1 2001-06-16 Martin Mares <mj@albireo.ucw.cz>
3 * sleuth (check_name): "IP address found instead of name" check
4 added to clarify most "all-digit name" error messages.
6 * sleuth (check_reverse): Corrected references to RFC 1912. Also fixed
7 the private address check and turned it to a warning.
9 * sleuth (check_zone): SRV records with empty destination and wildcard
10 SRV records are valid.
12 * sleuth (check_zone): Better checks for wildcard records, no more
15 * sleuth (resolve): Added authoritative answer checks (required
16 f.e. for localhost records).
18 * Released as version 1.3.
20 2001-06-15 Martin Mares <mj@atrey.karlin.mff.cuni.cz>
22 * sleuth: Fixed a small bug in switching of nameservers.
23 Nameserver sanity check messages now indicate which nameserver
24 we're testing. Comparison of origin servers etc. is now really
27 2001-06-14 Martin Mares <mj@albireo.ucw.cz>
29 * check.cgi: Declare non-transitional DTD. We still use a couple
30 of transitional attributes (mostly align=center), but we don't
31 want the extra work-arounds Mozilla based browsers apply to
32 transitional documents.
34 * sleuth (html_output), check.cgi: Revamped all HTML output stuff.
35 Now we're using style sheets to add colors and most of the alignment.
36 Works wonderfully in Mozilla, relatively good in non-CSS browsers,
37 a bit funny in Netscape 4 due to its bugs.
39 * Released as version 1.2.
41 2001-06-13 Martin Mares <mj@albireo.ucw.cz>
43 * check.cgi: Minor design changes.
45 * sleuth (check_zone): Changed checks for minimum TTL according to RFC 2308
46 which specifies minttl should be used to control negative caching.
48 * sleuth (check_zone): Check duplicate records.
50 * sleuth (check_zone): Dangling CNAME's in reverse zones produce only
51 warnings as they are usually an artifact of classless delegation schemes.
53 * sleuth (check_zone): Avoid `PTR -> A for same address' checks when
54 not in reverse check mode, but always check there is at least one A.
56 * sleuth (check_zone_name): Better parsing of reverse zone names,
57 give an error message if it fails.
59 * sleuth (check_zone): Added checks of SRV records.
61 * sleuth (check_zone): SOA: don't forget to resolve and check origin server.
63 * sleuth (check_name): Relaxed the name checking rules to allow underscores.
64 No standard currently seems to specify what is the exact syntax of a host
65 name (only RFC 1033, but it's categorized as informational, not as a standard).
66 Strictly speaking, we should do separate checks for host names, mail names,
67 domain names etc., but I'd like to avoid such extra complexity for now.
69 * sleuth (check_email): Warn about A records used instead of MX records.
71 2001-06-12 Martin Mares <mj@albireo.ucw.cz>
73 * sleuth (check_zone_basics): Completely rewrote nameserver scans. All
74 nameservers mentioned in NS records plus the zone origin announced in
75 SOA are tried, the origin server is preferred. In case any of these
76 servers fails, the next one is tried automatically. If the user specifies
77 server name explicitly, do the basic checks for all nameservers, but
78 force use of the specified one for zone transfer and use it as the reference
79 name server. Also check differences between NS record sets reported by
82 * sleuth (check_submit): Moved all submit-dependent checks here. Better
83 checking of top-level domain names.
85 * sleuth (resolve): If the name requested is invalid, don't attempt
88 * sleuth: Added a "-p" switch for scanning of private networks which avoids
89 private IP address checks and connectivity checks.
91 * sleuth (check_reverse): Report private IP addresses.
93 * sleuth: Try to avoid cascading of some kinds of errors, especially
94 those induced by bogus CNAME's.
96 * sleuth (check_zone): Wildcard A's and CNAME's are allowed, but strongly
97 deprecated. Tolerate PTR's in forward zones and A's in reverse zones, but
98 warn of them (they are permitted by RFC's, but this behaviour is very
99 obscure and it should be avoided) and check them anyway.
101 * sleuth (check_reverse): Rewrote the reverse mapping checks. Removed the
102 "$recursive_check" machinery, it was unnecessary. Report all mispointed
103 PTR's. Tolerate PTR's to a different name, but warn on them. Don't check
104 reverse mapping of any IP address twice.
106 * sleuth (check_zone): Better checks for recursive and overlapping CNAME's.
108 * sleuth (check_email): Check all MX'es, not only the best one.
110 * sleuth (check_zone): Fixed expire time checks, now 2..4 weeks as per RFC.
112 * sleuth (check_name): Allow prefix sizes in reverse zones. Replaced the
113 "all-digit name component" check by "all-digit name".
115 * sleuth: Load a configuration file sleuth.conf upon startup. Moved all
116 the hard-wired parameters there.
118 * sleuth: Made severity of all messages configurable.
120 2000-10-29 Martin Mares <mj@albireo.ucw.cz>
122 * sleuth (resolve): Changed 2181/10.2,3 to 2181/10.2-3 to get the
123 references right. Thanks to Marcel Telka <marcel@telka.sk> for a bug report.
125 Tue Sep 14 15:03:39 1999 Martin Mares <mj@albireo.ucw.cz>
127 * sleuth (try_resolve): Don't treat query send errors as fatal.
129 Mon Sep 13 10:04:43 1999 Martin Mares <mj@albireo.ucw.cz>
131 * sleuth (check_zone): Added missing ref to RFC 1912/2.7 to
132 the `wildcard only for MX' message.
133 (check_name): Don't cry about invalid characters in proper wildcard names.
135 Sun Sep 12 21:53:51 1999 Martin Mares <mj@albireo.ucw.cz>
137 * check.cgi: When sending mail with secondary name service request,
138 don't forget to mention the server.
140 Tue Jun 8 20:57:33 1999 Martin Mares <mj@albireo.ucw.cz>
142 * check.cgi: Implemented $sec_ns_addr_space check.
144 * sleuth (check_zone): Commented out the localhost.$domain check
145 as it's defined only in already obsolete RFC's.