You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ig...@apache.org on 2013/08/18 23:29:33 UTC

[2/2] git commit: fix links&formatting in Security Options docs

fix links&formatting in Security Options docs

as well as splitdns.config reference.

The Security Options document has the most bizzarre numbering
I've seen in a while. it needs to be rewritten or re-ordered.


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/d9c639be
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/d9c639be
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/d9c639be

Branch: refs/heads/master
Commit: d9c639bea4e841f7dee5dcc77472461020de5e09
Parents: 5c68757
Author: Igor Galić <i....@brainsware.org>
Authored: Sun Aug 18 23:27:44 2013 +0200
Committer: Igor Galić <i....@brainsware.org>
Committed: Sun Aug 18 23:27:44 2013 +0200

----------------------------------------------------------------------
 doc/admin/security-options.en.rst               | 22 ++++-----
 .../configuration/records.config.en.rst         |  2 +
 .../configuration/splitdns.config.en.rst        | 47 +++++++++++---------
 3 files changed, 39 insertions(+), 32 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/d9c639be/doc/admin/security-options.en.rst
----------------------------------------------------------------------
diff --git a/doc/admin/security-options.en.rst b/doc/admin/security-options.en.rst
index 6bf8ccf..a3c6e51 100644
--- a/doc/admin/security-options.en.rst
+++ b/doc/admin/security-options.en.rst
@@ -22,11 +22,6 @@ Security Options
 
 Traffic Server provides a number of security features.
 
-This chapter discusses the following topics:
-
-.. toctree::
-   :maxdepth: 2
-
 .. _controlling-client-access-to-cache:
 
 Controlling Client Access to the Proxy Cache
@@ -40,6 +35,8 @@ the proxy cache by editing a configuration file.
 #. Run the command :option:`traffic_line -x` to apply the configuration
    changes.
 
+.. _configuring-dns-server-selection-split-dns:
+
 Configuring DNS Server Selection (Split DNS)
 ============================================
 
@@ -102,19 +99,19 @@ Server connections only**.
 
 The figure above depicts the following:
 
-**Step 1:** The client sends an HTTPS request for content. Traffic
+# The client sends an HTTPS request for content. Traffic
 Server receives the request and performs the SSL 'handshake' to
 authenticate the client (depending on the authentication options
 configured) and determine the encryption method that will be used. If
 the client is allowed access, then Traffic Server checks its cache for
 the requested content.
 
-**Step 2:** If the request is a cache hit and the content is fresh, then
+# If the request is a cache hit and the content is fresh, then
 Traffic Server encrypts the content and sends it to the client. The
 client decrypts the content (using the method determined during the
 handshake) and displays it.
 
-**Step 3:** If the request is a cache miss or cached content is stale,
+# If the request is a cache miss or cached content is stale,
 then Traffic Server communicates with the origin server via HTTP and
 obtains a plain text version of the content. Traffic Server saves the
 plain text version of the content in its cache, encrypts the content,
@@ -152,7 +149,7 @@ client/Traffic Server connections, you must do the following:
 
 In order to accomplish this, we
 
-2. Edit the following variables in the ``SSL Termination`` section of
+2. Edit the following variables in the :ref:`records-config-ssl-termination` section of
    :file:`records.config`
 
    -  :ts:cv:`proxy.config.http.server_ports`
@@ -167,6 +164,9 @@ In order to accomplish this, we
    local node or :option:`traffic_line -M` to restart Traffic Server on all
    the nodes in a cluster.
 
+
+.. XXX:: This numbering is ridiculous.
+
 .. _traffic-server-and-origin-server-connections:
 
 Traffic Server and Origin Server Connections
@@ -226,7 +226,9 @@ Traffic Server and origin server connections, you must do the following:
 
 In order to accomplish this, we:
 
-2. Edit the following variables in the ``SSL Termination`` section of
+.. XXX:: This numbering is ridiculous. I need to re-read this doc with a fresh mind and re(number|order) it.
+
+2. Edit the following variables in the :ref:`records-config-ssl-termination` section of
    :file:`records.config`:
 
    -  :ts:cv:`proxy.config.ssl.auth.enabled`

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/d9c639be/doc/reference/configuration/records.config.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/configuration/records.config.en.rst b/doc/reference/configuration/records.config.en.rst
index 7fc2d71..9e1b8b3 100644
--- a/doc/reference/configuration/records.config.en.rst
+++ b/doc/reference/configuration/records.config.en.rst
@@ -1543,6 +1543,8 @@ URL Remap Rules
    Set this variable to ``1`` if you want to retain the client host
    header in a request during remapping.
 
+.. _records-config-ssl-termination:
+
 SSL Termination
 ===============
 

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/d9c639be/doc/reference/configuration/splitdns.config.en.rst
----------------------------------------------------------------------
diff --git a/doc/reference/configuration/splitdns.config.en.rst b/doc/reference/configuration/splitdns.config.en.rst
index 4765ca5..343a7f1 100644
--- a/doc/reference/configuration/splitdns.config.en.rst
+++ b/doc/reference/configuration/splitdns.config.en.rst
@@ -23,8 +23,7 @@ splitdns.config
 
 The :file:`splitdns.config` file enables you to specify the DNS server that
 Traffic Server should use for resolving hosts under specific conditions.
-For more information, refer to `Configuring DNS Server Selection (Split
-DNS) <../security-options#SplitDNS>`_.
+For more information, refer to :ref:`configuring-dns-server-selection-split-dns`.
 
 To specify a DNS server, you must supply the following information in
 each active line within the file:
@@ -51,29 +50,35 @@ Format
 ======
 
 Each line in the :file:`splitdns.config` file uses one of the following
-formats:
-
-::
+formats: ::
 
     dest_domain=dest_domain | dest_host | url_regex named=dns_server def_domain=def_domain search_list=search_list
 
 The following list describes each field.
 
-*``dest_domain``* {#dest_domain}
+.. _splitdns-config-format-dest-domain:
+
+``dest_domain``
     A valid domain name. This specifies that DNS server selection will
     be based on the destination domain. You can prefix the domain with
     an exclamation mark (``!``) to indicate the NOT logical operator.
 
-*``dest_host``* {#dest_host}
+.. _splitdns-config-format-dest-host:
+
+``dest_host``
     A valid hostname. This specifies that DNS server selection will be
     based on the destination host. You can prefix the host with an
     exclamation mark (``!``) to indicate the ``NOT`` logical operator.
 
-*``url_regex``* {#url_regex}
+.. _splitdns-config-format-url-regex:
+
+``url_regex``
     A valid URL regular expression. This specifies that DNS server
     selection will be based on a regular expression.
 
-*``dns_server``* {#dns_server}
+.. _splitdns-config-format-dns-server:
+
+``dns_server``
     This is a required directive. It identifies the DNS server that
     Traffic Server should use with the given destination specifier. You
     can specify a port using a colon (``:``). If you do not specify a
@@ -83,44 +88,42 @@ The following list describes each field.
     You must specify the domains with IP addresses in CIDR ("dot")
     notation.
 
-*``def_domain``* {#def_domain}
+.. _splitdns-config-format-def-domain:
+
+``def_domain``
     A valid domain name. This optional directive specifies the default
     domain name to use for resolving hosts. Only one entry is allowed.
     If you do not provide the default domain, the system determines its
     value from ``/etc/resolv.conf``
 
-*``search_list``* {#search_list}
+.. _splitdns-config-format-search-list:
+
+``search_list``
     A list of domains separated by spaces or semicolons (;). This
     specifies the domain search order. If you do not provide the search
-    list, the system determines the value from ``/etc/resolv.conf``
+    list, the system determines the value from :manpage:`resolv.conf(5)`
 
 Examples
 ========
 
-Consider the following DNS server selection specifications:
-
-::
+Consider the following DNS server selection specifications: ::
 
       dest_domain=internal.company.com named=255.255.255.255:212 255.255.255.254 def_domain=company.com search_list=company.com company1.com
       dest_domain=!internal.company.com named=255.255.255.253
 
-Now consider the following two requests:
-
-::
+Now consider the following two requests: ::
 
      http://minstar.internal.company.com
 
 This request matches the first line and therefore selects DNS server
 ``255.255.255.255`` on port ``212``. All resolver requests use
 ``company.com`` as the default domain, and ``company.com`` and
-``company1.com`` as the set of domains to search first.
-
-::
+``company1.com`` as the set of domains to search first. ::
 
      http://www.microsoft.com
 
 This request matches the second line. Therefore, Traffic Server selects
 DNS server ``255.255.255.253``. Because no ``def_domain`` or
 ``search_list`` was supplied, Traffic Server retrieves this information
-from ``/etc/resolv.conf``
+from :manpage:`resolv.conf(5)`