diff options
| author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2014-01-30 13:52:13 +0100 |
|---|---|---|
| committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2014-01-30 16:23:04 +0100 |
| commit | 9449f151d0ccf3ac755d5f2bd9b4057ae2b03157 (patch) | |
| tree | ada21dc6aa0b146c62a7561a08fb51fe4a8922ee /mDNSResponder/mDNSShared/dnsextd.conf | |
| parent | DHCPCD(8): Add MASTER_ONLY option (diff) | |
| download | rtems-libbsd-9449f151d0ccf3ac755d5f2bd9b4057ae2b03157.tar.bz2 | |
mDNS: Import
The sources can be obtained via:
http://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-544.tar.gz
Diffstat (limited to 'mDNSResponder/mDNSShared/dnsextd.conf')
| -rw-r--r-- | mDNSResponder/mDNSShared/dnsextd.conf | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/mDNSResponder/mDNSShared/dnsextd.conf b/mDNSResponder/mDNSShared/dnsextd.conf new file mode 100644 index 00000000..0379580d --- /dev/null +++ b/mDNSResponder/mDNSShared/dnsextd.conf @@ -0,0 +1,60 @@ +// ---------------------------------------------------------------------------- +// +// Instructions for /etc/dnsextd.conf (this file) +// +// In most cases, you should not need to change these default options in +// the "options" section below. The dnsextd daemon will receive DNS packets +// on port 53, and forward them on as appropriate to BIND on localhost:5030. +// +// You need to edit the "zone" statement below to give the name of your +// dynamic zone that will be accepting Wide-Area Bonjour DNS updates. +// +// ---------------------------------------------------------------------------- +// +// Instructions for /etc/named.conf +// +// In /etc/named.conf you will need to modify the "options" section to +// tell BIND to accept packets from localhost:5030, like this: +// +// listen-on port 5030 { 127.0.0.1; }; +// +// You also need a "zone" statement in /etc/named.conf to tell BIND the update +// policy for your dynamic zone. For example, within a small closed private +// network, you might allow anyone to perform updates. To do that, you just +// permit any and all updates coming from dnsextd on the same machine: +// +// zone "my-dynamic-subdomain.company.com." +// { type master; file "db.xxx"; allow-update { 127.0.0.1; }; }; +// +// On a machine connected to the Internet or other large open network, +// you'll want to limit updates to only users with keys. For example, +// you could choose to allow anyone with a DNS key on your server to +// perform updates in your dynamic zone, like this: +// +// key keyname. { algorithm hmac-md5; secret "abcdefghijklmnopqrstuv=="; }; +// zone "my-dynamic-subdomain.company.com." in +// { +// type master; +// file "db.my-dynamic-subdomain.company.com"; +// update-policy { grant * wildcard *.my-dynamic-subdomain.company.com.; }; +// }; +// +// You could use a single key which you give to all authorized users, but +// it is better (though more work) to create a unique key for each user. +// +// ---------------------------------------------------------------------------- + +options { +// This defaults to: * port 53 +// listen-on port 53 { 192.168.2.10; 127.0.0.1; }; +// This defaults to: 127.0.0.1:5030 +// nameserver address 127.0.0.1 port 5030; +// This defaults to: 5533 +// private port 5533; +// This defaults to: 5352 +// llq port 5352; +}; + +zone "my-dynamic-subdomain.company.com." { + type public; +}; |