-
Notifications
You must be signed in to change notification settings - Fork 0
/
dudders.8
119 lines (119 loc) · 2.78 KB
/
dudders.8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
.\" dudders.8 -*- nroff -*-
.\" Copyright Dean Scarff
.\"
.\" Licensed under the Apache License, Version 2.0 (the "License"); you
.\" may not use this file except in compliance with the License.
.Dd Nov 29, 2020
.Dt DUDDERS 8
.Sh NAME
.Nm dudders
.Nd update DNS record
.Sh SYNOPSIS
.Nm dudders
.Op Fl T
.Op Fl k Ar PRIVKEY
.Op Fl n Ar KEYNAME
.Op Fl m Ar MNAME
.Op Fl z Ar ZONE
.Ar DOMAIN
.Ar TTL
.Ar ADDRESS
.Sh DESCRIPTION
Perform a DNS update request to set
.Ar DOMAIN Ap s
A record to
.Ar ADDRESS ,
with
.Ar TTL
seconds to live, overwriting any previous A records for the domain in
the Internet class.
An RSA private key is loaded from standard input, or from the file
.Ar PRIVKEY .
The update is sent to the zone's master server, and authenticated
with SIG(0) using the private key's signature.
.Pp
If the filename
.Ar PRIVKEY
is provided and the filename is in
.Xr dnssec-keygen Ap s
format, the keyname can be inferred from the
filename.
Otherwise, the keyname must be provided via the
.Ar KEYNAME
option.
.Pp
The
.Ar MNAME
and
.Ar ZONE
options can be used to override the authority for testing purposes.
If either of these options are not specified, the leading labels are
stripped away from
.Ar DOMAIN
until an SOA record is found, and the missing values are filled from
the SOA response.
.Pp
The private key must be in the format generated by
.Xr dnssec-keygen
using the
.Ql \-a RSAMD5
option.
The reference key format uses colon-separated key value pairs and
base64-encoded unsigned multiprecision integer key components.
.Sh DIAGNOSTICS
The
.Nm
utility exits with 0 iff the server reports that the update was
successful.
.Pp
A DNS Server Failure error may indicate that
.Ar PRIVKEY
is not authorised for signing transactions for
.Ar DOMAIN ,
or that the master server does not support the update protocol.
.Sh OPTIONS
.Bl -tag -width 8n
.It Fl T
Send update message over TCP (default is UDP).
.It Fl k Ar PRIVKEY
Look in the file
.Ar PRIVKEY
for the private key.
.It Fl n Ar KEYNAME
Use the fully qualified domain name
.Ar KEYNAME
to identify the key.
.It Fl m Ar MNAME
Assume the (authoritative) master server is the domain name
.Ar MNAME .
.It Fl z Ar ZONE
Assume that the fully qualified domain name
.Ar ZONE
is authoritative for
.Ar DOMAIN .
.It Fl \-help
Output a brief help message and exit.
.It Fl \-version
Output version information and exit.
.El
.Sh LIMITATIONS
Wildcards are not supported for
.Ar DOMAIN .
.Pp
Only RSA/MD5 keys/signatures are supported.
.Pp
Only A records within the Internet class are supported.
.Sh SEE ALSO
.Xr nsupdate 8
.Xr dnssec\-keygen 8
.Pp
Relevant protocols are defined by the Internet standards RFC1035,
RFC2535, RFC2537 and RFC2931.
.Sh AUTHOR
.Nm
and its manual page were
written by
.An Dean Scarff.
.Sh REPORTING BUGS
Report bugs via the project website:
.Lk https://github.com/p00ya/dudders