diff --git a/README_dnssync_perm.md b/README_dnssync_perm.md
index e80250de91f4ac31e480acb13fb0fcb1c054d265..500b0a159a9de58bf60423b70be992b8bdf00ef9 100644
--- a/README_dnssync_perm.md
+++ b/README_dnssync_perm.md
@@ -2,11 +2,22 @@
## Purpose
-By design, the NetBox DNS DNSsync feature does not check DNS permissions when syncing DNS records through an action done in the IPAM.
+### Permissions validation on dns_name
-The script *dnssync_perm.py* provides partial permission validation for DNSsync, but only when adding or modifying an IP address.
+By design, the NetBox DNS DNSsync feature does not check DNS permissions
+when syncing DNS records through an action done in the IPAM.
+NamePermissionValidator provides partial permission validation for
+DNSsync, but only when adding or modifying an IP address.
+NB: No permission is checked when deleting an IP address. This is
+consistent with the idea that IPAM actions have complete control over
+the DNSsync-ed records.
+
+### Correctness of dns_name
+
+NameZoneValidator implement a strict policy for dns_name when used with
+dns_sync, ensuring that the name is not empty and only contains a
+valid zone.
-No permission is checked when deleting an IP address This is consistent with the idea that IPAM actions have complete control over the DNSsync-ed records.
## Installation
@@ -15,10 +26,10 @@ Copy this script to a "validators" directory into Netbox:
mkdir -p /opt/netbox/netbox/validators
cp dnssync_perm.py /opt/netbox/netbox/validators/
-Activate the validator by adding the following lines in /opt/netbox/netbox/netbox/configuration.py:
+Activate the validators by adding the following lines in /opt/netbox/netbox/netbox/configuration.py:
- from validators.dnssync_perm import NamePermissionValidator
+ from validators.dnssync_perm import NamePermissionValidator, NameZoneValidator,
CUSTOM_VALIDATORS = {
- "ipam.ipaddress": ( NamePermissionValidator(), ),
+ "ipam.ipaddress": ( NameZoneValidator(), NamePermissionValidator(), ),
}