2036
2036
performance should be better. Thanks to "koko" for
2037
2037
pointing out the problem.
2040
Added --dhcp-ignore-names flag which tells dnsmasq not to
2041
use names provided by DHCP clients. Suggestion from
2042
Thomas M Steenholdt.
2044
Send netmask and broadcast address DHCP options always,
2045
even if the client doesn't request them. This makes a few
2046
odd clients work better.
2048
Added simple TFTP function, optimised for net-boot. It is
2049
now possible to net boot hosts using only dnsmasq. The
2050
TFTP server is read-only, binary-mode only, and designed to be
2051
secure; it adds about 4K to the dnsmasq binary.
2053
Support DHCP option 120, SIP servers, (RFC 3361). Both
2054
encodings are supported, so both --dhcp-option=120,192.168.2.3
2055
and --dhcp-option=120,sip.example.net will work. Brian
2056
Candler pointed out the need for this.
2058
Allow spaces in domain names, to support DNS-SD.
2060
Add --ptr-record flag, again for DNS-SD. Thanks to Stephan
2061
Sokolow for the suggestion.
2063
Tolerate leading space on lines in the config file. Thanks
2064
to Luigi Rizzo for pointing this out.
2066
Fixed netlink.c to cope with headers from the Linux 2.6.19
2067
kernel. Thanks to Philip Wall for the bug report.
2069
Added --dhcp-bridge option, but only to the FreeBSD
2070
build. This fixes an oddity with a a particular bridged
2071
network configuration on FreeBSD. Thanks to Luigi Rizzo
2074
Added FAQ entry about running dnsmasq in a Linux
2075
vserver. Thanks to Gildas le Nadan for the information.
2077
Fixed problem with option parsing which interpreted "/" as
2078
an address and not a string. Thanks to Luigi Rizzo
2081
Ignore the --domain-needed flag when forwarding NS
2082
and SOA queries, since NS queries of TLDs are always legit.
2083
Marcus Better pointed out this problem.
2085
Take care to forward signed DNS requests bit-perfect, so
2086
as not to affect the validity of the signature. This
2087
should allow DDNS updates to be forwarded.
2090
Add better support for RFC-2855 DHCP-over-firewire and RFC
2091
-4390 DHCP-over-InfiniBand. A good suggestion from Karl Svec.
2093
Some efficiency tweaks to the cache code for very large
2094
/etc/hosts files. Should improve reverse (address->name)
2095
lookups and garbage collection. Thanks to Jan 'RedBully'
2096
Seiffert for input on this.
2098
Fix regression in 2.36 which made bogus-nxdomain
2099
and DNS caching unreliable. Thanks to Dennis DeDonatis
2100
and Jan Seiffert for bug reports.
2102
Make DHCP encapsulated vendor-class options sane. Be
2103
warned that some conceivable existing configurations
2104
using these may break, but they work in a much
2105
simpler and more logical way now. Prepending
2106
"vendor:<client-id>" to an option encapsulates it
2107
in option 43, and the option is sent only if the
2108
client-supplied vendor-class substring-matches with
2109
the given client-id. Thanks to Dennis DeDonatis for
2112
Apply patch from Jan Seiffert to tidy up tftp.c
2114
Add support for overloading the filename and servername
2115
fields in DHCP packet. This gives extra option-space when
2116
these fields are not being used or with a modern client
2117
which supports moving them into options.
2119
Added a LIMITS section to the man-page, with guidance on
2120
maximum numbers of clients, file sizes and tuning.
2123
Fix compilation on *BSD. Thanks to Tom Hensel.
2125
Don't send length zero DHCP option 43 and cope with
2126
encapsulated options whose total length exceeds 255 octets
2127
by splitting them into multiple option 43 pieces.
2129
Avoid queries being retried forever when --strict-order is
2130
set and an upstream server returns a SERVFAIL
2131
error. Thanks to Johannes Stezenbach for spotting this.
2133
Fix BOOTP support, broken in version 2.37.
2135
Add example dhcp-options for Etherboot.
2137
Add \e (for ASCII ESCape) to the set of valid escapes
2138
in config-file strings.
2140
Added --dhcp-option-force flag and examples in the
2141
configuration file which use this to control PXELinux.
2143
Added --tftp-no-blocksize option.
2145
Set netid tag "bootp" when BOOTP (rather than DHCP) is in
2146
use. This makes it easy to customise which options are
2147
sent to BOOTP clients. (BOOTP allows only 64 octets for
2148
options, so it can be necessary to trim things.)
2150
Fix rare hang in cache code, a 2.37 regression. This
2151
probably needs an infinite DHCP lease and some bad luck to
2152
trigger. Thanks to Detlef Reichelt for bug reports and testing.
2155
Apply patch from Mike Baker/OpenWRT to ensure that names
2156
like "localhost." in /etc/hosts with trailing period
2157
are treated as fully-qualified.
2159
Tolerate and ignore spaces around commas in the
2160
configuration file in all circumstances. Note that this
2161
may change the meaning of a few existing config files, for
2163
txt-record=mydomain.com, string
2164
would have a leading space in the string before, and now
2165
will not. To get the old behaviour back, use quotes:
2166
txt-record=mydomain.com," string"
2168
/a is no longer a valid escape in quoted strings.
2170
Added symbolic DHCP option names. Instead of
2171
dhcp-option = 3, 1.2.3.4
2172
it is now possible to do
2173
dhcp-option = option:router, 1.2.3.4
2174
To see the list of known DHCP options, use the
2175
command "dnsmasq --help dhcp"
2176
Thanks to Luigi Rizzo for a patch and good work on this.
2178
Overhauled the log code so that logging can be asynchronous;
2179
dnsmasq then no longer blocks waiting for the syslog() library
2180
call. This is important on systems where syslog
2181
is being used to log over the network (and therefore doing
2182
DNS lookups) and syslog is using dnsmasq as its DNS
2183
server. Having dnsmasq block awaiting syslog under
2184
such circumstances can lead to syslog and dnsmasq
2185
deadlocking. The new behaviour is enabled with a new
2186
--log-async flag, which can also be used to tune the
2187
queue length. Paul Chambers found and diagnosed
2188
this trap for the unwary. He also did much testing of
2189
the solution along with Carlos Carvalho.
2191
--log-facility can now take a file-name instead of a
2192
facility name. When this is done, dnsmasq logs to the
2193
file and not via syslog. (Failures early in startup,
2194
whilst reading configuration, will still go to syslog,
2195
and syslog is used as a log-of-last-resort if the file
2198
Added --log-dhcp flag. Suggestion from Carlos Carvalho.
2200
Made BINDIR, MANDIR and LOCALEDIR independently
2201
over-rideable in the makefile. Suggestion from Thomas
2204
Added 127.0.0.0/8 and 169.254.0.0/16 to the address
2205
ranges affected by --bogus-priv. Thanks to Paul
2206
Chambers for the patch.
2208
Fixed failure of TFTP server with --listen-address. Thanks
2209
to William Dinkel for the bug report.
2211
Added --dhcp-circuitid and --dhcp-remoteid for RFC3046
2212
relay agent data matching.
2214
Added --dhcp-subscrid for RFC3993 subscriber-id relay
2215
agent data matching.
2217
Correctly garbage-collect connections when upstream
2218
servers go away as a result of DBus transactions.
2220
Allow absolute paths for TFTP transfers even when
2221
--tftp-root is set, as long as the path matches the root,
2222
so /var/ftp/myfile is OK with tftp-root=/var/ftp.
2223
Thanks for Thomas Mizzi for the patch.
2225
Updated Spanish translation - thanks to Chris Chatham.
2227
Updated French translation - thanks to Gildas Le Nadan.
2229
Added to example conf file example of routing PTR queries
2230
for a subnet to a different nameserver. Suggestion from
2233
Added --interface-name option. This provides a facility
2234
to add a domain name with a dynamic IP address taken from
2235
the address of a local network interface. Useful for
2236
networks with dynamic IPs.
2239
Make SIGUSR2 close-and-reopen the logfile when logging
2240
direct to a file. Thanks to Carlos Carvalho for
2241
suggesting this. When a logfile is created, change
2242
its ownership to the user dnsmasq will run as, don't
2243
leave it owned by root.
2245
Set a special tag, "known" for hosts which are matched by
2246
a dhcp-host or /etc/ethers line. This is especially
2247
useful to be able to do --dhcp-ignore=#known, like ISCs
2248
"deny unknown-clients".
2250
Explicitly set a umask before creating the leases file,
2251
rather than relying on whatever we inherited. The
2252
permissions are set to 644.
2254
Fix handling of fully-qualified names in --dhcp-host
2255
directives and in /etc/ethers. These are now rejected
2256
if the domain doesn't match that given by --domain,
2257
and used correctly otherwise. Before, putting
2258
a FQDN here could cause the whole FQDN to be used as
2259
hostname. Thanks to Michael Heimpold for the bug report.
2261
Massive but trivial edit to make the "daemon" variable
2262
global, instead of copying the same value around as the
2263
first argument to half the functions in the program.
2265
Updated Spanish manpage and message catalog. Thanks
2268
Added patch for support of DNS LOC records in
2269
contrib/dns-loc. Thanks to Lorenz Schori.
2271
Fixed error in manpage: dhcp-ignore-name ->
2272
dhcp-ignore-names. Thanks to Daniel Mentz for spotting
2275
Use client-id as hash-seed for DHCP address allocation
2276
with Firewire and Infiniband, as these don't supply an MAC
2279
Tweaked TFTP file-open code to make it behave sensibly
2280
when the filesystem changes under its feet.
2282
Added DNSMASQ_TIME_REMAINING environment variable to the
2285
Always send replies to DHCPINFORM requests to the source
2286
of the request and not to the address in ciaddr. This
2287
allows third-party queries.
2289
Return "lease time remaining" in the reply to a DHCPINFORM
2290
request if there exists a lease for the host sending the
2293
Added --dhcp-hostsfile option. This gives a superset of
2294
the functionality provided by /etc/ethers. Thanks to
2295
Greg Kurtzer for the suggestion.
2297
Accept keyword "server" as a synonym for "nameserver" in
2298
resolv.conf. Thanks to Andrew Bartlett for the report.
2300
Add --tftp-unique-root option. Suggestion from Dermot
2303
Tweak TFTP retry timer to avoid problems with difficult
2304
clients. Thanks to Dermot Bradley for assistance with
2307
Continue to use unqualified hostnames provided by DHCP
2308
clients, even if the domain part is illegal. (The domain
2309
is ignored, and an error logged.) Previously in this
2310
situation, the whole name whould have been
2311
rejected. Thanks to Jima for the patch.
2313
Handle EINTR returns from wait() correctly and reap
2314
our children's children if necessary. This fixes
2315
a problem with zombie-creation under *BSD when using
2318
Escape spaces in hostnames when they are stored in the
2319
leases file and passed to the lease-change
2320
script. Suggestion from Ben Voigt.
2322
Re-run the lease chamge script with an "old" event for
2323
each lease when dnsmasq receives a SIGHUP.
2325
Added more useful exit codes, including passing on a
2326
non-zero exit code from the lease-script "init" call when
2327
--leasefile-ro is set.
2329
Log memory allocation failure whilst the daemon is
2330
running. Allocation failures during startup are fatal,
2331
but lack of memory whilst running is worked around.
2332
This used to be silent, but now is logged.
2334
Fixed misaligned memory access which caused problems on
2335
Blackfin CPUs. Thanks to Alex Landau for the patch.
2337
Don't include (useless) script-calling code when NO_FORK
2338
is set. Since this tends to be used on very small uclinux
2339
systems, it's worth-while to save some code-size.
2341
Don't set REUSEADDR on TFTP listening socket. There's no
2342
need to do so, and it creates confusing behaviour when
2343
inetd is also listening on the same port. Thanks to Erik
2344
Brown for spotting the problem.
2347
Remove deprecated calls when compiled against libdbus 1.1.
2349
Fix "strict-alias" warning in bpf.c
2351
Reduce dependency on Gnu-make in build system: dnsmasq now
2352
builds with system make under OpenBSD.
2354
Port to Solaris. Dnsmasq 1.x used to run under Solaris,
2355
and this release does so again, for Solaris 9 or better.
2357
Allow the DNS function to be completely disabled, by
2358
setting the port to zero "--port=0". The allows dnsmasq to
2359
be used as a simple DHCP server, simple TFTP server, or
2360
both, but without the DNS server getting in the way.
2362
Fix a bug where NXDOMAIN could be returned for a query
2363
even if the name's value was known for a different query
2364
type. This bug could be prodded with
2365
--local=/domain/ --address=/name.domain/1.2.3.4
2366
An IPv6 query for name.domain would return NXDOMAIN, and
2367
not the correct NOERROR. Thanks to Lars Nooden for
2368
spotting the bug and Jima for diagnosis of the problem.
2370
Added per-server stats to the information logged when
2371
dnsmasq gets SIGUSR1.
2373
Added counts of queries forwarded and queries answered
2374
locally (from the cache, /etc/hosts or config).
2376
Fixed possible crash bug in DBus IPv6 code. Thanks to Matt
2379
Tighten checks for clashes between hosts-file and
2380
DHCP-derived names. Multiple addresses associated with a
2381
name in hosts-file no longer confuses the check.
2383
Add --dhcp-no-override option to fix problems with some
2384
combinations of stage zero and stage one
2385
bootloaders. Thanks to Steve Alexander for the bug report.
2387
Add --tftp-port-range option. Thanks to Daniel Mierswa for
2390
Add --stop-dns-rebind option. Thanks to Collin Mulliner
2393
Added GPL version 3 as a license option.
2395
Added --all-servers option. Thanks to Peter Naulls for the
2398
Extend source address mechanism so that the interface used
2399
to contact an upstream DNS server can be nailed
2400
down. Something like "--server=1.2.3.4@eth1" will force
2401
the use of eth1 for traffic to DNS-server 1.2.3.4. This
2402
facility is only available on Linux and Solaris. Thanks to
2403
Peter Naulls for prompting this.
2405
Add --dhcp-optsfile option. Thanks to Carlos Carvalho for
2408
Fixed failure to set source address for server connections
2409
when using TCP. Thanks to Simon Capper for finding this
2412
Refuse to give a DHCP client the address it asks for if
2413
the address range in question is not available to that
2414
particular host. Thanks to Cedric Duval for the bug
2417
Changed behavior of DHCP server to always return total length of
2418
a new lease in DHCPOFFER, even if an existing lease
2419
exists. (It used to return the time remaining on the lease
2420
whne one existed.) This fixes problems with the Sony Ericsson
2421
K610i phone. Thanks to Hakon Stordahl for finding and
2424
Add DNSMASQ_INTERFACE to the environment of the
2425
lease-change script. Thanks to Nikos Mavrogiannopoulos for
2428
Fixed broken --alias functionality. Thanks to Michael
2429
Meelis for the bug report.
2431
Added French translation of the man page. Thank to Gildas
2434
Add --dhcp-match flag, to check for arbitrary options in
2435
DHCP messages from clients. This enables use of dnsmasq
2436
with gPXE. Thanks to Rance Hall for the suggestion.
2438
Added --dhcp-broadcast, to force broadcast replies to DHCP
2439
clients which need them but are too dumb or too old to
2440
ask. Thanks to Bodo Bellut for the suggestion.
2442
Disable path-MTU discovery on DHCP and TFTP sockets. This
2443
is never needed, and the presence of DF flags in the IP
2444
header confuses some broken PXE ROMS. Thanks again to Bodo
2445
Bellut for spotting this.
2447
Fix problems with addresses which have multiple PTR
2448
records - all but one of these could get lost.
2450
Fix bug with --address and ANY query type seeing REFUSED
2451
return code in replies. Thanks to Mike Wright for spotting
2454
Update Spanish translation. Thanks to Chris Chatham.
2456
Add --neg-ttl option.
2458
Add warnings about the bad effects of --filterwin2k on
2459
SIP, XMPP and Google-talk to the example config file.
2461
Fix va_list abuse in log.c. This fixes crashes on powerpc
2462
when debug mode is set. Thanks to Cedric Duval for the
2466
Define _GNU_SOURCE to avoid problems with later glibc
2467
headers. Thanks to Jima for spotting the problem.
2469
Add --dhcp-alternate-port option. Thanks to Jan Psota for
2472
Fix typo in code which is only used on BSD, when Dbus and
2473
IPv6 support is enabled. Thanks to Roy Marples.
2475
Updated Polish translations - thank to Jan Psota.
2477
Fix OS detection logic to cope with GNU/FreeBSD.
2479
Fix unitialised variable in DBus code - thanks to Roy
2482
Fix network enumeration code to work on later NetBSD -
2483
thanks to Roy Marples.
2485
Provide --dhcp-bridge on all BSD variants.
2487
Define _LARGEFILE_SOURCE which removes an arbitrary 2GB
2488
limit on logfiles. Thanks to Paul Chambers for spotting
2491
Fix RFC3046 agent-id echo code, broken for many
2492
releases. Thanks to Jeremy Laine for spotting the problem
2493
and providing a patch.
2495
Added Solaris 10 service manifest from David Connelly in
2498
Add --dhcp-scriptuser option.
2500
Support new capability interface on suitable Linux
2501
kernels, removes "legacy support in use" messages. Thanks
2502
to Jorge Bastos for pointing this out.
2504
Fix subtle bug in cache code which could cause dnsmasq to
2505
lock spinning CPU in rare circumstances. Thanks to Alex
2506
Chekholko for bug reports and help debugging.
2508
Support netascii transfer mode for TFTP.
2512
Updated Polish translation. Thanks to Jan Psota.
2514
Flag errors when configuration options are repeated
2517
Further tweaks for GNU/kFreeBSD
2519
Add --no-wrap to msgmerge call - provides nicer .po file
2522
Honour lease-time spec in dhcp-host lines even for
2523
BOOTP. The user is assumed to known what they are doing in
2524
this case. (Hosts without the time spec still get infinite
2525
leases for BOOTP, over-riding the default in the
2526
dhcp-range.) Thanks to Peter Katzmann for uncovering this.
2528
Fix problem matching relay-agent ids. Thanks to Michael
2529
Rack for the bug report.
2531
Add --naptr-record option. Suggestion from Johan
2534
Implement RFC 5107 server-id-override DHCP relay agent
2537
Apply patches from Stefan Kruger for compilation on
2538
Solaris 10 under Sun studio.
2540
Yet more tweaking of Linux capability code, to suppress
2541
pointless wingeing from kernel 2.6.25 and above.
2543
Improve error checking during startup. Previously, some
2544
errors which occurred during startup would be worked
2545
around, with dnsmasq still starting up. Some were logged,
2546
some silent. Now, they all cause a fatal error and dnsmasq
2547
terminates with a non-zero exit code. The errors are those
2548
associated with changing uid and gid, setting process
2549
capabilities and writing the pidfile. Thanks to Uwe
2550
Gansert and the Suse security team for pointing out
2551
this improvement, and Bill Reimers for good implementation
2554
Provide NO_LARGEFILE compile option to switch off largefile
2555
support when compiling against versions of uclibc which
2556
don't support it. Thanks to Stephane Billiart for the patch.
2558
Implement random source ports for interactions with
2559
upstream nameservers. New spoofing attacks have been found
2560
against nameservers which do not do this, though it is not
2561
clear if dnsmasq is vulnerable, since to doesn't implement
2562
recursion. By default dnsmasq will now use a different
2563
source port (and socket) for each query it sends
2564
upstream. This behaviour can suppressed using the
2565
--query-port option, and the old default behaviour
2566
restored using --query-port=0. Explicit source-port
2567
specifications in --server configs are still honoured.
2569
Replace the random number generator, for better
2570
security. On most BSD systems, dnsmasq uses the
2571
arc4random() RNG, which is secure, but on other platforms,
2572
it relied on the C-library RNG, which may be
2573
guessable and therefore allow spoofing. This release
2574
replaces the libc RNG with the SURF RNG, from Daniel
2575
J. Berstein's DJBDNS package.
2577
Don't attempt to change user or group or set capabilities
2578
if dnsmasq is run as a non-root user. Without this, the
2579
change from soft to hard errors when these fail causes
2580
problems for non-root daemons listening on high
2581
ports. Thanks to Patrick McLean for spotting this.
2583
Updated French translation. Thanks to Gildas Le Nadan.
2586
Fix crash when unknown client attempts to renew a DHCP
2587
lease, problem introduced in version 2.43. Thanks to
2588
Carlos Carvalho for help chasing this down.
2590
Fix potential crash when a host which doesn't have a lease
2591
does DHCPINFORM. Again introduced in 2.43. This bug has
2592
never been reported in the wild.
2594
Fix crash in netlink code introduced in 2.43. Thanks to
2595
Jean Wolter for finding this.
2597
Change implementation of min_port to work even if min-port
2600
Patch to enable compilation of latest Mac OS X. Thanks to
2603
Update Spanish translation. Thanks to Christopher Chatham.
2606
Fix total DNS failure in release 2.43 unless --min-port
2607
specified. Thanks to Steven Barth and Grant Coady for
2608
bugreport. Also reject out-of-range port spec, which could
2609
break things too: suggestion from Gilles Espinasse.