--- embedaddon/dnsmasq/src/config.h 2014/06/15 16:31:38 1.1.1.2 +++ embedaddon/dnsmasq/src/config.h 2016/11/02 09:57:01 1.1.1.3 @@ -1,4 +1,4 @@ -/* dnsmasq is Copyright (c) 2000-2014 Simon Kelley +/* dnsmasq is Copyright (c) 2000-2016 Simon Kelley This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,15 +17,19 @@ #define FTABSIZ 150 /* max number of outstanding requests (default) */ #define MAX_PROCS 20 /* max no children for TCP requests */ #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ +#define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ #define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */ +#define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */ #define KEYBLOCK_LEN 40 /* choose to mininise fragmentation when storing DNSSEC keys */ #define DNSSEC_WORK 50 /* Max number of queries to validate one question */ #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ #define FORWARD_TEST 50 /* try all servers every 50 queries */ #define FORWARD_TIME 20 /* or 20 seconds */ +#define SERVERS_LOGGED 30 /* Only log this many servers when logging state */ #define RANDOM_SOCKS 64 /* max simultaneous random ports */ #define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */ #define CACHESIZ 150 /* default cache size */ +#define TTL_FLOOR_LIMIT 3600 /* don't allow --min-cache-ttl to raise TTL above this under any circumstances */ #define MAXLEASES 1000 /* maximum number of DHCP leases */ #define PING_WAIT 3 /* wait for ping address-in-use test */ #define PING_CACHE_TIME 30 /* Ping test assumed to be valid this long. */ @@ -47,6 +51,8 @@ #define SOA_REFRESH 1200 /* SOA refresh default */ #define SOA_RETRY 180 /* SOA retry default */ #define SOA_EXPIRY 1209600 /* SOA expiry default */ +#define LOOP_TEST_DOMAIN "test" /* domain for loop testing, "test" is reserved by RFC 2606 and won't therefore clash */ +#define LOOP_TEST_TYPE T_TXT /* compile-time options: uncomment below to enable or do eg. make COPTS=-DHAVE_BROKEN_RTC @@ -105,7 +111,15 @@ HAVE_AUTH define this to include the facility to act as an authoritative DNS server for one or more zones. +HAVE_DNSSEC + include DNSSEC validator. +HAVE_LOOP + include functionality to probe for and remove DNS forwarding loops. + +HAVE_INOTIFY + use the Linux inotify facility to efficiently re-read configuration files. + NO_IPV6 NO_TFTP NO_DHCP @@ -113,11 +127,17 @@ NO_DHCP6 NO_SCRIPT NO_LARGEFILE NO_AUTH +NO_INOTIFY these are avilable to explictly disable compile time options which would otherwise be enabled automatically (HAVE_IPV6, >2Gb file sizes) or which are enabled by default in the distributed source tree. Building dnsmasq with something like "make COPTS=-DNO_SCRIPT" will do the trick. +NO_NETTLE_ECC + Don't include the ECDSA cypher in DNSSEC validation. Needed for older Nettle versions. +NO_GMP + Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp. + LEASEFILE CONFFILE RESOLVFILE @@ -141,6 +161,7 @@ RESOLVFILE #define HAVE_SCRIPT #define HAVE_AUTH #define HAVE_IPSET +#define HAVE_LOOP /* Build options which require external libraries. @@ -261,6 +282,7 @@ HAVE_SOCKADDR_SA_LEN /* Select the RFC_3542 version of the IPv6 socket API. Define before netinet6/in6.h is included. */ #define __APPLE_USE_RFC_3542 +#define NO_IPSET #elif defined(__NetBSD__) #define HAVE_BSD_NETWORK @@ -316,7 +338,7 @@ HAVE_SOCKADDR_SA_LEN #define HAVE_DHCP #endif -#if defined(NO_SCRIPT) || !defined(HAVE_DHCP) || defined(NO_FORK) +#if defined(NO_SCRIPT) || defined(NO_FORK) #undef HAVE_SCRIPT #undef HAVE_LUASCRIPT #endif @@ -330,10 +352,18 @@ HAVE_SOCKADDR_SA_LEN #undef HAVE_AUTH #endif -#if defined(NO_IPSET) || !defined(HAVE_LINUX_NETWORK) +#if defined(NO_IPSET) #undef HAVE_IPSET #endif +#ifdef NO_LOOP +#undef HAVE_LOOP +#endif + +#if defined (HAVE_LINUX_NETWORK) && !defined(NO_INOTIFY) +#define HAVE_INOTIFY +#endif + /* Define a string indicating which options are in use. DNSMASQP_COMPILE_OPTS is only defined in dnsmasq.c */ @@ -403,7 +433,15 @@ static char *compile_opts = #ifndef HAVE_DNSSEC "no-" #endif -"DNSSEC"; +"DNSSEC " +#ifndef HAVE_LOOP +"no-" +#endif +"loop-detect " +#ifndef HAVE_INOTIFY +"no-" +#endif +"inotify"; #endif