8eade8f6815fee0acc2c6b70068bc171562c1b0c
[valtz.git] / valtz.1
1 .TH valtz 1
2
3 .SH NAME
4 valtz \- Validate tinydns-data files.
5
6 .SH SYNOPSIS
7
8 Validate one or more tinydns-data files:
9
10 \fBvaltz\fR [\fB-r\fR] [\fB-R\fR] [\fB-i\fR] \fItinydns-file1\fR [\fItinydns-file2 ...\fR]
11
12 Filter bad lines out of one or more tinydns-data files:
13
14 \fBvaltz\fR [\fB-HiIqrRst\fR] [\fB-T \fItypes\fR\fR] -f \fItinydns-file1\fR [\fItinydns-file2 ...\fR]
15
16 Filter bad lines using filter configuration files:
17
18 \fBvaltz\fR [\fB-fHiIqrRst\fR] [\fB-T \fItypes\fR\fR] -F \fIfilter-file1\fR [\fIfilter-file2 ...\fR]
19
20 Show the built-in help:
21
22 \fBvaltz\fR -h
23
24 .SH OPTIONS
25
26 .IP \fB-h\fR
27 Display usage summary.
28 .IP \fB-f\fR
29 Filter out invalid lines and write the rest to stdout.
30 .IP \fB-F\fR
31 Treat the program's arguments as filter configuration files rather than
32 as tinydns-data files. See the ADVANCED FILTERING section below for more
33 information.
34 .IP \fB-r\fR
35 Allow "fqdn" fields to be empty, thereby denoting the root.
36 When using ADVANCED FILTERING, this is the default behavior for "deny" filters,
37 and can be obtained explicitly for "allow" filters by specifying "allow ."
38 .IP \fB-R\fR
39 Allow "mname" and "p" fields to be empty. This is probably not very
40 useful.
41 .IP \fB-i\fR
42 Allow "ip" fields to be empty. These lines do not generate any records.
43 .IP \fB-I\fR (filtering only)
44 Include rejected lines as comments in output.
45 .IP \fB-q\fR (filtering only)
46 Do not print valid lines to standard out.
47 .IP \fB-s\fR
48 -s Don't skip files ending with ",v", "~", ".bak", ".log", ".old", ".swp", and ".tmp".
49 .IP \fB-t\fR (filtering only)
50 Don't ignore comment lines (beginning with a "#" character).
51 .IP \fB-T \fItypes\fR\fR (advanced filtering only)
52 Specify additional allowed record types, on top of the ones
53 allowed by the filter configuration files.
54
55 .SH OUTPUT
56 When validating, ideally no output is generated. Any errors are
57 printed to standard error.
58 .P
59 When filtering, the acceptable lines are printed to standard out.
60
61 .SH EXIT CODE
62 The exit code will be 0 if nothing has gone wrong. If any validation
63 error occured, the return value is incremented by 1. If a disallowed
64 record type was encountered, the return value is incremented by 2.
65 If you forgot to pass the required filename arguments (either the
66 tinydns-data files or the filter configuration files), then we exit
67 immediately with code 4.
68
69 .SH ADVANCED FILTERING
70 When the \fB-F\fR flag is used, valtz performs "advanced filtering"
71 controlled by filter configuration files that are specified on the
72 command line. These files contain one or more of the following
73 directives, each of which may appear only once unless otherwise
74 specified:
75 .IP \fBzonefile\ \fIpaths\fR\fR
76 Directly specifies the tinydns-data files to which this filter
77 applies.
78 .IP \fBzonefile\ file:\fIzonelist\fR\fR
79 Indirectly specifies the tinydns-data files to which this filter
80 applies, by referencing another \fIzonelist\fR that contains one path
81 (to a tinydns-data file) per line.
82 .IP \fBextralog\ \fIlogfile\fR\fR
83 Log errors to \fIlogfile\fR in addition to printing them to standard
84 error. Useful when you have many tinydns-data files and want to keep
85 their results separate.
86 .IP \fBdeny\ \fIpattern\fR\fR
87 Place the filter in "implicit allow" mode, so that all records are
88 allowed unless their "fqdn" is explicitly matched by the
89 perl-compatible regular expression \fIpattern\fR. May appear more than
90 once.
91 .IP \fBdeny\ file:\fIdenylist\fR\fR
92 Place the filter in "implicit allow" mode, so that all records are
93 allowed unless their "fqdn" is explicitly matched by a line in
94 \fIdenylist\fR, which should contain one perl-compatible regular
95 expression per line. May appear more than once.
96 .IP \fBallow\ \fIpattern\fR\fR
97 Place the filter in "implicit deny" mode, so that all records are
98 denied unless their "fqdn" is explicitly matched by the
99 perl-compatible regular expression \fIpattern\fR. May appear more than
100 once.
101 .IP \fBallow\ file:\fIallowlist\fR\fR
102 Place the filter in "implicit deny" mode, so that all records are
103 denied unless their "fqdn" is explicitly matched by a line in
104 \fIallowlist\fR, which should contain one perl-compatible regular
105 expression per line. May appear more than once.
106 .IP \fBallowtype\ \fItypes\fR\fR
107 Specifies a whitespace-separated list allowed record types. When used,
108 even comment lines (type "#") must explicitly be allowed if you want
109 to include them in the output. Valid record types are "%", ".", "&",
110 "=", "+", "@", "#", "-", "'", "^", "C", "S", "Z", and ":".
111
112 .SH EXAMPLES
113
114 .IP \[bu] 2
115 Validate a file without errors:
116
117 .nf
118 .I $ valtz example.org.tinydns
119 .I $ echo $?
120 0
121 .fi
122
123 .IP \[bu] 2
124 Validate a file \fBwith\fR errors:
125
126 .nf
127 .I $ valtz example.com.tinydns
128 File example.com.tinydns
129 line 5; err 1 !example.com.::127.0.0.1:
130 unknown record type: #21
131 .I $ echo $?
132 1
133 .fi
134
135 .IP \[bu] 2
136 Filter invalid lines out of the given file:
137
138 .nf
139 .I $ valtz -f example.com.tinydns 2>/dev/null
140 Zexample.com.:dns1.example.com.:admin.example.com.:
141 &example.com.::dns1.example.com.:
142 &example.com.::dns2.example.com.:
143 +example.com.:127.0.0.1:
144 Cwww.example.com.:example.com.:
145 .fi
146
147 .IP \[bu] 2
148 Use advanced filtering with a configuration file that drops everything
149 except SOA and A records (of type "Z" and "+", respectively):
150
151 .nf
152 .I $ cat keep-SOA-A-records.valtz
153 zonefile example.com.tinydns
154 allowtype Z +
155 .I $ valtz -F keep-SOA-A-records.valtz 2>/dev/null
156 Zexample.com.:dns1.example.com.:admin.example.com.:
157 +example.com.:127.0.0.1:
158 .fi