GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  ODS-AUDITOR (1)

NAME

ods-auditor - OpenDNSSEC Auditor

CONTENTS

SYNOPSIS

ods-auditor [-c path] [-k path] [-s path] [-u path] -z name [-f|-p]
ods-auditor [-h]
ods-auditor [-v]

DESCRIPTION

ods-auditor is a module which provides auditing capabilities to OpenDNSSEC.

Once an unsigned zone has been signed, this module can be used to check that the signing process has run successfully. It checks that no data has been lost (or non-DNSSEC data added), and that all the DNSSEC records are correct. It uses the OpenDNSSEC standard logging (defined in /usr/local/etc/opendnssec/conf.xml).

The Auditor takes the signed and unsigned zones and compares them. It first parses both files, and creates transient files which are then sorted into canonical order. These files are then processed by the Auditor. If processing an NSEC3-signed file, the Auditor will create additional temporary files, which are processed after the main auditing run.

OPTIONS

-c, --conf path
  Path to an OpenDNSSEC configuration file

(defaults to /usr/local/etc/opendnssec/conf.xml)

-k, --kasp path
  Path to KASP policy file

(defaults to the path given in the configuration file)

-z, --zone name
  Only audit the specified zone

(defaults to audit all zones)

-s, --signed path
  If a single zone is specified, then this option may override the default location of the signed zone file with another. This is for use by the signer.

(defaults to the path given in the zone list)

-u, --unsigned path
  If a single zone is specified, then this option may override the default location of the unsigned zone file with another. This is for use by the signer.

(defaults to the path given in the zone list)

-f, --full Perform a full audit
-p, --partial
  Perform a partial audit
-v, --version
  Display version information
-h, -?, --help
  Show the help screen

SEE ALSO

ods-control(8), ods-enforcerd(8), ods-hsmspeed(1), ods-hsmutil(1), ods-kaspcheck(1), ods-ksmutil(1), ods-signer(8), ods-signerd(8), ods-timing(5), opendnssec(7), http://www.opendnssec.org/

AUTHORS

ods-auditor was written by Alex Dalitz and Nominet as part of the OpenDNSSEC project.

Search for    or go to Top of page |  Section 1 |  Main Index


OpenDNSSEC ODS-AUDITOR (1) February 2010

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.