Commit Graph

132 Commits

Author SHA1 Message Date
Philip Prindeville
8e0775197a dnsmasq: don't point --resolv-file to default location unconditionally
If noresolv is set, we should not generate a --resolv-file parameter.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [minor cleanup]
2017-03-18 17:37:24 +01:00
Kevin Darbyshire-Bryant
3a06dd60eb dnsmasq: do not forward rfc6761 excluded domains
RFC 6761 defines a number of top level domains should not be forwarded
to the Internet's domain servers since they are not responsible for
those domains.

This change adds a list of domains that will be blocked when 'boguspriv'
is used and augments that which is already blocked by dnsmasq's notion
of 'local service' using '--bogus-priv' i.e. RFC 1918 private addresses
and IPv6 prefixes as defined in RFC 6303.

To make this configurable rather than hard coded in dnsmasq's init
script, a new file /usr/share/dnsmasq/rfc6761.conf is conditionally
included.

The default file matches the RFC 6761 recommendation along with a few
other top level domains that should not be forwarded to the Internet.

Compile & run tested Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-03-09 10:42:27 +01:00
Eric Luehrsen
f9f6a21c81 dnsmasq: fix instances in dhcp_add()
ref commit 9525743c07
dnsmasq: make DHCPv6 viable for standalone dnsmasq install
Above commit broke instancing by missing filter_dnsmasq()
as part of the dhcp_add() execution.

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
2017-02-05 22:26:22 +01:00
Arjen de Korte
07d5fc7ada dnsmasq: honor quietdhcp option for DHCPv6
Do not spam the syslog with DHCPv6 lease info if quietdhcp option
is selected. This already works for DHCPv4, make it work in the same
way for DHCPv6.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
[Originally written by Arjen de Korte on GitHub but had issues providing
a SoB in correct format.]
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-02-05 20:57:39 +01:00
Eric Luehrsen
9525743c07 dnsmasq: make DHCPv6 viable for standalone dnsmasq install
dnsmasq has sufficient services to meet the needs of DHCP
and RA with IP6 for single router router users. This is
the most common use for consumer routers. Its reenforced
as most ISP tend to only DHCP-PD /64. dnsmasq has year
over year demonstrated great flexibility in its option
set, and support for off-standard DHCP clients.

odhcpd has enhanced capabilities focused on IP6 such
as DHCP/RA relay and NDP proxy. However, it is not as
flexible in its option set. odhcpd is not as forgiving
with off-standard DHCP clients. Some points may represent
a long term TODO list, but it is the state currently.

These changes make any such combination possible. Already
odhcpd can be set as the main dhcp server. Now odhcpd
can be removed or disabled and dnsmasq will take over
if DHCPv6 compiled in. The existing DHCPv6 and RA UCI
are translated into dnsmasq.conf. The changes focus on
'--dhcp-range', '--dhcp-host', and '--dhcp-options'.

DHCP host ID is least 16 bits [::1000-::FFFF], but
leaves low range for typical infrastructure assignments.
dnsmasq accepts DHCPv6 options in the tranditional
'--dhcp-option' put they must be prefixed 'option6:'.
dnsmasq will also discover SLAAC DNS entries from DHCPv4
clients MAC, and confirm with a ping at least renew.

Long term TODO include improving use of dnsmasq relay
options for DHCPv4 and DHCPv6 in parallel. It would also
be possible to preconfigure DHCP-PD in host-with-options
records for fixed infrastructure.

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
[Jo-Philipp Wich: emit proper IPv6 hostid format in dhcp-host directive]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-02-02 00:13:49 +01:00
Eric Luehrsen
1b4e3eda1b dnsmasq: expand 'add_local_hostname' fexibility including FQDN
ref commit 612e2276b4
ref commit ec63e3bf13

'option add_local_hostname' scripted implementation statically assigns
this host in auto generated host file at init. If IFUP or other signals
do not occur, then address changes are not tracked. The script doesn't
apply all the addresses at an interface. This may make logs obscure.
The script only puts the bare host name (maybe not FQDN) in host file,
but if '--exapandhosts' is enabled, then /etc/hosts entries will be
suffixed, and "127.0.0.1 localhost" becomes "localhost.lan".

dnsmasq provides an option to perform this function, but it is rather
greedy. '--interface-name=<name>,<iface>' will assign the name to all
IP on the specified interface (except link local). This is a useful
feature, but some setups depend on the original restrictive behavior.

'option add_local_fqdn' is added to enhance the feature set, but
if not entered or empty string, then it will default to original
option and behavior. This new option has a few settings. At each
increased setting the most detailed name becomes the PTR record:
0 - same as add_local_hostname 0 or disabled
1 - same as add_local_hostname 1
2 - assigns the bare host name to all IP w/ --dnsmasq-interface
3 - assigns the FQDN and host to all IP w/ --dnsmasq-interface
4 - assigns <iface>.<host>.<domain> and above w/ --dnsmasq-nterface

'option add_wan_fqdn' is added to run the same procedure on
inferred WAN intefaces. If an interface has 'config dhcp' and
'option ignore 1' set, then it is considered WAN. The original
option would only run on DHCP serving interfaces.

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
2017-02-02 00:13:49 +01:00
Kevin Darbyshire-Bryant
c914fa04a3 dnsmasq: use ubus signalling in ntp hotplug script
Use ubus process signalling instead of 'kill pidof dnsmasq' for
SIGHUP signalling to dnsmasq when ntp says time is valid.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2017-01-13 16:08:22 +01:00
Hans Dedecker
ec63e3bf13 Revert "dnsmasq: change 'add_local_hostname' to use dnsmasq '--interface-name'"
This causes problem when a FQDN is configured in /etc/config/system. The
domain name will appear twice in reverse DNS.

Next to that, there seems to be a bug in dnsmasq. From the manual page:

--interface-name=<name>,<interface>[/4|/6]
Return  a  DNS  record  associating  the  name  with  the primary address
on the given interface. This flag specifies an A or AAAA record for the
given name in the same way as an /etc/hosts line, except that the address
is not constant, but taken from the given interface. The interface may be
followed by "/4" or "/6" to specify  that  only  IPv4  or  IPv6 addresses
of the interface should be used. If the interface is down, not configured
or non-existent, an empty record is returned. The matching PTR record is
also created, mapping the interface address to the name. More than one name
may be associated with an interface address by repeating the flag; in that
case the first instance is used for  the  reverse address-to-name mapping.

It does not just create an A/AAAA record for the primary address, it creates
one for all addresses. And what is worse, it seems to actually resolve to the
non-primary address first. This is quite annoying when you use floating IP
addresses (e.g. VRRP), because when the floating IP is on the other device,
SSH failes due to incorrect entry in the known hosts file.

I know that this is not a common setup, but it would be nice if there was an
option to restore the previous behaviour, rather than just forcing this new
feature on everybody.

Reported-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-12 12:14:20 +01:00
Eric Luehrsen
612e2276b4 dnsmasq: change 'add_local_hostname' to use dnsmasq '--interface-name'
'add_local_hostname' previous implementation may drop some addresses.
Soft addition of IP6 addresses may not cause a reload or restart event.
dnsmasq '--interface-name' robustly applies DNS to all addresses per
interface (except fe80::/10).

Change UCI 'add_local_hostname' to expand during each interface assignement
during add_dhcp().
Assign '<iface>.<host>.<domain>' as true name (reflexive A, AAAA, and PTR).
Assign '<host>.<domain>' and '<host>' as convinience aliases (no PTR, not
technically CNAME).
This is accomplished with the '--interface-name' order, first is PTR.
We could also assign each <ip4/6>.<iface>.<host>.<domain> to the respective
dual stack on the interface.
That seemed excessive so it was skipped (/4 or /6 suffix to the interface).
Add UCI 'add_wan_hostname' similar to 'add_local_hostname' function for
external WAN.

WAN IP4 are less often named by the ISP and rarely WAN IP6 due to complexity.
For logs, LuCI connection graph, and other uses assigning a WAN name is desired.
'add_local_hostname' only applies with DHCP and 'add_wam_hostname' only applies
without DHCP. Common residential users will want to set both options TRUE.
Businesses will probably have global DNS, static IP, and 'add_wan_hostname' FALSE.

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
2017-01-05 22:51:39 +01:00
Eric Luehrsen
06e26363d8 dnsmasq: clean up white space in dnsmasq.init
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
2017-01-05 22:51:23 +01:00
Arjen de Korte
10f91525bc dnsmasq: add DHCP Unique Identifier for DHCPv6
Add DHCPv6 matching by DHCP Unique Identifier (RFC-3315) in addition to
existing MAC-address (RFC-6939). The latter is not widely supported yet.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
2017-01-03 22:27:23 +01:00
dibdot
08db3e1b85 dnsmasq: add log facility option
add possibility to set the facility to which dnsmasq will send syslog entries, i.e. set it to '/dev/null' to mute dnsmasq output at all.

Signed-off-by: Dirk Brenken dev@brenken.org
2016-12-23 10:46:56 +01:00
John Crispin
93227e4d3f dnsmasq: fix service reload
The SIGHUP also got sent to the reload script making it bail out
with an error

Revert "dnsmasq: reload config if host name is modified"
This reverts commit 854459a2f9.

Reported-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
2016-12-16 10:40:10 +01:00
Hans Dedecker
942904f7b9 dnsmasq: Specify directory /tmp/hosts as argument for --addn-hosts
Let dnsmasq read all hosts files in /tmp/hosts directory by specifying
/tmp/hosts as argument of --addn-host

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-12-13 23:32:20 +01:00
Arjen de Korte
4fbd3aa278 dnsmasq: Fix splitting hostid for DHCPv6 static leases
Correct splitting the 32-bit 'hostid' value to two 16-bit hexadecimal
values. Previously, the lower 16-bit value was truncated to an 8-bit
value, which would result in hostid values 100 and 200 both to be set
to [::0:0] instead of [::0:100] and [::0:200] respectively.

Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
2016-12-06 07:55:07 +01:00
Florian Eckert
854459a2f9 dnsmasq: reload config if host name is modified
If the hostname in /etc/config/system is modified the dnsmasq will not
reread the update host file under /tmp/hosts/dhcp.$cfg.

Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
2016-12-04 15:56:04 +01:00
Hans Dedecker
a50243ea1f dnsmasq: Support add-mac option
Adds the mac address of the DNS requestor to DNS queries which
are forwarded upstream and can be used to do filtering by the
upstream servers. This only works if the requestor is on the
same subnet as the dnsmasq server

The addmac parameter can hold the following values:
	0 : mac address is not added
	1 : mac address is added in binary format
	base64 : mac address is added base64 encoded
	text: : mac address is added in human readable format
		as hex and colons

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-11-08 11:17:10 +01:00
Karl Palsson
df1804b75c dnsmasq: support log-dhcp option
Helpful when trying to resolve issues with quirky dhcp client devices.

Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-11-02 10:25:44 +01:00
Hans Dedecker
a35f9bbc43 dnsmasq: Multiple dnsmasq instances support
Adds support in uci for configuring multiple dnsmasq instances via
multiple dnsmasq sections.
The uci sections host, boot, mac, tag, vendorclass, userclass,
circuitid, ... will refer to a dnsmasq instance via the instance
parameter defined in the section; if the instance parameter is
not specified backwards compatibility is preserved.

Start/Stopping a dnsmasq instance can be achieved by passing the
dnsmasq instance name as argument to start/stop via the init script.

Multiple dnsmasq instances is usefull in scenarios where you want to
bind a dnsmasq instance to an interface in order to isolate networks.

This patch is a rework of a multiple dnsmasq instance patch by Daniel Dickinson

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-10-26 17:53:53 +02:00
Hans Dedecker
32f4777530 dnsmasq: Add match section support
Match sections allow to set a tag specified by the option networkid if the client
sends an option and optionally the option value specified by the match option.
The force option will convert the dhcp-option to force-dhcp-option if set to 1 in
the dnsmasq config if options are specified in the dhcp_option option.

config match
    option networkid tag
    option match 12,myhost
    option force 1
    list dhcp_option '3,192.168.1.1'

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-09-19 15:30:32 +02:00
Kevin Darbyshire-Bryant
9209f4304b dnsmasq: fix remove pidfile on shutdown regression
Regression introduced by 3481d0d dnsmasq: run as dedicated UID/GID

dnsmasq is unable to remove its own pidfile as /var/run/dnsmasq is owned
by root and now dnsmasq runs as dnsmasq:dnsmasq.  Change directory
ownership to match.

dnsmasq initially starts as root, creates the pidfile, then drops to
requested non-root user.  Until this fix dnsmasq had insufficient
privilege to remove its own pidfile.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-09-06 11:26:05 +02:00
Felix Fietkau
b2ddfbc1c7 dnsmasq: drop --interface and --except-interface options when the interface cannot be found
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 20:58:14 +02:00
Felix Fietkau
5cd88f4812 dnsmasq: remove use of uci state for getting network ifname
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 19:48:22 +02:00
Felix Fietkau
a1681ce39b dnsmasq: replace the iface hotplug script with a procd trigger
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Felix Fietkau
6916ca8d33 dnsmasq: make the check for existing DHCP servers more reliable
If there is no carrier yet, wait for 2 seconds (STP forwarding delay)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-29 16:41:09 +02:00
Ulrich Weber
712b6fdc5c dnsmasq: write atomic config file
multiple invocation of dnsmasq script (e.g. by procd and hotplugd)
might cause procd to restart dnsmasq with an incomplete config file.
Config file generation might take quite a long time on larger configs
due ubus calls for each listening interface...

Signed-off-by: Ulrich Weber <ulrich.weber@riverbed.com>
2016-07-29 16:41:09 +02:00
Kevin Darbyshire-Bryant
5acfe55d71 dnsmasq: dnssec time handling uses ntpd hotplug
Change dnsmasq's dnssec time check handling to use time validity
indicated by ntpd rather than maintaining a cross boot/upgrade
/etc/dnsmasq.time timestamp file.  This saves flash device wear.

If ntpd client is configured in uci and you're using dnssec, then
dnsmasq will not check dnssec timestamp validity until ntpd hotplug
indicates sync via a stratum change. The ntpd hotplug leaves a status
flag file to indicate to dnsmasq.init that time is valid and that it
should now start in 'check dnssec timestamp valid' mode.

If ntpd client is not configured and you're using dnssec, then it is
presumed you're using an alternate time sync mechanism and that time is
correct, thus dnsmasq checks dnssec timestamps are valid from 1st start.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

V2 - stratum & step ntp changes indicate time is valid
V3 - on initial flag file step signal dnsmasq with SIGHUP if running
V4 - only accept step ntp changes. Accepting both stratum & step could
result in unpleasant script race conditions
V5 - Actually only accepting stratum is the correct thing to do after
further testing
V6 - improve handling of non busybox ntpd
if sysntpd not executable
  dnsmasq checks dnssec timestamps
else
  sysntp script disabled - look for timestamp file - allows external mechanism to use hotplug flag file
  sysntp script enabled & uci ntp enabled  - look for timestamp file
  sysntp script enabled & uci ntp disabled - dnsmasq checks dnssec
timestamps
fi
2016-06-24 13:53:39 +02:00
Kevin Darbyshire-Bryant
e815036460 dnsmasq: support hostid ipv6 address suffix option
Add support for hostid dhcp config entry to dnsmasq. This allows
specification of dhcpv6 hostid suffix and works in the same way as
odhcpd.

Entries in auto generated dnsmasq.conf should conform to:

dhcp-host=mm:mm:mm:mm:mm:mm,IPv4addr,[::V6su:ffix],hostname

example based on sample config/dhcp entry:

config host
        option name 'Kermit'
        option mac 'E0:3F:49:A1:D4:AA'
        option ip '192.168.235.4'
        option hostid '4'

dhcp-host=E0:3F:49:A1:D4:AA,192.168.235.4,[::0:4],Kermit

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-10 18:16:47 +02:00
Hans Dedecker
7eaacd4d23 dnsmasq: Add option --max-port
By default dnsmasq uses random ports for outbound dns queries;
when the maxport UCI option is specified the ports used will
always be smaller than the specified value.
This is usefull for systems behind firewalls.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2016-06-10 18:05:07 +02:00
Daniel Dickinson
2ac21bd793 dnsmasq: Set the default dhcp lease file and resolv file
Instead of making assumptions about the leasefile and resolv file make sure
we use what the user configures, but fall back to defaults if no configuration
is specified

Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
2016-05-24 13:30:58 +02:00
Kevin Darbyshire-Bryant
7938e8d60a dnsmasq: sysupgrade hook to conditionally preserve dnsmasq.time
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps.  dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-05-19 10:28:18 +02:00
Jo-Philipp Wich
85a59127a7 Revert "dnsmasq: sysupgrade hook to conditionally preserve dnsmasq.time"
This reverts commit d830cb0882.

Reverting this commit due to a missing Signed-off-by.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-19 10:28:17 +02:00
Kevin Darbyshire-Bryant
d830cb0882 dnsmasq: sysupgrade hook to conditionally preserve dnsmasq.time
conditionally save dnsmasq.time across sysupgrade
dnsmasq uses /etc/dnsmasq.time as record of the last known good
system time to aid its validation of dnssec timestamps.  dnsmasq
updates the timestamp on process start/stop once it considers the system
time as valid. The timestamp file should be preserved across system
upgrade but should not be included as part of normal configuration
backups to prevent restores corrupting the current timestamp.
2016-05-18 22:17:33 +02:00
John Crispin
fa69553900 branding: add LEDE branding
Signed-off-by: John Crispin <blogic@openwrt.org>
2016-03-24 22:40:13 +01:00
John Crispin
3481d0d793 dnsmasq: run as dedicated UID/GID
Running dnsmasq in a dedicated user/group allows matching its outgoing
traffic more easily using iptables' owner match.
Add UID/GID to the package metadata and append the user/group
parameters to the init script.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 49252
2016-04-26 11:44:10 +00:00
Hauke Mehrtens
3fabbb814d dnsmasq: Add enable parameter in the UCI DHCP host section
Parameter allows to enable/disable static leases; by default the value is 1
to keep backwards compatibility

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49187
2016-04-17 12:52:54 +00:00
John Crispin
b5bfb3534b dnsmasq: add host-specific lease time option for static hosts
Enable setting a host-specific lease time for static hosts.
The new option is called "leasetime" and the format is similar
as for the default lease time: e.g. 12h, 3d, infinite

Default lease time is used for all hosts for which there is
no host-specific definition.

The option is added to /etc/config/dhcp for the selected hosts:
  config host
        option name 'Nexus'
        option mac 'd8:50:66:55:59:7c'
        option ip '192.168.1.245'
        option leasetime '2h'

It gets appended to /var/etc/dnsmasq.conf like this:
  dhcp-host=d8:50:66:55:59:7c,192.168.1.245,Nexus,2h

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 48801
2016-02-26 09:13:03 +00:00
John Crispin
c503984876 dnsmasq: add dhcp relay option
Signed-off-by: dbugnar <dnbugnar@ocedo.com>

SVN-Revision: 48800
2016-02-26 08:35:48 +00:00
Felix Fietkau
b4a1bd8992 dnsmasq: export tftp root to the procd jail
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48761
2016-02-25 09:24:31 +00:00
Felix Fietkau
5e84051a0f dnsmasq: only enable tftp if the tftp root exists
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48760
2016-02-25 09:24:24 +00:00
Jo-Philipp Wich
d8da5c5630 dnsmasq: Don't add local hostname if ula prefix is not specified
Commit 6a7e56b adds support for adding local hostname for own lan ula adress
but if ula prefix is not specified results into an invalid config (address=/OpenWrt.lan/1)
causing dnsmasq not to start up.
Use lanaddr6 when adding local hostname as the lan ula address is constructed based on the
UCI parameters ip6hint and ip6ifaceid and thus not always ula prefix suffixed with 1

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 48495
2016-01-25 17:47:22 +00:00
Felix Fietkau
56f6d35716 dnsmasq: Add option --min-port
By default dnsmasq uses random ports for outbound dns queries;
when the minport UCI option is specified the ports used will
always be larger than the specified value.
This is usefull for systems behind firewalls.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 48244
2016-01-15 11:24:15 +00:00
Jo-Philipp Wich
722badfa82 dnsmasq: add local hostname record for own lan ula address as well
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48214
2016-01-12 10:03:50 +00:00
John Crispin
a621edbb0a dnsmasq: Add option --no-ping
By default dnsmasq sends an ICMP echo request before allocating
an IP address to a host; the uci option noping allows to disable
this check.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 47974
2015-12-23 14:43:41 +00:00
Felix Fietkau
f45697d904 dnsmasq: changed option nonwildcard to --bind-dynamic
Changed option nonwildcard from --bind-interfaces into --bind-dynamic.
With this, Dnsmasq binds the address of individual interfaces, allowing multiple
dnsmasq instances, but if new interfaces or addresses appear, it automatically
listens on those. This makes dynamically created interfaces work in the same way as
the default, but allows also use of other DNS-servers (like Named) at the same time
on diffirent interfaces where Dnsmasq is NOT configured, whereas with
--bind-interfaces will still reserve every interface even if not used and thus
disallowing use of any other DNS-program even on unused interfaces.

Tested-by: Vaasa Hacklab <info@vaasa.hacklab.fi>
Signed-off-by: Sami Olmari <sami@olmari.fi>

SVN-Revision: 47953
2015-12-19 13:18:26 +00:00
John Crispin
725fc09cec dnsmasq: Add option "--all-servers"
Add the option "--all-servers" which forces dnsmasq to send all
queries to all servers and then take the first answer.

Signed-off-by: Andréas Gustafsson <gurgalof@gmail.com>

SVN-Revision: 47857
2015-12-11 15:06:59 +00:00
Steven Barth
fc41846248 dnsmasq: make /tmp/dnsmasq.d and /tmp/hosts preferred over UCI settings
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46770
2015-09-02 11:49:00 +00:00
John Crispin
027230ade2 dnsmasq: add some missing files to the jail
found with strace, not sure we got all of them though

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>

SVN-Revision: 46467
2015-07-24 09:11:06 +00:00
Steven Barth
59f5eefe8c dnsmasq: Add sequential_ip UCI parameter
When enabled the dnsmasq DHCP server allocates the IP addresses sequentially
starting from the lowest available IP address.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 46211
2015-07-07 08:13:22 +00:00
Steven Barth
c5c819c494 dnsmasq: enable extra tracing by default when UCI parameter logqueries is set
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>

SVN-Revision: 46210
2015-07-07 08:13:16 +00:00
Steven Barth
c6a6f75436 dnsmasq: fix config file typo
s/loclal/local/

Signed-off-by: Jonathan McCrohan <jmccrohan@gmail.com>

SVN-Revision: 45923
2015-06-08 04:48:08 +00:00
Steven Barth
3633523ba6 dnsmasq: fix dnssec timestamp logic, backport crashfix
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45410
2015-04-13 07:49:29 +00:00
Steven Barth
747c33859b dnsmasq: bump to 2.73rc4
Fix crash caused by malformed DNS requests
Improved DNSSEC handling

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45354
2015-04-10 10:19:17 +00:00
John Crispin
88fa9a8422 dnsmasq: Add option '--servers-file'
The option '--servers-file' is available since dnsmasq v2.69.

Signed-off-by: Lars Kruse <lists@sumpfralle.de>

SVN-Revision: 45332
2015-04-09 10:32:46 +00:00
John Crispin
8acbb5783d dnsmasq: backport --tftp-no-fail to ignore missing tftp root
This patch backports the option --tftp-no-fail to dnsmasq and prevents the
service from aborting if the specified TFTP root directory is not available;
this might be the case if TFTP files are located on external media that might
occasionally not be present at startup.

Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>

SVN-Revision: 45213
2015-04-01 08:33:10 +00:00
John Crispin
d8fc4d31d0 dnsmasq: we dont want to run in debug mode
a left over from the dnsmasq jail testing

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45058
2015-03-27 09:11:56 +00:00
John Crispin
f5e2b62ab7 dnsmasq: add jail support
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45011
2015-03-26 10:58:30 +00:00
John Crispin
ba21cbae3e dnsmasq: enable pxe-prompt, pxe-service config options
DNSMASQ has the ability to provide a menu to a pxeboot system, using
the --pxe-prompt and --pxe-service configuration options.  The current
init.d script converting the "dhcp" file to "dnsmasq.conf" does not
find these options, but they are supported.  This patch thus enables
the options.

Signed-off-by: Derek LaHousse <dlahouss@mtu.edu>

SVN-Revision: 44747
2015-03-13 08:39:08 +00:00
John Crispin
fb60dd2ae6 dnsmasq: Make parameters optional in dhcpboot config
The --dhcp-boot option of dnsmasq does not require servername and serveraddress
arguments if the builtin tftp server is used.

Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>

SVN-Revision: 44744
2015-03-13 08:38:35 +00:00
John Crispin
16b45d21c6 dnsmasq: add option --quiet-dhcp
The --quiet-dhcp setting increases privacy by omitting DHCP lease logs including MAC addresses.

Signed-off-by: Lars Kruse <devel@sumpfralle.de>

SVN-Revision: 44006
2015-01-17 14:38:55 +00:00
Jo-Philipp Wich
59cab6dd48 dnsmasq: support and use local-service by default (#14951)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 43982
2015-01-16 19:04:19 +00:00
Steven Barth
d9011ad6be dnsmasq: allow de-selecting features from -full variant.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 43733
2014-12-17 05:59:12 +00:00
John Crispin
f65ff468f7 dnsmasq: Make the --dhcp-host logic easier to understand
Use an if/else statement to cover the two different syntaxes.  Add
comments explaining what the end results should look like.

This patch should not change the script's output.

Signed-off-by: Kevin Cernekee <cernekee@gmail.com>

SVN-Revision: 42320
2014-08-28 06:27:57 +00:00
John Crispin
5046209312 dnsmasq: Fix hosts file format when MAC address is not specified
An entry like this in /etc/config/dhcp:

    config 'host'
        option 'name' 'pc2'
        option 'ip' '192.168.100.56'
        option 'dns' '1'

results in a /tmp/hosts/dhcp entry that looks like this:

    192.168.100.56 .lan

Obviously it should say "pc2.lan".

This happens because $name is set to "" in order to support the MAC-less
syntax: "--dhcp-host=lap,192.168.0.199".  Fix this by reordering the
operations.  Also, refuse to add a DNS entry if the hostname or IP is
missing.

Fixes #17683

Reported-by: Kostas Papadopoulos <kpapad75@travelguide.gr>
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>

SVN-Revision: 42319
2014-08-28 06:27:53 +00:00
John Crispin
449994b8c2 dnsmasq: Create rDNS records for LuCI "Hostnames"
LuCI creates "domain" UCI config sections, which the dnsmasq init file
then, currently, translates into "address" config lines. This is not
the correct usage of "address" (see r36943), and also causes rDNS
records to not be created. This patches dnsmasq.init to utilize the
additional hosts file introduced in r40799 for such domain names,
resolving both issues.

Signed-off-by: Tyler Fenby <tylerf@securecominc.com>

SVN-Revision: 42318
2014-08-28 06:27:49 +00:00
Steven Barth
c36e312647 dnsmasq: respect option dhcpv4 disabled in dhcp-config
SVN-Revision: 42216
2014-08-19 05:58:44 +00:00
Steven Barth
2dd6d4a4f0 dnsmasq: use config_get_bool for dnsmasq
SVN-Revision: 41302
2014-06-22 15:34:36 +00:00
Steven Barth
17d3ce64cf dnsmasq: set procd respawn
SVN-Revision: 41297
2014-06-22 09:08:14 +00:00
Steven Barth
132cbe5e29 dnsmasq: add UCI DNSSEC runtime support
Ship keys for the root zone and add two uci options to enable
DNSSEC checks:

Option 'dnssec': Activate DNSSEC validation
Option 'dnsseccheckunsigned': Ensure answers without DNSSEC are in
unsigned zones.

Signed-off-by: Andre Heider <a.heider@gmail.com>

SVN-Revision: 41245
2014-06-18 10:04:29 +00:00
Florian Fainelli
8f526ff530 dnsmasq: Allow creating static DNS entries from static lease entries
DHCP entries in /etc/config/dhcp will not automatically create A or PTR
records.  Add an "option dns" directive which appends an entry to
/tmp/hosts/dhcp to facilitate forward and reverse DNS lookups.  For
instance, this item:

    config host
            option ip       '192.168.0.10'
            option mac      '00:13:57:9b:df:02'
            option name     'winpc'
            option dns      '1'

will add a corresponding entry to /tmp/hosts/dhcp:

    192.168.0.10 winpc.lan

This keeps the hostname/IP/MAC in a single place, for easy maintenance.

Related: ticket #13854 reports an regression involving missing PTR
records when using "config domain" to define static DNS entries for
individual hosts.  However, per Simon Kelley[1], the --address feature
used by "config domain" was never intended to generate DNS A records for
hosts.  It would probably be better for the reporter to apply this patch,
and then use "config host" sections instead of "config domain" sections.

[1] http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2008q4/002498.html

Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
Signed-off-by: Florian Fainelli <florian@openwrt.org>

SVN-Revision: 40799
2014-05-20 05:00:28 +00:00
Steven Barth
9ec0e5df14 dnsmasq: add dnsmasq.d config folder & improve odhcpd coexistence
SVN-Revision: 39312
2014-01-17 14:00:09 +00:00
Jo-Philipp Wich
efce764f0e dnsmasq: rework init procedure
- cache udhcp check results to speed up subsequent reloads
	- enable procd file tracking for /var/etc/dnsmasq.conf to only reload service if needed
	- implement reload action to only restart dnsmasq if /var/etc/dnsmasq.conf actually changed
	- launch dnsmasq from interface hotplug to avoid race conditions with network bringup

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 39152
2013-12-21 13:31:28 +00:00
Jo-Philipp Wich
eda27e8382 dnsmasq: switch to /lib/functions/network.sh
This commit changes the dnsmasq init script to use the interface
status exposed by netifd. The old references to scan_interfaces()
and (indirect) accesses to uci state variables are removed and
replaced with corresponding network_*() calls.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 39101
2013-12-16 16:47:41 +00:00
Jo-Philipp Wich
5db9587b5f dnsmasq: fix backward compatibility with existing configs
Changeset r36943 ("dnsmasq: use host-record instead of address") removed
the automatic domain expansion for config domain sections, this breaks
existing setups and alters the old behaviour in unexpected ways, therfore
restore behaviour of the current stable release.

Additionally handle fully qualified hostnames properly when setting up the
own hostrecord by stripping the local domain part form the given name
instead of unconditionally appending it, so that "example.lan" results
in "example example.lan" and not "example.lan example.lan.lan".

SVN-Revision: 38648
2013-11-04 22:40:56 +00:00
Jo-Philipp Wich
78f69b66d4 dnsmasq: add option broadcast to host sections
There are certain consumer devices which are outliers in protocol conformance.
An example is Samsung bluray players, which require broadcast DHCP responses
(on Ethernet only, strangely not on Wifi).

By specifying:

config host
	...
	option broadcast 1

this will enable the response to be sent as an Ethernet broadcast and not as
a unicast.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

SVN-Revision: 38365
2013-10-11 18:33:15 +00:00
Luka Perkov
ef5f836207 fix various init scripts
Changes include:

* removing unused variables
* replacing spaces with tabs where appropriate
* more consistency with variable declarations

Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 38142
2013-09-23 21:58:36 +00:00
John Crispin
f874094402 procd: convert various packages to procd style init.d scripts
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 38023
2013-09-17 21:45:30 +00:00
Jo-Philipp Wich
dfea3bae11 dnsmasq: use host-record instead of address
Using "--address" for individual host A records is broken, use "--host-record" instead.
The following patch changes dnsmasq.init to build individual host records using "--host-record" instead of "--address".

Signed-off-by: Adam Gensler <openwrt at gnslr.us>

[jow: shorter description, simplified shell script code]

SVN-Revision: 36943
2013-06-17 11:55:30 +00:00
Steven Barth
dd161ae62b dnsmasq: add directory for external hosts-files
SVN-Revision: 36655
2013-05-17 14:44:12 +00:00
Steven Barth
29d4c36622 add uci support for "proxy-dnssec" in dnsmasq
This patch simply adds support for the "--proxy-dnssec" command in dnsmasq into the init file so it can be used with /etc/config/dhcp.

Signed-off-by: Adam Gensler <openwrt@kristenandadam.net>

SVN-Revision: 36570
2013-05-07 07:19:51 +00:00
Jo-Philipp Wich
54c0b40427 dnsmasq: allow dhcp host entries without mac addresses (#11928)
SVN-Revision: 34971
2013-01-02 15:14:19 +00:00
Felix Fietkau
405e21d167 packages: sort network related packages into package/network/
SVN-Revision: 33688
2012-10-10 12:32:29 +00:00