Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
ods-auditor(1)		    OpenDNSSEC ods-auditor		ods-auditor(1)

NAME
       ods-auditor - OpenDNSSEC	Auditor

SYNOPSIS
       ods-auditor [-c path] [-k path] [-s path] [-u path] -z name [-f|-p]
       ods-auditor [-h]
       ods-auditor [-v]

DESCRIPTION
       ods-auditor  is	a  module  which  provides  auditing  capabilities  to
       OpenDNSSEC.

       Once an unsigned	zone has been signed, this module can be used to check
       that  the  signing process has run successfully.	It checks that no data
       has been	lost (or non-DNSSEC data  added),  and	that  all  the	DNSSEC
       records	are  correct. It uses the OpenDNSSEC standard logging (defined
       in /usr/local/etc/opendnssec/conf.xml).

       The Auditor takes the signed and	unsigned zones and compares  them.  It
       first  parses  both  files,  and	creates	transient files	which are then
       sorted into canonical order. These files	are then processed by the  Au-
       ditor.  If processing an	NSEC3-signed file, the Auditor will create ad-
       ditional	temporary files, which are processed after the	main  auditing
       run.

OPTIONS
       -c, --conf path
	      Path to an OpenDNSSEC configuration file

	      (defaults	to /usr/local/etc/opendnssec/conf.xml)

       -k, --kasp path
	      Path to KASP policy file

	      (defaults	to the path given in the configuration file)

       -z, --zone name
	      Only audit the specified zone

	      (defaults	to audit all zones)

       -s, --signed path
	      If a single zone is specified, then this option may override the
	      default location of the signed zone file with another.  This  is
	      for use by the signer.

	      (defaults	to the path given in the zone list)

       -u, --unsigned path
	      If a single zone is specified, then this option may override the
	      default location of the unsigned zone file with another. This is
	      for use by the signer.

	      (defaults	to the path given in the zone list)

       -f, --full
	      Perform a	full audit

       -p, --partial
	      Perform a	partial	audit

       -v, --version
	      Display version information

       -h, -?, --help
	      Show the help screen

SEE ALSO
       ods-control(8),	 ods-enforcerd(8),   ods-hsmspeed(1),  ods-hsmutil(1),
       ods-kaspcheck(1),   ods-ksmutil(1),   ods-signer(8),    ods-signerd(8),
       ods-timing(5), opendnssec(7), http://www.opendnssec.org/

AUTHORS
       ods-auditor  was	 written  by  Alex  Dalitz  and	Nominet	as part	of the
       OpenDNSSEC project.

OpenDNSSEC			 February 2010			ods-auditor(1)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | SEE ALSO | AUTHORS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=ods-auditor&sektion=1&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help