D1 enable-dbus
-.D1 conf-file=/etc/dnsmasq-conf.conf
-.D1 resolv-file=/etc/dnsmasq-resolv.conf
+.Bd -compact -literal -offset indent
+listen-address=127.0.0.1
+# If dnsmasq is compiled for DBus then we can take
+# advantage of not having to restart dnsmasq.
+enable-dbus
+conf-file=/etc/dnsmasq-conf.conf
+resolv-file=/etc/dnsmasq-resolv.conf
+.Ed
.It Sy named_options
Include this file in the named options block.
This file tells named which name servers to use for global lookups.
@@ -230,16 +253,21 @@ Include this file in the named global scope, after the options block.
This file tells named which name servers to use for specific domains.
.Pp
Example resolvconf.conf for named:
-.D1 name_servers=127.0.0.1
-.D1 named_options=/etc/named-options.conf
-.D1 named_zones=/etc/named-zones.conf
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+named_options=/etc/named-options.conf
+named_zones=/etc/named-zones.conf
+.Ed
.Pp
Example named.conf:
-.D1 options {
-.D1 listen-on { 127.0.0.1; };
-.D1 include "/etc/named-options.conf";
-.D1 };
-.D1 include "/etc/named-zones.conf";
+.Bd -compact -literal -offset indent
+options {
+ listen-on { 127.0.0.1; };
+ include "/etc/named-options.conf";
+};
+
+include "/etc/named-zones.conf";
+.Ed
.It Sy pdnsd_conf
This is the main pdnsd configuration file which we modify to add our
forward domains to.
@@ -253,32 +281,54 @@ If this variable is not set then it's written to
.Pa pdnsd_conf .
.Pp
Example resolvconf.conf for pdnsd:
-.D1 name_servers=127.0.0.1
-.D1 pdnsd_conf=/etc/pdnsd.conf
-.D1 # pdnsd_resolv=/etc/pdnsd-resolv.conf
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+pdnsd_conf=/etc/pdnsd.conf
+# pdnsd_resolv=/etc/pdnsd-resolv.conf
+.Ed
.Pp
Example pdnsd.conf:
-.D1 global {
-.D1 server_ip = 127.0.0.1;
-.D1 status_ctl = on;
-.D1 }
-.D1 server {
-.D1 # A server definition is required, even if emtpy.
-.D1 label="empty";
-.D1 proxy_only=on;
-.D1 # file="/etc/pdnsd-resolv.conf";
-.D1 }
+.Bd -compact -literal -offset indent
+global {
+ server_ip = 127.0.0.1;
+ status_ctl = on;
+}
+server {
+ # A server definition is required, even if empty.
+ label="empty";
+ proxy_only=on;
+ # file="/etc/pdnsd-resolv.conf";
+}
+.Ed
+.It Sy pdns_zones
+This file tells pdns_recursor about specific and global name servers.
+.Pp
+Example resolvconf.conf for pdns_recursor:
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+pdns_zones=/etc/pdns/recursor-zones.conf
+.Ed
+.Pp
+Example recursor.conf:
+.Bd -compact -literal -offset indent
+allow-from=127.0.0.0/8, ::1/128
+forward-zones-file=/etc/pdns/recursor-zones.conf
+.Ed
.It Sy unbound_conf
This file tells unbound about specific and global name servers.
.It Sy unbound_insecure
When set to YES, unbound marks the domains as insecure, thus ignoring DNSSEC.
.Pp
Example resolvconf.conf for unbound:
-.D1 name_servers=127.0.0.1
-.D1 unbound_conf=/etc/unbound-resolvconf.conf
+.Bd -compact -literal -offset indent
+name_servers=127.0.0.1
+unbound_conf=/etc/unbound-resolvconf.conf
+.Ed
.Pp
Example unbound.conf:
-.D1 include: /etc/unbound-resolvconf.conf
+.Bd -compact -literal -offset indent
+include: /etc/unbound-resolvconf.conf
+.Ed
.El
.Sh SUBSCRIBER INTEGRATION
Not all distributions store the files the subscribers need in the same
@@ -292,7 +342,6 @@ Also, users could equally want to use a different version from the one
installed by default, such as bind8 and bind9.
To accommodate this, the subscribers have these files in configurable
variables, documented below.
-.Pp
.Bl -tag -width indent
.It Sy dnsmasq_service
Name of the dnsmasq service.
@@ -310,6 +359,10 @@ Name of the named service.
Command to restart the named service.
.It Sy pdnsd_restart
Command to restart the pdnsd service.
+.It Sy pdns_service
+Command to restart the pdns_recursor service.
+.It Sy pdns_restart
+Command to restart the pdns_recursor service.
.It Sy unbound_service
Name of the unbound service.
.It Sy unbound_restart