Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
YADIFA(8)			    YADIFA			     YADIFA(8)

NAME
       YADIFA is an utility for	controlling YADIFAD

SYNOPSIS
       yadifa  module  [--config|-c  configfile]  [--server|-s	host] [@host ]
       [--port|-p port]	[-K key-name] [--version|-V] [-h] [--verbose|-v]  [-t]
       command [[-q] zone]

DESCRIPTION
       yadifa  controls	 the  operation	 of  yadifad  with  its	control	module
       (ctrl), part of the YADIFA distribution from EURid vzw/asbl. The	latest
       version of YADIFA can be	found on:
			    http://www.yadifa.eu/download

       yadifa communicates with	a name server over a TCP connection.  Messages
       are authenticated using a TSIG signature. The key is  a	secret	shared
       between	client	and server.  The key can be defined using a <key> sec-
       tion both in the	client and the server.	Additionally, the  client  ac-
       cepts  a	full definition	as a command line option.  Note	that using au-
       thentication is mandatory when using the	control	module.

       For details about the key, see the manual or the	TSIG section below.

MODULES
       *      ctrl command Controls yadifad.

SIMPLE USAGE
       For controlling yadifad a command can be:

   NORMAL USE CASE
       yadifa ctrl @server -t command -q argument

   FRIENDLIER USE CASE
       yadifa ctrl @server command argument

       ctrl Module used	for controlling	yadifad

       server Is the IP	address	of the name server to control. If no  "server"
       argument	is given yadifa.rc will	be checked.

       command Is the command to be invoked

       argument	Depending the command this can be e.g. a domain	name.

   EXAMPLE
       yadifa ctrl @127.0.0.1 freeze somedomain.eu

OPTIONS
       [--config|-c configfile]
	       Another config file will	be used.

       [--server|-s host] | [ @host ]
	       Host is the remote server to operate.

	      e.g.:

	      yadifa --server 192.0.2.1

	      yadifa @192.0.2.1

	      By  default  the DNS port	is used. A port	can be specified along
	      with the IP address:

	      e.g.:

	      yadifa --server "192.0.2.1 port 5353"

	      yadifa @"192.0.2.1 port 5353"

       [--port|-p port]
	       Changes the DNS port. (default: 53)

       [-K key-name]
	       Name of the key to be used for the controller. It needs to have
	      been defined using a <key> section. (default: 'ctrl-key')

       [-y hmac-algorithm:key-name:base64-key]
	       Definition of the key to	be used	for the	controller.

	      hmac-algorithm
		      Optional,	 can  be:  hmac-md5,  hmac-sha1,  hmac-sha224,
		     hmac-256, hmac-384, hmac-512. (default: hmac-md5)

	      key-name
		      is the fqdn of the key.

	      base64-key
		      is a base64 encoding of the key bytes.

	      e.g.:

	      -y hmac-sha1:our-shared-secret:ThisIsASecretShared=

	      -y our-shared-secret:ThisIsASecretShared=

       [--verbose|-v]
	       Verbose output.

       [--version|-V]
	       Show version information.

       [--help|-h]
	       Show a help text

COMMANDS
       [-t] cfgreload
	       Reload the settings from	the configuration file on disk.

       [-t] freeze [-q]	zone
	       Disables	dynamic	updates	to a zone.

       [-t] freezeall [-q] zone
	       Disables	dynamic	updates	to every zone currently	loaded.

       [-t] loglevel level
	       Sets the	log level to the given value (0-15), 6 =  INFO,	 15  =
	      ALL.

       [-t] logreopen
	       Close all log files and reopens them.

       [-t] notify
	       Sends notifies to slaves	of these zones.

       [-t] querylog [enable|disable]
	       Sets the	log for	queries	on or off (default: enable).

       [-t] reload [-q]	zone
	       Triggers	 the  loading of the zone file(s) if the serial	number
	      is incremented.

       [-t] shutdown
	       Shuts down the server.

       [-t] sync [-q] [zone] [clean]
	       Write the zone to disk and optionally cleans up the journal.

       [-t] thaw [-q] [zone]
	       Enables dynamic updates to a zone.

       [-t] thawall
	       Enables dynamic updates to every	zone.

       [-t] unfreeze [-q] [zone]
	       Enables dynamic updates to a zone.

       [-t] unfreezeall
	       Enables dynamic updates to every	zone.

       [-t] zonecfgreload
	      [-q zone]
	       Reload the zone	information  in	 the  configuration  file  and
	      reload the zone file(s) with increased serial number.

TSIG KEYS
       TSIG keys are used for authentication of	messages.
       Their use is mandatory in the controller	module.

       Several digest algorithms are supported for the TSIG key:

	      *	     hmac-md5

	      *	     hmac-sha1

	      *	     hmac-sha224

	      *	     hmac-sha256

	      *	     hmac-sha384

	      *	     hmac-sha512

       Several	methods	can be used to generate	the base64-encoded sequence of
       bytes for the secret:

       *      %openssl rand -base64 32

       *      %dd if=/dev/random count=1 bs=32 2>/dev/null|base64

       *      %dd if=/dev/urandom count=1 bs=32	2>/dev/null|base64

       e.g.:

       #!/bin/sh
       # TSIG key generation example
       # can a
       key_algorithm="hmac-sha256"
       key_name="secretkey"
       key_secret=$(openssl rand -base64 32)
       if [ ! "x$1" == "x" ]
       then
	    key_name="$1"
       fi

       echo "# Encoded for the yadifa command-line: -y $key_algorithm:$key_name:$key_secret"
       echo
       echo "<key>"
       echo "algorithm $key_algorithm"
       echo "name $key_name"
       echo "secret $key_secret"
       echo "</key>"

FILES
       yadifa
	       The name	server remote client.

       ${SYSCONFDIR}/yadifa.conf
	       default yadifa configuration file.

       ${HOME}/.yadifa.rc
	       default rcfile.

       yadifa.conf.5
	       Configuration man page for yadifa.

       yadifa.rc.5
	       Configuration man page for yadifa.

       yadifa.8
	       This man	page.

SEE ALSO
       yadifa.conf(5) yadifa.rc(5) yadifad(8)

REQUIREMENTS
       OpenSSL
	      yadifad requires OpenSSL version 1.1.1 or	later.

CHANGES
       Please check the	ChangeLog file from the	sources	code.

VERSION
       Version:	2.4.1 of 2020-12-09.

MAILINGLIST
       There is	a mailinglist for questions relating to	 any  program  in  the
       yadifa package:

       *      yadifa-users@mailinglists.yadifa.eu
	      for submitting questions/answers.

       *      http://www.yadifa.eu/mailing-list-users
	      for subscription requests.

       If  you	would  like  to	 stay informed about new versions and official
       patches send a subscription request to via:

       *      http://www.yadifa.eu/mailing-list-announcements

       (this is	a read-only list).

LICENSE	AND COPYRIGHT
       Copyright
	      (C)2011-2020, EURid
	      B-1831 Diegem, Belgium
	      info@yadifa.eu

AUTHORS
       Gery Van	Emelen
       Email: Gery.VanEmelen@EURid.eu
       Eric Diaz Fernandez
       Email: Eric.DiazFernandez@EURid.eu

       WWW: http://www.EURid.eu

YADIFA				  2020-12-09			     YADIFA(8)

NAME | SYNOPSIS | DESCRIPTION | MODULES | SIMPLE USAGE | OPTIONS | COMMANDS | TSIG KEYS | FILES | SEE ALSO | REQUIREMENTS | CHANGES | VERSION | MAILINGLIST | LICENSE AND COPYRIGHT | AUTHORS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=yadifa&sektion=8&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help