Commit Graph

70 Commits

Author SHA1 Message Date
Felix Fietkau
56f6d35716 dnsmasq: Add option --min-port
By default dnsmasq uses random ports for outbound dns queries;
when the minport UCI option is specified the ports used will
always be larger than the specified value.
This is usefull for systems behind firewalls.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 48244
2016-01-15 11:24:15 +00:00
Jo-Philipp Wich
722badfa82 dnsmasq: add local hostname record for own lan ula address as well
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48214
2016-01-12 10:03:50 +00:00
John Crispin
a621edbb0a dnsmasq: Add option --no-ping
By default dnsmasq sends an ICMP echo request before allocating
an IP address to a host; the uci option noping allows to disable
this check.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 47974
2015-12-23 14:43:41 +00:00
Felix Fietkau
f45697d904 dnsmasq: changed option nonwildcard to --bind-dynamic
Changed option nonwildcard from --bind-interfaces into --bind-dynamic.
With this, Dnsmasq binds the address of individual interfaces, allowing multiple
dnsmasq instances, but if new interfaces or addresses appear, it automatically
listens on those. This makes dynamically created interfaces work in the same way as
the default, but allows also use of other DNS-servers (like Named) at the same time
on diffirent interfaces where Dnsmasq is NOT configured, whereas with
--bind-interfaces will still reserve every interface even if not used and thus
disallowing use of any other DNS-program even on unused interfaces.

Tested-by: Vaasa Hacklab <info@vaasa.hacklab.fi>
Signed-off-by: Sami Olmari <sami@olmari.fi>

SVN-Revision: 47953
2015-12-19 13:18:26 +00:00
John Crispin
725fc09cec dnsmasq: Add option "--all-servers"
Add the option "--all-servers" which forces dnsmasq to send all
queries to all servers and then take the first answer.

Signed-off-by: Andréas Gustafsson <gurgalof@gmail.com>

SVN-Revision: 47857
2015-12-11 15:06:59 +00:00
Steven Barth
836d462b10 package: Remove dependencies to kmod-ipv6
Since r46834, IPv6 support is builtin if selected. Therefor, dependencies
on kmod-ipv6 can no longer be fulfilled, since it is not a module anymore.

Signed-off-by: Arjen de Korte <arjen+openwrt@de-korte.org>

SVN-Revision: 47022
2015-09-21 21:15:41 +00:00
Steven Barth
0c8f0186d5 linux: make IPv6 builtin if selected (saves >30KB)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46834
2015-09-09 12:20:36 +00:00
Steven Barth
fc41846248 dnsmasq: make /tmp/dnsmasq.d and /tmp/hosts preferred over UCI settings
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46770
2015-09-02 11:49:00 +00:00
Hauke Mehrtens
186c711ccd dnsmasq: Bump to dnsmasq2.75
Fixes a 100% cpu usage issue if using dhcp-script.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46550
2015-08-03 20:33:57 +00:00
Steven Barth
677f0e3e72 dnsmasq: Bump to dnsmasq2.74
Bump to dnsmasq2.74 & refresh patches to fix fuzz

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

SVN-Revision: 46522
2015-07-30 08:53:43 +00:00
John Crispin
027230ade2 dnsmasq: add some missing files to the jail
found with strace, not sure we got all of them though

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>

SVN-Revision: 46467
2015-07-24 09:11:06 +00:00
Steven Barth
59f5eefe8c dnsmasq: Add sequential_ip UCI parameter
When enabled the dnsmasq DHCP server allocates the IP addresses sequentially
starting from the lowest available IP address.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 46211
2015-07-07 08:13:22 +00:00
Steven Barth
c5c819c494 dnsmasq: enable extra tracing by default when UCI parameter logqueries is set
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 46210
2015-07-07 08:13:16 +00:00
Steven Barth
54bbebc633 Update dnsmasq to v2.73.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>

SVN-Revision: 45988
2015-06-15 08:10:59 +00:00
Steven Barth
73fb57ada4 dnsmasq: bump to 2.73rc9
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45924
2015-06-08 04:48:16 +00:00
Steven Barth
c6a6f75436 dnsmasq: fix config file typo
s/loclal/local/

Signed-off-by: Jonathan McCrohan <jmccrohan@gmail.com>

SVN-Revision: 45923
2015-06-08 04:48:08 +00:00
Steven Barth
51d97db185 dnsmasq: bump to dnsmasq2.73rc8 Important.
Bump dnsmasq to v2.73rc8

Important - fixes remotely exploitable buffer overflow introduced in all v2.73 test/release candidates.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

SVN-Revision: 45693
2015-05-17 08:06:45 +00:00
Steven Barth
fc84123c2f dnsmasq: bump to 2.73rc7
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45587
2015-04-29 07:19:24 +00:00
Steven Barth
62e7f07615 dnsmasq: bump to 2.73rc6
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45572
2015-04-23 13:05:15 +00:00
Steven Barth
3633523ba6 dnsmasq: fix dnssec timestamp logic, backport crashfix
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45410
2015-04-13 07:49:29 +00:00
Steven Barth
747c33859b dnsmasq: bump to 2.73rc4
Fix crash caused by malformed DNS requests
Improved DNSSEC handling

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45354
2015-04-10 10:19:17 +00:00
John Crispin
88fa9a8422 dnsmasq: Add option '--servers-file'
The option '--servers-file' is available since dnsmasq v2.69.

Signed-off-by: Lars Kruse <lists@sumpfralle.de>

SVN-Revision: 45332
2015-04-09 10:32:46 +00:00
John Crispin
8acbb5783d dnsmasq: backport --tftp-no-fail to ignore missing tftp root
This patch backports the option --tftp-no-fail to dnsmasq and prevents the
service from aborting if the specified TFTP root directory is not available;
this might be the case if TFTP files are located on external media that might
occasionally not be present at startup.

Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>

SVN-Revision: 45213
2015-04-01 08:33:10 +00:00
John Crispin
d8fc4d31d0 dnsmasq: we dont want to run in debug mode
a left over from the dnsmasq jail testing

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45058
2015-03-27 09:11:56 +00:00
John Crispin
f5e2b62ab7 dnsmasq: add jail support
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45011
2015-03-26 10:58:30 +00:00
John Crispin
ba21cbae3e dnsmasq: enable pxe-prompt, pxe-service config options
DNSMASQ has the ability to provide a menu to a pxeboot system, using
the --pxe-prompt and --pxe-service configuration options.  The current
init.d script converting the "dhcp" file to "dnsmasq.conf" does not
find these options, but they are supported.  This patch thus enables
the options.

Signed-off-by: Derek LaHousse <dlahouss@mtu.edu>

SVN-Revision: 44747
2015-03-13 08:39:08 +00:00
John Crispin
fb60dd2ae6 dnsmasq: Make parameters optional in dhcpboot config
The --dhcp-boot option of dnsmasq does not require servername and serveraddress
arguments if the builtin tftp server is used.

Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>

SVN-Revision: 44744
2015-03-13 08:38:35 +00:00
John Crispin
16b45d21c6 dnsmasq: add option --quiet-dhcp
The --quiet-dhcp setting increases privacy by omitting DHCP lease logs including MAC addresses.

Signed-off-by: Lars Kruse <devel@sumpfralle.de>

SVN-Revision: 44006
2015-01-17 14:38:55 +00:00
Jo-Philipp Wich
59cab6dd48 dnsmasq: support and use local-service by default (#14951)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43982
2015-01-16 19:04:19 +00:00
Felix Fietkau
6493328c8f dnsmasq: fix dependency problems of the dnsmasq-full variant.
This patch tries to

 - Let the DHCPv6 feature depend on CONFIG_IPV6.
 - Conditionally select libnettle, kmod-ipv6, kmod-ipt-ipset only if the
   corresponding features are enabled.
 - Install `trust-anchors.conf` only if DNSSEC is selected.
 - Add PKG_CONFIG_DEPENDS for the configurable options.
 - Add a patch to let the Makefile of dnsmasq be aware of changes in
   COPTS variable.

Big thanks goes to Frank Schäfer <fschaefer.oss@googlemail.com> for
providing necessary information on connections and dependency relations
between these CONFIGs and packages.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 43851
2015-01-05 13:03:48 +00:00
Steven Barth
d945d7d647 dnsmasq: also add the actual patches...
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43759
2014-12-22 09:52:19 +00:00
Steven Barth
1472eaec65 dnsmasq: backport some dnssec fixes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43758
2014-12-22 09:51:22 +00:00
Steven Barth
d9011ad6be dnsmasq: allow de-selecting features from -full variant.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 43733
2014-12-17 05:59:12 +00:00
John Crispin
74a3a77bcd license info - revert r43155
turns out that r43155 adds duplicate info.

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 43167
2014-11-03 09:56:44 +00:00
John Crispin
c10d97484a Add more license tags with SPDX identifiers
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.

I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.

However, I can not garantee that I always picked the correct information
and/or did not miss license information.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

SVN-Revision: 43155
2014-11-03 08:01:08 +00:00
Steven Barth
bec9d38fa4 Add a few SPDX tags
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 43151
2014-11-02 12:20:54 +00:00
Steven Barth
dd948b7990 dnsmasq: bump to 2.72
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 42668
2014-09-26 08:57:36 +00:00
Steven Barth
2ccf88744c dnsmasq: fix lockup when interfaces disappear
SVN-Revision: 42648
2014-09-22 12:07:20 +00:00
John Crispin
f65ff468f7 dnsmasq: Make the --dhcp-host logic easier to understand
Use an if/else statement to cover the two different syntaxes.  Add
comments explaining what the end results should look like.

This patch should not change the script's output.

Signed-off-by: Kevin Cernekee <cernekee@gmail.com>

SVN-Revision: 42320
2014-08-28 06:27:57 +00:00
John Crispin
5046209312 dnsmasq: Fix hosts file format when MAC address is not specified
An entry like this in /etc/config/dhcp:

    config 'host'
        option 'name' 'pc2'
        option 'ip' '192.168.100.56'
        option 'dns' '1'

results in a /tmp/hosts/dhcp entry that looks like this:

    192.168.100.56 .lan

Obviously it should say "pc2.lan".

This happens because $name is set to "" in order to support the MAC-less
syntax: "--dhcp-host=lap,192.168.0.199".  Fix this by reordering the
operations.  Also, refuse to add a DNS entry if the hostname or IP is
missing.

Fixes #17683

Reported-by: Kostas Papadopoulos <kpapad75@travelguide.gr>
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>

SVN-Revision: 42319
2014-08-28 06:27:53 +00:00
John Crispin
449994b8c2 dnsmasq: Create rDNS records for LuCI "Hostnames"
LuCI creates "domain" UCI config sections, which the dnsmasq init file
then, currently, translates into "address" config lines. This is not
the correct usage of "address" (see r36943), and also causes rDNS
records to not be created. This patches dnsmasq.init to utilize the
additional hosts file introduced in r40799 for such domain names,
resolving both issues.

Signed-off-by: Tyler Fenby <tylerf@securecominc.com>

SVN-Revision: 42318
2014-08-28 06:27:49 +00:00
Steven Barth
0f49b1940e dnsmasq: fix a race condition possibly leading to lockup
SVN-Revision: 42225
2014-08-20 09:52:29 +00:00
Steven Barth
c36e312647 dnsmasq: respect option dhcpv4 disabled in dhcp-config
SVN-Revision: 42216
2014-08-19 05:58:44 +00:00
Steven Barth
2dd6d4a4f0 dnsmasq: use config_get_bool for dnsmasq
SVN-Revision: 41302
2014-06-22 15:34:36 +00:00
Steven Barth
17d3ce64cf dnsmasq: set procd respawn
SVN-Revision: 41297
2014-06-22 09:08:14 +00:00
Steven Barth
9af2e45080 dnsmasq: removing nettle 3.0 support due to nettle downgrade
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 41264
2014-06-18 17:06:37 +00:00
Steven Barth
087ea853b4 dnsmasq: compatibility with nettle 3.0
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 41249
2014-06-18 10:04:47 +00:00
Steven Barth
495b237cc4 dnsmasq: various house-keeping updates
* Add Authoritative DNS and IPSET to full variant
* Remove some bloat from IPSET support
* Reintroduce "DHCP no address warning"-patch

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 41246
2014-06-18 10:04:34 +00:00
Steven Barth
132cbe5e29 dnsmasq: add UCI DNSSEC runtime support
Ship keys for the root zone and add two uci options to enable
DNSSEC checks:

Option 'dnssec': Activate DNSSEC validation
Option 'dnsseccheckunsigned': Ensure answers without DNSSEC are in
unsigned zones.

Signed-off-by: Andre Heider <a.heider@gmail.com>

SVN-Revision: 41245
2014-06-18 10:04:29 +00:00
Steven Barth
5f64a3e7ce dnsmasq: Add a full variant
This variant includes support for DHCPv6 and DNSSEC.
DNSSEC adds a dependency on libnettle.

Signed-off-by: Andre Heider <a.heider@gmail.com>

SVN-Revision: 41244
2014-06-18 10:04:25 +00:00