206
220
the .spec files this time. Fixed bug in Suse startup
207
221
script. Thanks to Didi Niklaus for pointing this out.
223
release 1.5 Added --filterwin2k option which stops dnsmasq from forwarding
224
"spam" queries from win2k boxes. This is useful to stop spurious
225
connections over dial-on-demand links. Thanks to Steve Hardy
228
Clear "truncated" bit in replies we return from upstream. This
229
stops resolvers from switching to TCP, which is pointless since
230
dnsmasq doesn't support TCP. This should solve problems
231
in resolving hotmail.com domains.
233
Don't include getopt.h when Gnu-long-options are disabled -
234
hopefully this will allow compilation on FreeBSD.
236
Added the --listen-address and --pid-file flags.
238
Fixed a bug which caused old entries in the DHCP leases file
239
to be used in preference to current ones under certain
242
release 1.6 If a machine gets named via DHCP and the DHCP name doesn't have
243
a domain part and domain suffix is set using the -s flag, then
244
that machine has two names with the same address, with and
245
without the domain suffix. When doing a _reverse_ lookup to
246
get the name, the "without suffix" name used to be returned,
247
now the "with suffix" one gets returned instead. This change
248
suggested by Arnold Schulz.
250
Fixed assorted typos in the documentation. Thanks
253
Subtle rearrangement to the downloadable tarball, and stopped
254
distributing .debs, since dnsmasq is now an official Debian
257
release 1.7 Fix a problem with cache not clearing properly
258
on receipt of SIGHUP. Bug spotted by Sat Deshpande.
260
In group-id changing code:
261
1) Drop supplimentary groups.
262
2) Change gid before dropping root (patch from Soewono Effendi.)
263
3) Change group to "dip" if it exists, to allow access
264
to /etc/ppp/resolv.conf (suggestion from Jorg Sommer.)
265
Update docs to reflect above changes.
267
Other documentation changes from David Miller.
268
Added suggested script fragment for dhcpcd.exe.
270
release 1.8 Fix unsafe use of tolower() macro - allows linking against
271
ulibc. (Patches from Soewono Effendi and Bjorn Andersson.)
273
Fix typo in usage string.
275
Added advice about RedHat PPP configuration to
276
documentation. (Thanks to C. Lee Taylor.)
278
Patches to fix problems on BSD systems from Marc Huber
279
and Can Erkin Acar. These add the options
280
HAVE_ARC4RANDOM and HAVE_SOCKADDR_SA_LEN to config.h.
281
Elaborated config.h - should really use autoconf.
283
Fix time-to-live calculation when chasing CNAMEs.
285
Fix use-after-free and missing initialisation bugs in
286
the cache code. (Thanks to Marc Huber.)
288
Builds on Solaris 9. (Thanks to Marc Huber.)
290
release 1.9 Fixes to rpm .spec files.
292
Don't put expired DHCP entries into the cache only to
293
throw them away again.
295
Put dnsmasq on a severe memory diet: this reduces both
296
the amount of heap space used and the stack size
297
required. The difference is not really visible with
298
bloated libcs like glibc, but should dramatically reduce
299
memory requirements when linked against ulibc for use on
300
embeded routers, and that's the point really. Thanks to
301
Matthew Natalier for prompting this.
303
Changed debug mode (-d) so that all logging appears on
304
stderr as well as going to syslogd.
306
Added HAVE_IPV6 config symbol to allow compilation
307
against a libc which doesn't have IPv6 support.
309
Added a facility to log all queries, enabled with -q flag.
311
Fixed packet size checking bug in address extraction code.
313
Halved default cache size - 300 was way OTT in typical use.
315
Added self-MX function, enabled by -e flag. Thanks to
316
Lyonel Vincent for the patch.
318
Added HAVE_FORK config symbol and stuff to support
319
uClinux. Thanks to Matthew Natalier for uClinux stuff.
321
release 1.10 Log warnings if resolv.conf or dhcp.leases are not
322
accessable for any reason, as suggested by Hinrich Eilts.
324
Fixed wrong address printing in error message about
325
no interface with address.
327
Updated docs and split installation instuctions into setup.html.
329
Fix bug in CNAME chasing code: One CNAME pointing
330
to many A records would lose A records after the
331
first. This bug was introduced in version 1.9.
333
Log startup failures at level Critical as well as
334
printing them to standard error.
335
Exit with return code 1 when given bad options.
337
Cleaned up code for no-cache operation.
339
Added -o option which forces dnsmasq to use to
340
upstream servers in the order they appear in /etc/resolv.conf.
342
Added upstream server use logging.
344
Log full cache dump on receipt of SIGUSR1 when query
345
logging is enabled (-q switch).
347
Added -S option to directly specify upstream servers and
348
added ability to direct queries for specific domains to
349
specfic servers. Suggested by Jens Vonderheide.
351
Upgraded random ID generation - patch from Rob Funk.
353
Fixed reading of domains in arguments with capital
354
letters or trailing periods.
356
Fixed potential SEGV when given bad options.
358
Read options from /etc/dnsmasq.conf if it exists.
359
Do sensible things with missing parameters, eg
360
"--resolv-file=" turns off reading /etc/resolv.conf.
362
release 1.11 Actually implement the -R flag promised in the 1.10 man page.
364
Improve and rationalise the return codes in answers to
365
queries. In the case that there are no available
366
upstream servers to forward a query to, return REFUSED.
367
This makes sendmail work better on modem connected
368
systems when the modem link is down (Thanks to Roger Plant).
369
Cache and return the NXDOMAIN status of failed queries:
370
this makes the `host` command work when traversing search
371
paths (Thanks to Peter Bailey). Set the "authoritative"
372
bit in replies containing names from /etc/hosts or DHCP.
374
Tolerate MS-DOS style line ending codes in /etc/hosts
375
and /etc/resolv.conf, for people who copy from winsock
378
Allow specification of more than one resolv.conf file. This is
379
intended for laptops which connect via DHCP or
380
PPP. Whichever resolv.conf was updated last is used.
382
Allow -S flags which specify a domain but no server
383
address. This gives local domains which are never forwarded.
385
Add -E flag to automatically add the domain suffix to
386
names in /etc/hosts -suggestion from Phil Harman.
388
Always return a zero time-to-live for names derived from
389
DHCP which stops anthing else caching these
390
names. Previously the TTL was derived from the lease
391
time but that is incorrect since a lease can be given
392
up early: dnsmasq would know this but anything with the
393
name cached with long TTL would not be updated.
395
Extended HAVE_IPV6 config flag to allow compliation on
396
old systems which don't have modern library routines
397
like inet_ntop(). Thanks to Phil Harman for the patch.
399
release 1.12 Allow more than one domain in server config lines and
400
make "local" a synonym for "server". This makes things
401
like "local=/localnet/thekelleys.org.uk/" legal. Allow
402
port to specified as part of server address.
404
Allow whole domains to have an IP address specified
405
in /etc/dnsmasq.conf. (/etc/hosts doesn't work domains).
406
address=/doubleclick.net/127.0.0.1 should catch all
407
those nasty banner ads. Inspired by a patch
408
from Daniel Gryniewicz
410
Log the source of each query when logging switched on.
412
Fix bug in script fragment for dhcpcd - thanks to Barry Stewart.
414
Fix bug which meant that strict-order and self-mx were
417
Builds with Linux libc5 now - for the Freesco project.
419
Fixed Makefile installation script (patch from Silvan
420
Minghetti) and added CC and CFLAGS variables.
422
Improve resource allocation to reduce vulnerability to
423
DOS attacks - the old version could have all queries
424
blocked by a continuous high-speed stream of
425
queries. Now some queries will succeed, and the excess
426
will be rejected with a server fail error. This change also
427
protects against server-loops; setting up a resolving
428
loop between two instances of dnsmasq is no longer
429
catastrophic. The servers will continue to run, looped
430
queries fail and a warning is logged. Thanks to C. Lee
431
Taylor for help with this.
433
release 1.13 Added support for building rpms suitable for modern Suse
434
systems. (patch from Andi <cambeis@netplace.de>)
436
Added options --group, --localmx, --local-ttl,
437
--no-negcache, --addn-host.
439
Moved all the various rpm-building bits into /rpm.
441
Fix builds with glibc 2.1 (thanks to Cristian
444
Preserve case in domain names, as per RFC1035.
446
Fixed ANY queries to domains with --address specification.
448
Fixed FreeBSD build. (thanks to Steven Honson)
450
Added -Q option which allows a specified port to be used
451
to talk to upstream servers. Useful for people who want
452
very paranoid firewalls which open individual UDP port.
453
(thanks to David Coe for the patch)
455
release 1.14 Fixed man page description of -b option which confused
456
/etc/hosts with /etc/resolv.conf. (thanks to Christopher
459
Fixed config.h to allow building under MACOS X and glibc
460
2.0.x. (thanks to Matthew Gregan and Serge Caron)
462
Added --except-interface option. (Suggested by Serge Caron)
464
Added SIGUSR2 facility to re-scan for new
465
interfaces. (Suggested by Serge Caron)
467
Fixed SEGV in option-reading code for invalid options.
468
(Thanks to Klaas Teschauer)
470
Fixed man page to clarify effect of SIGUSR1 on
472
(Thanks to Klaas Teschauer)
474
Check that recieved queries have only rfc1035-legal characters
475
in them. This check is mainly to avoid bad strings being
478
Fixed &&/& confusion in option.c and added DESTDIR
479
variable for "make install" (Thanks to Osvaldo
480
Marques for the patch.)
482
Fixed /etc/hosts parsing code to cope with MS-DOS
483
line-ends in the file. This was supposed to be done in
484
version 1.11, but something got missed. (Thanks to Doug
485
Copestake for helping to find this.)
487
Squash repeated name/address pairs read from hosts
490
Tidied up resource handling in util.c (Thanks to
491
Cristian Ionescu-Idbohrn).
493
Added hashed searching of domain names. People are starting
494
to use dnsmasq with larger loads now, and bigger caches,
495
and large lists of ad-block addresses. This means doing
496
linear searches can start to use lots of CPU so I added hashed
497
searching and seriously optimised the cache code for
498
algorithmic efficiency. Also upped the limit on cache
501
Fixed logging of the source of names from the additional
502
hosts file and from the "bogus private address" option.
504
Fixed spurious re-reading of empty lease files. (Thanks
505
to Lewis Baughman for spotting this.)
507
Fixed building under uclibc (patch from Cristian Ionescu-Idbohrn)
509
Do some socket tweaking to allow dnsmasq to co-exist
510
with BIND. Thanks to Stefan 'Sec' Zehl for the patch.
512
release 1.15 Added --bogus-nxdomain option.
514
Restrict checking of resolv.conf and DHCP leases files
515
to once per second. This is intended to improve
516
performance under heavy loads. Also make a system call
517
to get the current time once per query, rather than four
520
Increased number of outstanding queries to 150 in
523
release 1.16 Allow "/" characters in domain names - this fixes
524
caching of RFC 2317 CNAME-PTR records.
526
Fixed brain-fart in -B option when GETOPT_LONG not
527
enabled - thanks to Steven Young and Jason Miller
528
for pointing this out.
530
Generalised bogus-nxdomain code: allow more than one
531
address to check, and deal with replies with multiple
532
answer records. (Based on contribution from Humberto
535
Updated the documentation to include information about
536
bogus-nxdomain and the Verisign tragedy.
538
Added libraries needed on Solaris to Makefile.
540
Added facility to set source address in queries to
541
upstream nameservers. This is useful with multihomed
542
hosts, especially when using VPNs. Thanks to Tom Fanning
543
for suggesting this feature.
545
Tweaked logging: log to facility LOCAL0 when in
546
debug/no-daemon mode and changed level of query logging
547
from INFO to DEBUG. Make log options controllable in
550
release 1.17 Fixed crash with DHCP hostnames > 40 characters.
552
Fixed name-comparision routines to not depend on Locale,
553
in theory this versions since 1.15 could lock up or give
554
wrong results when run with locale != 'C'.
556
Fix potential lockup in cache code. (thanks to Henning
557
Glawe for help chasing this down.)
559
Made lease-file reader bullet-proof.
561
Added -D option, suggested by Peter Fichtner.
563
release 1.18 Added round-robin DNS for names which have more than one
564
address. In this case all the addresses will be
565
returned, as before, but the order will change on each
568
Remove stray tolower() and isalnum() calls missed in
569
last release to complete LOCALE independence.
571
Allow port numbers in source-address specifications.
573
For hostnames without a domain part which don't get
574
forwarded because -D is in effect, return NXDOMAIN not
577
Add code to return the software version in repsonse to the
578
correct magic query in the same way as BIND. Use
579
"dig version.bind chaos txt" to make the query.
581
Added negative caching for PTR (address to name) records.
583
Ensure that names of the form typically used in PTR queries
584
(ie w.x.yz.in-addr.arpa and IPv6 equivalents) get
585
correct answers when queried as other types. It's
586
unlikely that anyone would do this, but the change makes
587
things pedantically correct.
589
Taught dnsmasq to understand "bitstring" names, as these
590
are used for PTR lookups of IPv6 addresses by some
591
resolvers and lookup tools. Dnsmasq now understands both
592
the ip6.int domain and the ip6.arpa domain and both
593
nibble and bitstring formats so it should work with any
594
client code. Standards for this stuff have flip-flopped
595
over the last few years, leaving many different clients
596
in their wake. See RFC2673 for details of bitstrings.
598
Allow '_' characters in domain names: Legal characters
599
are now [a-z][A-Z].-_ Check names read from hosts files
600
and leases files and reject illegal ones with a message
603
Make empty domain names in server and address options
604
have the special meaning "unqualified
605
names". (unqualified names are names without any dots in
606
them). It's now possible to do server=//1.2.3.4 and have
607
unqualified names sent to a special nameserver.
610
Moved source code into src/ directory.
612
Fixes to cure compilation breakage when HAVE_IPV6 not
613
set, thanks to Claas Hilbrecht.
615
BIG CHANGE: added an integrated DHCP server and removed
616
the code to read ISC dhcp.leases. This wins in terms
617
of ease of setup and configuration flexibility and
618
total machine resources consumed.
620
Re-jiged the signal handling code to remove a race
621
condition and to be more portable.
624
Thanks to David Ashworth for feedback which informed many
627
Allow hosts to be specified by client ID in dhcp-hosts
628
options. These are now one of
629
dhcp-host=<hardware addr>,....
630
dhcp-host=id:<hex client id>,.....
631
dhcp-host=id:<ascii client id>,.....
633
Allow dhcp-host options to specify any IP address on the
634
DHCP-served network, not just the range available for
637
Allow dhcp-host options for the same host with different
638
IP adresses where the correct one will be selected for
639
the network the host appears on.
641
Fix parsing of --dhcp-option to allow more than one
642
IP address and to allow text-type options.
644
Inhibit use of --dhcp-option to send hostname DHCP options.
646
Update the DNS with DHCP information after re-reading
647
/etc/hosts so that any DHCP derived names which have been
648
shadowed by now-deleted hosts entries become visible.
650
Fix typos in dnsmasq.conf.example
652
Fixes to Makefile(s) to help pkgsrc packaging - patch
655
Add dhcp-boot option to support network boot.
657
Check for duplicate IP addresses in dhcp-hosts lines
658
and refuse to run if found. If allowed to remain these
659
can provoke an infinite loop in the DHCP protocol.
661
Attempted to rationalise the .spec files for rpm
662
building. There are now files for Redhat, Suse and
663
Mandrake. I hope they work OK.
665
Fixed hard-to-reproduce crash involving use of local
666
domains and IPv6 queries. Thanks to Roy Marples for
667
helping to track that one down.
670
Thanks to Matt Swift and Dag Wieers for many suggestions
671
which went into this release.
673
Tweak include files to allow compilation on FreeBSD 5
675
Fix unaligned access warnings on BSD/Alpha.
677
Allow empty DHCP options, like so: dhpc-option=44
679
Allow single-byte DHCP options like so: dhcp-option=20,1
681
Allow comments on the same line as options in
684
Don't complain when the same name and address is
685
allocated to a host using DHCP and /etc/hosts.
687
Added to the example configuration the dnsmasq equivalent
688
of the ISC dhcpd settings given in
689
http://www.samba.org/samba/ftp/docs/textdocs/DHCP-Server-Configuration.txt
691
Fixed long-existing strangeness in Linux IPv6 interface
692
discovery code. The flags field in /proc/net/if_inet6 is
693
_not_ the interface flags.
695
Fail gracefully when getting an ENODEV error when trying
696
to bind an IPv6 socket, rather than bailing out. Thanks
697
to Jan Ischebeck for feedback on that.
699
Allow the name->address mapping for static DHCP leases to
700
be set by /etc/hosts. It's now possible to have
701
dhcp-host=<mac addr>,wibble
704
and in /etc/hosts have
706
and for the correct thing to happen. Note that some sort
707
of dhcp-host line is still needed, it's not possible for
708
random host to claim an address in /etc/hosts without
709
some explicit configuration.
711
Make 0.0.0.0 in a dhcp-option to mean "the machine
714
Fix lease time spec when specified in dhcp-range and not
715
in dhcp-host, previously this was always one hour.
717
Fix problem with setting domains as "local only". -
718
thanks to Chris Schank.
720
Added support for max message size DHCP option.
723
Fix total lack for DHCP functionality on
724
Linux systems with IPv6 enabled. - thanks to
725
Jonathon Hudson for spotting that.
727
Move default config file under FreeBSD - patch from
731
Fix "install" makefile target. (reported by Rob Stevens)
733
Ensure that "local=/domain/" flag is obeyed for all
734
queries on a domain, not just A and AAAA. (Reported by
737
Handle DHCPDECLINE messages and provide an error message
740
Add "domain" setting example to
741
dnsmasq.conf.example. Thanks to K P Kirchdorfer for
742
spotting that it was missing.
744
Subtle change to the DHCPREQUEST handling code to work
745
around a bug in the DHCP client in HP Jetdirect printers.
746
Thanks to Marko Stolle for finding this problem.
748
Return DHCP T1 and T2 times, with "fuzz" to desychronise lease
749
renewals, as specified in the RFC.
751
Ensure that the END option is always present in DHCP
752
packets , even if the packet is too small to fit all
753
the requested options.
755
Handle larger-than-default DHCP packets if required, up
758
Fix a couple of places where the return code from
759
malloc() was not checked.
761
Cope with a machine taking a DHCP lease and then moving
762
network so that the lease address is no longer valid.
764
The DHCP server will now work via a BOOTP relay - remote
765
networks are configured with the dhcp-range option the
766
same as directly connected ones, but they need an
767
additional netmask parameter. Eg
768
--dhcp-range=192.168.4.10,192.168.4.50,255.255,255.0
769
will enable DHCP service via a BOOTP relay on the
772
Add a limit on the number of available DHCP leases,
773
otherwise the daemon could be DOSed by a malicious
774
host. The default is 150, but it can be changed by the
775
dhcp-lease-max option.
777
Fixed compilation on OpenBSD (thanks to Frederic Brodbeck
780
Reworked the DHCP network handling code for two good
781
effects: (1) The limit of one network only for DHCP on
782
FreeBSD is now gone, (2) The DHCP server copes with
783
dynamically created interfaces. The one-interface
784
limitation remains for OpenBSD, which is missing
785
extensions to the socket API which have been in Linux
786
since version 2.2 and FreeBSD since version 4.8.
788
Reworked the DNS network code to also cope with
789
dynamically created interfaces. dnsmasq will now listen
790
to the wildcard address and port 53 by default, so if no
791
--interface or --address options are given it will handle
792
dynamically created interfaces. The old behaviour can be
793
restored with --bind-interfaces for people running BIND
794
on one interface and dnsmasq on another. Note that
795
--interface and --address options still work, but the
796
filtering is done by dnsmasq, rather then the kernel.
797
This works on Linux, and FreeBSD>=5.0. On systems which
798
don't support the required API extensions, the old
799
behaviour is used, just as if --bind-interfaces had been set.
801
Allow IPv6 support to be disabled at compile time. To do
802
that, add -DNO_IPV6 to the CFLAGS. Thanks to Oleg
803
I. Vdovikin for the suggestion to do that.
805
Add ability to set DHCP options per network. This is done
806
by giving a network an identifier like this:
807
dhcp-range=red-net,192.168.0.10,192.168.0.50
808
and then labeling options intended for that network only
810
dhcp-option=red-net,6,1.1.1.1
811
Thanks to Oleg Vdovikin for arguing that one through.
813
Made errors in the configuration file non-fatal: dnsmasq
814
will now complain bitterly, but continue.
816
Added --read-ethers option, to allow dnsmasq to pull
817
static DHCP information from that file.
818
Thanks to Andi Cambeis for that suggestion.
820
Added HAVE_BROKEN_RTC compilation option to support
821
embedded systems without a stable RTC. Oleg Vdovikin
822
helped work out how to make that work.
825
Fixed inability to start when the lease file doesn't
826
already exist. Thanks to Dag Wieers for reporting that.
828
Fixed problem were dhcp-host configuration options did
829
not play well with entries in /etc/ethers for the same
830
host. Thanks again to Dag Wieers.
832
Tweaked DHCP code to favour moving to a newly-configured
833
static IP address rather than an old lease when doing
836
Added --alias configuration option. This provides IPv4
837
rewrite facilities like Cisco "DNS doctoring". Suggested
840
Fixed bug in /etc/ethers parsing code triggered by tab
841
characters. Qudos to Dag Wieers for hepling to nail that
844
Added "bind-interfaces" option correctly.
847
Made "where are we allocating addresses?" code in DHCP
848
server cope with requests via a relay which is on a
849
directly connected network for which there is not a
850
configured netmask. This strange state of affairs occurs
851
with win4lin. Thanks to Alex Melt and Jim Horner for bug
852
reports and testing with this.
854
Fixed trivial-but-irritating missing #include which broke
857
Force --bind-interfaces if IP-aliased interface
858
specifications are used, since the sockets API provides
859
no other sane way to determine which alias of an
860
interface a packet was sent to. Thanks to Javier Kohen
864
Support Token Ring DHCP. Thanks to Dag Wieers for help
865
testing. Note that Token ring support only works on Linux
868
Fix compilation on MacOS X. Thanks to Bernhard Ehlers for
871
Added new "ignore" keyword for
872
dhcp-host. "dhcp-host=11:22:33:44:55:66,ignore" will
873
cause the DHCP server to ignore any host with the given
874
MAC address, leaving it to other servers on the
875
network. This also works with client-id and hostnames.
876
Suggestion by Alex Melt.
878
Fixed parsing of hex client IDs. Problem spotted by Peter
881
Allow conf-file options in configuration file, to
882
provide an include function.
884
Re-read /etc/ethers on receipt of SIGHUP.
886
Added back the ability to read ISC dhcpd lease files, by
887
popular demand. Note that this is deprecated and for
888
backwards compatibility only. You can get back the 4K of
889
memory that the code occupies by undefining
890
"HAVE_ISC_READER" in src/config.h
892
Added ability to disable "pool" DHCP address allocation
893
whilst leaving static leases working. The syntax is
894
"dhcp-range=192.168.0.0,static"
895
Thanks to Grzegorz Nosek for the suggestion.
897
Generalized dnsmasq-rh.spec file to work on Mandrake too,
898
and removed dnsmasq-mdk.spec. Thanks to Doug Keller.
900
Allow DHCP options which are tied to specific static
901
leases in the same way as to specific networks.
903
Generalised the dhcp-option parser a bit to allow hex
904
strings as parameters. This is now legal:
905
dhcp-option=128,e4:45:74:68:00:00
906
Inspired by a patch from Joel Nordell.
908
Changed the semantics of argument-less dhcp-options for
909
the default-setting ones, ie 1, 3, 6 and 28. Now, doing
910
eg, dhcp-option=3 stops dnsmasq from sending a default
911
router option at all. Thanks to Scott Emmons for pointing
912
out that this is useful.
914
Fixed dnsmasq.conf parsing bug which interpreted port
915
numbers in server= lines as a comment. To start a
916
comment, a '#' character must now be a the start of a
917
line or preceded by whitespace. Thanks to Christian
918
Haggstrom for the bug report.
921
Allow the dhcp-host specification of id:* which makes
922
dnsmasq ignore any client-id. This is useful to ensure
923
that a dual-boot machine sees the same lease when one OS
924
gives a client-id and the other doesn't. It's also useful
925
when PXE boot DHCP does not use client IDs but the OS it boots
926
does. Thanks to Grzegorz Nosek for suggesting this enhancement.
928
No longer assume that ciaddr is zero in received DHCPDISCOVER
929
messages, just for security against broken clients.
931
Set default of siaddr field to the address of the machine running
932
dnsmasq when not explicitly set using dhcp-boot
933
option. This is the ISC dhcpd behaviour.
935
Send T1 and T2 options in DHCPOFFER packets. This is required
936
by the DHCP client in some JetDirect printers. Thanks
937
to Paul Mattal for work on this.
939
Fixed bug with DHCP on OpenBSD reported by Dominique Jacquel.
940
The code which added loopback interfaces to the list
941
was confusing the DHCP code, which expected one interface only.
942
Solved by adding loopback interfaces to address list instead.
944
Add dhcp-vendorclass option to allow options to be sent only
945
to certain classes of clients.
947
Tweaked option search code so that if a netid-qualified
948
option is used, any unqualified option is ignored.
950
Changed the method of picking new dynamic IP
951
addresses. This used to use the next consecutive
952
address as long it was free, now it uses a hash
953
from the client hardware address. This reduces the amount
954
of address movement for clients which let their lease
955
expire and allows consecutive DHCPOFFERS to the same host
956
to (almost always) be for the same address, without
957
storing state before a lease is granted.
959
Tweaked option handling code to return all possible
960
options rather than none when DHCP "requested options"
961
field is missing. This fixes interoperability with
962
ancient IBM LANMAN DHCP clients. Thanks to Jim Louvau for
966
Pad DHCP packets to a minimum size of 300 bytes. This
967
fixes interoperability problems with the Linux in-kernel
968
DHCP/BOOTP client. Thanks to Richard Musil for
969
diagnosing this and supplying a patch.
971
Fixed option-parsing bug and potential memory leak. Patch
974
Improved vendor class configuration and added user class
975
configuration. Specifically: (1) options are matched on
976
the netids from dhcp-range, dhcp-host, vendor class and
977
user class(es). Multiple net-ids are allowed and options
978
are searched on them all. (2) matches agains vendor class
979
and user class are now on a substring, if the given
980
string is a substring of the vendor/user class, then a
981
match occurs. Thanks again to Richard Musil for prompting
984
Make "#" match any domain on --address and --server
985
flags. --address=/#/1.2.3.4 will return 1.2.3.4 for _any_
986
domain not otherwise matched. Of course
987
--server=/#/1.2.3.4 is exactly equivalent to
988
--server=1.2.3.4. Special request from Josh Howlett.
990
Fixed a nasty bug which would cause dnsmasq to lose track
991
of leases for hosts which had a --dhcp-host flag without
992
a name specification. The mechanism for this was that
993
the hostname could get erroneously set as a zero-length
994
string and then written to the leases file as a
995
mal-formed line. Restarting dnsmasq would then lose the lease.
996
Alex Hermann's work helped chase down this problem.
998
Add checks against DHCP clients which return zero-length
999
hostnames. This avoids the potential lease-loss problems
1000
reffered to above. Also, if a client sends a hostname when
1001
it creates a lease but subsequently sends no or a
1002
zero-length hostname whilst renewing, continue to use the
1003
existing hostname, don't wipe it out.
1005
Tweaked option parsing to flag some parameter errors.
1008
Fixed interface filter code for two effects: 1) Fixed bug
1009
where queries sent via loopback interface
1010
but to the address of another interface were ignored
1011
unless the loopback interface was explicitly configured.
1012
2) on OpenBSD failure to configure one interface now
1013
causes a fatal error on startup rather than an huge
1014
stream of log messages. Thanks to Erik Jan Tromp for
1017
Changed server selection strategy to improve performance
1018
when there are many available servers and some are
1019
broken. The new algorithm is to pick as before for the
1020
first try, but if a query is retried, to send to all
1021
available servers in parallel. The first one to reply
1022
then becomes prefered for the next query. This should
1023
improve reliability without generating significant extra
1026
Fixed breakage of special servers/addresses for
1027
unqualified domains introduced in version 2.8
1029
Allow fallback to "bind-interfaces" at runtime: Some
1030
verions of *BSD seem to have enough stuff in the header
1031
files to build but no kernel support. Also now log if
1032
"bind-interfaces" is forced on.
1034
Log replies from upstream servers which refuse to do
1035
recursion - dnsmasq is not a recursive nameserver and
1036
relies on upstream servers to do the recursion, this
1037
flags a configuration error.
1039
Disable client-id matching for hosts whose MAC address is
1040
read from /etc/ethers. Patch from Oleg I. Vdovikin.
1042
Extended --mx-host flag to allow arbitrary targets for MX
1043
records, suggested by Moritz Bunkus.
1045
Fixed build under NetBSD 2.0 - thanks to Felix Deichmann
1048
Deal correctly with repeated addresses in /etc/hosts. The
1049
first name found is now returned for reverse lookups,
1050
rather than all of them.
1052
Add back fatal errors when nonexistant
1053
interfaces or interface addresses are given but only in
1054
"bind-interfaces" mode. Principle of least surprise applies.
1056
Allow # as the argument to --domain, meaning "read the
1057
domain from the first search directive in
1058
/etc.resolv.conf". Feature suggested by Evan Jones.
1061
Allow --query-port to be set to a low port by creating and
1062
binding the socket before dropping root. (Suggestion from
1065
Support TCP queries. It turned out to be possible to do
1066
this with a couple of hundred lines of code, once I knew
1067
how. The executable size went up by a few K on i386.
1068
There are a few limitations: data obtained via TCP is not
1069
cached, and dynamically-created interfaces may break under
1070
certain circumstances. Source-address or query-port
1071
specifications are ignored for TCP.
1073
NAK attempts to renew a DHCP lease where the DHCP range
1074
has changed and the lease is no longer in the allowed
1075
range. Jamie Lokier pointed out this bug.
1077
NAK attempts to renew a pool DHCP lease when a statically
1078
allocated address has become available, forcing a host to
1079
move to it's allocated address. Lots of people have
1080
suggested this change and been rebuffed (they know who
1081
they are) the straws that broke the camel's back were Tim
1082
Cutts and Jamie Lokier.
1084
Remove any nameserver records from answers which are
1085
modified by --alias flags. If the answer is modified, it
1086
cannot any longer be authoritative.
1088
Change behaviour of "bogus-priv" option to return NXDOMAIN
1089
rather than a PTR record with the dotted-quad address as
1090
name. The new behaviour doesn't provoke tcpwrappers like
1091
the old behavior did.
1093
Added a patch for the Suse rpm. That changes the default
1094
group to one suitable for Suse and disables inclusion of
1095
the ISC lease-file reader code. Thanks to Andy Cambeis for
1096
his ongoing work on Suse packaging.
1098
Support forwarding of EDNS.0 The maximum UDP packet size
1099
defaults to 1280, but may be changed with the
1100
--edns-packet-max option. Detect queries with the do bit
1101
set and always forward them, since DNSSEC records are
1102
not cached. This behaviour is required to make
1103
DNSSECbis work properly though dnsmasq. Thanks to Simon
1104
Josefsson for help with this.
1106
Move default config file location under OpenBSD from
1107
/usr/local/etc/dnsmasq.conf to /etc/dnsmasq.conf. Bug
1108
report from Jonathan Weiss.
1110
Use a lease with matching MAC address for a host which
1111
doesn't present a client-id, even if there was a client ID
1112
at some point in the past. This reduces surprises when
1113
changing DHCP clients, adding id:* to a host, and from the
1114
semantics change of /etc/ethers in 2.9. Thanks to Bernard
1115
Sammer for finding that.
1117
Added a "contrib" directory and in it the dnslist utility,
1120
Fixed "fail to start up" problems under Linux with IPv6
1121
enabled. It's not clear that these were an issue in
1122
released versions, but they manifested themselves when TCP
1123
support was added. Thanks to Michael Hamilton for
1124
assistance with this.
1127
Fixed DHCP problem which could result in two leases in the
1128
database with the same address. This looked much more
1129
alarming then it was, since it could only happen when a
1130
machine changes MAC address but kept the same name. The
1131
old lease would persist until it timed out but things
1132
would still work OK.
1134
Check that IP addresses in all dhcp-host directives are
1135
unique and die horribly if they are not, since otherwise
1136
endless protocol loops can occur.
1138
Use IPV6_RECVPKTINFO as socket option rather than
1139
IPV6_PKTINFO where available. This keeps late-model FreeBSD
1142
Set source interface when replying to IPv6 UDP
1143
queries. This is needed to cope with link-local addresses.
1146
Added extra checks to ensure that DHCP created DNS entries
1147
cannot generate multiple DNS address->name entries. Thanks to
1148
Stefan Monnier for finding the exact set of configuration
1149
options which could create this.
1151
Don't set the the filterwin2k option in the example config
1152
file and add warnings that is breaks Kerberos. Thanks to
1153
Simon Josefsson and Timothy Folks for pointing that out.
1155
Log types of incoming queries as well as source and domain.
1157
Log NODATA replies generated as a result of the
1161
Fixed crash with un-named DHCP hosts introduced in 2.12.
1162
Thanks to Nicolo Wojewoda and Gregory Gathy for bug reports.
1165
Fix DHCP network detection for hosts which talk via a
1166
relay. This makes lease renewal for such hosts work
1169
Support RFC3011 subnet selectors in the DHCP server.
1171
Fix DHCP code to generate RFC-compliant responses
1172
to hosts in the INIT-REBOOT state.
1174
In the DHCP server, set the receive buffer size on
1175
the transmit-only packet socket to zero, to avoid
1176
waste of kernel buffers.
1178
Fix DHCP address allocation code to use the whole of
1179
the DHCP range, including the start and end addresses.
1181
Attempt an ICMP "ping" on new addresses before allocating
1182
them to leases, to avoid allocating addresses which are in use.
1184
Handle rfc951 BOOTP as well as DHCP for hosts which have
1185
MAC address to IP address mapping defined.
1187
Fix compilation under MacOS X. Thanks to Chris Tomlinson.
1189
Fix compilation under NetBSD. Thanks to Felix Deichmann.
1191
Added "keep-in-foreground" option. Thanks to Sean
1192
MacLennan for the patch.
1195
Fixed NXDOMAIN/NODATA confusion for locally known
1196
names. We now return a NODATA reponse for names which are
1197
locally known. Now a query for (eg AAAA or MX) for a name
1198
with an IPv4 address in /etc/hosts which fails upstream
1199
will generate a NODATA response. Note that the query
1200
is still tried upstream, but a NXDOMAIN reply gets
1201
converted to NODATA. Thanks to Eric de Thouars, Eric
1202
Spakman and Mike Mestnik for bug reports/testing.
1204
Allow multiple dhcp-ranges within the same network. The
1205
original intention was that there would be a dhcp-range
1206
option for each network served, but there's no real reason
1207
not to allow discontinuous ranges within a network so this
1208
release adds support for that.
1210
Check for dhcp-ranges which are inconsistent with their
1211
netmask, and generate errors or warnings.
1213
Improve error messages when there are problems with
1217
Fixed typo in OpenBSD-only code which stopped compilation
1218
under that OS. Chris Weinhaupl gets credit for reporting
1221
Added dhcp-authoritative option which restores non-RFC
1222
compliant but desirable behaviour of pre-2.14 versions and
1223
avoids long timeouts while DHCP clients try to renew leases
1224
which are unknown to dnsmasq. Thanks to John Mastwijk for
1227
Added support to the DHCP option code to allow RFC-3397
1228
domain search DHCP option (119) to be sent.
1230
Set NONBLOCK on all listening sockets to workaround non-POSIX
1231
compliance in Linux 2.4 and 2.6. This fixes rare hangs which
1232
occured when corrupted packets were received. Thanks to
1233
Joris van Rantwijk for chasing that down.
1235
Updated config.h for NetBSD. Thanks to Martin Lambers.
1237
Do a better job of distinguishing between retransmissions
1238
and new queries when forwarding. This fixes a bug
1239
triggered by the polipo web cache which sends A and AAAA
1240
queries both with the same transaction-ID. Thanks to
1241
Joachim Berdal Haga and Juliusz Chroboczek for help with this.
1243
Rewrote cache code to store CNAMES, rather then chasing
1244
them before storage. This eliminates bad situations when
1245
clients get inconsistent views depending on if data comes
1248
Allow for more than one --addn-hosts flag.
1250
Clarify logged message when a DHCP lease clashes with an
1251
/etc/hosts entry. Thanks to Mat Swift for the suggestion.
1253
Added dynamic-dnsmasq from Peter Willis to the contrib
1257
Correctly deduce the size of numeric dhcp-options, rather
1258
than making wild guesses. Also cope with negative values.
1260
Fixed use of C library reserved symbol "index" which broke
1261
under certain combinations of library and compiler.
1263
Make bind-interfaces work for IPv6 interfaces too.
1265
Warn if an interface is given for listening which doesn't
1266
currently exist when not in bind-interfaces mode. (This is
1267
already a fatal error when bind-interfaces is set.)
1269
Allow the --interface and --except-interface options to
1270
take a comma-separated list of interfaces.
1272
Tweak --dhcp-userclass matching code to work with the
1273
ISC dhclient which violates RFC3004 unless its
1274
configuration is very warped. Thanks to Cedric Duval for
1277
Allow more than one network-id tag in a dhcp-option. All
1278
the tags must match to enable the option.
1280
Added dhcp-ignore option to disable classes of hosts based
1281
on network-id tags. Also allow BOOTP options to be
1282
controlled by network tags.
1284
Fill in sname, file and siaddr fields in replies to
1285
DHCPINFORM messages.
1287
Don't send NAK replies to DHCPREQUEST packets for disabled
1288
clients. Credit to Cedric Duval for spotting this.
1290
Fix rare crash associated with long DNS names and CNAME
1291
records. Thanks to Holger Hoffstatte and especially Steve
1292
Grecni for help chasing that one down.
1295
Reworked the Linux interface discovery code (again) to
1296
cope with interfaces which have only IPv6 addresses and
1297
interfaces with more than one IPv6 address. Thanks to
1298
Martin Pels for help with that.
1300
Fix problems which occured when more than one dhcp-range
1301
was specified in the same subnet: sometimes parameters
1302
(lease time, network-id tag) from the wrong one would be
1303
used. Thanks to Rory Campbell-Lange for the bug report.
1305
Reset cache statistics when clearing the cache.
1307
Enable long command line options on FreeBSD when the
1308
C library supports them.
1311
Tweaked the Linux-only interface discovery code to cope
1312
with interface-indexes larger than 8 bits in
1313
/proc/net/if_inet6. This only affects Linux, obviously.
1314
Thanks to Richard Atterer for the bug report.
1316
Check for under-length option fields in DHCP packets, a
1317
zero length client-id, in particluar, could seriously
1318
confuse dnsmasq 'till now. Thanks to Will Murname for help
1321
If a DHCP-allocated address has an associated name in
1322
/etc/hosts, and the client does not provide a hostname
1323
parameter and there is no hostname in a matching dhcp-host
1324
option, send the /etc/hosts name as the hostname in
1325
the DHCP lease. Thanks to Will Murname for the suggestion.
1328
Allow more than one instance of dnsmasq to run on a
1329
machine, each providing DHCP service on a different
1330
interface, provided that --bind-interfaces is set. This
1331
configuration used to work, but regressed in version 2.14
1333
Fix compilation on Mac OS X. Thanks to Kevin Bullock.
1335
Protect against overlong names and overlong
1336
labels in configuration and from DHCP.
1338
Fix interesting corner case in CNAME handling. This occurs
1339
when a CNAME has a target which "shadowed" by a name in
1340
/etc/hosts or from DHCP. Resolving the CNAME would sneak
1341
the upstream value of the CNAME's target into the cache,
1342
alongside the local value. Now that doesn't happen, though
1343
resolving the CNAME still gives the unshadowed value. This
1344
is arguably wrong but rather difficult to fix. The main
1345
thing is to avoid getting strange results for the target
1346
due to the cache pollution when resolving the
1347
CNAME. Thanks to Pierre Habouzit for exploring the corner
1348
and submitting a very clear bug report.
1350
Fix subtle bug in the DNS packet parsing code. It's almost
1351
impossible to describe this succinctly, but the one known
1352
manifestation is the inability to cache the A record for
1353
www.apple.com. Thanks to Bob Alexander for spotting that.
1355
Support SRV records. Thanks to Robert Kean for the patches
1358
Fixed sign confusion in the vendor-id matching code which
1359
could cause crashes sometimes. (Credit to Mark Wiater for
1362
Added the ability to match the netid tag in a
1363
dhcp-range. Combined with the ability to have multiple
1364
ranges in a single subnet, this provides a means to
1365
segregate hosts on different address ranges based on
1366
vendorclass or userclass. Thanks to Mark Wiater for
1367
prompting this enhancement.
1369
Added preference values for MX records.
1371
Added the --localise-queries option.
1374
Improve handling of SERVFAIL and REFUSED errors. Receiving
1375
these now initiates search for a new good server, and a
1376
server which returns them is not a candidate as a good
1377
server. Thanks to Istvan Varadi for pointing out the
1380
Tweak the time code in BROKEN_RTC mode.
1382
Sanity check lease times in dhcp-range and dhcp-host
1383
configurations and force them to be at least two minutes
1384
(120s) leases shorter than a minute confuse some clients,
1385
notably Apple MacOS X. Rory Campbell-Lange found this
1388
Only warn once about an upstream server which is refusing to do
1391
Fix DHCP address allocation problem when netid tags are in
1392
use. Thanks to Will Murnane for the bug report and
1395
Add an additional data section to the reply for MX and SRV
1396
queries. Add support for DNS TXT records. Thanks to Robert
1397
Kean and John Hampton for prompts and testing of these.
1399
Apply address rewriting to records in the additional data section
1400
of DNS packets. This makes things like MX records work
1401
with the alias function. Thanks to Chad Skeeters for
1402
pointing out the need for this.
1404
Added support for quoted strings in config file.
1406
Detect and defeat cache-poisoning attacks which attempt to
1407
send (malicious) answers to questions we didn't
1408
send. These are ignored now even if the attacker manages
1409
to guess a random query-id.
1411
Provide DHCP support for interfaces with multiple IP
1412
addresses or aliases. This in only enabled under Linux.
1413
See the FAQ entry for details.
1415
Revisit the MAC-address and client-id matching code to
1416
provide saner behaviour with PXE boots, where some
1417
requests have a client-id and some don't.
1419
Fixed off-by-one buffer overflow in lease file reading
1420
code. Thanks to Rob Holland for the bug report.
1422
Added wildcard matching for MAC addresses in dhcp-host
1423
options. A sensible suggestion by Nathaniel McCallum.
1426
Fixed build problems on (many) systems with older libc
1427
headers where <linux/types.h> is required before
1428
<linux/netlink.h>. Enabled HAVE_RTNETLINK under uclibc now
1429
that this fix is in place.
1431
Added support for encapsulated vendor-class-specific DHCP
1432
options. Thanks to Eric Shattow for help with this.
1434
Fix regression in 2.21 which broke commas in filenames and
1435
corrupted argv. Thanks to Eric Scott for the bugreport.
1437
Fixed stupid thinko which caused dnsmasq to wedge during
1438
startup with certain MX-record options. Another 2.21 regression.
1440
Fixed broken-ness when reading /etc/ethers. 2.21 broke
1443
Fixed wedge with certain DHCP options. Yet another 2.21
1444
regression. Rob Holland and Roy Marples chased this one