updated apidocs.

APIDOCS.md

@@ -1828,7 +1828,7 @@ WHERE:
 Allows importing a complete zone file or a set of DNS resource records in standard RFC 1035 zone file format.
 
 URL:\
-`http://localhost:5380/api/zones/import?token=x&zone=example.com&overwrite=true`
+`http://localhost:5380/api/zones/import?token=x&zone=example.com&overwrite=true&overwriteSoaSerial=false`
 
 PERMISSIONS:\
 Zones: Modify
@@ -1838,6 +1838,7 @@ WHERE:
 - `token`: The session token generated by the `login` or the `createToken` call.
 - `zone`: The domain name of the zone to import.
 - `overwrite` (optional): Set to `true` to allow overwriting existing resource record set for the records being imported.
+- `overwriteSoaSerial` (optional): Set it to `true` to overwrite existing SOA record serial with the imported SOA record serial. Warning! Overwrite SOA serial option when used to set a lower SOA serial value than the current SOA serial will cause secondary zones to fail to sync.
 
 REQUEST: This is a POST request call where the request must use `text/plain` content type and request body must contain the zone file in text format.
 
@@ -2099,13 +2100,13 @@ WHERE:
 - `zone`: The domain name of the zone to set options.
 - `disabled` (optional): Sets if the zone is enabled or disabled.
 - `zoneTransfer` (optional): Sets if the zone allows zone transfer. Valid options are [`Deny`, `Allow`, `AllowOnlyZoneNameServers`, `AllowOnlySpecifiedNameServers`, `AllowBothZoneAndSpecifiedNameServers`]. This option is valid only for Primary and Secondary zones.
-- `zoneTransferNameServers` (optional): A list of comma separated IP addresses which should be allowed to perform zone transfer. This list is enabled only when `zoneTransfer` option is set to `AllowOnlySpecifiedNameServers` or `AllowBothZoneAndSpecifiedNameServers`. This option is valid only for Primary and Secondary zones.
+- `zoneTransferNameServers` (optional): A list of comma separated IP or network addresses which should be allowed to perform zone transfer. This list is enabled only when `zoneTransfer` option is set to `AllowOnlySpecifiedNameServers` or `AllowBothZoneAndSpecifiedNameServers`. This option is valid only for Primary and Secondary zones.
 - `zoneTransferTsigKeyNames` (optional): A list of comma separated TSIG keys names that are authorized to perform a zone transfer. Set this option to `false` to clear all key names. This option is valid only for Primary and Secondary zones.
 - `notify` (optional): Sets if the DNS server should notify other DNS servers for zone updates. Valid options are [`None`, `ZoneNameServers`, `SpecifiedNameServers`, `BothZoneAndSpecifiedNameServers`]. This option is valid only for Primary and Secondary zones.
 - `notifyNameServers` (optional): A list of comma separated IP addresses which should be notified by the DNS server for zone updates. This list is used only when `notify` option is set to `SpecifiedNameServers` or `BothZoneAndSpecifiedNameServers`. This option is valid only for Primary and Secondary zones.
-- `update` (optional): Sets if the DNS server should allow dynamic updates (RFC 2136). Valid options are [`Deny`, `Allow`, `AllowOnlyZoneNameServers`, `AllowOnlySpecifiedIpAddresses`, `AllowBothZoneNameServersAndSpecifiedIpAddresses`]. This option is valid only for Primary zones.
-- `updateIpAddresses` (optional): A list of comma separated IP addresses which should be allowed to perform dynamic updates. This list is enabled only when `update` option is set to `AllowOnlySpecifiedIpAddresses` or `AllowBothZoneNameServersAndSpecifiedIpAddresses`. This option is valid only for Primary zones.
-- `updateSecurityPolicies` (optional): A pipe `|` separated table data of security policies with each row containing the TSIG keys name, domain name, and comma separated record types that are allowed. Use wildcard domain name to specify all sub domain names. Set this option to `false` to clear all security policies and stop TSIG authentication. This option is valid only for Primary zones.
+- `update` (optional): Sets if the DNS server should allow dynamic updates (RFC 2136). This option is valid only for Primary, Secondary and Forwarder zones. Valid options for Primary zones are [`Deny`, `Allow`, `AllowOnlyZoneNameServers`, `AllowOnlySpecifiedIpAddresses`, `AllowBothZoneNameServersAndSpecifiedIpAddresses`]. Valid options for Secondary and Forwarder zones are [`Deny`, `Allow`, `AllowOnlySpecifiedIpAddresses`].
+- `updateIpAddresses` (optional): A list of comma separated IP or network addresses which should be allowed to perform dynamic updates. This list is enabled only when `update` option is set to `AllowOnlySpecifiedIpAddresses` or `AllowBothZoneNameServersAndSpecifiedIpAddresses`. This option is valid only for Primary, Secondary and Forwarder zones.
+- `updateSecurityPolicies` (optional): A pipe `|` separated table data of security policies with each row containing the TSIG keys name, domain name, and comma separated record types that are allowed. Use wildcard domain name to specify all sub domain names. Set this option to `false` to clear all security policies and stop TSIG authentication. This option is valid only for Primary and Forwarder zones.
 
 RESPONSE:
 ```
@@ -4345,6 +4346,7 @@ WHERE:
 - `type`: The type of the query.
 - `protocol` (optional): The DNS transport protocol to be used to query. Valid values are [`Udp`, `Tcp`, `Tls`, `Https`, `Quic`]. The default value of `Udp` is used when the parameter is missing.
 - `dnssec` (optional): Set to `true` to enable DNSSEC validation.
+- `eDnsClientSubnet` (optional): The network address to be used with EDNS Client Subnet option in the request.
 - `import` (optional): This parameter when set to `true` indicates that the response of the DNS query should be imported in the an authoritative zone on this DNS server. Default value is `false` when this parameter is missing. If a zone does not exists, a primary zone for the `domain` name is created and the records from the response are set into the zone. Import can be done only for primary and forwarder type of zones. When `type` is set to AXFR, then the import feature will work as if a zone transfer was requested and the complete zone will be updated as per the zone transfer response. Note that any existing record type for the given `type` will be overwritten when syncing the records. It is recommended to use `recursive-resolver` or the actual name server address for the `server` parameter when importing records. You must have Zones Modify permission to create a zone or Zone Modify permission to import records into an existing zone.
 
 RESPONSE:
@@ -4394,7 +4396,8 @@ RESPONSE:
 			],
 			"Authority": [],
 			"Additional": []
-		}
+		},
+		"rawResponses": []
 	},
 	"status": "ok"
 }
@@ -4424,9 +4427,9 @@ RESPONSE:
 ```
 {
 	"response": {
-		"version": "12.0",
-		"uptimestamp": "2024-01-31T13:29:59.0830176Z",
-		"dnsServerDomain": "pi2.home",
+		"version": "12.1",
+		"uptimestamp": "2024-03-16T14:27:12.6654603Z",
+		"dnsServerDomain": "server1",
 		"dnsServerLocalEndPoints": [
 			"0.0.0.0:53",
 			"[::]:53"
@@ -4448,8 +4451,10 @@ RESPONSE:
 		"eDnsClientSubnet": false,
 		"eDnsClientSubnetIPv4PrefixLength": 24,
 		"eDnsClientSubnetIPv6PrefixLength": 56,
-		"qpmLimitRequests": 0,
-		"qpmLimitErrors": 0,
+		"eDnsClientSubnetIpv4Override": null,
+		"eDnsClientSubnetIpv6Override": null,
+		"qpmLimitRequests": 6000,
+		"qpmLimitErrors": 600,
 		"qpmLimitSampleMinutes": 5,
 		"qpmLimitIPv4PrefixLength": 24,
 		"qpmLimitIPv6PrefixLength": 56,
@@ -4464,16 +4469,16 @@ RESPONSE:
 			"[::]"
 		],
 		"webServiceHttpPort": 5380,
-		"webServiceEnableTls": true,
-		"webServiceEnableHttp3": true,
-		"webServiceHttpToTlsRedirect": true,
-		"webServiceUseSelfSignedTlsCertificate": true,
+		"webServiceEnableTls": false,
+		"webServiceEnableHttp3": false,
+		"webServiceHttpToTlsRedirect": false,
+		"webServiceUseSelfSignedTlsCertificate": false,
 		"webServiceTlsPort": 53443,
 		"webServiceTlsCertificatePath": null,
 		"webServiceTlsCertificatePassword": "************",
 		"enableDnsOverUdpProxy": false,
 		"enableDnsOverTcpProxy": false,
-		"enableDnsOverHttp": true,
+		"enableDnsOverHttp": false,
 		"enableDnsOverTls": false,
 		"enableDnsOverHttps": false,
 		"enableDnsOverQuic": false,
@@ -4499,7 +4504,7 @@ RESPONSE:
 		"qnameMinimization": true,
 		"nsRevalidation": true,
 		"resolverRetries": 2,
-		"resolverTimeout": 2000,
+		"resolverTimeout": 1500,
 		"resolverMaxStackCount": 16,
 		"saveCache": true,
 		"serveStale": true,
@@ -4534,7 +4539,7 @@ RESPONSE:
 		"forwarderConcurrency": 2,
 		"enableLogging": true,
 		"ignoreResolverLogs": false,
-		"logQueries": true,
+		"logQueries": false,
 		"useLocalTime": false,
 		"logFolder": "logs",
 		"maxLogFileDays": 30,
@@ -4575,6 +4580,8 @@ WHERE:
 - `eDnsClientSubnet` (optional): Set this to `true` to enable EDNS Client Subnet. DNS Server will use the public IP address of the request with a prefix length, or the existing Client Subnet option from the request while resolving requests.
 - `eDnsClientSubnetIPv4PrefixLength` (optional): The EDNS Client Subnet IPv4 prefix length to define the client subnet. Initial value is `24`.
 - `eDnsClientSubnetIPv6PrefixLength` (optional): The EDNS Client Subnet IPv6 prefix length to define the client subnet. Initial value is `56`.
+- `eDnsClientSubnetIpv4Override` (optional): The IPv4 network address that must be used as ECS for all outbound requests overriding client's actual subnet.
+- `eDnsClientSubnetIpv6Override` (optional): The IPv6 network address that must be used as ECS for all outbound requests overriding client's actual subnet.
 - `qpmLimitRequests` (optional): Sets the Queries Per Minute (QPM) limit on total number of requests that is enforces per client subnet. Set value to `0` to disable the feature.
 - `qpmLimitErrors` (optional): Sets the Queries Per Minute (QPM) limit on total number of requests which generates an error response that is enforces per client subnet. Set value to `0` to disable the feature. Response with an RCODE of FormatError, ServerFailure, or Refused is considered as an error response.
 - `qpmLimitSampleMinutes` (optional): Sets the client query stats sample size in minutes for QPM limit feature. Initial value is `5`.
@@ -5073,7 +5080,8 @@ RESPONSE:
 			}
 		],
 		"allowOnlyReservedLeases": false,
-		"blockLocallyAdministeredMacAddresses": true
+		"blockLocallyAdministeredMacAddresses": true,
+		"ignoreClientIdentifierOption": true
 	},
 	"status": "ok"
 }
@@ -5128,6 +5136,7 @@ WHERE:
 - `reservedLeases` (optional): A `|` separated list of reserved IP addresses in format `{host name}|{MAC address}|{reserved IP address}|{comments}` to be assigned to specific clients based on their MAC address.
 - `allowOnlyReservedLeases` (optional): Set this parameter to `true` to stop dynamic IP address allocation and allocate only reserved IP addresses.
 - `blockLocallyAdministeredMacAddresses` (optional): Set this parameter to `true` to stop dynamic IP address allocation for clients with locally administered MAC addresses. MAC address with 0x02 bit set in the first octet indicate a locally administered MAC address which usually means that the device is not using its original MAC address.
+- `ignoreClientIdentifierOption` (optional): Set this parameter to `true` to always use the client's MAC address as the identifier to allocate lease instead of the Client Identifier (Option 61) provided by the client in the request. Changing this option may cause the existing clients to get a different IP lease on renewal.
 
 RESPONSE:
 ```