version 1.1.1.4, 2021/03/17 00:56:46
|
version 1.1.1.5, 2023/09/27 11:02:07
|
Line 1
|
Line 1
|
/* dnsmasq is Copyright (c) 2000-2021 Simon Kelley | /* dnsmasq is Copyright (c) 2000-2022 Simon Kelley |
|
|
This program is free software; you can redistribute it and/or modify |
This program is free software; you can redistribute it and/or modify |
it under the terms of the GNU General Public License as published by |
it under the terms of the GNU General Public License as published by |
Line 19
|
Line 19
|
#define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ |
#define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ |
#define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ |
#define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ |
#define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */ |
#define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */ |
#define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */ | #define EDNS_PKTSZ 1232 /* default max EDNS.0 UDP packet from from /dnsflagday.net/2020 */ |
#define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */ | #define SAFE_PKTSZ 1232 /* "go anywhere" UDP packet size, see https://dnsflagday.net/2020/ */ |
#define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */ |
#define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */ |
#define DNSSEC_WORK 50 /* Max number of queries to validate one question */ |
#define DNSSEC_WORK 50 /* Max number of queries to validate one question */ |
#define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ | #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */ |
| #define SMALL_PORT_RANGE 30 /* If DNS port range is smaller than this, use different allocation. */ |
#define FORWARD_TEST 50 /* try all servers every 50 queries */ |
#define FORWARD_TEST 50 /* try all servers every 50 queries */ |
#define FORWARD_TIME 20 /* or 20 seconds */ |
#define FORWARD_TIME 20 /* or 20 seconds */ |
#define UDP_TEST_TIME 60 /* How often to reset our idea of max packet size. */ |
#define UDP_TEST_TIME 60 /* How often to reset our idea of max packet size. */ |
#define SERVERS_LOGGED 30 /* Only log this many servers when logging state */ |
#define SERVERS_LOGGED 30 /* Only log this many servers when logging state */ |
#define LOCALS_LOGGED 8 /* Only log this many local addresses when logging state */ |
#define LOCALS_LOGGED 8 /* Only log this many local addresses when logging state */ |
#define RANDOM_SOCKS 64 /* max simultaneous random ports */ |
|
#define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */ |
#define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */ |
#define CACHESIZ 150 /* default cache size */ |
#define CACHESIZ 150 /* default cache size */ |
#define TTL_FLOOR_LIMIT 3600 /* don't allow --min-cache-ttl to raise TTL above this under any circumstances */ |
#define TTL_FLOOR_LIMIT 3600 /* don't allow --min-cache-ttl to raise TTL above this under any circumstances */ |
Line 59
|
Line 59
|
#define SOA_EXPIRY 1209600 /* SOA expiry default */ |
#define SOA_EXPIRY 1209600 /* SOA expiry default */ |
#define LOOP_TEST_DOMAIN "test" /* domain for loop testing, "test" is reserved by RFC 2606 and won't therefore clash */ |
#define LOOP_TEST_DOMAIN "test" /* domain for loop testing, "test" is reserved by RFC 2606 and won't therefore clash */ |
#define LOOP_TEST_TYPE T_TXT |
#define LOOP_TEST_TYPE T_TXT |
|
#define DEFAULT_FAST_RETRY 1000 /* ms, default delay before fast retry */ |
|
#define STALE_CACHE_EXPIRY 86400 /* 1 day in secs, default maximum expiry time for stale cache data */ |
|
|
/* compile-time options: uncomment below to enable or do eg. |
/* compile-time options: uncomment below to enable or do eg. |
make COPTS=-DHAVE_BROKEN_RTC |
make COPTS=-DHAVE_BROKEN_RTC |
Line 116 HAVE_IPSET
|
Line 118 HAVE_IPSET
|
define this to include the ability to selectively add resolved ip addresses |
define this to include the ability to selectively add resolved ip addresses |
to given ipsets. |
to given ipsets. |
|
|
|
HAVE_NFTSET |
|
define this to include the ability to selectively add resolved ip addresses |
|
to given nftables sets. |
|
|
HAVE_AUTH |
HAVE_AUTH |
define this to include the facility to act as an authoritative DNS |
define this to include the facility to act as an authoritative DNS |
server for one or more zones. |
server for one or more zones. |
Line 144 NO_SCRIPT
|
Line 150 NO_SCRIPT
|
NO_LARGEFILE |
NO_LARGEFILE |
NO_AUTH |
NO_AUTH |
NO_DUMPFILE |
NO_DUMPFILE |
|
NO_LOOP |
NO_INOTIFY |
NO_INOTIFY |
these are available to explicitly disable compile time options which would |
these are available to explicitly disable compile time options which would |
otherwise be enabled automatically or which are enabled by default |
otherwise be enabled automatically or which are enabled by default |
Line 192 RESOLVFILE
|
Line 199 RESOLVFILE
|
/* #define HAVE_CONNTRACK */ |
/* #define HAVE_CONNTRACK */ |
/* #define HAVE_CRYPTOHASH */ |
/* #define HAVE_CRYPTOHASH */ |
/* #define HAVE_DNSSEC */ |
/* #define HAVE_DNSSEC */ |
|
/* #define HAVE_NFTSET */ |
|
|
|
|
/* Default locations for important system files. */ |
/* Default locations for important system files. */ |
|
|
#ifndef LEASEFILE |
#ifndef LEASEFILE |
Line 420 static char *compile_opts =
|
Line 427 static char *compile_opts =
|
"no-" |
"no-" |
#endif |
#endif |
"ipset " |
"ipset " |
|
#ifndef HAVE_NFTSET |
|
"no-" |
|
#endif |
|
"nftset " |
#ifndef HAVE_AUTH |
#ifndef HAVE_AUTH |
"no-" |
"no-" |
#endif |
#endif |
Line 448 static char *compile_opts =
|
Line 459 static char *compile_opts =
|
#endif |
#endif |
"dumpfile"; |
"dumpfile"; |
|
|
#endif | #endif /* defined(HAVE_DHCP) */ |
| |
| |
| |