version 1.1.1.3, 2016/11/02 09:57:01
|
version 1.1.1.4, 2021/03/17 00:56:46
|
Line 1
|
Line 1
|
/* dnsmasq is Copyright (c) 2000-2016 Simon Kelley | /* dnsmasq is Copyright (c) 2000-2021 Simon Kelley |
|
|
This program is free software; you can redistribute it and/or modify |
This program is free software; you can redistribute it and/or modify |
it under the terms of the GNU General Public License as published by |
it under the terms of the GNU General Public License as published by |
Line 18
|
Line 18
|
#define MAX_PROCS 20 /* max no children for TCP requests */ |
#define MAX_PROCS 20 /* max no children for TCP requests */ |
#define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ |
#define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ |
#define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ |
#define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ |
|
#define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */ |
#define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */ |
#define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */ |
#define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */ |
#define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */ |
#define KEYBLOCK_LEN 40 /* choose to mininise fragmentation when storing DNSSEC keys */ | #define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */ |
#define DNSSEC_WORK 50 /* Max number of queries to validate one question */ |
#define DNSSEC_WORK 50 /* Max number of queries to validate one question */ |
#define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ |
#define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ |
#define FORWARD_TEST 50 /* try all servers every 50 queries */ |
#define FORWARD_TEST 50 /* try all servers every 50 queries */ |
#define FORWARD_TIME 20 /* or 20 seconds */ |
#define FORWARD_TIME 20 /* or 20 seconds */ |
|
#define UDP_TEST_TIME 60 /* How often to reset our idea of max packet size. */ |
#define SERVERS_LOGGED 30 /* Only log this many servers when logging state */ |
#define SERVERS_LOGGED 30 /* Only log this many servers when logging state */ |
|
#define LOCALS_LOGGED 8 /* Only log this many local addresses when logging state */ |
#define RANDOM_SOCKS 64 /* max simultaneous random ports */ |
#define RANDOM_SOCKS 64 /* max simultaneous random ports */ |
#define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */ |
#define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */ |
#define CACHESIZ 150 /* default cache size */ |
#define CACHESIZ 150 /* default cache size */ |
Line 37
|
Line 40
|
#define DHCP_PACKET_MAX 16384 /* hard limit on DHCP packet size */ |
#define DHCP_PACKET_MAX 16384 /* hard limit on DHCP packet size */ |
#define SMALLDNAME 50 /* most domain names are smaller than this */ |
#define SMALLDNAME 50 /* most domain names are smaller than this */ |
#define CNAME_CHAIN 10 /* chains longer than this atr dropped for loop protection */ |
#define CNAME_CHAIN 10 /* chains longer than this atr dropped for loop protection */ |
|
#define DNSSEC_MIN_TTL 60 /* DNSKEY and DS records in cache last at least this long */ |
#define HOSTSFILE "/etc/hosts" |
#define HOSTSFILE "/etc/hosts" |
#define ETHERSFILE "/etc/ethers" |
#define ETHERSFILE "/etc/ethers" |
#define DEFLEASE 3600 /* default lease time, 1 hour */ | #define DEFLEASE 3600 /* default DHCPv4 lease time, one hour */ |
| #define DEFLEASE6 (3600*24) /* default lease time for DHCPv6. One day. */ |
#define CHUSER "nobody" |
#define CHUSER "nobody" |
#define CHGRP "dip" |
#define CHGRP "dip" |
#define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */ |
#define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */ |
Line 47
|
Line 52
|
#define RANDFILE "/dev/urandom" |
#define RANDFILE "/dev/urandom" |
#define DNSMASQ_SERVICE "uk.org.thekelleys.dnsmasq" /* Default - may be overridden by config */ |
#define DNSMASQ_SERVICE "uk.org.thekelleys.dnsmasq" /* Default - may be overridden by config */ |
#define DNSMASQ_PATH "/uk/org/thekelleys/dnsmasq" |
#define DNSMASQ_PATH "/uk/org/thekelleys/dnsmasq" |
|
#define DNSMASQ_UBUS_NAME "dnsmasq" /* Default - may be overridden by config */ |
#define AUTH_TTL 600 /* default TTL for auth DNS */ |
#define AUTH_TTL 600 /* default TTL for auth DNS */ |
#define SOA_REFRESH 1200 /* SOA refresh default */ |
#define SOA_REFRESH 1200 /* SOA refresh default */ |
#define SOA_RETRY 180 /* SOA retry default */ |
#define SOA_RETRY 180 /* SOA retry default */ |
Line 91 HAVE_DBUS
|
Line 97 HAVE_DBUS
|
support some methods to allow (re)configuration of the upstream DNS |
support some methods to allow (re)configuration of the upstream DNS |
servers via DBus. |
servers via DBus. |
|
|
|
HAVE_UBUS |
|
define this if you want to link against libubus |
|
|
HAVE_IDN |
HAVE_IDN |
define this if you want international domain name support. | define this if you want international domain name 2003 support. |
NOTE: for backwards compatibility, IDN support is automatically | |
included when internationalisation support is built, using the | HAVE_LIBIDN2 |
*-i18n makefile targets, even if HAVE_IDN is not explicitly set. | define this if you want international domain name 2008 support. |
|
|
HAVE_CONNTRACK |
HAVE_CONNTRACK |
define this to include code which propogates conntrack marks from | define this to include code which propagates conntrack marks from |
incoming DNS queries to the corresponding upstream queries. This adds |
incoming DNS queries to the corresponding upstream queries. This adds |
a build-dependency on libnetfilter_conntrack, but the resulting binary will |
a build-dependency on libnetfilter_conntrack, but the resulting binary will |
still run happily on a kernel without conntrack support. |
still run happily on a kernel without conntrack support. |
Line 111 HAVE_AUTH
|
Line 120 HAVE_AUTH
|
define this to include the facility to act as an authoritative DNS |
define this to include the facility to act as an authoritative DNS |
server for one or more zones. |
server for one or more zones. |
|
|
|
HAVE_CRYPTOHASH |
|
include just hash function from crypto library, but no DNSSEC. |
|
|
HAVE_DNSSEC |
HAVE_DNSSEC |
include DNSSEC validator. |
include DNSSEC validator. |
|
|
|
HAVE_DUMPFILE |
|
include code to dump packets to a libpcap-format file for debugging. |
|
|
HAVE_LOOP |
HAVE_LOOP |
include functionality to probe for and remove DNS forwarding loops. |
include functionality to probe for and remove DNS forwarding loops. |
|
|
HAVE_INOTIFY |
HAVE_INOTIFY |
use the Linux inotify facility to efficiently re-read configuration files. |
use the Linux inotify facility to efficiently re-read configuration files. |
|
|
NO_IPV6 | NO_ID |
| Don't report *.bind CHAOS info to clients, forward such requests upstream instead. |
NO_TFTP |
NO_TFTP |
NO_DHCP |
NO_DHCP |
NO_DHCP6 |
NO_DHCP6 |
NO_SCRIPT |
NO_SCRIPT |
NO_LARGEFILE |
NO_LARGEFILE |
NO_AUTH |
NO_AUTH |
|
NO_DUMPFILE |
NO_INOTIFY |
NO_INOTIFY |
these are avilable to explictly disable compile time options which would | these are available to explicitly disable compile time options which would |
otherwise be enabled automatically (HAVE_IPV6, >2Gb file sizes) or | otherwise be enabled automatically or which are enabled by default |
which are enabled by default in the distributed source tree. Building dnsmasq | in the distributed source tree. Building dnsmasq |
with something like "make COPTS=-DNO_SCRIPT" will do the trick. |
with something like "make COPTS=-DNO_SCRIPT" will do the trick. |
|
|
NO_NETTLE_ECC |
|
Don't include the ECDSA cypher in DNSSEC validation. Needed for older Nettle versions. |
|
NO_GMP |
NO_GMP |
Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp. |
Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp. |
|
|
Line 162 RESOLVFILE
|
Line 176 RESOLVFILE
|
#define HAVE_AUTH |
#define HAVE_AUTH |
#define HAVE_IPSET |
#define HAVE_IPSET |
#define HAVE_LOOP |
#define HAVE_LOOP |
|
#define HAVE_DUMPFILE |
|
|
/* Build options which require external libraries. |
/* Build options which require external libraries. |
|
|
Line 173 RESOLVFILE
|
Line 188 RESOLVFILE
|
/* #define HAVE_LUASCRIPT */ |
/* #define HAVE_LUASCRIPT */ |
/* #define HAVE_DBUS */ |
/* #define HAVE_DBUS */ |
/* #define HAVE_IDN */ |
/* #define HAVE_IDN */ |
|
/* #define HAVE_LIBIDN2 */ |
/* #define HAVE_CONNTRACK */ |
/* #define HAVE_CONNTRACK */ |
|
/* #define HAVE_CRYPTOHASH */ |
/* #define HAVE_DNSSEC */ |
/* #define HAVE_DNSSEC */ |
|
|
|
|
Line 229 HAVE_SOCKADDR_SA_LEN
|
Line 246 HAVE_SOCKADDR_SA_LEN
|
defined if struct sockaddr has sa_len field (*BSD) |
defined if struct sockaddr has sa_len field (*BSD) |
*/ |
*/ |
|
|
/* Must preceed __linux__ since uClinux defines __linux__ too. */ | #if defined(__UCLIBC__) |
#if defined(__uClinux__) | |
#define HAVE_LINUX_NETWORK |
#define HAVE_LINUX_NETWORK |
#define HAVE_GETOPT_LONG |
|
#undef HAVE_SOCKADDR_SA_LEN |
|
/* Never use fork() on uClinux. Note that this is subtly different from the |
|
--keep-in-foreground option, since it also suppresses forking new |
|
processes for TCP connections and disables the call-a-script on leasechange |
|
system. It's intended for use on MMU-less kernels. */ |
|
#define NO_FORK |
|
|
|
#elif defined(__UCLIBC__) |
|
#define HAVE_LINUX_NETWORK |
|
#if defined(__UCLIBC_HAS_GNU_GETOPT__) || \ |
#if defined(__UCLIBC_HAS_GNU_GETOPT__) || \ |
((__UCLIBC_MAJOR__==0) && (__UCLIBC_MINOR__==9) && (__UCLIBC_SUBLEVEL__<21)) |
((__UCLIBC_MAJOR__==0) && (__UCLIBC_MINOR__==9) && (__UCLIBC_SUBLEVEL__<21)) |
# define HAVE_GETOPT_LONG |
# define HAVE_GETOPT_LONG |
#endif |
#endif |
#undef HAVE_SOCKADDR_SA_LEN |
#undef HAVE_SOCKADDR_SA_LEN |
#if !defined(__ARCH_HAS_MMU__) && !defined(__UCLIBC_HAS_MMU__) |
|
# define NO_FORK |
|
#endif |
|
#if defined(__UCLIBC_HAS_IPV6__) |
#if defined(__UCLIBC_HAS_IPV6__) |
# ifndef IPV6_V6ONLY |
# ifndef IPV6_V6ONLY |
# define IPV6_V6ONLY 26 |
# define IPV6_V6ONLY 26 |
Line 267 HAVE_SOCKADDR_SA_LEN
|
Line 270 HAVE_SOCKADDR_SA_LEN
|
defined(__DragonFly__) || \ |
defined(__DragonFly__) || \ |
defined(__FreeBSD_kernel__) |
defined(__FreeBSD_kernel__) |
#define HAVE_BSD_NETWORK |
#define HAVE_BSD_NETWORK |
/* Later verions of FreeBSD have getopt_long() */ | /* Later versions of FreeBSD have getopt_long() */ |
#if defined(optional_argument) && defined(required_argument) |
#if defined(optional_argument) && defined(required_argument) |
# define HAVE_GETOPT_LONG |
# define HAVE_GETOPT_LONG |
#endif |
#endif |
Line 277 HAVE_SOCKADDR_SA_LEN
|
Line 280 HAVE_SOCKADDR_SA_LEN
|
#define HAVE_BSD_NETWORK |
#define HAVE_BSD_NETWORK |
#define HAVE_GETOPT_LONG |
#define HAVE_GETOPT_LONG |
#define HAVE_SOCKADDR_SA_LEN |
#define HAVE_SOCKADDR_SA_LEN |
|
#define NO_IPSET |
/* Define before sys/socket.h is included so we get socklen_t */ |
/* Define before sys/socket.h is included so we get socklen_t */ |
#define _BSD_SOCKLEN_T_ |
#define _BSD_SOCKLEN_T_ |
/* Select the RFC_3542 version of the IPv6 socket API. |
/* Select the RFC_3542 version of the IPv6 socket API. |
Define before netinet6/in6.h is included. */ |
Define before netinet6/in6.h is included. */ |
#define __APPLE_USE_RFC_3542 | #define __APPLE_USE_RFC_3542 |
| /* Required for Mojave. */ |
| #ifndef SOL_TCP |
| # define SOL_TCP IPPROTO_TCP |
| #endif |
#define NO_IPSET |
#define NO_IPSET |
|
|
#elif defined(__NetBSD__) |
#elif defined(__NetBSD__) |
Line 297 HAVE_SOCKADDR_SA_LEN
|
Line 305 HAVE_SOCKADDR_SA_LEN
|
|
|
#endif |
#endif |
|
|
/* Decide if we're going to support IPv6 */ |
|
/* We assume that systems which don't have IPv6 |
|
headers don't have ntop and pton either */ |
|
|
|
#if defined(INET6_ADDRSTRLEN) && defined(IPV6_V6ONLY) |
|
# define HAVE_IPV6 |
|
# define ADDRSTRLEN INET6_ADDRSTRLEN |
|
#else |
|
# if !defined(INET_ADDRSTRLEN) |
|
# define INET_ADDRSTRLEN 16 /* 4*3 + 3 dots + NULL */ |
|
# endif |
|
# undef HAVE_IPV6 |
|
# define ADDRSTRLEN INET_ADDRSTRLEN |
|
#endif |
|
|
|
|
|
/* rules to implement compile-time option dependencies and |
/* rules to implement compile-time option dependencies and |
the NO_XXX flags */ |
the NO_XXX flags */ |
|
|
#ifdef NO_IPV6 |
|
#undef HAVE_IPV6 |
|
#endif |
|
|
|
#ifdef NO_TFTP |
#ifdef NO_TFTP |
#undef HAVE_TFTP |
#undef HAVE_TFTP |
#endif |
#endif |
Line 329 HAVE_SOCKADDR_SA_LEN
|
Line 317 HAVE_SOCKADDR_SA_LEN
|
#undef HAVE_DHCP6 |
#undef HAVE_DHCP6 |
#endif |
#endif |
|
|
#if defined(NO_DHCP6) || !defined(HAVE_IPV6) | #if defined(NO_DHCP6) |
#undef HAVE_DHCP6 |
#undef HAVE_DHCP6 |
#endif |
#endif |
|
|
Line 338 HAVE_SOCKADDR_SA_LEN
|
Line 326 HAVE_SOCKADDR_SA_LEN
|
#define HAVE_DHCP |
#define HAVE_DHCP |
#endif |
#endif |
|
|
#if defined(NO_SCRIPT) || defined(NO_FORK) | #if defined(NO_SCRIPT) |
#undef HAVE_SCRIPT |
#undef HAVE_SCRIPT |
#undef HAVE_LUASCRIPT |
#undef HAVE_LUASCRIPT |
#endif |
#endif |
Line 360 HAVE_SOCKADDR_SA_LEN
|
Line 348 HAVE_SOCKADDR_SA_LEN
|
#undef HAVE_LOOP |
#undef HAVE_LOOP |
#endif |
#endif |
|
|
|
#ifdef NO_DUMPFILE |
|
#undef HAVE_DUMPFILE |
|
#endif |
|
|
#if defined (HAVE_LINUX_NETWORK) && !defined(NO_INOTIFY) |
#if defined (HAVE_LINUX_NETWORK) && !defined(NO_INOTIFY) |
#define HAVE_INOTIFY |
#define HAVE_INOTIFY |
#endif |
#endif |
|
|
/* Define a string indicating which options are in use. |
/* Define a string indicating which options are in use. |
DNSMASQP_COMPILE_OPTS is only defined in dnsmasq.c */ | DNSMASQ_COMPILE_OPTS is only defined in dnsmasq.c */ |
|
|
#ifdef DNSMASQ_COMPILE_OPTS |
#ifdef DNSMASQ_COMPILE_OPTS |
|
|
static char *compile_opts = |
static char *compile_opts = |
#ifndef HAVE_IPV6 |
|
"no-" |
|
#endif |
|
"IPv6 " |
"IPv6 " |
#ifndef HAVE_GETOPT_LONG |
#ifndef HAVE_GETOPT_LONG |
"no-" |
"no-" |
Line 381 static char *compile_opts =
|
Line 370 static char *compile_opts =
|
#ifdef HAVE_BROKEN_RTC |
#ifdef HAVE_BROKEN_RTC |
"no-RTC " |
"no-RTC " |
#endif |
#endif |
#ifdef NO_FORK |
|
"no-MMU " |
|
#endif |
|
#ifndef HAVE_DBUS |
#ifndef HAVE_DBUS |
"no-" |
"no-" |
#endif |
#endif |
"DBus " |
"DBus " |
|
#ifndef HAVE_UBUS |
|
"no-" |
|
#endif |
|
"UBus " |
#ifndef LOCALEDIR |
#ifndef LOCALEDIR |
"no-" |
"no-" |
#endif |
#endif |
"i18n " |
"i18n " |
#if !defined(LOCALEDIR) && !defined(HAVE_IDN) | #if defined(HAVE_LIBIDN2) |
| "IDN2 " |
| #else |
| #if !defined(HAVE_IDN) |
"no-" |
"no-" |
#endif | #endif |
"IDN " | "IDN " |
| #endif |
#ifndef HAVE_DHCP |
#ifndef HAVE_DHCP |
"no-" |
"no-" |
#endif |
#endif |
Line 405 static char *compile_opts =
|
Line 399 static char *compile_opts =
|
"no-" |
"no-" |
# endif |
# endif |
"DHCPv6 " |
"DHCPv6 " |
# if !defined(HAVE_SCRIPT) | #endif |
| #if !defined(HAVE_SCRIPT) |
"no-scripts " |
"no-scripts " |
# else | #else |
# if !defined(HAVE_LUASCRIPT) | # if !defined(HAVE_LUASCRIPT) |
"no-" | "no-" |
# endif | |
"Lua " | |
# endif |
# endif |
|
"Lua " |
#endif |
#endif |
#ifndef HAVE_TFTP |
#ifndef HAVE_TFTP |
"no-" |
"no-" |
Line 430 static char *compile_opts =
|
Line 424 static char *compile_opts =
|
"no-" |
"no-" |
#endif |
#endif |
"auth " |
"auth " |
|
#if !defined(HAVE_CRYPTOHASH) && !defined(HAVE_DNSSEC) |
|
"no-" |
|
#endif |
|
"cryptohash " |
#ifndef HAVE_DNSSEC |
#ifndef HAVE_DNSSEC |
"no-" |
"no-" |
#endif |
#endif |
"DNSSEC " |
"DNSSEC " |
|
#ifdef NO_ID |
|
"no-ID " |
|
#endif |
#ifndef HAVE_LOOP |
#ifndef HAVE_LOOP |
"no-" |
"no-" |
#endif |
#endif |
Line 441 static char *compile_opts =
|
Line 442 static char *compile_opts =
|
#ifndef HAVE_INOTIFY |
#ifndef HAVE_INOTIFY |
"no-" |
"no-" |
#endif |
#endif |
"inotify"; | "inotify " |
| #ifndef HAVE_DUMPFILE |
| "no-" |
| #endif |
| "dumpfile"; |
|
|
#endif |
#endif |
|
|