g_verbose = g_vm.count("verbose");
if(cmds.empty() || g_vm.count("help") || cmds[0] == "help") {
- cerr<<"Usage: \npdnsutil [options] <command> [params ..]\n"<<endl;
- cerr<<"Commands:"<<endl;
- cerr<<"activate-tsig-key ZONE NAME {master|slave}"<<endl;
- cerr<<" Enable TSIG key for a zone"<<endl;
- cerr<<"activate-zone-key ZONE KEY-ID Activate the key with key id KEY-ID in ZONE"<<endl;
- cerr<<"add-record ZONE NAME TYPE [ttl] content"<<endl;
- cerr<<" [content..] Add one or more records to ZONE"<<endl;
- cerr<<"add-zone-key ZONE {zsk|ksk} [BITS] [active|inactive]"<<endl;
- cerr<<" [rsasha1|rsasha256|rsasha512|gost|ecdsa256|ecdsa384";
+ cout<<"Usage: \npdnsutil [options] <command> [params ..]\n"<<endl;
+ cout<<"Commands:"<<endl;
+ cout<<"activate-tsig-key ZONE NAME {master|slave}"<<endl;
+ cout<<" Enable TSIG key for a zone"<<endl;
+ cout<<"activate-zone-key ZONE KEY-ID Activate the key with key id KEY-ID in ZONE"<<endl;
+ cout<<"add-record ZONE NAME TYPE [ttl] content"<<endl;
+ cout<<" [content..] Add one or more records to ZONE"<<endl;
+ cout<<"add-zone-key ZONE {zsk|ksk} [BITS] [active|inactive]"<<endl;
+ cout<<" [rsasha1|rsasha256|rsasha512|gost|ecdsa256|ecdsa384";
#ifdef HAVE_LIBSODIUM
- cerr<<"|experimental-ed25519";
+ cout<<"|experimental-ed25519";
#endif
- cerr<<"]"<<endl;
- cerr<<" Add a ZSK or KSK to zone and specify algo&bits"<<endl;
- cerr<<"backend-cmd BACKEND CMD [CMD..] Perform one or more backend commands"<<endl;
- cerr<<"b2b-migrate OLD NEW Move all data from one backend to another"<<endl;
- cerr<<"bench-db [filename] Bench database backend with queries, one domain per line"<<endl;
- cerr<<"check-zone ZONE Check a zone for correctness"<<endl;
- cerr<<"check-all-zones [exit-on-error] Check all zones for correctness. Set exit-on-error to exit immediately"<<endl;
- cerr<<" after finding an error in a zone."<<endl;
- cerr<<"clear-zone ZONE Clear all records of a zone, but keep everything else"<<endl;
- cerr<<"create-bind-db FNAME Create DNSSEC db for BIND backend (bind-dnssec-db)"<<endl;
- cerr<<"create-zone ZONE [nsname] Create empty zone ZONE"<<endl;
- cerr<<"deactivate-tsig-key ZONE NAME {master|slave}"<<endl;
- cerr<<" Disable TSIG key for a zone"<<endl;
- cerr<<"deactivate-zone-key ZONE KEY-ID Deactivate the key with key id KEY-ID in ZONE"<<endl;
- cerr<<"delete-rrset ZONE NAME TYPE Delete named RRSET from zone"<<endl;
- cerr<<"delete-tsig-key NAME Delete TSIG key (warning! will not unmap key!)"<<endl;
- cerr<<"delete-zone ZONE Delete the zone"<<endl;
- cerr<<"disable-dnssec ZONE Deactivate all keys and unset PRESIGNED in ZONE"<<endl;
- cerr<<"edit-zone ZONE Edit zone contents using $EDITOR"<<endl;
- cerr<<"export-zone-dnskey ZONE KEY-ID Export to stdout the public DNSKEY described"<<endl;
- cerr<<"export-zone-key ZONE KEY-ID Export to stdout the private key described"<<endl;
- cerr<<"generate-tsig-key NAME ALGORITHM Generate new TSIG key"<<endl;
- cerr<<"generate-zone-key {zsk|ksk} [ALGORITHM] [BITS]"<<endl;
- cerr<<" Generate a ZSK or KSK to stdout with specified ALGORITHM and BITS"<<endl;
- cerr<<"get-meta ZONE [KIND ...] Get zone metadata. If no KIND given, lists all known"<<endl;
- cerr<<"hash-zone-record ZONE RNAME Calculate the NSEC3 hash for RNAME in ZONE"<<endl;
+ cout<<"]"<<endl;
+ cout<<" Add a ZSK or KSK to zone and specify algo&bits"<<endl;
+ cout<<"backend-cmd BACKEND CMD [CMD..] Perform one or more backend commands"<<endl;
+ cout<<"b2b-migrate OLD NEW Move all data from one backend to another"<<endl;
+ cout<<"bench-db [filename] Bench database backend with queries, one domain per line"<<endl;
+ cout<<"check-zone ZONE Check a zone for correctness"<<endl;
+ cout<<"check-all-zones [exit-on-error] Check all zones for correctness. Set exit-on-error to exit immediately"<<endl;
+ cout<<" after finding an error in a zone."<<endl;
+ cout<<"clear-zone ZONE Clear all records of a zone, but keep everything else"<<endl;
+ cout<<"create-bind-db FNAME Create DNSSEC db for BIND backend (bind-dnssec-db)"<<endl;
+ cout<<"create-slave-zone ZONE master-ip [master-ip..]"<<endl;
+ cout<<" Create slave zone ZONE with master IP address master-ip"<<endl;
+ cout<<"create-zone ZONE [nsname] Create empty zone ZONE"<<endl;
+ cout<<"deactivate-tsig-key ZONE NAME {master|slave}"<<endl;
+ cout<<" Disable TSIG key for a zone"<<endl;
+ cout<<"deactivate-zone-key ZONE KEY-ID Deactivate the key with key id KEY-ID in ZONE"<<endl;
+ cout<<"delete-rrset ZONE NAME TYPE Delete named RRSET from zone"<<endl;
+ cout<<"delete-tsig-key NAME Delete TSIG key (warning! will not unmap key!)"<<endl;
+ cout<<"delete-zone ZONE Delete the zone"<<endl;
+ cout<<"disable-dnssec ZONE Deactivate all keys and unset PRESIGNED in ZONE"<<endl;
+ cout<<"edit-zone ZONE Edit zone contents using $EDITOR"<<endl;
+ cout<<"export-zone-dnskey ZONE KEY-ID Export to stdout the public DNSKEY described"<<endl;
+ cout<<"export-zone-key ZONE KEY-ID Export to stdout the private key described"<<endl;
+ cout<<"generate-tsig-key NAME ALGORITHM Generate new TSIG key"<<endl;
+ cout<<"generate-zone-key {zsk|ksk} [ALGORITHM] [BITS]"<<endl;
+ cout<<" Generate a ZSK or KSK to stdout with specified ALGORITHM and BITS"<<endl;
+ cout<<"get-meta ZONE [KIND ...] Get zone metadata. If no KIND given, lists all known"<<endl;
+ cout<<"hash-zone-record ZONE RNAME Calculate the NSEC3 hash for RNAME in ZONE"<<endl;
#ifdef HAVE_P11KIT1
- cerr<<"hsm assign ZONE ALGORITHM {ksk|zsk} MODULE SLOT PIN LABEL"<<endl<<
+ cout<<"hsm assign ZONE ALGORITHM {ksk|zsk} MODULE SLOT PIN LABEL"<<endl<<
" Assign a hardware signing module to a ZONE"<<endl;
- cerr<<"hsm create-key ZONE KEY-ID [BITS] Create a key using hardware signing module for ZONE (use assign first)"<<endl;
- cerr<<" BITS defaults to 2048"<<endl;
+ cout<<"hsm create-key ZONE KEY-ID [BITS] Create a key using hardware signing module for ZONE (use assign first)"<<endl;
+ cout<<" BITS defaults to 2048"<<endl;
#endif
- cerr<<"increase-serial ZONE Increases the SOA-serial by 1. Uses SOA-EDIT"<<endl;
- cerr<<"import-tsig-key NAME ALGORITHM KEY Import TSIG key"<<endl;
- cerr<<"import-zone-key ZONE FILE Import from a file a private key, ZSK or KSK"<<endl;
- cerr<<" [active|inactive] [ksk|zsk] Defaults to KSK and active"<<endl;
- cerr<<"load-zone ZONE FILE Load ZONE from FILE, possibly creating zone or atomically"<<endl;
- cerr<<" replacing contents"<<endl;
- cerr<<"list-algorithms [with-backend] List all DNSSEC algorithms supported, optionally also listing the crypto library used"<<endl;
- cerr<<"list-keys [ZONE] List DNSSEC keys for ZONE. When ZONE is unset or \"all\", display all keys for all zones"<<endl;
- cerr<<"list-zone ZONE List zone contents"<<endl;
- cerr<<"list-all-zones [master|slave|native]"<<endl;
- cerr<<" List all zone names"<<endl;;
- cerr<<"list-tsig-keys List all TSIG keys"<<endl;
- cerr<<"rectify-zone ZONE [ZONE ..] Fix up DNSSEC fields (order, auth)"<<endl;
- cerr<<"rectify-all-zones Rectify all zones."<<endl;
- cerr<<"remove-zone-key ZONE KEY-ID Remove key with KEY-ID from ZONE"<<endl;
- cerr<<"replace-rrset ZONE NAME TYPE [ttl] Replace named RRSET from zone"<<endl;
- cerr<<" content [content..]"<<endl;
- cerr<<"secure-all-zones [increase-serial] Secure all zones without keys"<<endl;
- cerr<<"secure-zone ZONE [ZONE ..] Add DNSSEC to zone ZONE"<<endl;
- cerr<<"set-kind ZONE KIND Change the kind of ZONE to KIND (master, slave native)"<<endl;
- cerr<<"set-nsec3 ZONE ['PARAMS' [narrow]] Enable NSEC3 with PARAMS. Optionally narrow"<<endl;
- cerr<<"set-presigned ZONE Use presigned RRSIGs from storage"<<endl;
- cerr<<"set-publish-cdnskey ZONE Enable sending CDNSKEY responses for ZONE"<<endl;
- cerr<<"set-publish-cds ZONE [DIGESTALGOS] Enable sending CDS responses for ZONE, using DIGESTALGOS as signature algirithms"<<endl;
- cerr<<" DIGESTALGOS should be a comma separated list of numbers, is is '1,2' by default"<<endl;
- cerr<<"set-meta ZONE KIND [VALUE] [VALUE] Set zone metadata, optionally providing a value. Empty clears meta"<<endl;
- cerr<<" Note - this will replace all metadata records of KIND!"<<endl;
- cerr<<"show-zone ZONE Show DNSSEC (public) key details about a zone"<<endl;
- cerr<<"unset-nsec3 ZONE Switch back to NSEC"<<endl;
- cerr<<"unset-presigned ZONE No longer use presigned RRSIGs"<<endl;
- cerr<<"unset-publish-cdnskey ZONE Disable sending CDNSKEY responses for ZONE"<<endl;
- cerr<<"unset-publish-cds ZONE Disable sending CDS responses for ZONE"<<endl;
- cerr<<"test-schema ZONE Test DB schema - will create ZONE"<<endl;
- cerr<<desc<<endl;
+ cout<<"increase-serial ZONE Increases the SOA-serial by 1. Uses SOA-EDIT"<<endl;
+ cout<<"import-tsig-key NAME ALGORITHM KEY Import TSIG key"<<endl;
+ cout<<"import-zone-key ZONE FILE Import from a file a private key, ZSK or KSK"<<endl;
+ cout<<" [active|inactive] [ksk|zsk] Defaults to KSK and active"<<endl;
+ cout<<"load-zone ZONE FILE Load ZONE from FILE, possibly creating zone or atomically"<<endl;
+ cout<<" replacing contents"<<endl;
+ cout<<"list-algorithms [with-backend] List all DNSSEC algorithms supported, optionally also listing the crypto library used"<<endl;
+ cout<<"list-keys [ZONE] List DNSSEC keys for ZONE. When ZONE is unset or \"all\", display all keys for all zones"<<endl;
+ cout<<"list-zone ZONE List zone contents"<<endl;
+ cout<<"list-all-zones [master|slave|native]"<<endl;
+ cout<<" List all zone names"<<endl;;
+ cout<<"list-tsig-keys List all TSIG keys"<<endl;
+ cout<<"rectify-zone ZONE [ZONE ..] Fix up DNSSEC fields (order, auth)"<<endl;
+ cout<<"rectify-all-zones Rectify all zones."<<endl;
+ cout<<"remove-zone-key ZONE KEY-ID Remove key with KEY-ID from ZONE"<<endl;
+ cout<<"replace-rrset ZONE NAME TYPE [ttl] Replace named RRSET from zone"<<endl;
+ cout<<" content [content..]"<<endl;
+ cout<<"secure-all-zones [increase-serial] Secure all zones without keys"<<endl;
+ cout<<"secure-zone ZONE [ZONE ..] Add DNSSEC to zone ZONE"<<endl;
+ cout<<"set-kind ZONE KIND Change the kind of ZONE to KIND (master, slave native)"<<endl;
+ cout<<"set-nsec3 ZONE ['PARAMS' [narrow]] Enable NSEC3 with PARAMS. Optionally narrow"<<endl;
+ cout<<"set-presigned ZONE Use presigned RRSIGs from storage"<<endl;
+ cout<<"set-publish-cdnskey ZONE Enable sending CDNSKEY responses for ZONE"<<endl;
+ cout<<"set-publish-cds ZONE [DIGESTALGOS] Enable sending CDS responses for ZONE, using DIGESTALGOS as signature algirithms"<<endl;
+ cout<<" DIGESTALGOS should be a comma separated list of numbers, is is '1,2' by default"<<endl;
+ cout<<"set-meta ZONE KIND [VALUE] [VALUE] Set zone metadata, optionally providing a value. Empty clears meta"<<endl;
+ cout<<" Note - this will replace all metadata records of KIND!"<<endl;
+ cout<<"show-zone ZONE Show DNSSEC (public) key details about a zone"<<endl;
+ cout<<"unset-nsec3 ZONE Switch back to NSEC"<<endl;
+ cout<<"unset-presigned ZONE No longer use presigned RRSIGs"<<endl;
+ cout<<"unset-publish-cdnskey ZONE Disable sending CDNSKEY responses for ZONE"<<endl;
+ cout<<"unset-publish-cds ZONE Disable sending CDS responses for ZONE"<<endl;
+ cout<<"test-schema ZONE Test DB schema - will create ZONE"<<endl;
+ cout<<desc<<endl;
return 0;
}
projects / pdns / commitdiff