]>
Commit | Line | Data |
---|---|---|
7622fc06 SK |
1 | release 0.4 - initial public release |
2 | ||
3 | release 0.5 - added caching, removed compiler warning on linux PPC | |
4 | ||
5 | release 0.6 - TCP handling: close socket and return to connect state if we | |
6 | can't read the first byte. This corrects a problem seen very | |
7 | occasionally where dnsmasq would loop using all available CPU. | |
8 | ||
9 | Added a patch from Cris Bailiff <c.bailiff@e-secure.com.au> | |
10 | to set SO_REUSEADDR on the tcp socket which stops problems when | |
11 | dnsmasq is restarted and old connections still exist. | |
12 | ||
13 | Stopped claiming in doc.html that smail is the default Debian | |
14 | mailer, since it isn't any longer. (Pointed out by | |
15 | David Karlin <dkarlin@coloradomtn.edu>) | |
16 | ||
17 | release 0.7 Create a pidfile at /var/run/dnsmasq.pid | |
18 | ||
19 | Extensive armouring against "poison packets" courtesy of | |
20 | Thomas Moestl <tmoestl@gmx.net> | |
21 | ||
22 | Set sockaddr.sa_family on outgoing address, patch from | |
23 | David Symonds <xoxus@usa.net> | |
24 | ||
25 | Patch to clear cache on SIGHUP | |
26 | from Jason L. Wagner <nialscorva@yahoo.com> | |
27 | ||
28 | Fix bad bug resulting from not initialising value-result | |
29 | address-length parameter to recvfrom() and accept() - it | |
30 | worked by luck before! | |
31 | ||
32 | release 0.95 Major rewrite: remove calls to gethostbyname() and talk | |
33 | directly to the upstream server(s) instead. | |
34 | This has many advantages. | |
35 | (1) Dnsmasq no longer blocks during long lookups. | |
36 | (2) All query types are handled now, (eg MX) not just internet | |
37 | address queries. Addresses are cached, all other | |
38 | queries are forwarded directly. | |
39 | (3) Time-to-live data from upstream server is read and | |
40 | used by dnsmasq to purge entries from the cache. | |
41 | (4) /etc/hosts is still read and its contents served (unless | |
42 | the -h option is given). | |
43 | (5) Dnsmasq can get its upstream servers from | |
44 | a file other than /etc/resolv.conf (-r option) this allows | |
45 | dnsmasq to serve names to the machine it is running | |
46 | on (put nameserver 127.0.0.1 in /etc/resolv.conf and | |
47 | give dnsmasq the option -r /etc/resolv.dnsmasq) | |
48 | (6) Dnsmasq will re-read its servers if the | |
49 | modification time of resolv.conf changes. Along with | |
50 | 4 above this allows nameservers to be set | |
51 | automatically by ppp or dhcp. | |
52 | ||
53 | A really clever NAT-like technique allows the daemon to have lots | |
54 | of queries in progress, but still remain very lightweight. | |
55 | Dnsmasq has a small footprint and normally doesn't allocate | |
56 | any more memory after start-up. The NAT-like forwarding was | |
57 | inspired by a suggestion from Eli Chen <eli@routefree.com> | |
58 | ||
59 | release 0.96 Fixed embarrasing thinko in cache linked-list code. | |
60 | ||
61 | release 0.98 Some enhancements and bug-fixes. | |
62 | Thanks to "Denis Carre" <denis.carre@laposte.net> and Martin | |
63 | Otte <otte@essc.psu.edu> | |
64 | ||
65 | (1) Dnsmasq now always sets the IP source address | |
66 | of its replies correctly. Older versions would not always | |
67 | do this on multi-homed and IP aliased hosts, which violates | |
68 | the RFC. | |
69 | (2) Dnsmasq no longer crashes if a server loop is created | |
70 | (ie dnsmasq is told to use itself as an upstream server.) | |
71 | Now it just logs the problem and doesn't use the bad | |
72 | server address. | |
73 | (3) Dnsmasq should now forward (but not cache) inverse queries | |
74 | and server status queries; this feature has not been tested. | |
75 | (4) Don't write the pid file when in non-daemon mode. | |
76 | (5) Create the pid file mode 644, rather then 666 (!). | |
77 | (6) Generate queries to upstream nameservers with unpredictable | |
78 | ids, to thwart DNS spoofers. | |
79 | (7) Dnsmasq no longer forwards queries when the | |
80 | "recursion desired" bit is not set in the header. | |
81 | (8) Fixed getopt code to work on compliers with unsigned char. | |
82 | ||
83 | release 0.991 Added -b flag: when set causes dnsmasq to always answer | |
84 | reverse queries on the RFC 1918 private IP space itself and | |
85 | never forward them to an upstream server. If the name is not in | |
86 | /etc/hosts, dnsmasq replies with the dotted-quad address. | |
87 | ||
88 | Fixed a bug which stopped dnsmasq working on a box with | |
89 | two or more interfaces with the same IP address. | |
90 | ||
91 | Fixed cacheing of CNAMEs. Previously, a CNAME which pointed | |
92 | to a name with many A records would not have all the addresses | |
93 | returned when being answered from the cache. | |
94 | ||
95 | Thanks to "Steve Hardy" <s.a.hardy@connectux.com> for his input | |
96 | on these fixes. | |
97 | ||
98 | Fixed race which could cause dnsmasq to miss the second of | |
99 | two closely-spaced updates of resolv.conf (Thanks to Eli Chen | |
100 | for pointing this out.) | |
101 | ||
102 | Fixed a bug which could cause dnsmasq to fail to cache some | |
103 | dns names. | |
104 | ||
105 | release 0.992 Small change to memory allocation so that names in /etc/hosts | |
106 | don't use cache slots. Also make "-c 0" flag meaningfully | |
107 | disable caching completely. | |
108 | ||
109 | release 0.993 Return only the first (canonical) name from an entry in | |
110 | /etc/hosts as reply to reverse query. | |
111 | ||
112 | Handle wildcard queries for names/addresses in /etc/hosts | |
113 | this is mainly to allow reverse lookups by dig to succeed. | |
114 | (Bug reported by Simon J. Rowe" <srowe@mose.org.uk>) | |
115 | ||
116 | Subtle change to the logic which selects which of multiple | |
117 | upstream servers we send queries to. This fixes a problem | |
118 | where dnsmasq continuously sends queries to a server which | |
119 | is returning error codes and ignores one which is working. | |
120 | ||
121 | release 0.994 Fixed bug which broke lookup of names in /etc/hosts | |
122 | which have upper-case letters in them. Thanks for Joao Clemente | |
123 | for spotting that one. | |
124 | ||
125 | Output cache statistics on receipt of SIGUSR1. These go | |
126 | to syslog except in debug (-d) mode, when a complete cache | |
127 | dump goes to stdout. Suggestion from Joao Clemente, code | |
128 | based in John Volpe's. | |
129 | ||
130 | Accept GNU long options on the command line. Code from | |
131 | John Volpe for this. | |
132 | ||
133 | Split source code into multiple files and produced | |
134 | a proper makefile. | |
135 | ||
136 | Included code from John Volpe to parse dhcp.leases file | |
137 | written by ISC dhcpd. The hostnames in the leases file are | |
138 | added to the cache and updated as dhcpd updates the | |
139 | leases file. The code has been heavily re-worked by me, | |
140 | so any bugs are probably mine. | |
141 | ||
142 | release 0.995 Small tidy-ups to signal handling and cache code. | |
143 | ||
144 | release 0.996 Added negative caching: If dnsmasq gets a "no such domain" reply | |
145 | from an upstream nameserver, it will cache that information | |
146 | for a time specified by the SOA RR in the reply. See RFC 2308 | |
147 | for details. This is useful with resolver libraries | |
148 | which append assorted suffices to non-FQDN in an attempt to | |
149 | resolve them, causing useless cache misses. | |
150 | ||
151 | Added -i flag, which restricts dnsmasq to offering name service | |
152 | only on specified interfaces. | |
153 | ||
154 | release 0.997 Deleted INSTALL script and added "install" target to makefile. | |
155 | ||
156 | Stopped distributing binaries in the tarball to avoid | |
157 | libc version clashes. | |
158 | ||
159 | Fixed interface detection code to | |
160 | remove spurious startup errors in rare circumstances. | |
161 | ||
162 | Dnsmasq now changes its uid, irrevocably, to nobody after | |
163 | startup for security reasons. Thanks to Peter Bailey for | |
164 | this patch. | |
165 | ||
166 | Cope with infinite DHCP leases. Patch thanks to | |
167 | Yaacov Akiba Slama. | |
168 | ||
169 | Added rpm control files to .tar.gz distribution. Thanks to | |
170 | Peter Baldwin at ClarkConnect for those. | |
171 | ||
172 | Improved startup script for rpms. Thanks to Yaacov Akiba Slama. | |
173 | ||
174 | release 1.0 Stable release: dnsmasq is now considered feature-complete | |
175 | and stable. | |
176 | ||
177 | release 1.1 Added --user argument to allow user to change to | |
178 | a different userid. | |
179 | ||
180 | Added --mx-target argument to allow mail to be delivered | |
181 | away from the gateway machine running dnsmasq. | |
182 | ||
183 | Fixed highly obscure bug with wildcard queries for | |
184 | DHCP lease derived names. | |
185 | ||
186 | Moved manpage from section 1 to section 8. | |
187 | ||
188 | Added --no-poll option. | |
189 | Added Suse-rpm support. | |
190 | Thanks to Joerg Mayer for the last two. | |
191 | ||
192 | release 1.2 Added IPv6 DNS record support. AAAA records are cached | |
193 | and read from /etc/hosts. Reverse-lookups in the | |
194 | ip6.int and ip6.arpa domains are suppored. Dnsmasq can | |
195 | talk to upstream servers via IPv6 if it finds IP6 addresses | |
196 | in /etc/resolv.conf and it offers DNS service automatically | |
197 | if IPv6 support is present in the kernel. | |
198 | ||
199 | Extended negative caching to NODATA replies. | |
200 | ||
201 | Re-vamped CNAME processing to cope with RFC 2317's use of | |
202 | CNAMES to PTR RRs in CIDR. | |
203 | ||
204 | Added config.h and a couple of symbols to aid | |
205 | compilation on non-linux systems. | |
206 | ||
207 | release 1.3 Some versions of the Linux kernel return EINVAL rather | |
208 | then ENPROTONOSUPPORT when IPv6 is not available, | |
209 | causing dnsmasq to bomb out. This release fixes that. | |
210 | Thanks to Steve Davis for pointing this one out. | |
211 | ||
212 | Trivial change to startup logic so that dnsmasq logs | |
213 | its stuff and reads config files straight away on | |
214 | starting, rather than after the first query - principle | |
215 | of least surprise applies here. | |
216 | ||
217 | release 1.4 Fix a bug with DHPC lease parsing which broke in | |
218 | non-UTC timezones. Thanks to Mark Wormgoor for | |
219 | spotting and diagnosing this. Fixed versions in | |
220 | the .spec files this time. Fixed bug in Suse startup | |
221 | script. Thanks to Didi Niklaus for pointing this out. | |
222 | ||
223 | release 1.5 Added --filterwin2k option which stops dnsmasq from forwarding | |
224 | "spam" queries from win2k boxes. This is useful to stop spurious | |
225 | connections over dial-on-demand links. Thanks to Steve Hardy | |
226 | for this code. | |
227 | ||
228 | Clear "truncated" bit in replies we return from upstream. This | |
229 | stops resolvers from switching to TCP, which is pointless since | |
230 | dnsmasq doesn't support TCP. This should solve problems | |
231 | in resolving hotmail.com domains. | |
232 | ||
233 | Don't include getopt.h when Gnu-long-options are disabled - | |
234 | hopefully this will allow compilation on FreeBSD. | |
235 | ||
236 | Added the --listen-address and --pid-file flags. | |
237 | ||
238 | Fixed a bug which caused old entries in the DHCP leases file | |
239 | to be used in preference to current ones under certain | |
240 | circumstances. | |
241 | ||
242 | release 1.6 If a machine gets named via DHCP and the DHCP name doesn't have | |
243 | a domain part and domain suffix is set using the -s flag, then | |
244 | that machine has two names with the same address, with and | |
245 | without the domain suffix. When doing a _reverse_ lookup to | |
246 | get the name, the "without suffix" name used to be returned, | |
247 | now the "with suffix" one gets returned instead. This change | |
248 | suggested by Arnold Schulz. | |
249 | ||
250 | Fixed assorted typos in the documentation. Thanks | |
251 | to David Kimdon. | |
252 | ||
253 | Subtle rearrangement to the downloadable tarball, and stopped | |
254 | distributing .debs, since dnsmasq is now an official Debian | |
255 | package. | |
256 | ||
257 | release 1.7 Fix a problem with cache not clearing properly | |
258 | on receipt of SIGHUP. Bug spotted by Sat Deshpande. | |
259 | ||
260 | In group-id changing code: | |
261 | 1) Drop supplimentary groups. | |
262 | 2) Change gid before dropping root (patch from Soewono Effendi.) | |
263 | 3) Change group to "dip" if it exists, to allow access | |
264 | to /etc/ppp/resolv.conf (suggestion from Jorg Sommer.) | |
265 | Update docs to reflect above changes. | |
266 | ||
267 | Other documentation changes from David Miller. | |
268 | Added suggested script fragment for dhcpcd.exe. | |
269 | ||
270 | release 1.8 Fix unsafe use of tolower() macro - allows linking against | |
271 | ulibc. (Patches from Soewono Effendi and Bjorn Andersson.) | |
272 | ||
273 | Fix typo in usage string. | |
274 | ||
275 | Added advice about RedHat PPP configuration to | |
276 | documentation. (Thanks to C. Lee Taylor.) | |
277 | ||
278 | Patches to fix problems on BSD systems from Marc Huber | |
279 | and Can Erkin Acar. These add the options | |
280 | HAVE_ARC4RANDOM and HAVE_SOCKADDR_SA_LEN to config.h. | |
281 | Elaborated config.h - should really use autoconf. | |
282 | ||
283 | Fix time-to-live calculation when chasing CNAMEs. | |
284 | ||
285 | Fix use-after-free and missing initialisation bugs in | |
286 | the cache code. (Thanks to Marc Huber.) | |
287 | ||
288 | Builds on Solaris 9. (Thanks to Marc Huber.) | |
289 | ||
290 | release 1.9 Fixes to rpm .spec files. | |
291 | ||
292 | Don't put expired DHCP entries into the cache only to | |
293 | throw them away again. | |
294 | ||
295 | Put dnsmasq on a severe memory diet: this reduces both | |
296 | the amount of heap space used and the stack size | |
297 | required. The difference is not really visible with | |
298 | bloated libcs like glibc, but should dramatically reduce | |
299 | memory requirements when linked against ulibc for use on | |
300 | embeded routers, and that's the point really. Thanks to | |
301 | Matthew Natalier for prompting this. | |
302 | ||
303 | Changed debug mode (-d) so that all logging appears on | |
304 | stderr as well as going to syslogd. | |
305 | ||
306 | Added HAVE_IPV6 config symbol to allow compilation | |
307 | against a libc which doesn't have IPv6 support. | |
308 | ||
309 | Added a facility to log all queries, enabled with -q flag. | |
310 | ||
311 | Fixed packet size checking bug in address extraction code. | |
312 | ||
313 | Halved default cache size - 300 was way OTT in typical use. | |
314 | ||
315 | Added self-MX function, enabled by -e flag. Thanks to | |
316 | Lyonel Vincent for the patch. | |
317 | ||
318 | Added HAVE_FORK config symbol and stuff to support | |
319 | uClinux. Thanks to Matthew Natalier for uClinux stuff. | |
320 | ||
321 | release 1.10 Log warnings if resolv.conf or dhcp.leases are not | |
322 | accessable for any reason, as suggested by Hinrich Eilts. | |
323 | ||
324 | Fixed wrong address printing in error message about | |
325 | no interface with address. | |
326 | ||
327 | Updated docs and split installation instuctions into setup.html. | |
328 | ||
329 | Fix bug in CNAME chasing code: One CNAME pointing | |
330 | to many A records would lose A records after the | |
331 | first. This bug was introduced in version 1.9. | |
332 | ||
333 | Log startup failures at level Critical as well as | |
334 | printing them to standard error. | |
335 | Exit with return code 1 when given bad options. | |
336 | ||
337 | Cleaned up code for no-cache operation. | |
338 | ||
339 | Added -o option which forces dnsmasq to use to | |
340 | upstream servers in the order they appear in /etc/resolv.conf. | |
341 | ||
342 | Added upstream server use logging. | |
343 | ||
344 | Log full cache dump on receipt of SIGUSR1 when query | |
345 | logging is enabled (-q switch). | |
346 | ||
347 | Added -S option to directly specify upstream servers and | |
348 | added ability to direct queries for specific domains to | |
349 | specfic servers. Suggested by Jens Vonderheide. | |
350 | ||
351 | Upgraded random ID generation - patch from Rob Funk. | |
352 | ||
353 | Fixed reading of domains in arguments with capital | |
354 | letters or trailing periods. | |
355 | ||
356 | Fixed potential SEGV when given bad options. | |
357 | ||
358 | Read options from /etc/dnsmasq.conf if it exists. | |
359 | Do sensible things with missing parameters, eg | |
360 | "--resolv-file=" turns off reading /etc/resolv.conf. | |
361 | ||
362 | release 1.11 Actually implement the -R flag promised in the 1.10 man page. | |
363 | ||
364 | Improve and rationalise the return codes in answers to | |
365 | queries. In the case that there are no available | |
366 | upstream servers to forward a query to, return REFUSED. | |
367 | This makes sendmail work better on modem connected | |
368 | systems when the modem link is down (Thanks to Roger Plant). | |
369 | Cache and return the NXDOMAIN status of failed queries: | |
370 | this makes the `host` command work when traversing search | |
371 | paths (Thanks to Peter Bailey). Set the "authoritative" | |
372 | bit in replies containing names from /etc/hosts or DHCP. | |
373 | ||
374 | Tolerate MS-DOS style line ending codes in /etc/hosts | |
375 | and /etc/resolv.conf, for people who copy from winsock | |
376 | installations. | |
377 | ||
378 | Allow specification of more than one resolv.conf file. This is | |
379 | intended for laptops which connect via DHCP or | |
380 | PPP. Whichever resolv.conf was updated last is used. | |
381 | ||
382 | Allow -S flags which specify a domain but no server | |
383 | address. This gives local domains which are never forwarded. | |
384 | ||
385 | Add -E flag to automatically add the domain suffix to | |
386 | names in /etc/hosts -suggestion from Phil Harman. | |
387 | ||
388 | Always return a zero time-to-live for names derived from | |
389 | DHCP which stops anthing else caching these | |
390 | names. Previously the TTL was derived from the lease | |
391 | time but that is incorrect since a lease can be given | |
392 | up early: dnsmasq would know this but anything with the | |
393 | name cached with long TTL would not be updated. | |
394 | ||
395 | Extended HAVE_IPV6 config flag to allow compliation on | |
396 | old systems which don't have modern library routines | |
397 | like inet_ntop(). Thanks to Phil Harman for the patch. | |
398 | ||
399 | release 1.12 Allow more than one domain in server config lines and | |
400 | make "local" a synonym for "server". This makes things | |
401 | like "local=/localnet/thekelleys.org.uk/" legal. Allow | |
402 | port to specified as part of server address. | |
403 | ||
404 | Allow whole domains to have an IP address specified | |
405 | in /etc/dnsmasq.conf. (/etc/hosts doesn't work domains). | |
406 | address=/doubleclick.net/127.0.0.1 should catch all | |
407 | those nasty banner ads. Inspired by a patch | |
408 | from Daniel Gryniewicz | |
409 | ||
410 | Log the source of each query when logging switched on. | |
411 | ||
412 | Fix bug in script fragment for dhcpcd - thanks to Barry Stewart. | |
413 | ||
414 | Fix bug which meant that strict-order and self-mx were | |
415 | always enabled. | |
416 | ||
417 | Builds with Linux libc5 now - for the Freesco project. | |
418 | ||
419 | Fixed Makefile installation script (patch from Silvan | |
420 | Minghetti) and added CC and CFLAGS variables. | |
421 | ||
422 | Improve resource allocation to reduce vulnerability to | |
423 | DOS attacks - the old version could have all queries | |
424 | blocked by a continuous high-speed stream of | |
425 | queries. Now some queries will succeed, and the excess | |
426 | will be rejected with a server fail error. This change also | |
427 | protects against server-loops; setting up a resolving | |
428 | loop between two instances of dnsmasq is no longer | |
429 | catastrophic. The servers will continue to run, looped | |
430 | queries fail and a warning is logged. Thanks to C. Lee | |
431 | Taylor for help with this. | |
432 | ||
433 | release 1.13 Added support for building rpms suitable for modern Suse | |
434 | systems. (patch from Andi <cambeis@netplace.de>) | |
435 | ||
436 | Added options --group, --localmx, --local-ttl, | |
437 | --no-negcache, --addn-host. | |
438 | ||
439 | Moved all the various rpm-building bits into /rpm. | |
440 | ||
441 | Fix builds with glibc 2.1 (thanks to Cristian | |
442 | Ionescu-Idbohrn) | |
443 | ||
444 | Preserve case in domain names, as per RFC1035. | |
445 | ||
446 | Fixed ANY queries to domains with --address specification. | |
447 | ||
448 | Fixed FreeBSD build. (thanks to Steven Honson) | |
449 | ||
450 | Added -Q option which allows a specified port to be used | |
451 | to talk to upstream servers. Useful for people who want | |
452 | very paranoid firewalls which open individual UDP port. | |
453 | (thanks to David Coe for the patch) | |
454 | ||
455 | release 1.14 Fixed man page description of -b option which confused | |
456 | /etc/hosts with /etc/resolv.conf. (thanks to Christopher | |
457 | Weimann) | |
458 | ||
459 | Fixed config.h to allow building under MACOS X and glibc | |
460 | 2.0.x. (thanks to Matthew Gregan and Serge Caron) | |
461 | ||
462 | Added --except-interface option. (Suggested by Serge Caron) | |
463 | ||
464 | Added SIGUSR2 facility to re-scan for new | |
465 | interfaces. (Suggested by Serge Caron) | |
466 | ||
467 | Fixed SEGV in option-reading code for invalid options. | |
468 | (Thanks to Klaas Teschauer) | |
469 | ||
470 | Fixed man page to clarify effect of SIGUSR1 on | |
471 | /etc/resolv.conf. | |
472 | (Thanks to Klaas Teschauer) | |
473 | ||
474 | Check that recieved queries have only rfc1035-legal characters | |
475 | in them. This check is mainly to avoid bad strings being | |
476 | sent to syslog. | |
477 | ||
478 | Fixed &&/& confusion in option.c and added DESTDIR | |
479 | variable for "make install" (Thanks to Osvaldo | |
480 | Marques for the patch.) | |
481 | ||
482 | Fixed /etc/hosts parsing code to cope with MS-DOS | |
483 | line-ends in the file. This was supposed to be done in | |
484 | version 1.11, but something got missed. (Thanks to Doug | |
485 | Copestake for helping to find this.) | |
486 | ||
487 | Squash repeated name/address pairs read from hosts | |
488 | files. | |
489 | ||
490 | Tidied up resource handling in util.c (Thanks to | |
491 | Cristian Ionescu-Idbohrn). | |
492 | ||
493 | Added hashed searching of domain names. People are starting | |
494 | to use dnsmasq with larger loads now, and bigger caches, | |
495 | and large lists of ad-block addresses. This means doing | |
496 | linear searches can start to use lots of CPU so I added hashed | |
497 | searching and seriously optimised the cache code for | |
498 | algorithmic efficiency. Also upped the limit on cache | |
499 | size to 10000. | |
500 | ||
501 | Fixed logging of the source of names from the additional | |
502 | hosts file and from the "bogus private address" option. | |
503 | ||
504 | Fixed spurious re-reading of empty lease files. (Thanks | |
505 | to Lewis Baughman for spotting this.) | |
506 | ||
507 | Fixed building under uclibc (patch from Cristian Ionescu-Idbohrn) | |
508 | ||
509 | Do some socket tweaking to allow dnsmasq to co-exist | |
510 | with BIND. Thanks to Stefan 'Sec' Zehl for the patch. | |
511 | ||
512 | release 1.15 Added --bogus-nxdomain option. | |
513 | ||
514 | Restrict checking of resolv.conf and DHCP leases files | |
515 | to once per second. This is intended to improve | |
516 | performance under heavy loads. Also make a system call | |
517 | to get the current time once per query, rather than four | |
518 | times. | |
519 | ||
520 | Increased number of outstanding queries to 150 in | |
521 | config.h | |
522 | ||
523 | release 1.16 Allow "/" characters in domain names - this fixes | |
524 | caching of RFC 2317 CNAME-PTR records. | |
525 | ||
526 | Fixed brain-fart in -B option when GETOPT_LONG not | |
527 | enabled - thanks to Steven Young and Jason Miller | |
528 | for pointing this out. | |
529 | ||
530 | Generalised bogus-nxdomain code: allow more than one | |
531 | address to check, and deal with replies with multiple | |
532 | answer records. (Based on contribution from Humberto | |
533 | Massa.) | |
534 | ||
535 | Updated the documentation to include information about | |
536 | bogus-nxdomain and the Verisign tragedy. | |
537 | ||
538 | Added libraries needed on Solaris to Makefile. | |
539 | ||
540 | Added facility to set source address in queries to | |
541 | upstream nameservers. This is useful with multihomed | |
542 | hosts, especially when using VPNs. Thanks to Tom Fanning | |
543 | for suggesting this feature. | |
544 | ||
545 | Tweaked logging: log to facility LOCAL0 when in | |
546 | debug/no-daemon mode and changed level of query logging | |
547 | from INFO to DEBUG. Make log options controllable in | |
548 | config.h | |
549 | ||
550 | release 1.17 Fixed crash with DHCP hostnames > 40 characters. | |
551 | ||
552 | Fixed name-comparision routines to not depend on Locale, | |
553 | in theory this versions since 1.15 could lock up or give | |
554 | wrong results when run with locale != 'C'. | |
555 | ||
556 | Fix potential lockup in cache code. (thanks to Henning | |
557 | Glawe for help chasing this down.) | |
558 | ||
559 | Made lease-file reader bullet-proof. | |
560 | ||
561 | Added -D option, suggested by Peter Fichtner. | |
562 | ||
563 | release 1.18 Added round-robin DNS for names which have more than one | |
564 | address. In this case all the addresses will be | |
565 | returned, as before, but the order will change on each | |
566 | query. | |
567 | ||
568 | Remove stray tolower() and isalnum() calls missed in | |
569 | last release to complete LOCALE independence. | |
570 | ||
571 | Allow port numbers in source-address specifications. | |
572 | ||
573 | For hostnames without a domain part which don't get | |
574 | forwarded because -D is in effect, return NXDOMAIN not | |
575 | an empty reply. | |
576 | ||
577 | Add code to return the software version in repsonse to the | |
578 | correct magic query in the same way as BIND. Use | |
579 | "dig version.bind chaos txt" to make the query. | |
580 | ||
581 | Added negative caching for PTR (address to name) records. | |
582 | ||
583 | Ensure that names of the form typically used in PTR queries | |
584 | (ie w.x.yz.in-addr.arpa and IPv6 equivalents) get | |
585 | correct answers when queried as other types. It's | |
586 | unlikely that anyone would do this, but the change makes | |
587 | things pedantically correct. | |
588 | ||
589 | Taught dnsmasq to understand "bitstring" names, as these | |
590 | are used for PTR lookups of IPv6 addresses by some | |
591 | resolvers and lookup tools. Dnsmasq now understands both | |
592 | the ip6.int domain and the ip6.arpa domain and both | |
593 | nibble and bitstring formats so it should work with any | |
594 | client code. Standards for this stuff have flip-flopped | |
595 | over the last few years, leaving many different clients | |
596 | in their wake. See RFC2673 for details of bitstrings. | |
597 | ||
598 | Allow '_' characters in domain names: Legal characters | |
599 | are now [a-z][A-Z].-_ Check names read from hosts files | |
600 | and leases files and reject illegal ones with a message | |
601 | in syslog. | |
602 | ||
603 | Make empty domain names in server and address options | |
604 | have the special meaning "unqualified | |
605 | names". (unqualified names are names without any dots in | |
606 | them). It's now possible to do server=//1.2.3.4 and have | |
607 | unqualified names sent to a special nameserver. | |
608 | ||
609 | release 2.0rc1 | |
610 | Moved source code into src/ directory. | |
611 | ||
612 | Fixes to cure compilation breakage when HAVE_IPV6 not | |
613 | set, thanks to Claas Hilbrecht. | |
614 | ||
615 | BIG CHANGE: added an integrated DHCP server and removed | |
616 | the code to read ISC dhcp.leases. This wins in terms | |
617 | of ease of setup and configuration flexibility and | |
618 | total machine resources consumed. | |
619 | ||
620 | Re-jiged the signal handling code to remove a race | |
621 | condition and to be more portable. | |
622 | ||
623 | release 2.0 | |
624 | Thanks to David Ashworth for feedback which informed many | |
625 | of the fixes below. | |
626 | ||
627 | Allow hosts to be specified by client ID in dhcp-hosts | |
628 | options. These are now one of | |
629 | dhcp-host=<hardware addr>,.... | |
630 | dhcp-host=id:<hex client id>,..... | |
631 | dhcp-host=id:<ascii client id>,..... | |
632 | ||
633 | Allow dhcp-host options to specify any IP address on the | |
634 | DHCP-served network, not just the range available for | |
635 | dynamic allocation. | |
636 | ||
637 | Allow dhcp-host options for the same host with different | |
638 | IP adresses where the correct one will be selected for | |
639 | the network the host appears on. | |
640 | ||
641 | Fix parsing of --dhcp-option to allow more than one | |
642 | IP address and to allow text-type options. | |
643 | ||
644 | Inhibit use of --dhcp-option to send hostname DHCP options. | |
645 | ||
646 | Update the DNS with DHCP information after re-reading | |
647 | /etc/hosts so that any DHCP derived names which have been | |
648 | shadowed by now-deleted hosts entries become visible. | |
649 | ||
650 | Fix typos in dnsmasq.conf.example | |
651 | ||
652 | Fixes to Makefile(s) to help pkgsrc packaging - patch | |
653 | from "pancake". | |
654 | ||
655 | Add dhcp-boot option to support network boot. | |
656 | ||
657 | Check for duplicate IP addresses in dhcp-hosts lines | |
658 | and refuse to run if found. If allowed to remain these | |
659 | can provoke an infinite loop in the DHCP protocol. | |
660 | ||
661 | Attempted to rationalise the .spec files for rpm | |
662 | building. There are now files for Redhat, Suse and | |
663 | Mandrake. I hope they work OK. | |
664 | ||
665 | Fixed hard-to-reproduce crash involving use of local | |
666 | domains and IPv6 queries. Thanks to Roy Marples for | |
667 | helping to track that one down. | |
668 | ||
669 | release 2.1 | |
670 | Thanks to Matt Swift and Dag Wieers for many suggestions | |
671 | which went into this release. | |
672 | ||
673 | Tweak include files to allow compilation on FreeBSD 5 | |
674 | ||
675 | Fix unaligned access warnings on BSD/Alpha. | |
676 | ||
677 | Allow empty DHCP options, like so: dhpc-option=44 | |
678 | ||
679 | Allow single-byte DHCP options like so: dhcp-option=20,1 | |
680 | ||
681 | Allow comments on the same line as options in | |
682 | /etc/dnsmasq.conf | |
683 | ||
684 | Don't complain when the same name and address is | |
685 | allocated to a host using DHCP and /etc/hosts. | |
686 | ||
687 | Added to the example configuration the dnsmasq equivalent | |
688 | of the ISC dhcpd settings given in | |
689 | http://www.samba.org/samba/ftp/docs/textdocs/DHCP-Server-Configuration.txt | |
690 | ||
691 | Fixed long-existing strangeness in Linux IPv6 interface | |
692 | discovery code. The flags field in /proc/net/if_inet6 is | |
693 | _not_ the interface flags. | |
694 | ||
695 | Fail gracefully when getting an ENODEV error when trying | |
696 | to bind an IPv6 socket, rather than bailing out. Thanks | |
697 | to Jan Ischebeck for feedback on that. | |
698 | ||
699 | Allow the name->address mapping for static DHCP leases to | |
700 | be set by /etc/hosts. It's now possible to have | |
701 | dhcp-host=<mac addr>,wibble | |
702 | or even | |
703 | dhcp-host=wibble | |
704 | and in /etc/hosts have | |
705 | wibble 1.2.3.4 | |
706 | and for the correct thing to happen. Note that some sort | |
707 | of dhcp-host line is still needed, it's not possible for | |
708 | random host to claim an address in /etc/hosts without | |
709 | some explicit configuration. | |
710 | ||
711 | Make 0.0.0.0 in a dhcp-option to mean "the machine | |
712 | running dnsmasq". | |
713 | ||
714 | Fix lease time spec when specified in dhcp-range and not | |
715 | in dhcp-host, previously this was always one hour. | |
716 | ||
717 | Fix problem with setting domains as "local only". - | |
718 | thanks to Chris Schank. | |
719 | ||
720 | Added support for max message size DHCP option. | |
721 | ||
722 | release 2.2 | |
723 | Fix total lack for DHCP functionality on | |
724 | Linux systems with IPv6 enabled. - thanks to | |
725 | Jonathon Hudson for spotting that. | |
726 | ||
727 | Move default config file under FreeBSD - patch from | |
728 | Steven Honson | |
729 | ||
730 | release 2.3 | |
731 | Fix "install" makefile target. (reported by Rob Stevens) | |
732 | ||
733 | Ensure that "local=/domain/" flag is obeyed for all | |
734 | queries on a domain, not just A and AAAA. (Reported by | |
735 | Peter Fichtner.) | |
736 | ||
737 | Handle DHCPDECLINE messages and provide an error message | |
738 | in DHCPNAK messages. | |
739 | ||
740 | Add "domain" setting example to | |
741 | dnsmasq.conf.example. Thanks to K P Kirchdorfer for | |
742 | spotting that it was missing. | |
743 | ||
744 | Subtle change to the DHCPREQUEST handling code to work | |
745 | around a bug in the DHCP client in HP Jetdirect printers. | |
746 | Thanks to Marko Stolle for finding this problem. | |
747 | ||
748 | Return DHCP T1 and T2 times, with "fuzz" to desychronise lease | |
749 | renewals, as specified in the RFC. | |
750 | ||
751 | Ensure that the END option is always present in DHCP | |
752 | packets , even if the packet is too small to fit all | |
753 | the requested options. | |
754 | ||
755 | Handle larger-than-default DHCP packets if required, up | |
756 | to the ethernet MTU. | |
757 | ||
758 | Fix a couple of places where the return code from | |
759 | malloc() was not checked. | |
760 | ||
761 | Cope with a machine taking a DHCP lease and then moving | |
762 | network so that the lease address is no longer valid. | |
763 | ||
764 | The DHCP server will now work via a BOOTP relay - remote | |
765 | networks are configured with the dhcp-range option the | |
766 | same as directly connected ones, but they need an | |
767 | additional netmask parameter. Eg | |
768 | --dhcp-range=192.168.4.10,192.168.4.50,255.255,255.0 | |
769 | will enable DHCP service via a BOOTP relay on the | |
770 | 192.168.4.0 network. | |
771 | ||
772 | Add a limit on the number of available DHCP leases, | |
773 | otherwise the daemon could be DOSed by a malicious | |
774 | host. The default is 150, but it can be changed by the | |
775 | dhcp-lease-max option. | |
776 | ||
777 | Fixed compilation on OpenBSD (thanks to Frederic Brodbeck | |
778 | for help with that.) | |
779 | ||
780 | Reworked the DHCP network handling code for two good | |
781 | effects: (1) The limit of one network only for DHCP on | |
782 | FreeBSD is now gone, (2) The DHCP server copes with | |
783 | dynamically created interfaces. The one-interface | |
784 | limitation remains for OpenBSD, which is missing | |
785 | extensions to the socket API which have been in Linux | |
786 | since version 2.2 and FreeBSD since version 4.8. | |
787 | ||
788 | Reworked the DNS network code to also cope with | |
789 | dynamically created interfaces. dnsmasq will now listen | |
790 | to the wildcard address and port 53 by default, so if no | |
791 | --interface or --address options are given it will handle | |
792 | dynamically created interfaces. The old behaviour can be | |
793 | restored with --bind-interfaces for people running BIND | |
794 | on one interface and dnsmasq on another. Note that | |
795 | --interface and --address options still work, but the | |
796 | filtering is done by dnsmasq, rather then the kernel. | |
797 | This works on Linux, and FreeBSD>=5.0. On systems which | |
798 | don't support the required API extensions, the old | |
799 | behaviour is used, just as if --bind-interfaces had been set. | |
800 | ||
801 | Allow IPv6 support to be disabled at compile time. To do | |
802 | that, add -DNO_IPV6 to the CFLAGS. Thanks to Oleg | |
803 | I. Vdovikin for the suggestion to do that. | |
804 | ||
805 | Add ability to set DHCP options per network. This is done | |
806 | by giving a network an identifier like this: | |
807 | dhcp-range=red-net,192.168.0.10,192.168.0.50 | |
808 | and then labeling options intended for that network only | |
809 | like this: | |
810 | dhcp-option=red-net,6,1.1.1.1 | |
811 | Thanks to Oleg Vdovikin for arguing that one through. | |
812 | ||
813 | Made errors in the configuration file non-fatal: dnsmasq | |
814 | will now complain bitterly, but continue. | |
815 | ||
816 | Added --read-ethers option, to allow dnsmasq to pull | |
817 | static DHCP information from that file. | |
818 | Thanks to Andi Cambeis for that suggestion. | |
819 | ||
820 | Added HAVE_BROKEN_RTC compilation option to support | |
821 | embedded systems without a stable RTC. Oleg Vdovikin | |
822 | helped work out how to make that work. | |
823 | ||
824 | release 2.4 | |
825 | Fixed inability to start when the lease file doesn't | |
826 | already exist. Thanks to Dag Wieers for reporting that. | |
827 | ||
828 | Fixed problem were dhcp-host configuration options did | |
829 | not play well with entries in /etc/ethers for the same | |
830 | host. Thanks again to Dag Wieers. | |
831 | ||
832 | Tweaked DHCP code to favour moving to a newly-configured | |
833 | static IP address rather than an old lease when doing | |
834 | DHCP allocation. | |
835 | ||
836 | Added --alias configuration option. This provides IPv4 | |
837 | rewrite facilities like Cisco "DNS doctoring". Suggested | |
838 | by Chad Skeeters. | |
839 | ||
840 | Fixed bug in /etc/ethers parsing code triggered by tab | |
841 | characters. Qudos to Dag Wieers for hepling to nail that | |
842 | one. | |
843 | ||
844 | Added "bind-interfaces" option correctly. | |
845 | ||
846 | release 2.5 | |
847 | Made "where are we allocating addresses?" code in DHCP | |
848 | server cope with requests via a relay which is on a | |
849 | directly connected network for which there is not a | |
850 | configured netmask. This strange state of affairs occurs | |
851 | with win4lin. Thanks to Alex Melt and Jim Horner for bug | |
852 | reports and testing with this. | |
853 | ||
854 | Fixed trivial-but-irritating missing #include which broke | |
855 | compilation on *BSD. | |
856 | ||
857 | Force --bind-interfaces if IP-aliased interface | |
858 | specifications are used, since the sockets API provides | |
859 | no other sane way to determine which alias of an | |
860 | interface a packet was sent to. Thanks to Javier Kohen | |
861 | for the bug report. | |
862 | ||
863 | release 2.6 | |
864 | Support Token Ring DHCP. Thanks to Dag Wieers for help | |
865 | testing. Note that Token ring support only works on Linux | |
866 | currently. | |
867 | ||
868 | Fix compilation on MacOS X. Thanks to Bernhard Ehlers for | |
869 | the patch. | |
870 | ||
871 | Added new "ignore" keyword for | |
872 | dhcp-host. "dhcp-host=11:22:33:44:55:66,ignore" will | |
873 | cause the DHCP server to ignore any host with the given | |
874 | MAC address, leaving it to other servers on the | |
875 | network. This also works with client-id and hostnames. | |
876 | Suggestion by Alex Melt. | |
877 | ||
878 | Fixed parsing of hex client IDs. Problem spotted by Peter | |
879 | Fichtner. | |
880 | ||
881 | Allow conf-file options in configuration file, to | |
882 | provide an include function. | |
883 | ||
884 | Re-read /etc/ethers on receipt of SIGHUP. | |
885 | ||
886 | Added back the ability to read ISC dhcpd lease files, by | |
887 | popular demand. Note that this is deprecated and for | |
888 | backwards compatibility only. You can get back the 4K of | |
889 | memory that the code occupies by undefining | |
890 | "HAVE_ISC_READER" in src/config.h | |
891 | ||
892 | Added ability to disable "pool" DHCP address allocation | |
893 | whilst leaving static leases working. The syntax is | |
894 | "dhcp-range=192.168.0.0,static" | |
895 | Thanks to Grzegorz Nosek for the suggestion. | |
896 | ||
897 | Generalized dnsmasq-rh.spec file to work on Mandrake too, | |
898 | and removed dnsmasq-mdk.spec. Thanks to Doug Keller. | |
899 | ||
900 | Allow DHCP options which are tied to specific static | |
901 | leases in the same way as to specific networks. | |
902 | ||
903 | Generalised the dhcp-option parser a bit to allow hex | |
904 | strings as parameters. This is now legal: | |
905 | dhcp-option=128,e4:45:74:68:00:00 | |
906 | Inspired by a patch from Joel Nordell. | |
907 | ||
908 | Changed the semantics of argument-less dhcp-options for | |
909 | the default-setting ones, ie 1, 3, 6 and 28. Now, doing | |
910 | eg, dhcp-option=3 stops dnsmasq from sending a default | |
911 | router option at all. Thanks to Scott Emmons for pointing | |
912 | out that this is useful. | |
913 | ||
914 | Fixed dnsmasq.conf parsing bug which interpreted port | |
915 | numbers in server= lines as a comment. To start a | |
916 | comment, a '#' character must now be a the start of a | |
917 | line or preceded by whitespace. Thanks to Christian | |
918 | Haggstrom for the bug report. | |
919 | ||
920 | release 2.7 | |
921 | Allow the dhcp-host specification of id:* which makes | |
922 | dnsmasq ignore any client-id. This is useful to ensure | |
923 | that a dual-boot machine sees the same lease when one OS | |
924 | gives a client-id and the other doesn't. It's also useful | |
925 | when PXE boot DHCP does not use client IDs but the OS it boots | |
926 | does. Thanks to Grzegorz Nosek for suggesting this enhancement. | |
927 | ||
928 | No longer assume that ciaddr is zero in received DHCPDISCOVER | |
929 | messages, just for security against broken clients. | |
930 | ||
931 | Set default of siaddr field to the address of the machine running | |
932 | dnsmasq when not explicitly set using dhcp-boot | |
933 | option. This is the ISC dhcpd behaviour. | |
934 | ||
935 | Send T1 and T2 options in DHCPOFFER packets. This is required | |
936 | by the DHCP client in some JetDirect printers. Thanks | |
937 | to Paul Mattal for work on this. | |
938 | ||
939 | Fixed bug with DHCP on OpenBSD reported by Dominique Jacquel. | |
940 | The code which added loopback interfaces to the list | |
941 | was confusing the DHCP code, which expected one interface only. | |
942 | Solved by adding loopback interfaces to address list instead. | |
943 | ||
944 | Add dhcp-vendorclass option to allow options to be sent only | |
945 | to certain classes of clients. | |
946 | ||
947 | Tweaked option search code so that if a netid-qualified | |
948 | option is used, any unqualified option is ignored. | |
949 | ||
950 | Changed the method of picking new dynamic IP | |
951 | addresses. This used to use the next consecutive | |
952 | address as long it was free, now it uses a hash | |
953 | from the client hardware address. This reduces the amount | |
954 | of address movement for clients which let their lease | |
955 | expire and allows consecutive DHCPOFFERS to the same host | |
956 | to (almost always) be for the same address, without | |
957 | storing state before a lease is granted. | |
958 | ||
959 | Tweaked option handling code to return all possible | |
960 | options rather than none when DHCP "requested options" | |
961 | field is missing. This fixes interoperability with | |
962 | ancient IBM LANMAN DHCP clients. Thanks to Jim Louvau for | |
963 | help with this. | |
964 | ||
965 | release 2.8 | |
966 | Pad DHCP packets to a minimum size of 300 bytes. This | |
967 | fixes interoperability problems with the Linux in-kernel | |
968 | DHCP/BOOTP client. Thanks to Richard Musil for | |
969 | diagnosing this and supplying a patch. | |
970 | ||
971 | Fixed option-parsing bug and potential memory leak. Patch | |
972 | from Richard Musil. | |
973 | ||
974 | Improved vendor class configuration and added user class | |
975 | configuration. Specifically: (1) options are matched on | |
976 | the netids from dhcp-range, dhcp-host, vendor class and | |
977 | user class(es). Multiple net-ids are allowed and options | |
978 | are searched on them all. (2) matches agains vendor class | |
979 | and user class are now on a substring, if the given | |
980 | string is a substring of the vendor/user class, then a | |
981 | match occurs. Thanks again to Richard Musil for prompting | |
982 | this. | |
983 | ||
984 | Make "#" match any domain on --address and --server | |
985 | flags. --address=/#/1.2.3.4 will return 1.2.3.4 for _any_ | |
986 | domain not otherwise matched. Of course | |
987 | --server=/#/1.2.3.4 is exactly equivalent to | |
988 | --server=1.2.3.4. Special request from Josh Howlett. | |
989 | ||
990 | Fixed a nasty bug which would cause dnsmasq to lose track | |
991 | of leases for hosts which had a --dhcp-host flag without | |
992 | a name specification. The mechanism for this was that | |
993 | the hostname could get erroneously set as a zero-length | |
994 | string and then written to the leases file as a | |
995 | mal-formed line. Restarting dnsmasq would then lose the lease. | |
996 | Alex Hermann's work helped chase down this problem. | |
997 | ||
998 | Add checks against DHCP clients which return zero-length | |
999 | hostnames. This avoids the potential lease-loss problems | |
1000 | reffered to above. Also, if a client sends a hostname when | |
1001 | it creates a lease but subsequently sends no or a | |
1002 | zero-length hostname whilst renewing, continue to use the | |
1003 | existing hostname, don't wipe it out. | |
1004 | ||
1005 | Tweaked option parsing to flag some parameter errors. | |
1006 | ||
1007 | release 2.9 | |
1008 | Fixed interface filter code for two effects: 1) Fixed bug | |
1009 | where queries sent via loopback interface | |
1010 | but to the address of another interface were ignored | |
1011 | unless the loopback interface was explicitly configured. | |
1012 | 2) on OpenBSD failure to configure one interface now | |
1013 | causes a fatal error on startup rather than an huge | |
1014 | stream of log messages. Thanks to Erik Jan Tromp for | |
1015 | finding that bug. | |
1016 | ||
1017 | Changed server selection strategy to improve performance | |
1018 | when there are many available servers and some are | |
1019 | broken. The new algorithm is to pick as before for the | |
1020 | first try, but if a query is retried, to send to all | |
1021 | available servers in parallel. The first one to reply | |
1022 | then becomes prefered for the next query. This should | |
1023 | improve reliability without generating significant extra | |
1024 | upstream load. | |
1025 | ||
1026 | Fixed breakage of special servers/addresses for | |
1027 | unqualified domains introduced in version 2.8 | |
1028 | ||
1029 | Allow fallback to "bind-interfaces" at runtime: Some | |
1030 | verions of *BSD seem to have enough stuff in the header | |
1031 | files to build but no kernel support. Also now log if | |
1032 | "bind-interfaces" is forced on. | |
1033 | ||
1034 | Log replies from upstream servers which refuse to do | |
1035 | recursion - dnsmasq is not a recursive nameserver and | |
1036 | relies on upstream servers to do the recursion, this | |
1037 | flags a configuration error. | |
1038 | ||
1039 | Disable client-id matching for hosts whose MAC address is | |
1040 | read from /etc/ethers. Patch from Oleg I. Vdovikin. | |
1041 | ||
1042 | Extended --mx-host flag to allow arbitrary targets for MX | |
1043 | records, suggested by Moritz Bunkus. | |
1044 | ||
1045 | Fixed build under NetBSD 2.0 - thanks to Felix Deichmann | |
1046 | for the patch. | |
1047 | ||
1048 | Deal correctly with repeated addresses in /etc/hosts. The | |
1049 | first name found is now returned for reverse lookups, | |
1050 | rather than all of them. | |
1051 | ||
1052 | Add back fatal errors when nonexistant | |
1053 | interfaces or interface addresses are given but only in | |
1054 | "bind-interfaces" mode. Principle of least surprise applies. | |
1055 | ||
1056 | Allow # as the argument to --domain, meaning "read the | |
1057 | domain from the first search directive in | |
1058 | /etc.resolv.conf". Feature suggested by Evan Jones. | |
1059 | ||
1060 | release 2.10 | |
1061 | Allow --query-port to be set to a low port by creating and | |
1062 | binding the socket before dropping root. (Suggestion from | |
1063 | Jamie Lokier) | |
1064 | ||
1065 | Support TCP queries. It turned out to be possible to do | |
1066 | this with a couple of hundred lines of code, once I knew | |
1067 | how. The executable size went up by a few K on i386. | |
1068 | There are a few limitations: data obtained via TCP is not | |
1069 | cached, and dynamically-created interfaces may break under | |
1070 | certain circumstances. Source-address or query-port | |
1071 | specifications are ignored for TCP. | |
1072 | ||
1073 | NAK attempts to renew a DHCP lease where the DHCP range | |
1074 | has changed and the lease is no longer in the allowed | |
1075 | range. Jamie Lokier pointed out this bug. | |
1076 | ||
1077 | NAK attempts to renew a pool DHCP lease when a statically | |
1078 | allocated address has become available, forcing a host to | |
1079 | move to its allocated address. Lots of people have | |
1080 | suggested this change and been rebuffed (they know who | |
1081 | they are) the straws that broke the camel's back were Tim | |
1082 | Cutts and Jamie Lokier. | |
1083 | ||
1084 | Remove any nameserver records from answers which are | |
1085 | modified by --alias flags. If the answer is modified, it | |
1086 | cannot any longer be authoritative. | |
1087 | ||
1088 | Change behaviour of "bogus-priv" option to return NXDOMAIN | |
1089 | rather than a PTR record with the dotted-quad address as | |
1090 | name. The new behaviour doesn't provoke tcpwrappers like | |
1091 | the old behavior did. | |
1092 | ||
1093 | Added a patch for the Suse rpm. That changes the default | |
1094 | group to one suitable for Suse and disables inclusion of | |
1095 | the ISC lease-file reader code. Thanks to Andy Cambeis for | |
1096 | his ongoing work on Suse packaging. | |
1097 | ||
1098 | Support forwarding of EDNS.0 The maximum UDP packet size | |
1099 | defaults to 1280, but may be changed with the | |
1100 | --edns-packet-max option. Detect queries with the do bit | |
1101 | set and always forward them, since DNSSEC records are | |
1102 | not cached. This behaviour is required to make | |
1103 | DNSSECbis work properly though dnsmasq. Thanks to Simon | |
1104 | Josefsson for help with this. | |
1105 | ||
1106 | Move default config file location under OpenBSD from | |
1107 | /usr/local/etc/dnsmasq.conf to /etc/dnsmasq.conf. Bug | |
1108 | report from Jonathan Weiss. | |
1109 | ||
1110 | Use a lease with matching MAC address for a host which | |
1111 | doesn't present a client-id, even if there was a client ID | |
1112 | at some point in the past. This reduces surprises when | |
1113 | changing DHCP clients, adding id:* to a host, and from the | |
1114 | semantics change of /etc/ethers in 2.9. Thanks to Bernard | |
1115 | Sammer for finding that. | |
1116 | ||
1117 | Added a "contrib" directory and in it the dnslist utility, | |
1118 | from Thomas Tuttle. | |
1119 | ||
1120 | Fixed "fail to start up" problems under Linux with IPv6 | |
1121 | enabled. It's not clear that these were an issue in | |
1122 | released versions, but they manifested themselves when TCP | |
1123 | support was added. Thanks to Michael Hamilton for | |
1124 | assistance with this. | |
1125 | ||
1126 | version 2.11 | |
1127 | Fixed DHCP problem which could result in two leases in the | |
1128 | database with the same address. This looked much more | |
1129 | alarming then it was, since it could only happen when a | |
1130 | machine changes MAC address but kept the same name. The | |
1131 | old lease would persist until it timed out but things | |
1132 | would still work OK. | |
1133 | ||
1134 | Check that IP addresses in all dhcp-host directives are | |
1135 | unique and die horribly if they are not, since otherwise | |
1136 | endless protocol loops can occur. | |
1137 | ||
1138 | Use IPV6_RECVPKTINFO as socket option rather than | |
1139 | IPV6_PKTINFO where available. This keeps late-model FreeBSD | |
1140 | happy. | |
1141 | ||
1142 | Set source interface when replying to IPv6 UDP | |
1143 | queries. This is needed to cope with link-local addresses. | |
1144 | ||
1145 | version 2.12 | |
1146 | Added extra checks to ensure that DHCP created DNS entries | |
1147 | cannot generate multiple DNS address->name entries. Thanks to | |
1148 | Stefan Monnier for finding the exact set of configuration | |
1149 | options which could create this. | |
1150 | ||
1151 | Don't set the the filterwin2k option in the example config | |
1152 | file and add warnings that is breaks Kerberos. Thanks to | |
1153 | Simon Josefsson and Timothy Folks for pointing that out. | |
1154 | ||
1155 | Log types of incoming queries as well as source and domain. | |
1156 | ||
1157 | Log NODATA replies generated as a result of the | |
1158 | filterwin2k option. | |
1159 | ||
1160 | version 2.13 | |
1161 | Fixed crash with un-named DHCP hosts introduced in 2.12. | |
1162 | Thanks to Nicolo Wojewoda and Gregory Gathy for bug reports. | |
1163 | ||
1164 | version 2.14 | |
1165 | Fix DHCP network detection for hosts which talk via a | |
1166 | relay. This makes lease renewal for such hosts work | |
1167 | correctly. | |
1168 | ||
1169 | Support RFC3011 subnet selectors in the DHCP server. | |
1170 | ||
1171 | Fix DHCP code to generate RFC-compliant responses | |
1172 | to hosts in the INIT-REBOOT state. | |
1173 | ||
1174 | In the DHCP server, set the receive buffer size on | |
1175 | the transmit-only packet socket to zero, to avoid | |
1176 | waste of kernel buffers. | |
1177 | ||
1178 | Fix DHCP address allocation code to use the whole of | |
1179 | the DHCP range, including the start and end addresses. | |
1180 | ||
1181 | Attempt an ICMP "ping" on new addresses before allocating | |
1182 | them to leases, to avoid allocating addresses which are in use. | |
1183 | ||
1184 | Handle rfc951 BOOTP as well as DHCP for hosts which have | |
1185 | MAC address to IP address mapping defined. | |
1186 | ||
1187 | Fix compilation under MacOS X. Thanks to Chris Tomlinson. | |
1188 | ||
1189 | Fix compilation under NetBSD. Thanks to Felix Deichmann. | |
1190 | ||
1191 | Added "keep-in-foreground" option. Thanks to Sean | |
1192 | MacLennan for the patch. | |
1193 | ||
1194 | version 2.15 | |
1195 | Fixed NXDOMAIN/NODATA confusion for locally known | |
1196 | names. We now return a NODATA reponse for names which are | |
1197 | locally known. Now a query for (eg AAAA or MX) for a name | |
1198 | with an IPv4 address in /etc/hosts which fails upstream | |
1199 | will generate a NODATA response. Note that the query | |
1200 | is still tried upstream, but a NXDOMAIN reply gets | |
1201 | converted to NODATA. Thanks to Eric de Thouars, Eric | |
1202 | Spakman and Mike Mestnik for bug reports/testing. | |
1203 | ||
1204 | Allow multiple dhcp-ranges within the same network. The | |
1205 | original intention was that there would be a dhcp-range | |
1206 | option for each network served, but there's no real reason | |
1207 | not to allow discontinuous ranges within a network so this | |
1208 | release adds support for that. | |
1209 | ||
1210 | Check for dhcp-ranges which are inconsistent with their | |
1211 | netmask, and generate errors or warnings. | |
1212 | ||
1213 | Improve error messages when there are problems with | |
1214 | configuration. | |
1215 | ||
1216 | version 2.16 | |
1217 | Fixed typo in OpenBSD-only code which stopped compilation | |
1218 | under that OS. Chris Weinhaupl gets credit for reporting | |
1219 | this. | |
1220 | ||
1221 | Added dhcp-authoritative option which restores non-RFC | |
1222 | compliant but desirable behaviour of pre-2.14 versions and | |
1223 | avoids long timeouts while DHCP clients try to renew leases | |
1224 | which are unknown to dnsmasq. Thanks to John Mastwijk for | |
1225 | help with this. | |
1226 | ||
1227 | Added support to the DHCP option code to allow RFC-3397 | |
1228 | domain search DHCP option (119) to be sent. | |
1229 | ||
1230 | Set NONBLOCK on all listening sockets to workaround non-POSIX | |
1231 | compliance in Linux 2.4 and 2.6. This fixes rare hangs which | |
1232 | occured when corrupted packets were received. Thanks to | |
1233 | Joris van Rantwijk for chasing that down. | |
1234 | ||
1235 | Updated config.h for NetBSD. Thanks to Martin Lambers. | |
1236 | ||
1237 | Do a better job of distinguishing between retransmissions | |
1238 | and new queries when forwarding. This fixes a bug | |
1239 | triggered by the polipo web cache which sends A and AAAA | |
1240 | queries both with the same transaction-ID. Thanks to | |
1241 | Joachim Berdal Haga and Juliusz Chroboczek for help with this. | |
1242 | ||
1243 | Rewrote cache code to store CNAMES, rather then chasing | |
1244 | them before storage. This eliminates bad situations when | |
1245 | clients get inconsistent views depending on if data comes | |
1246 | from the cache. | |
1247 | ||
1248 | Allow for more than one --addn-hosts flag. | |
1249 | ||
1250 | Clarify logged message when a DHCP lease clashes with an | |
1251 | /etc/hosts entry. Thanks to Mat Swift for the suggestion. | |
1252 | ||
1253 | Added dynamic-dnsmasq from Peter Willis to the contrib | |
1254 | section. | |
1255 | ||
1256 | version 2.17 | |
1257 | Correctly deduce the size of numeric dhcp-options, rather | |
1258 | than making wild guesses. Also cope with negative values. | |
1259 | ||
1260 | Fixed use of C library reserved symbol "index" which broke | |
1261 | under certain combinations of library and compiler. | |
1262 | ||
1263 | Make bind-interfaces work for IPv6 interfaces too. | |
1264 | ||
1265 | Warn if an interface is given for listening which doesn't | |
1266 | currently exist when not in bind-interfaces mode. (This is | |
1267 | already a fatal error when bind-interfaces is set.) | |
1268 | ||
1269 | Allow the --interface and --except-interface options to | |
1270 | take a comma-separated list of interfaces. | |
1271 | ||
1272 | Tweak --dhcp-userclass matching code to work with the | |
1273 | ISC dhclient which violates RFC3004 unless its | |
1274 | configuration is very warped. Thanks to Cedric Duval for | |
1275 | the bug report. | |
1276 | ||
1277 | Allow more than one network-id tag in a dhcp-option. All | |
1278 | the tags must match to enable the option. | |
1279 | ||
1280 | Added dhcp-ignore option to disable classes of hosts based | |
1281 | on network-id tags. Also allow BOOTP options to be | |
1282 | controlled by network tags. | |
1283 | ||
1284 | Fill in sname, file and siaddr fields in replies to | |
1285 | DHCPINFORM messages. | |
1286 | ||
1287 | Don't send NAK replies to DHCPREQUEST packets for disabled | |
1288 | clients. Credit to Cedric Duval for spotting this. | |
1289 | ||
1290 | Fix rare crash associated with long DNS names and CNAME | |
1291 | records. Thanks to Holger Hoffstatte and especially Steve | |
1292 | Grecni for help chasing that one down. | |
1293 | ||
1294 | version 2.18 | |
1295 | Reworked the Linux interface discovery code (again) to | |
1296 | cope with interfaces which have only IPv6 addresses and | |
1297 | interfaces with more than one IPv6 address. Thanks to | |
1298 | Martin Pels for help with that. | |
1299 | ||
1300 | Fix problems which occured when more than one dhcp-range | |
1301 | was specified in the same subnet: sometimes parameters | |
1302 | (lease time, network-id tag) from the wrong one would be | |
1303 | used. Thanks to Rory Campbell-Lange for the bug report. | |
1304 | ||
1305 | Reset cache statistics when clearing the cache. | |
1306 | ||
1307 | Enable long command line options on FreeBSD when the | |
1308 | C library supports them. | |
1309 | ||
1310 | version 2.19 | |
1311 | Tweaked the Linux-only interface discovery code to cope | |
1312 | with interface-indexes larger than 8 bits in | |
1313 | /proc/net/if_inet6. This only affects Linux, obviously. | |
1314 | Thanks to Richard Atterer for the bug report. | |
1315 | ||
1316 | Check for under-length option fields in DHCP packets, a | |
1317 | zero length client-id, in particluar, could seriously | |
1318 | confuse dnsmasq 'till now. Thanks to Will Murname for help | |
1319 | with that. | |
1320 | ||
1321 | If a DHCP-allocated address has an associated name in | |
1322 | /etc/hosts, and the client does not provide a hostname | |
1323 | parameter and there is no hostname in a matching dhcp-host | |
1324 | option, send the /etc/hosts name as the hostname in | |
1325 | the DHCP lease. Thanks to Will Murname for the suggestion. | |
1326 | ||
1327 | version 2.20 | |
1328 | Allow more than one instance of dnsmasq to run on a | |
1329 | machine, each providing DHCP service on a different | |
1330 | interface, provided that --bind-interfaces is set. This | |
1331 | configuration used to work, but regressed in version 2.14 | |
1332 | ||
1333 | Fix compilation on Mac OS X. Thanks to Kevin Bullock. | |
1334 | ||
1335 | Protect against overlong names and overlong | |
1336 | labels in configuration and from DHCP. | |
1337 | ||
1338 | Fix interesting corner case in CNAME handling. This occurs | |
1339 | when a CNAME has a target which "shadowed" by a name in | |
1340 | /etc/hosts or from DHCP. Resolving the CNAME would sneak | |
1341 | the upstream value of the CNAME's target into the cache, | |
1342 | alongside the local value. Now that doesn't happen, though | |
1343 | resolving the CNAME still gives the unshadowed value. This | |
1344 | is arguably wrong but rather difficult to fix. The main | |
1345 | thing is to avoid getting strange results for the target | |
1346 | due to the cache pollution when resolving the | |
1347 | CNAME. Thanks to Pierre Habouzit for exploring the corner | |
1348 | and submitting a very clear bug report. | |
1349 | ||
1350 | Fix subtle bug in the DNS packet parsing code. It's almost | |
1351 | impossible to describe this succinctly, but the one known | |
1352 | manifestation is the inability to cache the A record for | |
1353 | www.apple.com. Thanks to Bob Alexander for spotting that. | |
1354 | ||
1355 | Support SRV records. Thanks to Robert Kean for the patches | |
1356 | for this. | |
1357 | ||
1358 | Fixed sign confusion in the vendor-id matching code which | |
1359 | could cause crashes sometimes. (Credit to Mark Wiater for | |
1360 | help finding this.) | |
1361 | ||
1362 | Added the ability to match the netid tag in a | |
1363 | dhcp-range. Combined with the ability to have multiple | |
1364 | ranges in a single subnet, this provides a means to | |
1365 | segregate hosts on different address ranges based on | |
1366 | vendorclass or userclass. Thanks to Mark Wiater for | |
1367 | prompting this enhancement. | |
1368 | ||
1369 | Added preference values for MX records. | |
1370 | ||
1371 | Added the --localise-queries option. | |
1372 | ||
1373 | version 2.21 | |
1374 | Improve handling of SERVFAIL and REFUSED errors. Receiving | |
1375 | these now initiates search for a new good server, and a | |
1376 | server which returns them is not a candidate as a good | |
1377 | server. Thanks to Istvan Varadi for pointing out the | |
1378 | problem. | |
1379 | ||
1380 | Tweak the time code in BROKEN_RTC mode. | |
1381 | ||
1382 | Sanity check lease times in dhcp-range and dhcp-host | |
1383 | configurations and force them to be at least two minutes | |
1384 | (120s) leases shorter than a minute confuse some clients, | |
1385 | notably Apple MacOS X. Rory Campbell-Lange found this | |
1386 | problem. | |
1387 | ||
1388 | Only warn once about an upstream server which is refusing to do | |
1389 | recursive queries. | |
1390 | ||
1391 | Fix DHCP address allocation problem when netid tags are in | |
1392 | use. Thanks to Will Murnane for the bug report and | |
1393 | subsequent testing. | |
1394 | ||
1395 | Add an additional data section to the reply for MX and SRV | |
1396 | queries. Add support for DNS TXT records. Thanks to Robert | |
1397 | Kean and John Hampton for prompts and testing of these. | |
1398 | ||
1399 | Apply address rewriting to records in the additional data section | |
1400 | of DNS packets. This makes things like MX records work | |
1401 | with the alias function. Thanks to Chad Skeeters for | |
1402 | pointing out the need for this. | |
1403 | ||
1404 | Added support for quoted strings in config file. | |
1405 | ||
1406 | Detect and defeat cache-poisoning attacks which attempt to | |
1407 | send (malicious) answers to questions we didn't | |
1408 | send. These are ignored now even if the attacker manages | |
1409 | to guess a random query-id. | |
1410 | ||
1411 | Provide DHCP support for interfaces with multiple IP | |
1412 | addresses or aliases. This in only enabled under Linux. | |
1413 | See the FAQ entry for details. | |
1414 | ||
1415 | Revisit the MAC-address and client-id matching code to | |
1416 | provide saner behaviour with PXE boots, where some | |
1417 | requests have a client-id and some don't. | |
1418 | ||
1419 | Fixed off-by-one buffer overflow in lease file reading | |
1420 | code. Thanks to Rob Holland for the bug report. | |
1421 | ||
1422 | Added wildcard matching for MAC addresses in dhcp-host | |
1423 | options. A sensible suggestion by Nathaniel McCallum. | |
1424 | ||
1425 | version 2.22 | |
1426 | Fixed build problems on (many) systems with older libc | |
1427 | headers where <linux/types.h> is required before | |
1428 | <linux/netlink.h>. Enabled HAVE_RTNETLINK under uclibc now | |
1429 | that this fix is in place. | |
1430 | ||
1431 | Added support for encapsulated vendor-class-specific DHCP | |
1432 | options. Thanks to Eric Shattow for help with this. | |
1433 | ||
1434 | Fix regression in 2.21 which broke commas in filenames and | |
1435 | corrupted argv. Thanks to Eric Scott for the bugreport. | |
1436 | ||
1437 | Fixed stupid thinko which caused dnsmasq to wedge during | |
1438 | startup with certain MX-record options. Another 2.21 regression. | |
1439 | ||
1440 | Fixed broken-ness when reading /etc/ethers. 2.21 broke | |
1441 | this too. | |
1442 | ||
1443 | Fixed wedge with certain DHCP options. Yet another 2.21 | |
1444 | regression. Rob Holland and Roy Marples chased this one | |
1445 | down. | |
1446 | ||
1447 | version 2.23 | |
1448 | Added a check to ensure that there cannot be more than one | |
1449 | dhcp-host option for any one IP address, even if the | |
1450 | addresses are assigned indirectly via a hostname and | |
1451 | /etc/hosts. | |
1452 | ||
1453 | Include a "server identifier" in DHCPNAK replies, as | |
1454 | required by RFC2131. | |
1455 | ||
1456 | Added method support for DBus | |
1457 | (http://www.freedesktop.org/Software/dbus) | |
1458 | This is a superior way to re-configure dnsmasq on-the-fly | |
1459 | with different upstream nameservers, as the host moves | |
1460 | between networks. DBus support must be enabled in | |
1461 | src/config.h and should be considered experimental at this | |
1462 | point. See DBus-interface for the specification of the | |
1463 | DBus method calls supported. | |
1464 | ||
1465 | Added information to the FAQ about setting the DNS domain | |
1466 | in windows XP and Mac OS X, thanks to Rick Hull. | |
1467 | ||
1468 | Added sanity check to resolv.conf polling code to cope | |
1469 | with backwards-moving clocks. Thanks to Leonardo Canducci | |
1470 | for help with this. | |
1471 | ||
1472 | Handle so-called "A-for-A" queries, which are queries for | |
1473 | the address associated with a name which is already a | |
1474 | dotted-quad address. These should be handled by the | |
1475 | resolver code, but sometimes aren't and there's no point | |
1476 | in forwarding them. | |
1477 | ||
1478 | Added "no-dhcp-interface" option to disable DHCP service | |
1479 | on an interface, whilst still providing DNS. | |
1480 | ||
1481 | Fix format-string problem - config file names get passed | |
1482 | to fprintf as a format string, so % characters could cause | |
1483 | crashes. Thanks to Rob Holland for sleuthing that one. | |
1484 | ||
1485 | Fixed multiple compiler warnings from gcc 4. Thanks to | |
1486 | Tim Cutts for the report. | |
1487 | ||
1488 | Send the hostname option on DHCP offer messages as well as | |
1489 | DHCP ack messages. This is required by the Rio Digital | |
1490 | Audio Receiver. Thanks to Ron Frederick for the patch. | |
1491 | ||
1492 | Add 'd' (for day) as a possible time multiplier in lease | |
1493 | time specifications. Thanks to Michael Deegan. | |
1494 | ||
1495 | Make quoting suppress recognition of IP addresses, so | |
1496 | dhcp-option=66,1.2.3.4 now means something different to | |
1497 | dhcp-option=66,"1.2.3.4", which sets the option to a | |
1498 | string value. Thanks to Brian Macauley for the bug report. | |
1499 | ||
1500 | Fixed the option parsing code to avoid segfaults from some | |
1501 | invalid configurations. Thanks to Wookey for spotting that one. | |
1502 | ||
1503 | Provide information about which compile-time options were | |
1504 | selected, both in the log at startup and as part of the output | |
1505 | from dnsmasq --version. Thanks to Dirk Schenkewitz for | |
1506 | the suggestion. | |
1507 | ||
1508 | Fix pathalogical behaviour when a broken client keeps sending | |
1509 | DHCPDISCOVER messages repeatedly and fast. Because dealing with | |
1510 | each of these takes a few seconds, (because of the ping) then a | |
1511 | queue of DHCP packets could build up. Now, the results of a ping | |
1512 | test are assumed to be valid for 30 seconds, so repeated waits are | |
1513 | not required. Thanks to Luca Landi for finding this. | |
1514 | ||
1515 | Allow DHCPINFORM requests without hardware address | |
1516 | information. These are generated by some browsers, looking | |
1517 | for proxy information. Thanks to Stanley Jaddoe for the | |
1518 | bug report on that. | |
1519 | ||
1520 | Add support of the "client FQDN" DHCP option. If present, | |
1521 | this is used to allow the client to tell dnsmasq its name, | |
1522 | in preference to (mis)using the hostname option. See | |
1523 | http://tools.ietf.org/wg/dhc/draft-ietf-dhc-fqdn-option/\ | |
1524 | draft-ietf-dhc-fqdn-option-10.txt | |
1525 | for details of the draft spec. | |
1526 | ||
1527 | Added startup scripts for MacOS X Tiger/Panther to the | |
1528 | contrib collection. Thanks to Tim Cutts. | |
1529 | ||
1530 | Tweak DHCP network selection so that clients which turn up | |
1531 | on our network in REBINDING state and with a lease for a | |
1532 | foreign network will get a NAK response. Thanks to Dan | |
1533 | Shechter for work on this and an initial patch and thanks | |
1534 | to Gyorgy Farkas for further testing. | |
1535 | ||
1536 | Fix DNS query forwarding for empty queries and forward | |
1537 | queries even when the recursion-desired bit is clear. This | |
1538 | allows "dig +trace" to work. Problem report from Uwe | |
1539 | Gansert. | |
1540 | ||
1541 | Added "const" declarations where appropriate, thanks to | |
1542 | Andreas Mohr for the patch. | |
1543 | ||
1544 | Added --bootp-dynamic option and associated | |
1545 | functionality. Thanks to Josef Wolf for the suggestion. | |
1546 | ||
1547 | version 2.24 | |
1548 | Updated contrib/openvpn/dnsmasq.patch from Joseph Tate. | |
1549 | ||
1550 | Tweaked DHCP NAK code, a DHCP NAK is now unicast as a | |
1551 | fallback in cases where a broadcast is futile: namely in | |
1552 | response to a unicast REQUEST from a non-local network | |
1553 | which was not sent via a relay. | |
1554 | ||
1555 | Slightly changed the semantics of domain matching in | |
1556 | --server and --address configs. --server=/domain.com/ still | |
1557 | matches domain.com and sub.domain.com but does not | |
1558 | now match newdomain.com The semantics of | |
1559 | --server=/.domain.com/ are unchanged. | |
1560 | Thanks to Chris Blaise for the patch. | |
1561 | ||
1562 | Added backwards-compatible internationalisation support. | |
1563 | The existing make targets, (all, dnsmasq, install) work as | |
1564 | before. New ones (all-i18n, and install-i18n) add gettext. | |
1565 | The translations live in po/ There are not too many | |
1566 | strings, so if anybody can provide translations (and for | |
1567 | the manpage....) please send them in. | |
1568 | ||
1569 | Tweak behaviour on receipt of REFUSED or SERVFAIL rcodes, | |
1570 | now the query gets retried on all servers before returning | |
1571 | the error to the source of the query. Thanks to Javier | |
1572 | Kohen for the report. | |
1573 | ||
1574 | Added Polish translation - thanks to Tomasz Sochanski. | |
1575 | ||
1576 | Changed default manpage install location from /usr/man | |
1577 | to /usr/share/man | |
1578 | ||
1579 | Added Spanish translation - thanks to Christopher Chatham. | |
1580 | ||
1581 | Log a warning when a DHCP packet is truncated due to lack | |
1582 | of space. (Thanks to Michael Welle for the prompt to do | |
1583 | this.) | |
1584 | ||
1585 | Added French translation - thanks to Lionel Tricon. | |
1586 | ||
1587 | Added Indonesian translation - thanks to Salman AS. | |
1588 | ||
1589 | Tweaked the netlink code to cope with interface broadcast | |
1590 | address not set, or set to 0.0.0.0. | |
1591 | ||
1592 | Fixed problem assigning fixed addresses to hosts when more | |
1593 | than one dhcp-range is available. Thanks to Sorin Panca | |
1594 | for help chasing this down. | |
1595 | ||
1596 | Added more explict error mesages to the hosts file and | |
1597 | ethers file reading code. Markus Kaiserswerth suffered to | |
1598 | make this happen. | |
1599 | ||
1600 | Ensure that a hostname supplied by a DHCP client can never | |
1601 | override one configured on the server. Previously, any | |
1602 | host claiming a name would be given it, even if that | |
1603 | over-rode a dhcp-host declaration, leading to potentially | |
1604 | confusing situations. | |
1605 | ||
1606 | Added Slackware package-build stuff into contrib/ The i18n | |
1607 | effort broke the current scripts, and working ones were | |
1608 | needed for testing, so they ended up here rather than make | |
1609 | Pat re-invent the wheel. | |
1610 | ||
1611 | Added Romanian translation, thanks to Sorin Panca for | |
1612 | that. | |
1613 | ||
1614 | version 2.25 | |
1615 | Fixed RedHat spec file for FC4 - thanks to Werner Hoelzl | |
1616 | and Andrew Bird. | |
1617 | ||
1618 | Fixed Suse spec file - thanks to Steven Springl. | |
1619 | ||
1620 | Fixed DHCP bug when two distict subnets are on the same | |
1621 | physical interface. Thanks to Pawel Zawora for finding | |
1622 | this and suggesting the fix. | |
1623 | ||
1624 | Added logging to make it explicit when dnsmasq falls back | |
1625 | from using RT-netlink sockets to the old ioctl API for | |
1626 | getting information about interfaces. Doing this | |
1627 | completely silently made remote debugging hard. | |
1628 | ||
1629 | Merged uclibc build fixes from the OpenWRT package into | |
1630 | src/config.h | |
1631 | ||
1632 | Added Norwegian translation - thanks to Jan Erik Askildt. | |
1633 | ||
1634 | version 2.26 | |
1635 | Fixed SuSe rpm patch problem - thanks to Steven Springl. | |
1636 | ||
1637 | Fixed crash when attempting to send a DHCP NAK to a host | |
1638 | which believes it has a lease on an unknown | |
1639 | network. Thanks to Lutz Pressler for the bug report and | |
1640 | patch. | |
1641 | ||
1642 | version 2.27 | |
1643 | Tweaked DHCP behaviour when a client attempts to renew a lease | |
1644 | which dnsmasq doesn't know about. Previously that would always | |
1645 | result in a DHCPNAK. Now, in dhcp-authoritative mode, the | |
1646 | lease will be created, if it's legal. This makes dnsmasq work | |
1647 | better if the lease database is lost, for example on an OpenWRT | |
1648 | system which reboots. Thanks to Stephen Rose for work on | |
1649 | this. | |
1650 | ||
1651 | Added the ability to support RFC-3442 style destination | |
1652 | descriptors in dhcp-options. This makes classless static | |
1653 | routes easy to do, eg dhcp-option=121,192.168.1.0/24,1.2.3.4 | |
1654 | ||
1655 | Added error-checking to the code which writes the lease | |
1656 | file. If this fails for any reason, an error is logged, | |
1657 | and a retry occurs after one minute. This should improve | |
1658 | things eg when a filesystem is full. Thanks to Jens Holze | |
1659 | for the bug report. | |
1660 | ||
1661 | Fixed breakage of the "/#/ matches any domain" facility | |
1662 | which happened in 2.24. Thanks to Peter Surda for the bug | |
1663 | report. | |
1664 | ||
1665 | Use "size_t" and "ssize_t" types where appropriate in the | |
1666 | code. | |
1667 | ||
1668 | Fix buggy CNAME handling in mixed IPv4 and IPv6 | |
1669 | queries. Thanks to Andreas Pelme for help finding that. | |
1670 | ||
1671 | Added some code to attempt to re-transmit DNS queries when | |
1672 | a network interface comes up. This helps on DoD links, | |
1673 | where frequently the packet which triggers dialling is | |
1674 | a DNS query, which then gets lost. By re-sending, we can | |
1675 | avoid the lookup failing. This function is only active | |
1676 | when netlink support is compiled in, and therefore only | |
1677 | under Linux. Thanks to Jean Wolter for help with this. | |
1678 | ||
1679 | Tweaked the DHCP tag-matching code to work correctly with | |
1680 | NOT-tag conditions. Thanks to Lutz Pressler for finding | |
1681 | the bug. | |
1682 | ||
1683 | Generalised netid-tag matching in dhcp-range statements to | |
1684 | allow more than one tag. | |
1685 | ||
1686 | Added --dhcp-mac to do MAC address matching in the same | |
1687 | way as vendorclass and userclass matching. A good | |
1688 | suggestion from Lutz Pressler. | |
1689 | ||
1690 | Add workaround for buggy early Microsoft DHCP clients | |
1691 | which need zero-termination in string options. | |
1692 | Thanks to Fabiano Pires for help with this. | |
1693 | ||
1694 | Generalised the DHCP code to cope with any hardware | |
1695 | address type, at least on Linux. *BSD is still limited to | |
1696 | ethernet only. | |
1697 | ||
1698 | version 2.28 | |
1699 | Eliminated all raw network access when running on | |
1700 | Linux. All DHCP network activity now goes through the IP | |
1701 | stack. Packet sockets are no longer required. Apart from | |
1702 | being a neat hack, this should also allow DHCP over IPsec | |
1703 | to work better. On *BSD and OS X, the old method of raw net | |
1704 | access through BPF is retained. | |
1705 | ||
1706 | Simplified build options. Networking is now slimmed down | |
1707 | to a choice of "linux" or "other". Netlink is always used | |
1708 | under Linux. Since netlink has been available since 2.2 | |
1709 | and non-optional in an IPv4-configured kernel since 2.4, | |
1710 | and the dnsmasq netlink code is now well tested, this | |
1711 | should work out fine. | |
1712 | ||
1713 | Removed decayed build support for libc5 and Solaris. | |
1714 | ||
1715 | Removed pselect code: use a pipe for race-free signal | |
1716 | handling instead, as this works everywhere. | |
1717 | ||
1718 | No longer enable the ISC leasefile reading code in the | |
1719 | distributed sources. I doubt there are many people left | |
1720 | using this 1.x compatibility code. Those that are will | |
1721 | have to explicitly enable it in src/config.h. | |
1722 | ||
1723 | Don't send the "DHCP maximum message size" option, even if | |
1724 | requested. RFC2131 says this is a "MUST NOT". | |
1725 | ||
1726 | Support larger-than-minimum DHCP message. Dnsmasq is now | |
1727 | happy to get larger than 576-byte DHCP messages, and will | |
1728 | return large messages, if permitted by the "maximum | |
1729 | message size" option of the message to which it is | |
1730 | replying. There's now an arbitrary sanity limit of 16384 | |
1731 | bytes. | |
1732 | ||
1733 | Added --no-ping option. This fixes an RFC2131 "SHOULD". | |
1734 | ||
1735 | Building on the 2.27 MAC-address changes, allow clients to | |
1736 | provide no MAC address at all, relying on the client-id as | |
1737 | a unique identifier. This should make things like DHCP for | |
1738 | USB come easier. | |
1739 | ||
1740 | Fixed regression in netlink code under 2.2.x kernels which | |
1741 | occurred in 2.27. Erik Jan Tromp is the vintage kernel fan | |
1742 | who found this. P.S. It looks like this "netlink bind: | |
1743 | permission denied" problem occured in kernels at least as | |
1744 | late a 2.4.18. Good information from Alain Richoux. | |
1745 | ||
1746 | Added a warning when it's impossible to give a host its | |
1747 | configured address because the address is leased | |
1748 | elsewhere. A sensible suggestion from Mircea Bardac. | |
1749 | ||
1750 | Added minimal support for RFC 3046 DHCP relay agent-id | |
1751 | options. The DHCP server now echoes these back to the | |
1752 | relay, as required by the RFC. Also, RFC 3527 link selection | |
1753 | sub-options are honoured. | |
1754 | ||
1755 | Set the process "dumpable" flag when running in debug | |
1756 | mode: this makes getting core dumps from root processes | |
1757 | much easier. | |
1758 | ||
1759 | Fixed one-byte buffer overflow which seems to only cause | |
1760 | problems when dnsmasq is linked with uclibc. Thanks to | |
1761 | Eric House and Eric Spakman for help in chasing this down. | |
1762 | ||
1763 | Tolerate configuration screwups which lead to the DHCP | |
1764 | server attemping to allocate its own address to a | |
1765 | client; eg setting the whole subnet range as a DHCP | |
1766 | range. Addresses in use by the server are now excluded | |
1767 | from use by clients. | |
1768 | ||
1769 | Did some thinking about HAVE_BROKEN_RTC mode, and made it | |
1770 | much simpler and better. The key is to just keep lease | |
1771 | lengths in the lease file. Since these normally never | |
1772 | change, even as the lease is renewed, the lease file never | |
1773 | needs to change except when machines arrive on the network | |
1774 | or leave. This eliminates the code for timed writes, and | |
1775 | reduces the amount of wear on a flash filesystem to the | |
1776 | absolute minimum. Also re-did the basic time function in | |
1777 | this mode to use the portable times(), rather than parsing | |
1778 | /proc/uptime. | |
1779 | ||
1780 | Believe the source port number when replying to unicast | |
1781 | DHCP requests and DHCP requests via a relay, instead of always | |
1782 | using the standard ports. This will allow relays on | |
1783 | non-standard ports and DHCPINFORM from unprivileged ports | |
1784 | to work. The source port sent by unconfigured clients is still | |
1785 | ignored, since this may be unreliable. This means that a DHCP | |
1786 | client must use the standard port to do full configuration. | |
1787 | ||
1788 | version 2.29 | |
1789 | Fixed compilation on OpenBSD (thanks to Tom Hensel for the | |
1790 | report). | |
1791 | ||
1792 | Fixed false "no interface" errors when --bind-interfaces is | |
1793 | set along with --interface=lo or --listen-address. Thanks | |
1794 | to Paul Wise for the report. | |
1795 | ||
1796 | Updated patch for SuSE rpm. Thanks to Steven Springl. | |
1797 | ||
1798 | It turns out that there are some Linux kernel | |
1799 | configurations which make using the capability system | |
1800 | impossible. If this situation occurs then continue, running | |
1801 | as root, and log a warning. Thanks to Scott Wehrenberg | |
1802 | for help tracking this down. | |
1803 | ||
1804 | version 2.30 | |
1805 | Fixed crash when a DHCP client requested a broadcast | |
1806 | reply. This problem was introduced in version 2.28. | |
1807 | Thanks to Sandra Dekkers for the bug report. | |
1808 | ||
1809 | version 2.31 | |
1810 | Added --dhcp-script option. There have been calls for this | |
1811 | for a long time from many good people. Fabio Muzzi gets | |
1812 | the prize for finally convincing me. | |
1813 | ||
1814 | Added example dbus config file and moved dbus stuff into | |
1815 | its own directory. | |
1816 | ||
1817 | Removed horribly outdated Redhat RPM build files. These | |
1818 | are obsolete now that dnsmasq in in Fedora extras. Thanks | |
1819 | to Patrick "Jima" Laughton, the Fedora package | |
1820 | maintainer. | |
1821 | ||
1822 | Added workaround for Linux kernel bug. This manifests | |
1823 | itself as failure of DHCP on kernels with "support for | |
1824 | classical IP over ATM" configured. That includes most | |
1825 | Debian kernel packages. Many thanks to A. Costa and | |
1826 | Benjamin Kudria for their huge efforts in chasing this | |
1827 | down. | |
1828 | ||
1829 | Force-kill child processes when dnsmasq is sent a sigterm, | |
1830 | otherwise an unclosed TCP connection could keep dnsmasq | |
1831 | hanging round for a few minutes. | |
1832 | ||
1833 | Tweaked config.h logic for uclibc build. It will now pick | |
1834 | up MMU and IPV6 status correctly on every system I tested. | |
1835 | ||
1836 | version 2.32 | |
1837 | Attempt a better job of replacing previous configuration | |
1838 | when re-reading /etc/hosts and /etc/ethers. SIGHUP is | |
1839 | still not identical to a restart under all circumstances, | |
1840 | but it is for the common case of name->MAC address in | |
1841 | /etc/ethers and name->IP address in /etc/hosts. | |
1842 | ||
1843 | Fall back to broadcast for DHCP to an unconfigured client | |
1844 | when the MAC address size is greater than 14 bytes. | |
1845 | ||
1846 | Fix problem in 2.28-onwards releases which breaks DNS on | |
1847 | Mac OS X. Thanks to Doug Fields for the bug report and | |
1848 | testing. | |
1849 | ||
1850 | Added fix to allow compilation on c89-only compilers. | |
1851 | Thanks to John Mastwijk for the patch. | |
1852 | ||
1853 | Tweak resolv file polling code to work better if there is | |
1854 | a race between updating the mtime and file contents. This | |
1855 | is not normally a problem, but it can be on systems which | |
1856 | replace nameservers whilst active. The code now continues | |
1857 | to read resolv.conf until it gets at least one usable | |
1858 | server. Thanks to Holger Mauermann for help with this. | |
1859 | ||
1860 | If a client DECLINEs an address which is allocated to it | |
1861 | via dhcp-host or /etc/hosts, lock that address out of use | |
1862 | for ten minutes, instead of forever, and log when it's not | |
1863 | being used because of the lock-out. This should provide | |
1864 | less surprising behaviour when a configured address can't be | |
1865 | used. Thanks to Peter Surda and Heinz Deinhart for input | |
1866 | on this. | |
1867 | ||
1868 | Fixed *BSD DHCP breakage with only some | |
1869 | arches/compilers, depending on structure padding rules. | |
1870 | Thanks to Jeb Campbell and Tom Hensel for help with this. | |
1871 | ||
1872 | Added --conf-dir option. Suggestion from Aaron Tygart. | |
1873 | ||
1874 | Applied patch from Brent Cook which allows netids in | |
1875 | dhcp-option configuration lines to be prefixed by | |
1876 | "net:". This is not required by the syntax, but it is | |
1877 | consistent with other configuration items. | |
1878 | ||
1879 | Added --log-facility option. Suggestion from Fabio Muzzi. | |
1880 | ||
1881 | Major update to Spanish translation. Many thanks to Chris | |
1882 | Chatham. | |
1883 | ||
1884 | Fixed gcc-4.1 strict-alias compilation warning. | |
1885 | ||
1886 | version 2.33 | |
1887 | Remove bash-specific shellcode from the Makefile. | |
1888 | ||
1889 | Fix breakage with some DHCP relay implementations which | |
1890 | was introduced in 2.28. Believing the source port in | |
1891 | DHCP requests and sending the reply there is sometimes a | |
1892 | bad thing to do, so I've reverted to always sending to | |
1893 | the relay on port 68. Thanks to Daniel Hamlin and Alex | |
1894 | (alde) for bug reports on this. | |
1895 | ||
1896 | Moved the SuSe packaging files to contrib. I will no | |
1897 | longer attempt to maintain this in the source tarball. It | |
1898 | will be done externally, in the same way as packaging for | |
1899 | other distros. Suse packages are available from | |
1900 | ftp://ftp.suse.com/pub/people/ug/ | |
1901 | ||
1902 | Merged patch from Gentoo to honour $LDFLAGS environment. | |
1903 | ||
1904 | Fix bug in resolv.conf processing when more than one file | |
1905 | is being checked. | |
1906 | ||
1907 | Add --dns-forward-max option. | |
1908 | ||
1909 | Warn if --resolv-file flags are ignored because of | |
1910 | --no-resolv. Thanks to Martin F Krafft for spotting this | |
1911 | one. | |
1912 | ||
1913 | Add --leasefile-ro option which allows the use of an | |
1914 | external lease database. Many thanks to Steve Horbachuk | |
1915 | for assistance developing this feature. | |
1916 | ||
1917 | Provide extra information to lease-change script via its | |
1918 | environment. If the host has a client-id, then | |
1919 | DNSMASQ_CLIENT_ID will be set. Either the lease length (in | |
1920 | DNSMASQ_LEASE_LENGTH) or lease expiry time (in | |
1921 | DNSMASQ_LEASE_EXPIRES) will be set, depending on the | |
1922 | HAVE_BROKEN_RTC compile-time option. This extra | |
1923 | information should make it possible to maintain the lease | |
1924 | database in external storage such as LDAP or a relational | |
1925 | database. Note that while leasefile-ro is set, the script | |
1926 | will be called with "old" events more often, since | |
1927 | changes to the client-id and lease length | |
1928 | (HAVE_BROKEN_RTC) or lease expiry time (otherwise) | |
1929 | are now flagged. | |
1930 | ||
1931 | Add contrib/wrt/* which is an example implementation of an | |
1932 | external persistent lease database for *WRT distros with | |
1933 | the nvram command. | |
1934 | ||
1935 | Add contrib/wrt/dhcp_release.c which is a small utility | |
1936 | which removes DHCP leases using DHCPRELEASE operation in | |
1937 | the DHCP protocol. | |
1938 | ||
1939 | version 2.34 | |
1940 | Tweak network-determination code for another corner case: | |
1941 | in this case a host forced to move between dhcp-ranges on | |
1942 | the same physical interface. Thanks to Matthias Andree. | |
1943 | ||
1944 | Improve handling of high DNS loads by throttling acceptance of | |
1945 | new queries when resources are tight. This should be a | |
1946 | better response than the "forwarding table full..." | |
1947 | message which was logged before. | |
1948 | ||
1949 | Fixed intermittent infinite loop when re-reading | |
1950 | /etc/ethers after SIGHUP. Thanks to Eldon Ziegler for the | |
1951 | bug report. | |
1952 | ||
1953 | Provide extra information to the lease-change script: when | |
1954 | a lease loses its hostname (because a new lease comes | |
1955 | along and claims the same new), the "old" action is called | |
1956 | with the current state of the lease, ie no name. The | |
1957 | change is to provide the former name which the lease had | |
1958 | in the environment variable DNSMASQ_OLD_HOSTNAME. This | |
1959 | helps scripts which do stuff based on hostname, rather | |
1960 | than IP address. Also provide vendor-class and user-class | |
1961 | information to the lease-change script when a new lease is | |
1962 | created in the DNSMASQ_VENDOR_CLASS and | |
1963 | DNSMASQ_USER_CLASS<n> environment variables. Suggestion | |
1964 | from Francois-Xavier Le Bail. | |
1965 | ||
1966 | Run the lease change script as root, even when dnsmasq is | |
1967 | configured to change UID to an unprivileged user. Since | |
1968 | most uses of the lease change script need root, this | |
1969 | allows its use whilst keeping the security advantages of | |
1970 | running the daemon without privs. The script is invoked | |
1971 | via a small helper process which keeps root UID, and | |
1972 | validates all data received from the main process. To get | |
1973 | root, an attacker would have to break dnsmasq and then | |
1974 | break the helper through the restricted comms channel | |
1975 | linking the two. | |
1976 | ||
1977 | Add contrib/port-forward/* which is a script to set up | |
1978 | port-forwards using the DHCP lease-change script. It's | |
1979 | possible to add a host to a config file by name, and when | |
1980 | that host gets a DHCP lease, the script will use iptables | |
1981 | to set up port-forwards to configured ports at the address | |
1982 | which the host is allocated. The script also handles | |
1983 | setting up the port-forward iptables entries after reboot, | |
1984 | using the persistent lease database, and removing them | |
1985 | when a host leaves and its DHCP lease expires. | |
1986 | ||
1987 | Fix unaligned access problem which caused wrong log | |
1988 | messages with some clients on some architectures. Thanks | |
1989 | to Francois-Xavier Le Bail for the bugreport. | |
1990 | ||
1991 | Fixed problem with DHCPRELEASE and multi-address | |
1992 | interfaces. Enhanced contrib/wrt/dhcp_release to cope | |
1993 | under these circumstances too. Thanks to Eldon Ziegler for | |
1994 | input on this. | |
1995 | ||
1996 | Updated French translation: thanks to Gildas Le Nadan. | |
1997 | ||
1998 | Upgraded the name hash function in the DNS cache. Thanks | |
1999 | to Oleg Khovayko for good work on this. | |
2000 | ||
2001 | Added --clear-on-reload flag. Suggestion from Johannes | |
2002 | Stezenbach. | |
2003 | ||
2004 | Treat a nameserver address of 0.0.0.0 as "nothing". Erwin | |
2005 | Cabrera spotted that specifying a nameserver as 0.0.0.0 | |
2006 | breaks things badly; this is because the network stack | |
2007 | treats is as "this host" and an endless loop ensues. | |
2008 | ||
2009 | Added Webmin module in contrib/webmin. Thanks to Neil | |
2010 | Fisher for that. | |
2011 | ||
2012 | version 2.35 | |
2013 | Generate an "old" script event when a client does a DHCPREQUEST | |
2014 | in INIT-REBOOT or SELECTING state and the lease already | |
2015 | exists. Supply vendor and user class information to these | |
2016 | script calls. | |
2017 | ||
2018 | Added support for Dragonfly BSD to src/config.h | |
2019 | ||
2020 | Removed "Upgrading to 2.0" document, which is ancient | |
2021 | history now. | |
2022 | ||
2023 | Tweak DHCP networking code for BSD, esp OpenBSD. Added a | |
2024 | workaround for a bug in OpenBSD 4.0: there should finally | |
2025 | be support for multiple interfaces under OpenBSD now. | |
2026 | Note that no version of dnsmasq before 2.35 will work for | |
2027 | DHCP under OpenBSD 4.0 because of a kernel bug. | |
2028 | Thanks to Claudio Jeker, Jeb Campbell and Cristobal | |
2029 | Palmer for help with this. | |
2030 | ||
2031 | Optimised the cache code for the case of large | |
2032 | /etc/hosts. This is mainly to remove the O(n-squared) | |
2033 | algorithm which made reading large (50000 lines) files | |
2034 | slow, but it also takes into account the size of | |
2035 | /etc/hosts when building hash tables, so overall | |
2036 | performance should be better. Thanks to "koko" for | |
2037 | pointing out the problem. | |
2038 | ||
2039 | version 2.36 | |
2040 | Added --dhcp-ignore-names flag which tells dnsmasq not to | |
2041 | use names provided by DHCP clients. Suggestion from | |
2042 | Thomas M Steenholdt. | |
2043 | ||
2044 | Send netmask and broadcast address DHCP options always, | |
2045 | even if the client doesn't request them. This makes a few | |
2046 | odd clients work better. | |
2047 | ||
2048 | Added simple TFTP function, optimised for net-boot. It is | |
2049 | now possible to net boot hosts using only dnsmasq. The | |
2050 | TFTP server is read-only, binary-mode only, and designed to be | |
2051 | secure; it adds about 4K to the dnsmasq binary. | |
2052 | ||
2053 | Support DHCP option 120, SIP servers, (RFC 3361). Both | |
2054 | encodings are supported, so both --dhcp-option=120,192.168.2.3 | |
2055 | and --dhcp-option=120,sip.example.net will work. Brian | |
2056 | Candler pointed out the need for this. | |
2057 | ||
2058 | Allow spaces in domain names, to support DNS-SD. | |
2059 | ||
2060 | Add --ptr-record flag, again for DNS-SD. Thanks to Stephan | |
2061 | Sokolow for the suggestion. | |
2062 | ||
2063 | Tolerate leading space on lines in the config file. Thanks | |
2064 | to Luigi Rizzo for pointing this out. | |
2065 | ||
2066 | Fixed netlink.c to cope with headers from the Linux 2.6.19 | |
2067 | kernel. Thanks to Philip Wall for the bug report. | |
2068 | ||
2069 | Added --dhcp-bridge option, but only to the FreeBSD | |
2070 | build. This fixes an oddity with a a particular bridged | |
2071 | network configuration on FreeBSD. Thanks to Luigi Rizzo | |
2072 | for the patch. | |
2073 | ||
2074 | Added FAQ entry about running dnsmasq in a Linux | |
2075 | vserver. Thanks to Gildas le Nadan for the information. | |
2076 | ||
2077 | Fixed problem with option parsing which interpreted "/" as | |
2078 | an address and not a string. Thanks to Luigi Rizzo | |
2079 | for the patch. | |
2080 | ||
2081 | Ignore the --domain-needed flag when forwarding NS | |
2082 | and SOA queries, since NS queries of TLDs are always legit. | |
2083 | Marcus Better pointed out this problem. | |
2084 | ||
2085 | Take care to forward signed DNS requests bit-perfect, so | |
2086 | as not to affect the validity of the signature. This | |
2087 | should allow DDNS updates to be forwarded. | |
2088 | ||
2089 | version 2.37 | |
2090 | Add better support for RFC-2855 DHCP-over-firewire and RFC | |
2091 | -4390 DHCP-over-InfiniBand. A good suggestion from Karl Svec. | |
2092 | ||
2093 | Some efficiency tweaks to the cache code for very large | |
2094 | /etc/hosts files. Should improve reverse (address->name) | |
2095 | lookups and garbage collection. Thanks to Jan 'RedBully' | |
2096 | Seiffert for input on this. | |
2097 | ||
2098 | Fix regression in 2.36 which made bogus-nxdomain | |
2099 | and DNS caching unreliable. Thanks to Dennis DeDonatis | |
2100 | and Jan Seiffert for bug reports. | |
2101 | ||
2102 | Make DHCP encapsulated vendor-class options sane. Be | |
2103 | warned that some conceivable existing configurations | |
2104 | using these may break, but they work in a much | |
2105 | simpler and more logical way now. Prepending | |
2106 | "vendor:<client-id>" to an option encapsulates it | |
2107 | in option 43, and the option is sent only if the | |
2108 | client-supplied vendor-class substring-matches with | |
2109 | the given client-id. Thanks to Dennis DeDonatis for | |
2110 | help with this. | |
2111 | ||
2112 | Apply patch from Jan Seiffert to tidy up tftp.c | |
2113 | ||
2114 | Add support for overloading the filename and servername | |
2115 | fields in DHCP packet. This gives extra option-space when | |
2116 | these fields are not being used or with a modern client | |
2117 | which supports moving them into options. | |
2118 | ||
2119 | Added a LIMITS section to the man-page, with guidance on | |
2120 | maximum numbers of clients, file sizes and tuning. | |
2121 | ||
2122 | release 2.38 | |
2123 | Fix compilation on *BSD. Thanks to Tom Hensel. | |
2124 | ||
2125 | Don't send length zero DHCP option 43 and cope with | |
2126 | encapsulated options whose total length exceeds 255 octets | |
2127 | by splitting them into multiple option 43 pieces. | |
2128 | ||
2129 | Avoid queries being retried forever when --strict-order is | |
2130 | set and an upstream server returns a SERVFAIL | |
2131 | error. Thanks to Johannes Stezenbach for spotting this. | |
2132 | ||
2133 | Fix BOOTP support, broken in version 2.37. | |
2134 | ||
2135 | Add example dhcp-options for Etherboot. | |
2136 | ||
2137 | Add \e (for ASCII ESCape) to the set of valid escapes | |
2138 | in config-file strings. | |
2139 | ||
2140 | Added --dhcp-option-force flag and examples in the | |
2141 | configuration file which use this to control PXELinux. | |
2142 | ||
2143 | Added --tftp-no-blocksize option. | |
2144 | ||
2145 | Set netid tag "bootp" when BOOTP (rather than DHCP) is in | |
2146 | use. This makes it easy to customise which options are | |
2147 | sent to BOOTP clients. (BOOTP allows only 64 octets for | |
2148 | options, so it can be necessary to trim things.) | |
2149 | ||
2150 | Fix rare hang in cache code, a 2.37 regression. This | |
2151 | probably needs an infinite DHCP lease and some bad luck to | |
2152 | trigger. Thanks to Detlef Reichelt for bug reports and testing. | |
2153 | ||
2154 | release 2.39 | |
2155 | Apply patch from Mike Baker/OpenWRT to ensure that names | |
2156 | like "localhost." in /etc/hosts with trailing period | |
2157 | are treated as fully-qualified. | |
2158 | ||
2159 | Tolerate and ignore spaces around commas in the | |
2160 | configuration file in all circumstances. Note that this | |
2161 | may change the meaning of a few existing config files, for | |
2162 | instance | |
2163 | txt-record=mydomain.com, string | |
2164 | would have a leading space in the string before, and now | |
2165 | will not. To get the old behaviour back, use quotes: | |
2166 | txt-record=mydomain.com," string" | |
2167 | ||
2168 | /a is no longer a valid escape in quoted strings. | |
2169 | ||
2170 | Added symbolic DHCP option names. Instead of | |
2171 | dhcp-option = 3, 1.2.3.4 | |
2172 | it is now possible to do | |
2173 | dhcp-option = option:router, 1.2.3.4 | |
2174 | To see the list of known DHCP options, use the | |
2175 | command "dnsmasq --help dhcp" | |
2176 | Thanks to Luigi Rizzo for a patch and good work on this. | |
2177 | ||
2178 | Overhauled the log code so that logging can be asynchronous; | |
2179 | dnsmasq then no longer blocks waiting for the syslog() library | |
2180 | call. This is important on systems where syslog | |
2181 | is being used to log over the network (and therefore doing | |
2182 | DNS lookups) and syslog is using dnsmasq as its DNS | |
2183 | server. Having dnsmasq block awaiting syslog under | |
2184 | such circumstances can lead to syslog and dnsmasq | |
2185 | deadlocking. The new behaviour is enabled with a new | |
2186 | --log-async flag, which can also be used to tune the | |
2187 | queue length. Paul Chambers found and diagnosed | |
2188 | this trap for the unwary. He also did much testing of | |
2189 | the solution along with Carlos Carvalho. | |
2190 | ||
2191 | --log-facility can now take a file-name instead of a | |
2192 | facility name. When this is done, dnsmasq logs to the | |
2193 | file and not via syslog. (Failures early in startup, | |
2194 | whilst reading configuration, will still go to syslog, | |
2195 | and syslog is used as a log-of-last-resort if the file | |
2196 | cannot be written.) | |
2197 | ||
2198 | Added --log-dhcp flag. Suggestion from Carlos Carvalho. | |
2199 | ||
2200 | Made BINDIR, MANDIR and LOCALEDIR independently | |
2201 | over-rideable in the makefile. Suggestion from Thomas | |
2202 | Klausner. | |
2203 | ||
2204 | Added 127.0.0.0/8 and 169.254.0.0/16 to the address | |
2205 | ranges affected by --bogus-priv. Thanks to Paul | |
2206 | Chambers for the patch. | |
2207 | ||
2208 | Fixed failure of TFTP server with --listen-address. Thanks | |
2209 | to William Dinkel for the bug report. | |
2210 | ||
2211 | Added --dhcp-circuitid and --dhcp-remoteid for RFC3046 | |
2212 | relay agent data matching. | |
2213 | ||
2214 | Added --dhcp-subscrid for RFC3993 subscriber-id relay | |
2215 | agent data matching. | |
2216 | ||
2217 | Correctly garbage-collect connections when upstream | |
2218 | servers go away as a result of DBus transactions. | |
2219 | ||
2220 | Allow absolute paths for TFTP transfers even when | |
2221 | --tftp-root is set, as long as the path matches the root, | |
2222 | so /var/ftp/myfile is OK with tftp-root=/var/ftp. | |
2223 | Thanks for Thomas Mizzi for the patch. | |
2224 | ||
2225 | Updated Spanish translation - thanks to Chris Chatham. | |
2226 | ||
2227 | Updated French translation - thanks to Gildas Le Nadan. | |
2228 | ||
2229 | Added to example conf file example of routing PTR queries | |
2230 | for a subnet to a different nameserver. Suggestion from | |
2231 | Jon Nicholson. | |
2232 | ||
2233 | Added --interface-name option. This provides a facility | |
2234 | to add a domain name with a dynamic IP address taken from | |
2235 | the address of a local network interface. Useful for | |
2236 | networks with dynamic IPs. | |
2237 | ||
2238 | version 2.40 | |
2239 | Make SIGUSR2 close-and-reopen the logfile when logging | |
2240 | direct to a file. Thanks to Carlos Carvalho for | |
2241 | suggesting this. When a logfile is created, change | |
2242 | its ownership to the user dnsmasq will run as, don't | |
2243 | leave it owned by root. | |
2244 | ||
2245 | Set a special tag, "known" for hosts which are matched by | |
2246 | a dhcp-host or /etc/ethers line. This is especially | |
2247 | useful to be able to do --dhcp-ignore=#known, like ISCs | |
2248 | "deny unknown-clients". | |
2249 | ||
2250 | Explicitly set a umask before creating the leases file, | |
2251 | rather than relying on whatever we inherited. The | |
2252 | permissions are set to 644. | |
2253 | ||
2254 | Fix handling of fully-qualified names in --dhcp-host | |
2255 | directives and in /etc/ethers. These are now rejected | |
2256 | if the domain doesn't match that given by --domain, | |
2257 | and used correctly otherwise. Before, putting | |
2258 | a FQDN here could cause the whole FQDN to be used as | |
2259 | hostname. Thanks to Michael Heimpold for the bug report. | |
2260 | ||
2261 | Massive but trivial edit to make the "daemon" variable | |
2262 | global, instead of copying the same value around as the | |
2263 | first argument to half the functions in the program. | |
2264 | ||
2265 | Updated Spanish manpage and message catalog. Thanks | |
2266 | to Chris Chatham. | |
2267 | ||
2268 | Added patch for support of DNS LOC records in | |
2269 | contrib/dns-loc. Thanks to Lorenz Schori. | |
2270 | ||
2271 | Fixed error in manpage: dhcp-ignore-name -> | |
2272 | dhcp-ignore-names. Thanks to Daniel Mentz for spotting | |
2273 | this. | |
2274 | ||
2275 | Use client-id as hash-seed for DHCP address allocation | |
2276 | with Firewire and Infiniband, as these don't supply an MAC | |
2277 | address. | |
2278 | ||
2279 | Tweaked TFTP file-open code to make it behave sensibly | |
2280 | when the filesystem changes under its feet. | |
2281 | ||
2282 | Added DNSMASQ_TIME_REMAINING environment variable to the | |
2283 | lease-script. | |
2284 | ||
2285 | Always send replies to DHCPINFORM requests to the source | |
2286 | of the request and not to the address in ciaddr. This | |
2287 | allows third-party queries. | |
2288 | ||
2289 | Return "lease time remaining" in the reply to a DHCPINFORM | |
2290 | request if there exists a lease for the host sending the | |
2291 | request. | |
2292 | ||
2293 | Added --dhcp-hostsfile option. This gives a superset of | |
2294 | the functionality provided by /etc/ethers. Thanks to | |
2295 | Greg Kurtzer for the suggestion. | |
2296 | ||
2297 | Accept keyword "server" as a synonym for "nameserver" in | |
2298 | resolv.conf. Thanks to Andrew Bartlett for the report. | |
2299 | ||
2300 | Add --tftp-unique-root option. Suggestion from Dermot | |
2301 | Bradley. | |
2302 | ||
2303 | Tweak TFTP retry timer to avoid problems with difficult | |
2304 | clients. Thanks to Dermot Bradley for assistance with | |
2305 | this. | |
2306 | ||
2307 | Continue to use unqualified hostnames provided by DHCP | |
2308 | clients, even if the domain part is illegal. (The domain | |
2309 | is ignored, and an error logged.) Previously in this | |
2310 | situation, the whole name whould have been | |
2311 | rejected. Thanks to Jima for the patch. | |
2312 | ||
2313 | Handle EINTR returns from wait() correctly and reap | |
2314 | our children's children if necessary. This fixes | |
2315 | a problem with zombie-creation under *BSD when using | |
2316 | --dhcp-script. | |
2317 | ||
2318 | Escape spaces in hostnames when they are stored in the | |
2319 | leases file and passed to the lease-change | |
2320 | script. Suggestion from Ben Voigt. | |
2321 | ||
2322 | Re-run the lease chamge script with an "old" event for | |
2323 | each lease when dnsmasq receives a SIGHUP. | |
2324 | ||
2325 | Added more useful exit codes, including passing on a | |
2326 | non-zero exit code from the lease-script "init" call when | |
2327 | --leasefile-ro is set. | |
2328 | ||
2329 | Log memory allocation failure whilst the daemon is | |
2330 | running. Allocation failures during startup are fatal, | |
2331 | but lack of memory whilst running is worked around. | |
2332 | This used to be silent, but now is logged. | |
2333 | ||
2334 | Fixed misaligned memory access which caused problems on | |
2335 | Blackfin CPUs. Thanks to Alex Landau for the patch. | |
2336 | ||
2337 | Don't include (useless) script-calling code when NO_FORK | |
2338 | is set. Since this tends to be used on very small uclinux | |
2339 | systems, it's worth-while to save some code-size. | |
2340 | ||
2341 | Don't set REUSEADDR on TFTP listening socket. There's no | |
2342 | need to do so, and it creates confusing behaviour when | |
2343 | inetd is also listening on the same port. Thanks to Erik | |
2344 | Brown for spotting the problem. | |
2345 | ||
2346 | version 2.41 | |
2347 | Remove deprecated calls when compiled against libdbus 1.1. | |
2348 | ||
2349 | Fix "strict-alias" warning in bpf.c | |
2350 | ||
2351 | Reduce dependency on Gnu-make in build system: dnsmasq now | |
2352 | builds with system make under OpenBSD. | |
2353 | ||
2354 | Port to Solaris. Dnsmasq 1.x used to run under Solaris, | |
2355 | and this release does so again, for Solaris 9 or better. | |
2356 | ||
2357 | Allow the DNS function to be completely disabled, by | |
2358 | setting the port to zero "--port=0". The allows dnsmasq to | |
2359 | be used as a simple DHCP server, simple TFTP server, or | |
2360 | both, but without the DNS server getting in the way. | |
2361 | ||
2362 | Fix a bug where NXDOMAIN could be returned for a query | |
2363 | even if the name's value was known for a different query | |
2364 | type. This bug could be prodded with | |
2365 | --local=/domain/ --address=/name.domain/1.2.3.4 | |
2366 | An IPv6 query for name.domain would return NXDOMAIN, and | |
2367 | not the correct NOERROR. Thanks to Lars Nooden for | |
2368 | spotting the bug and Jima for diagnosis of the problem. | |
2369 | ||
2370 | Added per-server stats to the information logged when | |
2371 | dnsmasq gets SIGUSR1. | |
2372 | ||
2373 | Added counts of queries forwarded and queries answered | |
2374 | locally (from the cache, /etc/hosts or config). | |
2375 | ||
2376 | Fixed possible crash bug in DBus IPv6 code. Thanks to Matt | |
2377 | Domsch and Jima. | |
2378 | ||
2379 | Tighten checks for clashes between hosts-file and | |
2380 | DHCP-derived names. Multiple addresses associated with a | |
2381 | name in hosts-file no longer confuses the check. | |
2382 | ||
2383 | Add --dhcp-no-override option to fix problems with some | |
2384 | combinations of stage zero and stage one | |
2385 | bootloaders. Thanks to Steve Alexander for the bug report. | |
2386 | ||
2387 | Add --tftp-port-range option. Thanks to Daniel Mierswa for | |
2388 | the suggestion. | |
2389 | ||
2390 | Add --stop-dns-rebind option. Thanks to Collin Mulliner | |
2391 | for the patch. | |
2392 | ||
2393 | Added GPL version 3 as a license option. | |
2394 | ||
2395 | Added --all-servers option. Thanks to Peter Naulls for the | |
2396 | patch. | |
2397 | ||
2398 | Extend source address mechanism so that the interface used | |
2399 | to contact an upstream DNS server can be nailed | |
2400 | down. Something like "--server=1.2.3.4@eth1" will force | |
2401 | the use of eth1 for traffic to DNS-server 1.2.3.4. This | |
2402 | facility is only available on Linux and Solaris. Thanks to | |
2403 | Peter Naulls for prompting this. | |
2404 | ||
2405 | Add --dhcp-optsfile option. Thanks to Carlos Carvalho for | |
2406 | the suggestion. | |
2407 | ||
2408 | Fixed failure to set source address for server connections | |
2409 | when using TCP. Thanks to Simon Capper for finding this | |
2410 | bug. | |
2411 | ||
2412 | Refuse to give a DHCP client the address it asks for if | |
2413 | the address range in question is not available to that | |
2414 | particular host. Thanks to Cedric Duval for the bug | |
2415 | report. | |
2416 | ||
2417 | Changed behavior of DHCP server to always return total length of | |
2418 | a new lease in DHCPOFFER, even if an existing lease | |
2419 | exists. (It used to return the time remaining on the lease | |
2420 | whne one existed.) This fixes problems with the Sony Ericsson | |
2421 | K610i phone. Thanks to Hakon Stordahl for finding and | |
2422 | fixing this. | |
2423 | ||
2424 | Add DNSMASQ_INTERFACE to the environment of the | |
2425 | lease-change script. Thanks to Nikos Mavrogiannopoulos for | |
2426 | the patch. | |
2427 | ||
2428 | Fixed broken --alias functionality. Thanks to Michael | |
2429 | Meelis for the bug report. | |
2430 | ||
2431 | Added French translation of the man page. Thank to Gildas | |
2432 | Le Nadan for that. | |
2433 | ||
2434 | Add --dhcp-match flag, to check for arbitrary options in | |
2435 | DHCP messages from clients. This enables use of dnsmasq | |
2436 | with gPXE. Thanks to Rance Hall for the suggestion. | |
2437 | ||
2438 | Added --dhcp-broadcast, to force broadcast replies to DHCP | |
2439 | clients which need them but are too dumb or too old to | |
2440 | ask. Thanks to Bodo Bellut for the suggestion. | |
2441 | ||
2442 | Disable path-MTU discovery on DHCP and TFTP sockets. This | |
2443 | is never needed, and the presence of DF flags in the IP | |
2444 | header confuses some broken PXE ROMS. Thanks again to Bodo | |
2445 | Bellut for spotting this. | |
2446 | ||
2447 | Fix problems with addresses which have multiple PTR | |
2448 | records - all but one of these could get lost. | |
2449 | ||
2450 | Fix bug with --address and ANY query type seeing REFUSED | |
2451 | return code in replies. Thanks to Mike Wright for spotting | |
2452 | the problem. | |
2453 | ||
2454 | Update Spanish translation. Thanks to Chris Chatham. | |
2455 | ||
2456 | Add --neg-ttl option. | |
2457 | ||
2458 | Add warnings about the bad effects of --filterwin2k on | |
2459 | SIP, XMPP and Google-talk to the example config file. | |
2460 | ||
2461 | Fix va_list abuse in log.c. This fixes crashes on powerpc | |
2462 | when debug mode is set. Thanks to Cedric Duval for the | |
2463 | patch. | |
2464 | ||
2465 | version 2.42 | |
2466 | Define _GNU_SOURCE to avoid problems with later glibc | |
2467 | headers. Thanks to Jima for spotting the problem. | |
2468 | ||
2469 | Add --dhcp-alternate-port option. Thanks to Jan Psota for | |
2470 | the suggestion. | |
2471 | ||
2472 | Fix typo in code which is only used on BSD, when Dbus and | |
2473 | IPv6 support is enabled. Thanks to Roy Marples. | |
2474 | ||
2475 | Updated Polish translations - thank to Jan Psota. | |
2476 | ||
2477 | Fix OS detection logic to cope with GNU/FreeBSD. | |
2478 | ||
2479 | Fix unitialised variable in DBus code - thanks to Roy | |
2480 | Marples. | |
2481 | ||
2482 | Fix network enumeration code to work on later NetBSD - | |
2483 | thanks to Roy Marples. | |
2484 | ||
2485 | Provide --dhcp-bridge on all BSD variants. | |
2486 | ||
2487 | Define _LARGEFILE_SOURCE which removes an arbitrary 2GB | |
2488 | limit on logfiles. Thanks to Paul Chambers for spotting | |
2489 | the problem. | |
2490 | ||
2491 | Fix RFC3046 agent-id echo code, broken for many | |
2492 | releases. Thanks to Jeremy Laine for spotting the problem | |
2493 | and providing a patch. | |
2494 | ||
2495 | Added Solaris 10 service manifest from David Connelly in | |
2496 | contrib/Solaris10 | |
2497 | ||
2498 | Add --dhcp-scriptuser option. | |
2499 | ||
2500 | Support new capability interface on suitable Linux | |
2501 | kernels, removes "legacy support in use" messages. Thanks | |
2502 | to Jorge Bastos for pointing this out. | |
2503 | ||
2504 | Fix subtle bug in cache code which could cause dnsmasq to | |
2505 | lock spinning CPU in rare circumstances. Thanks to Alex | |
2506 | Chekholko for bug reports and help debugging. | |
2507 | ||
2508 | Support netascii transfer mode for TFTP. | |
2509 |