1MARARC(5) MaraDNS reference MARARC(5)
2
6 mararc - Format of the mararc zone file that MaraDNS uses
7
9 Mararc files use a syntax that is a subset of Python 2.2.3 syntax. In
10 particular, Python 2.2.3 (and possibly other versions of Python) can
11 read a properly formatted mararc file without error.
12 Unlike Python, however, a mararc file can only use certain variable
14 names, and the variables can only be declared as described below.
15
17 Comments (lines ignored by the MaraDNS parser) start with the '#'
18 character, like this:
19 # This is a comment
21 The MaraDNS parser also ignores lines which contain only white space.
23
25 The MaraRC file supports two operators: = and +=
26 The = operator can be used to assign both numeric and string values
28 The += operator can only be used on string values, and concatenates the
30 value to the right of the += operator to the string specified to the
31 left of the += operator.
32 Examples:
34 ipv4_bind_addresses = "10.2.19.83"
36 ipv4_bind_addresses += ",10.2.66.74"
37 ipv4_bind_addresses += ",10.3.87.13"
38 ipv4_bind_addresses now has the value
40 "10.2.19.83,10.2.66.74,10.3.87.13"
41 ipv4_alias["icann"] = "198.41.0.4"
43 ipv4_alias["icann"] += ",192.228.79.201"
44 ipv4_alias["icann"] += ",192.33.4.12,128.8.10.90"
45
47 Follows is a listing of variables that can be declared in the mararc
48 file.
49
51 A dictionary variable is an array that can have multiple elements.
52 Unlike a traditional array, these arrays are indexed by strings instead
53 of numbers. These are analogous to associative arrays, or what Perl
54 somewhat inaccurately calls hashes.
55 The syntax of a dictionary variable is in the following form:
57 name["index"] = "value"
59 Where name is the name of the dictionary variable, index is the index
61 of the array, and value is the value stored at that index.
62 Every time we have a dictionary-type variable (such as csv2), we must
64 first initialize it using a line in the following form:
65 csv2 = {}
67 Here, csv2 is the name of the "dictionary" variable that we are
69 initializing.
70
72 Here is a listing of all "dictionary"-style variables that MaraDNS
73 uses:
74 csv2
76 The csv2 dictionary variable stores all of the zone names and file
78 names for the zone files that MaraDNS uses. Note that csv2 files are
79 read after MaraDNS is chrooted. Hence the filename is relative to the
80 chroot_dir. Example:
81 csv2["example.net."] = "db.example.net"
83 See csv2(5) for a description of this file's format.
85 The dictionary index (zone name) can not have a * in it. If it does,
87 MaraDNS will terminate with an "Illegal zone name" error.
88 Please note that, in order to reload a zone file, it is necessary to
90 restart MaraDNS and reload all zone files. MaraDNS uses a hash data
91 format which loads records very quickly from memory, but requires a
92 restart to update.
93 csv1
95 csv1: Used to indicate the filename to use for a given zone stored in
97 the legacy csv1 zone file format. This is primarily for compatibility
98 with people who have maradns-1.0 zone files.
99 csv1["zone"] = "filename"
101 csv1: A pipe-separated-file. See csv1(5).
102 zone: the zone that file in question is authoritative for
105 filename: the file with the CSV1 zone data
107 Note that csv1 files are read after MaraDNS is chrooted, and, hence the
109 filename is relative to the chroot_dir.
110 See the csv1(5) man page for more information on this file format.
112 ipv4_alias
114 ipv4_alias: Used to give nicknames or aliases for ip/netmask pairs for
116 ipv4 (standard 32-bit) IP addresses.
117 ipv4_alias["name"] = "ip1/netmask,ip2/netmask,etc"
119 name: The name of the alias in question
120 ip: The ip portion of an ip/netmask pair
122 netmask: the mask portion of an ip/netmask pair
124 ,: Used to separate ip/netmask pairs. Spaces may be placed before or
126 after this comma.
127 An ip is in dotted-decimal format, e.g. "10.1.2.3".
129 The netmask can be in one of two formats: A single number between 1 and
131 32, which indicates the number of leading "1" bits in the netmask, or a
132 4-digit dotted-decimal netmask.
133 The netmask is used to specify a range of IPs.
135 ipv4_alias examples
137 10.1.1.1/24 indicates that any ip from 10.1.1.0 to 10.1.1.255 will
139 match.
140 10.1.1.1/255.255.255.0 is identical to 10.1.1.1/24
142 10.2.3.4/16 indicates that any ip from 10.2.0.0 to 10.2.255.255 will
144 match.
145 10.2.3.4/255.255.0.0 is identical to 10.2.3.4/16
147 127.0.0.0/8 indicates that any ip with "127" as the first octet
149 (number) will match.
150 127.0.0.0/255.0.0.0 is identical to 127.0.0.0/8
152 The netmask is optional, and, if not present, indicates that only a
154 single IP will "match". e.g:
155 10.9.9.9/32,
157 10.9.9.9/255.255.255.255, and 10.9.9.9 are all functionally identical,
159 and indicate that only the ip 10.9.9.9 will match.
160 The significance of "match" depends on what we use the ipv4 alias for.
162 ipv4 aliases can nest. E.g:
164 ipv4_alias["susan"] = "10.6.7.8/24"
166 ipv4_alias["office"] = "susan,10.9.9.9"
167 Where "susan" in the "office" alias matches the value of the ipv4_alias
169 susan.
170 Multiple levels of nesting are allowed. Self-referring nests will
172 result in an error.
173
175 Normal variables. These are variables that can only take a single
176 value.
177 The syntax of a normal variable is in the form
179 name = "value"
181 Where name is the name of the normal variable, and value is the value
183 of the variable in question.
184
186 Here is a listing of normal variables that MaraDNS uses:
187 ipv4_bind_addresses
189 ipv4_bind_addresses: The IP addresses to give the MaraDNS server.
191 This accepts one or more ipv4 IPs in dotted-decimal (e.g. "127.0.0.1")
193 notation, and specifies what IP addresses the MaraDNS server will
194 listen on. Multiple bind addresses are separated with a comma, like
195 this: "10.1.2.3, 10.1.2.4, 127.0.0.1"
196 admin_acl
198 This is a list of ip/netmask pairs that are allowed to get certain
200 administrative information about MaraDNS, including:
201 * The version number of MaraDNS running
203 * The number of threads MaraDNS has
205 * MaraDNS' internal timestamp value
207 Note that this information is not available unless the mararc variable
209 debug_msg_level is sufficiently high. See the information on
210 debug_msg_level below for details on this and on the TXT queries sent
211 to get the above information.
212 bind_address
214 bind_address: The IP address to give the MaraDNS server.
216 This accepts a single IP in dotted-decimal (e.g. "127.0.0.1") notation,
218 and specifies what IP address the MaraDNS server will listen on. Note
219 that ipv4_bind_addresses has the same functionality. This name is
220 included so that old MaraDNS configuration files will continue to work
221 with new MaraDNS releases.
222 bind_star_handling
224 In the case where there is both a star record for a given name and
226 recordtype, a non-star record with the same name but a different
227 recordtype, and no record for the given name and recordtype, MaraDNS
228 will usually return the star record. BIND, on the other hand, will
229 return a "not there" reply. In other words:
230 * If a non-A record for foo.example.com exists
232 * An A record for *.example.com exists
234 * No A record for foo.example.com exists
236 * And the user asks for the A record for foo.example.com
238 * MaraDNS will usually return the A record attached to *.example.com
240 * BIND, on the other hand, returns a "not there" for foo.example.com
242 If the BIND behavior is desired, set bind_star_handling to 1.
244 Otherwise, set this to 0. In MaraDNS 1.3, this has a default value of
245 1.
246 In addition, if there is a star record that could match any given
248 record type, when bind_star_handling is 1, it makes sure that MaraDNS
249 does not incorrectly return a NXDOMAIN (RFC 4074 section 4.2).
250 Also, if bind_star_handling has a value of 2, MaraDNS will handle the
252 following case exactly as per section 4.3.3 of RFC1034:
253 * If a record for foo.example.com exists
255 * An A record for *.example.com exists
257 * And the user asks for the A record for bar.foo.example.com
259 * MaraDNS will usually return the A record attached to *.example.com
261 * RFC1034 section 4.3.3 says one should return a NXDOMAIN.
263 MaraDNS will exit with a fatal error if bind_star_handling has any
265 value besides 0, 1, or 2.
266 chroot_dir
268 chroot_dir: The directory MaraDNS chroots to
270 This accepts a single value: The full path to the directory to use as a
272 chroot jail.
273 Note that csv1 zone files are read after the chroot operation. Hence,
275 the chroot jail needs to have any and all zone files that MaraDNS will
276 load.
277 csv2_default_zonefile
279 This is a special zone file that allows there to be stars at the end of
281 hostnames. This file is similar to a normal csv2 zone file, but has the
282 following features and limitations:
283 * Stars are allowed at the end of hostnames
285 * A SOA record is mandatory
287 * NS records are mandatory
289 * Neither CNAME, FQDN4, nor FQDN6 records are permitted in the zone
291 file
292 * Delegation NS records are not permitted in the zone file
294 * Default zonefiles may not be transferred via zone transfer
296 * Both recursion and default zonefiles may not be enabled at the same
298 time
299 csv2_synthip_list
301 Sometimes the IP list of nameservers will be different than the
303 nameservers one is bound to. This allows the synthetic nameserver list
304 to have different IPs.
305 Note that this may act in an unexpected manner if routable and non-
307 routable (localhost and RFC1918) addresses are combined; in particular,
308 a list with both routable and non-routable addresses will discard the
309 non-routable IP addresses, and a list with rfc1918 and localhost
310 addresses will discard the localhost addresses.
311 csv2_tilde_handling
313 How the csv2 zone file parser handles tildes (the ~ character) in csv2
315 zone files. This is a numeric record, with a possible value between 0
316 and 3 (four possible values). The way the csv2 parser acts at different
317 csv2_tilde_handling levels:
318 * 0) The csv2 parser behaves the same as it does in old MaraDNS
320 releases: The tilde has no special significance to the parser.
321 * 1) A tilde is not allowed anywhere in a csv2 zone file.
323 * 2) A tilde is only allowed between records in a csv2 zone file. If a
325 tilde is between the first record and the second record, a tilde is
326 required to be between all records. Otherwise, a tilde is not allowed
327 anywhere in a csv2 zone file. The first record can not be a TXT, WKS,
328 or LOC record.
329 * 3) A tilde is required to be between all records in a csv2 zone file.
331 The default value for csv2_tilde_handling is 2; this allows
333 compatibility with older zone files without tildes while allowing zone
334 files to be updated to use the tilde to separate resource records.
335 debug_msg_level
337 This is a number indicating what level of information about a running
339 MaraDNS process should be made public. When set to 0, no information
340 will be made public.
341 When set to one (the default), or higher, a Tversion.maradns. (TXT
343 query for "version.maradns.") query will return the version number of
344 MaraDNS.
345 When set to two or higher, a Tnumthreads.maradns. (TXT query for
347 "numthreads.maradns.") query will return the number of threads that
348 MaraDNS is currently running, and a Tcache-elements.maradns. query will
349 return the number of elements in MaraDNS' cache.
350 If MaraDNS is compiled with debugging information on, a
352 Tmemusage.maradns. query will return the amount of memory MaraDNS has
353 allocated. Note that the overhead for tracking memory usage is
354 considerable and that compiling MaraDNS with "make debug" will greatly
355 slow down MaraDNS. A debug build of MaraDNS is not recommended for
356 production use.
357 When set to three or higher, a Ttimestamp.maradns. query will return,
359 in seconds since the UNIX epoch, the timestamp for the system MaraDNS
360 is running on.
361 default_rrany_set
364 This variable used to determine what kind of resource records were
366 returned when an ANY query was sent. In MaraDNS, the data structures
367 have since been revised to return any resource record type when an ANY
368 query is sent; this variable does nothing, and is only here so that old
369 MaraDNS mararc files will continue to work. The only accepted values
370 for this variable were 3 and 15.
371 dns_port
373 This is the port that MaraDNS listens on. This is usually 53 (the
375 default value), but certain unusual MaraDNS setups (such as when
376 resolving dangling CNAME records on but a single IP) may need to have a
377 different value for this.
378 dos_protection_level
380 If this is set to a non-zero value, certain features of MaraDNS will be
382 disabled in order to speed up MaraDNS' response time. This is designed
383 for situations when a MaraDNS server is receiving a large number of
384 queries, such as during a denial of service attack.
385 This is a numeric variable; its default value is zero, indicating that
387 all of MaraDNS' normal features are enabled. Higher numeric values
388 disable more features:
389 * A dos_protection_level between 1 and 78 (inclusive) disables getting
391 MaraDNS status information remotely.
392 * A dos_protection_level of 8 or above disables CNAME lookups.
394 * A dos_protection_level or 12 or above disables delegation NS records.
396 * A dos_protection_level of 14 or above disables ANY record processing.
398 * A dos_protection_level of 18 or above disables star record processing
400 at the beginning of hostnames (default zonefiles still work,
401 however).
402 * A dos_protection_level of 78 disables all authoritative processing,
404 including default zonefiles.
405 The default level of dos_protection_level is 0 when there are one or
407 more zonefiles; 78 when there are no zone files.
408 ipv6_bind_address
410 If MaraDNS is compiled with as an authoritative server, then this
412 variable will tell MaraDNS which ipv6 address for the UDP server to;
413 for this variable to be set, MaraDNS must be bound to at least one ipv4
414 address.
415 hide_disclaimer
417 If this is set to "YES", MaraDNS will not display the legal disclaimer
419 when starting up.
420 long_packet_ipv4
422 This is a list of IPs which we will send UDP packets longer than the
424 512 bytes RFC1035 permits if necessary. This is designed to allow
425 zoneserver, when used send regular DNS packets over TCP, to receive
426 packets with more data than can fit in a 512-byte DNS packet.
427 This variable only functions if MaraDNS is compiled as an authoritative
429 only server.
430 maradns_uid
432 maradns_uid: The numeric UID that MaraDNS will run as
434 This accepts a single numerical value: The UID to run MaraDNS as.
436 MaraDNS, as soon as possible drops root privileges, minimizing the
438 damage a potential attacker can cause should there be a security
439 problem with MaraDNS. This is the UID maradns becomes.
440 The default UID is 707.
442 maradns_gid
444 maradns_gid: The numeric GID that MaraDNS will run as.
446 This accepts a single numerical value: The GID to run MaraDNS as.
448 The default GID is 707.
450 max_ar_chain
452 max_ar_chain: The maximum number of records to display if a record in
454 the additional section (e.g., the IP of a NS server or the ip of a MX
455 exchange) has more than one value.
456 This is similar to max_chain, but applies to records in the
458 "additional" (or AR) section.
459 Due to limitations in the internal data structures that MaraDNS uses to
461 store RRs, if this has a value besides one, round robin rotates of
462 records are disabled.
463 The default value for this variable is 1.
465 max_chain
467 max_chain: The maximum number of records to display in a chain of
469 records.
470 With DNS, it is possible to have more than one RR for a given domain
472 label. For example, "example.com" can have, as the A record, a list of
473 multiple ip addresses.
474 This sets the maximum number of records MaraDNS will show for a single
476 RR.
477 MaraDNS normally round-robin rotates records. Hence, all records for a
479 given DNS label (e.g. "example.com.") will be visible, although not at
480 the same time if there are more records than the value allowed with
481 max_chain
482 The default value for this variable is 8.
484 max_tcp_procs
486 max_tcp_procs: The (optional) maximum number of processes the zone
488 server is allowed to run.
489 Sometimes, it is desirable to have a different number of maximum
491 allowed tcp processes than maximum allowed threads. If this variable is
492 not set, the maximum number of allowed tcp processes is "maxprocs".
493 max_total
495 max_total: The maximum number of records to show total for a given DNS
497 request.
498 This is the maximum total number of records that MaraDNS will make
500 available in a DNS reply.
501 The default value for this variable is 20.
503 max_mem
505 max_mem is the maximum amount of memory we allow MaraDNS to allocate,
507 in bytes.
508 The default value of this is to allocate 2 megabytes for MaraDNS'
510 general use, and in addition, to allocate 3072 bytes for each element
511 we can have in the cache or DNS record that we are authoritatively
512 serving.
513 min_visible_ttl
515 min_visible_ttl: The minimum value that we will will show as the TTL
517 (time to live) value for a resource record to other DNS servers and
518 stub resolvers. In other words, this is the minimum value we will ask
519 other DNS server to cache (keep in their memory) a DNS resource record.
520 The value is in seconds. The default value for this is 30; the minimum
522 value this can have is 5.
523 As an aside, RFC1123 section 6.1.2.1 implies that zero-length TTL
525 records should be passed on with a TTL of zero. This, unfortunately,
526 breaks some stub resolvers (such as Mozilla's stub resolver).
527 remote_admin
529 remote_admin: Whether we allow verbose_level to be changed after
531 MaraDNS is started.
532 If remote_admin is set to 1, and admin_acl is set, any and all IPs
534 listed in admin_acl will be able to reset the value of verbose_level
535 from any value between 0 and 9 via a TXT query in the form of
536 5.verbose_level.maradns. What this will do is set verbose_query to the
537 value in the first digit of the query.
538 This is useful when wishing to temporarily increase the verbose_level
540 to find out why a given host name is not resolving, then decreasing
541 verbose_level so as to minimize the size of MaraDNS' log.
542 rfc8482
544 If this is set to 1, MaraDNS will not allow ANY queries, sending a
546 RFC8482 response if one is given to MaraDNS. If this is 0, ANY queries
547 are allowed. Default value: 1
548 synth_soa_origin
550 When a CSV2 zone file doesn't have a SOA record in it, MaraDNS
552 generates a SOA record on the fly. This variable determines the host
553 name for the "SOA origin" (which is called the MNAME in RFC1035); this
554 is the host name of the DNS server which has the "master copy" of a
555 given DNS zone's file.
556 This host name is in human-readable format without a trailing dot,
558 e.g.:
559 synth_soa_origin = "ns1.example.com"
561 If this is not set, a synthetic SOA record will use the name of the
563 zone for the SOA origin (MNAME) field.
564 synth_soa_serial
566 This determines whether we strictly follow RFC1912 section 2.2 with SOA
568 serial numbers. If this is set to 1 (the default value), we do not
569 strictly follow RFC1912 section 2.2 (the serial is a number, based on
570 the timestamp of the zone file, that is updated every six seconds), but
571 this makes it so that a serial number is guaranteed to be automatically
572 updated every time one edits a zone file.
573 If this is set to 2, the SOA serial number will be in YYYYMMDDHH
575 format, where YYYY is the 4-digit year, MM is the 2-digit month, DD is
576 the 2-digit day, and HH is the 2-digit hour of the time the zone file
577 was last updated (GMT; localtime doesn't work in a chroot()
578 environment). While this format is strictly RFC1912 compliant, the
579 disadvantage is that more than one edit to a zone file in an hour will
580 not update the serial number.
581 I strongly recommend, unless it is extremely important to have a DNS
583 zone that generates no warnings when tested at dnsreport.com, to have
584 this set to 1 (the default value). Having this set to 2 can result in
585 updated zone files not being seen by slave DNS servers.
586 Note that synth_soa_serial can only have a value of 1 on the native
588 Windows port.
589 On systems where time_t is 32-bit, MaraDNS will always act as if
591 synth_soa_serial has a value of 1. This is to avoid having MaraDNS use
592 invalid time and date values starting in late January of 2038; systems
593 with a 32-bit time_t can very well have their underlying system
594 libraries with regards to dates and times no longer correctly function
595 come 2038.
596 tcp_convert_acl
598 This only applies to the zoneserver (general DNS-over-TCP) program.
600 This is a list of IPs which are allowed to connect to the zoneserver
602 and send normal TCP DNS requests. The zoneserver will convert TCP DNS
603 requests in to UDP DNS requests, and send the UDP request in question
604 to the server specified in tcp_convert_server. Once it gets a reply
605 from the UDP DNS server, it will convert the reply in to a TCP request
606 and send the reply back to the original TCP client.
607 Whether the RD (recursion desired) flag is set or not when converting a
609 TCP DNS request in to a UDP DNS request is determined by whether the
610 TCP client is on the recursive_acl list. Since MaraDNS 2.0 does not
611 have recursion, the maradns daemon ignores the RD bit (Deadwood will
612 not process any queries without the RD bit set).
613 tcp_convert_server
615 This only applies to the zoneserver (general DNS-over-TCP) program.
617 This is the UDP server which we send a query to when converting DNS TCP
619 queries in to DNS UDP servers. Note that, while this value allows
620 multiple IPs, all values except the first one are presently ignored.
621 timestamp_type
623 timestamp_type: The type of timestamp to display. The main purpose of
625 this option is to suppress the output of timestamps. Since duende uses
626 syslog() to output data, and since syslog() adds its own timestamp,
627 this option should be set to 5 when maradns is invoked with the duende
628 tool.
629 This option also allows people who do not use the duende tool to view
631 human-readable timestamps. This option only allows timestamps in GMT,
632 due to issues with showing local times in a chroot() environment.
633 This can have the following values:
635 0 The string "Timestamp" followed by a UNIX timestamp
637 1 Just the bare UNIX timestamp
639 2 A GMT timestamp in the Spanish language
641 3 A (hopefully) local timestamp in the Spanish language
643 4 A timestamp using asctime(gmtime()); usually in the English
645 language
646 5 No timestamp whatsoever is shown (this is the best option when
648 maradns is invoked with the duende tool).
649 6 ISO GMT timestamp is shown
651 7 ISO local timestamp is shown
653 On systems where time_t is 32-bit, MaraDNS will always act as if
655 timestamp_type has a value of 5, never showing a timestamp. This is to
656 avoid having MaraDNS show an invalid timestamp starting in late January
657 of 2038; systems with a 32-bit time_t can very well have their
658 underlying system libraries with regards to dates and times no longer
659 correctly function come 2038.
660 The default value for this variable is 5.
662 verbose_level
664 verbose_level: The number of messages we log to stdout
666 This can have five values:
668 0 No messages except for the legal disclaimer and fatal parsing
670 errors
671 1 Only startup messages logged (Default level)
673 2 Error queries logged
675 3 All queries logged
677 4 All actions adding and removing records from the cache logged
679 The default value for this variable is 1.
681 zone_transfer_acl
683 zone_transfer_acl: List of ips allowed to perform zone transfers with
685 the zone server
686 The format of this string is identical to the format of an ipv4_alias
688 entry.
689
691 # Example mararc file (unabridged version)
692 # The various zones we support
694 # We must initialize the csv2 hash, or MaraDNS will be unable to
696 # load any csv2 zone files
697 csv2 = {}
698 # This is just to show the format of the file
700 #csv2["example.com."] = "db.example.com"
701 # The address this DNS server runs on. If you want to bind
703 # to multiple addresses, separate them with a comma like this:
704 # "10.1.2.3,10.1.2.4,127.0.0.1"
705 ipv4_bind_addresses = "127.0.0.1"
706 # The directory with all of the zone files
707 chroot_dir = "/etc/maradns"
708 # The numeric UID MaraDNS will run as
709 maradns_uid = 99
710 # The (optional) numeric GID MaraDNS will run as
711 # maradns_gid = 99
712 # Normally, MaraDNS has some MaraDNS-specific features, such as DDIP
714 # synthesizing, a special DNS query ("erre-con-erre-cigarro.maradns.org."
715 # with a TXT query returns the version of MaraDNS that a server is
716 # running), unique handling of multiple QDCOUNTs, etc. Some people
717 # might not like these features, so I have added a switch that lets
718 # a sys admin disable all these features. Just give "no_fingerprint"
719 # a value of one here, and MaraDNS should be more or less
720 # indistinguishable from a tinydns server.
721 no_fingerprint = 0
722 # These constants limit the number of records we will display, in order
724 # to help keep packets 512 bytes or smaller. This, combined with round_robin
725 # record rotation, help to use DNS as a crude load-balancer.
726 # The maximum number of records to display in a chain of records (list
728 # of records) for a given host name
729 max_chain = 8
730 # The maximum number of records to display in a list of records in the
731 # additional section of a query. If this is any value besides one,
732 # round robin rotation is disabled (due to limitations in the current
733 # data structure MaraDNS uses)
734 max_ar_chain = 1
735 # The maximum number of records to show total for a given question
736 max_total = 20
737 # The number of messages we log to stdout
739 # 0: No messages except for fatal parsing errors and the legal disclaimer
740 # 1: Only startup messages logged (default)
741 # 2: Error queries logged
742 # 3: All queries logged (but not very verbosely right now)
743 verbose_level = 1
744 # Here is a ACL which restricts who is allowed to perform zone transfer from
746 # the zoneserver program
747 # Simplest form: 10.1.1.1/24 (IP: 10.1.1.1, 24 left bits in IP need to match)
749 # and 10.100.100.100/255.255.255.224 (IP: 10.100.100.100, netmask
750 # 255.255.255.224) are allowed to connect to the zone server
751 # NOTE: The "maradns" program does not serve zones. Zones are served
752 # by the "zoneserver" program.
753 #zone_transfer_acl = "10.1.1.1/24, 10.100.100.100/255.255.255.224"
754
757 If one should declare the same the same index twice with a dictionary
758 variable, MaraDNS will exit with a fatal error. This is because earlier
759 versions of MaraDNS acted in a different manner than Python 2.3.3. With
760 Python 2.3.3, the last declaration is used, while MaraDNS used to use
761 the first declaration.
762
764 THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS OR
765 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
766 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
767 DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR
768 ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
769 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
770 OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
771 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
772 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
773 IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
774 POSSIBILITY OF SUCH DAMAGE.
775MARADNS January 2002 MARARC(5)