-/* dnsmasq is Copyright (c) 2000-2015 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2020 Simon Kelley
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
+#define VERSION "2.82"
+
#define FTABSIZ 150 /* max number of outstanding requests (default) */
#define MAX_PROCS 20 /* max no children for TCP requests */
#define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */
#define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */
+#define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */
#define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */
#define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */
-#define KEYBLOCK_LEN 40 /* choose to mininise fragmentation when storing DNSSEC keys */
+#define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */
#define DNSSEC_WORK 50 /* Max number of queries to validate one question */
#define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */
#define FORWARD_TEST 50 /* try all servers every 50 queries */
#define FORWARD_TIME 20 /* or 20 seconds */
+#define UDP_TEST_TIME 60 /* How often to reset our idea of max packet size. */
+#define SERVERS_LOGGED 30 /* Only log this many servers when logging state */
+#define LOCALS_LOGGED 8 /* Only log this many local addresses when logging state */
#define RANDOM_SOCKS 64 /* max simultaneous random ports */
#define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */
#define CACHESIZ 150 /* default cache size */
#define DHCP_PACKET_MAX 16384 /* hard limit on DHCP packet size */
#define SMALLDNAME 50 /* most domain names are smaller than this */
#define CNAME_CHAIN 10 /* chains longer than this atr dropped for loop protection */
+#define DNSSEC_MIN_TTL 60 /* DNSKEY and DS records in cache last at least this long */
#define HOSTSFILE "/etc/hosts"
#define ETHERSFILE "/etc/ethers"
-#define DEFLEASE 3600 /* default lease time, 1 hour */
+#define DEFLEASE 3600 /* default DHCPv4 lease time, one hour */
+#define DEFLEASE6 (3600*24) /* default lease time for DHCPv6. One day. */
#define CHUSER "nobody"
#define CHGRP "dip"
#define TFTP_MAX_CONNECTIONS 50 /* max simultaneous connections */
#define RANDFILE "/dev/urandom"
#define DNSMASQ_SERVICE "uk.org.thekelleys.dnsmasq" /* Default - may be overridden by config */
#define DNSMASQ_PATH "/uk/org/thekelleys/dnsmasq"
+#define DNSMASQ_UBUS_NAME "dnsmasq" /* Default - may be overridden by config */
#define AUTH_TTL 600 /* default TTL for auth DNS */
#define SOA_REFRESH 1200 /* SOA refresh default */
#define SOA_RETRY 180 /* SOA retry default */
support some methods to allow (re)configuration of the upstream DNS
servers via DBus.
+HAVE_UBUS
+ define this if you want to link against libubus
+
HAVE_IDN
- define this if you want international domain name support.
- NOTE: for backwards compatibility, IDN support is automatically
- included when internationalisation support is built, using the
- *-i18n makefile targets, even if HAVE_IDN is not explicitly set.
+ define this if you want international domain name 2003 support.
+
+HAVE_LIBIDN2
+ define this if you want international domain name 2008 support.
HAVE_CONNTRACK
- define this to include code which propogates conntrack marks from
+ define this to include code which propagates conntrack marks from
incoming DNS queries to the corresponding upstream queries. This adds
a build-dependency on libnetfilter_conntrack, but the resulting binary will
still run happily on a kernel without conntrack support.
HAVE_DNSSEC
include DNSSEC validator.
+HAVE_DUMPFILE
+ include code to dump packets to a libpcap-format file for debugging.
+
HAVE_LOOP
include functionality to probe for and remove DNS forwarding loops.
HAVE_INOTIFY
use the Linux inotify facility to efficiently re-read configuration files.
-NO_IPV6
+NO_ID
+ Don't report *.bind CHAOS info to clients, forward such requests upstream instead.
NO_TFTP
NO_DHCP
NO_DHCP6
NO_SCRIPT
NO_LARGEFILE
NO_AUTH
+NO_DUMPFILE
NO_INOTIFY
- these are avilable to explictly disable compile time options which would
- otherwise be enabled automatically (HAVE_IPV6, >2Gb file sizes) or
- which are enabled by default in the distributed source tree. Building dnsmasq
+ these are available to explicitly disable compile time options which would
+ otherwise be enabled automatically or which are enabled by default
+ in the distributed source tree. Building dnsmasq
with something like "make COPTS=-DNO_SCRIPT" will do the trick.
-
-NO_NETTLE_ECC
- Don't include the ECDSA cypher in DNSSEC validation. Needed for older Nettle versions.
NO_GMP
Don't use and link against libgmp, Useful if nettle is built with --enable-mini-gmp.
#define HAVE_AUTH
#define HAVE_IPSET
#define HAVE_LOOP
+#define HAVE_DUMPFILE
/* Build options which require external libraries.
*/
/* #define HAVE_LUASCRIPT */
-/* #define HAVE_DBUS */
+#define HAVE_DBUS
/* #define HAVE_IDN */
+/* #define HAVE_LIBIDN2 */
/* #define HAVE_CONNTRACK */
/* #define HAVE_DNSSEC */
defined if struct sockaddr has sa_len field (*BSD)
*/
-/* Must preceed __linux__ since uClinux defines __linux__ too. */
-#if defined(__uClinux__)
-#define HAVE_LINUX_NETWORK
-#define HAVE_GETOPT_LONG
-#undef HAVE_SOCKADDR_SA_LEN
-/* Never use fork() on uClinux. Note that this is subtly different from the
- --keep-in-foreground option, since it also suppresses forking new
- processes for TCP connections and disables the call-a-script on leasechange
- system. It's intended for use on MMU-less kernels. */
-#define NO_FORK
-
-#elif defined(__UCLIBC__)
+#if defined(__UCLIBC__)
#define HAVE_LINUX_NETWORK
#if defined(__UCLIBC_HAS_GNU_GETOPT__) || \
((__UCLIBC_MAJOR__==0) && (__UCLIBC_MINOR__==9) && (__UCLIBC_SUBLEVEL__<21))
# define HAVE_GETOPT_LONG
#endif
#undef HAVE_SOCKADDR_SA_LEN
-#if !defined(__ARCH_HAS_MMU__) && !defined(__UCLIBC_HAS_MMU__)
-# define NO_FORK
-#endif
#if defined(__UCLIBC_HAS_IPV6__)
# ifndef IPV6_V6ONLY
# define IPV6_V6ONLY 26
defined(__DragonFly__) || \
defined(__FreeBSD_kernel__)
#define HAVE_BSD_NETWORK
-/* Later verions of FreeBSD have getopt_long() */
+/* Later versions of FreeBSD have getopt_long() */
#if defined(optional_argument) && defined(required_argument)
# define HAVE_GETOPT_LONG
#endif
#define HAVE_BSD_NETWORK
#define HAVE_GETOPT_LONG
#define HAVE_SOCKADDR_SA_LEN
+#define NO_IPSET
/* Define before sys/socket.h is included so we get socklen_t */
#define _BSD_SOCKLEN_T_
/* Select the RFC_3542 version of the IPv6 socket API.
Define before netinet6/in6.h is included. */
-#define __APPLE_USE_RFC_3542
+#define __APPLE_USE_RFC_3542
+/* Required for Mojave. */
+#ifndef SOL_TCP
+# define SOL_TCP IPPROTO_TCP
+#endif
#define NO_IPSET
#elif defined(__NetBSD__)
#endif
-/* Decide if we're going to support IPv6 */
-/* We assume that systems which don't have IPv6
- headers don't have ntop and pton either */
-
-#if defined(INET6_ADDRSTRLEN) && defined(IPV6_V6ONLY)
-# define HAVE_IPV6
-# define ADDRSTRLEN INET6_ADDRSTRLEN
-#else
-# if !defined(INET_ADDRSTRLEN)
-# define INET_ADDRSTRLEN 16 /* 4*3 + 3 dots + NULL */
-# endif
-# undef HAVE_IPV6
-# define ADDRSTRLEN INET_ADDRSTRLEN
-#endif
-
-
/* rules to implement compile-time option dependencies and
the NO_XXX flags */
-#ifdef NO_IPV6
-#undef HAVE_IPV6
-#endif
-
#ifdef NO_TFTP
#undef HAVE_TFTP
#endif
#undef HAVE_DHCP6
#endif
-#if defined(NO_DHCP6) || !defined(HAVE_IPV6)
+#if defined(NO_DHCP6)
#undef HAVE_DHCP6
#endif
#define HAVE_DHCP
#endif
-#if defined(NO_SCRIPT) || !defined(HAVE_DHCP) || defined(NO_FORK)
+#if defined(NO_SCRIPT)
#undef HAVE_SCRIPT
#undef HAVE_LUASCRIPT
#endif
#undef HAVE_LOOP
#endif
+#ifdef NO_DUMPFILE
+#undef HAVE_DUMPFILE
+#endif
+
#if defined (HAVE_LINUX_NETWORK) && !defined(NO_INOTIFY)
#define HAVE_INOTIFY
#endif
/* Define a string indicating which options are in use.
- DNSMASQP_COMPILE_OPTS is only defined in dnsmasq.c */
+ DNSMASQ_COMPILE_OPTS is only defined in dnsmasq.c */
#ifdef DNSMASQ_COMPILE_OPTS
static char *compile_opts =
-#ifndef HAVE_IPV6
-"no-"
-#endif
"IPv6 "
#ifndef HAVE_GETOPT_LONG
"no-"
#ifdef HAVE_BROKEN_RTC
"no-RTC "
#endif
-#ifdef NO_FORK
-"no-MMU "
-#endif
#ifndef HAVE_DBUS
"no-"
#endif
"DBus "
+#ifndef HAVE_UBUS
+"no-"
+#endif
+"UBus "
#ifndef LOCALEDIR
"no-"
#endif
"i18n "
-#if !defined(LOCALEDIR) && !defined(HAVE_IDN)
+#if defined(HAVE_LIBIDN2)
+"IDN2 "
+#else
+ #if !defined(HAVE_IDN)
"no-"
-#endif
-"IDN "
+ #endif
+"IDN "
+#endif
#ifndef HAVE_DHCP
"no-"
#endif
"no-"
# endif
"DHCPv6 "
-# if !defined(HAVE_SCRIPT)
+#endif
+#if !defined(HAVE_SCRIPT)
"no-scripts "
-# else
-# if !defined(HAVE_LUASCRIPT)
- "no-"
-# endif
- "Lua "
+#else
+# if !defined(HAVE_LUASCRIPT)
+ "no-"
# endif
+ "Lua "
#endif
#ifndef HAVE_TFTP
"no-"
"no-"
#endif
"DNSSEC "
+#ifdef NO_ID
+"no-ID "
+#endif
#ifndef HAVE_LOOP
"no-"
#endif
#ifndef HAVE_INOTIFY
"no-"
#endif
-"inotify";
-
+"inotify "
+#ifndef HAVE_DUMPFILE
+"no-"
+#endif
+"dumpfile";
#endif