diff options
| author | Martin Kosek <mkosek@redhat.com> | 2012-02-14 11:10:22 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-02-24 09:40:47 +0100 |
| commit | 210d913eb19ee24e4a271fab8746e4ca5234c3d6 (patch) | |
| tree | 08bc53542f2d3d378e15218e4d1a6b5d96d110d4 | |
| parent | 860579022532ee4133fc74e8f916cb40dc3ea239 (diff) | |
| download | freeipa.git-210d913eb19ee24e4a271fab8746e4ca5234c3d6.tar.gz freeipa.git-210d913eb19ee24e4a271fab8746e4ca5234c3d6.tar.xz freeipa.git-210d913eb19ee24e4a271fab8746e4ca5234c3d6.zip | |
Add DNS conditional forwarding
Add ability configure per-zone forwarder for DNS zones. Any data
in such zone will then be considered as non-authoritative and all
queries will be sent to specified forwarder.
https://fedorahosted.org/freeipa/ticket/2108
| -rw-r--r-- | API.txt | 12 | ||||
| -rw-r--r-- | ipalib/plugins/dns.py | 22 |
2 files changed, 30 insertions, 4 deletions
@@ -1067,7 +1067,7 @@ output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Entry('result', <type 'dict'>, Gettext('A dictionary representing an LDAP entry', domain='ipa', localedir=None)) output: Output('value', <type 'unicode'>, None) command: dnszone_add -args: 1,21,3 +args: 1,23,3 arg: Str('idnsname', attribute=True, cli_name='name', multivalue=False, primary_key=True, required=True) option: Str('name_from_ip', attribute=False, cli_name='name_from_ip', multivalue=False, required=False) option: Str('idnssoamname', attribute=True, cli_name='name_server', multivalue=False, required=True) @@ -1083,6 +1083,8 @@ option: Str('idnsupdatepolicy', attribute=True, cli_name='update_policy', multiv option: Bool('idnsallowdynupdate', attribute=True, autofill=True, cli_name='dynamic_update', default=False, multivalue=False, required=False) option: Str('idnsallowquery', attribute=True, autofill=True, cli_name='allow_query', default=u'any;', multivalue=False, required=False) option: Str('idnsallowtransfer', attribute=True, autofill=True, cli_name='allow_transfer', default=u'none;', multivalue=False, required=False) +option: Str('idnsforwarders', attribute=True, cli_name='forwarder', csv=True, multivalue=True, required=False) +option: StrEnum('idnsforwardpolicy', attribute=True, cli_name='forward_policy', multivalue=False, required=False, values=(u'only', u'first')) option: Str('setattr*', cli_name='setattr', exclude='webui') option: Str('addattr*', cli_name='addattr', exclude='webui') option: Flag('force', autofill=True, default=False) @@ -1113,7 +1115,7 @@ output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: Output('result', <type 'bool'>, None) output: Output('value', <type 'unicode'>, None) command: dnszone_find -args: 1,23,4 +args: 1,25,4 arg: Str('criteria?', noextrawhitespace=False) option: Str('idnsname', attribute=True, autofill=False, cli_name='name', multivalue=False, primary_key=True, query=True, required=False) option: Str('name_from_ip', attribute=False, autofill=False, cli_name='name_from_ip', multivalue=False, query=True, required=False) @@ -1131,6 +1133,8 @@ option: Bool('idnszoneactive', attribute=True, autofill=False, cli_name='zone_ac option: Bool('idnsallowdynupdate', attribute=True, autofill=False, cli_name='dynamic_update', default=False, multivalue=False, query=True, required=False) option: Str('idnsallowquery', attribute=True, autofill=False, cli_name='allow_query', default=u'any;', multivalue=False, query=True, required=False) option: Str('idnsallowtransfer', attribute=True, autofill=False, cli_name='allow_transfer', default=u'none;', multivalue=False, query=True, required=False) +option: Str('idnsforwarders', attribute=True, autofill=False, cli_name='forwarder', csv=True, multivalue=True, query=True, required=False) +option: StrEnum('idnsforwardpolicy', attribute=True, autofill=False, cli_name='forward_policy', multivalue=False, query=True, required=False, values=(u'only', u'first')) option: Int('timelimit?', autofill=False, minvalue=0) option: Int('sizelimit?', autofill=False, minvalue=0) option: Flag('forward_only', autofill=True, cli_name='forward_only', default=False) @@ -1143,7 +1147,7 @@ output: ListOfEntries('result', (<type 'list'>, <type 'tuple'>), Gettext('A list output: Output('count', <type 'int'>, None) output: Output('truncated', <type 'bool'>, None) command: dnszone_mod -args: 1,21,3 +args: 1,23,3 arg: Str('idnsname', attribute=True, cli_name='name', multivalue=False, primary_key=True, query=True, required=True) option: Str('name_from_ip', attribute=False, autofill=False, cli_name='name_from_ip', multivalue=False, required=False) option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', multivalue=False, required=False) @@ -1159,6 +1163,8 @@ option: Str('idnsupdatepolicy', attribute=True, autofill=False, cli_name='update option: Bool('idnsallowdynupdate', attribute=True, autofill=False, cli_name='dynamic_update', default=False, multivalue=False, required=False) option: Str('idnsallowquery', attribute=True, autofill=False, cli_name='allow_query', default=u'any;', multivalue=False, required=False) option: Str('idnsallowtransfer', attribute=True, autofill=False, cli_name='allow_transfer', default=u'none;', multivalue=False, required=False) +option: Str('idnsforwarders', attribute=True, autofill=False, cli_name='forwarder', csv=True, multivalue=True, required=False) +option: StrEnum('idnsforwardpolicy', attribute=True, autofill=False, cli_name='forward_policy', multivalue=False, required=False, values=(u'only', u'first')) option: Str('setattr*', cli_name='setattr', exclude='webui') option: Str('addattr*', cli_name='addattr', exclude='webui') option: Str('delattr*', cli_name='delattr', exclude='webui') diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 0b54aae0..79e7407a 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -144,6 +144,13 @@ EXAMPLES: Show records for resource www in zone example.com ipa dnsrecord-show example.com www + Forward all request for a zone external.com to another nameserver using + a "first" policy (it will send the queries to the selected forwarder and if + not answered it will use global resolvers): + ipa dnszone-add external.com + ipa dnszone-mod external.com --forwarder=10.20.0.1 \\ + --forward-policy=first + Delete zone example.com with all resource records: ipa dnszone-del example.com @@ -1215,7 +1222,8 @@ class dnszone(LDAPObject): default_attributes = [ 'idnsname', 'idnszoneactive', 'idnssoamname', 'idnssoarname', 'idnssoaserial', 'idnssoarefresh', 'idnssoaretry', 'idnssoaexpire', - 'idnssoaminimum', 'idnsallowquery', 'idnsallowtransfer' + 'idnssoaminimum', 'idnsallowquery', 'idnsallowtransfer', + 'idnsforwarders', 'idnsforwardpolicy' ] + _record_attributes label = _('DNS Zones') label_singular = _('DNS Zone') @@ -1337,6 +1345,18 @@ class dnszone(LDAPObject): default=u'none;', # no one can issue queries by default autofill=True, ), + Str('idnsforwarders*', + _validate_ipaddr, + cli_name='forwarder', + label=_('Zone forwarders'), + doc=_('A list of zone forwarders'), + csv=True, + ), + StrEnum('idnsforwardpolicy?', + cli_name='forward_policy', + label=_('Forward policy'), + values=(u'only', u'first',), + ), ) api.register(dnszone) |