--- embedaddon/dnsmasq/src/config.h 2021/03/17 00:56:46 1.1.1.4 +++ embedaddon/dnsmasq/src/config.h 2023/09/27 11:02:07 1.1.1.5 @@ -1,4 +1,4 @@ -/* dnsmasq is Copyright (c) 2000-2021 Simon Kelley +/* dnsmasq is Copyright (c) 2000-2022 Simon Kelley This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -19,17 +19,17 @@ #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ #define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */ -#define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */ -#define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */ +#define EDNS_PKTSZ 1232 /* default max EDNS.0 UDP packet from from /dnsflagday.net/2020 */ +#define SAFE_PKTSZ 1232 /* "go anywhere" UDP packet size, see https://dnsflagday.net/2020/ */ #define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */ #define DNSSEC_WORK 50 /* Max number of queries to validate one question */ -#define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ +#define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ +#define SMALL_PORT_RANGE 30 /* If DNS port range is smaller than this, use different allocation. */ #define FORWARD_TEST 50 /* try all servers every 50 queries */ #define FORWARD_TIME 20 /* or 20 seconds */ #define UDP_TEST_TIME 60 /* How often to reset our idea of max packet size. */ #define SERVERS_LOGGED 30 /* Only log this many servers when logging state */ #define LOCALS_LOGGED 8 /* Only log this many local addresses when logging state */ -#define RANDOM_SOCKS 64 /* max simultaneous random ports */ #define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */ #define CACHESIZ 150 /* default cache size */ #define TTL_FLOOR_LIMIT 3600 /* don't allow --min-cache-ttl to raise TTL above this under any circumstances */ @@ -59,6 +59,8 @@ #define SOA_EXPIRY 1209600 /* SOA expiry default */ #define LOOP_TEST_DOMAIN "test" /* domain for loop testing, "test" is reserved by RFC 2606 and won't therefore clash */ #define LOOP_TEST_TYPE T_TXT +#define DEFAULT_FAST_RETRY 1000 /* ms, default delay before fast retry */ +#define STALE_CACHE_EXPIRY 86400 /* 1 day in secs, default maximum expiry time for stale cache data */ /* compile-time options: uncomment below to enable or do eg. make COPTS=-DHAVE_BROKEN_RTC @@ -116,6 +118,10 @@ HAVE_IPSET define this to include the ability to selectively add resolved ip addresses to given ipsets. +HAVE_NFTSET + define this to include the ability to selectively add resolved ip addresses + to given nftables sets. + HAVE_AUTH define this to include the facility to act as an authoritative DNS server for one or more zones. @@ -144,6 +150,7 @@ NO_SCRIPT NO_LARGEFILE NO_AUTH NO_DUMPFILE +NO_LOOP NO_INOTIFY these are available to explicitly disable compile time options which would otherwise be enabled automatically or which are enabled by default @@ -192,8 +199,8 @@ RESOLVFILE /* #define HAVE_CONNTRACK */ /* #define HAVE_CRYPTOHASH */ /* #define HAVE_DNSSEC */ +/* #define HAVE_NFTSET */ - /* Default locations for important system files. */ #ifndef LEASEFILE @@ -420,6 +427,10 @@ static char *compile_opts = "no-" #endif "ipset " +#ifndef HAVE_NFTSET +"no-" +#endif +"nftset " #ifndef HAVE_AUTH "no-" #endif @@ -448,7 +459,4 @@ static char *compile_opts = #endif "dumpfile"; -#endif - - - +#endif /* defined(HAVE_DHCP) */