Commit c4dbad7b authored by Tinderbox User's avatar Tinderbox User

regen master

parent e66aaccf
This diff is collapsed.
......@@ -278,6 +278,19 @@
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<p>
The Response Policy Zone (RPZ) implementation has been
substantially refactored: updates to the RPZ summary
database are no longer directly performed by the zone
database but by a separate function that is called when
a policy zone is updated. This improves both performance
and reliability when policy zones receive frequent updates.
Summary database updates can be rate-limited by using the
<span class="command"><strong>min-update-interval</strong></span> option in a
<span class="command"><strong>response-policy</strong></span> statement. [RT #43449]
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>dnstap</strong></span> now stores both the local and remote
addresses for all messages, instead of only the remote address.
The default output format for <span class="command"><strong>dnstap-read</strong></span> has
......
......@@ -241,6 +241,19 @@
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<p>
The Response Policy Zone (RPZ) implementation has been
substantially refactored: updates to the RPZ summary
database are no longer directly performed by the zone
database but by a separate function that is called when
a policy zone is updated. This improves both performance
and reliability when policy zones receive frequent updates.
Summary database updates can be rate-limited by using the
<span class="command"><strong>min-update-interval</strong></span> option in a
<span class="command"><strong>response-policy</strong></span> statement. [RT #43449]
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>dnstap</strong></span> now stores both the local and remote
addresses for all messages, instead of only the remote address.
The default output format for <span class="command"><strong>dnstap-read</strong></span> has
......
......@@ -303,7 +303,7 @@ options {
<integer>;
response-policy { zone <quoted_string> [ log <boolean> ] [
max-policy-ttl <integer> ] [ min-update-interval <integer> ] [
policy ( cname | disabled | drop | given | no-op | nodata |
policy ( cname | disabled | drop | given | no-op | nodata |
nxdomain | passthru | tcp-only <quoted_string> ) ] [
recursive-only <boolean> ]; ... } [ break-dnssec <boolean> ] [
max-policy-ttl <integer> ] [ min-update-interval <integer> ] [
......@@ -613,7 +613,7 @@ view <string> [ <class> ] {
response-policy { zone <quoted_string> [ log <boolean> ] [
max-policy-ttl <integer> ] [ min-update-interval <integer> ] [
policy ( cname | disabled | drop | given | no-op | nodata |
nxdomain | passthru | tcp-only | <quoted_string> ) ] [
nxdomain | passthru | tcp-only <quoted_string> ) ] [
recursive-only <boolean> ]; ... } [ break-dnssec <boolean> ] [
max-policy-ttl <integer> ] [ min-update-interval <integer> ] [
min-ns-dots <integer> ] [ nsip-wait-recurse <boolean> ] [
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment