commit 9e4abcb5acb18aa1adbc22bfc3ce60e9441b02ef Author: Simon Kelley Date: Thu Jan 22 19:47:41 2004 +0000 import of dnsmasq-2.0.tar.gz diff --git a/CHANGELOG b/CHANGELOG new file mode 100644 index 0000000..a86b333 --- /dev/null +++ b/CHANGELOG @@ -0,0 +1,669 @@ +release 0.4 - initial public release + +release 0.5 - added caching, removed compiler warning on linux PPC + +release 0.6 - TCP handling: close socket and return to connect state if we + can't read the first byte. This corrects a problem seen very + occasionally where dnsmasq would loop using all available CPU. + + Added a patch from Cris Bailiff + to set SO_REUSEADDR on the tcp socket which stops problems when + dnsmasq is restarted and old connections still exist. + + Stopped claiming in doc.html that smail is the default Debian + mailer, since it isn't any longer. (Pointed out by + David Karlin ) + +release 0.7 Create a pidfile at /var/run/dnsmasq.pid + + Extensive armouring against "poison packets" courtesy of + Thomas Moestl + + Set sockaddr.sa_family on outgoing address, patch from + David Symonds + + Patch to clear cache on SIGHUP + from Jason L. Wagner + + Fix bad bug resulting from not initialising value-result + address-length parameter to recvfrom() and accept() - it + worked by luck before! + +release 0.95 Major rewrite: remove calls to gethostbyname() and talk + directly to the upstream server(s) instead. + This has many advantages. + (1) Dnsmasq no longer blocks during long lookups. + (2) All query types are handled now, (eg MX) not just internet + address queries. Addresses are cached, all other + queries are forwarded directly. + (3) Time-to-live data from upstream server is read and + used by dnsmasq to purge entries from the cache. + (4) /etc/hosts is still read and its contents served (unless + the -h option is given). + (5) Dnsmasq can get its upstream servers from + a file other than /etc/resolv.conf (-r option) this allows + dnsmasq to serve names to the machine it is running + on (put nameserver 127.0.0.1 in /etc/resolv.conf and + give dnsmasq the option -r /etc/resolv.dnsmasq) + (6) Dnsmasq will re-read it's servers if the + modification time of resolv.conf changes. Along with + 4 above this allows nameservers to be set + automatically by ppp or dhcp. + + A really clever NAT-like technique allows the daemon to have lots + of queries in progress, but still remain very lightweight. + Dnsmasq has a small footprint and normally doesn't allocate + any more memory after start-up. The NAT-like forwarding was + inspired by a suggestion from Eli Chen + +release 0.96 Fixed embarrasing thinko in cache linked-list code. + +release 0.98 Some enhancements and bug-fixes. + Thanks to "Denis Carre" and Martin + Otte + + (1) Dnsmasq now always sets the IP source address + of its replies correctly. Older versions would not always + do this on multi-homed and IP aliased hosts, which violates + the RFC. + (2) Dnsmasq no longer crashes if a server loop is created + (ie dnsmasq is told to use itself as an upstream server.) + Now it just logs the problem and doesn't use the bad + server address. + (3) Dnsmasq should now forward (but not cache) inverse queries + and server status queries; this feature has not been tested. + (4) Don't write the pid file when in non-daemon mode. + (5) Create the pid file mode 644, rather then 666 (!). + (6) Generate queries to upstream nameservers with unpredictable + ids, to thwart DNS spoofers. + (7) Dnsmasq no longer forwards queries when the + "recursion desired" bit is not set in the header. + (8) Fixed getopt code to work on compliers with unsigned char. + +release 0.991 Added -b flag: when set causes dnsmasq to always answer + reverse queries on the RFC 1918 private IP space itself and + never forward them to an upstream server. If the name is not in + /etc/hosts, dnsmasq replies with the dotted-quad address. + + Fixed a bug which stopped dnsmasq working on a box with + two or more interfaces with the same IP address. + + Fixed cacheing of CNAMEs. Previously, a CNAME which pointed + to a name with many A records would not have all the addresses + returned when being answered from the cache. + + Thanks to "Steve Hardy" for his input + on these fixes. + + Fixed race which could cause dnsmasq to miss the second of + two closely-spaced updates of resolv.conf (Thanks to Eli Chen + for pointing this out.) + + Fixed a bug which could cause dnsmasq to fail to cache some + dns names. + +release 0.992 Small change to memory allocation so that names in /etc/hosts + don't use cache slots. Also make "-c 0" flag meaningfully + disable caching completely. + +release 0.993 Return only the first (canonical) name from an entry in + /etc/hosts as reply to reverse query. + + Handle wildcard queries for names/addresses in /etc/hosts + this is mainly to allow reverse lookups by dig to succeed. + (Bug reported by Simon J. Rowe" ) + + Subtle change to the logic which selects which of multiple + upstream servers we send queries to. This fixes a problem + where dnsmasq continuously sends queries to a server which + is returning error codes and ignores one which is working. + +release 0.994 Fixed bug which broke lookup of names in /etc/hosts + which have upper-case letters in them. Thanks for Joao Clemente + for spotting that one. + + Output cache statistics on receipt of SIGUSR1. These go + to syslog except in debug (-d) mode, when a complete cache + dump goes to stdout. Suggestion from Joao Clemente, code + based in John Volpe's. + + Accept GNU long options on the command line. Code from + John Volpe for this. + + Split source code into multiple files and produced + a proper makefile. + + Included code from John Volpe to parse dhcp.leases file + written by ISC dhcpd. The hostnames in the leases file are + added to the cache and updated as dhcpd updates the + leases file. The code has been heavily re-worked by me, + so any bugs are probably mine. + +release 0.995 Small tidy-ups to signal handling and cache code. + +release 0.996 Added negative caching: If dnsmasq gets a "no such domain" reply + from an upstream nameserver, it will cache that information + for a time specified by the SOA RR in the reply. See RFC 2308 + for details. This is useful with resolver libraries + which append assorted suffices to non-FQDN in an attempt to + resolve them, causing useless cache misses. + + Added -i flag, which restricts dnsmasq to offering name service + only on specified interfaces. + +release 0.997 Deleted INSTALL script and added "install" target to makefile. + + Stopped distributing binaries in the tarball to avoid + libc version clashes. + + Fixed interface detection code to + remove spurious startup errors in rare circumstances. + + Dnsmasq now changes its uid, irrevocably, to nobody after + startup for security reasons. Thanks to Peter Bailey for + this patch. + + Cope with infinite DHCP leases. Patch thanks to + Yaacov Akiba Slama. + + Added rpm control files to .tar.gz distribution. Thanks to + Peter Baldwin at ClarkConnect for those. + + Improved startup script for rpms. Thanks to Yaacov Akiba Slama. + +release 1.0 Stable release: dnsmasq is now considered feature-complete + and stable. + +release 1.1 Added --user argument to allow user to change to + a different userid. + + Added --mx-target argument to allow mail to be delivered + away from the gateway machine running dnsmasq. + + Fixed highly obscure bug with wildcard queries for + DHCP lease derived names. + + Moved manpage from section 1 to section 8. + + Added --no-poll option. + Added Suse-rpm support. + Thanks to Joerg Mayer for the last two. + +release 1.2 Added IPv6 DNS record support. AAAA records are cached + and read from /etc/hosts. Reverse-lookups in the + ip6.int and ip6.arpa domains are suppored. Dnsmasq can + talk to upstream servers via IPv6 if it finds IP6 addresses + in /etc/resolv.conf and it offers DNS service automatically + if IPv6 support is present in the kernel. + + Extended negative caching to NODATA replies. + + Re-vamped CNAME processing to cope with RFC 2317's use of + CNAMES to PTR RRs in CIDR. + + Added config.h and a couple of symbols to aid + compilation on non-linux systems. + +release 1.3 Some versions of the Linux kernel return EINVAL rather + then ENPROTONOSUPPORT when IPv6 is not available, + causing dnsmasq to bomb out. This release fixes that. + Thanks to Steve Davis for pointing this one out. + + Trivial change to startup logic so that dnsmasq logs + its stuff and reads config files straight away on + starting, rather than after the first query - principle + of least surprise applies here. + +release 1.4 Fix a bug with DHPC lease parsing which broke in + non-UTC timezones. Thanks to Mark Wormgoor for + spotting and diagnosing this. Fixed versions in + the .spec files this time. Fixed bug in Suse startup + script. Thanks to Didi Niklaus for pointing this out. + +release 1.5 Added --filterwin2k option which stops dnsmasq from forwarding + "spam" queries from win2k boxes. This is useful to stop spurious + connections over dial-on-demand links. Thanks to Steve Hardy + for this code. + + Clear "truncated" bit in replies we return from upstream. This + stops resolvers from switching to TCP, which is pointless since + dnsmasq doesn't support TCP. This should solve problems + in resolving hotmail.com domains. + + Don't include getopt.h when Gnu-long-options are disabled - + hopefully this will allow compilation on FreeBSD. + + Added the --listen-address and --pid-file flags. + + Fixed a bug which caused old entries in the DHCP leases file + to be used in preference to current ones under certain + circumstances. + +release 1.6 If a machine gets named via DHCP and the DHCP name doesn't have + a domain part and domain suffix is set using the -s flag, then + that machine has two names with the same address, with and + without the domain suffix. When doing a _reverse_ lookup to + get the name, the "without suffix" name used to be returned, + now the "with suffix" one gets returned instead. This change + suggested by Arnold Schulz. + + Fixed assorted typos in the documentation. Thanks + to David Kimdon. + + Subtle rearrangement to the downloadable tarball, and stopped + distributing .debs, since dnsmasq is now an official Debian + package. + +release 1.7 Fix a problem with cache not clearing properly + on receipt of SIGHUP. Bug spotted by Sat Deshpande. + + In group-id changing code: + 1) Drop supplimentary groups. + 2) Change gid before dropping root (patch from Soewono Effendi.) + 3) Change group to "dip" if it exists, to allow access + to /etc/ppp/resolv.conf (suggestion from Jorg Sommer.) + Update docs to reflect above changes. + + Other documentation changes from David Miller. + Added suggested script fragment for dhcpcd.exe. + +release 1.8 Fix unsafe use of tolower() macro - allows linking against + ulibc. (Patches from Soewono Effendi and Bjorn Andersson.) + + Fix typo in usage string. + + Added advice about RedHat PPP configuration to + documentation. (Thanks to C. Lee Taylor.) + + Patches to fix problems on BSD systems from Marc Huber + and Can Erkin Acar. These add the options + HAVE_ARC4RANDOM and HAVE_SOCKADDR_SA_LEN to config.h. + Elaborated config.h - should really use autoconf. + + Fix time-to-live calculation when chasing CNAMEs. + + Fix use-after-free and missing initialisation bugs in + the cache code. (Thanks to Marc Huber.) + + Builds on Solaris 9. (Thanks to Marc Huber.) + +release 1.9 Fixes to rpm .spec files. + + Don't put expired DHCP entries into the cache only to + throw them away again. + + Put dnsmasq on a severe memory diet: this reduces both + the amount of heap space used and the stack size + required. The difference is not really visible with + bloated libcs like glibc, but should dramatically reduce + memory requirements when linked against ulibc for use on + embeded routers, and that's the point really. Thanks to + Matthew Natalier for prompting this. + + Changed debug mode (-d) so that all logging appears on + stderr as well as going to syslogd. + + Added HAVE_IPV6 config symbol to allow compilation + against a libc which doesn't have IPv6 support. + + Added a facility to log all queries, enabled with -q flag. + + Fixed packet size checking bug in address extraction code. + + Halved default cache size - 300 was way OTT in typical use. + + Added self-MX function, enabled by -e flag. Thanks to + Lyonel Vincent for the patch. + + Added HAVE_FORK config symbol and stuff to support + uClinux. Thanks to Matthew Natalier for uClinux stuff. + +release 1.10 Log warnings if resolv.conf or dhcp.leases are not + accessable for any reason, as suggested by Hinrich Eilts. + + Fixed wrong address printing in error message about + no interface with address. + + Updated docs and split installation instuctions into setup.html. + + Fix bug in CNAME chasing code: One CNAME pointing + to many A records would lose A records after the + first. This bug was introduced in version 1.9. + + Log startup failures at level Critical as well as + printing them to standard error. + Exit with return code 1 when given bad options. + + Cleaned up code for no-cache operation. + + Added -o option which forces dnsmasq to use to + upstream servers in the order they appear in /etc/resolv.conf. + + Added upstream server use logging. + + Log full cache dump on receipt of SIGUSR1 when query + logging is enabled (-q switch). + + Added -S option to directly specify upstream servers and + added ability to direct queries for specific domains to + specfic servers. Suggested by Jens Vonderheide. + + Upgraded random ID generation - patch from Rob Funk. + + Fixed reading of domains in arguments with capital + letters or trailing periods. + + Fixed potential SEGV when given bad options. + + Read options from /etc/dnsmasq.conf if it exists. + Do sensible things with missing parameters, eg + "--resolv-file=" turns off reading /etc/resolv.conf. + +release 1.11 Actually implement the -R flag promised in the 1.10 man page. + + Improve and rationalise the return codes in answers to + queries. In the case that there are no available + upstream servers to forward a query to, return REFUSED. + This makes sendmail work better on modem connected + systems when the modem link is down (Thanks to Roger Plant). + Cache and return the NXDOMAIN status of failed queries: + this makes the `host` command work when traversing search + paths (Thanks to Peter Bailey). Set the "authoritative" + bit in replies containing names from /etc/hosts or DHCP. + + Tolerate MS-DOS style line ending codes in /etc/hosts + and /etc/resolv.conf, for people who copy from winsock + installations. + + Allow specification of more than one resolv.conf file. This is + intended for laptops which connect via DHCP or + PPP. Whichever resolv.conf was updated last is used. + + Allow -S flags which specify a domain but no server + address. This gives local domains which are never forwarded. + + Add -E flag to automatically add the domain suffix to + names in /etc/hosts -suggestion from Phil Harman. + + Always return a zero time-to-live for names derived from + DHCP which stops anthing else caching these + names. Previously the TTL was derived from the lease + time but that is incorrect since a lease can be given + up early: dnsmasq would know this but anything with the + name cached with long TTL would not be updated. + + Extended HAVE_IPV6 config flag to allow compliation on + old systems which don't have modern library routines + like inet_ntop(). Thanks to Phil Harman for the patch. + +release 1.12 Allow more than one domain in server config lines and + make "local" a synonym for "server". This makes things + like "local=/localnet/thekelleys.org.uk/" legal. Allow + port to specified as part of server address. + + Allow whole domains to have an IP address specified + in /etc/dnsmasq.conf. (/etc/hosts doesn't work domains). + address=/doubleclick.net/127.0.0.1 should catch all + those nasty banner ads. Inspired by a patch + from Daniel Gryniewicz + + Log the source of each query when logging switched on. + + Fix bug in script fragment for dhcpcd - thanks to Barry Stewart. + + Fix bug which meant that strict-order and self-mx were + always enabled. + + Builds with Linux libc5 now - for the Freesco project. + + Fixed Makefile installation script (patch from Silvan + Minghetti) and added CC and CFLAGS variables. + + Improve resource allocation to reduce vulnerability to + DOS attacks - the old version could have all queries + blocked by a continuous high-speed stream of + queries. Now some queries will succeed, and the excess + will be rejected with a server fail error. This change also + protects against server-loops; setting up a resolving + loop between two instances of dnsmasq is no longer + catastrophic. The servers will continue to run, looped + queries fail and a warning is logged. Thanks to C. Lee + Taylor for help with this. + +release 1.13 Added support for building rpms suitable for modern Suse + systems. (patch from Andi ) + + Added options --group, --localmx, --local-ttl, + --no-negcache, --addn-host. + + Moved all the various rpm-building bits into /rpm. + + Fix builds with glibc 2.1 (thanks to Cristian + Ionescu-Idbohrn) + + Preserve case in domain names, as per RFC1035. + + Fixed ANY queries to domains with --address specification. + + Fixed FreeBSD build. (thanks to Steven Honson) + + Added -Q option which allows a specified port to be used + to talk to upstream servers. Useful for people who want + very paranoid firewalls which open individual UDP port. + (thanks to David Coe for the patch) + +release 1.14 Fixed man page description of -b option which confused + /etc/hosts with /etc/resolv.conf. (thanks to Christopher + Weimann) + + Fixed config.h to allow building under MACOS X and glibc + 2.0.x. (thanks to Matthew Gregan and Serge Caron) + + Added --except-interface option. (Suggested by Serge Caron) + + Added SIGUSR2 facility to re-scan for new + interfaces. (Suggested by Serge Caron) + + Fixed SEGV in option-reading code for invalid options. + (Thanks to Klaas Teschauer) + + Fixed man page to clarify effect of SIGUSR1 on + /etc/resolv.conf. + (Thanks to Klaas Teschauer) + + Check that recieved queries have only rfc1035-legal characters + in them. This check is mainly to avoid bad strings being + sent to syslog. + + Fixed &&/& confusion in option.c and added DESTDIR + variable for "make install" (Thanks to Osvaldo + Marques for the patch.) + + Fixed /etc/hosts parsing code to cope with MS-DOS + line-ends in the file. This was supposed to be done in + version 1.11, but something got missed. (Thanks to Doug + Copestake for helping to find this.) + + Squash repeated name/address pairs read from hosts + files. + + Tidied up resource handling in util.c (Thanks to + Cristian Ionescu-Idbohrn). + + Added hashed searching of domain names. People are starting + to use dnsmasq with larger loads now, and bigger caches, + and large lists of ad-block addresses. This means doing + linear searches can start to use lots of CPU so I added hashed + searching and seriously optimised the cache code for + algorithmic efficiency. Also upped the limit on cache + size to 10000. + + Fixed logging of the source of names from the additional + hosts file and from the "bogus private address" option. + + Fixed spurious re-reading of empty lease files. (Thanks + to Lewis Baughman for spotting this.) + + Fixed building under uclibc (patch from Cristian Ionescu-Idbohrn) + + Do some socket tweaking to allow dnsmasq to co-exist + with BIND. Thanks to Stefan 'Sec' Zehl for the patch. + +release 1.15 Added --bogus-nxdomain option. + + Restrict checking of resolv.conf and DHCP leases files + to once per second. This is intended to improve + performance under heavy loads. Also make a system call + to get the current time once per query, rather than four + times. + + Increased number of outstanding queries to 150 in + config.h + +release 1.16 Allow "/" characters in domain names - this fixes + caching of RFC 2317 CNAME-PTR records. + + Fixed brain-fart in -B option when GETOPT_LONG not + enabled - thanks to Steven Young and Jason Miller + for pointing this out. + + Generalised bogus-nxdomain code: allow more than one + address to check, and deal with replies with multiple + answer records. (Based on contribution from Humberto + Massa.) + + Updated the documentation to include information about + bogus-nxdomain and the Verisign tragedy. + + Added libraries needed on Solaris to Makefile. + + Added facility to set source address in queries to + upstream nameservers. This is useful with multihomed + hosts, especially when using VPNs. Thanks to Tom Fanning + for suggesting this feature. + + Tweaked logging: log to facility LOCAL0 when in + debug/no-daemon mode and changed level of query logging + from INFO to DEBUG. Make log options controllable in + config.h + +release 1.17 Fixed crash with DHCP hostnames > 40 characters. + + Fixed name-comparision routines to not depend on Locale, + in theory this versions since 1.15 could lock up or give + wrong results when run with locale != 'C'. + + Fix potential lockup in cache code. (thanks to Henning + Glawe for help chasing this down.) + + Made lease-file reader bullet-proof. + + Added -D option, suggested by Peter Fichtner. + +release 1.18 Added round-robin DNS for names which have more than one + address. In this case all the addresses will be + returned, as before, but the order will change on each + query. + + Remove stray tolower() and isalnum() calls missed in + last release to complete LOCALE independence. + + Allow port numbers in source-address specifications. + + For hostnames without a domain part which don't get + forwarded because -D is in effect, return NXDOMAIN not + an empty reply. + + Add code to return the software version in repsonse to the + correct magic query in the same way as BIND. Use + "dig version.bind chaos txt" to make the query. + + Added negative caching for PTR (address to name) records. + + Ensure that names of the form typically used in PTR queries + (ie w.x.yz.in-addr.arpa and IPv6 equivalents) get + correct answers when queried as other types. It's + unlikely that anyone would do this, but the change makes + things pedantically correct. + + Taught dnsmasq to understand "bitstring" names, as these + are used for PTR lookups of IPv6 addresses by some + resolvers and lookup tools. Dnsmasq now understands both + the ip6.int domain and the ip6.arpa domain and both + nibble and bitstring formats so it should work with any + client code. Standards for this stuff have flip-flopped + over the last few years, leaving many different clients + in their wake. See RFC2673 for details of bitstrings. + + Allow '_' characters in domain names: Legal characters + are now [a-z][A-Z].-_ Check names read from hosts files + and leases files and reject illegal ones with a message + in syslog. + + Make empty domain names in server and address options + have the special meaning "unqualified + names". (unqualified names are names without any dots in + them). It's now possible to do server=//1.2.3.4 and have + unqualified names sent to a special nameserver. + +release 2.0rc1 + Moved source code into src/ directory. + + Fixes to cure compilation breakage when HAVE_IPV6 not + set, thanks to Claas Hilbrecht. + + BIG CHANGE: added an integrated DHCP server and removed + the code to read ISC dhcp.leases. This wins in terms + of ease of setup and configuration flexibility and + total machine resources consumed. + + Re-jiged the signal handling code to remove a race + condition and to be more portable. + +release 2.0 + Thanks to David Ashworth for feedback which informed many + of the fixes below. + + Allow hosts to be specified by client ID in dhcp-hosts + options. These are now one of + dhcp-host=,.... + dhcp-host=id:,..... + dhcp-host=id:,..... + + Allow dhcp-host options to specify any IP address on the + DHCP-served network, not just the range available for + dynamic allocation. + + Allow dhcp-host options for the same host with different + IP adresses where the correct one will be selected for + the network the host appears on. + + Fix parsing of --dhcp-option to allow more than one + IP address and to allow text-type options. + + Inhibit use of --dhcp-option to send hostname DHCP options. + + Update the DNS with DHCP information after re-reading + /etc/hosts so that any DHCP derived names which have been + shadowed by now-deleted hosts entries become visible. + + Fix typos in dnsmasq.conf.example + + Fixes to Makefile(s) to help pkgsrc packaging - patch + from "pancake". + + Add dhcp-boot option to support network boot. + + Check for duplicate IP addresses in dhcp-hosts lines + and refuse to run if found. If allowed to remain these + can provoke an infinite loop in the DHCP protocol. + + Attempted to rationalise the .spec files for rpm + building. There are now files for Redhat, Suse and + Mandrake. I hope they work OK. + + Fixed hard-to-reproduce crash involving use of local + domains and IPv6 queries. Thanks to Roy Marples for + helping to track that one down. + + diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..60549be --- /dev/null +++ b/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) 19yy + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/FAQ b/FAQ new file mode 100644 index 0000000..94af7d1 --- /dev/null +++ b/FAQ @@ -0,0 +1,161 @@ +Q: Why does dnsmasq open UDP ports >1024 as well as port 53. + Is this a security problem/trojan/backdoor? + +A: The high ports that dnsmasq opens is for replies from the upstream + nameserver(s). Queries from dnsmasq to upstream nameservers are sent + from these ports and replies received to them. The reason for doing this is + that most firewall setups block incoming packets _to_ port 53, in order + to stop DNS queries from the outside world. If dnsmasq sent its queries + from port 53 the replies would be _to_ port 53 and get blocked. + + This is not a security hole since dnsmasq will only accept replies to that + port: queries are dropped. The replies must be to oustanding queries + which dnsmasq has forwarded, otherwise they are dropped too. + + Addendum: dnsmasq now has the option "query-port" (-Q), which allows + you to specify the UDP port to be used for this purpose. If not + specified, the operating system will select an available port number + just as it did before. + +Q: Why doesn't dnsmasq support DNS queries over TCP? Don't the RFC's specify + that? + +A: Yes, they do, so technically dnsmasq is not RFC-compliant. In practice, the + sorts of queries which dnsmasq is used for are always sent via UDP. Adding + TCP support would make dnsmasq much more heavyweight for no practical + benefit. If you really want to do zone transfers, forward port 53 TCP + using in-kernel port-forwarding or a port-fowarder like rinetd. + + +Q: When I send SIGUSR1 to dump the contents of the cache, some entries have + no IP address and are for names like mymachine.mydomain.com.mydomain.com. + What are these? + +A: They are negative entries: that's what the N flag means. Dnsmasq asked + an upstream nameserver to resolve that address and it replied "doesn't + exist, and won't exist for hours" so dnsmasq saved that information so + that if _it_ gets asked the same question it can answer directly without + having to go back to the upstream server again. The strange repeated domains + result from the way resolvers search short names. See "man resolv.conf" for + details. + + +Q: Will dnsmasq compile/run on non-Linux systems? + +A: Yes, there is explicit support for *BSD and Solaris. + For other systems, try altering the settings in config.h. + +A: Update for V2. Doing DHCP is rather non-portable, so there may be + a few teething troubles. The initial 2.0 release is known to work + on Linux 2.2.x, Linux 2.4.x and Linux 2.6.x with uclibc and glibc + 2.3. It also works on FreeBSD 4.8. The crucial problem is sending + raw packets, bypassing the IP stack. Dnsmasq contains code to do + using PF_PACKET sockets (which is for Linux) and the Berkeley packet + filter (which works with BSD). If you are trying to port to another + Un*x, bpf is the most likeley candidate. See config.h + +Q: My companies' nameserver knows about some names which aren't in the + public DNS. Even though I put it first in /etc/resolv.conf, it + dosen't work: dnsmasq seems not to use the nameservers in the order + given. What am I doing wrong? + +A: By default, dnsmasq treats all the nameservers it knows about as + equal: it picks the one to use using an algorithm designed to avoid + nameservers which aren't responding. To make dnsmasq use the + servers in order, give it the -o flag. If you want some queries + sent to a special server, think about using the -S flag to give the + IP address of that server, and telling dnsmasq exactly which + domains to use the server for. + +Q: OK, I've got queries to a private nameserver working, now how about + reverse queries for a range of IP addresses? + +A: Use the standard DNS convention of .in-addr.arpa. + For instance to send reverse queries on the range 192.168.0.0 to + 192.168.0.255 to a nameserver at 10.0.0.1 do + server=/0.168.192.in-addr.arpa/10.0.0.1 + +Q: Dnsmasq fails to start with an error like this: "dnsmasq: bind + failed: Cannot assign requested address". What's the problem? + +A: This has been seen when a system is bringing up a PPP interface at + boot time: by the time dnsmasq start the interface has been + created, but not brought up and assigned an address. The easiest + solution is to use --interface flags to specify which interfaces + dnsmasq should listen on. Since you are unlikely to want dnsmasq to + listen on a PPP interface and offer DNS service to the world, the + problem is solved. + +Q: I'm running on BSD and dnsmasq won't accept long options on the + command line. + +A: Dnsmasq when built on BSD systems doesn't use GNU getopt by + default. You can either just use the single-letter options or + change config.h and the Makefile to use getopt-long. Note that + options in /etc/dnsmasq.conf must always be the long form, + on all platforms. + +Q: Names on the internet are working fine, but looking up local names + from /etc/hosts or DHCP doesn't seem to work. + +A: Resolver code sometime does strange things when given names without + any dots in. Win2k and WinXP may not use the DNS at all and just + try and look up the name using WINS. On unix look at "options ndots:" + in "man resolv.conf" for details on this topic. Testing lookups + using "nslookup" or "dig" will work, but then attempting to run + "ping" will get a lookup failure, appending a dot to the end of the + hostname will fix things. (ie "ping myhost" fails, but "ping + myhost." works. The solution is to make sure that all your hosts + have a domain set ("domain" in resolv.conf, the network applet in + windows, or set a domain in your DHCP server). Any domain will do, + but "localnet" is traditional. Now when you resolve "myhost" the + resolver will attempt to look up "myhost.localnet" so you need to + have dnsmasq reply to that name. The way to do that is to include + the domain in each name on /etc/hosts and/or to use the + --expand-hosts and --domain-suffix options. + +Q: Can I get dnsmasq to save the contents of its cache to disk when + I shut my machine down and re-load when it starts again. + +A: No, that facility is not provided. Very few names in the DNS have + their time-to-live set for longer than a few hours so most of the + cache entries would have expired after a shutdown. For longer-lived + names it's much cheaper to just reload them from the upstream + server. Note that dnsmasq is not shut down between PPP sessions so + go off-line and then on-line again will not lose the contents of + the cache. + +Q: Who are Verisign, what do they have to do with the bogus-nxdomain + option in dnsmasq and why should I wory about it? + +A: [note: this was written in September 2003, things may well change.] + Versign run the .com and .net top-level-domains. They have just + changed the configuration of their servers so that unknown .com and + .net domains, instead of returning an error code NXDOMAIN, (no such + domain) return the address of a host at Versign which runs a web + server showing a search page. Most right-thinking people regard + this new behaviour as broken :-). You can test to see if you are + suffering Versign brokeness by run a command like + + host jlsdajkdalld.com + + If you get "jlsdajkdalld.com" does not exist, then all is fine, if + host returns an IP address, then the DNS is broken. (Try a few + different unlikely domains, just in case you picked a wierd one + which really _is_ registered.) + + Assuming that your DNS is broken, and you want to fix it, simply + note the IP address being returned and pass it to dnsmasq using the + --bogus-nxdomain flag. Dnsmasq will check for results returning + that address and substitute an NXDOMAIN instead. + + As of writing, the IP address in question for the .com and .net + domains is is 64.94.110.11. Various other, less prominent, + registries pull the same stunt; there is a list of them all, and + the addresses to block, at http://winware.org/bogus-domains.txt + + + + + + diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..8c13ae8 --- /dev/null +++ b/Makefile @@ -0,0 +1,22 @@ +PREFIX?=/usr/local +BINDIR = ${PREFIX}/sbin +MANDIR = ${PREFIX}/man + +SRC = src + +CFLAGS?= -O2 + +all : + @cd $(SRC); $(MAKE) dnsmasq + +clean : + rm -f *~ */*~ $(SRC)/*.o $(SRC)/dnsmasq core build + +install : $(SRC)/dnsmasq + install -d $(DESTDIR)$(BINDIR) -d $(DESTDIR)$(MANDIR)/man8 + install -m 644 dnsmasq.8 $(DESTDIR)$(MANDIR)/man8 + install -m 755 $(SRC)/dnsmasq $(DESTDIR)$(BINDIR) + + + + diff --git a/UPGRADING_to_2.0 b/UPGRADING_to_2.0 new file mode 100644 index 0000000..d17940c --- /dev/null +++ b/UPGRADING_to_2.0 @@ -0,0 +1,65 @@ + + + Upgrading to dnsmasq V2 + ----------------------- + +Version 1.x of dnsmasq includes a facility for reading the dhcp.leases +file written by ISC dhcpd. This allows the names of machines which +have addresses allocated by DHCP to be included in the DNS. + +Version 2.x of dnsmasq removes the ISC dhcpd integration and replaces +it with a DHCP server integrated into dnsmasq. This is an incompatible +change in dnsmasq but it has the following advantages: + +* Small. ISC dhcpd is a large and comprehensive DHCP solution. The + dnsmasq DHCP server adds about 15k to DNS-only dnsmasq and provides + all the facilities likely to be needed in the sort of networks + which are targeted by dnsmasq. + +* Easy to configure. All configuration is in one file and there are + sensible defaults for common settings. Many applications will need + just one extra line in /etc/dnsmasq.conf which tells it the range of + addresses to allocate to DHCP. + +* Support for static leases. When static leases are used with ISC DHCP + they don't appear in the dhcp.leases file (since that file is used + for storage of dynamic leases which aren't pre-configured.) Hence + static leases cannot be used with dnsmasq unless each machine with a + static lease is also inserted into /etc/hosts. This is not required + with the dnsmasq DHCP server. + + + + DHCP configuration + ------------------ + +To convert an installation which is currently using ISC dhcpd, remove +the ISC DHCP daemon. Unless you want dnsmasq to use the same file +to store its leases it is necessary to remove the configuration line in +/etc/dnsmasq.conf which specifies the dhcp.leases file. + +To enable DHCP, simply add a line like this to /etc/dnsmasq.conf + +dhcp-range=192.168.0.100,192,168.0.200,12h + +which tells dnsmasq to us the addresses 192.168.0.100 to 192.168.0.200 +for dynamic IP addresses, and to issue twelve hour leases. + +Each host will have its default route and DNS server set to be the +address of the host running dnsmasq, and its netmask and broadcast +address set correctly, so nothing else at all is required for a +minimal system. Hosts which include a hostname in their DHCP request +will have that name and their allocated address inserted into the DNS, +in the same way as before. + +Having started dnsmasq, tell any hosts on the network to renew their +DHCP lease, so that dnsmasq's DHCP server becomes aware of them. For +Linux, this is best done by killing-and-restarting the DHCP client +daemon or taking the network interface down and then back up. For +Windows use winipcfg.exe + + +For more complex DHCP configuration, refer to the doc/setup.html, the +dnsmasq manpage and the annotated example configuration file. + + diff --git a/dnsmasq-mdk.spec b/dnsmasq-mdk.spec new file mode 100644 index 0000000..5ec3664 --- /dev/null +++ b/dnsmasq-mdk.spec @@ -0,0 +1,130 @@ +############################################################################### +# +# General mumbojumbo +# +############################################################################### + +Name: dnsmasq +Version: 2.0 +Release: 1 +Copyright: GPL +Group: System Environment/Daemons +Vendor: Simon Kelley +Packager: Simon Kelley +Distribution: Mandrake Linux +URL: http://www.thekelleys.org.uk/dnsmasq +Source0: %{name}-%{version}.tar.gz +Requires: chkconfig +BuildRoot: /var/tmp/%{name}-%{version} +Summary: A lightweight caching nameserver + +%description +Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It +is designed to provide DNS and, optionally, DHCP, to a small network. It can +serve the names of local machines which are not in the global DNS. The DHCP +server integrates with the DNS server and allows machines with DHCP-allocated +addresses to appear in the DNS with names configured either in each host or +in a central configuration file. Dnsmasq supports static and dynamic DHCP +leases and BOOTP for network booting of diskless machines. + + +############################################################################### +# +# Build +# +############################################################################### + +%prep +%setup -q +%build +make + + +############################################################################### +# +# Install +# +############################################################################### + +%install +rm -rf $RPM_BUILD_ROOT + +mkdir -p -m 755 $RPM_BUILD_ROOT/usr/sbin +mkdir -p -m 755 $RPM_BUILD_ROOT/etc/rc.d/init.d +mkdir -p -m 755 $RPM_BUILD_ROOT/usr/share/man/man8 + +cp rpm/dnsmasq.rh $RPM_BUILD_ROOT/etc/rc.d/init.d/dnsmasq +strip src/dnsmasq +cp src/dnsmasq $RPM_BUILD_ROOT/usr/sbin +cp dnsmasq.8 $RPM_BUILD_ROOT/usr/share/man/man8 +cp dnsmasq.conf.example $RPM_BUILD_ROOT/etc/dnsmasq.conf +############################################################################### +# +# Clean up +# +############################################################################### + +%clean +rm -rf $RPM_BUILD_ROOT + + +############################################################################### +# +# Post-install scriptlet +# +############################################################################### + +%post +/sbin/chkconfig --add dnsmasq + + +############################################################################### +# +# Pre-uninstall scriptlet +# +# If there's a time when your package needs to have one last look around before +# the user erases it, the place to do it is in the %preun script. Anything that +# a package needs to do immediately prior to RPM taking any action to erase the +# package, can be done here. +# +############################################################################### + +%preun +if [ $1 = 0 ]; then # execute this only if we are NOT doing an upgrade + service dnsmasq stop >/dev/null 2>&1 + /sbin/chkconfig --del dnsmasq +fi + + +############################################################################### +# +# Post-uninstall scriptlet +# +# The %postun script executes after the package has been removed. It is the +# last chance for a package to clean up after itself. +# +############################################################################### + +%postun +if [ "$1" -ge "1" ]; then + service dnsmasq restart >/dev/null 2>&1 +fi + + +############################################################################### +# +# File list +# +############################################################################### + +%files +%defattr(-,root,root) +%doc CHANGELOG COPYING FAQ doc.html setup.html UPGRADING_to_2.0 +%attr(0755,root,root) /etc/rc.d/init.d/dnsmasq +%attr(0664,root,root) /etc/dnsmasq.conf +%config /etc/rc.d/init.d/dnsmasq +%config /etc/dnsmasq.conf +%attr(0755,root,root) /usr/sbin/dnsmasq +%attr(0644,root,root) /usr/share/man/man8/dnsmasq.8.bz2 + + diff --git a/dnsmasq-rh.spec b/dnsmasq-rh.spec new file mode 100644 index 0000000..2114ac5 --- /dev/null +++ b/dnsmasq-rh.spec @@ -0,0 +1,133 @@ +############################################################################### +# +# General mumbojumbo +# +############################################################################### + +Name: dnsmasq +Version: 2.0 +Release: 1 +Copyright: GPL +Group: System Environment/Daemons +Vendor: Simon Kelley +Packager: Simon Kelley +Distribution: Red Hat Linux +URL: http://www.thekelleys.org.uk/dnsmasq +Source0: %{name}-%{version}.tar.gz +Requires: chkconfig +BuildRoot: /var/tmp/%{name}-%{version} +Summary: A lightweight caching nameserver + +%description +Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It +is designed to provide DNS and, optionally, DHCP, to a small network. It can +serve the names of local machines which are not in the global DNS. The DHCP +server integrates with the DNS server and allows machines with DHCP-allocated +addresses to appear in the DNS with names configured either in each host or +in a central configuration file. Dnsmasq supports static and dynamic DHCP +leases and BOOTP for network booting of diskless machines. + + + +############################################################################### +# +# Build +# +############################################################################### + +%prep +%setup -q +%build +make + + +############################################################################### +# +# Install +# +############################################################################### + +%install +rm -rf $RPM_BUILD_ROOT + +mkdir -p -m 755 $RPM_BUILD_ROOT/usr/sbin +mkdir -p -m 755 $RPM_BUILD_ROOT/etc/rc.d/init.d +mkdir -p -m 755 $RPM_BUILD_ROOT/usr/share/man/man8 + +cp rpm/dnsmasq.rh $RPM_BUILD_ROOT/etc/rc.d/init.d/dnsmasq +strip src/dnsmasq +cp src/dnsmasq $RPM_BUILD_ROOT/usr/sbin +cp dnsmasq.8 $RPM_BUILD_ROOT/usr/share/man/man8 +gzip $RPM_BUILD_ROOT/usr/share/man/man8/dnsmasq.8 +cp dnsmasq.conf.example $RPM_BUILD_ROOT/etc/dnsmasq.conf + +############################################################################### +# +# Clean up +# +############################################################################### + +%clean +rm -rf $RPM_BUILD_ROOT + + +############################################################################### +# +# Post-install scriptlet +# +############################################################################### + +%post +/sbin/chkconfig --add dnsmasq + + +############################################################################### +# +# Pre-uninstall scriptlet +# +# If there's a time when your package needs to have one last look around before +# the user erases it, the place to do it is in the %preun script. Anything that +# a package needs to do immediately prior to RPM taking any action to erase the +# package, can be done here. +# +############################################################################### + +%preun +if [ $1 = 0 ]; then # execute this only if we are NOT doing an upgrade + service dnsmasq stop >/dev/null 2>&1 + /sbin/chkconfig --del dnsmasq +fi + + +############################################################################### +# +# Post-uninstall scriptlet +# +# The %postun script executes after the package has been removed. It is the +# last chance for a package to clean up after itself. +# +############################################################################### + +%postun +if [ "$1" -ge "1" ]; then + service dnsmasq restart >/dev/null 2>&1 +fi + + +############################################################################### +# +# File list +# +############################################################################### + +%files +%defattr(-,root,root) +%doc CHANGELOG COPYING FAQ doc.html setup.html UPGRADING_to_2.0 +%config /etc/rc.d/init.d/dnsmasq +%config /etc/dnsmasq.conf +%attr(0755,root,root) /etc/rc.d/init.d/dnsmasq +%attr(0664,root,root) /etc/dnsmasq.conf +%attr(0755,root,root) /usr/sbin/dnsmasq +%attr(0644,root,root) /usr/share/man/man8/dnsmasq.8.gz + + diff --git a/dnsmasq-suse.spec b/dnsmasq-suse.spec new file mode 100644 index 0000000..1961942 --- /dev/null +++ b/dnsmasq-suse.spec @@ -0,0 +1,111 @@ +############################################################################### +# +# General +# +############################################################################### + +Name: dnsmasq +Version: 2.0 +Release: 1 +Copyright: GPL +Group: Productivity/Networking/DNS/Servers +Vendor: Simon Kelley +Packager: Simon Kelley +URL: http://www.thekelleys.org.uk/dnsmasq +Provides: dns_daemon +Conflicts: bind bind8 bind9 +PreReq: %fillup_prereq %insserv_prereq +Autoreqprov: on +Source0: %{name}-%{version}.tar.gz +BuildRoot: /var/tmp/%{name}-%{version} +Summary: A lightweight caching nameserver + +%description +Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It +is designed to provide DNS and, optionally, DHCP, to a small network. It can +serve the names of local machines which are not in the global DNS. The DHCP +server integrates with the DNS server and allows machines with DHCP-allocated +addresses to appear in the DNS with names configured either in each host or +in a central configuration file. Dnsmasq supports static and dynamic DHCP +leases and BOOTP for network booting of diskless machines. + + + +############################################################################### +# +# Build +# +############################################################################### + +%prep +%setup -q +%build +%{?suse_update_config:%{suse_update_config -f}} +make + +############################################################################### +# +# Install +# +############################################################################### + +%install +rm -rf $RPM_BUILD_ROOT +mkdir -p ${RPM_BUILD_ROOT}/etc/init.d +mkdir -p ${RPM_BUILD_ROOT}/usr/sbin +mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man8 +install -o root -g root -m 755 rpm/rc.dnsmasq-suse $RPM_BUILD_ROOT/etc/init.d/dnsmasq +install -o root -g root -m 644 dnsmasq.conf.example $RPM_BUILD_ROOT/etc/dnsmasq.conf +strip src/dnsmasq +install -o root -g root -m 755 src/dnsmasq $RPM_BUILD_ROOT/usr/sbin +ln -sf ../../etc/init.d/dnsmasq $RPM_BUILD_ROOT/usr/sbin/rcdnsmasq +gzip -9 dnsmasq.8 +install -o root -g root -m 644 dnsmasq.8.gz $RPM_BUILD_ROOT%{_mandir}/man8 + +############################################################################### +# +# Clean up +# +############################################################################### + +%clean +rm -rf $RPM_BUILD_ROOT + +############################################################################### +# +# Post-install scriptlet +# +############################################################################### + +%post +%{fillup_and_insserv dnsmasq} + +############################################################################### +# +# Post-uninstall scriptlet +# +# The %postun script executes after the package has been removed. It is the +# last chance for a package to clean up after itself. +# +############################################################################### + +%postun +%{insserv_cleanup} + +############################################################################### +# +# File list +# +############################################################################### + +%files +%defattr(-,root,root) +%doc CHANGELOG COPYING FAQ doc.html setup.html UPGRADING_to_2.0 +%config /etc/init.d/dnsmasq +%config /etc/dnsmasq.conf +/usr/sbin/rcdnsmasq +/usr/sbin/dnsmasq +%doc %{_mandir}/man8/dnsmasq.8.gz + + + diff --git a/dnsmasq.8 b/dnsmasq.8 new file mode 100644 index 0000000..af4cd29 --- /dev/null +++ b/dnsmasq.8 @@ -0,0 +1,395 @@ +.TH DNSMASQ 8 +.SH NAME +dnsmasq \- A lightweight DHCP and caching DNS server. +.SH SYNOPSIS +.B dnsmasq +.I [OPTION]... +.SH "DESCRIPTION" +.BR dnsmasq +is a lightweight DNS and DHCP server. It is intended to provide coupled DNS and DHCP service to a +LAN. +.PP +Dnsmasq accepts DNS queries and either answers them from a small, local, +cache or forwards them to a real, recursive, DNS server. It loads the +contents of /etc/hosts so that local hostnames +which do not appear in the global DNS can be resolved and also answers +DNS queries for DHCP configured hosts. +.PP +.BR dnsmasq +supports IPv6. +.PP +.BR dnsmasq +is lightweight and easy to configure. It is intended as be run on +small router/firewalls and provide a DNS (and optionally, DHCP) service to a LAN. +.SH OPTIONS +Note that in general missing parameters are allowed and switch off +functions, for instance "--pid-file=" disables writing a PID file. +.TP +.B \-h, --no-hosts +Don't read the hostnames in /etc/hosts. +.TP +.B \-H, --addn-hosts= +Additional hosts file. Read the specified file as well as /etc/hosts. If -h is given, read +only the specified file. At most one additional hosts file may be +given. +.TP +.B \-T, --local-ttl=