1: /* dnsmasq is Copyright (c) 2000-2022 Simon Kelley
2:
3: This program is free software; you can redistribute it and/or modify
4: it under the terms of the GNU General Public License as published by
5: the Free Software Foundation; version 2 dated June, 1991, or
6: (at your option) version 3 dated 29 June, 2007.
7:
8: This program is distributed in the hope that it will be useful,
9: but WITHOUT ANY WARRANTY; without even the implied warranty of
10: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11: GNU General Public License for more details.
12:
13: You should have received a copy of the GNU General Public License
14: along with this program. If not, see <http://www.gnu.org/licenses/>.
15: */
16:
17: #define FTABSIZ 150 /* max number of outstanding requests (default) */
18: #define MAX_PROCS 20 /* max no children for TCP requests */
19: #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */
20: #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */
21: #define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */
22: #define EDNS_PKTSZ 1232 /* default max EDNS.0 UDP packet from from /dnsflagday.net/2020 */
23: #define SAFE_PKTSZ 1232 /* "go anywhere" UDP packet size, see https://dnsflagday.net/2020/ */
24: #define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */
25: #define DNSSEC_WORK 50 /* Max number of queries to validate one question */
26: #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */
27: #define SMALL_PORT_RANGE 30 /* If DNS port range is smaller than this, use different allocation. */
28: #define FORWARD_TEST 50 /* try all servers every 50 queries */
29: #define FORWARD_TIME 20 /* or 20 seconds */
30: #define UDP_TEST_TIME 60 /* How often to reset our idea of max packet size. */
31: #define SERVERS_LOGGED 30 /* Only log this many servers when logging state */
32: #define LOCALS_LOGGED 8 /* Only log this many local addresses when logging state */
33: #define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */
34: #define CACHESIZ 150 /* default cache size */
35: #define TTL_FLOOR_LIMIT 3600 /* don't allow --min-cache-ttl to raise TTL above this under any circumstances */
36: #define MAXLEASES 1000 /* maximum number of DHCP leases */
37: #define PING_WAIT 3 /* wait for ping address-in-use test */
38: #define PING_CACHE_TIME 30 /* Ping test assumed to be valid this long. */
39: #define DECLINE_BACKOFF 600 /* disable DECLINEd static addresses for this long */
40: #define DHCP_PACKET_MAX 16384 /* hard limit on DHCP packet size */
41: #define SMALLDNAME 50 /* most domain names are smaller than this */
42: #define CNAME_CHAIN 10 /* chains longer than this atr dropped for loop protection */
43: #define DNSSEC_MIN_TTL 60 /* DNSKEY and DS records in cache last at least this long */
44: #define HOSTSFILE "/etc/hosts"
45: #define ETHERSFILE "/etc/ethers"
46: #define DEFLEASE 3600 /* default DHCPv4 lease time, one hour */
47: #define DEFLEASE6 (3600*24) /* default lease time for DHCPv6. One day. */
48: #define CHUSER "nobody"
49: #define CHGRP "dip"
50: #define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */
51: #define LOG_MAX 5 /* log-queue length */
52: #define RANDFILE "/dev/urandom"
53: #define DNSMASQ_SERVICE "uk.org.thekelleys.dnsmasq" /* Default - may be overridden by config */
54: #define DNSMASQ_PATH "/uk/org/thekelleys/dnsmasq"
55: #define DNSMASQ_UBUS_NAME "dnsmasq" /* Default - may be overridden by config */
56: #define AUTH_TTL 600 /* default TTL for auth DNS */
57: #define SOA_REFRESH 1200 /* SOA refresh default */
58: #define SOA_RETRY 180 /* SOA retry default */
59: #define SOA_EXPIRY 1209600 /* SOA expiry default */
60: #define LOOP_TEST_DOMAIN "test" /* domain for loop testing, "test" is reserved by RFC 2606 and won't therefore clash */
61: #define LOOP_TEST_TYPE T_TXT
62: #define DEFAULT_FAST_RETRY 1000 /* ms, default delay before fast retry */
63: #define STALE_CACHE_EXPIRY 86400 /* 1 day in secs, default maximum expiry time for stale cache data */
64:
65: /* compile-time options: uncomment below to enable or do eg.
66: make COPTS=-DHAVE_BROKEN_RTC
67:
68: HAVE_BROKEN_RTC
69: define this on embedded systems which don't have an RTC
70: which keeps time over reboots. Causes dnsmasq to use uptime
71: for timing, and keep lease lengths rather than expiry times
72: in its leases file. This also make dnsmasq "flash disk friendly".
73: Normally, dnsmasq tries very hard to keep the on-disk leases file
74: up-to-date: rewriting it after every renewal. When HAVE_BROKEN_RTC
75: is in effect, the lease file is only written when a new lease is
76: created, or an old one destroyed. (Because those are the only times
77: it changes.) This vastly reduces the number of file writes, and makes
78: it viable to keep the lease file on a flash filesystem.
79: NOTE: when enabling or disabling this, be sure to delete any old
80: leases file, otherwise dnsmasq may get very confused.
81:
82: HAVE_TFTP
83: define this to get dnsmasq's built-in TFTP server.
84:
85: HAVE_DHCP
86: define this to get dnsmasq's DHCPv4 server.
87:
88: HAVE_DHCP6
89: define this to get dnsmasq's DHCPv6 server. (implies HAVE_DHCP).
90:
91: HAVE_SCRIPT
92: define this to get the ability to call scripts on lease-change.
93:
94: HAVE_LUASCRIPT
95: define this to get the ability to call Lua script on lease-change. (implies HAVE_SCRIPT)
96:
97: HAVE_DBUS
98: define this if you want to link against libdbus, and have dnsmasq
99: support some methods to allow (re)configuration of the upstream DNS
100: servers via DBus.
101:
102: HAVE_UBUS
103: define this if you want to link against libubus
104:
105: HAVE_IDN
106: define this if you want international domain name 2003 support.
107:
108: HAVE_LIBIDN2
109: define this if you want international domain name 2008 support.
110:
111: HAVE_CONNTRACK
112: define this to include code which propagates conntrack marks from
113: incoming DNS queries to the corresponding upstream queries. This adds
114: a build-dependency on libnetfilter_conntrack, but the resulting binary will
115: still run happily on a kernel without conntrack support.
116:
117: HAVE_IPSET
118: define this to include the ability to selectively add resolved ip addresses
119: to given ipsets.
120:
121: HAVE_NFTSET
122: define this to include the ability to selectively add resolved ip addresses
123: to given nftables sets.
124:
125: HAVE_AUTH
126: define this to include the facility to act as an authoritative DNS
127: server for one or more zones.
128:
129: HAVE_CRYPTOHASH
130: include just hash function from crypto library, but no DNSSEC.
131:
132: HAVE_DNSSEC
133: include DNSSEC validator.
134:
135: HAVE_DUMPFILE
136: include code to dump packets to a libpcap-format file for debugging.
137:
138: HAVE_LOOP
139: include functionality to probe for and remove DNS forwarding loops.
140:
141: HAVE_INOTIFY
142: use the Linux inotify facility to efficiently re-read configuration files.
143:
144: NO_ID
145: Don't report *.bind CHAOS info to clients, forward such requests upstream instead.
146: NO_TFTP
147: NO_DHCP
148: NO_DHCP6
149: NO_SCRIPT
150: NO_LARGEFILE
151: NO_AUTH
152: NO_DUMPFILE
153: NO_LOOP
154: NO_INOTIFY
155: these are available to explicitly disable compile time options which would
156: otherwise be enabled automatically or which are enabled by default
157: in the distributed source tree. Building dnsmasq
158: with something like "make COPTS=-DNO_SCRIPT" will do the trick.
159: NO_GMP
160: Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp.
161:
162: LEASEFILE
163: CONFFILE
164: RESOLVFILE
165: the default locations of these files are determined below, but may be overridden
166: in a build command line using COPTS.
167:
168: */
169:
170: /* Defining this builds a binary which handles time differently and works better on a system without a
171: stable RTC (it uses uptime, not epoch time) and writes the DHCP leases file less often to avoid flash wear.
172: */
173:
174: /* #define HAVE_BROKEN_RTC */
175:
176: /* The default set of options to build. Built with these options, dnsmasq
177: has no library dependencies other than libc */
178:
179: #define HAVE_DHCP
180: #define HAVE_DHCP6
181: #define HAVE_TFTP
182: #define HAVE_SCRIPT
183: #define HAVE_AUTH
184: #define HAVE_IPSET
185: #define HAVE_LOOP
186: #define HAVE_DUMPFILE
187:
188: /* Build options which require external libraries.
189:
190: Defining HAVE_<opt>_STATIC as _well_ as HAVE_<opt> will link the library statically.
191:
192: You can use "make COPTS=-DHAVE_<opt>" instead of editing these.
193: */
194:
195: /* #define HAVE_LUASCRIPT */
196: /* #define HAVE_DBUS */
197: /* #define HAVE_IDN */
198: /* #define HAVE_LIBIDN2 */
199: /* #define HAVE_CONNTRACK */
200: /* #define HAVE_CRYPTOHASH */
201: /* #define HAVE_DNSSEC */
202: /* #define HAVE_NFTSET */
203:
204: /* Default locations for important system files. */
205:
206: #ifndef LEASEFILE
207: # if defined(__FreeBSD__) || defined (__OpenBSD__) || defined(__DragonFly__) || defined(__NetBSD__)
208: # define LEASEFILE "/var/db/dnsmasq.leases"
209: # elif defined(__sun__) || defined (__sun)
210: # define LEASEFILE "/var/cache/dnsmasq.leases"
211: # elif defined(__ANDROID__)
212: # define LEASEFILE "/data/misc/dhcp/dnsmasq.leases"
213: # else
214: # define LEASEFILE "/var/lib/misc/dnsmasq.leases"
215: # endif
216: #endif
217:
218: #ifndef CONFFILE
219: # if defined(__FreeBSD__)
220: # define CONFFILE "/usr/local/etc/dnsmasq.conf"
221: # else
222: # define CONFFILE "/etc/dnsmasq.conf"
223: # endif
224: #endif
225:
226: #ifndef RESOLVFILE
227: # if defined(__uClinux__)
228: # define RESOLVFILE "/etc/config/resolv.conf"
229: # else
230: # define RESOLVFILE "/etc/resolv.conf"
231: # endif
232: #endif
233:
234: #ifndef RUNFILE
235: # if defined(__ANDROID__)
236: # define RUNFILE "/data/dnsmasq.pid"
237: # else
238: # define RUNFILE "/var/run/dnsmasq.pid"
239: # endif
240: #endif
241:
242: /* platform dependent options: these are determined automatically below
243:
244: HAVE_LINUX_NETWORK
245: HAVE_BSD_NETWORK
246: HAVE_SOLARIS_NETWORK
247: define exactly one of these to alter interaction with kernel networking.
248:
249: HAVE_GETOPT_LONG
250: defined when GNU-style getopt_long available.
251:
252: HAVE_SOCKADDR_SA_LEN
253: defined if struct sockaddr has sa_len field (*BSD)
254: */
255:
256: #if defined(__UCLIBC__)
257: #define HAVE_LINUX_NETWORK
258: #if defined(__UCLIBC_HAS_GNU_GETOPT__) || \
259: ((__UCLIBC_MAJOR__==0) && (__UCLIBC_MINOR__==9) && (__UCLIBC_SUBLEVEL__<21))
260: # define HAVE_GETOPT_LONG
261: #endif
262: #undef HAVE_SOCKADDR_SA_LEN
263: #if defined(__UCLIBC_HAS_IPV6__)
264: # ifndef IPV6_V6ONLY
265: # define IPV6_V6ONLY 26
266: # endif
267: #endif
268:
269: /* This is for glibc 2.x */
270: #elif defined(__linux__)
271: #define HAVE_LINUX_NETWORK
272: #define HAVE_GETOPT_LONG
273: #undef HAVE_SOCKADDR_SA_LEN
274:
275: #elif defined(__FreeBSD__) || \
276: defined(__OpenBSD__) || \
277: defined(__DragonFly__) || \
278: defined(__FreeBSD_kernel__)
279: #define HAVE_BSD_NETWORK
280: /* Later versions of FreeBSD have getopt_long() */
281: #if defined(optional_argument) && defined(required_argument)
282: # define HAVE_GETOPT_LONG
283: #endif
284: #define HAVE_SOCKADDR_SA_LEN
285:
286: #elif defined(__APPLE__)
287: #define HAVE_BSD_NETWORK
288: #define HAVE_GETOPT_LONG
289: #define HAVE_SOCKADDR_SA_LEN
290: #define NO_IPSET
291: /* Define before sys/socket.h is included so we get socklen_t */
292: #define _BSD_SOCKLEN_T_
293: /* Select the RFC_3542 version of the IPv6 socket API.
294: Define before netinet6/in6.h is included. */
295: #define __APPLE_USE_RFC_3542
296: /* Required for Mojave. */
297: #ifndef SOL_TCP
298: # define SOL_TCP IPPROTO_TCP
299: #endif
300: #define NO_IPSET
301:
302: #elif defined(__NetBSD__)
303: #define HAVE_BSD_NETWORK
304: #define HAVE_GETOPT_LONG
305: #define HAVE_SOCKADDR_SA_LEN
306:
307: #elif defined(__sun) || defined(__sun__)
308: #define HAVE_SOLARIS_NETWORK
309: #define HAVE_GETOPT_LONG
310: #undef HAVE_SOCKADDR_SA_LEN
311: #define ETHER_ADDR_LEN 6
312:
313: #endif
314:
315: /* rules to implement compile-time option dependencies and
316: the NO_XXX flags */
317:
318: #ifdef NO_TFTP
319: #undef HAVE_TFTP
320: #endif
321:
322: #ifdef NO_DHCP
323: #undef HAVE_DHCP
324: #undef HAVE_DHCP6
325: #endif
326:
327: #if defined(NO_DHCP6)
328: #undef HAVE_DHCP6
329: #endif
330:
331: /* DHCP6 needs DHCP too */
332: #ifdef HAVE_DHCP6
333: #define HAVE_DHCP
334: #endif
335:
336: #if defined(NO_SCRIPT)
337: #undef HAVE_SCRIPT
338: #undef HAVE_LUASCRIPT
339: #endif
340:
341: /* Must HAVE_SCRIPT to HAVE_LUASCRIPT */
342: #ifdef HAVE_LUASCRIPT
343: #define HAVE_SCRIPT
344: #endif
345:
346: #ifdef NO_AUTH
347: #undef HAVE_AUTH
348: #endif
349:
350: #if defined(NO_IPSET)
351: #undef HAVE_IPSET
352: #endif
353:
354: #ifdef NO_LOOP
355: #undef HAVE_LOOP
356: #endif
357:
358: #ifdef NO_DUMPFILE
359: #undef HAVE_DUMPFILE
360: #endif
361:
362: #if defined (HAVE_LINUX_NETWORK) && !defined(NO_INOTIFY)
363: #define HAVE_INOTIFY
364: #endif
365:
366: /* Define a string indicating which options are in use.
367: DNSMASQ_COMPILE_OPTS is only defined in dnsmasq.c */
368:
369: #ifdef DNSMASQ_COMPILE_OPTS
370:
371: static char *compile_opts =
372: "IPv6 "
373: #ifndef HAVE_GETOPT_LONG
374: "no-"
375: #endif
376: "GNU-getopt "
377: #ifdef HAVE_BROKEN_RTC
378: "no-RTC "
379: #endif
380: #ifndef HAVE_DBUS
381: "no-"
382: #endif
383: "DBus "
384: #ifndef HAVE_UBUS
385: "no-"
386: #endif
387: "UBus "
388: #ifndef LOCALEDIR
389: "no-"
390: #endif
391: "i18n "
392: #if defined(HAVE_LIBIDN2)
393: "IDN2 "
394: #else
395: #if !defined(HAVE_IDN)
396: "no-"
397: #endif
398: "IDN "
399: #endif
400: #ifndef HAVE_DHCP
401: "no-"
402: #endif
403: "DHCP "
404: #if defined(HAVE_DHCP)
405: # if !defined (HAVE_DHCP6)
406: "no-"
407: # endif
408: "DHCPv6 "
409: #endif
410: #if !defined(HAVE_SCRIPT)
411: "no-scripts "
412: #else
413: # if !defined(HAVE_LUASCRIPT)
414: "no-"
415: # endif
416: "Lua "
417: #endif
418: #ifndef HAVE_TFTP
419: "no-"
420: #endif
421: "TFTP "
422: #ifndef HAVE_CONNTRACK
423: "no-"
424: #endif
425: "conntrack "
426: #ifndef HAVE_IPSET
427: "no-"
428: #endif
429: "ipset "
430: #ifndef HAVE_NFTSET
431: "no-"
432: #endif
433: "nftset "
434: #ifndef HAVE_AUTH
435: "no-"
436: #endif
437: "auth "
438: #if !defined(HAVE_CRYPTOHASH) && !defined(HAVE_DNSSEC)
439: "no-"
440: #endif
441: "cryptohash "
442: #ifndef HAVE_DNSSEC
443: "no-"
444: #endif
445: "DNSSEC "
446: #ifdef NO_ID
447: "no-ID "
448: #endif
449: #ifndef HAVE_LOOP
450: "no-"
451: #endif
452: "loop-detect "
453: #ifndef HAVE_INOTIFY
454: "no-"
455: #endif
456: "inotify "
457: #ifndef HAVE_DUMPFILE
458: "no-"
459: #endif
460: "dumpfile";
461:
462: #endif /* defined(HAVE_DHCP) */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to config.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src