1: /* dnsmasq is Copyright (c) 2000-2021 Simon Kelley
2:
3: This program is free software; you can redistribute it and/or modify
4: it under the terms of the GNU General Public License as published by
5: the Free Software Foundation; version 2 dated June, 1991, or
6: (at your option) version 3 dated 29 June, 2007.
7:
8: This program is distributed in the hope that it will be useful,
9: but WITHOUT ANY WARRANTY; without even the implied warranty of
10: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11: GNU General Public License for more details.
12:
13: You should have received a copy of the GNU General Public License
14: along with this program. If not, see <http://www.gnu.org/licenses/>.
15: */
16:
17: #define FTABSIZ 150 /* max number of outstanding requests (default) */
18: #define MAX_PROCS 20 /* max no children for TCP requests */
19: #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */
20: #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */
21: #define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */
22: #define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */
23: #define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */
24: #define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */
25: #define DNSSEC_WORK 50 /* Max number of queries to validate one question */
26: #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */
27: #define FORWARD_TEST 50 /* try all servers every 50 queries */
28: #define FORWARD_TIME 20 /* or 20 seconds */
29: #define UDP_TEST_TIME 60 /* How often to reset our idea of max packet size. */
30: #define SERVERS_LOGGED 30 /* Only log this many servers when logging state */
31: #define LOCALS_LOGGED 8 /* Only log this many local addresses when logging state */
32: #define RANDOM_SOCKS 64 /* max simultaneous random ports */
33: #define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */
34: #define CACHESIZ 150 /* default cache size */
35: #define TTL_FLOOR_LIMIT 3600 /* don't allow --min-cache-ttl to raise TTL above this under any circumstances */
36: #define MAXLEASES 1000 /* maximum number of DHCP leases */
37: #define PING_WAIT 3 /* wait for ping address-in-use test */
38: #define PING_CACHE_TIME 30 /* Ping test assumed to be valid this long. */
39: #define DECLINE_BACKOFF 600 /* disable DECLINEd static addresses for this long */
40: #define DHCP_PACKET_MAX 16384 /* hard limit on DHCP packet size */
41: #define SMALLDNAME 50 /* most domain names are smaller than this */
42: #define CNAME_CHAIN 10 /* chains longer than this atr dropped for loop protection */
43: #define DNSSEC_MIN_TTL 60 /* DNSKEY and DS records in cache last at least this long */
44: #define HOSTSFILE "/etc/hosts"
45: #define ETHERSFILE "/etc/ethers"
46: #define DEFLEASE 3600 /* default DHCPv4 lease time, one hour */
47: #define DEFLEASE6 (3600*24) /* default lease time for DHCPv6. One day. */
48: #define CHUSER "nobody"
49: #define CHGRP "dip"
50: #define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */
51: #define LOG_MAX 5 /* log-queue length */
52: #define RANDFILE "/dev/urandom"
53: #define DNSMASQ_SERVICE "uk.org.thekelleys.dnsmasq" /* Default - may be overridden by config */
54: #define DNSMASQ_PATH "/uk/org/thekelleys/dnsmasq"
55: #define DNSMASQ_UBUS_NAME "dnsmasq" /* Default - may be overridden by config */
56: #define AUTH_TTL 600 /* default TTL for auth DNS */
57: #define SOA_REFRESH 1200 /* SOA refresh default */
58: #define SOA_RETRY 180 /* SOA retry default */
59: #define SOA_EXPIRY 1209600 /* SOA expiry default */
60: #define LOOP_TEST_DOMAIN "test" /* domain for loop testing, "test" is reserved by RFC 2606 and won't therefore clash */
61: #define LOOP_TEST_TYPE T_TXT
62:
63: /* compile-time options: uncomment below to enable or do eg.
64: make COPTS=-DHAVE_BROKEN_RTC
65:
66: HAVE_BROKEN_RTC
67: define this on embedded systems which don't have an RTC
68: which keeps time over reboots. Causes dnsmasq to use uptime
69: for timing, and keep lease lengths rather than expiry times
70: in its leases file. This also make dnsmasq "flash disk friendly".
71: Normally, dnsmasq tries very hard to keep the on-disk leases file
72: up-to-date: rewriting it after every renewal. When HAVE_BROKEN_RTC
73: is in effect, the lease file is only written when a new lease is
74: created, or an old one destroyed. (Because those are the only times
75: it changes.) This vastly reduces the number of file writes, and makes
76: it viable to keep the lease file on a flash filesystem.
77: NOTE: when enabling or disabling this, be sure to delete any old
78: leases file, otherwise dnsmasq may get very confused.
79:
80: HAVE_TFTP
81: define this to get dnsmasq's built-in TFTP server.
82:
83: HAVE_DHCP
84: define this to get dnsmasq's DHCPv4 server.
85:
86: HAVE_DHCP6
87: define this to get dnsmasq's DHCPv6 server. (implies HAVE_DHCP).
88:
89: HAVE_SCRIPT
90: define this to get the ability to call scripts on lease-change.
91:
92: HAVE_LUASCRIPT
93: define this to get the ability to call Lua script on lease-change. (implies HAVE_SCRIPT)
94:
95: HAVE_DBUS
96: define this if you want to link against libdbus, and have dnsmasq
97: support some methods to allow (re)configuration of the upstream DNS
98: servers via DBus.
99:
100: HAVE_UBUS
101: define this if you want to link against libubus
102:
103: HAVE_IDN
104: define this if you want international domain name 2003 support.
105:
106: HAVE_LIBIDN2
107: define this if you want international domain name 2008 support.
108:
109: HAVE_CONNTRACK
110: define this to include code which propagates conntrack marks from
111: incoming DNS queries to the corresponding upstream queries. This adds
112: a build-dependency on libnetfilter_conntrack, but the resulting binary will
113: still run happily on a kernel without conntrack support.
114:
115: HAVE_IPSET
116: define this to include the ability to selectively add resolved ip addresses
117: to given ipsets.
118:
119: HAVE_AUTH
120: define this to include the facility to act as an authoritative DNS
121: server for one or more zones.
122:
123: HAVE_CRYPTOHASH
124: include just hash function from crypto library, but no DNSSEC.
125:
126: HAVE_DNSSEC
127: include DNSSEC validator.
128:
129: HAVE_DUMPFILE
130: include code to dump packets to a libpcap-format file for debugging.
131:
132: HAVE_LOOP
133: include functionality to probe for and remove DNS forwarding loops.
134:
135: HAVE_INOTIFY
136: use the Linux inotify facility to efficiently re-read configuration files.
137:
138: NO_ID
139: Don't report *.bind CHAOS info to clients, forward such requests upstream instead.
140: NO_TFTP
141: NO_DHCP
142: NO_DHCP6
143: NO_SCRIPT
144: NO_LARGEFILE
145: NO_AUTH
146: NO_DUMPFILE
147: NO_INOTIFY
148: these are available to explicitly disable compile time options which would
149: otherwise be enabled automatically or which are enabled by default
150: in the distributed source tree. Building dnsmasq
151: with something like "make COPTS=-DNO_SCRIPT" will do the trick.
152: NO_GMP
153: Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp.
154:
155: LEASEFILE
156: CONFFILE
157: RESOLVFILE
158: the default locations of these files are determined below, but may be overridden
159: in a build command line using COPTS.
160:
161: */
162:
163: /* Defining this builds a binary which handles time differently and works better on a system without a
164: stable RTC (it uses uptime, not epoch time) and writes the DHCP leases file less often to avoid flash wear.
165: */
166:
167: /* #define HAVE_BROKEN_RTC */
168:
169: /* The default set of options to build. Built with these options, dnsmasq
170: has no library dependencies other than libc */
171:
172: #define HAVE_DHCP
173: #define HAVE_DHCP6
174: #define HAVE_TFTP
175: #define HAVE_SCRIPT
176: #define HAVE_AUTH
177: #define HAVE_IPSET
178: #define HAVE_LOOP
179: #define HAVE_DUMPFILE
180:
181: /* Build options which require external libraries.
182:
183: Defining HAVE_<opt>_STATIC as _well_ as HAVE_<opt> will link the library statically.
184:
185: You can use "make COPTS=-DHAVE_<opt>" instead of editing these.
186: */
187:
188: /* #define HAVE_LUASCRIPT */
189: /* #define HAVE_DBUS */
190: /* #define HAVE_IDN */
191: /* #define HAVE_LIBIDN2 */
192: /* #define HAVE_CONNTRACK */
193: /* #define HAVE_CRYPTOHASH */
194: /* #define HAVE_DNSSEC */
195:
196:
197: /* Default locations for important system files. */
198:
199: #ifndef LEASEFILE
200: # if defined(__FreeBSD__) || defined (__OpenBSD__) || defined(__DragonFly__) || defined(__NetBSD__)
201: # define LEASEFILE "/var/db/dnsmasq.leases"
202: # elif defined(__sun__) || defined (__sun)
203: # define LEASEFILE "/var/cache/dnsmasq.leases"
204: # elif defined(__ANDROID__)
205: # define LEASEFILE "/data/misc/dhcp/dnsmasq.leases"
206: # else
207: # define LEASEFILE "/var/lib/misc/dnsmasq.leases"
208: # endif
209: #endif
210:
211: #ifndef CONFFILE
212: # if defined(__FreeBSD__)
213: # define CONFFILE "/usr/local/etc/dnsmasq.conf"
214: # else
215: # define CONFFILE "/etc/dnsmasq.conf"
216: # endif
217: #endif
218:
219: #ifndef RESOLVFILE
220: # if defined(__uClinux__)
221: # define RESOLVFILE "/etc/config/resolv.conf"
222: # else
223: # define RESOLVFILE "/etc/resolv.conf"
224: # endif
225: #endif
226:
227: #ifndef RUNFILE
228: # if defined(__ANDROID__)
229: # define RUNFILE "/data/dnsmasq.pid"
230: # else
231: # define RUNFILE "/var/run/dnsmasq.pid"
232: # endif
233: #endif
234:
235: /* platform dependent options: these are determined automatically below
236:
237: HAVE_LINUX_NETWORK
238: HAVE_BSD_NETWORK
239: HAVE_SOLARIS_NETWORK
240: define exactly one of these to alter interaction with kernel networking.
241:
242: HAVE_GETOPT_LONG
243: defined when GNU-style getopt_long available.
244:
245: HAVE_SOCKADDR_SA_LEN
246: defined if struct sockaddr has sa_len field (*BSD)
247: */
248:
249: #if defined(__UCLIBC__)
250: #define HAVE_LINUX_NETWORK
251: #if defined(__UCLIBC_HAS_GNU_GETOPT__) || \
252: ((__UCLIBC_MAJOR__==0) && (__UCLIBC_MINOR__==9) && (__UCLIBC_SUBLEVEL__<21))
253: # define HAVE_GETOPT_LONG
254: #endif
255: #undef HAVE_SOCKADDR_SA_LEN
256: #if defined(__UCLIBC_HAS_IPV6__)
257: # ifndef IPV6_V6ONLY
258: # define IPV6_V6ONLY 26
259: # endif
260: #endif
261:
262: /* This is for glibc 2.x */
263: #elif defined(__linux__)
264: #define HAVE_LINUX_NETWORK
265: #define HAVE_GETOPT_LONG
266: #undef HAVE_SOCKADDR_SA_LEN
267:
268: #elif defined(__FreeBSD__) || \
269: defined(__OpenBSD__) || \
270: defined(__DragonFly__) || \
271: defined(__FreeBSD_kernel__)
272: #define HAVE_BSD_NETWORK
273: /* Later versions of FreeBSD have getopt_long() */
274: #if defined(optional_argument) && defined(required_argument)
275: # define HAVE_GETOPT_LONG
276: #endif
277: #define HAVE_SOCKADDR_SA_LEN
278:
279: #elif defined(__APPLE__)
280: #define HAVE_BSD_NETWORK
281: #define HAVE_GETOPT_LONG
282: #define HAVE_SOCKADDR_SA_LEN
283: #define NO_IPSET
284: /* Define before sys/socket.h is included so we get socklen_t */
285: #define _BSD_SOCKLEN_T_
286: /* Select the RFC_3542 version of the IPv6 socket API.
287: Define before netinet6/in6.h is included. */
288: #define __APPLE_USE_RFC_3542
289: /* Required for Mojave. */
290: #ifndef SOL_TCP
291: # define SOL_TCP IPPROTO_TCP
292: #endif
293: #define NO_IPSET
294:
295: #elif defined(__NetBSD__)
296: #define HAVE_BSD_NETWORK
297: #define HAVE_GETOPT_LONG
298: #define HAVE_SOCKADDR_SA_LEN
299:
300: #elif defined(__sun) || defined(__sun__)
301: #define HAVE_SOLARIS_NETWORK
302: #define HAVE_GETOPT_LONG
303: #undef HAVE_SOCKADDR_SA_LEN
304: #define ETHER_ADDR_LEN 6
305:
306: #endif
307:
308: /* rules to implement compile-time option dependencies and
309: the NO_XXX flags */
310:
311: #ifdef NO_TFTP
312: #undef HAVE_TFTP
313: #endif
314:
315: #ifdef NO_DHCP
316: #undef HAVE_DHCP
317: #undef HAVE_DHCP6
318: #endif
319:
320: #if defined(NO_DHCP6)
321: #undef HAVE_DHCP6
322: #endif
323:
324: /* DHCP6 needs DHCP too */
325: #ifdef HAVE_DHCP6
326: #define HAVE_DHCP
327: #endif
328:
329: #if defined(NO_SCRIPT)
330: #undef HAVE_SCRIPT
331: #undef HAVE_LUASCRIPT
332: #endif
333:
334: /* Must HAVE_SCRIPT to HAVE_LUASCRIPT */
335: #ifdef HAVE_LUASCRIPT
336: #define HAVE_SCRIPT
337: #endif
338:
339: #ifdef NO_AUTH
340: #undef HAVE_AUTH
341: #endif
342:
343: #if defined(NO_IPSET)
344: #undef HAVE_IPSET
345: #endif
346:
347: #ifdef NO_LOOP
348: #undef HAVE_LOOP
349: #endif
350:
351: #ifdef NO_DUMPFILE
352: #undef HAVE_DUMPFILE
353: #endif
354:
355: #if defined (HAVE_LINUX_NETWORK) && !defined(NO_INOTIFY)
356: #define HAVE_INOTIFY
357: #endif
358:
359: /* Define a string indicating which options are in use.
360: DNSMASQ_COMPILE_OPTS is only defined in dnsmasq.c */
361:
362: #ifdef DNSMASQ_COMPILE_OPTS
363:
364: static char *compile_opts =
365: "IPv6 "
366: #ifndef HAVE_GETOPT_LONG
367: "no-"
368: #endif
369: "GNU-getopt "
370: #ifdef HAVE_BROKEN_RTC
371: "no-RTC "
372: #endif
373: #ifndef HAVE_DBUS
374: "no-"
375: #endif
376: "DBus "
377: #ifndef HAVE_UBUS
378: "no-"
379: #endif
380: "UBus "
381: #ifndef LOCALEDIR
382: "no-"
383: #endif
384: "i18n "
385: #if defined(HAVE_LIBIDN2)
386: "IDN2 "
387: #else
388: #if !defined(HAVE_IDN)
389: "no-"
390: #endif
391: "IDN "
392: #endif
393: #ifndef HAVE_DHCP
394: "no-"
395: #endif
396: "DHCP "
397: #if defined(HAVE_DHCP)
398: # if !defined (HAVE_DHCP6)
399: "no-"
400: # endif
401: "DHCPv6 "
402: #endif
403: #if !defined(HAVE_SCRIPT)
404: "no-scripts "
405: #else
406: # if !defined(HAVE_LUASCRIPT)
407: "no-"
408: # endif
409: "Lua "
410: #endif
411: #ifndef HAVE_TFTP
412: "no-"
413: #endif
414: "TFTP "
415: #ifndef HAVE_CONNTRACK
416: "no-"
417: #endif
418: "conntrack "
419: #ifndef HAVE_IPSET
420: "no-"
421: #endif
422: "ipset "
423: #ifndef HAVE_AUTH
424: "no-"
425: #endif
426: "auth "
427: #if !defined(HAVE_CRYPTOHASH) && !defined(HAVE_DNSSEC)
428: "no-"
429: #endif
430: "cryptohash "
431: #ifndef HAVE_DNSSEC
432: "no-"
433: #endif
434: "DNSSEC "
435: #ifdef NO_ID
436: "no-ID "
437: #endif
438: #ifndef HAVE_LOOP
439: "no-"
440: #endif
441: "loop-detect "
442: #ifndef HAVE_INOTIFY
443: "no-"
444: #endif
445: "inotify "
446: #ifndef HAVE_DUMPFILE
447: "no-"
448: #endif
449: "dumpfile";
450:
451: #endif
452:
453:
454:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to config.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src