/var/ipfire/*/config
/var/ipfire/*/enable
/var/ipfire/*/*enable*
+/var/ipfire/ovpn/collectd.vpn
/etc/passwd
/etc/shadow
/etc/group
/etc/hosts*
/etc/httpd/*
/etc/ssh/ssh_host*
+/etc/ssh/sshd_config
/etc/logrotate.d
/var/ipfire/auth/users
/var/ipfire/dhcp/*
--- /dev/null
+/usr/sieve
+/var/imap
+/var/ipfire/cyrusimap
+/var/log/imap
+++ /dev/null
-/srv/web/esniper/.htaccess
-/srv/web/esniper/.config.php
-/srv/web/esniper/.config.state.php
-/srv/web/esniper/local/
-/srv/web/esniper/.run/
--- /dev/null
+/etc/snmpd.conf
use strict;
use Socket;
use IO::Socket;
+use Locale::Codes::Country;
use Net::SSLeay;
use Net::IPv4Addr qw(:all);
$|=1; # line buffering
--- /dev/null
+#!/usr/bin/perl -w
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2015 IPFire Team <info@ipfire.org>. #
+# #
+############################################################################
+
+package GeoIP;
+
+use Locale::Codes::Country;
+
+# Function to get the flag icon for a specified country code.
+sub get_flag_icon($) {
+ my ($input) = @_;
+
+ # Webserver's root dir. (Required for generating full path)
+ my $webroot = "/srv/web/ipfire/html";
+
+ # Directory which contains the flag icons.
+ my $flagdir = "/images/flags";
+
+ # File extension of the country flags.
+ my $ext = "png";
+
+ # Remove whitespaces.
+ chomp($input);
+
+ # Convert given country code to upper case.
+ my $ccode = uc($input);
+
+ # Generate filename, based on the contry code in lower case
+ # and the defined file extension.
+ my $file = join('.', $ccode,$ext);
+
+ # Generate path inside webroot to the previously generated file.
+ my $flag_icon = join('/', $flagdir,$file);
+
+ # Generate absolute path to the icon file.
+ my $absolute_path = join('', $webroot,$flag_icon);
+
+ # Check if the a icon file exists.
+ if (-e "$absolute_path") {
+ # Return content of flag_icon.
+ return $flag_icon;
+ } else {
+ # If no icon for the specified country exists, try to use
+ # the icon for "unknown".
+ my $ccode = "unknown";
+
+ # Redoing all the stuff from abouve for the "unknown" icon.
+ my $file = join('.', $ccode,$ext);
+ my $flag_icon = join('/', $flagdir,$file);
+ my $absolute_path = join('', $webroot,$flag_icon);
+
+ # Check if the icon is present.
+ if (-e "$absolute_path") {
+ # Return "unknown" icon.
+ return $flag_icon;
+ }
+ }
+}
+
+# Function to get the county name by a given country code.
+sub get_full_country_name($) {
+ my ($input) = @_;
+ my $name;
+
+ # Remove whitespaces.
+ chomp($input);
+
+ # Convert input into lower case format.
+ my $code = lc($input);
+
+ # Handle country codes which are not in the list.
+ if ($code eq "a1") { $name = "Anonymous Proxy" }
+ elsif ($code eq "a2") { $name = "Satellite Provider" }
+ elsif ($code eq "o1") { $name = "Other Country" }
+ elsif ($code eq "ap") { $name = "Asia/Pacific Region" }
+ elsif ($code eq "eu") { $name = "Europe" }
+ elsif ($code eq "yu") { $name = "Yugoslavia" }
+ else {
+ # Use perl built-in module to get the country code.
+ $name = &Locale::Codes::Country::code2country($code);
+ }
+
+ return $name;
+}
+
+1;
"COMMENT:".sprintf("%15s",$Lang::tr{'average'}),
"COMMENT:".sprintf("%15s",$Lang::tr{'minimal'}),
"COMMENT:".sprintf("%15s",$Lang::tr{'current'})."\\j",
- "AREA:incoming#00dd00:".sprintf("%-20s",$Lang::tr{'incoming traffic in bytes per second'}),
+ "AREA:incoming#00dd00:".sprintf("%-23s",$Lang::tr{'incoming traffic in bytes per second'}),
"GPRINT:incoming:MAX:%8.1lf %sBps",
"GPRINT:incoming:AVERAGE:%8.1lf %sBps",
"GPRINT:incoming:MIN:%8.1lf %sBps",
"GPRINT:incoming:LAST:%8.1lf %sBps\\j",
- "STACK:overhead_in#116B11:".sprintf("%-20s",$Lang::tr{'incoming overhead in bytes per second'}),
+ "STACK:overhead_in#116B11:".sprintf("%-23s",$Lang::tr{'incoming overhead in bytes per second'}),
"GPRINT:overhead_in:MAX:%8.1lf %sBps",
"GPRINT:overhead_in:AVERAGE:%8.1lf %sBps",
"GPRINT:overhead_in:MIN:%8.1lf %sBps",
"GPRINT:overhead_in:LAST:%8.1lf %sBps\\j",
- "LINE1:compression_in#ff00ff:".sprintf("%-20s",$Lang::tr{'incoming compression in bytes per second'}),
+ "LINE1:compression_in#ff00ff:".sprintf("%-23s",$Lang::tr{'incoming compression in bytes per second'}),
"GPRINT:compression_in:MAX:%8.1lf %sBps",
"GPRINT:compression_in:AVERAGE:%8.1lf %sBps",
"GPRINT:compression_in:MIN:%8.1lf %sBps",
"GPRINT:compression_in:LAST:%8.1lf %sBps\\j",
- "AREA:outgoingn#dd0000:".sprintf("%-20s",$Lang::tr{'outgoing traffic in bytes per second'}),
+ "AREA:outgoingn#dd0000:".sprintf("%-23s",$Lang::tr{'outgoing traffic in bytes per second'}),
"GPRINT:outgoing:MAX:%8.1lf %sBps",
"GPRINT:outgoing:AVERAGE:%8.1lf %sBps",
"GPRINT:outgoing:MIN:%8.1lf %sBps",
"GPRINT:outgoing:LAST:%8.1lf %sBps\\j",
- "STACK:overhead_outn#870C0C:".sprintf("%-20s",$Lang::tr{'outgoing overhead in bytes per second'}),
+ "STACK:overhead_outn#870C0C:".sprintf("%-23s",$Lang::tr{'outgoing overhead in bytes per second'}),
"GPRINT:overhead_out:MAX:%8.1lf %sBps",
"GPRINT:overhead_out:AVERAGE:%8.1lf %sBps",
"GPRINT:overhead_out:MIN:%8.1lf %sBps",
"GPRINT:overhead_out:LAST:%8.1lf %sBps\\j",
- "LINE1:compression_outn#000000:".sprintf("%-20s",$Lang::tr{'outgoing compression in bytes per second'}),
+ "LINE1:compression_outn#000000:".sprintf("%-23s",$Lang::tr{'outgoing compression in bytes per second'}),
"GPRINT:compression_out:MAX:%8.1lf %sBps",
"GPRINT:compression_out:AVERAGE:%8.1lf %sBps",
"GPRINT:compression_out:MIN:%8.1lf %sBps",
return if ($ENV{'REQUEST_METHOD'} ne 'POST');
if (!$params->{'wantfile'}) {
$CGI::DISABLE_UPLOADS = 1;
- $CGI::POST_MAX = 512 * 1024;
+ $CGI::POST_MAX = 1024 * 1024;
} else {
$CGI::POST_MAX = 10 * 1024 * 1024;
}
# Re-read firewall rules every Sunday in March, October and November to take care of daylight saving time
00 3 * 3 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
00 2 * 10-11 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
+
+# Update GeoIP database once a month.
+%monthly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/xt_geoip_update >/dev/null 2>&1
my %customnetwork=();
my %customhost=();
my %customgrp=();
+my %customgeoipgrp=();
my %customservice=();
my %customservicegrp=();
my %ccdnet=();
my $confignet = "${General::swroot}/fwhosts/customnetworks";
my $confighost = "${General::swroot}/fwhosts/customhosts";
my $configgrp = "${General::swroot}/fwhosts/customgroups";
+my $configgeoipgrp = "${General::swroot}/fwhosts/customgeoipgrp";
my $configsrv = "${General::swroot}/fwhosts/customservices";
my $configsrvgrp = "${General::swroot}/fwhosts/customservicegrp";
my $configccdnet = "${General::swroot}/ovpn/ccd.conf";
&General::readhasharray("$confignet", \%customnetwork);
&General::readhasharray("$confighost", \%customhost);
&General::readhasharray("$configgrp", \%customgrp);
+&General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
&General::readhasharray("$configccdnet", \%ccdnet);
&General::readhasharray("$configccdhost", \%ccdhost);
&General::readhasharray("$configipsec", \%ipsecconf);
if ($customgrp{$grp}[0] eq $value) {
my @address = &get_address($customgrp{$grp}[3], $customgrp{$grp}[2], $type);
+ if (@address) {
+ push(@addresses, @address);
+ }
+ }
+ }
+ }elsif ($addr_type ~~ ["cust_geoip_src", "cust_geoip_tgt"] && $value =~ "group:") {
+ $value=substr($value,6);
+ foreach my $grp (sort {$a <=> $b} keys %customgeoipgrp) {
+ if ($customgeoipgrp{$grp}[0] eq $value) {
+ my @address = &get_address($addr_type, $customgeoipgrp{$grp}[2], $type);
+
if (@address) {
push(@addresses, @address);
}
}
}
+ # Handle rule options with GeoIP as source.
+ } elsif ($key eq "cust_geoip_src") {
+ # Get external interface.
+ my $external_interface = &get_external_interface();
+
+ push(@ret, ["-m geoip --src-cc $value", "$external_interface"]);
+
+ # Handle rule options with GeoIP as target.
+ } elsif ($key eq "cust_geoip_tgt") {
+ # Get external interface.
+ my $external_interface = &get_external_interface();
+
+ push(@ret, ["-m geoip --dst-cc $value", "$external_interface"]);
+
# If nothing was selected, we assume "any".
} else {
push(@ret, ["0/0", ""]);
return 0;
}
+sub get_geoip_locations() {
+ # Path to the directory which contains the binary geoip
+ # databases.
+ my $directory="/usr/share/xt_geoip/LE";
+
+ # Array to store the final country list.
+ my @country_codes = ();
+
+ # Open location and do a directory listing.
+ opendir(DIR, "$directory");
+ my @locations = readdir(DIR);
+ closedir(DIR);
+
+ # Loop through the directory listing, and cut of the file extensions.
+ foreach my $location (sort @locations) {
+ # skip . and ..
+ next if($location =~ /^\.$/);
+ next if($location =~ /^\.\.$/);
+
+ # Remove whitespaces.
+ chomp($location);
+
+ # Cut-off file extension.
+ my ($country_code, $extension) = split(/\./, $location);
+
+ # Add country code to array.
+ push(@country_codes, $country_code);
+ }
+
+ # Return final array.
+ return @country_codes;
+}
+
return 1;
--- /dev/null
+GEOIPBLOCK_ENABLED=off
-Applejuice;apple;off;
-Ares;ares;off;
-Bittorrent;bit;off;
-DirectConnect;dc;off;
-Edonkey;edk;off;
-Gnutella;gnu;off;
-KaZaA;kazaa;off;
-SoulSeek;soul;off;
-WinMX;winmx;off;
+Applejuice;apple;on;
+Ares;ares;on;
+Bittorrent;bit;on;
+DirectConnect;dc;on;
+Edonkey;edk;on;
+Gnutella;gnu;on;
+KaZaA;kazaa;on;
+SoulSeek;soul;on;
+WinMX;winmx;on;
my $configinput = "${General::swroot}/firewall/input";
my $configoutgoing = "${General::swroot}/firewall/outgoing";
my $p2pfile = "${General::swroot}/firewall/p2protocols";
+my $geoipfile = "${General::swroot}/firewall/geoipblock";
my $configgrp = "${General::swroot}/fwhosts/customgroups";
my $netsettings = "${General::swroot}/ethernet/settings";
# Flush all chains.
&flush();
- # Reload firewall rules.
- &preparerules();
+ # Prepare firewall rules.
+ if (! -z "${General::swroot}/firewall/input"){
+ &buildrules(\%configinputfw);
+ }
+ if (! -z "${General::swroot}/firewall/outgoing"){
+ &buildrules(\%configoutgoingfw);
+ }
+ if (! -z "${General::swroot}/firewall/config"){
+ &buildrules(\%configfwdfw);
+ }
# Load P2P block rules.
&p2pblock();
+ # Load GeoIP block rules.
+ &geoipblock();
+
# Reload firewall policy.
run("/usr/sbin/firewall-policy");
+
+ #Reload firewall.local if present
+ if ( -f '/etc/sysconfig/firewall.local'){
+ run("/etc/sysconfig/firewall.local reload");
+ }
}
sub run {
run("$IPTABLES -t mangle -F $CHAIN_MANGLE_NAT_DESTINATION_FIX");
}
-sub preparerules {
- if (! -z "${General::swroot}/firewall/input"){
- &buildrules(\%configinputfw);
- }
- if (! -z "${General::swroot}/firewall/outgoing"){
- &buildrules(\%configoutgoingfw);
- }
- if (! -z "${General::swroot}/firewall/config"){
- &buildrules(\%configfwdfw);
- }
-}
-
sub buildrules {
my $hash = shift;
my @source_options = ();
if ($source =~ /mac/) {
push(@source_options, $source);
- } elsif ($source) {
+ } elsif ($source =~ /-m geoip/) {
+ push(@source_options, $source);
+ } elsif($source) {
push(@source_options, ("-s", $source));
}
# Prepare destination options.
my @destination_options = ();
- if ($destination) {
+ if ($destination =~ /-m geoip/) {
+ push(@destination_options, $destination);
+ } elsif ($destination) {
push(@destination_options, ("-d", $destination));
}
}
}
}
- #Reload firewall.local if present
- if ( -f '/etc/sysconfig/firewall.local'){
- run("/etc/sysconfig/firewall.local reload");
- }
}
# Formats the given timestamp into the iptables format which is "hh:mm" UTC.
}
}
+sub geoipblock {
+ my %geoipsettings = ();
+ $geoipsettings{'GEOIPBLOCK_ENABLED'} = "off";
+
+ # Flush iptables chain.
+ run("$IPTABLES -F GEOIPBLOCK");
+
+ # Check if the geoip settings file exists
+ if (-e "$geoipfile") {
+ # Read settings file
+ &General::readhash("$geoipfile", \%geoipsettings);
+ }
+
+ # If geoip blocking is not enabled, we are finished here.
+ if ($geoipsettings{'GEOIPBLOCK_ENABLED'} ne "on") {
+ # Exit submodule. Process remaining script.
+ return;
+ }
+
+ # Get supported locations.
+ my @locations = &fwlib::get_geoip_locations();
+
+ # Loop through all supported geoip locations and
+ # create iptables rules, if blocking this country
+ # is enabled.
+ foreach my $location (@locations) {
+ if($geoipsettings{$location} eq "on") {
+ run("$IPTABLES -A GEOIPBLOCK -m geoip --src-cc $location -j DROP");
+ }
+ }
+}
+
sub get_protocols {
my $hash = shift;
my $key = shift;
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
- user haproxy
- group haproxy
+ user nobody
+ group nobody
daemon
# turn on stats unix socket
# Driver interface for wired authenticator
#CONFIG_DRIVER_WIRED=y
-# Driver interface for madwifi driver
-#CONFIG_DRIVER_MADWIFI=y
-#CFLAGS += -I../../madwifi # change to the madwifi source directory
-
# Driver interface for Prism54 driver
CONFIG_DRIVER_PRISM54=y
CONFIG_PEERKEY=y
# IEEE 802.11w (management frame protection)
-# This version is an experimental implementation based on IEEE 802.11w/D1.0
-# draft and is subject to change since the standard has not yet been finalized.
-# Driver support is also needed for IEEE 802.11w.
-#CONFIG_IEEE80211W=y
+CONFIG_IEEE80211W=y
# Integrated EAP server
CONFIG_EAP=y
+# EAP Re-authentication Protocol (ERP) in integrated EAP server
+CONFIG_ERP=y
+
# EAP-MD5 for the integrated EAP server
CONFIG_EAP_MD5=y
# EAP-PSK for the integrated EAP server (this is _not_ needed for WPA-PSK)
#CONFIG_EAP_PSK=y
+# EAP-pwd for the integrated EAP server (secure authentication with a password)
+#CONFIG_EAP_PWD=y
+
# EAP-SAKE for the integrated EAP server
#CONFIG_EAP_SAKE=y
CONFIG_WPS=y
# Enable UPnP support for external WPS Registrars
CONFIG_WPS_UPNP=y
+# Enable WPS support with NFC config method
+#CONFIG_WPS_NFC=y
# EAP-IKEv2
CONFIG_EAP_IKEV2=y
# Trusted Network Connect (EAP-TNC)
CONFIG_EAP_TNC=y
+# EAP-EKE for the integrated EAP server
+#CONFIG_EAP_EKE=y
+
# PKCS#12 (PFX) support (used to read private key and certificate file from
# a file that usually has extension .p12 or .pfx)
CONFIG_PKCS12=y
# IEEE 802.11n (High Throughput) support
CONFIG_IEEE80211N=y
+# Wireless Network Management (IEEE Std 802.11v-2011)
+# Note: This is experimental and not complete implementation.
+#CONFIG_WNM=y
+
+# IEEE 802.11ac (Very High Throughput) support
+CONFIG_IEEE80211AC=y
+
# Remove debugging code that is printing out debug messages to stdout.
# This can be used to reduce the size of the hostapd considerably if debugging
# code is not needed.
CONFIG_NO_STDOUT_DEBUG=y
-# IEEE 802.11ac (Very High Throughput) support
-CONFIG_IEEE80211AC=y
-# Enable AUTO_CHANNEL_SELECTION
-# This is needed for dfs (radar detection) channels
+# Add support for writing debug log to a file: -f /tmp/hostapd.log
+# Disabled by default.
+#CONFIG_DEBUG_FILE=y
+
+# Add support for sending all debug messages (regardless of debug verbosity)
+# to the Linux kernel tracing facility. This helps debug the entire stack by
+# making it easy to record everything happening from the driver up into the
+# same file, e.g., using trace-cmd.
+#CONFIG_DEBUG_LINUX_TRACING=y
+
+# Remove support for RADIUS accounting
+#CONFIG_NO_ACCOUNTING=y
+
+# Remove support for RADIUS
+#CONFIG_NO_RADIUS=y
+
+# Remove support for VLANs
+#CONFIG_NO_VLAN=y
+
+# Enable support for fully dynamic VLANs. This enables hostapd to
+# automatically create bridge and VLAN interfaces if necessary.
+#CONFIG_FULL_DYNAMIC_VLAN=y
+
+# Use netlink-based kernel API for VLAN operations instead of ioctl()
+# Note: This requires libnl 3.1 or newer.
+#CONFIG_VLAN_NETLINK=y
+
+# Remove support for dumping internal state through control interface commands
+# This can be used to reduce binary size at the cost of disabling a debugging
+# option.
+#CONFIG_NO_DUMP_STATE=y
+
+# Enable tracing code for developer debugging
+# This tracks use of memory allocations and other registrations and reports
+# incorrect use with a backtrace of call (or allocation) location.
+#CONFIG_WPA_TRACE=y
+# For BSD, comment out these.
+#LIBS += -lexecinfo
+#LIBS_p += -lexecinfo
+#LIBS_c += -lexecinfo
+
+# Use libbfd to get more details for developer debugging
+# This enables use of libbfd to get more detailed symbols for the backtraces
+# generated by CONFIG_WPA_TRACE=y.
+#CONFIG_WPA_TRACE_BFD=y
+# For BSD, comment out these.
+#LIBS += -lbfd -liberty -lz
+#LIBS_p += -lbfd -liberty -lz
+#LIBS_c += -lbfd -liberty -lz
+
+# hostapd depends on strong random number generation being available from the
+# operating system. os_get_random() function is used to fetch random data when
+# needed, e.g., for key generation. On Linux and BSD systems, this works by
+# reading /dev/urandom. It should be noted that the OS entropy pool needs to be
+# properly initialized before hostapd is started. This is important especially
+# on embedded devices that do not have a hardware random number generator and
+# may by default start up with minimal entropy available for random number
+# generation.
+#
+# As a safety net, hostapd is by default trying to internally collect
+# additional entropy for generating random data to mix in with the data
+# fetched from the OS. This by itself is not considered to be very strong, but
+# it may help in cases where the system pool is not initialized properly.
+# However, it is very strongly recommended that the system pool is initialized
+# with enough entropy either by using hardware assisted random number
+# generator or by storing state over device reboots.
+#
+# hostapd can be configured to maintain its own entropy store over restarts to
+# enhance random number generation. This is not perfect, but it is much more
+# secure than using the same sequence of random numbers after every reboot.
+# This can be enabled with -e<entropy file> command line option. The specified
+# file needs to be readable and writable by hostapd.
+#
+# If the os_get_random() is known to provide strong random data (e.g., on
+# Linux/BSD, the board in question is known to have reliable source of random
+# data from /dev/urandom), the internal hostapd random pool can be disabled.
+# This will save some in binary size and CPU use. However, this should only be
+# considered for builds that are known to be used on devices that meet the
+# requirements described above.
+#CONFIG_NO_RANDOM_POOL=y
+
+# Select TLS implementation
+# openssl = OpenSSL (default)
+# gnutls = GnuTLS
+# internal = Internal TLSv1 implementation (experimental)
+# none = Empty template
+#CONFIG_TLS=openssl
+
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
+# can be enabled to get a stronger construction of messages when block ciphers
+# are used.
+#CONFIG_TLSV11=y
+
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2)
+# can be enabled to enable use of stronger crypto algorithms.
+#CONFIG_TLSV12=y
+
+# If CONFIG_TLS=internal is used, additional library and include paths are
+# needed for LibTomMath. Alternatively, an integrated, minimal version of
+# LibTomMath can be used. See beginning of libtommath.c for details on benefits
+# and drawbacks of this option.
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#ifndef CONFIG_INTERNAL_LIBTOMMATH
+#LTM_PATH=/usr/src/libtommath-0.39
+#CFLAGS += -I$(LTM_PATH)
+#LIBS += -L$(LTM_PATH)
+#LIBS_p += -L$(LTM_PATH)
+#endif
+# At the cost of about 4 kB of additional binary size, the internal LibTomMath
+# can be configured to include faster routines for exptmod, sqr, and div to
+# speed up DH and RSA calculation considerably
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+# Interworking (IEEE 802.11u)
+# This can be used to enable functionality to improve interworking with
+# external networks.
+#CONFIG_INTERWORKING=y
+
+# Hotspot 2.0
+#CONFIG_HS20=y
+
+# Enable SQLite database support in hlr_auc_gw, EAP-SIM DB, and eap_user_file
+#CONFIG_SQLITE=y
+
+# Testing options
+# This can be used to enable some testing options (see also the example
+# configuration file) that are really useful only for testing clients that
+# connect to this hostapd. These options allow, for example, to drop a
+# certain percentage of probe requests or auth/(re)assoc frames.
+#
+#CONFIG_TESTING_OPTIONS=y
+
+# Automatic Channel Selection
+# This will allow hostapd to pick the channel automatically when channel is set
+# to "acs_survey" or "0". Eventually, other ACS algorithms can be added in
+# similar way.
+#
+# Automatic selection is currently only done through initialization, later on
+# we hope to do background checks to keep us moving to more ideal channels as
+# time goes by. ACS is currently only supported through the nl80211 driver and
+# your driver must have survey dump capability that is filled by the driver
+# during scanning.
+#
+# You can customize the ACS survey algorithm with the hostapd.conf variable
+# acs_num_scans.
+#
+# Supported ACS drivers:
+# * ath9k
+# * ath5k
+# * ath10k
+#
+# For more details refer to:
+# http://wireless.kernel.org/en/users/Documentation/acs
+#
CONFIG_ACS=y
Timeout 300
ServerSignature on
UseCanonicalName off
-ServerTokens Full
+ServerTokens Prod
LogLevel warn
CustomLog /var/log/httpd/access_log combined
Include /etc/httpd/conf/hostname.conf
#
Include /etc/httpd/conf/vhosts.d/*.conf
-
+# Dummy LoadModule directive to aid module installations
+#LoadModule dummy_module /usr/lib/apache2/modules/mod_dummy.so
+++ /dev/null
-Listen 1006
-
-<VirtualHost *:1006>
-
- SSLEngine on
- SSLProtocol all -SSLv2
- SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP
- SSLCertificateFile /etc/httpd/server.crt
- SSLCertificateKeyFile /etc/httpd/server.key
-
- DocumentRoot /srv/web/esniper
-
- Include /etc/httpd/conf/conf.d/php*.conf
-
- <Directory /srv/web/esniper>
- Options None
- AllowOverride None
- Order allow,deny
- Allow from all
- </Directory>
-
-</VirtualHost>
+++ /dev/null
-Listen 1002
-
-<VirtualHost *:1002>
-
- DocumentRoot /srv/web/phpaj
-
- Include /etc/httpd/conf/conf.d/php*.conf
-
- <Directory /srv/web/phpaj>
- Options None
- AllowOverride None
- Order allow,deny
- Allow from all
- </Directory>
-
-</VirtualHost>
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.14.30 Kernel Configuration
+# Linux/arm 3.14.37 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_SYS_SUPPORTS_APM_EMULATION=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_DEBUG_ON is not set
# CONFIG_SLUB_STATS is not set
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.14.30 Kernel Configuration
+# Linux/arm 3.14.37 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_MIGHT_HAVE_PCI=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_STATS is not set
CONFIG_HAVE_DEBUG_KMEMLEAK=y
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.14.30 Kernel Configuration
+# Linux/arm 3.14.37 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_SYS_SUPPORTS_APM_EMULATION=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_DEBUG_ON is not set
# CONFIG_SLUB_STATS is not set
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 3.14.30 Kernel Configuration
+# Linux/x86 3.14.37 Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
CONFIG_PREEMPT_NONE=y
# CONFIG_PREEMPT_VOLUNTARY is not set
# CONFIG_PREEMPT is not set
+CONFIG_X86_UP_APIC_MSI=y
CONFIG_X86_LOCAL_APIC=y
CONFIG_X86_IO_APIC=y
CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_DEBUG_ON is not set
# CONFIG_SLUB_STATS is not set
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 3.14.30 Kernel Configuration
+# Linux/x86 3.14.37 Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
CONFIG_PREEMPT_NONE=y
# CONFIG_PREEMPT_VOLUNTARY is not set
# CONFIG_PREEMPT is not set
+CONFIG_X86_UP_APIC_MSI=y
CONFIG_X86_LOCAL_APIC=y
CONFIG_X86_IO_APIC=y
CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y
#
# Memory Debugging
#
-# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SLUB_DEBUG_ON is not set
# CONFIG_SLUB_STATS is not set
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+CONFIG_GRKERNSEC_CHROOT_RENAME=y
# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
CONFIG_GRKERNSEC_CHROOT_INITRD=y
'enabled' => 1,
};
$substatus->{'53.networkovpn'} = {
- 'caption' => "$Lang::tr{'openvpn client'}",
+ 'caption' => "$Lang::tr{'vpn statistic rw'}",
'uri' => '/cgi-bin/netovpnrw.cgi',
- 'title' => "$Lang::tr{'openvpn client'}",
+ 'title' => "$Lang::tr{'vpn statistic rw'}",
'enabled' => 1,
};
$substatus->{'54.networkovpnsrv'} = {
- 'caption' => "$Lang::tr{'openvpn server'}",
+ 'caption' => "$Lang::tr{'vpn statistic n2n'}",
'uri' => '/cgi-bin/netovpnsrv.cgi',
- 'title' => "$Lang::tr{'openvpn server'}",
+ 'title' => "$Lang::tr{'vpn statistics n2n'}",
'enabled' => 1,
};
$substatus->{'60.hardwaregraphs'} = {
'title' => "P2P-Block",
'enabled' => 1,
};
+ $subfirewall->{'50.geoipblock'} = {
+ 'caption' => $Lang::tr{'geoipblock'},
+ 'uri' => '/cgi-bin/geoip-block.cgi',
+ 'title' => $Lang::tr{'geoipblock'},
+ 'enabled' => 1,
+ };
$subfirewall->{'60.wireless'} = {
'caption' => $Lang::tr{'blue access'},
'uri' => '/cgi-bin/wireless.cgi',
--- /dev/null
+#!/bin/bash
+#
+# QEMU wrapper to enable kvm as default like old qemu-kvm...
+#
+if [[ $* == *" -no-kvm"* ]]; then
+ qemu-system-i386 $*
+else
+ qemu-system-i386 -enable-kvm $*
+fi
+exit ${?}
-#usr/lib/perl5/site_perl/5.12.3/Locale
-usr/lib/perl5/site_perl/5.12.3/Locale/Constants.pm
-usr/lib/perl5/site_perl/5.12.3/Locale/Constants.pod
-usr/lib/perl5/site_perl/5.12.3/Locale/Country.pm
-usr/lib/perl5/site_perl/5.12.3/Locale/Country.pod
-usr/lib/perl5/site_perl/5.12.3/Locale/Currency.pm
-usr/lib/perl5/site_perl/5.12.3/Locale/Currency.pod
-usr/lib/perl5/site_perl/5.12.3/Locale/Language.pm
-usr/lib/perl5/site_perl/5.12.3/Locale/Language.pod
-usr/lib/perl5/site_perl/5.12.3/Locale/Script.pm
-usr/lib/perl5/site_perl/5.12.3/Locale/Script.pod
-#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Locale-Codes
-#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Locale-Codes/.packlist
+#usr/lib/perl5/5.12.3/Locale/Codes
+usr/lib/perl5/5.12.3/Locale/Codes.pm
+usr/lib/perl5/5.12.3/Locale/Codes.pod
+usr/lib/perl5/5.12.3/Locale/Codes/API.pod
+usr/lib/perl5/5.12.3/Locale/Codes/Changes.pod
+usr/lib/perl5/5.12.3/Locale/Codes/Constants.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Constants.pod
+usr/lib/perl5/5.12.3/Locale/Codes/Country.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Country.pod
+usr/lib/perl5/5.12.3/Locale/Codes/Country_Codes.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Country_Retired.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Currency.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Currency.pod
+usr/lib/perl5/5.12.3/Locale/Codes/Currency_Codes.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Currency_Retired.pm
+usr/lib/perl5/5.12.3/Locale/Codes/LangExt.pm
+usr/lib/perl5/5.12.3/Locale/Codes/LangExt.pod
+usr/lib/perl5/5.12.3/Locale/Codes/LangExt_Codes.pm
+usr/lib/perl5/5.12.3/Locale/Codes/LangExt_Retired.pm
+usr/lib/perl5/5.12.3/Locale/Codes/LangFam.pm
+usr/lib/perl5/5.12.3/Locale/Codes/LangFam.pod
+usr/lib/perl5/5.12.3/Locale/Codes/LangFam_Codes.pm
+usr/lib/perl5/5.12.3/Locale/Codes/LangFam_Retired.pm
+usr/lib/perl5/5.12.3/Locale/Codes/LangVar.pm
+usr/lib/perl5/5.12.3/Locale/Codes/LangVar.pod
+usr/lib/perl5/5.12.3/Locale/Codes/LangVar_Codes.pm
+usr/lib/perl5/5.12.3/Locale/Codes/LangVar_Retired.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Language.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Language.pod
+usr/lib/perl5/5.12.3/Locale/Codes/Language_Codes.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Language_Retired.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Script.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Script.pod
+usr/lib/perl5/5.12.3/Locale/Codes/Script_Codes.pm
+usr/lib/perl5/5.12.3/Locale/Codes/Script_Retired.pm
+#usr/lib/perl5/5.12.3/MACHINE-linux-thread-multi/auto/Locale
+#usr/lib/perl5/5.12.3/MACHINE-linux-thread-multi/auto/Locale/Codes
+#usr/lib/perl5/5.12.3/MACHINE-linux-thread-multi/auto/Locale/Codes/.packlist
+#usr/share/man/man3/Locale::Codes.3
+#usr/share/man/man3/Locale::Codes::API.3
+#usr/share/man/man3/Locale::Codes::Changes.3
+#usr/share/man/man3/Locale::Codes::Constants.3
+#usr/share/man/man3/Locale::Codes::Country.3
+#usr/share/man/man3/Locale::Codes::Currency.3
+#usr/share/man/man3/Locale::Codes::LangExt.3
+#usr/share/man/man3/Locale::Codes::LangFam.3
+#usr/share/man/man3/Locale::Codes::LangFam_Retired.3
+#usr/share/man/man3/Locale::Codes::LangVar.3
+#usr/share/man/man3/Locale::Codes::Language.3
+#usr/share/man/man3/Locale::Codes::Script.3
#etc/httpd
#etc/httpd/conf
+#etc/httpd/conf/conf.d
+etc/httpd/conf/conf.d/php5.conf
+etc/httpd/conf/default-server.conf
#etc/httpd/conf/extra
#etc/httpd/conf/extra/httpd-autoindex.conf
#etc/httpd/conf/extra/httpd-dav.conf
#etc/httpd/conf/extra/httpd-ssl.conf
#etc/httpd/conf/extra/httpd-userdir.conf
#etc/httpd/conf/extra/httpd-vhosts.conf
+etc/httpd/conf/global.conf
+etc/httpd/conf/hostname.conf
etc/httpd/conf/httpd.conf
+etc/httpd/conf/listen.conf
+etc/httpd/conf/loadmodule.conf
etc/httpd/conf/magic
etc/httpd/conf/mime.types
+etc/httpd/conf/mod_log_config.conf
#etc/httpd/conf/original
#etc/httpd/conf/original/extra
#etc/httpd/conf/original/extra/httpd-autoindex.conf
#etc/httpd/conf/original/extra/httpd-userdir.conf
#etc/httpd/conf/original/extra/httpd-vhosts.conf
#etc/httpd/conf/original/httpd.conf
+etc/httpd/conf/server-tuning.conf
+etc/httpd/conf/ssl-global.conf
+etc/httpd/conf/uid.conf
+#etc/httpd/conf/vhosts.d
+etc/httpd/conf/vhosts.d/ipfire-interface-ssl.conf
+etc/httpd/conf/vhosts.d/ipfire-interface.conf
+#etc/httpd/conf/vhosts.d/nagios.conf
+#etc/httpd/conf/vhosts.d/openmailadmin.conf
#srv/web
#srv/web/ipfire
#srv/web/ipfire/cgi-bin
#usr/lib/libapr-1.la
usr/lib/libapr-1.so
usr/lib/libapr-1.so.0
-usr/lib/libapr-1.so.0.5.0
+usr/lib/libapr-1.so.0.5.1
#usr/lib/libaprutil-1.a
#usr/lib/libaprutil-1.la
usr/lib/libaprutil-1.so
#usr/share/man/man8/rotatelogs.8
#usr/share/man/man8/suexec.8
var/log/httpd
-etc/httpd/conf/conf.d
-etc/httpd/conf/default-server.conf
-etc/httpd/conf/global.conf
-etc/httpd/conf/hostname.conf
-etc/httpd/conf/listen.conf
-etc/httpd/conf/loadmodule.conf
-etc/httpd/conf/mod_log_config.conf
-etc/httpd/conf/server-tuning.conf
-etc/httpd/conf/ssl-global.conf
-etc/httpd/conf/uid.conf
-etc/httpd/conf/vhosts.d/ipfire-interface-ssl.conf
-etc/httpd/conf/vhosts.d/ipfire-interface.conf
-srv/web/ipfire/cgi-bin/aliases.cgi
-srv/web/ipfire/cgi-bin/atm-status.cgi
-srv/web/ipfire/cgi-bin/backup.cgi
-srv/web/ipfire/cgi-bin/chpasswd.cgi
-srv/web/ipfire/cgi-bin/connections.cgi
-srv/web/ipfire/cgi-bin/connscheduler.cgi
-srv/web/ipfire/cgi-bin/country.cgi
-srv/web/ipfire/cgi-bin/credits.cgi
-srv/web/ipfire/cgi-bin/dns.cgi
-srv/web/ipfire/cgi-bin/dnsforward.cgi
-srv/web/ipfire/cgi-bin/ddns.cgi
-srv/web/ipfire/cgi-bin/dhcp.cgi
-srv/web/ipfire/cgi-bin/entropy.cgi
-srv/web/ipfire/cgi-bin/extrahd.cgi
-srv/web/ipfire/cgi-bin/fireinfo.cgi
-srv/web/ipfire/cgi-bin/firewall.cgi
-srv/web/ipfire/cgi-bin/fwhosts.cgi
-srv/web/ipfire/cgi-bin/gpl.cgi
-srv/web/ipfire/cgi-bin/gui.cgi
-srv/web/ipfire/cgi-bin/hardwaregraphs.cgi
-srv/web/ipfire/cgi-bin/hosts.cgi
-srv/web/ipfire/cgi-bin/ids.cgi
-srv/web/ipfire/cgi-bin/index.cgi
-srv/web/ipfire/cgi-bin/ipinfo.cgi
-srv/web/ipfire/cgi-bin/iptables.cgi
-srv/web/ipfire/cgi-bin/logs.cgi
-srv/web/ipfire/cgi-bin/mac.cgi
-srv/web/ipfire/cgi-bin/media.cgi
-srv/web/ipfire/cgi-bin/memory.cgi
-srv/web/ipfire/cgi-bin/modem.cgi
-srv/web/ipfire/cgi-bin/modem-status.cgi
-srv/web/ipfire/cgi-bin/netexternal.cgi
-srv/web/ipfire/cgi-bin/netinternal.cgi
-srv/web/ipfire/cgi-bin/netother.cgi
-srv/web/ipfire/cgi-bin/netovpnrw.cgi
-srv/web/ipfire/cgi-bin/netovpnsrv.cgi
-srv/web/ipfire/cgi-bin/optionsfw.cgi
-srv/web/ipfire/cgi-bin/ovpnmain.cgi
-srv/web/ipfire/cgi-bin/p2p-block.cgi
-srv/web/ipfire/cgi-bin/pakfire.cgi
-srv/web/ipfire/cgi-bin/pppsetup.cgi
-srv/web/ipfire/cgi-bin/proxy.cgi
-srv/web/ipfire/cgi-bin/qos.cgi
-srv/web/ipfire/cgi-bin/remote.cgi
-srv/web/ipfire/cgi-bin/routing.cgi
-srv/web/ipfire/cgi-bin/services.cgi
-srv/web/ipfire/cgi-bin/shutdown.cgi
-srv/web/ipfire/cgi-bin/speed.cgi
-srv/web/ipfire/cgi-bin/system.cgi
-srv/web/ipfire/cgi-bin/time.cgi
-srv/web/ipfire/cgi-bin/traffic.cgi
-srv/web/ipfire/cgi-bin/updatexlrator.cgi
-srv/web/ipfire/cgi-bin/upnp.cgi
-srv/web/ipfire/cgi-bin/urlfilter.cgi
-srv/web/ipfire/cgi-bin/vpnmain.cgi
-srv/web/ipfire/cgi-bin/wakeonlan.cgi
-srv/web/ipfire/cgi-bin/webaccess.cgi
-srv/web/ipfire/cgi-bin/wireless.cgi
-srv/web/ipfire/cgi-bin/wirelessclient.cgi
-srv/web/ipfire/html
-var/updatecache
#etc/rc.d/init.d/mysql
#etc/rc.d/init.d/netsnmpd
etc/rc.d/init.d/network
+etc/rc.d/init.d/network-trigger
etc/rc.d/init.d/network-vlans
#etc/rc.d/init.d/networking
etc/rc.d/init.d/networking/any
etc/rc.d/init.d/networking/red.up/50-ovpn
etc/rc.d/init.d/networking/red.up/98-leds
etc/rc.d/init.d/networking/red.up/99-fireinfo
+etc/rc.d/init.d/networking/red.up/99-geoip-database
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe
#etc/rc.d/init.d/nfs-server
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
+etc/rc.d/rcsysinit.d/S90network-trigger
etc/rc.d/rcsysinit.d/S91network-vlans
etc/rc.d/rcsysinit.d/S92rngd
etc/rc.d/rc3.d/S15fireinfo
#boot/dtb-KVER-ipfire-multi/imx6dl-sabresd.dtb
#boot/dtb-KVER-ipfire-multi/imx6dl-wandboard.dtb
#boot/dtb-KVER-ipfire-multi/imx6q-arm2.dtb
+#boot/dtb-KVER-ipfire-multi/imx6q-cm-fx6.dtb
#boot/dtb-KVER-ipfire-multi/imx6q-cubox-i.dtb
#boot/dtb-KVER-ipfire-multi/imx6q-gw51xx.dtb
#boot/dtb-KVER-ipfire-multi/imx6q-gw52xx.dtb
#usr/lib/perl5/Collectd/Plugins
#usr/lib/perl5/Collectd/Plugins/OpenVZ.pm
#usr/lib/perl5/Collectd/Unixsock.pm
-#usr/lib/perl5/i586-linux-thread-multi
-#usr/lib/perl5/i586-linux-thread-multi/auto
-#usr/lib/perl5/i586-linux-thread-multi/auto/Collectd
-#usr/lib/perl5/i586-linux-thread-multi/auto/Collectd/.packlist
-#usr/lib/perl5/i586-linux-thread-multi/perllocal.pod
+#usr/lib/perl5/MACHINE-linux-thread-multi
+#usr/lib/perl5/MACHINE-linux-thread-multi/auto
+#usr/lib/perl5/MACHINE-linux-thread-multi/auto/Collectd
+#usr/lib/perl5/MACHINE-linux-thread-multi/auto/Collectd/.packlist
+#usr/lib/perl5/MACHINE-linux-thread-multi/perllocal.pod
#usr/lib/pkgconfig/libcollectdclient.pc
#usr/man/man3/Collectd::Unixsock.3
usr/sbin/collectd
#usr/share/man/man5/collectd.conf.5
#usr/share/man/man5/types.db.5
#var/lib/collectd
+var/ipfire/ovpn/collectd.vpn
var/ipfire/firewall
#var/ipfire/firewall/config
#var/ipfire/firewall/dmz
+#var/ipfire/firewall/geoipblock
#var/ipfire/firewall/input
#var/ipfire/firewall/nat
#var/ipfire/firewall/outgoing
#var/ipfire/firewall/settings
var/ipfire/fwhosts
#var/ipfire/fwhosts/customgroups
+#var/ipfire/fwhosts/customgeoipgrp
#var/ipfire/fwhosts/customhosts
#var/ipfire/fwhosts/customnetworks
#var/ipfire/fwhosts/customservicegrp
#var/ipfire/fwlogs/ipsettings
#var/ipfire/fwlogs/portsettings
var/ipfire/general-functions.pl
+var/ipfire/geoip-functions.pl
var/ipfire/graphs.pl
var/ipfire/header.pl
var/ipfire/isdn
#usr/include/curl/multi.h
#usr/include/curl/stdcheaders.h
#usr/include/curl/typecheck-gcc.h
-#usr/include/curl/types.h
#usr/lib/libcurl.a
#usr/lib/libcurl.la
usr/lib/libcurl.so
usr/lib/libcurl.so.4
usr/lib/libcurl.so.4.3.0
#usr/lib/pkgconfig/libcurl.pc
+#usr/share/aclocal/libcurl.m4
#usr/share/man/man1/curl-config.1
#usr/share/man/man1/curl.1
-#usr/share/man/man1/mk-ca-bundle.1
+#usr/share/man/man3/CURLMOPT_CHUNK_LENGTH_PENALTY_SIZE.3
+#usr/share/man/man3/CURLMOPT_CONTENT_LENGTH_PENALTY_SIZE.3
+#usr/share/man/man3/CURLMOPT_MAXCONNECTS.3
+#usr/share/man/man3/CURLMOPT_MAX_HOST_CONNECTIONS.3
+#usr/share/man/man3/CURLMOPT_MAX_PIPELINE_LENGTH.3
+#usr/share/man/man3/CURLMOPT_MAX_TOTAL_CONNECTIONS.3
+#usr/share/man/man3/CURLMOPT_PIPELINING.3
+#usr/share/man/man3/CURLMOPT_PIPELINING_SERVER_BL.3
+#usr/share/man/man3/CURLMOPT_PIPELINING_SITE_BL.3
+#usr/share/man/man3/CURLMOPT_SOCKETDATA.3
+#usr/share/man/man3/CURLMOPT_SOCKETFUNCTION.3
+#usr/share/man/man3/CURLMOPT_TIMERDATA.3
+#usr/share/man/man3/CURLMOPT_TIMERFUNCTION.3
+#usr/share/man/man3/CURLOPT_ACCEPTTIMEOUT_MS.3
+#usr/share/man/man3/CURLOPT_ACCEPT_ENCODING.3
+#usr/share/man/man3/CURLOPT_ADDRESS_SCOPE.3
+#usr/share/man/man3/CURLOPT_APPEND.3
+#usr/share/man/man3/CURLOPT_AUTOREFERER.3
+#usr/share/man/man3/CURLOPT_BUFFERSIZE.3
+#usr/share/man/man3/CURLOPT_CAINFO.3
+#usr/share/man/man3/CURLOPT_CAPATH.3
+#usr/share/man/man3/CURLOPT_CERTINFO.3
+#usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3
+#usr/share/man/man3/CURLOPT_CHUNK_DATA.3
+#usr/share/man/man3/CURLOPT_CHUNK_END_FUNCTION.3
+#usr/share/man/man3/CURLOPT_CLOSESOCKETDATA.3
+#usr/share/man/man3/CURLOPT_CLOSESOCKETFUNCTION.3
+#usr/share/man/man3/CURLOPT_CONNECTTIMEOUT.3
+#usr/share/man/man3/CURLOPT_CONNECTTIMEOUT_MS.3
+#usr/share/man/man3/CURLOPT_CONNECT_ONLY.3
+#usr/share/man/man3/CURLOPT_CONV_FROM_NETWORK_FUNCTION.3
+#usr/share/man/man3/CURLOPT_CONV_FROM_UTF8_FUNCTION.3
+#usr/share/man/man3/CURLOPT_CONV_TO_NETWORK_FUNCTION.3
+#usr/share/man/man3/CURLOPT_COOKIE.3
+#usr/share/man/man3/CURLOPT_COOKIEFILE.3
+#usr/share/man/man3/CURLOPT_COOKIEJAR.3
+#usr/share/man/man3/CURLOPT_COOKIELIST.3
+#usr/share/man/man3/CURLOPT_COOKIESESSION.3
+#usr/share/man/man3/CURLOPT_COPYPOSTFIELDS.3
+#usr/share/man/man3/CURLOPT_CRLF.3
+#usr/share/man/man3/CURLOPT_CRLFILE.3
+#usr/share/man/man3/CURLOPT_CUSTOMREQUEST.3
+#usr/share/man/man3/CURLOPT_DEBUGDATA.3
+#usr/share/man/man3/CURLOPT_DEBUGFUNCTION.3
+#usr/share/man/man3/CURLOPT_DIRLISTONLY.3
+#usr/share/man/man3/CURLOPT_DNS_CACHE_TIMEOUT.3
+#usr/share/man/man3/CURLOPT_DNS_INTERFACE.3
+#usr/share/man/man3/CURLOPT_DNS_LOCAL_IP4.3
+#usr/share/man/man3/CURLOPT_DNS_LOCAL_IP6.3
+#usr/share/man/man3/CURLOPT_DNS_SERVERS.3
+#usr/share/man/man3/CURLOPT_DNS_USE_GLOBAL_CACHE.3
+#usr/share/man/man3/CURLOPT_EGDSOCKET.3
+#usr/share/man/man3/CURLOPT_ERRORBUFFER.3
+#usr/share/man/man3/CURLOPT_EXPECT_100_TIMEOUT_MS.3
+#usr/share/man/man3/CURLOPT_FAILONERROR.3
+#usr/share/man/man3/CURLOPT_FILETIME.3
+#usr/share/man/man3/CURLOPT_FNMATCH_DATA.3
+#usr/share/man/man3/CURLOPT_FNMATCH_FUNCTION.3
+#usr/share/man/man3/CURLOPT_FOLLOWLOCATION.3
+#usr/share/man/man3/CURLOPT_FORBID_REUSE.3
+#usr/share/man/man3/CURLOPT_FRESH_CONNECT.3
+#usr/share/man/man3/CURLOPT_FTPPORT.3
+#usr/share/man/man3/CURLOPT_FTPSSLAUTH.3
+#usr/share/man/man3/CURLOPT_FTP_ACCOUNT.3
+#usr/share/man/man3/CURLOPT_FTP_ALTERNATIVE_TO_USER.3
+#usr/share/man/man3/CURLOPT_FTP_CREATE_MISSING_DIRS.3
+#usr/share/man/man3/CURLOPT_FTP_FILEMETHOD.3
+#usr/share/man/man3/CURLOPT_FTP_RESPONSE_TIMEOUT.3
+#usr/share/man/man3/CURLOPT_FTP_SKIP_PASV_IP.3
+#usr/share/man/man3/CURLOPT_FTP_SSL_CCC.3
+#usr/share/man/man3/CURLOPT_FTP_USE_EPRT.3
+#usr/share/man/man3/CURLOPT_FTP_USE_EPSV.3
+#usr/share/man/man3/CURLOPT_FTP_USE_PRET.3
+#usr/share/man/man3/CURLOPT_GSSAPI_DELEGATION.3
+#usr/share/man/man3/CURLOPT_HEADER.3
+#usr/share/man/man3/CURLOPT_HEADERDATA.3
+#usr/share/man/man3/CURLOPT_HEADERFUNCTION.3
+#usr/share/man/man3/CURLOPT_HEADEROPT.3
+#usr/share/man/man3/CURLOPT_HTTP200ALIASES.3
+#usr/share/man/man3/CURLOPT_HTTPAUTH.3
+#usr/share/man/man3/CURLOPT_HTTPGET.3
+#usr/share/man/man3/CURLOPT_HTTPHEADER.3
+#usr/share/man/man3/CURLOPT_HTTPPOST.3
+#usr/share/man/man3/CURLOPT_HTTPPROXYTUNNEL.3
+#usr/share/man/man3/CURLOPT_HTTP_CONTENT_DECODING.3
+#usr/share/man/man3/CURLOPT_HTTP_TRANSFER_DECODING.3
+#usr/share/man/man3/CURLOPT_HTTP_VERSION.3
+#usr/share/man/man3/CURLOPT_IGNORE_CONTENT_LENGTH.3
+#usr/share/man/man3/CURLOPT_INFILESIZE.3
+#usr/share/man/man3/CURLOPT_INFILESIZE_LARGE.3
+#usr/share/man/man3/CURLOPT_INTERFACE.3
+#usr/share/man/man3/CURLOPT_INTERLEAVEDATA.3
+#usr/share/man/man3/CURLOPT_INTERLEAVEFUNCTION.3
+#usr/share/man/man3/CURLOPT_IOCTLDATA.3
+#usr/share/man/man3/CURLOPT_IOCTLFUNCTION.3
+#usr/share/man/man3/CURLOPT_IPRESOLVE.3
+#usr/share/man/man3/CURLOPT_ISSUERCERT.3
+#usr/share/man/man3/CURLOPT_KEYPASSWD.3
+#usr/share/man/man3/CURLOPT_KRBLEVEL.3
+#usr/share/man/man3/CURLOPT_LOCALPORT.3
+#usr/share/man/man3/CURLOPT_LOCALPORTRANGE.3
+#usr/share/man/man3/CURLOPT_LOGIN_OPTIONS.3
+#usr/share/man/man3/CURLOPT_LOW_SPEED_LIMIT.3
+#usr/share/man/man3/CURLOPT_LOW_SPEED_TIME.3
+#usr/share/man/man3/CURLOPT_MAIL_AUTH.3
+#usr/share/man/man3/CURLOPT_MAIL_FROM.3
+#usr/share/man/man3/CURLOPT_MAIL_RCPT.3
+#usr/share/man/man3/CURLOPT_MAXCONNECTS.3
+#usr/share/man/man3/CURLOPT_MAXFILESIZE.3
+#usr/share/man/man3/CURLOPT_MAXFILESIZE_LARGE.3
+#usr/share/man/man3/CURLOPT_MAXREDIRS.3
+#usr/share/man/man3/CURLOPT_MAX_RECV_SPEED_LARGE.3
+#usr/share/man/man3/CURLOPT_MAX_SEND_SPEED_LARGE.3
+#usr/share/man/man3/CURLOPT_NETRC.3
+#usr/share/man/man3/CURLOPT_NETRC_FILE.3
+#usr/share/man/man3/CURLOPT_NEW_DIRECTORY_PERMS.3
+#usr/share/man/man3/CURLOPT_NEW_FILE_PERMS.3
+#usr/share/man/man3/CURLOPT_NOBODY.3
+#usr/share/man/man3/CURLOPT_NOPROGRESS.3
+#usr/share/man/man3/CURLOPT_NOPROXY.3
+#usr/share/man/man3/CURLOPT_NOSIGNAL.3
+#usr/share/man/man3/CURLOPT_OPENSOCKETDATA.3
+#usr/share/man/man3/CURLOPT_OPENSOCKETFUNCTION.3
+#usr/share/man/man3/CURLOPT_PASSWORD.3
+#usr/share/man/man3/CURLOPT_PORT.3
+#usr/share/man/man3/CURLOPT_POST.3
+#usr/share/man/man3/CURLOPT_POSTFIELDS.3
+#usr/share/man/man3/CURLOPT_POSTFIELDSIZE.3
+#usr/share/man/man3/CURLOPT_POSTFIELDSIZE_LARGE.3
+#usr/share/man/man3/CURLOPT_POSTQUOTE.3
+#usr/share/man/man3/CURLOPT_POSTREDIR.3
+#usr/share/man/man3/CURLOPT_PREQUOTE.3
+#usr/share/man/man3/CURLOPT_PRIVATE.3
+#usr/share/man/man3/CURLOPT_PROGRESSDATA.3
+#usr/share/man/man3/CURLOPT_PROGRESSFUNCTION.3
+#usr/share/man/man3/CURLOPT_PROTOCOLS.3
+#usr/share/man/man3/CURLOPT_PROXY.3
+#usr/share/man/man3/CURLOPT_PROXYAUTH.3
+#usr/share/man/man3/CURLOPT_PROXYHEADER.3
+#usr/share/man/man3/CURLOPT_PROXYPASSWORD.3
+#usr/share/man/man3/CURLOPT_PROXYPORT.3
+#usr/share/man/man3/CURLOPT_PROXYTYPE.3
+#usr/share/man/man3/CURLOPT_PROXYUSERNAME.3
+#usr/share/man/man3/CURLOPT_PROXYUSERPWD.3
+#usr/share/man/man3/CURLOPT_PROXY_TRANSFER_MODE.3
+#usr/share/man/man3/CURLOPT_PUT.3
+#usr/share/man/man3/CURLOPT_QUOTE.3
+#usr/share/man/man3/CURLOPT_RANDOM_FILE.3
+#usr/share/man/man3/CURLOPT_RANGE.3
+#usr/share/man/man3/CURLOPT_READDATA.3
+#usr/share/man/man3/CURLOPT_READFUNCTION.3
+#usr/share/man/man3/CURLOPT_REDIR_PROTOCOLS.3
+#usr/share/man/man3/CURLOPT_REFERER.3
+#usr/share/man/man3/CURLOPT_RESOLVE.3
+#usr/share/man/man3/CURLOPT_RESUME_FROM.3
+#usr/share/man/man3/CURLOPT_RESUME_FROM_LARGE.3
+#usr/share/man/man3/CURLOPT_RTSP_CLIENT_CSEQ.3
+#usr/share/man/man3/CURLOPT_RTSP_REQUEST.3
+#usr/share/man/man3/CURLOPT_RTSP_SERVER_CSEQ.3
+#usr/share/man/man3/CURLOPT_RTSP_SESSION_ID.3
+#usr/share/man/man3/CURLOPT_RTSP_STREAM_URI.3
+#usr/share/man/man3/CURLOPT_RTSP_TRANSPORT.3
+#usr/share/man/man3/CURLOPT_SASL_IR.3
+#usr/share/man/man3/CURLOPT_SEEKDATA.3
+#usr/share/man/man3/CURLOPT_SEEKFUNCTION.3
+#usr/share/man/man3/CURLOPT_SHARE.3
+#usr/share/man/man3/CURLOPT_SOCKOPTDATA.3
+#usr/share/man/man3/CURLOPT_SOCKOPTFUNCTION.3
+#usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_NEC.3
+#usr/share/man/man3/CURLOPT_SOCKS5_GSSAPI_SERVICE.3
+#usr/share/man/man3/CURLOPT_SSH_AUTH_TYPES.3
+#usr/share/man/man3/CURLOPT_SSH_HOST_PUBLIC_KEY_MD5.3
+#usr/share/man/man3/CURLOPT_SSH_KEYDATA.3
+#usr/share/man/man3/CURLOPT_SSH_KEYFUNCTION.3
+#usr/share/man/man3/CURLOPT_SSH_KNOWNHOSTS.3
+#usr/share/man/man3/CURLOPT_SSH_PRIVATE_KEYFILE.3
+#usr/share/man/man3/CURLOPT_SSH_PUBLIC_KEYFILE.3
+#usr/share/man/man3/CURLOPT_SSLCERT.3
+#usr/share/man/man3/CURLOPT_SSLCERTTYPE.3
+#usr/share/man/man3/CURLOPT_SSLENGINE.3
+#usr/share/man/man3/CURLOPT_SSLENGINE_DEFAULT.3
+#usr/share/man/man3/CURLOPT_SSLKEY.3
+#usr/share/man/man3/CURLOPT_SSLKEYTYPE.3
+#usr/share/man/man3/CURLOPT_SSLVERSION.3
+#usr/share/man/man3/CURLOPT_SSL_CIPHER_LIST.3
+#usr/share/man/man3/CURLOPT_SSL_CTX_DATA.3
+#usr/share/man/man3/CURLOPT_SSL_CTX_FUNCTION.3
+#usr/share/man/man3/CURLOPT_SSL_ENABLE_ALPN.3
+#usr/share/man/man3/CURLOPT_SSL_ENABLE_NPN.3
+#usr/share/man/man3/CURLOPT_SSL_OPTIONS.3
+#usr/share/man/man3/CURLOPT_SSL_SESSIONID_CACHE.3
+#usr/share/man/man3/CURLOPT_SSL_VERIFYHOST.3
+#usr/share/man/man3/CURLOPT_SSL_VERIFYPEER.3
+#usr/share/man/man3/CURLOPT_STDERR.3
+#usr/share/man/man3/CURLOPT_TCP_KEEPALIVE.3
+#usr/share/man/man3/CURLOPT_TCP_KEEPIDLE.3
+#usr/share/man/man3/CURLOPT_TCP_KEEPINTVL.3
+#usr/share/man/man3/CURLOPT_TCP_NODELAY.3
+#usr/share/man/man3/CURLOPT_TELNETOPTIONS.3
+#usr/share/man/man3/CURLOPT_TFTP_BLKSIZE.3
+#usr/share/man/man3/CURLOPT_TIMECONDITION.3
+#usr/share/man/man3/CURLOPT_TIMEOUT.3
+#usr/share/man/man3/CURLOPT_TIMEOUT_MS.3
+#usr/share/man/man3/CURLOPT_TIMEVALUE.3
+#usr/share/man/man3/CURLOPT_TLSAUTH_PASSWORD.3
+#usr/share/man/man3/CURLOPT_TLSAUTH_TYPE.3
+#usr/share/man/man3/CURLOPT_TLSAUTH_USERNAME.3
+#usr/share/man/man3/CURLOPT_TRANSFERTEXT.3
+#usr/share/man/man3/CURLOPT_TRANSFER_ENCODING.3
+#usr/share/man/man3/CURLOPT_UNIX_SOCKET_PATH.3
+#usr/share/man/man3/CURLOPT_UNRESTRICTED_AUTH.3
+#usr/share/man/man3/CURLOPT_UPLOAD.3
+#usr/share/man/man3/CURLOPT_URL.3
+#usr/share/man/man3/CURLOPT_USERAGENT.3
+#usr/share/man/man3/CURLOPT_USERNAME.3
+#usr/share/man/man3/CURLOPT_USERPWD.3
+#usr/share/man/man3/CURLOPT_USE_SSL.3
+#usr/share/man/man3/CURLOPT_VERBOSE.3
+#usr/share/man/man3/CURLOPT_WILDCARDMATCH.3
+#usr/share/man/man3/CURLOPT_WRITEDATA.3
+#usr/share/man/man3/CURLOPT_WRITEFUNCTION.3
+#usr/share/man/man3/CURLOPT_XFERINFODATA.3
+#usr/share/man/man3/CURLOPT_XFERINFOFUNCTION.3
+#usr/share/man/man3/CURLOPT_XOAUTH2_BEARER.3
#usr/share/man/man3/curl_easy_cleanup.3
#usr/share/man/man3/curl_easy_duphandle.3
#usr/share/man/man3/curl_easy_escape.3
-etc/rc.d/init.d/cyrus-sasl
#usr/include/sasl
#usr/include/sasl/hmac-md5.h
#usr/include/sasl/md5.h
#usr/include/sasl/saslutil.h
#usr/lib/libsasl2.la
usr/lib/libsasl2.so
-usr/lib/libsasl2.so.2
-usr/lib/libsasl2.so.2.0.21
+usr/lib/libsasl2.so.3
+usr/lib/libsasl2.so.3.0.0
+#usr/lib/pkgconfig/libsasl2.pc
#usr/lib/sasl2
#usr/lib/sasl2/libanonymous.la
usr/lib/sasl2/libanonymous.so
-usr/lib/sasl2/libanonymous.so.2
-usr/lib/sasl2/libanonymous.so.2.0.21
+usr/lib/sasl2/libanonymous.so.3
+usr/lib/sasl2/libanonymous.so.3.0.0
#usr/lib/sasl2/libcrammd5.la
usr/lib/sasl2/libcrammd5.so
-usr/lib/sasl2/libcrammd5.so.2
-usr/lib/sasl2/libcrammd5.so.2.0.21
+usr/lib/sasl2/libcrammd5.so.3
+usr/lib/sasl2/libcrammd5.so.3.0.0
#usr/lib/sasl2/libdigestmd5.la
usr/lib/sasl2/libdigestmd5.so
-usr/lib/sasl2/libdigestmd5.so.2
-usr/lib/sasl2/libdigestmd5.so.2.0.21
+usr/lib/sasl2/libdigestmd5.so.3
+usr/lib/sasl2/libdigestmd5.so.3.0.0
#usr/lib/sasl2/libotp.la
usr/lib/sasl2/libotp.so
-usr/lib/sasl2/libotp.so.2
-usr/lib/sasl2/libotp.so.2.0.21
+usr/lib/sasl2/libotp.so.3
+usr/lib/sasl2/libotp.so.3.0.0
#usr/lib/sasl2/libplain.la
usr/lib/sasl2/libplain.so
-usr/lib/sasl2/libplain.so.2
-usr/lib/sasl2/libplain.so.2.0.21
+usr/lib/sasl2/libplain.so.3
+usr/lib/sasl2/libplain.so.3.0.0
#usr/lib/sasl2/libsasldb.la
usr/lib/sasl2/libsasldb.so
-usr/lib/sasl2/libsasldb.so.2
-usr/lib/sasl2/libsasldb.so.2.0.21
+usr/lib/sasl2/libsasldb.so.3
+usr/lib/sasl2/libsasldb.so.3.0.0
+#usr/lib/sasl2/libscram.la
+usr/lib/sasl2/libscram.so
+usr/lib/sasl2/libscram.so.3
+usr/lib/sasl2/libscram.so.3.0.0
usr/lib/sasl2/smtpd.conf
-#usr/man/cat8
-#usr/man/cat8/saslauthd.8
+usr/sbin/pluginviewer
usr/sbin/saslauthd
usr/sbin/sasldblistusers2
usr/sbin/saslpasswd2
+usr/sbin/testsaslauthd
#usr/share/man/man3/sasl.3
#usr/share/man/man3/sasl_authorize_t.3
#usr/share/man/man3/sasl_auxprop.3
#usr/share/man/man3/sasl_errdetail.3
#usr/share/man/man3/sasl_errors.3
#usr/share/man/man3/sasl_errstring.3
+#usr/share/man/man3/sasl_getconfpath_t.3
#usr/share/man/man3/sasl_getopt_t.3
#usr/share/man/man3/sasl_getpath_t.3
#usr/share/man/man3/sasl_getprop.3
#usr/share/man/man3/sasl_setprop.3
#usr/share/man/man3/sasl_user_exists.3
#usr/share/man/man3/sasl_verifyfile_t.3
+#usr/share/man/man8/pluginviewer.8
+#usr/share/man/man8/saslauthd.8
#usr/share/man/man8/sasldblistusers2.8
#usr/share/man/man8/saslpasswd2.8
var/lib/sasl
+etc/rc.d/init.d/cyrus-sasl
#etc/dhcp
-#etc/dhcp/dhclient.conf
+#etc/dhcp/dhclient.conf.example
etc/dhcp/dhcpd.conf
+#etc/dhcp/dhcpd.conf.example
#usr/bin/omshell
#usr/include/dhcpctl
#usr/include/dhcpctl/dhcpctl.h
+#lib/dhcpcd
+#lib/dhcpcd/dev
+#lib/dhcpcd/dev/udev.so
sbin/dhcpcd
#usr/share/man/man5/dhcpcd.conf.5
#usr/share/man/man8/dhcpcd-run-hooks.8
#var/ipfire/dhcpc/dhcpcd-hooks/01-test
#var/ipfire/dhcpc/dhcpcd-hooks/02-dump
#var/ipfire/dhcpc/dhcpcd-hooks/10-mtu
+#var/ipfire/dhcpc/dhcpcd-hooks/10-wpa_supplicant
+#var/ipfire/dhcpc/dhcpcd-hooks/15-timezone
#var/ipfire/dhcpc/dhcpcd-hooks/29-lookup-hostname
#var/ipfire/dhcpc/dhcpcd-hooks/30-hostname
#var/ipfire/dhcpc/dhcpcd-hooks/70-dhcpcd.exe
#usr/lib/libexpat.la
usr/lib/libexpat.so
usr/lib/libexpat.so.1
-usr/lib/libexpat.so.1.5.0
-#usr/man/man1/xmlwf.1
-#usr/share/doc/expat-2.0.0
-#usr/share/doc/expat-2.0.0/expat.png
-#usr/share/doc/expat-2.0.0/reference.html
-#usr/share/doc/expat-2.0.0/style.css
-#usr/share/doc/expat-2.0.0/valid-xhtml10.png
+usr/lib/libexpat.so.1.6.0
+#usr/lib/pkgconfig/expat.pc
+#usr/share/doc/expat-2.1.0
+#usr/share/doc/expat-2.1.0/expat.png
+#usr/share/doc/expat-2.1.0/reference.html
+#usr/share/doc/expat-2.1.0/style.css
+#usr/share/doc/expat-2.1.0/valid-xhtml10.png
+#usr/share/man/man1/xmlwf.1
--- /dev/null
+srv/web/ipfire/html/images/flags
+#srv/web/ipfire/html/images/flags/AD.png
+#srv/web/ipfire/html/images/flags/AE.png
+#srv/web/ipfire/html/images/flags/AF.png
+#srv/web/ipfire/html/images/flags/AG.png
+#srv/web/ipfire/html/images/flags/AI.png
+#srv/web/ipfire/html/images/flags/AL.png
+#srv/web/ipfire/html/images/flags/AM.png
+#srv/web/ipfire/html/images/flags/AN.png
+#srv/web/ipfire/html/images/flags/AO.png
+#srv/web/ipfire/html/images/flags/AQ.png
+#srv/web/ipfire/html/images/flags/AR.png
+#srv/web/ipfire/html/images/flags/AS.png
+#srv/web/ipfire/html/images/flags/AT.png
+#srv/web/ipfire/html/images/flags/AU.png
+#srv/web/ipfire/html/images/flags/AW.png
+#srv/web/ipfire/html/images/flags/AX.png
+#srv/web/ipfire/html/images/flags/AZ.png
+#srv/web/ipfire/html/images/flags/BA.png
+#srv/web/ipfire/html/images/flags/BB.png
+#srv/web/ipfire/html/images/flags/BD.png
+#srv/web/ipfire/html/images/flags/BE.png
+#srv/web/ipfire/html/images/flags/BF.png
+#srv/web/ipfire/html/images/flags/BG.png
+#srv/web/ipfire/html/images/flags/BH.png
+#srv/web/ipfire/html/images/flags/BI.png
+#srv/web/ipfire/html/images/flags/BJ.png
+#srv/web/ipfire/html/images/flags/BL.png
+#srv/web/ipfire/html/images/flags/BM.png
+#srv/web/ipfire/html/images/flags/BN.png
+#srv/web/ipfire/html/images/flags/BO.png
+#srv/web/ipfire/html/images/flags/BR.png
+#srv/web/ipfire/html/images/flags/BS.png
+#srv/web/ipfire/html/images/flags/BT.png
+#srv/web/ipfire/html/images/flags/BW.png
+#srv/web/ipfire/html/images/flags/BY.png
+#srv/web/ipfire/html/images/flags/BZ.png
+#srv/web/ipfire/html/images/flags/CA.png
+#srv/web/ipfire/html/images/flags/CC.png
+#srv/web/ipfire/html/images/flags/CD.png
+#srv/web/ipfire/html/images/flags/CF.png
+#srv/web/ipfire/html/images/flags/CG.png
+#srv/web/ipfire/html/images/flags/CH.png
+#srv/web/ipfire/html/images/flags/CI.png
+#srv/web/ipfire/html/images/flags/CK.png
+#srv/web/ipfire/html/images/flags/CL.png
+#srv/web/ipfire/html/images/flags/CM.png
+#srv/web/ipfire/html/images/flags/CN.png
+#srv/web/ipfire/html/images/flags/CO.png
+#srv/web/ipfire/html/images/flags/CR.png
+#srv/web/ipfire/html/images/flags/CU.png
+#srv/web/ipfire/html/images/flags/CV.png
+#srv/web/ipfire/html/images/flags/CW.png
+#srv/web/ipfire/html/images/flags/CX.png
+#srv/web/ipfire/html/images/flags/CY.png
+#srv/web/ipfire/html/images/flags/CZ.png
+#srv/web/ipfire/html/images/flags/DE.png
+#srv/web/ipfire/html/images/flags/DJ.png
+#srv/web/ipfire/html/images/flags/DK.png
+#srv/web/ipfire/html/images/flags/DM.png
+#srv/web/ipfire/html/images/flags/DO.png
+#srv/web/ipfire/html/images/flags/DZ.png
+#srv/web/ipfire/html/images/flags/EC.png
+#srv/web/ipfire/html/images/flags/EE.png
+#srv/web/ipfire/html/images/flags/EG.png
+#srv/web/ipfire/html/images/flags/EH.png
+#srv/web/ipfire/html/images/flags/ER.png
+#srv/web/ipfire/html/images/flags/ES.png
+#srv/web/ipfire/html/images/flags/ET.png
+#srv/web/ipfire/html/images/flags/EU.png
+#srv/web/ipfire/html/images/flags/FI.png
+#srv/web/ipfire/html/images/flags/FJ.png
+#srv/web/ipfire/html/images/flags/FK.png
+#srv/web/ipfire/html/images/flags/FM.png
+#srv/web/ipfire/html/images/flags/FO.png
+#srv/web/ipfire/html/images/flags/FR.png
+#srv/web/ipfire/html/images/flags/GA.png
+#srv/web/ipfire/html/images/flags/GB.png
+#srv/web/ipfire/html/images/flags/GD.png
+#srv/web/ipfire/html/images/flags/GE.png
+#srv/web/ipfire/html/images/flags/GG.png
+#srv/web/ipfire/html/images/flags/GH.png
+#srv/web/ipfire/html/images/flags/GI.png
+#srv/web/ipfire/html/images/flags/GL.png
+#srv/web/ipfire/html/images/flags/GM.png
+#srv/web/ipfire/html/images/flags/GN.png
+#srv/web/ipfire/html/images/flags/GQ.png
+#srv/web/ipfire/html/images/flags/GR.png
+#srv/web/ipfire/html/images/flags/GS.png
+#srv/web/ipfire/html/images/flags/GT.png
+#srv/web/ipfire/html/images/flags/GU.png
+#srv/web/ipfire/html/images/flags/GW.png
+#srv/web/ipfire/html/images/flags/GY.png
+#srv/web/ipfire/html/images/flags/HK.png
+#srv/web/ipfire/html/images/flags/HN.png
+#srv/web/ipfire/html/images/flags/HR.png
+#srv/web/ipfire/html/images/flags/HT.png
+#srv/web/ipfire/html/images/flags/HU.png
+#srv/web/ipfire/html/images/flags/IC.png
+#srv/web/ipfire/html/images/flags/ID.png
+#srv/web/ipfire/html/images/flags/IE.png
+#srv/web/ipfire/html/images/flags/IL.png
+#srv/web/ipfire/html/images/flags/IM.png
+#srv/web/ipfire/html/images/flags/IN.png
+#srv/web/ipfire/html/images/flags/IQ.png
+#srv/web/ipfire/html/images/flags/IR.png
+#srv/web/ipfire/html/images/flags/IS.png
+#srv/web/ipfire/html/images/flags/IT.png
+#srv/web/ipfire/html/images/flags/JE.png
+#srv/web/ipfire/html/images/flags/JM.png
+#srv/web/ipfire/html/images/flags/JO.png
+#srv/web/ipfire/html/images/flags/JP.png
+#srv/web/ipfire/html/images/flags/KE.png
+#srv/web/ipfire/html/images/flags/KG.png
+#srv/web/ipfire/html/images/flags/KH.png
+#srv/web/ipfire/html/images/flags/KI.png
+#srv/web/ipfire/html/images/flags/KM.png
+#srv/web/ipfire/html/images/flags/KN.png
+#srv/web/ipfire/html/images/flags/KP.png
+#srv/web/ipfire/html/images/flags/KR.png
+#srv/web/ipfire/html/images/flags/KW.png
+#srv/web/ipfire/html/images/flags/KY.png
+#srv/web/ipfire/html/images/flags/KZ.png
+#srv/web/ipfire/html/images/flags/LA.png
+#srv/web/ipfire/html/images/flags/LB.png
+#srv/web/ipfire/html/images/flags/LC.png
+#srv/web/ipfire/html/images/flags/LI.png
+#srv/web/ipfire/html/images/flags/LK.png
+#srv/web/ipfire/html/images/flags/LR.png
+#srv/web/ipfire/html/images/flags/LS.png
+#srv/web/ipfire/html/images/flags/LT.png
+#srv/web/ipfire/html/images/flags/LU.png
+#srv/web/ipfire/html/images/flags/LV.png
+#srv/web/ipfire/html/images/flags/LY.png
+#srv/web/ipfire/html/images/flags/MA.png
+#srv/web/ipfire/html/images/flags/MC.png
+#srv/web/ipfire/html/images/flags/MD.png
+#srv/web/ipfire/html/images/flags/ME.png
+#srv/web/ipfire/html/images/flags/MF.png
+#srv/web/ipfire/html/images/flags/MG.png
+#srv/web/ipfire/html/images/flags/MH.png
+#srv/web/ipfire/html/images/flags/MK.png
+#srv/web/ipfire/html/images/flags/ML.png
+#srv/web/ipfire/html/images/flags/MM.png
+#srv/web/ipfire/html/images/flags/MN.png
+#srv/web/ipfire/html/images/flags/MO.png
+#srv/web/ipfire/html/images/flags/MP.png
+#srv/web/ipfire/html/images/flags/MQ.png
+#srv/web/ipfire/html/images/flags/MR.png
+#srv/web/ipfire/html/images/flags/MS.png
+#srv/web/ipfire/html/images/flags/MT.png
+#srv/web/ipfire/html/images/flags/MU.png
+#srv/web/ipfire/html/images/flags/MV.png
+#srv/web/ipfire/html/images/flags/MW.png
+#srv/web/ipfire/html/images/flags/MX.png
+#srv/web/ipfire/html/images/flags/MY.png
+#srv/web/ipfire/html/images/flags/MZ.png
+#srv/web/ipfire/html/images/flags/NA.png
+#srv/web/ipfire/html/images/flags/NC.png
+#srv/web/ipfire/html/images/flags/NE.png
+#srv/web/ipfire/html/images/flags/NF.png
+#srv/web/ipfire/html/images/flags/NG.png
+#srv/web/ipfire/html/images/flags/NI.png
+#srv/web/ipfire/html/images/flags/NL.png
+#srv/web/ipfire/html/images/flags/NO.png
+#srv/web/ipfire/html/images/flags/NP.png
+#srv/web/ipfire/html/images/flags/NR.png
+#srv/web/ipfire/html/images/flags/NU.png
+#srv/web/ipfire/html/images/flags/NZ.png
+#srv/web/ipfire/html/images/flags/OM.png
+#srv/web/ipfire/html/images/flags/PA.png
+#srv/web/ipfire/html/images/flags/PE.png
+#srv/web/ipfire/html/images/flags/PF.png
+#srv/web/ipfire/html/images/flags/PG.png
+#srv/web/ipfire/html/images/flags/PH.png
+#srv/web/ipfire/html/images/flags/PK.png
+#srv/web/ipfire/html/images/flags/PL.png
+#srv/web/ipfire/html/images/flags/PN.png
+#srv/web/ipfire/html/images/flags/PR.png
+#srv/web/ipfire/html/images/flags/PS.png
+#srv/web/ipfire/html/images/flags/PT.png
+#srv/web/ipfire/html/images/flags/PW.png
+#srv/web/ipfire/html/images/flags/PY.png
+#srv/web/ipfire/html/images/flags/QA.png
+#srv/web/ipfire/html/images/flags/RO.png
+#srv/web/ipfire/html/images/flags/RS.png
+#srv/web/ipfire/html/images/flags/RU.png
+#srv/web/ipfire/html/images/flags/RW.png
+#srv/web/ipfire/html/images/flags/SA.png
+#srv/web/ipfire/html/images/flags/SB.png
+#srv/web/ipfire/html/images/flags/SC.png
+#srv/web/ipfire/html/images/flags/SD.png
+#srv/web/ipfire/html/images/flags/SE.png
+#srv/web/ipfire/html/images/flags/SG.png
+#srv/web/ipfire/html/images/flags/SH.png
+#srv/web/ipfire/html/images/flags/SI.png
+#srv/web/ipfire/html/images/flags/SK.png
+#srv/web/ipfire/html/images/flags/SL.png
+#srv/web/ipfire/html/images/flags/SM.png
+#srv/web/ipfire/html/images/flags/SN.png
+#srv/web/ipfire/html/images/flags/SO.png
+#srv/web/ipfire/html/images/flags/SR.png
+#srv/web/ipfire/html/images/flags/SS.png
+#srv/web/ipfire/html/images/flags/ST.png
+#srv/web/ipfire/html/images/flags/SV.png
+#srv/web/ipfire/html/images/flags/SY.png
+#srv/web/ipfire/html/images/flags/SZ.png
+#srv/web/ipfire/html/images/flags/TC.png
+#srv/web/ipfire/html/images/flags/TD.png
+#srv/web/ipfire/html/images/flags/TF.png
+#srv/web/ipfire/html/images/flags/TG.png
+#srv/web/ipfire/html/images/flags/TH.png
+#srv/web/ipfire/html/images/flags/TJ.png
+#srv/web/ipfire/html/images/flags/TK.png
+#srv/web/ipfire/html/images/flags/TL.png
+#srv/web/ipfire/html/images/flags/TM.png
+#srv/web/ipfire/html/images/flags/TN.png
+#srv/web/ipfire/html/images/flags/TO.png
+#srv/web/ipfire/html/images/flags/TR.png
+#srv/web/ipfire/html/images/flags/TT.png
+#srv/web/ipfire/html/images/flags/TV.png
+#srv/web/ipfire/html/images/flags/TW.png
+#srv/web/ipfire/html/images/flags/TZ.png
+#srv/web/ipfire/html/images/flags/UA.png
+#srv/web/ipfire/html/images/flags/UG.png
+#srv/web/ipfire/html/images/flags/US.png
+#srv/web/ipfire/html/images/flags/UY.png
+#srv/web/ipfire/html/images/flags/UZ.png
+#srv/web/ipfire/html/images/flags/VA.png
+#srv/web/ipfire/html/images/flags/VC.png
+#srv/web/ipfire/html/images/flags/VE.png
+#srv/web/ipfire/html/images/flags/VG.png
+#srv/web/ipfire/html/images/flags/VI.png
+#srv/web/ipfire/html/images/flags/VN.png
+#srv/web/ipfire/html/images/flags/VU.png
+#srv/web/ipfire/html/images/flags/WF.png
+#srv/web/ipfire/html/images/flags/WS.png
+#srv/web/ipfire/html/images/flags/YE.png
+#srv/web/ipfire/html/images/flags/YT.png
+#srv/web/ipfire/html/images/flags/ZA.png
+#srv/web/ipfire/html/images/flags/ZM.png
+#srv/web/ipfire/html/images/flags/ZW.png
+#srv/web/ipfire/html/images/flags/unknown.png
#usr/bin/eqn2graph
#usr/bin/gdiffmk
#usr/bin/geqn
+#usr/bin/glilypond
+#usr/bin/gperl
+#usr/bin/gpinyin
#usr/bin/grap2graph
#usr/bin/grn
#usr/bin/grodvi
#usr/bin/grog
#usr/bin/grolbp
#usr/bin/grolj4
+#usr/bin/gropdf
#usr/bin/grops
#usr/bin/grotty
#usr/bin/gtbl
#usr/bin/mmroff
#usr/bin/neqn
#usr/bin/nroff
+#usr/bin/pdfmom
#usr/bin/pdfroff
#usr/bin/pfbtops
#usr/bin/pic
#usr/bin/tfmtodit
#usr/bin/troff
#usr/lib/groff
+#usr/lib/groff/glilypond
+#usr/lib/groff/glilypond/args.pl
+#usr/lib/groff/glilypond/oop_fh.pl
+#usr/lib/groff/glilypond/subs.pl
+#usr/lib/groff/gpinyin
+#usr/lib/groff/gpinyin/subs.pl
+#usr/lib/groff/groff_opts_no_arg.txt
+#usr/lib/groff/groff_opts_with_arg.txt
#usr/lib/groff/groffer
-#usr/lib/groff/groffer/func.pl
+#usr/lib/groff/groffer/main_subs.pl
#usr/lib/groff/groffer/man.pl
-#usr/lib/groff/groffer/perl_test.pl
#usr/lib/groff/groffer/split_env.sh
+#usr/lib/groff/groffer/subs.pl
#usr/lib/groff/groffer/version.sh
+#usr/lib/groff/grog
+#usr/lib/groff/grog/subs.pl
+#usr/lib/groff/refer
#usr/lib/groff/site-tmac
-#usr/share/doc/groff-1.21
-#usr/share/doc/groff-1.21/examples
-#usr/share/doc/groff-1.21/examples/chem
-#usr/share/doc/groff-1.21/examples/chem/122
-#usr/share/doc/groff-1.21/examples/chem/122/README
-#usr/share/doc/groff-1.21/examples/chem/122/ch2a_ethyl.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch2b_benzene.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch2c_benzene_right.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4a_stick.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4b_methyl_acetate.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4c_colon.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4d_HCl.H2O.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4e_CaSO4.2H2O.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4f_C.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4g_BP.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4h_methacrylate.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4i_cyclo.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4j_ring4.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4k_ring3.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4l_vertex.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4m_double.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4n_triple.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4o_aromatic.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4p_cholestanol.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4q_rings.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4r_spiro.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4s_heteroatoms.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4t_polycyclic.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4u_nicotine.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4v_histidine.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4w_lsd.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4x_anisole.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4y_reserpine.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4z1_eqn_glutamic.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch4z2_text.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch5a_size.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch6a_pic.chem
-#usr/share/doc/groff-1.21/examples/chem/122/ch6b_dna.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAa_polymer.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAb_vinyl_chloro.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAc_morphine.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAd_chlorophyll.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAe_chair.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAf_arrow.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAg_circle.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAh_brackets.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chAi_poly_vinyl_chloride.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chBa_jump.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chBb_bonds.chem
-#usr/share/doc/groff-1.21/examples/chem/122/chBc_rings.chem
-#usr/share/doc/groff-1.21/examples/chem/README
-#usr/share/doc/groff-1.21/examples/chem/atp.chem
-#usr/share/doc/groff-1.21/examples/chem/cholesterin.chem
-#usr/share/doc/groff-1.21/examples/chem/ethamivan.chem
-#usr/share/doc/groff-1.21/examples/chem/lsd.chem
-#usr/share/doc/groff-1.21/examples/chem/morphine.chem
-#usr/share/doc/groff-1.21/examples/chem/penicillin.chem
-#usr/share/doc/groff-1.21/examples/chem/reserpine.chem
-#usr/share/doc/groff-1.21/examples/gnu.eps
-#usr/share/doc/groff-1.21/examples/grnexmpl.g
-#usr/share/doc/groff-1.21/examples/grnexmpl.me
-#usr/share/doc/groff-1.21/examples/grnexmpl.ps
-#usr/share/doc/groff-1.21/examples/groff.css
-#usr/share/doc/groff-1.21/examples/hdtbl
-#usr/share/doc/groff-1.21/examples/hdtbl/chess_board.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/chess_board.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/col_rowspan_colors.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/col_rowspan_colors.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/color_boxes.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/color_boxes.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/color_nested_tables.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/color_nested_tables.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/color_table_cells.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/color_table_cells.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/color_transitions.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/color_transitions.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/common.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/fonts_n.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/fonts_n.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/fonts_x.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/fonts_x.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/gnu.eps
-#usr/share/doc/groff-1.21/examples/hdtbl/mixed_pickles.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/mixed_pickles.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/rainbow.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/rainbow.roff
-#usr/share/doc/groff-1.21/examples/hdtbl/short_reference.ps
-#usr/share/doc/groff-1.21/examples/hdtbl/short_reference.roff
-#usr/share/doc/groff-1.21/examples/mom
-#usr/share/doc/groff-1.21/examples/mom/README.txt
-#usr/share/doc/groff-1.21/examples/mom/elvis_syntax
-#usr/share/doc/groff-1.21/examples/mom/elvis_syntax.new
-#usr/share/doc/groff-1.21/examples/mom/letter.mom
-#usr/share/doc/groff-1.21/examples/mom/letter.ps
-#usr/share/doc/groff-1.21/examples/mom/penguin.ps
-#usr/share/doc/groff-1.21/examples/mom/sample_docs.mom
-#usr/share/doc/groff-1.21/examples/mom/sample_docs.ps
-#usr/share/doc/groff-1.21/examples/mom/typesetting.mom
-#usr/share/doc/groff-1.21/examples/mom/typesetting.ps
-#usr/share/doc/groff-1.21/examples/webpage.ms
-#usr/share/doc/groff-1.21/examples/webpage.ps
-#usr/share/doc/groff-1.21/html
-#usr/share/doc/groff-1.21/html/mom
-#usr/share/doc/groff-1.21/html/mom/appendices.html
-#usr/share/doc/groff-1.21/html/mom/color.html
-#usr/share/doc/groff-1.21/html/mom/cover.html
-#usr/share/doc/groff-1.21/html/mom/definitions.html
-#usr/share/doc/groff-1.21/html/mom/docelement.html
-#usr/share/doc/groff-1.21/html/mom/docprocessing.html
-#usr/share/doc/groff-1.21/html/mom/goodies.html
-#usr/share/doc/groff-1.21/html/mom/graphical.html
-#usr/share/doc/groff-1.21/html/mom/headfootpage.html
-#usr/share/doc/groff-1.21/html/mom/images.html
-#usr/share/doc/groff-1.21/html/mom/inlines.html
-#usr/share/doc/groff-1.21/html/mom/intro.html
-#usr/share/doc/groff-1.21/html/mom/letters.html
-#usr/share/doc/groff-1.21/html/mom/macrolist.html
-#usr/share/doc/groff-1.21/html/mom/rectoverso.html
-#usr/share/doc/groff-1.21/html/mom/refer.html
-#usr/share/doc/groff-1.21/html/mom/reserved.html
-#usr/share/doc/groff-1.21/html/mom/stylesheet.css
-#usr/share/doc/groff-1.21/html/mom/tables-of-contents.html
-#usr/share/doc/groff-1.21/html/mom/toc.html
-#usr/share/doc/groff-1.21/html/mom/typesetting.html
-#usr/share/doc/groff-1.21/html/mom/using.html
-#usr/share/doc/groff-1.21/meintro.me
-#usr/share/doc/groff-1.21/meintro.ps
-#usr/share/doc/groff-1.21/meref.me
-#usr/share/doc/groff-1.21/meref.ps
-#usr/share/doc/groff-1.21/pic.ms
-#usr/share/doc/groff-1.21/pic.ps
+#usr/share/doc/groff-1.22.3
+#usr/share/doc/groff-1.22.3/examples
+#usr/share/doc/groff-1.22.3/examples/chem
+#usr/share/doc/groff-1.22.3/examples/chem/122
+#usr/share/doc/groff-1.22.3/examples/chem/122/README
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch2a_ethyl.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch2b_benzene.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch2c_benzene_right.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4a_stick.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4b_methyl_acetate.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4c_colon.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4d_HCl.H2O.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4e_CaSO4.2H2O.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4f_C.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4g_BP.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4h_methacrylate.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4i_cyclo.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4j_ring4.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4k_ring3.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4l_vertex.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4m_double.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4n_triple.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4o_aromatic.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4p_cholestanol.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4q_rings.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4r_spiro.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4s_heteroatoms.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4t_polycyclic.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4u_nicotine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4v_histidine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4w_lsd.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4x_anisole.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4y_reserpine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4z1_eqn_glutamic.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch4z2_text.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch5a_size.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch6a_pic.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/ch6b_dna.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAa_polymer.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAb_vinyl_chloro.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAc_morphine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAd_chlorophyll.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAe_chair.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAf_arrow.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAg_circle.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAh_brackets.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chAi_poly_vinyl_chloride.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chBa_jump.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chBb_bonds.chem
+#usr/share/doc/groff-1.22.3/examples/chem/122/chBc_rings.chem
+#usr/share/doc/groff-1.22.3/examples/chem/README
+#usr/share/doc/groff-1.22.3/examples/chem/atp.chem
+#usr/share/doc/groff-1.22.3/examples/chem/cholesterin.chem
+#usr/share/doc/groff-1.22.3/examples/chem/ethamivan.chem
+#usr/share/doc/groff-1.22.3/examples/chem/lsd.chem
+#usr/share/doc/groff-1.22.3/examples/chem/morphine.chem
+#usr/share/doc/groff-1.22.3/examples/chem/penicillin.chem
+#usr/share/doc/groff-1.22.3/examples/chem/reserpine.chem
+#usr/share/doc/groff-1.22.3/examples/gnu.eps
+#usr/share/doc/groff-1.22.3/examples/grnexmpl.g
+#usr/share/doc/groff-1.22.3/examples/grnexmpl.me
+#usr/share/doc/groff-1.22.3/examples/grnexmpl.ps
+#usr/share/doc/groff-1.22.3/examples/groff.css
+#usr/share/doc/groff-1.22.3/examples/hdtbl
+#usr/share/doc/groff-1.22.3/examples/hdtbl/chess_board.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/chess_board.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/col_rowspan_colors.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/col_rowspan_colors.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_boxes.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_boxes.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_nested_tables.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_nested_tables.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_table_cells.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_table_cells.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_transitions.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/color_transitions.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/common.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/fonts_n.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/fonts_n.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/fonts_x.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/fonts_x.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/gnu.eps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/mixed_pickles.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/mixed_pickles.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/rainbow.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/rainbow.roff
+#usr/share/doc/groff-1.22.3/examples/hdtbl/short_reference.ps
+#usr/share/doc/groff-1.22.3/examples/hdtbl/short_reference.roff
+#usr/share/doc/groff-1.22.3/examples/mom
+#usr/share/doc/groff-1.22.3/examples/mom/README.txt
+#usr/share/doc/groff-1.22.3/examples/mom/elvis_syntax
+#usr/share/doc/groff-1.22.3/examples/mom/elvis_syntax.new
+#usr/share/doc/groff-1.22.3/examples/mom/letter.mom
+#usr/share/doc/groff-1.22.3/examples/mom/mom-pdf.mom
+#usr/share/doc/groff-1.22.3/examples/mom/mom.vim
+#usr/share/doc/groff-1.22.3/examples/mom/penguin.pdf
+#usr/share/doc/groff-1.22.3/examples/mom/penguin.ps
+#usr/share/doc/groff-1.22.3/examples/mom/sample_docs.mom
+#usr/share/doc/groff-1.22.3/examples/mom/typesetting.mom
+#usr/share/doc/groff-1.22.3/examples/webpage.ms
+#usr/share/doc/groff-1.22.3/examples/webpage.ps
+#usr/share/doc/groff-1.22.3/html
+#usr/share/doc/groff-1.22.3/html/mom
+#usr/share/doc/groff-1.22.3/html/mom/appendices.html
+#usr/share/doc/groff-1.22.3/html/mom/color.html
+#usr/share/doc/groff-1.22.3/html/mom/cover.html
+#usr/share/doc/groff-1.22.3/html/mom/definitions.html
+#usr/share/doc/groff-1.22.3/html/mom/docelement.html
+#usr/share/doc/groff-1.22.3/html/mom/docprocessing.html
+#usr/share/doc/groff-1.22.3/html/mom/goodies.html
+#usr/share/doc/groff-1.22.3/html/mom/graphical.html
+#usr/share/doc/groff-1.22.3/html/mom/headfootpage.html
+#usr/share/doc/groff-1.22.3/html/mom/images.html
+#usr/share/doc/groff-1.22.3/html/mom/inlines.html
+#usr/share/doc/groff-1.22.3/html/mom/intro.html
+#usr/share/doc/groff-1.22.3/html/mom/letters.html
+#usr/share/doc/groff-1.22.3/html/mom/macrolist.html
+#usr/share/doc/groff-1.22.3/html/mom/rectoverso.html
+#usr/share/doc/groff-1.22.3/html/mom/refer.html
+#usr/share/doc/groff-1.22.3/html/mom/reserved.html
+#usr/share/doc/groff-1.22.3/html/mom/stylesheet.css
+#usr/share/doc/groff-1.22.3/html/mom/tables-of-contents.html
+#usr/share/doc/groff-1.22.3/html/mom/toc.html
+#usr/share/doc/groff-1.22.3/html/mom/typesetting.html
+#usr/share/doc/groff-1.22.3/html/mom/using.html
+#usr/share/doc/groff-1.22.3/html/mom/version-2.html
+#usr/share/doc/groff-1.22.3/meintro.me
+#usr/share/doc/groff-1.22.3/meintro.ps
+#usr/share/doc/groff-1.22.3/meintro_fr.me
+#usr/share/doc/groff-1.22.3/meintro_fr.ps
+#usr/share/doc/groff-1.22.3/meref.me
+#usr/share/doc/groff-1.22.3/meref.ps
+#usr/share/doc/groff-1.22.3/pic.ms
+#usr/share/doc/groff-1.22.3/pic.ps
#usr/share/groff
-#usr/share/groff/1.21
-#usr/share/groff/1.21/eign
-#usr/share/groff/1.21/font
-#usr/share/groff/1.21/font/devascii
-#usr/share/groff/1.21/font/devascii/B
-#usr/share/groff/1.21/font/devascii/BI
-#usr/share/groff/1.21/font/devascii/DESC
-#usr/share/groff/1.21/font/devascii/I
-#usr/share/groff/1.21/font/devascii/R
-#usr/share/groff/1.21/font/devdvi
-#usr/share/groff/1.21/font/devdvi/CW
-#usr/share/groff/1.21/font/devdvi/CWEC
-#usr/share/groff/1.21/font/devdvi/CWI
-#usr/share/groff/1.21/font/devdvi/CWIEC
-#usr/share/groff/1.21/font/devdvi/CWITC
-#usr/share/groff/1.21/font/devdvi/CWTC
-#usr/share/groff/1.21/font/devdvi/DESC
-#usr/share/groff/1.21/font/devdvi/EX
-#usr/share/groff/1.21/font/devdvi/HB
-#usr/share/groff/1.21/font/devdvi/HBEC
-#usr/share/groff/1.21/font/devdvi/HBI
-#usr/share/groff/1.21/font/devdvi/HBIEC
-#usr/share/groff/1.21/font/devdvi/HBITC
-#usr/share/groff/1.21/font/devdvi/HBTC
-#usr/share/groff/1.21/font/devdvi/HI
-#usr/share/groff/1.21/font/devdvi/HIEC
-#usr/share/groff/1.21/font/devdvi/HITC
-#usr/share/groff/1.21/font/devdvi/HR
-#usr/share/groff/1.21/font/devdvi/HREC
-#usr/share/groff/1.21/font/devdvi/HRTC
-#usr/share/groff/1.21/font/devdvi/MI
-#usr/share/groff/1.21/font/devdvi/S
-#usr/share/groff/1.21/font/devdvi/SA
-#usr/share/groff/1.21/font/devdvi/SB
-#usr/share/groff/1.21/font/devdvi/SC
-#usr/share/groff/1.21/font/devdvi/TB
-#usr/share/groff/1.21/font/devdvi/TBEC
-#usr/share/groff/1.21/font/devdvi/TBI
-#usr/share/groff/1.21/font/devdvi/TBIEC
-#usr/share/groff/1.21/font/devdvi/TBITC
-#usr/share/groff/1.21/font/devdvi/TBTC
-#usr/share/groff/1.21/font/devdvi/TI
-#usr/share/groff/1.21/font/devdvi/TIEC
-#usr/share/groff/1.21/font/devdvi/TITC
-#usr/share/groff/1.21/font/devdvi/TR
-#usr/share/groff/1.21/font/devdvi/TREC
-#usr/share/groff/1.21/font/devdvi/TRTC
-#usr/share/groff/1.21/font/devdvi/generate
-#usr/share/groff/1.21/font/devdvi/generate/CompileFonts
-#usr/share/groff/1.21/font/devdvi/generate/Makefile
-#usr/share/groff/1.21/font/devdvi/generate/ec.map
-#usr/share/groff/1.21/font/devdvi/generate/msam.map
-#usr/share/groff/1.21/font/devdvi/generate/msbm.map
-#usr/share/groff/1.21/font/devdvi/generate/tc.map
-#usr/share/groff/1.21/font/devdvi/generate/texb.map
-#usr/share/groff/1.21/font/devdvi/generate/texex.map
-#usr/share/groff/1.21/font/devdvi/generate/texi.map
-#usr/share/groff/1.21/font/devdvi/generate/texmi.map
-#usr/share/groff/1.21/font/devdvi/generate/texr.map
-#usr/share/groff/1.21/font/devdvi/generate/texsy.map
-#usr/share/groff/1.21/font/devdvi/generate/textex.map
-#usr/share/groff/1.21/font/devdvi/generate/textt.map
-#usr/share/groff/1.21/font/devhtml
-#usr/share/groff/1.21/font/devhtml/B
-#usr/share/groff/1.21/font/devhtml/BI
-#usr/share/groff/1.21/font/devhtml/CB
-#usr/share/groff/1.21/font/devhtml/CBI
-#usr/share/groff/1.21/font/devhtml/CI
-#usr/share/groff/1.21/font/devhtml/CR
-#usr/share/groff/1.21/font/devhtml/DESC
-#usr/share/groff/1.21/font/devhtml/I
-#usr/share/groff/1.21/font/devhtml/R
-#usr/share/groff/1.21/font/devhtml/S
-#usr/share/groff/1.21/font/devlatin1
-#usr/share/groff/1.21/font/devlatin1/B
-#usr/share/groff/1.21/font/devlatin1/BI
-#usr/share/groff/1.21/font/devlatin1/DESC
-#usr/share/groff/1.21/font/devlatin1/I
-#usr/share/groff/1.21/font/devlatin1/R
-#usr/share/groff/1.21/font/devlbp
-#usr/share/groff/1.21/font/devlbp/CB
-#usr/share/groff/1.21/font/devlbp/CI
-#usr/share/groff/1.21/font/devlbp/CR
-#usr/share/groff/1.21/font/devlbp/DESC
-#usr/share/groff/1.21/font/devlbp/EB
-#usr/share/groff/1.21/font/devlbp/EI
-#usr/share/groff/1.21/font/devlbp/ER
-#usr/share/groff/1.21/font/devlbp/HB
-#usr/share/groff/1.21/font/devlbp/HBI
-#usr/share/groff/1.21/font/devlbp/HI
-#usr/share/groff/1.21/font/devlbp/HNB
-#usr/share/groff/1.21/font/devlbp/HNBI
-#usr/share/groff/1.21/font/devlbp/HNI
-#usr/share/groff/1.21/font/devlbp/HNR
-#usr/share/groff/1.21/font/devlbp/HR
-#usr/share/groff/1.21/font/devlbp/TB
-#usr/share/groff/1.21/font/devlbp/TBI
-#usr/share/groff/1.21/font/devlbp/TI
-#usr/share/groff/1.21/font/devlbp/TR
-#usr/share/groff/1.21/font/devlj4
-#usr/share/groff/1.21/font/devlj4/AB
-#usr/share/groff/1.21/font/devlj4/ABI
-#usr/share/groff/1.21/font/devlj4/AI
-#usr/share/groff/1.21/font/devlj4/ALBB
-#usr/share/groff/1.21/font/devlj4/ALBR
-#usr/share/groff/1.21/font/devlj4/AOB
-#usr/share/groff/1.21/font/devlj4/AOI
-#usr/share/groff/1.21/font/devlj4/AOR
-#usr/share/groff/1.21/font/devlj4/AR
-#usr/share/groff/1.21/font/devlj4/CB
-#usr/share/groff/1.21/font/devlj4/CBI
-#usr/share/groff/1.21/font/devlj4/CI
-#usr/share/groff/1.21/font/devlj4/CLARENDON
-#usr/share/groff/1.21/font/devlj4/CORONET
-#usr/share/groff/1.21/font/devlj4/CR
-#usr/share/groff/1.21/font/devlj4/DESC
-#usr/share/groff/1.21/font/devlj4/GB
-#usr/share/groff/1.21/font/devlj4/GBI
-#usr/share/groff/1.21/font/devlj4/GI
-#usr/share/groff/1.21/font/devlj4/GR
-#usr/share/groff/1.21/font/devlj4/LGB
-#usr/share/groff/1.21/font/devlj4/LGI
-#usr/share/groff/1.21/font/devlj4/LGR
-#usr/share/groff/1.21/font/devlj4/MARIGOLD
-#usr/share/groff/1.21/font/devlj4/OB
-#usr/share/groff/1.21/font/devlj4/OBI
-#usr/share/groff/1.21/font/devlj4/OI
-#usr/share/groff/1.21/font/devlj4/OR
-#usr/share/groff/1.21/font/devlj4/S
-#usr/share/groff/1.21/font/devlj4/SYMBOL
-#usr/share/groff/1.21/font/devlj4/TB
-#usr/share/groff/1.21/font/devlj4/TBI
-#usr/share/groff/1.21/font/devlj4/TI
-#usr/share/groff/1.21/font/devlj4/TNRB
-#usr/share/groff/1.21/font/devlj4/TNRBI
-#usr/share/groff/1.21/font/devlj4/TNRI
-#usr/share/groff/1.21/font/devlj4/TNRR
-#usr/share/groff/1.21/font/devlj4/TR
-#usr/share/groff/1.21/font/devlj4/UB
-#usr/share/groff/1.21/font/devlj4/UBI
-#usr/share/groff/1.21/font/devlj4/UCB
-#usr/share/groff/1.21/font/devlj4/UCBI
-#usr/share/groff/1.21/font/devlj4/UCI
-#usr/share/groff/1.21/font/devlj4/UCR
-#usr/share/groff/1.21/font/devlj4/UI
-#usr/share/groff/1.21/font/devlj4/UR
-#usr/share/groff/1.21/font/devlj4/WINGDINGS
-#usr/share/groff/1.21/font/devlj4/generate
-#usr/share/groff/1.21/font/devlj4/generate/Makefile
-#usr/share/groff/1.21/font/devlj4/generate/special.awk
-#usr/share/groff/1.21/font/devlj4/generate/special.map
-#usr/share/groff/1.21/font/devlj4/generate/symbol.map
-#usr/share/groff/1.21/font/devlj4/generate/text.map
-#usr/share/groff/1.21/font/devlj4/generate/wingdings.map
-#usr/share/groff/1.21/font/devps
-#usr/share/groff/1.21/font/devps/AB
-#usr/share/groff/1.21/font/devps/ABI
-#usr/share/groff/1.21/font/devps/AI
-#usr/share/groff/1.21/font/devps/AR
-#usr/share/groff/1.21/font/devps/BMB
-#usr/share/groff/1.21/font/devps/BMBI
-#usr/share/groff/1.21/font/devps/BMI
-#usr/share/groff/1.21/font/devps/BMR
-#usr/share/groff/1.21/font/devps/CB
-#usr/share/groff/1.21/font/devps/CBI
-#usr/share/groff/1.21/font/devps/CI
-#usr/share/groff/1.21/font/devps/CR
-#usr/share/groff/1.21/font/devps/DESC
-#usr/share/groff/1.21/font/devps/EURO
-#usr/share/groff/1.21/font/devps/HB
-#usr/share/groff/1.21/font/devps/HBI
-#usr/share/groff/1.21/font/devps/HI
-#usr/share/groff/1.21/font/devps/HNB
-#usr/share/groff/1.21/font/devps/HNBI
-#usr/share/groff/1.21/font/devps/HNI
-#usr/share/groff/1.21/font/devps/HNR
-#usr/share/groff/1.21/font/devps/HR
-#usr/share/groff/1.21/font/devps/NB
-#usr/share/groff/1.21/font/devps/NBI
-#usr/share/groff/1.21/font/devps/NI
-#usr/share/groff/1.21/font/devps/NR
-#usr/share/groff/1.21/font/devps/PB
-#usr/share/groff/1.21/font/devps/PBI
-#usr/share/groff/1.21/font/devps/PI
-#usr/share/groff/1.21/font/devps/PR
-#usr/share/groff/1.21/font/devps/S
-#usr/share/groff/1.21/font/devps/SS
-#usr/share/groff/1.21/font/devps/TB
-#usr/share/groff/1.21/font/devps/TBI
-#usr/share/groff/1.21/font/devps/TI
-#usr/share/groff/1.21/font/devps/TR
-#usr/share/groff/1.21/font/devps/ZCMI
-#usr/share/groff/1.21/font/devps/ZD
-#usr/share/groff/1.21/font/devps/ZDR
-#usr/share/groff/1.21/font/devps/download
-#usr/share/groff/1.21/font/devps/freeeuro.afm
-#usr/share/groff/1.21/font/devps/freeeuro.pfa
-#usr/share/groff/1.21/font/devps/generate
-#usr/share/groff/1.21/font/devps/generate/Makefile
-#usr/share/groff/1.21/font/devps/generate/afmname
-#usr/share/groff/1.21/font/devps/generate/dingbats.map
-#usr/share/groff/1.21/font/devps/generate/dingbats.rmap
-#usr/share/groff/1.21/font/devps/generate/lgreekmap
-#usr/share/groff/1.21/font/devps/generate/symbol.sed
-#usr/share/groff/1.21/font/devps/generate/symbolchars
-#usr/share/groff/1.21/font/devps/generate/symbolsl.afm
-#usr/share/groff/1.21/font/devps/generate/textmap
-#usr/share/groff/1.21/font/devps/prologue
-#usr/share/groff/1.21/font/devps/symbolsl.pfa
-#usr/share/groff/1.21/font/devps/text.enc
-#usr/share/groff/1.21/font/devps/zapfdr.pfa
-#usr/share/groff/1.21/font/devutf8
-#usr/share/groff/1.21/font/devutf8/B
-#usr/share/groff/1.21/font/devutf8/BI
-#usr/share/groff/1.21/font/devutf8/DESC
-#usr/share/groff/1.21/font/devutf8/I
-#usr/share/groff/1.21/font/devutf8/R
-#usr/share/groff/1.21/oldfont
-#usr/share/groff/1.21/oldfont/devps
-#usr/share/groff/1.21/oldfont/devps/CB
-#usr/share/groff/1.21/oldfont/devps/CBI
-#usr/share/groff/1.21/oldfont/devps/CI
-#usr/share/groff/1.21/oldfont/devps/CR
-#usr/share/groff/1.21/oldfont/devps/HB
-#usr/share/groff/1.21/oldfont/devps/HBI
-#usr/share/groff/1.21/oldfont/devps/HI
-#usr/share/groff/1.21/oldfont/devps/HNB
-#usr/share/groff/1.21/oldfont/devps/HNBI
-#usr/share/groff/1.21/oldfont/devps/HNI
-#usr/share/groff/1.21/oldfont/devps/HNR
-#usr/share/groff/1.21/oldfont/devps/HR
-#usr/share/groff/1.21/oldfont/devps/NB
-#usr/share/groff/1.21/oldfont/devps/NBI
-#usr/share/groff/1.21/oldfont/devps/NI
-#usr/share/groff/1.21/oldfont/devps/NR
-#usr/share/groff/1.21/oldfont/devps/PB
-#usr/share/groff/1.21/oldfont/devps/PBI
-#usr/share/groff/1.21/oldfont/devps/PI
-#usr/share/groff/1.21/oldfont/devps/PR
-#usr/share/groff/1.21/oldfont/devps/S
-#usr/share/groff/1.21/oldfont/devps/SS
-#usr/share/groff/1.21/oldfont/devps/TB
-#usr/share/groff/1.21/oldfont/devps/TBI
-#usr/share/groff/1.21/oldfont/devps/TI
-#usr/share/groff/1.21/oldfont/devps/TR
-#usr/share/groff/1.21/oldfont/devps/symbol.afm
-#usr/share/groff/1.21/oldfont/devps/symbolsl.afm
-#usr/share/groff/1.21/oldfont/devps/zapfdr.afm
-#usr/share/groff/1.21/oldfont/devps/zapfdr.ps
-#usr/share/groff/1.21/pic
-#usr/share/groff/1.21/pic/chem.pic
-#usr/share/groff/1.21/tmac
-#usr/share/groff/1.21/tmac/62bit.tmac
-#usr/share/groff/1.21/tmac/X.tmac
-#usr/share/groff/1.21/tmac/Xps.tmac
-#usr/share/groff/1.21/tmac/a4.tmac
-#usr/share/groff/1.21/tmac/an-ext.tmac
-#usr/share/groff/1.21/tmac/an-old.tmac
-#usr/share/groff/1.21/tmac/an.tmac
-#usr/share/groff/1.21/tmac/andoc.tmac
-#usr/share/groff/1.21/tmac/composite.tmac
-#usr/share/groff/1.21/tmac/cp1047.tmac
-#usr/share/groff/1.21/tmac/cs.tmac
-#usr/share/groff/1.21/tmac/de.tmac
-#usr/share/groff/1.21/tmac/den.tmac
-#usr/share/groff/1.21/tmac/devtag.tmac
-#usr/share/groff/1.21/tmac/doc-old.tmac
-#usr/share/groff/1.21/tmac/doc.tmac
-#usr/share/groff/1.21/tmac/dvi.tmac
-#usr/share/groff/1.21/tmac/e.tmac
-#usr/share/groff/1.21/tmac/ec.tmac
-#usr/share/groff/1.21/tmac/eqnrc
-#usr/share/groff/1.21/tmac/europs.tmac
-#usr/share/groff/1.21/tmac/fr.tmac
-#usr/share/groff/1.21/tmac/hdmisc.tmac
-#usr/share/groff/1.21/tmac/hdtbl.tmac
-#usr/share/groff/1.21/tmac/html-end.tmac
-#usr/share/groff/1.21/tmac/html.tmac
-#usr/share/groff/1.21/tmac/hyphen.cs
-#usr/share/groff/1.21/tmac/hyphen.den
-#usr/share/groff/1.21/tmac/hyphen.det
-#usr/share/groff/1.21/tmac/hyphen.fr
-#usr/share/groff/1.21/tmac/hyphen.sv
-#usr/share/groff/1.21/tmac/hyphen.us
-#usr/share/groff/1.21/tmac/hyphenex.cs
-#usr/share/groff/1.21/tmac/hyphenex.det
-#usr/share/groff/1.21/tmac/hyphenex.us
-#usr/share/groff/1.21/tmac/ja.tmac
-#usr/share/groff/1.21/tmac/latin1.tmac
-#usr/share/groff/1.21/tmac/latin2.tmac
-#usr/share/groff/1.21/tmac/latin5.tmac
-#usr/share/groff/1.21/tmac/latin9.tmac
-#usr/share/groff/1.21/tmac/lbp.tmac
-#usr/share/groff/1.21/tmac/lj4.tmac
-#usr/share/groff/1.21/tmac/m.tmac
-#usr/share/groff/1.21/tmac/man.tmac
-#usr/share/groff/1.21/tmac/mandoc.tmac
-#usr/share/groff/1.21/tmac/mdoc
-#usr/share/groff/1.21/tmac/mdoc.tmac
-#usr/share/groff/1.21/tmac/mdoc/doc-common
-#usr/share/groff/1.21/tmac/mdoc/doc-ditroff
-#usr/share/groff/1.21/tmac/mdoc/doc-nroff
-#usr/share/groff/1.21/tmac/mdoc/doc-syms
-#usr/share/groff/1.21/tmac/me.tmac
-#usr/share/groff/1.21/tmac/mm
-#usr/share/groff/1.21/tmac/mm.tmac
-#usr/share/groff/1.21/tmac/mm/0.MT
-#usr/share/groff/1.21/tmac/mm/4.MT
-#usr/share/groff/1.21/tmac/mm/5.MT
-#usr/share/groff/1.21/tmac/mm/locale
-#usr/share/groff/1.21/tmac/mm/ms.cov
-#usr/share/groff/1.21/tmac/mm/se_locale
-#usr/share/groff/1.21/tmac/mm/se_ms.cov
-#usr/share/groff/1.21/tmac/mmse.tmac
-#usr/share/groff/1.21/tmac/mom.tmac
-#usr/share/groff/1.21/tmac/ms.tmac
-#usr/share/groff/1.21/tmac/mse.tmac
-#usr/share/groff/1.21/tmac/om.tmac
-#usr/share/groff/1.21/tmac/papersize.tmac
-#usr/share/groff/1.21/tmac/pdfmark.tmac
-#usr/share/groff/1.21/tmac/pic.tmac
-#usr/share/groff/1.21/tmac/ps.tmac
-#usr/share/groff/1.21/tmac/psatk.tmac
-#usr/share/groff/1.21/tmac/psold.tmac
-#usr/share/groff/1.21/tmac/pspic.tmac
-#usr/share/groff/1.21/tmac/s.tmac
-#usr/share/groff/1.21/tmac/safer.tmac
-#usr/share/groff/1.21/tmac/spdf.tmac
-#usr/share/groff/1.21/tmac/sv.tmac
-#usr/share/groff/1.21/tmac/trace.tmac
-#usr/share/groff/1.21/tmac/trans.tmac
-#usr/share/groff/1.21/tmac/troffrc
-#usr/share/groff/1.21/tmac/troffrc-end
-#usr/share/groff/1.21/tmac/tty-char.tmac
-#usr/share/groff/1.21/tmac/tty.tmac
-#usr/share/groff/1.21/tmac/unicode.tmac
-#usr/share/groff/1.21/tmac/www.tmac
+#usr/share/groff/1.22.3
+#usr/share/groff/1.22.3/eign
+#usr/share/groff/1.22.3/font
+#usr/share/groff/1.22.3/font/devascii
+#usr/share/groff/1.22.3/font/devascii/B
+#usr/share/groff/1.22.3/font/devascii/BI
+#usr/share/groff/1.22.3/font/devascii/DESC
+#usr/share/groff/1.22.3/font/devascii/I
+#usr/share/groff/1.22.3/font/devascii/R
+#usr/share/groff/1.22.3/font/devdvi
+#usr/share/groff/1.22.3/font/devdvi/CW
+#usr/share/groff/1.22.3/font/devdvi/CWEC
+#usr/share/groff/1.22.3/font/devdvi/CWI
+#usr/share/groff/1.22.3/font/devdvi/CWIEC
+#usr/share/groff/1.22.3/font/devdvi/CWITC
+#usr/share/groff/1.22.3/font/devdvi/CWTC
+#usr/share/groff/1.22.3/font/devdvi/DESC
+#usr/share/groff/1.22.3/font/devdvi/EX
+#usr/share/groff/1.22.3/font/devdvi/HB
+#usr/share/groff/1.22.3/font/devdvi/HBEC
+#usr/share/groff/1.22.3/font/devdvi/HBI
+#usr/share/groff/1.22.3/font/devdvi/HBIEC
+#usr/share/groff/1.22.3/font/devdvi/HBITC
+#usr/share/groff/1.22.3/font/devdvi/HBTC
+#usr/share/groff/1.22.3/font/devdvi/HI
+#usr/share/groff/1.22.3/font/devdvi/HIEC
+#usr/share/groff/1.22.3/font/devdvi/HITC
+#usr/share/groff/1.22.3/font/devdvi/HR
+#usr/share/groff/1.22.3/font/devdvi/HREC
+#usr/share/groff/1.22.3/font/devdvi/HRTC
+#usr/share/groff/1.22.3/font/devdvi/MI
+#usr/share/groff/1.22.3/font/devdvi/S
+#usr/share/groff/1.22.3/font/devdvi/SA
+#usr/share/groff/1.22.3/font/devdvi/SB
+#usr/share/groff/1.22.3/font/devdvi/SC
+#usr/share/groff/1.22.3/font/devdvi/TB
+#usr/share/groff/1.22.3/font/devdvi/TBEC
+#usr/share/groff/1.22.3/font/devdvi/TBI
+#usr/share/groff/1.22.3/font/devdvi/TBIEC
+#usr/share/groff/1.22.3/font/devdvi/TBITC
+#usr/share/groff/1.22.3/font/devdvi/TBTC
+#usr/share/groff/1.22.3/font/devdvi/TI
+#usr/share/groff/1.22.3/font/devdvi/TIEC
+#usr/share/groff/1.22.3/font/devdvi/TITC
+#usr/share/groff/1.22.3/font/devdvi/TR
+#usr/share/groff/1.22.3/font/devdvi/TREC
+#usr/share/groff/1.22.3/font/devdvi/TRTC
+#usr/share/groff/1.22.3/font/devdvi/generate
+#usr/share/groff/1.22.3/font/devdvi/generate/CompileFonts
+#usr/share/groff/1.22.3/font/devdvi/generate/Makefile
+#usr/share/groff/1.22.3/font/devdvi/generate/ec.map
+#usr/share/groff/1.22.3/font/devdvi/generate/msam.map
+#usr/share/groff/1.22.3/font/devdvi/generate/msbm.map
+#usr/share/groff/1.22.3/font/devdvi/generate/tc.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texb.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texex.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texi.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texmi.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texr.map
+#usr/share/groff/1.22.3/font/devdvi/generate/texsy.map
+#usr/share/groff/1.22.3/font/devdvi/generate/textex.map
+#usr/share/groff/1.22.3/font/devdvi/generate/textt.map
+#usr/share/groff/1.22.3/font/devhtml
+#usr/share/groff/1.22.3/font/devhtml/B
+#usr/share/groff/1.22.3/font/devhtml/BI
+#usr/share/groff/1.22.3/font/devhtml/CB
+#usr/share/groff/1.22.3/font/devhtml/CBI
+#usr/share/groff/1.22.3/font/devhtml/CI
+#usr/share/groff/1.22.3/font/devhtml/CR
+#usr/share/groff/1.22.3/font/devhtml/DESC
+#usr/share/groff/1.22.3/font/devhtml/I
+#usr/share/groff/1.22.3/font/devhtml/R
+#usr/share/groff/1.22.3/font/devhtml/S
+#usr/share/groff/1.22.3/font/devlatin1
+#usr/share/groff/1.22.3/font/devlatin1/B
+#usr/share/groff/1.22.3/font/devlatin1/BI
+#usr/share/groff/1.22.3/font/devlatin1/DESC
+#usr/share/groff/1.22.3/font/devlatin1/I
+#usr/share/groff/1.22.3/font/devlatin1/R
+#usr/share/groff/1.22.3/font/devlbp
+#usr/share/groff/1.22.3/font/devlbp/CB
+#usr/share/groff/1.22.3/font/devlbp/CI
+#usr/share/groff/1.22.3/font/devlbp/CR
+#usr/share/groff/1.22.3/font/devlbp/DESC
+#usr/share/groff/1.22.3/font/devlbp/EB
+#usr/share/groff/1.22.3/font/devlbp/EI
+#usr/share/groff/1.22.3/font/devlbp/ER
+#usr/share/groff/1.22.3/font/devlbp/HB
+#usr/share/groff/1.22.3/font/devlbp/HBI
+#usr/share/groff/1.22.3/font/devlbp/HI
+#usr/share/groff/1.22.3/font/devlbp/HNB
+#usr/share/groff/1.22.3/font/devlbp/HNBI
+#usr/share/groff/1.22.3/font/devlbp/HNI
+#usr/share/groff/1.22.3/font/devlbp/HNR
+#usr/share/groff/1.22.3/font/devlbp/HR
+#usr/share/groff/1.22.3/font/devlbp/TB
+#usr/share/groff/1.22.3/font/devlbp/TBI
+#usr/share/groff/1.22.3/font/devlbp/TI
+#usr/share/groff/1.22.3/font/devlbp/TR
+#usr/share/groff/1.22.3/font/devlj4
+#usr/share/groff/1.22.3/font/devlj4/AB
+#usr/share/groff/1.22.3/font/devlj4/ABI
+#usr/share/groff/1.22.3/font/devlj4/AI
+#usr/share/groff/1.22.3/font/devlj4/ALBB
+#usr/share/groff/1.22.3/font/devlj4/ALBR
+#usr/share/groff/1.22.3/font/devlj4/AOB
+#usr/share/groff/1.22.3/font/devlj4/AOI
+#usr/share/groff/1.22.3/font/devlj4/AOR
+#usr/share/groff/1.22.3/font/devlj4/AR
+#usr/share/groff/1.22.3/font/devlj4/CB
+#usr/share/groff/1.22.3/font/devlj4/CBI
+#usr/share/groff/1.22.3/font/devlj4/CI
+#usr/share/groff/1.22.3/font/devlj4/CLARENDON
+#usr/share/groff/1.22.3/font/devlj4/CORONET
+#usr/share/groff/1.22.3/font/devlj4/CR
+#usr/share/groff/1.22.3/font/devlj4/DESC
+#usr/share/groff/1.22.3/font/devlj4/GB
+#usr/share/groff/1.22.3/font/devlj4/GBI
+#usr/share/groff/1.22.3/font/devlj4/GI
+#usr/share/groff/1.22.3/font/devlj4/GR
+#usr/share/groff/1.22.3/font/devlj4/LGB
+#usr/share/groff/1.22.3/font/devlj4/LGI
+#usr/share/groff/1.22.3/font/devlj4/LGR
+#usr/share/groff/1.22.3/font/devlj4/MARIGOLD
+#usr/share/groff/1.22.3/font/devlj4/OB
+#usr/share/groff/1.22.3/font/devlj4/OBI
+#usr/share/groff/1.22.3/font/devlj4/OI
+#usr/share/groff/1.22.3/font/devlj4/OR
+#usr/share/groff/1.22.3/font/devlj4/S
+#usr/share/groff/1.22.3/font/devlj4/SYMBOL
+#usr/share/groff/1.22.3/font/devlj4/TB
+#usr/share/groff/1.22.3/font/devlj4/TBI
+#usr/share/groff/1.22.3/font/devlj4/TI
+#usr/share/groff/1.22.3/font/devlj4/TNRB
+#usr/share/groff/1.22.3/font/devlj4/TNRBI
+#usr/share/groff/1.22.3/font/devlj4/TNRI
+#usr/share/groff/1.22.3/font/devlj4/TNRR
+#usr/share/groff/1.22.3/font/devlj4/TR
+#usr/share/groff/1.22.3/font/devlj4/UB
+#usr/share/groff/1.22.3/font/devlj4/UBI
+#usr/share/groff/1.22.3/font/devlj4/UCB
+#usr/share/groff/1.22.3/font/devlj4/UCBI
+#usr/share/groff/1.22.3/font/devlj4/UCI
+#usr/share/groff/1.22.3/font/devlj4/UCR
+#usr/share/groff/1.22.3/font/devlj4/UI
+#usr/share/groff/1.22.3/font/devlj4/UR
+#usr/share/groff/1.22.3/font/devlj4/WINGDINGS
+#usr/share/groff/1.22.3/font/devlj4/generate
+#usr/share/groff/1.22.3/font/devlj4/generate/Makefile
+#usr/share/groff/1.22.3/font/devlj4/generate/special.awk
+#usr/share/groff/1.22.3/font/devlj4/generate/special.map
+#usr/share/groff/1.22.3/font/devlj4/generate/symbol.map
+#usr/share/groff/1.22.3/font/devlj4/generate/text.map
+#usr/share/groff/1.22.3/font/devlj4/generate/wingdings.map
+#usr/share/groff/1.22.3/font/devpdf
+#usr/share/groff/1.22.3/font/devpdf/CB
+#usr/share/groff/1.22.3/font/devpdf/CBI
+#usr/share/groff/1.22.3/font/devpdf/CI
+#usr/share/groff/1.22.3/font/devpdf/CR
+#usr/share/groff/1.22.3/font/devpdf/DESC
+#usr/share/groff/1.22.3/font/devpdf/EURO
+#usr/share/groff/1.22.3/font/devpdf/Foundry
+#usr/share/groff/1.22.3/font/devpdf/HB
+#usr/share/groff/1.22.3/font/devpdf/HBI
+#usr/share/groff/1.22.3/font/devpdf/HI
+#usr/share/groff/1.22.3/font/devpdf/HR
+#usr/share/groff/1.22.3/font/devpdf/S
+#usr/share/groff/1.22.3/font/devpdf/TB
+#usr/share/groff/1.22.3/font/devpdf/TBI
+#usr/share/groff/1.22.3/font/devpdf/TI
+#usr/share/groff/1.22.3/font/devpdf/TR
+#usr/share/groff/1.22.3/font/devpdf/ZD
+#usr/share/groff/1.22.3/font/devpdf/download
+#usr/share/groff/1.22.3/font/devpdf/enc
+#usr/share/groff/1.22.3/font/devpdf/enc/text.enc
+#usr/share/groff/1.22.3/font/devpdf/map
+#usr/share/groff/1.22.3/font/devpdf/map/dingbats.map
+#usr/share/groff/1.22.3/font/devpdf/map/symbolchars
+#usr/share/groff/1.22.3/font/devpdf/map/symbolmap
+#usr/share/groff/1.22.3/font/devpdf/map/textmap
+#usr/share/groff/1.22.3/font/devpdf/util
+#usr/share/groff/1.22.3/font/devpdf/util/BuildFoundries
+#usr/share/groff/1.22.3/font/devps
+#usr/share/groff/1.22.3/font/devps/AB
+#usr/share/groff/1.22.3/font/devps/ABI
+#usr/share/groff/1.22.3/font/devps/AI
+#usr/share/groff/1.22.3/font/devps/AR
+#usr/share/groff/1.22.3/font/devps/BMB
+#usr/share/groff/1.22.3/font/devps/BMBI
+#usr/share/groff/1.22.3/font/devps/BMI
+#usr/share/groff/1.22.3/font/devps/BMR
+#usr/share/groff/1.22.3/font/devps/CB
+#usr/share/groff/1.22.3/font/devps/CBI
+#usr/share/groff/1.22.3/font/devps/CI
+#usr/share/groff/1.22.3/font/devps/CR
+#usr/share/groff/1.22.3/font/devps/DESC
+#usr/share/groff/1.22.3/font/devps/EURO
+#usr/share/groff/1.22.3/font/devps/HB
+#usr/share/groff/1.22.3/font/devps/HBI
+#usr/share/groff/1.22.3/font/devps/HI
+#usr/share/groff/1.22.3/font/devps/HNB
+#usr/share/groff/1.22.3/font/devps/HNBI
+#usr/share/groff/1.22.3/font/devps/HNI
+#usr/share/groff/1.22.3/font/devps/HNR
+#usr/share/groff/1.22.3/font/devps/HR
+#usr/share/groff/1.22.3/font/devps/NB
+#usr/share/groff/1.22.3/font/devps/NBI
+#usr/share/groff/1.22.3/font/devps/NI
+#usr/share/groff/1.22.3/font/devps/NR
+#usr/share/groff/1.22.3/font/devps/PB
+#usr/share/groff/1.22.3/font/devps/PBI
+#usr/share/groff/1.22.3/font/devps/PI
+#usr/share/groff/1.22.3/font/devps/PR
+#usr/share/groff/1.22.3/font/devps/S
+#usr/share/groff/1.22.3/font/devps/SS
+#usr/share/groff/1.22.3/font/devps/TB
+#usr/share/groff/1.22.3/font/devps/TBI
+#usr/share/groff/1.22.3/font/devps/TI
+#usr/share/groff/1.22.3/font/devps/TR
+#usr/share/groff/1.22.3/font/devps/ZCMI
+#usr/share/groff/1.22.3/font/devps/ZD
+#usr/share/groff/1.22.3/font/devps/ZDR
+#usr/share/groff/1.22.3/font/devps/download
+#usr/share/groff/1.22.3/font/devps/freeeuro.afm
+#usr/share/groff/1.22.3/font/devps/freeeuro.pfa
+#usr/share/groff/1.22.3/font/devps/generate
+#usr/share/groff/1.22.3/font/devps/generate/Makefile
+#usr/share/groff/1.22.3/font/devps/generate/afmname
+#usr/share/groff/1.22.3/font/devps/generate/dingbats.map
+#usr/share/groff/1.22.3/font/devps/generate/dingbats.rmap
+#usr/share/groff/1.22.3/font/devps/generate/lgreekmap
+#usr/share/groff/1.22.3/font/devps/generate/symbol.sed
+#usr/share/groff/1.22.3/font/devps/generate/symbolchars
+#usr/share/groff/1.22.3/font/devps/generate/symbolsl.afm
+#usr/share/groff/1.22.3/font/devps/generate/textmap
+#usr/share/groff/1.22.3/font/devps/prologue
+#usr/share/groff/1.22.3/font/devps/symbolsl.pfa
+#usr/share/groff/1.22.3/font/devps/text.enc
+#usr/share/groff/1.22.3/font/devps/zapfdr.pfa
+#usr/share/groff/1.22.3/font/devutf8
+#usr/share/groff/1.22.3/font/devutf8/B
+#usr/share/groff/1.22.3/font/devutf8/BI
+#usr/share/groff/1.22.3/font/devutf8/DESC
+#usr/share/groff/1.22.3/font/devutf8/I
+#usr/share/groff/1.22.3/font/devutf8/R
+#usr/share/groff/1.22.3/oldfont
+#usr/share/groff/1.22.3/oldfont/devps
+#usr/share/groff/1.22.3/oldfont/devps/CB
+#usr/share/groff/1.22.3/oldfont/devps/CBI
+#usr/share/groff/1.22.3/oldfont/devps/CI
+#usr/share/groff/1.22.3/oldfont/devps/CR
+#usr/share/groff/1.22.3/oldfont/devps/HB
+#usr/share/groff/1.22.3/oldfont/devps/HBI
+#usr/share/groff/1.22.3/oldfont/devps/HI
+#usr/share/groff/1.22.3/oldfont/devps/HNB
+#usr/share/groff/1.22.3/oldfont/devps/HNBI
+#usr/share/groff/1.22.3/oldfont/devps/HNI
+#usr/share/groff/1.22.3/oldfont/devps/HNR
+#usr/share/groff/1.22.3/oldfont/devps/HR
+#usr/share/groff/1.22.3/oldfont/devps/NB
+#usr/share/groff/1.22.3/oldfont/devps/NBI
+#usr/share/groff/1.22.3/oldfont/devps/NI
+#usr/share/groff/1.22.3/oldfont/devps/NR
+#usr/share/groff/1.22.3/oldfont/devps/PB
+#usr/share/groff/1.22.3/oldfont/devps/PBI
+#usr/share/groff/1.22.3/oldfont/devps/PI
+#usr/share/groff/1.22.3/oldfont/devps/PR
+#usr/share/groff/1.22.3/oldfont/devps/S
+#usr/share/groff/1.22.3/oldfont/devps/SS
+#usr/share/groff/1.22.3/oldfont/devps/TB
+#usr/share/groff/1.22.3/oldfont/devps/TBI
+#usr/share/groff/1.22.3/oldfont/devps/TI
+#usr/share/groff/1.22.3/oldfont/devps/TR
+#usr/share/groff/1.22.3/oldfont/devps/symbol.afm
+#usr/share/groff/1.22.3/oldfont/devps/symbolsl.afm
+#usr/share/groff/1.22.3/oldfont/devps/zapfdr.afm
+#usr/share/groff/1.22.3/oldfont/devps/zapfdr.ps
+#usr/share/groff/1.22.3/pic
+#usr/share/groff/1.22.3/pic/chem.pic
+#usr/share/groff/1.22.3/tmac
+#usr/share/groff/1.22.3/tmac/62bit.tmac
+#usr/share/groff/1.22.3/tmac/X.tmac
+#usr/share/groff/1.22.3/tmac/Xps.tmac
+#usr/share/groff/1.22.3/tmac/a4.tmac
+#usr/share/groff/1.22.3/tmac/an-ext.tmac
+#usr/share/groff/1.22.3/tmac/an-old.tmac
+#usr/share/groff/1.22.3/tmac/an.tmac
+#usr/share/groff/1.22.3/tmac/andoc.tmac
+#usr/share/groff/1.22.3/tmac/composite.tmac
+#usr/share/groff/1.22.3/tmac/cp1047.tmac
+#usr/share/groff/1.22.3/tmac/cs.tmac
+#usr/share/groff/1.22.3/tmac/de.tmac
+#usr/share/groff/1.22.3/tmac/den.tmac
+#usr/share/groff/1.22.3/tmac/devtag.tmac
+#usr/share/groff/1.22.3/tmac/doc-old.tmac
+#usr/share/groff/1.22.3/tmac/doc.tmac
+#usr/share/groff/1.22.3/tmac/dvi.tmac
+#usr/share/groff/1.22.3/tmac/e.tmac
+#usr/share/groff/1.22.3/tmac/ec.tmac
+#usr/share/groff/1.22.3/tmac/eqnrc
+#usr/share/groff/1.22.3/tmac/europs.tmac
+#usr/share/groff/1.22.3/tmac/fallbacks.tmac
+#usr/share/groff/1.22.3/tmac/fr.tmac
+#usr/share/groff/1.22.3/tmac/hdmisc.tmac
+#usr/share/groff/1.22.3/tmac/hdtbl.tmac
+#usr/share/groff/1.22.3/tmac/html-end.tmac
+#usr/share/groff/1.22.3/tmac/html.tmac
+#usr/share/groff/1.22.3/tmac/hyphen.cs
+#usr/share/groff/1.22.3/tmac/hyphen.den
+#usr/share/groff/1.22.3/tmac/hyphen.det
+#usr/share/groff/1.22.3/tmac/hyphen.fr
+#usr/share/groff/1.22.3/tmac/hyphen.sv
+#usr/share/groff/1.22.3/tmac/hyphen.us
+#usr/share/groff/1.22.3/tmac/hyphenex.cs
+#usr/share/groff/1.22.3/tmac/hyphenex.det
+#usr/share/groff/1.22.3/tmac/hyphenex.us
+#usr/share/groff/1.22.3/tmac/ja.tmac
+#usr/share/groff/1.22.3/tmac/latin1.tmac
+#usr/share/groff/1.22.3/tmac/latin2.tmac
+#usr/share/groff/1.22.3/tmac/latin5.tmac
+#usr/share/groff/1.22.3/tmac/latin9.tmac
+#usr/share/groff/1.22.3/tmac/lbp.tmac
+#usr/share/groff/1.22.3/tmac/lj4.tmac
+#usr/share/groff/1.22.3/tmac/m.tmac
+#usr/share/groff/1.22.3/tmac/man.tmac
+#usr/share/groff/1.22.3/tmac/mandoc.tmac
+#usr/share/groff/1.22.3/tmac/mdoc
+#usr/share/groff/1.22.3/tmac/mdoc.tmac
+#usr/share/groff/1.22.3/tmac/mdoc/doc-common
+#usr/share/groff/1.22.3/tmac/mdoc/doc-ditroff
+#usr/share/groff/1.22.3/tmac/mdoc/doc-nroff
+#usr/share/groff/1.22.3/tmac/mdoc/doc-syms
+#usr/share/groff/1.22.3/tmac/me.tmac
+#usr/share/groff/1.22.3/tmac/mm
+#usr/share/groff/1.22.3/tmac/mm.tmac
+#usr/share/groff/1.22.3/tmac/mm/0.MT
+#usr/share/groff/1.22.3/tmac/mm/4.MT
+#usr/share/groff/1.22.3/tmac/mm/5.MT
+#usr/share/groff/1.22.3/tmac/mm/locale
+#usr/share/groff/1.22.3/tmac/mm/ms.cov
+#usr/share/groff/1.22.3/tmac/mm/se_locale
+#usr/share/groff/1.22.3/tmac/mm/se_ms.cov
+#usr/share/groff/1.22.3/tmac/mmse.tmac
+#usr/share/groff/1.22.3/tmac/mom.tmac
+#usr/share/groff/1.22.3/tmac/ms.tmac
+#usr/share/groff/1.22.3/tmac/mse.tmac
+#usr/share/groff/1.22.3/tmac/om.tmac
+#usr/share/groff/1.22.3/tmac/papersize.tmac
+#usr/share/groff/1.22.3/tmac/pdf.tmac
+#usr/share/groff/1.22.3/tmac/pdfmark.tmac
+#usr/share/groff/1.22.3/tmac/pic.tmac
+#usr/share/groff/1.22.3/tmac/ps.tmac
+#usr/share/groff/1.22.3/tmac/psatk.tmac
+#usr/share/groff/1.22.3/tmac/psold.tmac
+#usr/share/groff/1.22.3/tmac/pspic.tmac
+#usr/share/groff/1.22.3/tmac/refer-me.tmac
+#usr/share/groff/1.22.3/tmac/refer-mm.tmac
+#usr/share/groff/1.22.3/tmac/refer-ms.tmac
+#usr/share/groff/1.22.3/tmac/refer.tmac
+#usr/share/groff/1.22.3/tmac/s.tmac
+#usr/share/groff/1.22.3/tmac/safer.tmac
+#usr/share/groff/1.22.3/tmac/spdf.tmac
+#usr/share/groff/1.22.3/tmac/sv.tmac
+#usr/share/groff/1.22.3/tmac/trace.tmac
+#usr/share/groff/1.22.3/tmac/trans.tmac
+#usr/share/groff/1.22.3/tmac/troffrc
+#usr/share/groff/1.22.3/tmac/troffrc-end
+#usr/share/groff/1.22.3/tmac/tty-char.tmac
+#usr/share/groff/1.22.3/tmac/tty.tmac
+#usr/share/groff/1.22.3/tmac/unicode.tmac
+#usr/share/groff/1.22.3/tmac/www.tmac
#usr/share/groff/current
#usr/share/groff/site-font
#usr/share/groff/site-tmac
#usr/share/info/groff.info
#usr/share/info/groff.info-1
#usr/share/info/groff.info-2
-#usr/share/info/groff.info-3
#usr/share/man/man1/addftinfo.1
#usr/share/man/man1/afmtodit.1
#usr/share/man/man1/chem.1
#usr/share/man/man1/eqn.1
#usr/share/man/man1/eqn2graph.1
#usr/share/man/man1/gdiffmk.1
+#usr/share/man/man1/glilypond.1
+#usr/share/man/man1/gperl.1
+#usr/share/man/man1/gpinyin.1
#usr/share/man/man1/grap2graph.1
#usr/share/man/man1/grn.1
#usr/share/man/man1/grodvi.1
#usr/share/man/man1/grohtml.1
#usr/share/man/man1/grolbp.1
#usr/share/man/man1/grolj4.1
+#usr/share/man/man1/gropdf.1
#usr/share/man/man1/grops.1
#usr/share/man/man1/grotty.1
#usr/share/man/man1/hpftodit.1
#usr/share/man/man1/mmroff.1
#usr/share/man/man1/neqn.1
#usr/share/man/man1/nroff.1
+#usr/share/man/man1/pdfmom.1
#usr/share/man/man1/pdfroff.1
#usr/share/man/man1/pfbtops.1
#usr/share/man/man1/pic.1
#usr/share/man/man7/groff.7
#usr/share/man/man7/groff_char.7
#usr/share/man/man7/groff_diff.7
+#usr/share/man/man7/groff_filenames.7
#usr/share/man/man7/groff_hdtbl.7
#usr/share/man/man7/groff_man.7
#usr/share/man/man7/groff_mdoc.7
#etc/rc.d/init.d/mysql
#etc/rc.d/init.d/netsnmpd
etc/rc.d/init.d/network
+etc/rc.d/init.d/network-trigger
etc/rc.d/init.d/network-vlans
#etc/rc.d/init.d/networking
etc/rc.d/init.d/networking/any
etc/rc.d/init.d/networking/red.up/50-ovpn
etc/rc.d/init.d/networking/red.up/98-leds
etc/rc.d/init.d/networking/red.up/99-fireinfo
+etc/rc.d/init.d/networking/red.up/99-geoip-database
etc/rc.d/init.d/networking/red.up/99-pakfire-update
etc/rc.d/init.d/networking/wpa_supplicant.exe
#etc/rc.d/init.d/nfs-server
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
+etc/rc.d/rcsysinit.d/S90network-trigger
etc/rc.d/rcsysinit.d/S91network-vlans
etc/rc.d/rcsysinit.d/S92rngd
etc/rc.d/rc3.d/S15fireinfo
--- /dev/null
+usr/lib/sse2/libcrypto.so.10
+#usr/bin/libnet-config
#usr/include/libnet
#usr/include/libnet.h
#usr/include/libnet/libnet-asn1.h
#usr/include/libnet/libnet-structures.h
#usr/include/libnet/libnet-types.h
#usr/lib/libnet.a
+#usr/lib/libnet.la
+#usr/lib/libnet.so
+#usr/lib/libnet.so.1
+#usr/lib/libnet.so.1.7.0
+#usr/share/man/man3/libnet-functions.h.3
+#usr/share/man/man3/libnet-macros.h.3
+#usr/share/man/man3/libnet.h.3
#usr/lib/libltdl.la
usr/lib/libltdl.so
usr/lib/libltdl.so.7
-usr/lib/libltdl.so.7.3.0
+usr/lib/libltdl.so.7.3.1
#usr/share/aclocal/argz.m4
#usr/share/aclocal/libtool.m4
+#usr/share/aclocal/ltargz.m4
#usr/share/aclocal/ltdl.m4
#usr/share/aclocal/ltoptions.m4
#usr/share/aclocal/ltsugar.m4
#usr/share/info/libtool.info-1
#usr/share/info/libtool.info-2
#usr/share/libtool
+#usr/share/libtool/config-h.in
+#usr/share/libtool/configure
+#usr/share/libtool/configure.ac
+#usr/share/libtool/COPYING.LIB
+#usr/share/libtool/Makefile.am
+#usr/share/libtool/Makefile.in
+#usr/share/libtool/README
+#usr/share/libtool/aclocal.m4
+#usr/share/libtool/lt__alloc.c
+#usr/share/libtool/lt__argz.c
+#usr/share/libtool/lt__dirent.c
+#usr/share/libtool/lt__strl.c
+#usr/share/libtool/lt_dlloader.c
+#usr/share/libtool/lt_error.c
+#usr/share/libtool/ltdl.c
+#usr/share/libtool/ltdl.h
+#usr/share/libtool/ltdl.mk
+#usr/share/libtool/slist.c
+#usr/share/libtool/build-aux
+#usr/share/libtool/build-aux/compile
+#usr/share/libtool/build-aux/config.guess
+#usr/share/libtool/build-aux/config.sub
+#usr/share/libtool/build-aux/depcomp
+#usr/share/libtool/build-aux/install-sh
+#usr/share/libtool/build-aux/ltmain.sh
+#usr/share/libtool/build-aux/missing
#usr/share/libtool/config
#usr/share/libtool/config/compile
#usr/share/libtool/config/config.guess
#usr/share/libtool/libltdl/config-h.in
#usr/share/libtool/libltdl/configure
#usr/share/libtool/libltdl/configure.ac
+#usr/share/libtool/libltdl/lt__alloc.c
+#usr/share/libtool/libltdl/lt__dirent.c
+#usr/share/libtool/libltdl/lt__strl.c
+#usr/share/libtool/libltdl/lt_dlloader.c
+#usr/share/libtool/libltdl/lt_error.c
+#usr/share/libtool/libltdl/ltdl.c
+#usr/share/libtool/libltdl/ltdl.h
+#usr/share/libtool/libltdl/slist.c
+#usr/share/libtool/libltdl/lt__alloc.h
+#usr/share/libtool/libltdl/lt__argz_.h
+#usr/share/libtool/libltdl/lt__dirent.h
+#usr/share/libtool/libltdl/lt__glibc.h
+#usr/share/libtool/libltdl/lt__private.h
+#usr/share/libtool/libltdl/lt__strl.h
+#usr/share/libtool/libltdl/lt_dlloader.h
+#usr/share/libtool/libltdl/lt_error.h
+#usr/share/libtool/libltdl/lt_system.h
+#usr/share/libtool/libltdl/slist.h
#usr/share/libtool/libltdl/libltdl
#usr/share/libtool/libltdl/libltdl/lt__alloc.h
#usr/share/libtool/libltdl/libltdl/lt__dirent.h
#usr/share/libtool/libltdl/loaders/loadlibrary.c
#usr/share/libtool/libltdl/loaders/preopen.c
#usr/share/libtool/libltdl/loaders/shl_load.c
-#usr/share/libtool/libltdl/lt__alloc.c
-#usr/share/libtool/libltdl/lt__dirent.c
-#usr/share/libtool/libltdl/lt__strl.c
-#usr/share/libtool/libltdl/lt_dlloader.c
-#usr/share/libtool/libltdl/lt_error.c
-#usr/share/libtool/libltdl/ltdl.c
-#usr/share/libtool/libltdl/ltdl.h
-#usr/share/libtool/libltdl/slist.c
+#usr/share/libtool/loaders
+#usr/share/libtool/loaders/dld_link.c
+#usr/share/libtool/loaders/dlopen.c
+#usr/share/libtool/loaders/dyld.c
+#usr/share/libtool/loaders/load_add_on.c
+#usr/share/libtool/loaders/loadlibrary.c
+#usr/share/libtool/loaders/preopen.c
+#usr/share/libtool/loaders/shl_load.c
#usr/share/man/man1/libtool.1
#usr/share/man/man1/libtoolize.1
#usr/include/libxml2/libxml/xpath.h
#usr/include/libxml2/libxml/xpathInternals.h
#usr/include/libxml2/libxml/xpointer.h
+#usr/lib/cmake
+#usr/lib/cmake/libxml2
+#usr/lib/cmake/libxml2/libxml2-config.cmake
#usr/lib/libxml2.a
#usr/lib/libxml2.la
usr/lib/libxml2.so
usr/lib/libxml2.so.2
-usr/lib/libxml2.so.2.6.32
+usr/lib/libxml2.so.2.9.2
#usr/lib/pkgconfig/libxml-2.0.pc
usr/lib/python2.7/site-packages/drv_libxml2.py
usr/lib/python2.7/site-packages/libxml2.py
usr/lib/python2.7/site-packages/libxml2mod.so
#usr/lib/xml2Conf.sh
#usr/share/aclocal/libxml.m4
-#usr/share/doc/libxml2-2.6.32
-#usr/share/doc/libxml2-2.6.32/Copyright
-#usr/share/doc/libxml2-2.6.32/examples
-#usr/share/doc/libxml2-2.6.32/examples/testHTML.c
-#usr/share/doc/libxml2-2.6.32/examples/testSAX.c
-#usr/share/doc/libxml2-2.6.32/examples/testXPath.c
-#usr/share/doc/libxml2-2.6.32/examples/xmllint.c
-#usr/share/doc/libxml2-2.6.32/html
-#usr/share/doc/libxml2-2.6.32/html/DOM.gif
-#usr/share/doc/libxml2-2.6.32/html/FAQ.html
-#usr/share/doc/libxml2-2.6.32/html/Libxml2-Logo-180x168.gif
-#usr/share/doc/libxml2-2.6.32/html/Libxml2-Logo-90x34.gif
-#usr/share/doc/libxml2-2.6.32/html/encoding.html
-#usr/share/doc/libxml2-2.6.32/html/examples.xml
-#usr/share/doc/libxml2-2.6.32/html/examples.xsl
-#usr/share/doc/libxml2-2.6.32/html/html
-#usr/share/doc/libxml2-2.6.32/html/html/book1.html
-#usr/share/doc/libxml2-2.6.32/html/html/home.png
-#usr/share/doc/libxml2-2.6.32/html/html/index.html
-#usr/share/doc/libxml2-2.6.32/html/html/left.png
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-DOCBparser.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-HTMLparser.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-HTMLtree.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-SAX.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-SAX2.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-c14n.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-catalog.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-chvalid.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-debugXML.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-dict.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-encoding.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-entities.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-globals.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-hash.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-lib.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-list.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-nanoftp.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-nanohttp.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-parser.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-parserInternals.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-pattern.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-relaxng.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-schemasInternals.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-schematron.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-threads.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-tree.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-uri.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-valid.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xinclude.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xlink.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlIO.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlautomata.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlerror.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlexports.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlmemory.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlmodule.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlreader.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlregexp.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlsave.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlschemas.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlschemastypes.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlstring.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlunicode.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlversion.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xmlwriter.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xpath.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xpathInternals.html
-#usr/share/doc/libxml2-2.6.32/html/html/libxml-xpointer.html
-#usr/share/doc/libxml2-2.6.32/html/html/right.png
-#usr/share/doc/libxml2-2.6.32/html/html/up.png
-#usr/share/doc/libxml2-2.6.32/html/io1.c
-#usr/share/doc/libxml2-2.6.32/html/io1.res
-#usr/share/doc/libxml2-2.6.32/html/io2.c
-#usr/share/doc/libxml2-2.6.32/html/io2.res
-#usr/share/doc/libxml2-2.6.32/html/libxml.gif
-#usr/share/doc/libxml2-2.6.32/html/parse1.c
-#usr/share/doc/libxml2-2.6.32/html/parse2.c
-#usr/share/doc/libxml2-2.6.32/html/parse3.c
-#usr/share/doc/libxml2-2.6.32/html/parse4.c
-#usr/share/doc/libxml2-2.6.32/html/reader1.c
-#usr/share/doc/libxml2-2.6.32/html/reader1.res
-#usr/share/doc/libxml2-2.6.32/html/reader2.c
-#usr/share/doc/libxml2-2.6.32/html/reader3.c
-#usr/share/doc/libxml2-2.6.32/html/reader3.res
-#usr/share/doc/libxml2-2.6.32/html/reader4.c
-#usr/share/doc/libxml2-2.6.32/html/reader4.res
-#usr/share/doc/libxml2-2.6.32/html/redhat.gif
-#usr/share/doc/libxml2-2.6.32/html/smallfootonly.gif
-#usr/share/doc/libxml2-2.6.32/html/structure.gif
-#usr/share/doc/libxml2-2.6.32/html/test1.xml
-#usr/share/doc/libxml2-2.6.32/html/test2.xml
-#usr/share/doc/libxml2-2.6.32/html/test3.xml
-#usr/share/doc/libxml2-2.6.32/html/testWriter.c
-#usr/share/doc/libxml2-2.6.32/html/tree1.c
-#usr/share/doc/libxml2-2.6.32/html/tree1.res
-#usr/share/doc/libxml2-2.6.32/html/tree2.c
-#usr/share/doc/libxml2-2.6.32/html/tree2.res
-#usr/share/doc/libxml2-2.6.32/html/tst.xml
-#usr/share/doc/libxml2-2.6.32/html/tutorial
-#usr/share/doc/libxml2-2.6.32/html/tutorial/apa.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/apb.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/apc.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/apd.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ape.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/apf.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/apg.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/aph.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/api.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ar01s02.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ar01s03.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ar01s04.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ar01s05.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ar01s06.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ar01s07.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ar01s08.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ar01s09.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/blank.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/1.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/10.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/2.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/3.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/4.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/5.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/6.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/7.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/8.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/callouts/9.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/caution.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/draft.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/home.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/important.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/next.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/note.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/prev.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/tip.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/toc-blank.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/toc-minus.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/toc-plus.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/up.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/images/warning.png
-#usr/share/doc/libxml2-2.6.32/html/tutorial/includeaddattribute.c
-#usr/share/doc/libxml2-2.6.32/html/tutorial/includeaddkeyword.c
-#usr/share/doc/libxml2-2.6.32/html/tutorial/includeconvert.c
-#usr/share/doc/libxml2-2.6.32/html/tutorial/includegetattribute.c
-#usr/share/doc/libxml2-2.6.32/html/tutorial/includekeyword.c
-#usr/share/doc/libxml2-2.6.32/html/tutorial/includexpath.c
-#usr/share/doc/libxml2-2.6.32/html/tutorial/index.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/ix01.html
-#usr/share/doc/libxml2-2.6.32/html/tutorial/xmltutorial.pdf
-#usr/share/doc/libxml2-2.6.32/html/w3c.png
-#usr/share/doc/libxml2-2.6.32/html/writer.xml
-#usr/share/doc/libxml2-2.6.32/html/xml.html
-#usr/share/doc/libxml2-2.6.32/html/xpath1.c
-#usr/share/doc/libxml2-2.6.32/html/xpath1.res
-#usr/share/doc/libxml2-2.6.32/html/xpath2.c
-#usr/share/doc/libxml2-2.6.32/html/xpath2.res
-#usr/share/doc/libxml2-python-2.6.32
-#usr/share/doc/libxml2-python-2.6.32/TODO
-#usr/share/doc/libxml2-python-2.6.32/examples
-#usr/share/doc/libxml2-python-2.6.32/examples/attribs.py
-#usr/share/doc/libxml2-python-2.6.32/examples/build.py
-#usr/share/doc/libxml2-python-2.6.32/examples/compareNodes.py
-#usr/share/doc/libxml2-python-2.6.32/examples/ctxterror.py
-#usr/share/doc/libxml2-python-2.6.32/examples/cutnpaste.py
-#usr/share/doc/libxml2-python-2.6.32/examples/dtdvalid.py
-#usr/share/doc/libxml2-python-2.6.32/examples/error.py
-#usr/share/doc/libxml2-python-2.6.32/examples/inbuf.py
-#usr/share/doc/libxml2-python-2.6.32/examples/indexes.py
-#usr/share/doc/libxml2-python-2.6.32/examples/invalid.xml
-#usr/share/doc/libxml2-python-2.6.32/examples/nsdel.py
-#usr/share/doc/libxml2-python-2.6.32/examples/outbuf.py
-#usr/share/doc/libxml2-python-2.6.32/examples/push.py
-#usr/share/doc/libxml2-python-2.6.32/examples/pushSAX.py
-#usr/share/doc/libxml2-python-2.6.32/examples/pushSAXhtml.py
-#usr/share/doc/libxml2-python-2.6.32/examples/reader.py
-#usr/share/doc/libxml2-python-2.6.32/examples/reader2.py
-#usr/share/doc/libxml2-python-2.6.32/examples/reader3.py
-#usr/share/doc/libxml2-python-2.6.32/examples/reader4.py
-#usr/share/doc/libxml2-python-2.6.32/examples/reader5.py
-#usr/share/doc/libxml2-python-2.6.32/examples/reader6.py
-#usr/share/doc/libxml2-python-2.6.32/examples/reader7.py
-#usr/share/doc/libxml2-python-2.6.32/examples/reader8.py
-#usr/share/doc/libxml2-python-2.6.32/examples/readererr.py
-#usr/share/doc/libxml2-python-2.6.32/examples/readernext.py
-#usr/share/doc/libxml2-python-2.6.32/examples/regexp.py
-#usr/share/doc/libxml2-python-2.6.32/examples/relaxng.py
-#usr/share/doc/libxml2-python-2.6.32/examples/resolver.py
-#usr/share/doc/libxml2-python-2.6.32/examples/schema.py
-#usr/share/doc/libxml2-python-2.6.32/examples/serialize.py
-#usr/share/doc/libxml2-python-2.6.32/examples/sync.py
-#usr/share/doc/libxml2-python-2.6.32/examples/test.dtd
-#usr/share/doc/libxml2-python-2.6.32/examples/thread2.py
-#usr/share/doc/libxml2-python-2.6.32/examples/tst.py
-#usr/share/doc/libxml2-python-2.6.32/examples/tst.xml
-#usr/share/doc/libxml2-python-2.6.32/examples/tstLastError.py
-#usr/share/doc/libxml2-python-2.6.32/examples/tstURI.py
-#usr/share/doc/libxml2-python-2.6.32/examples/tstmem.py
-#usr/share/doc/libxml2-python-2.6.32/examples/tstxpath.py
-#usr/share/doc/libxml2-python-2.6.32/examples/valid.xml
-#usr/share/doc/libxml2-python-2.6.32/examples/validDTD.py
-#usr/share/doc/libxml2-python-2.6.32/examples/validRNG.py
-#usr/share/doc/libxml2-python-2.6.32/examples/validSchemas.py
-#usr/share/doc/libxml2-python-2.6.32/examples/validate.py
-#usr/share/doc/libxml2-python-2.6.32/examples/walker.py
-#usr/share/doc/libxml2-python-2.6.32/examples/xpath.py
-#usr/share/doc/libxml2-python-2.6.32/examples/xpathext.py
-#usr/share/doc/libxml2-python-2.6.32/examples/xpathns.py
-#usr/share/doc/libxml2-python-2.6.32/examples/xpathret.py
-#usr/share/gtk-doc
-#usr/share/gtk-doc/html
+#usr/share/doc/libxml2-2.9.2
+#usr/share/doc/libxml2-2.9.2/Copyright
+#usr/share/doc/libxml2-2.9.2/examples
+#usr/share/doc/libxml2-2.9.2/examples/testHTML.c
+#usr/share/doc/libxml2-2.9.2/examples/testSAX.c
+#usr/share/doc/libxml2-2.9.2/examples/testXPath.c
+#usr/share/doc/libxml2-2.9.2/examples/xmllint.c
+#usr/share/doc/libxml2-2.9.2/html
+#usr/share/doc/libxml2-2.9.2/html/DOM.gif
+#usr/share/doc/libxml2-2.9.2/html/FAQ.html
+#usr/share/doc/libxml2-2.9.2/html/Libxml2-Logo-180x168.gif
+#usr/share/doc/libxml2-2.9.2/html/Libxml2-Logo-90x34.gif
+#usr/share/doc/libxml2-2.9.2/html/encoding.html
+#usr/share/doc/libxml2-2.9.2/html/examples.xml
+#usr/share/doc/libxml2-2.9.2/html/examples.xsl
+#usr/share/doc/libxml2-2.9.2/html/html
+#usr/share/doc/libxml2-2.9.2/html/html/book1.html
+#usr/share/doc/libxml2-2.9.2/html/html/home.png
+#usr/share/doc/libxml2-2.9.2/html/html/index.html
+#usr/share/doc/libxml2-2.9.2/html/html/left.png
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-DOCBparser.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-HTMLparser.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-HTMLtree.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-SAX.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-SAX2.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-c14n.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-catalog.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-chvalid.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-debugXML.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-dict.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-encoding.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-entities.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-globals.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-hash.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-lib.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-list.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-nanoftp.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-nanohttp.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-parser.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-parserInternals.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-pattern.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-relaxng.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-schemasInternals.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-schematron.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-threads.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-tree.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-uri.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-valid.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xinclude.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xlink.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlIO.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlautomata.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlerror.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlexports.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlmemory.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlmodule.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlreader.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlregexp.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlsave.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlschemas.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlschemastypes.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlstring.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlunicode.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlversion.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xmlwriter.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xpath.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xpathInternals.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xpointer.html
+#usr/share/doc/libxml2-2.9.2/html/html/libxml-xzlib.html
+#usr/share/doc/libxml2-2.9.2/html/html/right.png
+#usr/share/doc/libxml2-2.9.2/html/html/up.png
+#usr/share/doc/libxml2-2.9.2/html/index.html
+#usr/share/doc/libxml2-2.9.2/html/io1.c
+#usr/share/doc/libxml2-2.9.2/html/io1.res
+#usr/share/doc/libxml2-2.9.2/html/io2.c
+#usr/share/doc/libxml2-2.9.2/html/io2.res
+#usr/share/doc/libxml2-2.9.2/html/libxml.gif
+#usr/share/doc/libxml2-2.9.2/html/parse1.c
+#usr/share/doc/libxml2-2.9.2/html/parse2.c
+#usr/share/doc/libxml2-2.9.2/html/parse3.c
+#usr/share/doc/libxml2-2.9.2/html/parse4.c
+#usr/share/doc/libxml2-2.9.2/html/reader1.c
+#usr/share/doc/libxml2-2.9.2/html/reader1.res
+#usr/share/doc/libxml2-2.9.2/html/reader2.c
+#usr/share/doc/libxml2-2.9.2/html/reader3.c
+#usr/share/doc/libxml2-2.9.2/html/reader3.res
+#usr/share/doc/libxml2-2.9.2/html/reader4.c
+#usr/share/doc/libxml2-2.9.2/html/reader4.res
+#usr/share/doc/libxml2-2.9.2/html/redhat.gif
+#usr/share/doc/libxml2-2.9.2/html/smallfootonly.gif
+#usr/share/doc/libxml2-2.9.2/html/structure.gif
+#usr/share/doc/libxml2-2.9.2/html/test1.xml
+#usr/share/doc/libxml2-2.9.2/html/test2.xml
+#usr/share/doc/libxml2-2.9.2/html/test3.xml
+#usr/share/doc/libxml2-2.9.2/html/testWriter.c
+#usr/share/doc/libxml2-2.9.2/html/tree1.c
+#usr/share/doc/libxml2-2.9.2/html/tree1.res
+#usr/share/doc/libxml2-2.9.2/html/tree2.c
+#usr/share/doc/libxml2-2.9.2/html/tree2.res
+#usr/share/doc/libxml2-2.9.2/html/tst.xml
+#usr/share/doc/libxml2-2.9.2/html/tutorial
+#usr/share/doc/libxml2-2.9.2/html/tutorial/apa.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/apb.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/apc.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/apd.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ape.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/apf.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/apg.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/aph.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/api.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ar01s02.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ar01s03.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ar01s04.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ar01s05.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ar01s06.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ar01s07.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ar01s08.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ar01s09.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/blank.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/1.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/10.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/2.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/3.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/4.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/5.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/6.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/7.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/8.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/callouts/9.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/caution.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/draft.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/home.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/important.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/next.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/note.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/prev.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/tip.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/toc-blank.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/toc-minus.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/toc-plus.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/up.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/images/warning.png
+#usr/share/doc/libxml2-2.9.2/html/tutorial/includeaddattribute.c
+#usr/share/doc/libxml2-2.9.2/html/tutorial/includeaddkeyword.c
+#usr/share/doc/libxml2-2.9.2/html/tutorial/includeconvert.c
+#usr/share/doc/libxml2-2.9.2/html/tutorial/includegetattribute.c
+#usr/share/doc/libxml2-2.9.2/html/tutorial/includekeyword.c
+#usr/share/doc/libxml2-2.9.2/html/tutorial/includexpath.c
+#usr/share/doc/libxml2-2.9.2/html/tutorial/index.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/ix01.html
+#usr/share/doc/libxml2-2.9.2/html/tutorial/xmltutorial.pdf
+#usr/share/doc/libxml2-2.9.2/html/w3c.png
+#usr/share/doc/libxml2-2.9.2/html/writer.xml
+#usr/share/doc/libxml2-2.9.2/html/xml.html
+#usr/share/doc/libxml2-2.9.2/html/xpath1.c
+#usr/share/doc/libxml2-2.9.2/html/xpath1.res
+#usr/share/doc/libxml2-2.9.2/html/xpath2.c
+#usr/share/doc/libxml2-2.9.2/html/xpath2.res
+#usr/share/doc/libxml2-python-2.9.2
+#usr/share/doc/libxml2-python-2.9.2/TODO
+#usr/share/doc/libxml2-python-2.9.2/examples
+#usr/share/doc/libxml2-python-2.9.2/examples/attribs.py
+#usr/share/doc/libxml2-python-2.9.2/examples/build.py
+#usr/share/doc/libxml2-python-2.9.2/examples/compareNodes.py
+#usr/share/doc/libxml2-python-2.9.2/examples/ctxterror.py
+#usr/share/doc/libxml2-python-2.9.2/examples/cutnpaste.py
+#usr/share/doc/libxml2-python-2.9.2/examples/dtdvalid.py
+#usr/share/doc/libxml2-python-2.9.2/examples/error.py
+#usr/share/doc/libxml2-python-2.9.2/examples/inbuf.py
+#usr/share/doc/libxml2-python-2.9.2/examples/indexes.py
+#usr/share/doc/libxml2-python-2.9.2/examples/input_callback.py
+#usr/share/doc/libxml2-python-2.9.2/examples/invalid.xml
+#usr/share/doc/libxml2-python-2.9.2/examples/nsdel.py
+#usr/share/doc/libxml2-python-2.9.2/examples/outbuf.py
+#usr/share/doc/libxml2-python-2.9.2/examples/push.py
+#usr/share/doc/libxml2-python-2.9.2/examples/pushSAX.py
+#usr/share/doc/libxml2-python-2.9.2/examples/pushSAXhtml.py
+#usr/share/doc/libxml2-python-2.9.2/examples/reader.py
+#usr/share/doc/libxml2-python-2.9.2/examples/reader2.py
+#usr/share/doc/libxml2-python-2.9.2/examples/reader3.py
+#usr/share/doc/libxml2-python-2.9.2/examples/reader4.py
+#usr/share/doc/libxml2-python-2.9.2/examples/reader5.py
+#usr/share/doc/libxml2-python-2.9.2/examples/reader6.py
+#usr/share/doc/libxml2-python-2.9.2/examples/reader7.py
+#usr/share/doc/libxml2-python-2.9.2/examples/reader8.py
+#usr/share/doc/libxml2-python-2.9.2/examples/readererr.py
+#usr/share/doc/libxml2-python-2.9.2/examples/readernext.py
+#usr/share/doc/libxml2-python-2.9.2/examples/regexp.py
+#usr/share/doc/libxml2-python-2.9.2/examples/relaxng.py
+#usr/share/doc/libxml2-python-2.9.2/examples/resolver.py
+#usr/share/doc/libxml2-python-2.9.2/examples/schema.py
+#usr/share/doc/libxml2-python-2.9.2/examples/serialize.py
+#usr/share/doc/libxml2-python-2.9.2/examples/sync.py
+#usr/share/doc/libxml2-python-2.9.2/examples/test.dtd
+#usr/share/doc/libxml2-python-2.9.2/examples/thread2.py
+#usr/share/doc/libxml2-python-2.9.2/examples/tst.py
+#usr/share/doc/libxml2-python-2.9.2/examples/tst.xml
+#usr/share/doc/libxml2-python-2.9.2/examples/tstLastError.py
+#usr/share/doc/libxml2-python-2.9.2/examples/tstURI.py
+#usr/share/doc/libxml2-python-2.9.2/examples/tstmem.py
+#usr/share/doc/libxml2-python-2.9.2/examples/tstxpath.py
+#usr/share/doc/libxml2-python-2.9.2/examples/valid.xml
+#usr/share/doc/libxml2-python-2.9.2/examples/validDTD.py
+#usr/share/doc/libxml2-python-2.9.2/examples/validRNG.py
+#usr/share/doc/libxml2-python-2.9.2/examples/validSchemas.py
+#usr/share/doc/libxml2-python-2.9.2/examples/validate.py
+#usr/share/doc/libxml2-python-2.9.2/examples/walker.py
+#usr/share/doc/libxml2-python-2.9.2/examples/xpath.py
+#usr/share/doc/libxml2-python-2.9.2/examples/xpathext.py
+#usr/share/doc/libxml2-python-2.9.2/examples/xpathleak.py
+#usr/share/doc/libxml2-python-2.9.2/examples/xpathns.py
+#usr/share/doc/libxml2-python-2.9.2/examples/xpathret.py
#usr/share/gtk-doc/html/libxml2
#usr/share/gtk-doc/html/libxml2/general.html
#usr/share/gtk-doc/html/libxml2/home.png
#usr/include/libxslt/xsltInternals.h
#usr/include/libxslt/xsltconfig.h
#usr/include/libxslt/xsltexports.h
+#usr/include/libxslt/xsltlocale.h
#usr/include/libxslt/xsltutils.h
#usr/lib/libexslt.a
#usr/lib/libexslt.la
usr/lib/libexslt.so
usr/lib/libexslt.so.0
-usr/lib/libexslt.so.0.8.13
+usr/lib/libexslt.so.0.8.17
#usr/lib/libxslt-plugins
#usr/lib/libxslt.a
#usr/lib/libxslt.la
usr/lib/libxslt.so
usr/lib/libxslt.so.1
-usr/lib/libxslt.so.1.1.17
+usr/lib/libxslt.so.1.1.28
#usr/lib/pkgconfig/libexslt.pc
#usr/lib/pkgconfig/libxslt.pc
usr/lib/python2.7/site-packages/libxml2.pyc
#usr/lib/python2.7/site-packages/libxsltmod.la
usr/lib/python2.7/site-packages/libxsltmod.so
#usr/lib/xsltConf.sh
-#usr/man/man1/xsltproc.1
-#usr/man/man3/libexslt.3
-#usr/man/man3/libxslt.3
#usr/share/aclocal/libxslt.m4
-#usr/share/doc/libxslt-1.1.17
-#usr/share/doc/libxslt-1.1.17/html
-#usr/share/doc/libxslt-1.1.17/html/API.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk0.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk1.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk2.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk3.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk4.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk5.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk6.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk7.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk8.html
-#usr/share/doc/libxslt-1.1.17/html/APIchunk9.html
-#usr/share/doc/libxslt-1.1.17/html/APIconstructors.html
-#usr/share/doc/libxslt-1.1.17/html/APIfiles.html
-#usr/share/doc/libxslt-1.1.17/html/APIfunctions.html
-#usr/share/doc/libxslt-1.1.17/html/APIsymbols.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIchunk0.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIconstructors.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIfiles.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIfunctions.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/APIsymbols.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/bugs.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/docs.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/downloads.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/exslt.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/help.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/index.html
-#usr/share/doc/libxslt-1.1.17/html/EXSLT/intro.html
-#usr/share/doc/libxslt-1.1.17/html/FAQ.html
-#usr/share/doc/libxslt-1.1.17/html/Libxslt-Logo-180x168.gif
-#usr/share/doc/libxslt-1.1.17/html/Libxslt-Logo-90x34.gif
-#usr/share/doc/libxslt-1.1.17/html/bugs.html
-#usr/share/doc/libxslt-1.1.17/html/contexts.gif
-#usr/share/doc/libxslt-1.1.17/html/contribs.html
-#usr/share/doc/libxslt-1.1.17/html/docbook.html
-#usr/share/doc/libxslt-1.1.17/html/docs.html
-#usr/share/doc/libxslt-1.1.17/html/downloads.html
-#usr/share/doc/libxslt-1.1.17/html/extensions.html
-#usr/share/doc/libxslt-1.1.17/html/help.html
-#usr/share/doc/libxslt-1.1.17/html/html
-#usr/share/doc/libxslt-1.1.17/html/html/book1.html
-#usr/share/doc/libxslt-1.1.17/html/html/home.png
-#usr/share/doc/libxslt-1.1.17/html/html/index.html
-#usr/share/doc/libxslt-1.1.17/html/html/left.png
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-attributes.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-documents.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-extensions.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-extra.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-functions.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-imports.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-keys.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-lib.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-namespaces.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-numbersInternals.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-pattern.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-preproc.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-security.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-templates.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-transform.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-variables.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xslt.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xsltInternals.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xsltexports.html
-#usr/share/doc/libxslt-1.1.17/html/html/libxslt-xsltutils.html
-#usr/share/doc/libxslt-1.1.17/html/html/right.png
-#usr/share/doc/libxslt-1.1.17/html/html/up.png
-#usr/share/doc/libxslt-1.1.17/html/index.html
-#usr/share/doc/libxslt-1.1.17/html/internals.html
-#usr/share/doc/libxslt-1.1.17/html/intro.html
-#usr/share/doc/libxslt-1.1.17/html/news.html
-#usr/share/doc/libxslt-1.1.17/html/node.gif
-#usr/share/doc/libxslt-1.1.17/html/object.gif
-#usr/share/doc/libxslt-1.1.17/html/processing.gif
-#usr/share/doc/libxslt-1.1.17/html/python.html
-#usr/share/doc/libxslt-1.1.17/html/redhat.gif
-#usr/share/doc/libxslt-1.1.17/html/smallfootonly.gif
-#usr/share/doc/libxslt-1.1.17/html/stylesheet.gif
-#usr/share/doc/libxslt-1.1.17/html/templates.gif
-#usr/share/doc/libxslt-1.1.17/html/tutorial
-#usr/share/doc/libxslt-1.1.17/html/tutorial/libxslt_tutorial.c
-#usr/share/doc/libxslt-1.1.17/html/tutorial/libxslttutorial.html
-#usr/share/doc/libxslt-1.1.17/html/tutorial/libxslttutorial.xml
-#usr/share/doc/libxslt-1.1.17/html/tutorial2
-#usr/share/doc/libxslt-1.1.17/html/tutorial2/libxslt_pipes.c
-#usr/share/doc/libxslt-1.1.17/html/tutorial2/libxslt_pipes.html
-#usr/share/doc/libxslt-1.1.17/html/tutorial2/libxslt_pipes.xml
-#usr/share/doc/libxslt-1.1.17/html/xslt.html
-#usr/share/doc/libxslt-1.1.17/html/xsltproc.html
-#usr/share/doc/libxslt-1.1.17/html/xsltproc2.html
-#usr/share/doc/libxslt-python-1.1.17
-#usr/share/doc/libxslt-python-1.1.17/TODO
-#usr/share/doc/libxslt-python-1.1.17/examples
-#usr/share/doc/libxslt-python-1.1.17/examples/basic.py
-#usr/share/doc/libxslt-python-1.1.17/examples/exslt.py
-#usr/share/doc/libxslt-python-1.1.17/examples/extelem.py
-#usr/share/doc/libxslt-python-1.1.17/examples/extfunc.py
-#usr/share/doc/libxslt-python-1.1.17/examples/pyxsltproc.py
-#usr/share/doc/libxslt-python-1.1.17/examples/test.xml
-#usr/share/doc/libxslt-python-1.1.17/examples/test.xsl
+#usr/share/doc/libxslt-1.1.28
+#usr/share/doc/libxslt-1.1.28/html
+#usr/share/doc/libxslt-1.1.28/html/API.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk0.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk1.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk10.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk11.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk12.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk13.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk2.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk3.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk4.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk5.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk6.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk7.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk8.html
+#usr/share/doc/libxslt-1.1.28/html/APIchunk9.html
+#usr/share/doc/libxslt-1.1.28/html/APIconstructors.html
+#usr/share/doc/libxslt-1.1.28/html/APIfiles.html
+#usr/share/doc/libxslt-1.1.28/html/APIfunctions.html
+#usr/share/doc/libxslt-1.1.28/html/APIsymbols.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/APIchunk0.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/APIconstructors.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/APIfiles.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/APIfunctions.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/APIsymbols.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/bugs.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/docs.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/downloads.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/exslt.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/help.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/index.html
+#usr/share/doc/libxslt-1.1.28/html/EXSLT/intro.html
+#usr/share/doc/libxslt-1.1.28/html/FAQ.html
+#usr/share/doc/libxslt-1.1.28/html/Libxslt-Logo-180x168.gif
+#usr/share/doc/libxslt-1.1.28/html/Libxslt-Logo-90x34.gif
+#usr/share/doc/libxslt-1.1.28/html/bugs.html
+#usr/share/doc/libxslt-1.1.28/html/contexts.gif
+#usr/share/doc/libxslt-1.1.28/html/contribs.html
+#usr/share/doc/libxslt-1.1.28/html/docbook.html
+#usr/share/doc/libxslt-1.1.28/html/docs.html
+#usr/share/doc/libxslt-1.1.28/html/downloads.html
+#usr/share/doc/libxslt-1.1.28/html/extensions.html
+#usr/share/doc/libxslt-1.1.28/html/help.html
+#usr/share/doc/libxslt-1.1.28/html/html
+#usr/share/doc/libxslt-1.1.28/html/html/book1.html
+#usr/share/doc/libxslt-1.1.28/html/html/home.png
+#usr/share/doc/libxslt-1.1.28/html/html/index.html
+#usr/share/doc/libxslt-1.1.28/html/html/left.png
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-attributes.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-documents.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-extensions.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-extra.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-functions.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-imports.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-keys.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-lib.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-namespaces.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-numbersInternals.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-pattern.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-preproc.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-security.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-templates.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-transform.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-variables.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-xslt.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-xsltInternals.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-xsltexports.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-xsltlocale.html
+#usr/share/doc/libxslt-1.1.28/html/html/libxslt-xsltutils.html
+#usr/share/doc/libxslt-1.1.28/html/html/right.png
+#usr/share/doc/libxslt-1.1.28/html/html/up.png
+#usr/share/doc/libxslt-1.1.28/html/index.html
+#usr/share/doc/libxslt-1.1.28/html/internals.html
+#usr/share/doc/libxslt-1.1.28/html/intro.html
+#usr/share/doc/libxslt-1.1.28/html/news.html
+#usr/share/doc/libxslt-1.1.28/html/node.gif
+#usr/share/doc/libxslt-1.1.28/html/object.gif
+#usr/share/doc/libxslt-1.1.28/html/processing.gif
+#usr/share/doc/libxslt-1.1.28/html/python.html
+#usr/share/doc/libxslt-1.1.28/html/redhat.gif
+#usr/share/doc/libxslt-1.1.28/html/smallfootonly.gif
+#usr/share/doc/libxslt-1.1.28/html/stylesheet.gif
+#usr/share/doc/libxslt-1.1.28/html/templates.gif
+#usr/share/doc/libxslt-1.1.28/html/tutorial
+#usr/share/doc/libxslt-1.1.28/html/tutorial/libxslt_tutorial.c
+#usr/share/doc/libxslt-1.1.28/html/tutorial/libxslttutorial.html
+#usr/share/doc/libxslt-1.1.28/html/tutorial/libxslttutorial.xml
+#usr/share/doc/libxslt-1.1.28/html/tutorial2
+#usr/share/doc/libxslt-1.1.28/html/tutorial2/libxslt_pipes.c
+#usr/share/doc/libxslt-1.1.28/html/tutorial2/libxslt_pipes.html
+#usr/share/doc/libxslt-1.1.28/html/tutorial2/libxslt_pipes.xml
+#usr/share/doc/libxslt-1.1.28/html/xslt.html
+#usr/share/doc/libxslt-1.1.28/html/xsltproc.html
+#usr/share/doc/libxslt-1.1.28/html/xsltproc2.html
+#usr/share/doc/libxslt-python-1.1.28
+#usr/share/doc/libxslt-python-1.1.28/TODO
+#usr/share/doc/libxslt-python-1.1.28/examples
+#usr/share/doc/libxslt-python-1.1.28/examples/basic.py
+#usr/share/doc/libxslt-python-1.1.28/examples/exslt.py
+#usr/share/doc/libxslt-python-1.1.28/examples/extelem.py
+#usr/share/doc/libxslt-python-1.1.28/examples/extfunc.py
+#usr/share/doc/libxslt-python-1.1.28/examples/pyxsltproc.py
+#usr/share/doc/libxslt-python-1.1.28/examples/test.xml
+#usr/share/doc/libxslt-python-1.1.28/examples/test.xsl
+#usr/share/man/man1/xsltproc.1
+#usr/share/man/man3/libexslt.3
+#usr/share/man/man3/libxslt.3
#etc/logrotate.d
etc/logrotate.d/.empty
+#usr/man/man5/logrotate.conf.5
#usr/man/man8/logrotate.8
usr/sbin/logrotate
var/lib/logrotate.status
#etc/logwatch
etc/logwatch/conf
-#etc/logwatch/conf/html
+#etc/logwatch/logwatch.cron
#etc/logwatch/conf/ignore.conf
#etc/logwatch/conf/logfiles
#etc/logwatch/conf/logwatch.conf
#usr/share/logwatch/default.conf/html/header.html
usr/share/logwatch/default.conf/ignore.conf
#usr/share/logwatch/default.conf/logfiles
+#usr/share/logwatch/default.conf/logfiles/audit_log.conf
#usr/share/logwatch/default.conf/logfiles/autorpm.conf
#usr/share/logwatch/default.conf/logfiles/bfd.conf
#usr/share/logwatch/default.conf/logfiles/cisco.conf
+#usr/share/logwatch/default.conf/logfiles/citadel.conf
usr/share/logwatch/default.conf/logfiles/clam-update.conf
+#usr/share/logwatch/default.conf/logfiles/clamav.conf
usr/share/logwatch/default.conf/logfiles/cron.conf
#usr/share/logwatch/default.conf/logfiles/daemon.conf
#usr/share/logwatch/default.conf/logfiles/denyhosts.conf
+#usr/share/logwatch/default.conf/logfiles/dirsrv.conf
#usr/share/logwatch/default.conf/logfiles/dnssec.conf
#usr/share/logwatch/default.conf/logfiles/dpkg.conf
#usr/share/logwatch/default.conf/logfiles/emerge.conf
#usr/share/logwatch/default.conf/logfiles/exim.conf
#usr/share/logwatch/default.conf/logfiles/extreme-networks.conf
#usr/share/logwatch/default.conf/logfiles/fail2ban.conf
+#usr/share/logwatch/default.conf/logfiles/freeradius.conf
+#usr/share/logwatch/default.conf/logfiles/http-error.conf
usr/share/logwatch/default.conf/logfiles/http.conf
usr/share/logwatch/default.conf/logfiles/iptables.conf
usr/share/logwatch/default.conf/logfiles/kernel.conf
usr/share/logwatch/default.conf/logfiles/maillog.conf
usr/share/logwatch/default.conf/logfiles/messages.conf
+#usr/share/logwatch/default.conf/logfiles/mysql-mmm.conf
+#usr/share/logwatch/default.conf/logfiles/mysql.conf
#usr/share/logwatch/default.conf/logfiles/netopia.conf
#usr/share/logwatch/default.conf/logfiles/netscreen.conf
usr/share/logwatch/default.conf/logfiles/php.conf
#usr/share/logwatch/default.conf/logfiles/pix.conf
+#usr/share/logwatch/default.conf/logfiles/postgresql.conf
#usr/share/logwatch/default.conf/logfiles/pureftp.conf
#usr/share/logwatch/default.conf/logfiles/qmail-pop3d-current.conf
#usr/share/logwatch/default.conf/logfiles/qmail-pop3ds-current.conf
usr/share/logwatch/default.conf/logfiles/samba.conf
#usr/share/logwatch/default.conf/logfiles/secure.conf
#usr/share/logwatch/default.conf/logfiles/sonicwall.conf
+#usr/share/logwatch/default.conf/logfiles/spamassassin.conf
usr/share/logwatch/default.conf/logfiles/syslog.conf
#usr/share/logwatch/default.conf/logfiles/tac_acc.conf
+#usr/share/logwatch/default.conf/logfiles/tivoli-smc.conf
#usr/share/logwatch/default.conf/logfiles/up2date.conf
+#usr/share/logwatch/default.conf/logfiles/vdr.conf
usr/share/logwatch/default.conf/logfiles/vsftpd.conf
usr/share/logwatch/default.conf/logfiles/windows.conf
usr/share/logwatch/default.conf/logfiles/xferlog.conf
#usr/share/logwatch/default.conf/logfiles/yum.conf
+#usr/share/logwatch/default.conf/logfiles/zypp.conf
usr/share/logwatch/default.conf/logwatch.conf
usr/share/logwatch/default.conf/services
#usr/share/logwatch/default.conf/services/afpd.conf
#usr/share/logwatch/default.conf/services/audit.conf
#usr/share/logwatch/default.conf/services/automount.conf
#usr/share/logwatch/default.conf/services/autorpm.conf
+#usr/share/logwatch/default.conf/services/barracuda.conf
#usr/share/logwatch/default.conf/services/bfd.conf
#usr/share/logwatch/default.conf/services/cisco.conf
+#usr/share/logwatch/default.conf/services/citadel.conf
usr/share/logwatch/default.conf/services/clam-update.conf
#usr/share/logwatch/default.conf/services/clamav-milter.conf
usr/share/logwatch/default.conf/services/clamav.conf
usr/share/logwatch/default.conf/services/cron.conf
#usr/share/logwatch/default.conf/services/denyhosts.conf
usr/share/logwatch/default.conf/services/dhcpd.conf
+#usr/share/logwatch/default.conf/services/dirsrv.conf
#usr/share/logwatch/default.conf/services/dnssec.conf
#usr/share/logwatch/default.conf/services/dovecot.conf
#usr/share/logwatch/default.conf/services/dpkg.conf
#usr/share/logwatch/default.conf/services/eximstats.conf
#usr/share/logwatch/default.conf/services/extreme-networks.conf
#usr/share/logwatch/default.conf/services/fail2ban.conf
+#usr/share/logwatch/default.conf/services/fetchmail.conf
+#usr/share/logwatch/default.conf/services/freeradius.conf
#usr/share/logwatch/default.conf/services/ftpd-messages.conf
#usr/share/logwatch/default.conf/services/ftpd-xferlog.conf
+#usr/share/logwatch/default.conf/services/http-error.conf
usr/share/logwatch/default.conf/services/http.conf
#usr/share/logwatch/default.conf/services/identd.conf
usr/share/logwatch/default.conf/services/imapd.conf
usr/share/logwatch/default.conf/services/ipop3d.conf
usr/share/logwatch/default.conf/services/iptables.conf
usr/share/logwatch/default.conf/services/kernel.conf
+#usr/share/logwatch/default.conf/services/knockd.conf
+#usr/share/logwatch/default.conf/services/lvm.conf
#usr/share/logwatch/default.conf/services/mailscanner.conf
+#usr/share/logwatch/default.conf/services/mdadm.conf
+#usr/share/logwatch/default.conf/services/mod_security2.conf
usr/share/logwatch/default.conf/services/modprobe.conf
#usr/share/logwatch/default.conf/services/mountd.conf
+#usr/share/logwatch/default.conf/services/mysql-mmm.conf
+#usr/share/logwatch/default.conf/services/mysql.conf
#usr/share/logwatch/default.conf/services/named.conf
#usr/share/logwatch/default.conf/services/netopia.conf
#usr/share/logwatch/default.conf/services/netscreen.conf
#usr/share/logwatch/default.conf/services/oidentd.conf
+#usr/share/logwatch/default.conf/services/omsa.conf
usr/share/logwatch/default.conf/services/openvpn.conf
usr/share/logwatch/default.conf/services/pam.conf
usr/share/logwatch/default.conf/services/pam_pwdb.conf
usr/share/logwatch/default.conf/services/pop3.conf
#usr/share/logwatch/default.conf/services/portsentry.conf
usr/share/logwatch/default.conf/services/postfix.conf
+#usr/share/logwatch/default.conf/services/postgresql.conf
#usr/share/logwatch/default.conf/services/pound.conf
#usr/share/logwatch/default.conf/services/proftpd-messages.conf
+#usr/share/logwatch/default.conf/services/puppet.conf
#usr/share/logwatch/default.conf/services/pureftpd.conf
#usr/share/logwatch/default.conf/services/qmail-pop3d.conf
#usr/share/logwatch/default.conf/services/qmail-pop3ds.conf
#usr/share/logwatch/default.conf/services/qmail.conf
#usr/share/logwatch/default.conf/services/raid.conf
usr/share/logwatch/default.conf/services/resolver.conf
+#usr/share/logwatch/default.conf/services/rsyslogd.conf
#usr/share/logwatch/default.conf/services/rt314.conf
usr/share/logwatch/default.conf/services/samba.conf
usr/share/logwatch/default.conf/services/saslauthd.conf
#usr/share/logwatch/default.conf/services/slon.conf
#usr/share/logwatch/default.conf/services/smartd.conf
#usr/share/logwatch/default.conf/services/sonicwall.conf
+#usr/share/logwatch/default.conf/services/spamassassin.conf
usr/share/logwatch/default.conf/services/sshd.conf
usr/share/logwatch/default.conf/services/sshd2.conf
#usr/share/logwatch/default.conf/services/stunnel.conf
usr/share/logwatch/default.conf/services/sudo.conf
+#usr/share/logwatch/default.conf/services/syslog-ng.conf
usr/share/logwatch/default.conf/services/syslogd.conf
#usr/share/logwatch/default.conf/services/tac_acc.conf
+#usr/share/logwatch/default.conf/services/tivoli-smc.conf
#usr/share/logwatch/default.conf/services/up2date.conf
+#usr/share/logwatch/default.conf/services/vdr.conf
#usr/share/logwatch/default.conf/services/vpopmail.conf
usr/share/logwatch/default.conf/services/vsftpd.conf
usr/share/logwatch/default.conf/services/windows.conf
#usr/share/logwatch/default.conf/services/xntpd.conf
#usr/share/logwatch/default.conf/services/yum.conf
+#usr/share/logwatch/default.conf/services/zypp.conf
usr/share/logwatch/default.conf/services/zz-disk_space.conf
#usr/share/logwatch/default.conf/services/zz-fortune.conf
+#usr/share/logwatch/default.conf/services/zz-lm_sensors.conf
usr/share/logwatch/default.conf/services/zz-network.conf
usr/share/logwatch/default.conf/services/zz-runtime.conf
#usr/share/logwatch/default.conf/services/zz-sys.conf
+#usr/share/logwatch/default.conf/services/zz-zfs.conf
#usr/share/logwatch/dist.conf
usr/share/logwatch/dist.conf/logfiles
usr/share/logwatch/dist.conf/services
#usr/share/logwatch/scripts/services/audit
#usr/share/logwatch/scripts/services/automount
#usr/share/logwatch/scripts/services/autorpm
+#usr/share/logwatch/scripts/services/barracuda
#usr/share/logwatch/scripts/services/bfd
#usr/share/logwatch/scripts/services/cisco
+#usr/share/logwatch/scripts/services/citadel
usr/share/logwatch/scripts/services/clam-update
usr/share/logwatch/scripts/services/clamav
#usr/share/logwatch/scripts/services/clamav-milter
#usr/share/logwatch/scripts/services/denyhosts
usr/share/logwatch/scripts/services/dhcpd
usr/share/logwatch/scripts/services/dialup
+#usr/share/logwatch/scripts/services/dirsrv
#usr/share/logwatch/scripts/services/dnssec
#usr/share/logwatch/scripts/services/dovecot
#usr/share/logwatch/scripts/services/dpkg
#usr/share/logwatch/scripts/services/eximstats
#usr/share/logwatch/scripts/services/extreme-networks
#usr/share/logwatch/scripts/services/fail2ban
+#usr/share/logwatch/scripts/services/fetchmail
+#usr/share/logwatch/scripts/services/freeradius
#usr/share/logwatch/scripts/services/ftpd-messages
#usr/share/logwatch/scripts/services/ftpd-xferlog
usr/share/logwatch/scripts/services/http
+#usr/share/logwatch/scripts/services/http-error
#usr/share/logwatch/scripts/services/identd
usr/share/logwatch/scripts/services/imapd
#usr/share/logwatch/scripts/services/in.qpopper
usr/share/logwatch/scripts/services/ipop3d
usr/share/logwatch/scripts/services/iptables
usr/share/logwatch/scripts/services/kernel
+#usr/share/logwatch/scripts/services/knockd
+#usr/share/logwatch/scripts/services/lvm
#usr/share/logwatch/scripts/services/mailscanner
+#usr/share/logwatch/scripts/services/mdadm
+#usr/share/logwatch/scripts/services/mod_security2
usr/share/logwatch/scripts/services/modprobe
#usr/share/logwatch/scripts/services/mountd
+#usr/share/logwatch/scripts/services/mysql
+#usr/share/logwatch/scripts/services/mysql-mmm
#usr/share/logwatch/scripts/services/named
#usr/share/logwatch/scripts/services/netopia
#usr/share/logwatch/scripts/services/netscreen
#usr/share/logwatch/scripts/services/oidentd
+#usr/share/logwatch/scripts/services/omsa
usr/share/logwatch/scripts/services/openvpn
usr/share/logwatch/scripts/services/pam
usr/share/logwatch/scripts/services/pam_pwdb
usr/share/logwatch/scripts/services/pop3
#usr/share/logwatch/scripts/services/portsentry
usr/share/logwatch/scripts/services/postfix
+#usr/share/logwatch/scripts/services/postgresql
#usr/share/logwatch/scripts/services/pound
#usr/share/logwatch/scripts/services/proftpd-messages
+#usr/share/logwatch/scripts/services/puppet
#usr/share/logwatch/scripts/services/pureftpd
#usr/share/logwatch/scripts/services/qmail
#usr/share/logwatch/scripts/services/qmail-pop3d
#usr/share/logwatch/scripts/services/qmail-smtpd
#usr/share/logwatch/scripts/services/raid
#usr/share/logwatch/scripts/services/resolver
+#usr/share/logwatch/scripts/services/rsyslogd
#usr/share/logwatch/scripts/services/rt314
usr/share/logwatch/scripts/services/samba
usr/share/logwatch/scripts/services/saslauthd
#usr/share/logwatch/scripts/services/slon
#usr/share/logwatch/scripts/services/smartd
#usr/share/logwatch/scripts/services/sonicwall
+#usr/share/logwatch/scripts/services/spamassassin
usr/share/logwatch/scripts/services/sshd
usr/share/logwatch/scripts/services/sshd2
#usr/share/logwatch/scripts/services/stunnel
usr/share/logwatch/scripts/services/sudo
+#usr/share/logwatch/scripts/services/syslog-ng
usr/share/logwatch/scripts/services/syslogd
#usr/share/logwatch/scripts/services/tac_acc
+#usr/share/logwatch/scripts/services/tivoli-smc
#usr/share/logwatch/scripts/services/up2date
+#usr/share/logwatch/scripts/services/vdr
#usr/share/logwatch/scripts/services/vpopmail
usr/share/logwatch/scripts/services/vsftpd
usr/share/logwatch/scripts/services/windows
#usr/share/logwatch/scripts/services/xntpd
#usr/share/logwatch/scripts/services/yum
+#usr/share/logwatch/scripts/services/zypp
usr/share/logwatch/scripts/services/zz-disk_space
#usr/share/logwatch/scripts/services/zz-fortune
+#usr/share/logwatch/scripts/services/zz-lm_sensors
usr/share/logwatch/scripts/services/zz-network
usr/share/logwatch/scripts/services/zz-runtime
#usr/share/logwatch/scripts/services/zz-sys
+#usr/share/logwatch/scripts/services/zz-zfs
#usr/share/logwatch/scripts/shared
usr/share/logwatch/scripts/shared/applybinddate
usr/share/logwatch/scripts/shared/applyeurodate
usr/share/logwatch/scripts/shared/remove
usr/share/logwatch/scripts/shared/removeheaders
usr/share/logwatch/scripts/shared/removeservice
+#usr/share/man/man1/amavis-logwatch.1
+#usr/share/man/man1/postfix-logwatch.1
+#usr/share/man/man5/ignore.conf.5
+#usr/share/man/man5/logwatch.conf.5
+#usr/share/man/man5/override.conf.5
#usr/share/man/man8/logwatch.8
var/cache/logwatch
var/log/logwatch
#usr/local/bin/applejuicectrl
usr/local/bin/backupctrl
#usr/local/bin/clamavctrl
+usr/local/bin/collectdctrl
+usr/local/bin/ddnsctrl
usr/local/bin/dhcpctrl
usr/local/bin/dnsmasqctrl
usr/local/bin/extrahdctrl
#usr/lib/libnewt.a
#usr/lib/libnewt.so
usr/lib/libnewt.so.0.52
-usr/lib/libnewt.so.0.52.17
+usr/lib/libnewt.so.0.52.18
#usr/lib/pkgconfig/libnewt.pc
#usr/lib/python2.7/site-packages/_snack.so
#usr/lib/python2.7/site-packages/snack.py
#usr/share/locale/as
#usr/share/locale/as/LC_MESSAGES
#usr/share/locale/as/LC_MESSAGES/newt.mo
-#usr/share/locale/ast
-#usr/share/locale/ast/LC_MESSAGES
#usr/share/locale/ast/LC_MESSAGES/newt.mo
#usr/share/locale/bal
#usr/share/locale/bal/LC_MESSAGES
#usr/share/locale/nn
#usr/share/locale/nn/LC_MESSAGES
#usr/share/locale/nn/LC_MESSAGES/newt.mo
-#usr/share/locale/pa
-#usr/share/locale/pa/LC_MESSAGES
#usr/share/locale/pa/LC_MESSAGES/newt.mo
#usr/share/locale/pl/LC_MESSAGES/newt.mo
#usr/share/locale/pt/LC_MESSAGES/newt.mo
+++ /dev/null
-usr/lib/libcrypto.so.0.9.8
-usr/lib/libssl.so.0.9.8
#usr/lib/libpcre.la
usr/lib/libpcre.so
usr/lib/libpcre.so.1
-usr/lib/libpcre.so.1.2.4
+usr/lib/libpcre.so.1.2.5
#usr/lib/libpcrecpp.la
usr/lib/libpcrecpp.so
usr/lib/libpcrecpp.so.0
--- /dev/null
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/Text
+usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/Text/CSV_XS.pm
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Text
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Text/CSV_XS
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Text/CSV_XS/.packlist
+#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Text/CSV_XS/CSV_XS.bs
+usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Text/CSV_XS/CSV_XS.so
+#usr/share/man/man3/Text::CSV_XS.3
#usr/include/slcurses.h
#usr/lib/libslang.so
usr/lib/libslang.so.2
-usr/lib/libslang.so.2.2.4
+usr/lib/libslang.so.2.3.0
#usr/lib/pkgconfig/slang.pc
#usr/lib/slang
#usr/lib/slang/v2
#usr/lib/slang/v2/modules
+usr/lib/slang/v2/modules/base64-module.so
+usr/lib/slang/v2/modules/chksum-module.so
usr/lib/slang/v2/modules/csv-module.so
usr/lib/slang/v2/modules/fcntl-module.so
usr/lib/slang/v2/modules/fork-module.so
+usr/lib/slang/v2/modules/histogram-module.so
usr/lib/slang/v2/modules/iconv-module.so
+usr/lib/slang/v2/modules/json-module.so
usr/lib/slang/v2/modules/pcre-module.so
usr/lib/slang/v2/modules/png-module.so
usr/lib/slang/v2/modules/rand-module.so
usr/lib/slang/v2/modules/select-module.so
usr/lib/slang/v2/modules/slsmg-module.so
usr/lib/slang/v2/modules/socket-module.so
+usr/lib/slang/v2/modules/stats-module.so
usr/lib/slang/v2/modules/sysconf-module.so
usr/lib/slang/v2/modules/termios-module.so
usr/lib/slang/v2/modules/varray-module.so
#usr/share/doc/slsh
#usr/share/doc/slsh/html
#usr/share/doc/slsh/html/slshfun-1.html
+#usr/share/doc/slsh/html/slshfun-10.html
+#usr/share/doc/slsh/html/slshfun-11.html
+#usr/share/doc/slsh/html/slshfun-12.html
+#usr/share/doc/slsh/html/slshfun-13.html
#usr/share/doc/slsh/html/slshfun-2.html
#usr/share/doc/slsh/html/slshfun-3.html
#usr/share/doc/slsh/html/slshfun-4.html
#usr/share/slsh
#usr/share/slsh/arrayfuns.sl
#usr/share/slsh/autoload.sl
+#usr/share/slsh/base64.sl
+#usr/share/slsh/chksum.sl
#usr/share/slsh/cmaps
#usr/share/slsh/cmaps/cool.map
#usr/share/slsh/cmaps/coolwarm.map
#usr/share/slsh/cmaps/copper.map
+#usr/share/slsh/cmaps/cubicl.map
+#usr/share/slsh/cmaps/cubicyf.map
#usr/share/slsh/cmaps/drywet.map
#usr/share/slsh/cmaps/ds9b.map
#usr/share/slsh/cmaps/ds9sls.map
+#usr/share/slsh/cmaps/edge.map
#usr/share/slsh/cmaps/gebco.map
#usr/share/slsh/cmaps/globe.map
#usr/share/slsh/cmaps/gray.map
#usr/share/slsh/csv.sl
#usr/share/slsh/fcntl.sl
#usr/share/slsh/fork.sl
+#usr/share/slsh/fswalk.sl
#usr/share/slsh/glob.sl
#usr/share/slsh/help
#usr/share/slsh/help/arrayfuns.hlp
+#usr/share/slsh/help/base64funs.hlp
+#usr/share/slsh/help/chksumfuns.hlp
#usr/share/slsh/help/cmdopt.hlp
#usr/share/slsh/help/csvfuns.hlp
#usr/share/slsh/help/forkfuns.hlp
+#usr/share/slsh/help/fswalk.hlp
#usr/share/slsh/help/glob.hlp
+#usr/share/slsh/help/histfuns.hlp
+#usr/share/slsh/help/jsonfuns.hlp
+#usr/share/slsh/help/listfuns.hlp
#usr/share/slsh/help/onigfuns.hlp
#usr/share/slsh/help/pcrefuns.hlp
#usr/share/slsh/help/pngfuns.hlp
#usr/share/slsh/help/setfuns.hlp
#usr/share/slsh/help/slsmg.hlp
#usr/share/slsh/help/sockfuns.hlp
+#usr/share/slsh/help/statsfuns.hlp
#usr/share/slsh/help/structfuns.hlp
+#usr/share/slsh/histogram.sl
#usr/share/slsh/iconv.sl
+#usr/share/slsh/json.sl
+#usr/share/slsh/listfuns.sl
#usr/share/slsh/local-packages
#usr/share/slsh/onig.sl
#usr/share/slsh/pcre.sl
#usr/share/slsh/slshrl.sl
#usr/share/slsh/slsmg.sl
#usr/share/slsh/socket.sl
+#usr/share/slsh/stats.sl
#usr/share/slsh/stkcheck.sl
#usr/share/slsh/structfuns.sl
#usr/share/slsh/sysconf.sl
usr/lib/squid/basic_smb_auth.sh
#usr/lib/squid/cachemgr.cgi
usr/lib/squid/cert_tool
-usr/lib/squid/cert_valid.pl
usr/lib/squid/digest_file_auth
usr/lib/squid/digest_ldap_auth
usr/lib/squid/diskd
usr/local/bin/timezone-transition
usr/local/bin/update-bootloader
usr/local/bin/update-lang-cache
+usr/local/bin/xt_geoip_build
+usr/local/bin/xt_geoip_update
#usr/local/include
#usr/local/lib
#usr/local/lib/sse2
#usr/local/share/man/man8
#usr/local/share/misc
#usr/local/share/terminfo
+#usr/local/share/xt_geoip
#usr/local/share/zoneinfo
#usr/local/src
#usr/sbin
usr/sbin/ovpn-ccd-convert
+usr/sbin/ovpn-collectd-convert
#usr/share
#usr/share/doc
#usr/share/doc/licenses
#usr/share/man/man8
#usr/share/misc
#usr/share/terminfo
+#usr/share/xt_geoip
#usr/share/zoneinfo
#var
#var/cache
etc/strongswan.d/charon.conf
etc/strongswan.d/charon/aes.conf
etc/strongswan.d/charon/attr.conf
+etc/strongswan.d/charon/ccm.conf
etc/strongswan.d/charon/cmac.conf
etc/strongswan.d/charon/constraints.conf
+etc/strongswan.d/charon/ctr.conf
etc/strongswan.d/charon/curl.conf
etc/strongswan.d/charon/des.conf
etc/strongswan.d/charon/dhcp.conf
etc/strongswan.d/charon/eap-ttls.conf
etc/strongswan.d/charon/farp.conf
etc/strongswan.d/charon/fips-prf.conf
+etc/strongswan.d/charon/gcm.conf
etc/strongswan.d/charon/gcrypt.conf
etc/strongswan.d/charon/gmp.conf
etc/strongswan.d/charon/hmac.conf
#usr/lib/ipsec/plugins
usr/lib/ipsec/plugins/libstrongswan-aes.so
usr/lib/ipsec/plugins/libstrongswan-attr.so
+usr/lib/ipsec/plugins/libstrongswan-ccm.so
usr/lib/ipsec/plugins/libstrongswan-cmac.so
usr/lib/ipsec/plugins/libstrongswan-constraints.so
+usr/lib/ipsec/plugins/libstrongswan-ctr.so
usr/lib/ipsec/plugins/libstrongswan-curl.so
usr/lib/ipsec/plugins/libstrongswan-dhcp.so
usr/lib/ipsec/plugins/libstrongswan-des.so
usr/lib/ipsec/plugins/libstrongswan-eap-ttls.so
usr/lib/ipsec/plugins/libstrongswan-farp.so
usr/lib/ipsec/plugins/libstrongswan-fips-prf.so
+usr/lib/ipsec/plugins/libstrongswan-gcm.so
usr/lib/ipsec/plugins/libstrongswan-gcrypt.so
usr/lib/ipsec/plugins/libstrongswan-gmp.so
usr/lib/ipsec/plugins/libstrongswan-hmac.so
#usr/libexec/ipsec
usr/libexec/ipsec/_copyright
usr/libexec/ipsec/_updown
-usr/libexec/ipsec/_updown_espmark
usr/libexec/ipsec/charon
usr/libexec/ipsec/scepclient
usr/libexec/ipsec/starter
#usr/share/man/man5/ipsec.secrets.5
#usr/share/man/man5/strongswan.conf.5
#usr/share/man/man8/_updown.8
-#usr/share/man/man8/_updown_espmark.8
#usr/share/man/man8/ipsec.8
#usr/share/man/man8/openac.8
#usr/share/man/man8/scepclient.8
#usr/share/strongswan/templates/config/plugins
#usr/share/strongswan/templates/config/plugins/aes.conf
#usr/share/strongswan/templates/config/plugins/attr.conf
+#usr/share/strongswan/templates/config/plugins/ccm.conf
#usr/share/strongswan/templates/config/plugins/cmac.conf
#usr/share/strongswan/templates/config/plugins/constraints.conf
+#usr/share/strongswan/templates/config/plugins/ctr.conf
#usr/share/strongswan/templates/config/plugins/curl.conf
#usr/share/strongswan/templates/config/plugins/des.conf
#usr/share/strongswan/templates/config/plugins/dhcp.conf
#usr/share/strongswan/templates/config/plugins/eap-ttls.conf
#usr/share/strongswan/templates/config/plugins/farp.conf
#usr/share/strongswan/templates/config/plugins/fips-prf.conf
+#usr/share/strongswan/templates/config/plugins/gcm.conf
#usr/share/strongswan/templates/config/plugins/gcrypt.conf
#usr/share/strongswan/templates/config/plugins/gmp.conf
#usr/share/strongswan/templates/config/plugins/hmac.conf
etc/modprobe.d/blacklist.conf
etc/udev
#etc/udev/rules.d
-#etc/udev/rules.d/30-persistent-network.rules
#etc/udev/rules.d/55-lfs.rules
#etc/udev/rules.d/81-cdrom.rules
#etc/udev/rules.d/83-cdrom-symlinks.rules
#lib/udev/hwdb.d/60-keyboard.hwdb
#lib/udev/init-net-rules.sh
#lib/udev/mtd_probe
+#lib/udev/network-hotplug-rename
#lib/udev/rule_generator.functions
#lib/udev/rules.d
#lib/udev/rules.d/25-alsa.rules
#lib/udev/rules.d/50-udev-default.rules
#lib/udev/rules.d/60-cdrom_id.rules
#lib/udev/rules.d/60-keyboard.rules
+#lib/udev/rules.d/60-net.rules
#lib/udev/rules.d/60-persistent-alsa.rules
#lib/udev/rules.d/60-persistent-input.rules
#lib/udev/rules.d/60-persistent-serial.rules
--- /dev/null
+srv/web/ipfire/cgi-bin/aliases.cgi
+#srv/web/ipfire/cgi-bin/asterisk
+#srv/web/ipfire/cgi-bin/asterisk/calls.cgi
+#srv/web/ipfire/cgi-bin/asterisk/conf
+#srv/web/ipfire/cgi-bin/asterisk/conf.cgi
+#srv/web/ipfire/cgi-bin/asterisk/conf/telbook.conf
+#srv/web/ipfire/cgi-bin/asterisk/status.cgi
+srv/web/ipfire/cgi-bin/atm-status.cgi
+srv/web/ipfire/cgi-bin/backup.cgi
+srv/web/ipfire/cgi-bin/bluetooth.cgi
+srv/web/ipfire/cgi-bin/chpasswd.cgi
+srv/web/ipfire/cgi-bin/connections.cgi
+srv/web/ipfire/cgi-bin/connscheduler.cgi
+srv/web/ipfire/cgi-bin/country.cgi
+srv/web/ipfire/cgi-bin/credits.cgi
+srv/web/ipfire/cgi-bin/ddns.cgi
+srv/web/ipfire/cgi-bin/dhcp.cgi
+srv/web/ipfire/cgi-bin/dns.cgi
+srv/web/ipfire/cgi-bin/dnsforward.cgi
+srv/web/ipfire/cgi-bin/entropy.cgi
+srv/web/ipfire/cgi-bin/extrahd.cgi
+srv/web/ipfire/cgi-bin/fireinfo.cgi
+srv/web/ipfire/cgi-bin/firewall.cgi
+srv/web/ipfire/cgi-bin/fwhosts.cgi
+srv/web/ipfire/cgi-bin/geoip-block.cgi
+srv/web/ipfire/cgi-bin/gpl.cgi
+srv/web/ipfire/cgi-bin/gui.cgi
+srv/web/ipfire/cgi-bin/hardwaregraphs.cgi
+srv/web/ipfire/cgi-bin/hosts.cgi
+srv/web/ipfire/cgi-bin/ids.cgi
+#srv/web/ipfire/cgi-bin/imspector.cgi
+srv/web/ipfire/cgi-bin/index.cgi
+srv/web/ipfire/cgi-bin/ipinfo.cgi
+srv/web/ipfire/cgi-bin/iptables.cgi
+srv/web/ipfire/cgi-bin/logs.cgi
+srv/web/ipfire/cgi-bin/logs.cgi/calamaris.dat
+srv/web/ipfire/cgi-bin/logs.cgi/config.dat
+srv/web/ipfire/cgi-bin/logs.cgi/firewalllog.dat
+srv/web/ipfire/cgi-bin/logs.cgi/firewalllogcountry.dat
+srv/web/ipfire/cgi-bin/logs.cgi/firewalllogip.dat
+srv/web/ipfire/cgi-bin/logs.cgi/firewalllogport.dat
+srv/web/ipfire/cgi-bin/logs.cgi/ids.dat
+srv/web/ipfire/cgi-bin/logs.cgi/log.dat
+srv/web/ipfire/cgi-bin/logs.cgi/proxylog.dat
+srv/web/ipfire/cgi-bin/logs.cgi/showrequestfromcountry.dat
+srv/web/ipfire/cgi-bin/logs.cgi/showrequestfromip.dat
+srv/web/ipfire/cgi-bin/logs.cgi/showrequestfromport.dat
+srv/web/ipfire/cgi-bin/logs.cgi/summary.dat
+srv/web/ipfire/cgi-bin/logs.cgi/urlfilter.dat
+srv/web/ipfire/cgi-bin/mac.cgi
+srv/web/ipfire/cgi-bin/mdstat.cgi
+srv/web/ipfire/cgi-bin/media.cgi
+srv/web/ipfire/cgi-bin/memory.cgi
+srv/web/ipfire/cgi-bin/modem-status.cgi
+srv/web/ipfire/cgi-bin/modem.cgi
+#srv/web/ipfire/cgi-bin/mpfire.cgi
+srv/web/ipfire/cgi-bin/netexternal.cgi
+srv/web/ipfire/cgi-bin/netinternal.cgi
+srv/web/ipfire/cgi-bin/netother.cgi
+srv/web/ipfire/cgi-bin/netovpnrw.cgi
+srv/web/ipfire/cgi-bin/netovpnsrv.cgi
+srv/web/ipfire/cgi-bin/optionsfw.cgi
+srv/web/ipfire/cgi-bin/ovpnmain.cgi
+srv/web/ipfire/cgi-bin/p2p-block.cgi
+srv/web/ipfire/cgi-bin/pakfire.cgi
+srv/web/ipfire/cgi-bin/pppsetup.cgi
+srv/web/ipfire/cgi-bin/proxy.cgi
+srv/web/ipfire/cgi-bin/qos.cgi
+srv/web/ipfire/cgi-bin/remote.cgi
+srv/web/ipfire/cgi-bin/routing.cgi
+#srv/web/ipfire/cgi-bin/samba.cgi
+#srv/web/ipfire/cgi-bin/sambahlp.cgi
+srv/web/ipfire/cgi-bin/services.cgi
+srv/web/ipfire/cgi-bin/shutdown.cgi
+srv/web/ipfire/cgi-bin/speed.cgi
+srv/web/ipfire/cgi-bin/system.cgi
+srv/web/ipfire/cgi-bin/time.cgi
+#srv/web/ipfire/cgi-bin/tor.cgi
+srv/web/ipfire/cgi-bin/traffic.cgi
+#srv/web/ipfire/cgi-bin/tripwire.cgi
+srv/web/ipfire/cgi-bin/updatexlrator.cgi
+#srv/web/ipfire/cgi-bin/upnp.cgi
+srv/web/ipfire/cgi-bin/urlfilter.cgi
+srv/web/ipfire/cgi-bin/vpnmain.cgi
+srv/web/ipfire/cgi-bin/wakeonlan.cgi
+srv/web/ipfire/cgi-bin/webaccess.cgi
+srv/web/ipfire/cgi-bin/wireless.cgi
+srv/web/ipfire/cgi-bin/wirelessclient.cgi
+srv/web/ipfire/cgi-bin/wlanap.cgi
+#srv/web/ipfire/html
+srv/web/ipfire/html/blob.gif
+srv/web/ipfire/html/clwarn.cgi
+srv/web/ipfire/html/dial.cgi
+srv/web/ipfire/html/favicon.ico
+#srv/web/ipfire/html/images
+srv/web/ipfire/html/images/IPFire.png
+srv/web/ipfire/html/images/add.gif
+srv/web/ipfire/html/images/addblue.gif
+srv/web/ipfire/html/images/addgreen.gif
+srv/web/ipfire/html/images/address-book-new.png
+srv/web/ipfire/html/images/application-certificate.png
+srv/web/ipfire/html/images/application-x-executable.png
+srv/web/ipfire/html/images/applications-accessories.png
+srv/web/ipfire/html/images/applications-development.png
+srv/web/ipfire/html/images/applications-games.png
+srv/web/ipfire/html/images/applications-graphics.png
+srv/web/ipfire/html/images/applications-internet.png
+srv/web/ipfire/html/images/applications-multimedia.png
+srv/web/ipfire/html/images/applications-office.png
+srv/web/ipfire/html/images/applications-other.png
+srv/web/ipfire/html/images/applications-system.png
+srv/web/ipfire/html/images/appointment-new.png
+srv/web/ipfire/html/images/audio-volume-high-red.png
+srv/web/ipfire/html/images/audio-volume-high.png
+srv/web/ipfire/html/images/audio-volume-low-red.png
+srv/web/ipfire/html/images/audio-volume-low.png
+srv/web/ipfire/html/images/audio-x-generic-red.png
+srv/web/ipfire/html/images/audio-x-generic.png
+srv/web/ipfire/html/images/background.gif
+srv/web/ipfire/html/images/bookmark-new.png
+srv/web/ipfire/html/images/clock.gif
+srv/web/ipfire/html/images/computer.png
+srv/web/ipfire/html/images/delete.gif
+srv/web/ipfire/html/images/dialog-error.png
+srv/web/ipfire/html/images/dialog-information.png
+srv/web/ipfire/html/images/dialog-warning.png
+srv/web/ipfire/html/images/dns_link.png
+srv/web/ipfire/html/images/document-new.png
+srv/web/ipfire/html/images/document-open.png
+srv/web/ipfire/html/images/document-print-preview.png
+srv/web/ipfire/html/images/document-print.png
+srv/web/ipfire/html/images/document-properties.png
+srv/web/ipfire/html/images/document-save-as.png
+srv/web/ipfire/html/images/document-save.png
+srv/web/ipfire/html/images/down.gif
+srv/web/ipfire/html/images/drive-harddisk.png
+srv/web/ipfire/html/images/drive-optical.png
+srv/web/ipfire/html/images/drive-removable-media.png
+srv/web/ipfire/html/images/edit-find.png
+srv/web/ipfire/html/images/edit-redo.png
+srv/web/ipfire/html/images/edit.gif
+srv/web/ipfire/html/images/floppy.gif
+srv/web/ipfire/html/images/folder-drag-accept.png
+srv/web/ipfire/html/images/folder-new.png
+srv/web/ipfire/html/images/folder-open.png
+srv/web/ipfire/html/images/folder-remote.png
+srv/web/ipfire/html/images/folder-saved-search.png
+srv/web/ipfire/html/images/folder-visiting.png
+srv/web/ipfire/html/images/folder.png
+srv/web/ipfire/html/images/format-indent-less.png
+srv/web/ipfire/html/images/format-indent-more.png
+srv/web/ipfire/html/images/format-justify-center.png
+srv/web/ipfire/html/images/format-justify-fill.png
+srv/web/ipfire/html/images/format-justify-left.png
+srv/web/ipfire/html/images/format-justify-right.png
+srv/web/ipfire/html/images/forward.gif
+srv/web/ipfire/html/images/go-bottom.png
+srv/web/ipfire/html/images/go-down.png
+srv/web/ipfire/html/images/go-first.png
+srv/web/ipfire/html/images/go-home.png
+srv/web/ipfire/html/images/go-jump.png
+srv/web/ipfire/html/images/go-last.png
+srv/web/ipfire/html/images/go-next.png
+srv/web/ipfire/html/images/go-previous.png
+srv/web/ipfire/html/images/go-top.png
+srv/web/ipfire/html/images/go-up.png
+srv/web/ipfire/html/images/help-browser.png
+srv/web/ipfire/html/images/help.gif
+srv/web/ipfire/html/images/image-loading.png
+srv/web/ipfire/html/images/image-missing.png
+srv/web/ipfire/html/images/image-x-generic.png
+srv/web/ipfire/html/images/indicator.gif
+srv/web/ipfire/html/images/info.gif
+srv/web/ipfire/html/images/input-gaming.png
+srv/web/ipfire/html/images/input-keyboard.png
+srv/web/ipfire/html/images/input-mouse.png
+srv/web/ipfire/html/images/internet-group-chat.png
+srv/web/ipfire/html/images/internet-mail.png
+srv/web/ipfire/html/images/internet-news-reader.png
+srv/web/ipfire/html/images/internet-web-browser.png
+srv/web/ipfire/html/images/list-add.png
+srv/web/ipfire/html/images/list-remove.png
+srv/web/ipfire/html/images/mail-attachment.png
+srv/web/ipfire/html/images/mail-forward.png
+srv/web/ipfire/html/images/mail-mark-junk.png
+srv/web/ipfire/html/images/mail-mark-not-junk.png
+srv/web/ipfire/html/images/mail-message-new.png
+srv/web/ipfire/html/images/mail-reply-all.png
+srv/web/ipfire/html/images/mail-reply-sender.png
+srv/web/ipfire/html/images/mail-send-receive.png
+srv/web/ipfire/html/images/media-flash.png
+srv/web/ipfire/html/images/media-floppy.png
+srv/web/ipfire/html/images/media-optical.png
+srv/web/ipfire/html/images/media-playback-start-all.png
+srv/web/ipfire/html/images/media-playback-start.png
+srv/web/ipfire/html/images/media-playback-stop.png
+srv/web/ipfire/html/images/media-repeat.png
+srv/web/ipfire/html/images/media-resume.png
+srv/web/ipfire/html/images/media-shuffle.png
+srv/web/ipfire/html/images/media-skip-backward.png
+srv/web/ipfire/html/images/media-skip-forward.png
+srv/web/ipfire/html/images/mpfire
+srv/web/ipfire/html/images/mpfire/box.png
+srv/web/ipfire/html/images/network-error.png
+srv/web/ipfire/html/images/network-idle.png
+srv/web/ipfire/html/images/network-offline.png
+srv/web/ipfire/html/images/network-receive.png
+srv/web/ipfire/html/images/network-server.png
+srv/web/ipfire/html/images/network-transmit-receive.png
+srv/web/ipfire/html/images/network-transmit.png
+srv/web/ipfire/html/images/network-wired.png
+srv/web/ipfire/html/images/network-wireless-encrypted.png
+srv/web/ipfire/html/images/network-wireless.png
+srv/web/ipfire/html/images/network-workgroup.png
+srv/web/ipfire/html/images/network.png
+srv/web/ipfire/html/images/null.gif
+srv/web/ipfire/html/images/off.gif
+srv/web/ipfire/html/images/on.gif
+srv/web/ipfire/html/images/openvpn.gif
+srv/web/ipfire/html/images/openvpn.png
+srv/web/ipfire/html/images/package-x-generic.png
+srv/web/ipfire/html/images/printer-error.png
+srv/web/ipfire/html/images/printer.png
+srv/web/ipfire/html/images/process-stop.png
+srv/web/ipfire/html/images/process-working.png
+srv/web/ipfire/html/images/reload.gif
+srv/web/ipfire/html/images/start-here.png
+srv/web/ipfire/html/images/stock_down-16.png
+srv/web/ipfire/html/images/stock_ok.png
+srv/web/ipfire/html/images/stock_stop.png
+srv/web/ipfire/html/images/stock_up-16.png
+srv/web/ipfire/html/images/system-file-manager.png
+srv/web/ipfire/html/images/system-installer.png
+srv/web/ipfire/html/images/system-lock-screen.png
+srv/web/ipfire/html/images/system-log-out.png
+srv/web/ipfire/html/images/system-search.png
+srv/web/ipfire/html/images/system-shutdown.png
+srv/web/ipfire/html/images/system-software-update.png
+srv/web/ipfire/html/images/system-users.png
+srv/web/ipfire/html/images/tab-new.png
+srv/web/ipfire/html/images/table-header.gif
+srv/web/ipfire/html/images/text-html.png
+srv/web/ipfire/html/images/text-x-generic-template.png
+srv/web/ipfire/html/images/text-x-generic.png
+srv/web/ipfire/html/images/text-x-script.png
+srv/web/ipfire/html/images/tux.png
+srv/web/ipfire/html/images/up.gif
+srv/web/ipfire/html/images/updbooster
+srv/web/ipfire/html/images/updbooster/updxl-globe.gif
+srv/web/ipfire/html/images/updbooster/updxl-gr.gif
+srv/web/ipfire/html/images/updbooster/updxl-led-blue.gif
+srv/web/ipfire/html/images/updbooster/updxl-led-gray.gif
+srv/web/ipfire/html/images/updbooster/updxl-led-green.gif
+srv/web/ipfire/html/images/updbooster/updxl-led-red.gif
+srv/web/ipfire/html/images/updbooster/updxl-led-yellow.gif
+srv/web/ipfire/html/images/updbooster/updxl-rd.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-adobe.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-apple.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-avast.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-avg.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-avira.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-kaspersky.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-linux.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-microsoft.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-symantec.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-trendmicro.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-unknown.gif
+srv/web/ipfire/html/images/updbooster/updxl-src-windows.gif
+srv/web/ipfire/html/images/updbooster/updxl-yl.gif
+srv/web/ipfire/html/images/urlfilter
+srv/web/ipfire/html/images/urlfilter/1x1.gif
+srv/web/ipfire/html/images/urlfilter/bg_cool_tux.jpg
+srv/web/ipfire/html/images/urlfilter/bgcool.gif
+srv/web/ipfire/html/images/urlfilter/copy.gif
+srv/web/ipfire/html/images/urlfilter/gmg_tux_ip_fire.gif
+srv/web/ipfire/html/images/urlfilter/led-green.gif
+srv/web/ipfire/html/images/urlfilter/led-red.gif
+srv/web/ipfire/html/images/user-home.png
+srv/web/ipfire/html/images/user-multiple.png
+srv/web/ipfire/html/images/user-option-add.png
+srv/web/ipfire/html/images/user-option-remove.png
+srv/web/ipfire/html/images/user-trash-full.png
+srv/web/ipfire/html/images/user-trash.png
+srv/web/ipfire/html/images/utilities-system-monitor.png
+srv/web/ipfire/html/images/utilities-terminal.png
+srv/web/ipfire/html/images/view-fullscreen.png
+srv/web/ipfire/html/images/view-refresh.png
+srv/web/ipfire/html/images/wakeup.gif
+srv/web/ipfire/html/images/window-new.png
+srv/web/ipfire/html/include
+srv/web/ipfire/html/include/snortupdateutility.js
+srv/web/ipfire/html/index.cgi
+srv/web/ipfire/html/redirect-templates
+srv/web/ipfire/html/redirect-templates/legacy
+srv/web/ipfire/html/redirect-templates/legacy/template.html
+srv/web/ipfire/html/redirect.cgi
+srv/web/ipfire/html/themes
+srv/web/ipfire/html/themes/darkdos
+srv/web/ipfire/html/themes/darkdos/images
+srv/web/ipfire/html/themes/darkdos/images/IPFire.png
+srv/web/ipfire/html/themes/darkdos/images/b1.gif
+srv/web/ipfire/html/themes/darkdos/images/b2.gif
+srv/web/ipfire/html/themes/darkdos/images/b3.gif
+srv/web/ipfire/html/themes/darkdos/images/b4.gif
+srv/web/ipfire/html/themes/darkdos/images/b5.gif
+srv/web/ipfire/html/themes/darkdos/images/b6.gif
+srv/web/ipfire/html/themes/darkdos/images/spacer.gif
+srv/web/ipfire/html/themes/darkdos/include
+srv/web/ipfire/html/themes/darkdos/include/colors.txt
+srv/web/ipfire/html/themes/darkdos/include/functions.pl
+srv/web/ipfire/html/themes/darkdos/include/style.css
+srv/web/ipfire/html/themes/ipfire
+srv/web/ipfire/html/themes/ipfire-legacy
+srv/web/ipfire/html/themes/ipfire-legacy/images
+srv/web/ipfire/html/themes/ipfire-legacy/images/n1.gif
+srv/web/ipfire/html/themes/ipfire-legacy/images/n2.gif
+srv/web/ipfire/html/themes/ipfire-legacy/images/n3.gif
+srv/web/ipfire/html/themes/ipfire-legacy/images/n4.gif
+srv/web/ipfire/html/themes/ipfire-legacy/images/n5.gif
+srv/web/ipfire/html/themes/ipfire-legacy/images/n6.gif
+srv/web/ipfire/html/themes/ipfire-legacy/images/spacer.gif
+srv/web/ipfire/html/themes/ipfire-legacy/include
+srv/web/ipfire/html/themes/ipfire-legacy/include/colors.txt
+srv/web/ipfire/html/themes/ipfire-legacy/include/functions.pl
+srv/web/ipfire/html/themes/ipfire-legacy/include/style.css
+srv/web/ipfire/html/themes/ipfire-rounded
+srv/web/ipfire/html/themes/ipfire/images
+srv/web/ipfire/html/themes/ipfire/images/n2.gif
+srv/web/ipfire/html/themes/ipfire/images/n3.gif
+srv/web/ipfire/html/themes/ipfire/images/n5.gif
+srv/web/ipfire/html/themes/ipfire/images/n6.gif
+srv/web/ipfire/html/themes/ipfire/images/tux2.png
+srv/web/ipfire/html/themes/ipfire/include
+srv/web/ipfire/html/themes/ipfire/include/colors.txt
+srv/web/ipfire/html/themes/ipfire/include/css
+srv/web/ipfire/html/themes/ipfire/include/css/style-rounded.css
+srv/web/ipfire/html/themes/ipfire/include/css/style.css
+srv/web/ipfire/html/themes/ipfire/include/functions.pl
+srv/web/ipfire/html/themes/ipfire/include/js
+srv/web/ipfire/html/themes/ipfire/include/js/refreshInetInfo.js
+srv/web/ipfire/html/themes/maniac
+srv/web/ipfire/html/themes/maniac/images
+srv/web/ipfire/html/themes/maniac/images/IPFire.png
+srv/web/ipfire/html/themes/maniac/images/Thumbs.db
+srv/web/ipfire/html/themes/maniac/images/b1.gif
+srv/web/ipfire/html/themes/maniac/images/b2.gif
+srv/web/ipfire/html/themes/maniac/images/b3.gif
+srv/web/ipfire/html/themes/maniac/images/b4.gif
+srv/web/ipfire/html/themes/maniac/images/b5.gif
+srv/web/ipfire/html/themes/maniac/images/b6.gif
+srv/web/ipfire/html/themes/maniac/images/spacer.gif
+srv/web/ipfire/html/themes/maniac/include
+srv/web/ipfire/html/themes/maniac/include/colors.txt
+srv/web/ipfire/html/themes/maniac/include/functions.pl
+srv/web/ipfire/html/themes/maniac/include/style.css
+var/updatecache
+var/updatecache/download
+var/updatecache/metadata
+srv/web/ipfire/html/accounting
+srv/web/ipfire/html/graphs
--- /dev/null
+lib/xtables/libxt_ACCOUNT.so
+lib/xtables/libxt_CHAOS.so
+lib/xtables/libxt_DELUDE.so
+lib/xtables/libxt_DHCPMAC.so
+lib/xtables/libxt_DNETMAP.so
+lib/xtables/libxt_ECHO.so
+lib/xtables/libxt_IPMARK.so
+lib/xtables/libxt_LOGMARK.so
+lib/xtables/libxt_TARPIT.so
+lib/xtables/libxt_condition.so
+lib/xtables/libxt_dhcpmac.so
+lib/xtables/libxt_fuzzy.so
+lib/xtables/libxt_geoip.so
+lib/xtables/libxt_iface.so
+lib/xtables/libxt_ipp2p.so
+lib/xtables/libxt_ipv4options.so
+lib/xtables/libxt_length2.so
+lib/xtables/libxt_lscan.so
+lib/xtables/libxt_pknock.so
+lib/xtables/libxt_psd.so
+lib/xtables/libxt_quota2.so
+#usr/lib/libxt_ACCOUNT_cl.la
+#usr/lib/libxt_ACCOUNT_cl.so
+usr/lib/libxt_ACCOUNT_cl.so.0
+usr/lib/libxt_ACCOUNT_cl.so.0.0.0
+#usr/libexec/xtables-addons
+usr/libexec/xtables-addons/xt_geoip_build
+usr/libexec/xtables-addons/xt_geoip_dl
+usr/sbin/iptaccount
+#usr/share/man/man1/xt_geoip_build.1
+#usr/share/man/man1/xt_geoip_dl.1
+#usr/share/man/man8/iptaccount.8
+#usr/share/man/man8/xtables-addons.8
#usr/include/lzma/hardware.h
#usr/include/lzma/index.h
#usr/include/lzma/index_hash.h
-#usr/include/lzma/lzma.h
+#usr/include/lzma/lzma12.h
#usr/include/lzma/stream_flags.h
#usr/include/lzma/version.h
#usr/include/lzma/vli.h
#usr/lib/liblzma.la
usr/lib/liblzma.so
usr/lib/liblzma.so.5
-usr/lib/liblzma.so.5.0.5
+usr/lib/liblzma.so.5.2.1
#usr/lib/pkgconfig/liblzma.pc
#usr/share/doc/xz
#usr/share/doc/xz/AUTHORS
#usr/share/doc/xz/examples/01_compress_easy.c
#usr/share/doc/xz/examples/02_decompress.c
#usr/share/doc/xz/examples/03_compress_custom.c
+#usr/share/doc/xz/examples/04_compress_easy_mt.c
#usr/share/doc/xz/examples/Makefile
#usr/share/doc/xz/examples_old
#usr/share/doc/xz/examples_old/xz_pipe_comp.c
#usr/share/locale/fr/LC_MESSAGES/xz.mo
#usr/share/locale/it/LC_MESSAGES/xz.mo
#usr/share/locale/pl/LC_MESSAGES/xz.mo
+#usr/share/locale/vi/LC_MESSAGES/xz.mo
#usr/share/man/man1/lzcat.1
#usr/share/man/man1/lzcmp.1
#usr/share/man/man1/lzdiff.1
srv/web/ipfire/cgi-bin/netovpnsrv.cgi
srv/web/ipfire/cgi-bin/ovpnmain.cgi
srv/web/ipfire/cgi-bin/vpnmain.cgi
+usr/local/bin/collectdctrl
usr/local/bin/openvpnctrl
+usr/sbin/ovpn-collectd-convert
+usr/sbin/setup
var/ipfire/backup/bin/backup.pl
var/ipfire/graphs.pl
var/ipfire/langs
/etc/init.d/ipsec stop
# Remove old files
+rm -f /usr/local/sbin/setup
# Extract files
extract_files
+# Update /etc/sysconfig/createfiles
+cat <<EOF >> /etc/sysconfig/createfiles
+/var/run/ovpnserver.log file 644 nobody nobody
+/var/run/openvpn dir 644 nobody nobody
+EOF
+
+# Update /etc/collectd.conf
+if ! grep -q "collectd.vpn" /etc/collectd.conf; then
+ echo "include \"/etc/collectd.vpn\"" >> /etc/collectd.conf
+fi
+
# Generate ddns configuration file
sudo -u nobody /srv/web/ipfire/cgi-bin/ddns.cgi
/opt/pakfire/db/*/meta-sqlite \
/opt/pakfire/db/rootfiles/sqlite
+mkdir -p /var/run/openvpn
+touch /var/run/ovpnserver.log
+chown nobody.nobody \
+ /var/run/openvpn \
+ /var/run/ovpnserver.log
+
+# Update OpenVPN/collectd configuration
+for i in /var/ipfire/ovpn/n2nconf/*/*.conf; do
+ name="${i##*/}"
+ name="${name%*.conf}"
+
+ if ! grep -qE "^status-version" ${i}; then
+ echo "# Logfile" >> ${i}
+ echo "status-version 1" >> ${i}
+ fi
+
+ if ! grep -qE "^status " ${i}; then
+ echo "status /var/run/openvpn/${name}-n2n 10" >> ${i}
+ fi
+done
+
+/usr/sbin/ovpn-collectd-convert
+chown nobody.nobody /var/ipfire/ovpn/collectd.vpn
+
+# Fix permissions
+chown nobody.nobody /var/ipfire/dns
+
# Fix #10625
mkdir -p /etc/logrotate.d
--- /dev/null
+boot/config.txt
+etc/collectd.custom
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+etc/localtime
+etc/rc.d/rcsysinit.d/S19checkfstab
+etc/rc.d/rcsysinit.d/S70console
+etc/shadow
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+etc/sudoers
+etc/sysconfig/firewall.local
+etc/sysconfig/modules
+etc/sysconfig/rc.local
+srv/web/ipfire/html/proxy.pac
+var/ipfire/firewall/geoipblock
+var/ipfire/fwhosts/custmgeoipgrp
+var/ipfire/ovpn/ccd.conf
+var/ipfire/ovpn/ccdroute
+var/ipfire/ovpn/ccdroute2
+var/ipfire/time
+var/log/cache
+var/state/dhcp/dhcpd.leases
+var/updatecache
--- /dev/null
+../../../common/Locale-Country
\ No newline at end of file
--- /dev/null
+../../../common/apache2
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/glibc
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/linux-kirkwood
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/linux-multi
\ No newline at end of file
--- /dev/null
+../../../../common/armv5tel/linux-rpi
\ No newline at end of file
--- /dev/null
+../../../common/curl
\ No newline at end of file
--- /dev/null
+../../../common/cyrus-sasl
\ No newline at end of file
--- /dev/null
+../../../common/ddns
\ No newline at end of file
--- /dev/null
+../../../common/dhcp
\ No newline at end of file
--- /dev/null
+../../../common/dhcpcd
\ No newline at end of file
--- /dev/null
+../../../common/dnsmasq
\ No newline at end of file
--- /dev/null
+../../../common/dracut
\ No newline at end of file
--- /dev/null
+../../../common/expat
\ No newline at end of file
--- /dev/null
+etc/system-release
+etc/issue
+etc/rc.d/init.d/firewall
+etc/rc.d/init.d/network-trigger
+etc/rc.d/init.d/networking/functions.network
+etc/rc.d/init.d/networking/red.up/99-geoip-database
+etc/rc.d/rcsysinit.d/S90network-trigger
+opt/pakfire/pakfire
+opt/pakfire/lib/functions.pl
+srv/web/ipfire/cgi-bin/country.cgi
+srv/web/ipfire/cgi-bin/ddns.cgi
+srv/web/ipfire/cgi-bin/firewall.cgi
+srv/web/ipfire/cgi-bin/fwhosts.cgi
+srv/web/ipfire/cgi-bin/geoip-block.cgi
+srv/web/ipfire/cgi-bin/index.cgi
+srv/web/ipfire/cgi-bin/logs.cgi/firewalllog.dat
+srv/web/ipfire/cgi-bin/logs.cgi/firewalllogcountry.dat
+srv/web/ipfire/cgi-bin/logs.cgi/firewalllogip.dat
+srv/web/ipfire/cgi-bin/netovpnsrv.cgi
+srv/web/ipfire/cgi-bin/ovpnmain.cgi
+srv/web/ipfire/cgi-bin/vpnmain.cgi
+srv/web/ipfire/html/themes/darkdos/include/style.css
+srv/web/ipfire/html/themes/ipfire-legacy/include/style.css
+srv/web/ipfire/html/themes/ipfire/include/css/style.css
+srv/web/ipfire/html/themes/maniac/include/style.css
+usr/lib/firewall/firewall-lib.pl
+usr/lib/firewall/rules.pl
+usr/local/bin/backupiso
+usr/local/bin/ddnsctrl
+usr/local/bin/ipsecctrl
+usr/local/bin/xt_geoip_build
+usr/local/bin/xt_geoip_update
+var/ipfire/general-functions.pl
+var/ipfire/geoip-functions.pl
+var/ipfire/header.pl
+var/ipfire/backup/include
+var/ipfire/langs
+var/ipfire/menu.d/50-firewall.menu
--- /dev/null
+../../../common/fireinfo
\ No newline at end of file
--- /dev/null
+../../../common/flag-icons
\ No newline at end of file
--- /dev/null
+../../../common/groff
\ No newline at end of file
--- /dev/null
+../../../../common/i586/acpid
\ No newline at end of file
--- /dev/null
+../../../../common/i586/glibc
\ No newline at end of file
--- /dev/null
+../../../../common/i586/linux
\ No newline at end of file
--- /dev/null
+../../../../common/i586/linux-initrd
\ No newline at end of file
--- /dev/null
+../../../../common/i586/openssl-sse2
\ No newline at end of file
--- /dev/null
+../../../common/iptables
\ No newline at end of file
--- /dev/null
+../../../common/iputils
\ No newline at end of file
--- /dev/null
+../../../common/libjpeg
\ No newline at end of file
--- /dev/null
+../../../common/logrotate
\ No newline at end of file
--- /dev/null
+../../../common/logwatch
\ No newline at end of file
--- /dev/null
+../../../common/openldap
\ No newline at end of file
--- /dev/null
+../../../common/openssl
\ No newline at end of file
--- /dev/null
+lib/security/pam_mysql.so
+usr/lib/gnupg/gpgkeys_ldap
+usr/lib/gnupg/gpgkeys_hkp
+usr/lib/gnupg/gpgkeys_curl
+usr/lib/apache/libphp5.so
+usr/lib/squid/digest_ldap_auth
+usr/lib/squid/basic_ldap_auth
+usr/lib/squid/ext_kerberos_ldap_group_acl
+usr/lib/squid/ext_edirectory_userip_acl
+usr/lib/squid/ext_ldap_group_acl
+usr/lib/python2.7/lib-dynload/_ssl.so
+usr/lib/python2.7/lib-dynload/_hashlib.so
+usr/lib/collectd/write_http.so
+usr/lib/collectd/ascent.so
+usr/lib/collectd/curl_xml.so
+usr/lib/collectd/apache.so
+usr/lib/collectd/bind.so
+usr/lib/collectd/curl.so
+usr/bin/php
--- /dev/null
+../../../common/perl-Text-CSV_XS
\ No newline at end of file
--- /dev/null
+../../../common/squid
\ No newline at end of file
--- /dev/null
+../../../common/strongswan
\ No newline at end of file
--- /dev/null
+../../../common/tzdata
\ No newline at end of file
--- /dev/null
+../../../common/udev
\ No newline at end of file
--- /dev/null
+../../../common/wpa_supplicant
\ No newline at end of file
--- /dev/null
+../../../common/xtables-addons
\ No newline at end of file
--- /dev/null
+../../../common/xz
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2014 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+
+function find_device() {
+ local mountpoint="${1}"
+
+ local root
+ local dev mp fs flags rest
+ while read -r dev mp fs flags rest; do
+ # Skip unwanted entries
+ [ "${dev}" = "rootfs" ] && continue
+
+ if [ "${mp}" = "${mountpoint}" ] && [ -b "${dev}" ]; then
+ root="$(basename "${dev}")"
+ break
+ fi
+ done < /proc/mounts
+
+ # Get the actual device from the partition that holds /
+ while [ -n "${root}" ]; do
+ if [ -e "/sys/block/${root}" ]; then
+ echo "${root}"
+ return 0
+ fi
+
+ # Remove last character
+ root="${root::-1}"
+ done
+
+ return 1
+}
+
+
+#
+# Remove old core updates from pakfire cache to save space...
+core=90
+for (( i=1; i<=${core}; i++ ))
+do
+ rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+#
+# Do some sanity checks.
+case $(uname -r) in
+ *-ipfire-versatile )
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: ERROR cannot update. versatile support is dropped."
+ # Report no error to pakfire. So it does not try to install it again.
+ exit 0
+ ;;
+ *-ipfire* )
+ # Ok.
+ ;;
+ * )
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: ERROR cannot update. No IPFire Kernel."
+ exit 1
+ ;;
+esac
+
+
+#
+#
+KVER="xxxKVERxxx"
+
+# Check diskspace on root
+ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+
+if [ $ROOTSPACE -lt 100000 ]; then
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: ERROR cannot update because not enough free space on root."
+ exit 2
+fi
+
+
+echo
+echo Update Kernel to $KVER ...
+#
+# Remove old kernel, configs, initrd, modules, dtb's ...
+#
+rm -rf /boot/System.map-*
+rm -rf /boot/config-*
+rm -rf /boot/ipfirerd-*
+rm -rf /boot/initramfs-*
+rm -rf /boot/vmlinuz-*
+rm -rf /boot/uImage-ipfire-*
+rm -rf /boot/uInit-ipfire-*
+rm -rf /boot/dtb-*-ipfire-*
+rm -rf /lib/modules
+
+case "$(uname -m)" in
+ armv*)
+ # Backup uEnv.txt if exist
+ if [ -e /boot/uEnv.txt ]; then
+ cp -vf /boot/uEnv.txt /boot/uEnv.txt.org
+ fi
+
+ # work around the u-boot folder detection bug
+ mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood
+ mkdir -pv /boot/dtb-$KVER-ipfire-multi
+ ;;
+esac
+
+#
+#Stop services
+/etc/init.d/snort stop
+/etc/init.d/squid stop
+/etc/init.d/ipsec stop
+/etc/init.d/apache stop
+
+# Drop old flag icons, before extracting the new ones.
+rm /srv/web/ipfire/html/images/flags/*
+
+#
+#Extract files
+tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
+
+#
+# restart init because glibc was updated.
+telinit u
+
+# Remove old openssl libraries
+rm -vf /usr/lib/libcrypto.so.0.9.8 /usr/lib/libssl.so.0.9.8
+
+# Check diskspace on boot
+BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+
+if [ $BOOTSPACE -lt 1000 ]; then
+ case $(uname -r) in
+ *-ipfire-kirkwood )
+ # Special handling for old kirkwood images.
+ # (install only kirkwood kernel)
+ rm -rf /boot/*
+ # work around the u-boot folder detection bug
+ mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood
+ tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \
+ --numeric-owner -C / --wildcards 'boot/*-kirkwood*'
+ ;;
+ * )
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: FATAL-ERROR space run out on boot. System is not bootable..."
+ /etc/init.d/apache start
+ exit 4
+ ;;
+ esac
+fi
+
+# Create GeoIP related files if they do not exist yet.
+if [ ! -e "/var/ipfire/firewall/geoipblock" ]; then
+ touch /var/ipfire/firewall/geoipblock
+ chown nobody:nobody /var/ipfire/firewall/geoipblock
+
+ # Insert default value into file.
+ echo "GEOIPBLOCK_ENABLED=off" >> /var/ipfire/firewall/geoipblock
+fi
+if [ ! -e "/var/ipfire/fwhosts/customgeoipgrp" ]; then
+ touch /var/ipfire/fwhosts/customgeoipgrp
+ chown nobody:nobody /var/ipfire/fwhosts/customgeoipgrp
+fi
+
+#Fix BUG10812 (openvpn server.conf has wrong collectd logfile path)
+if grep -q "status /var/log/ovpnserver.log 30" /var/ipfire/ovpn/server.conf; then
+ sed -i "s/\/var\/log\/ovpnserver.log 30/\/var\/run\/ovpnserver.log 30/" /var/ipfire/ovpn/server.conf
+fi
+
+# Download/Update GeoIP databases.
+/usr/local/bin/xt_geoip_update
+
+# Update crontab
+grep -q /usr/local/bin/xt_geoip_update /var/spool/cron/root.orig || cat <<EOF >> /var/spool/cron/root.orig
+
+# Update GeoIP database once a month.
+%monthly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/xt_geoip_update >/dev/null 2>&1
+EOF
+
+fcrontab -z &>/dev/null
+
+# Generate ddns configuration file
+sudo -u nobody /srv/web/ipfire/cgi-bin/ddns.cgi
+
+# Regenerate IPsec configuration
+sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi
+
+# Update Language cache
+perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
+
+# Remove old udev configuration
+rm -vf /etc/udev/rules.d/30-persistent-network.rules
+
+# Remove pids from dhcp client because it hang at normal shutdown
+# so let the sysvinit kill it
+rm -f /run/dhcpcd-*.pid
+
+#
+# Start services
+#
+/etc/init.d/apache start
+/etc/init.d/squid start
+/etc/init.d/snort start
+if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
+ /etc/init.d/ipsec start
+fi
+
+if [ -e /boot/grub/grub.cfg ]; then
+ grub-mkconfig > /boot/grub/grub.cfg
+fi
+
+# Upadate Kernel version uEnv.txt
+if [ -e /boot/uEnv.txt ]; then
+ sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt
+fi
+
+# call user update script (needed for some arm boards)
+if [ -e /boot/pakfire-kernel-update ]; then
+ /boot/pakfire-kernel-update ${KVER}
+fi
+
+
+# Force (re)install pae kernel if pae is supported
+rm -rf /opt/pakfire/db/installed/meta-linux-pae
+if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
+ ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+ BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+ if [ $BOOTSPACE -lt 12000 -o $ROOTSPACE -lt 90000 ]; then
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: WARNING not enough space for pae kernel."
+ else
+ echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
+ echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae
+ echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae
+# rm -f /opt/pakfire/db/meta/meta-linux-pae 2>&1 > /dev/null
+ fi
+fi
+
+#
+# After pakfire has ended run it again and update the lists and do upgrade
+#
+echo '#!/bin/bash' > /tmp/pak_update
+echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update
+echo ' sleep 1' >> /tmp/pak_update
+echo 'done' >> /tmp/pak_update
+echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update
+echo ' sleep 1' >> /tmp/pak_update
+echo 'done' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub/uboot config"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update
+echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
+#
+killall -KILL pak_update
+chmod +x /tmp/pak_update
+/tmp/pak_update &
+
+sync
+
+#
+#Finish
+(
+ /etc/init.d/fireinfo start
+ sendprofile
+) >/dev/null 2>&1 &
+
+echo
+echo Please wait until pakfire has ended...
+echo
+
+# Don't report the exitcode last command
+exit 0
+
--- /dev/null
+boot/config.txt
+etc/collectd.custom
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+etc/localtime
+etc/shadow
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+etc/sudoers
+etc/sysconfig/firewall.local
+etc/sysconfig/rc.local
+etc/udev/rules.d/30-persistent-network.rules
+srv/web/ipfire/html/proxy.pac
+var/ipfire/ovpn
+var/log/cache
+var/state/dhcp/dhcpd.leases
+var/updatecache
--- /dev/null
+etc/system-release
+etc/issue
+opt/pakfire/lib/functions.pl
+srv/web/ipfire/cgi-bin/connections.cgi
+srv/web/ipfire/cgi-bin/dhcp.cgi
+srv/web/ipfire/cgi-bin/pppsetup.cgi
+var/ipfire/langs
--- /dev/null
+../../../../common/i586/openssl-sse2
\ No newline at end of file
--- /dev/null
+../../../../common/i586/strongswan-padlock
\ No newline at end of file
--- /dev/null
+../../../common/libnet
\ No newline at end of file
--- /dev/null
+../../../common/libtool
\ No newline at end of file
--- /dev/null
+../../../common/libxml2
\ No newline at end of file
--- /dev/null
+../../../common/libxslt
\ No newline at end of file
--- /dev/null
+../../../common/newt
\ No newline at end of file
--- /dev/null
+../../../common/openssh
\ No newline at end of file
--- /dev/null
+../../../common/openssl
\ No newline at end of file
--- /dev/null
+../../../common/pcre
\ No newline at end of file
--- /dev/null
+../../../common/slang
\ No newline at end of file
--- /dev/null
+../../../common/strongswan
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2015 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+# Remove old core updates from pakfire cache to save space...
+core=91
+for (( i=1; i<=$core; i++ ))
+do
+ rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+# Stop services
+/etc/init.d/ipsec stop
+
+# Extract files
+extract_files
+
+# Create some missing graphs folders (core90)
+mkdir -p /srv/web/ipfire/html/{accounting,graphs}
+chmod 777 /srv/web/ipfire/html/{accounting,graphs}
+
+# Update Language cache
+/usr/local/bin/update-lang-cache
+
+# Regenerate IPsec configuration
+sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi
+
+sync
+
+# Start services
+if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
+ /etc/init.d/ipsec start
+fi
+
+# This update need a reboot...
+touch /var/run/need_reboot
+
+# Finish
+/etc/init.d/fireinfo start
+sendprofile
+
+# Don't report the exitcode last command
+exit 0
#usr/lib/libclamav.la
usr/lib/libclamav.so
usr/lib/libclamav.so.6
-usr/lib/libclamav.so.6.1.25
+usr/lib/libclamav.so.6.1.26
#usr/lib/libclamunrar.la
usr/lib/libclamunrar.so
usr/lib/libclamunrar.so.6
-usr/lib/libclamunrar.so.6.1.25
+usr/lib/libclamunrar.so.6.1.26
#usr/lib/libclamunrar_iface.la
usr/lib/libclamunrar_iface.so
usr/lib/libclamunrar_iface.so.6
-usr/lib/libclamunrar_iface.so.6.1.25
+usr/lib/libclamunrar_iface.so.6.1.26
#usr/lib/pkgconfig/libclamav.pc
usr/sbin/clamd
usr/share/clamav
var/imap/proc
var/imap/ptclient
var/imap/socket
+var/ipfire/backup/addons/includes/cyrus-imapd
var/ipfire/cyrusimap
var/ipfire/cyrusimap/cyrus.conf
var/ipfire/cyrusimap/imapd.conf
#usr/include/srtp/ut_sim.h
#usr/include/srtp/xfm.h
usr/lib/libsrtp.so
+usr/lib/libsrtp.so.1
#usr/lib/pkgconfig/libsrtp.pc
etc/rc.d/rc3.d/S65netsnmpd
etc/rc.d/rc6.d/K02netsnmpd
etc/snmpd.conf
+usr/bin/agentxtrap
usr/bin/encode_keychange
usr/bin/fixproc
usr/bin/ipf-mod.pl
usr/bin/mib2c
usr/bin/mib2c-update
+usr/bin/net-snmp-cert
usr/bin/net-snmp-config
+usr/bin/net-snmp-create-v3-user
+usr/bin/snmp-bridge-mib
usr/bin/snmpbulkget
usr/bin/snmpbulkwalk
usr/bin/snmpcheck
#usr/include/net-snmp/agent/agent_module_config.h
#usr/include/net-snmp/agent/agent_read_config.h
#usr/include/net-snmp/agent/agent_registry.h
+#usr/include/net-snmp/agent/agent_sysORTable.h
#usr/include/net-snmp/agent/agent_trap.h
#usr/include/net-snmp/agent/all_helpers.h
#usr/include/net-snmp/agent/auto_nlist.h
#usr/include/net-snmp/agent/serialize.h
#usr/include/net-snmp/agent/set_helper.h
#usr/include/net-snmp/agent/snmp_agent.h
+#usr/include/net-snmp/agent/snmp_get_statistic.h
#usr/include/net-snmp/agent/snmp_vars.h
#usr/include/net-snmp/agent/stash_cache.h
#usr/include/net-snmp/agent/stash_to_next.h
+#usr/include/net-snmp/agent/struct.h
+#usr/include/net-snmp/agent/sysORTable.h
#usr/include/net-snmp/agent/table.h
#usr/include/net-snmp/agent/table_array.h
#usr/include/net-snmp/agent/table_container.h
#usr/include/net-snmp/agent/table_dataset.h
#usr/include/net-snmp/agent/table_iterator.h
#usr/include/net-snmp/agent/table_tdata.h
+#usr/include/net-snmp/agent/util_funcs
#usr/include/net-snmp/agent/util_funcs.h
+#usr/include/net-snmp/agent/util_funcs/MIB_STATS_CACHE_TIMEOUT.h
+#usr/include/net-snmp/agent/util_funcs/header_generic.h
+#usr/include/net-snmp/agent/util_funcs/header_simple_table.h
#usr/include/net-snmp/agent/var_struct.h
#usr/include/net-snmp/agent/watcher.h
#usr/include/net-snmp/config_api.h
#usr/include/net-snmp/library/README
#usr/include/net-snmp/library/asn1.h
#usr/include/net-snmp/library/callback.h
+#usr/include/net-snmp/library/cert_util.h
#usr/include/net-snmp/library/check_varbind.h
-#usr/include/net-snmp/library/cmu_compat.h
#usr/include/net-snmp/library/container.h
#usr/include/net-snmp/library/container_binary_array.h
#usr/include/net-snmp/library/container_iterator.h
#usr/include/net-snmp/library/container_null.h
#usr/include/net-snmp/library/data_list.h
#usr/include/net-snmp/library/default_store.h
+#usr/include/net-snmp/library/dir_utils.h
#usr/include/net-snmp/library/factory.h
#usr/include/net-snmp/library/fd_event_manager.h
#usr/include/net-snmp/library/file_utils.h
#usr/include/net-snmp/library/getopt.h
#usr/include/net-snmp/library/int64.h
#usr/include/net-snmp/library/keytools.h
+#usr/include/net-snmp/library/large_fd_set.h
#usr/include/net-snmp/library/lcd_time.h
#usr/include/net-snmp/library/md5.h
#usr/include/net-snmp/library/mib.h
#usr/include/net-snmp/library/mt_support.h
+#usr/include/net-snmp/library/oid.h
#usr/include/net-snmp/library/oid_stash.h
#usr/include/net-snmp/library/parse.h
#usr/include/net-snmp/library/read_config.h
#usr/include/net-snmp/library/scapi.h
#usr/include/net-snmp/library/snmp-tc.h
#usr/include/net-snmp/library/snmp.h
+#usr/include/net-snmp/library/snmpAliasDomain.h
#usr/include/net-snmp/library/snmpCallbackDomain.h
+#usr/include/net-snmp/library/snmpIPv4BaseDomain.h
+#usr/include/net-snmp/library/snmpSocketBaseDomain.h
+#usr/include/net-snmp/library/snmpTCPBaseDomain.h
#usr/include/net-snmp/library/snmpTCPDomain.h
+#usr/include/net-snmp/library/snmpUDPBaseDomain.h
#usr/include/net-snmp/library/snmpUDPDomain.h
+#usr/include/net-snmp/library/snmpUDPIPv4BaseDomain.h
#usr/include/net-snmp/library/snmpUnixDomain.h
#usr/include/net-snmp/library/snmp_alarm.h
#usr/include/net-snmp/library/snmp_api.h
#usr/include/net-snmp/library/text_utils.h
#usr/include/net-snmp/library/tools.h
#usr/include/net-snmp/library/transform_oids.h
+#usr/include/net-snmp/library/types.h
#usr/include/net-snmp/library/ucd_compat.h
#usr/include/net-snmp/library/vacm.h
#usr/include/net-snmp/library/winpipe.h
#usr/include/net-snmp/machine/generic.h
#usr/include/net-snmp/mib_api.h
#usr/include/net-snmp/net-snmp-config.h
+#usr/include/net-snmp/net-snmp-features.h
#usr/include/net-snmp/net-snmp-includes.h
#usr/include/net-snmp/output_api.h
#usr/include/net-snmp/pdu_api.h
#usr/include/net-snmp/system/bsdi4.h
#usr/include/net-snmp/system/cygwin.h
#usr/include/net-snmp/system/darwin.h
+#usr/include/net-snmp/system/darwin10.h
#usr/include/net-snmp/system/darwin7.h
#usr/include/net-snmp/system/darwin8.h
#usr/include/net-snmp/system/darwin9.h
#usr/include/net-snmp/system/dragonfly.h
#usr/include/net-snmp/system/dynix.h
#usr/include/net-snmp/system/freebsd.h
+#usr/include/net-snmp/system/freebsd10.h
+#usr/include/net-snmp/system/freebsd11.h
+#usr/include/net-snmp/system/freebsd12.h
#usr/include/net-snmp/system/freebsd2.h
#usr/include/net-snmp/system/freebsd3.h
#usr/include/net-snmp/system/freebsd4.h
#usr/include/net-snmp/system/freebsd5.h
#usr/include/net-snmp/system/freebsd6.h
+#usr/include/net-snmp/system/freebsd7.h
+#usr/include/net-snmp/system/freebsd8.h
+#usr/include/net-snmp/system/freebsd9.h
#usr/include/net-snmp/system/generic.h
#usr/include/net-snmp/system/hpux.h
#usr/include/net-snmp/system/irix.h
#usr/include/net-snmp/system/mips.h
#usr/include/net-snmp/system/netbsd.h
#usr/include/net-snmp/system/openbsd.h
+#usr/include/net-snmp/system/openbsd4.h
+#usr/include/net-snmp/system/openbsd5.h
#usr/include/net-snmp/system/osf5.h
#usr/include/net-snmp/system/solaris.h
#usr/include/net-snmp/system/solaris2.3.h
#usr/lib/libnetsnmp.a
#usr/lib/libnetsnmp.la
usr/lib/libnetsnmp.so
-usr/lib/libnetsnmp.so.15
-usr/lib/libnetsnmp.so.15.1.2
+usr/lib/libnetsnmp.so.30
+usr/lib/libnetsnmp.so.30.0.3
#usr/lib/libnetsnmpagent.a
#usr/lib/libnetsnmpagent.la
usr/lib/libnetsnmpagent.so
-usr/lib/libnetsnmpagent.so.15
-usr/lib/libnetsnmpagent.so.15.1.2
+usr/lib/libnetsnmpagent.so.30
+usr/lib/libnetsnmpagent.so.30.0.3
#usr/lib/libnetsnmphelpers.a
#usr/lib/libnetsnmphelpers.la
usr/lib/libnetsnmphelpers.so
-usr/lib/libnetsnmphelpers.so.15
-usr/lib/libnetsnmphelpers.so.15.1.2
+usr/lib/libnetsnmphelpers.so.30
+usr/lib/libnetsnmphelpers.so.30.0.3
#usr/lib/libnetsnmpmibs.a
#usr/lib/libnetsnmpmibs.la
usr/lib/libnetsnmpmibs.so
-usr/lib/libnetsnmpmibs.so.15
-usr/lib/libnetsnmpmibs.so.15.1.2
+usr/lib/libnetsnmpmibs.so.30
+usr/lib/libnetsnmpmibs.so.30.0.3
#usr/lib/libnetsnmptrapd.a
#usr/lib/libnetsnmptrapd.la
usr/lib/libnetsnmptrapd.so
-usr/lib/libnetsnmptrapd.so.15
-usr/lib/libnetsnmptrapd.so.15.1.2
+usr/lib/libnetsnmptrapd.so.30
+usr/lib/libnetsnmptrapd.so.30.0.3
#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/Bundle
#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/Bundle/Makefile.subs.pl
#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/NetSNMP
#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/SNMP/SNMP.bs
usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/SNMP/SNMP.so
#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/SNMP/autosplit.ix
-#usr/man/man1/encode_keychange.1
-#usr/man/man1/fixproc.1
-#usr/man/man1/mib2c-update.1
-#usr/man/man1/mib2c.1
-#usr/man/man1/net-snmp-config.1
-#usr/man/man1/snmpbulkget.1
-#usr/man/man1/snmpbulkwalk.1
-#usr/man/man1/snmpcmd.1
-#usr/man/man1/snmpconf.1
-#usr/man/man1/snmpdelta.1
-#usr/man/man1/snmpdf.1
-#usr/man/man1/snmpget.1
-#usr/man/man1/snmpgetnext.1
-#usr/man/man1/snmpinform.1
-#usr/man/man1/snmpnetstat.1
-#usr/man/man1/snmpset.1
-#usr/man/man1/snmpstatus.1
-#usr/man/man1/snmptable.1
-#usr/man/man1/snmptest.1
-#usr/man/man1/snmptranslate.1
-#usr/man/man1/snmptrap.1
-#usr/man/man1/snmpusm.1
-#usr/man/man1/snmpvacm.1
-#usr/man/man1/snmpwalk.1
-#usr/man/man1/tkmib.1
-#usr/man/man1/traptoemail.1
-#usr/man/man3/add_mibdir.3
-#usr/man/man3/add_module_replacement.3
-#usr/man/man3/config_perror.3
-#usr/man/man3/config_pwarn.3
-#usr/man/man3/default_store.3
-#usr/man/man3/fprint_description.3
-#usr/man/man3/fprint_objid.3
-#usr/man/man3/fprint_value.3
-#usr/man/man3/fprint_variable.3
-#usr/man/man3/get_module_node.3
-#usr/man/man3/init_mib.3
-#usr/man/man3/init_mib_internals.3
-#usr/man/man3/mib_api.3
-#usr/man/man3/netsnmp_Container_iterator.3
-#usr/man/man3/netsnmp_agent.3
-#usr/man/man3/netsnmp_baby_steps.3
-#usr/man/man3/netsnmp_bulk_to_next.3
-#usr/man/man3/netsnmp_cache_handler.3
-#usr/man/man3/netsnmp_container.3
-#usr/man/man3/netsnmp_debug.3
-#usr/man/man3/netsnmp_ds_get_boolean.3
-#usr/man/man3/netsnmp_ds_get_int.3
-#usr/man/man3/netsnmp_ds_get_string.3
-#usr/man/man3/netsnmp_ds_register_config.3
-#usr/man/man3/netsnmp_ds_register_premib.3
-#usr/man/man3/netsnmp_ds_set_boolean.3
-#usr/man/man3/netsnmp_ds_set_int.3
-#usr/man/man3/netsnmp_ds_set_string.3
-#usr/man/man3/netsnmp_ds_shutdown.3
-#usr/man/man3/netsnmp_example_scalar_int.3
-#usr/man/man3/netsnmp_handler.3
-#usr/man/man3/netsnmp_instance.3
-#usr/man/man3/netsnmp_iterator_info_s.3
-#usr/man/man3/netsnmp_leaf.3
-#usr/man/man3/netsnmp_library.3
-#usr/man/man3/netsnmp_mib_handler_methods.3
-#usr/man/man3/netsnmp_mib_utilities.3
-#usr/man/man3/netsnmp_mode_end_call.3
-#usr/man/man3/netsnmp_multiplexer.3
-#usr/man/man3/netsnmp_old_api.3
-#usr/man/man3/netsnmp_read_only.3
-#usr/man/man3/netsnmp_row_merge.3
-#usr/man/man3/netsnmp_scalar.3
-#usr/man/man3/netsnmp_scalar_group_group.3
-#usr/man/man3/netsnmp_serialize.3
-#usr/man/man3/netsnmp_stash_cache.3
-#usr/man/man3/netsnmp_table.3
-#usr/man/man3/netsnmp_table_array.3
-#usr/man/man3/netsnmp_table_data.3
-#usr/man/man3/netsnmp_table_dataset.3
-#usr/man/man3/netsnmp_table_iterator.3
-#usr/man/man3/netsnmp_utilities.3
-#usr/man/man3/netsnmp_watcher.3
-#usr/man/man3/print_description.3
-#usr/man/man3/print_mib.3
-#usr/man/man3/print_objid.3
-#usr/man/man3/print_value.3
-#usr/man/man3/print_variable.3
-#usr/man/man3/read_all_mibs.3
-#usr/man/man3/read_config.3
-#usr/man/man3/read_config_print_usage.3
-#usr/man/man3/read_configs.3
-#usr/man/man3/read_mib.3
-#usr/man/man3/read_module.3
-#usr/man/man3/read_module_node.3
-#usr/man/man3/read_objid.3
-#usr/man/man3/read_premib_configs.3
-#usr/man/man3/register_app_config_handler.3
-#usr/man/man3/register_app_premib_handler.3
-#usr/man/man3/register_config_handler.3
-#usr/man/man3/register_mib_handlers.3
-#usr/man/man3/register_premib_handler.3
-#usr/man/man3/send_easy_trap.3
-#usr/man/man3/send_trap_vars.3
-#usr/man/man3/send_v2trap.3
-#usr/man/man3/shutdown_mib.3
-#usr/man/man3/snmp_agent_api.3
-#usr/man/man3/snmp_alarm.3
-#usr/man/man3/snmp_alarm_register.3
-#usr/man/man3/snmp_alarm_register_hr.3
-#usr/man/man3/snmp_alarm_unregister.3
-#usr/man/man3/snmp_api.3
-#usr/man/man3/snmp_api_errstring.3
-#usr/man/man3/snmp_close.3
-#usr/man/man3/snmp_error.3
-#usr/man/man3/snmp_free_pdu.3
-#usr/man/man3/snmp_open.3
-#usr/man/man3/snmp_perror.3
-#usr/man/man3/snmp_read.3
-#usr/man/man3/snmp_select_info.3
-#usr/man/man3/snmp_send.3
-#usr/man/man3/snmp_sess_api.3
-#usr/man/man3/snmp_sess_async_send.3
-#usr/man/man3/snmp_sess_close.3
-#usr/man/man3/snmp_sess_error.3
-#usr/man/man3/snmp_sess_init.3
-#usr/man/man3/snmp_sess_open.3
-#usr/man/man3/snmp_sess_perror.3
-#usr/man/man3/snmp_sess_read.3
-#usr/man/man3/snmp_sess_select_info.3
-#usr/man/man3/snmp_sess_send.3
-#usr/man/man3/snmp_sess_session.3
-#usr/man/man3/snmp_sess_timeout.3
-#usr/man/man3/snmp_set_mib_warnings.3
-#usr/man/man3/snmp_set_save_descriptions.3
-#usr/man/man3/snmp_timeout.3
-#usr/man/man3/snmp_trap_api.3
-#usr/man/man3/snprint_objid.3
-#usr/man/man3/snprint_value.3
-#usr/man/man3/snprint_variable.3
-#usr/man/man3/sprint_realloc_objid.3
-#usr/man/man3/sprint_realloc_value.3
-#usr/man/man3/sprint_realloc_variable.3
-#usr/man/man3/unregister_app_config_handler.3
-#usr/man/man3/unregister_config_handler.3
-#usr/man/man5/mib2c.conf.5
-#usr/man/man5/snmp.conf.5
-#usr/man/man5/snmp_config.5
-#usr/man/man5/snmpd.conf.5
-#usr/man/man5/snmpd.examples.5
-#usr/man/man5/snmpd.internal.5
-#usr/man/man5/snmptrapd.conf.5
-#usr/man/man5/variables.5
-#usr/man/man8/snmpd.8
-#usr/man/man8/snmptrapd.8
usr/sbin/snmpd
usr/sbin/snmptrapd
+#usr/share/man/man1/agentxtrap.1
+#usr/share/man/man1/encode_keychange.1
+#usr/share/man/man1/fixproc.1
+#usr/share/man/man1/mib2c-update.1
+#usr/share/man/man1/mib2c.1
+#usr/share/man/man1/net-snmp-config.1
+#usr/share/man/man1/net-snmp-create-v3-user.1
+#usr/share/man/man1/snmp-bridge-mib.1
+#usr/share/man/man1/snmpbulkget.1
+#usr/share/man/man1/snmpbulkwalk.1
+#usr/share/man/man1/snmpcmd.1
+#usr/share/man/man1/snmpconf.1
+#usr/share/man/man1/snmpdelta.1
+#usr/share/man/man1/snmpdf.1
+#usr/share/man/man1/snmpget.1
+#usr/share/man/man1/snmpgetnext.1
+#usr/share/man/man1/snmpinform.1
+#usr/share/man/man1/snmpnetstat.1
+#usr/share/man/man1/snmpset.1
+#usr/share/man/man1/snmpstatus.1
+#usr/share/man/man1/snmptable.1
+#usr/share/man/man1/snmptest.1
+#usr/share/man/man1/snmptranslate.1
+#usr/share/man/man1/snmptrap.1
+#usr/share/man/man1/snmpusm.1
+#usr/share/man/man1/snmpvacm.1
+#usr/share/man/man1/snmpwalk.1
+#usr/share/man/man1/tkmib.1
+#usr/share/man/man1/traptoemail.1
#usr/share/man/man3/NetSNMP::ASN.3
#usr/share/man/man3/NetSNMP::OID.3
#usr/share/man/man3/NetSNMP::TrapReceiver.3
#usr/share/man/man3/NetSNMP::default_store.3
#usr/share/man/man3/NetSNMP::netsnmp_request_infoPtr.3
#usr/share/man/man3/SNMP.3
+#usr/share/man/man3/add_mibdir.3
+#usr/share/man/man3/add_module_replacement.3
+#usr/share/man/man3/config_perror.3
+#usr/share/man/man3/config_pwarn.3
+#usr/share/man/man3/default_store.3
+#usr/share/man/man3/fprint_description.3
+#usr/share/man/man3/fprint_objid.3
+#usr/share/man/man3/fprint_value.3
+#usr/share/man/man3/fprint_variable.3
+#usr/share/man/man3/get_module_node.3
+#usr/share/man/man3/netsnmp_agent_api.3
+#usr/share/man/man3/netsnmp_config_api.3
+#usr/share/man/man3/netsnmp_init_mib.3
+#usr/share/man/man3/netsnmp_mib_api.3
+#usr/share/man/man3/netsnmp_pdu_api.3
+#usr/share/man/man3/netsnmp_read_module.3
+#usr/share/man/man3/netsnmp_sess_api.3
+#usr/share/man/man3/netsnmp_session_api.3
+#usr/share/man/man3/netsnmp_trap_api.3
+#usr/share/man/man3/netsnmp_varbind_api.3
+#usr/share/man/man3/print_description.3
+#usr/share/man/man3/print_mib.3
+#usr/share/man/man3/print_objid.3
+#usr/share/man/man3/print_value.3
+#usr/share/man/man3/print_variable.3
+#usr/share/man/man3/read_all_mibs.3
+#usr/share/man/man3/read_config_print_usage.3
+#usr/share/man/man3/read_configs.3
+#usr/share/man/man3/read_mib.3
+#usr/share/man/man3/read_objid.3
+#usr/share/man/man3/read_premib_configs.3
+#usr/share/man/man3/register_app_config_handler.3
+#usr/share/man/man3/register_app_prenetsnmp_mib_handler.3
+#usr/share/man/man3/register_config_handler.3
+#usr/share/man/man3/register_const_config_handler.3
+#usr/share/man/man3/register_mib_handlers.3
+#usr/share/man/man3/register_prenetsnmp_mib_handler.3
+#usr/share/man/man3/send_easy_trap.3
+#usr/share/man/man3/send_trap_vars.3
+#usr/share/man/man3/send_v2trap.3
+#usr/share/man/man3/shutdown_mib.3
+#usr/share/man/man3/snmp_add_null_var.3
+#usr/share/man/man3/snmp_alarm.3
+#usr/share/man/man3/snmp_alarm_register.3
+#usr/share/man/man3/snmp_alarm_register_hr.3
+#usr/share/man/man3/snmp_alarm_unregister.3
+#usr/share/man/man3/snmp_api_errstring.3
+#usr/share/man/man3/snmp_async_send.3
+#usr/share/man/man3/snmp_clone_pdu.3
+#usr/share/man/man3/snmp_clone_varbind.3
+#usr/share/man/man3/snmp_close.3
+#usr/share/man/man3/snmp_error.3
+#usr/share/man/man3/snmp_fix_pdu.3
+#usr/share/man/man3/snmp_free_pdu.3
+#usr/share/man/man3/snmp_free_var.3
+#usr/share/man/man3/snmp_free_varbind.3
+#usr/share/man/man3/snmp_open.3
+#usr/share/man/man3/snmp_parse_oid.3
+#usr/share/man/man3/snmp_pdu_add_variable.3
+#usr/share/man/man3/snmp_pdu_create.3
+#usr/share/man/man3/snmp_perror.3
+#usr/share/man/man3/snmp_read.3
+#usr/share/man/man3/snmp_select_info.3
+#usr/share/man/man3/snmp_send.3
+#usr/share/man/man3/snmp_sess_async_send.3
+#usr/share/man/man3/snmp_sess_close.3
+#usr/share/man/man3/snmp_sess_error.3
+#usr/share/man/man3/snmp_sess_init.3
+#usr/share/man/man3/snmp_sess_open.3
+#usr/share/man/man3/snmp_sess_perror.3
+#usr/share/man/man3/snmp_sess_read.3
+#usr/share/man/man3/snmp_sess_select_info.3
+#usr/share/man/man3/snmp_sess_send.3
+#usr/share/man/man3/snmp_sess_session.3
+#usr/share/man/man3/snmp_sess_synch_response.3
+#usr/share/man/man3/snmp_sess_timeout.3
+#usr/share/man/man3/snmp_set_mib_errors.3
+#usr/share/man/man3/snmp_set_mib_warnings.3
+#usr/share/man/man3/snmp_set_save_descriptions.3
+#usr/share/man/man3/snmp_set_var_objid.3
+#usr/share/man/man3/snmp_set_var_typed_integer.3
+#usr/share/man/man3/snmp_set_var_typed_value.3
+#usr/share/man/man3/snmp_set_var_value.3
+#usr/share/man/man3/snmp_synch_response.3
+#usr/share/man/man3/snmp_timeout.3
+#usr/share/man/man3/snmp_varlist_add_variable.3
+#usr/share/man/man3/snprint_description.3
+#usr/share/man/man3/snprint_objid.3
+#usr/share/man/man3/snprint_value.3
+#usr/share/man/man3/snprint_variable.3
+#usr/share/man/man3/unregister_all_config_handlers.3
+#usr/share/man/man3/unregister_app_config_handler.3
+#usr/share/man/man3/unregister_config_handler.3
+#usr/share/man/man5/mib2c.conf.5
+#usr/share/man/man5/snmp.conf.5
+#usr/share/man/man5/snmp_config.5
+#usr/share/man/man5/snmpd.conf.5
+#usr/share/man/man5/snmpd.examples.5
+#usr/share/man/man5/snmpd.internal.5
+#usr/share/man/man5/snmptrapd.conf.5
+#usr/share/man/man5/variables.5
+#usr/share/man/man8/snmpd.8
+#usr/share/man/man8/snmptrapd.8
usr/share/snmp
usr/share/snmp/mib2c-data
usr/share/snmp/mib2c-data/default-mfd-top.m2c
usr/share/snmp/mib2c-data/generic-ctx-set.m2i
usr/share/snmp/mib2c-data/generic-data-allocate.m2i
usr/share/snmp/mib2c-data/generic-data-context.m2i
+usr/share/snmp/mib2c-data/generic-get-U64.m2i
usr/share/snmp/mib2c-data/generic-get-char.m2i
usr/share/snmp/mib2c-data/generic-get-decl-bot.m2i
usr/share/snmp/mib2c-data/generic-get-decl.m2i
usr/share/snmp/mib2c.notify.conf
usr/share/snmp/mib2c.old-api.conf
usr/share/snmp/mib2c.perl.conf
+usr/share/snmp/mib2c.raw-table.conf
usr/share/snmp/mib2c.scalar.conf
usr/share/snmp/mib2c.table_data.conf
usr/share/snmp/mibs
usr/share/snmp/mibs/AGENTX-MIB.txt
+usr/share/snmp/mibs/BRIDGE-MIB.txt
usr/share/snmp/mibs/DISMAN-EVENT-MIB.txt
usr/share/snmp/mibs/DISMAN-SCHEDULE-MIB.txt
usr/share/snmp/mibs/DISMAN-SCRIPT-MIB.txt
usr/share/snmp/mibs/INET-ADDRESS-MIB.txt
usr/share/snmp/mibs/IP-FORWARD-MIB.txt
usr/share/snmp/mibs/IP-MIB.txt
+usr/share/snmp/mibs/IPV6-FLOW-LABEL-MIB.txt
usr/share/snmp/mibs/IPV6-ICMP-MIB.txt
usr/share/snmp/mibs/IPV6-MIB.txt
usr/share/snmp/mibs/IPV6-TC.txt
usr/share/snmp/mibs/NET-SNMP-EXAMPLES-MIB.txt
usr/share/snmp/mibs/NET-SNMP-EXTEND-MIB.txt
usr/share/snmp/mibs/NET-SNMP-MIB.txt
+usr/share/snmp/mibs/NET-SNMP-PASS-MIB.txt
usr/share/snmp/mibs/NET-SNMP-TC.txt
usr/share/snmp/mibs/NET-SNMP-VACM-MIB.txt
usr/share/snmp/mibs/NOTIFICATION-LOG-MIB.txt
usr/share/snmp/mibs/SNMP-NOTIFICATION-MIB.txt
usr/share/snmp/mibs/SNMP-PROXY-MIB.txt
usr/share/snmp/mibs/SNMP-TARGET-MIB.txt
+usr/share/snmp/mibs/SNMP-TLS-TM-MIB.txt
+usr/share/snmp/mibs/SNMP-TSM-MIB.txt
usr/share/snmp/mibs/SNMP-USER-BASED-SM-MIB.txt
usr/share/snmp/mibs/SNMP-USM-AES-MIB.txt
usr/share/snmp/mibs/SNMP-USM-DH-OBJECTS-MIB.txt
usr/share/snmp/mibs/SNMPv2-TM.txt
usr/share/snmp/mibs/TCP-MIB.txt
usr/share/snmp/mibs/TRANSPORT-ADDRESS-MIB.txt
+usr/share/snmp/mibs/TUNNEL-MIB.txt
usr/share/snmp/mibs/UCD-DEMO-MIB.txt
usr/share/snmp/mibs/UCD-DISKIO-MIB.txt
usr/share/snmp/mibs/UCD-DLMOD-MIB.txt
usr/share/snmp/snmpconf-data/snmptrapd-data/runtime
usr/share/snmp/snmpconf-data/snmptrapd-data/snmpconf-config
usr/share/snmp/snmpconf-data/snmptrapd-data/traphandle
+var/ipfire/backup/addons/includes/netsnmpd
etc/rc.d/init.d/netsnmpd
usr/bin/qemu-io
usr/bin/qemu-nbd
usr/bin/qemu-system-arm
+usr/bin/qemu-system-i386
+usr/libexec/qemu-bridge-helper
#usr/share/doc/qemu
#usr/share/doc/qemu/qemu-doc.html
#usr/share/doc/qemu/qemu-tech.html
+#usr/share/doc/qemu/qmp-commands.txt
#usr/share/man/man1/qemu-img.1
#usr/share/man/man1/qemu.1
#usr/share/man/man8/qemu-nbd.8
-usr/share/qemu
+#usr/share/qemu
+usr/share/qemu/QEMU,cgthree.bin
+usr/share/qemu/QEMU,tcx.bin
+usr/share/qemu/acpi-dsdt.aml
usr/share/qemu/bamboo.dtb
+usr/share/qemu/bios-256k.bin
usr/share/qemu/bios.bin
-usr/share/qemu/extboot.bin
+usr/share/qemu/efi-e1000.rom
+usr/share/qemu/efi-eepro100.rom
+usr/share/qemu/efi-ne2k_pci.rom
+usr/share/qemu/efi-pcnet.rom
+usr/share/qemu/efi-rtl8139.rom
+usr/share/qemu/efi-virtio.rom
usr/share/qemu/keymaps
usr/share/qemu/keymaps/ar
+usr/share/qemu/keymaps/bepo
usr/share/qemu/keymaps/common
+usr/share/qemu/keymaps/cz
usr/share/qemu/keymaps/da
usr/share/qemu/keymaps/de
usr/share/qemu/keymaps/de-ch
usr/share/qemu/keymaps/sv
usr/share/qemu/keymaps/th
usr/share/qemu/keymaps/tr
+usr/share/qemu/kvmvapic.bin
usr/share/qemu/linuxboot.bin
-usr/share/qemu/mpc8544ds.dtb
usr/share/qemu/multiboot.bin
usr/share/qemu/openbios-ppc
usr/share/qemu/openbios-sparc32
usr/share/qemu/openbios-sparc64
+usr/share/qemu/palcode-clipper
usr/share/qemu/petalogix-ml605.dtb
usr/share/qemu/petalogix-s3adsp1800.dtb
usr/share/qemu/ppc_rom.bin
usr/share/qemu/pxe-pcnet.rom
usr/share/qemu/pxe-rtl8139.rom
usr/share/qemu/pxe-virtio.rom
+usr/share/qemu/q35-acpi-dsdt.aml
+usr/share/qemu/qemu-icon.bmp
+usr/share/qemu/qemu_logo_no_text.svg
+usr/share/qemu/s390-ccw.img
usr/share/qemu/s390-zipl.rom
+usr/share/qemu/sgabios.bin
usr/share/qemu/slof.bin
usr/share/qemu/spapr-rtas.bin
-usr/share/qemu/vapic.bin
+usr/share/qemu/trace-events
+usr/share/qemu/u-boot.e500
usr/share/qemu/vgabios-cirrus.bin
usr/share/qemu/vgabios-qxl.bin
usr/share/qemu/vgabios-stdvga.bin
usr/share/qemu/vgabios-vmware.bin
usr/share/qemu/vgabios.bin
+#usr/var/run
x509_extensions = usr_cert
default_days = 999999
default_crl_days= 30
-default_md = md5
+default_md = sha256
preserve = no
policy = policy_match
email_in_dn = no
emailAddress = optional
[ req ]
-default_bits = 1024
+default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
ENDTEXT
KERNEL vmlinuz
INITRD instroot
+ APPEND novga
LABEL unattended
MENU LABEL Unattended installation
--- /dev/null
+# Call a script that checks for the right name of the new device.
+# If it matches the configuration it will be renamed accordingly.
+ACTION=="add", SUBSYSTEM=="net", PROGRAM="/lib/udev/network-hotplug-rename", RESULT=="?*", NAME="$result"
--- /dev/null
+#!/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2015 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+# Check if all appropriate variables are set
+[ -n "${INTERFACE}" ] || exit 2
+
+# Ignore virtual interfaces, etc.
+case "${INTERFACE}" in
+ lo)
+ exit 0
+ ;;
+ tun*)
+ exit 0
+ ;;
+ ppp*)
+ exit 0
+ ;;
+esac
+
+# Check if INTERFACE actually exists
+[ -d "/sys/class/net/${INTERFACE}" ] || exit 1
+
+# If the network configuration is not readable,
+# we cannot go on.
+if [ ! -r "/var/ipfire/ethernet/settings" ]; then
+ exit 1
+fi
+
+# Read network settings
+eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+
+# Standard zones
+ZONES="RED GREEN ORANGE BLUE"
+
+# Determine the address of INTERFACE
+ADDRESS="$(</sys/class/net/${INTERFACE}/address)"
+
+# Walk through all zones and find the matching interface
+for zone in ${ZONES}; do
+ address="${zone}_MACADDR"
+ device="${zone}_DEV"
+
+ # Skip if address or device is unset
+ [ -n "${!address}" -a -n "${!device}" ] || continue
+
+ # If a matching interface has been found we will
+ # print the name to which udev will rename it.
+ if [ "${ADDRESS}" = "${!address}" ]; then
+ echo "${!device}"
+ exit 0
+ fi
+done
+
+# If we get here we have not found a matching device,
+# but we won't return an error any way. The new device
+# will remain with the previous name.
+exit 0
--- /dev/null
+# -*- Makefile -*-
+#
+build_ACCOUNT=m
+build_CHAOS=m
+build_DELUDE=m
+build_DHCPMAC=m
+build_DNETMAP=m
+build_ECHO=m
+build_IPMARK=m
+build_LOGMARK=m
+build_SYSRQ=n
+build_TARPIT=m
+build_condition=m
+build_fuzzy=m
+build_geoip=m
+build_gradm=n
+build_iface=m
+build_ipp2p=m
+build_ipv4options=m
+build_length2=m
+build_lscan=m
+build_pknock=m
+build_psd=m
+build_quota2=m
WARNING: translation string unused: behind a proxy
WARNING: translation string unused: bitrate
WARNING: translation string unused: bleeding rules
+WARNING: translation string unused: block
WARNING: translation string unused: blue access use hint
WARNING: translation string unused: blue interface
WARNING: translation string unused: cache management
WARNING: translation string unused: fwhost attention
WARNING: translation string unused: fwhost blue
WARNING: translation string unused: fwhost changeremark
+WARNING: translation string unused: fwhost cust geoip
WARNING: translation string unused: fwhost err addrgrp
WARNING: translation string unused: fwhost err hostorip
WARNING: translation string unused: fwhost err mac
WARNING: translation string unused: gen static key
WARNING: translation string unused: generate
WARNING: translation string unused: genkey
+WARNING: translation string unused: geoipblock country code
+WARNING: translation string unused: geoipblock country name
+WARNING: translation string unused: geoipblock flag
WARNING: translation string unused: green interface
WARNING: translation string unused: gz with key
WARNING: translation string unused: hint
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn engines
WARNING: translation string unused: ovpn log
WARNING: translation string unused: transparent on
WARNING: translation string unused: umount
WARNING: translation string unused: umount removable media before to unplug
+WARNING: translation string unused: unblock
+WARNING: translation string unused: unblock all
WARNING: translation string unused: unencrypted
WARNING: translation string unused: update transcript
WARNING: translation string unused: updates
WARNING: untranslated string: community rules
WARNING: untranslated string: dead peer detection
WARNING: untranslated string: emerging rules
+WARNING: untranslated string: fwhost cust geoipgrp
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: no data
WARNING: untranslated string: qos add subclass
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
WARNING: untranslated string: show tls-auth key
+WARNING: untranslated string: vpn statistics n2n
WARNING: translation string unused: bewan adsl usb
WARNING: translation string unused: bitrate
WARNING: translation string unused: bleeding rules
+WARNING: translation string unused: block
WARNING: translation string unused: blue access use hint
WARNING: translation string unused: blue interface
WARNING: translation string unused: cache management
WARNING: translation string unused: fwhost attention
WARNING: translation string unused: fwhost blue
WARNING: translation string unused: fwhost changeremark
+WARNING: translation string unused: fwhost cust geoip
WARNING: translation string unused: fwhost err addrgrp
WARNING: translation string unused: fwhost err hostorip
WARNING: translation string unused: fwhost err mac
WARNING: translation string unused: gen static key
WARNING: translation string unused: generate
WARNING: translation string unused: genkey
+WARNING: translation string unused: geoipblock country code
+WARNING: translation string unused: geoipblock country name
+WARNING: translation string unused: geoipblock flag
WARNING: translation string unused: green interface
WARNING: translation string unused: gz with key
WARNING: translation string unused: hint
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn engines
WARNING: translation string unused: ovpn log
WARNING: translation string unused: transparent on
WARNING: translation string unused: umount
WARNING: translation string unused: umount removable media before to unplug
+WARNING: translation string unused: unblock
+WARNING: translation string unused: unblock all
WARNING: translation string unused: unencrypted
WARNING: translation string unused: update transcript
WARNING: translation string unused: updates
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
+WARNING: untranslated string: fwhost cust geoipgrp
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: no data
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: vpn statistics n2n
WARNING: translation string unused: gen static key
WARNING: translation string unused: generate
WARNING: translation string unused: genkey
+WARNING: translation string unused: geoipblock country code
+WARNING: translation string unused: geoipblock country name
+WARNING: translation string unused: geoipblock flag
WARNING: translation string unused: green interface
WARNING: translation string unused: gz with key
WARNING: translation string unused: hint
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: ovpn_fastio
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+WARNING: untranslated string: check all
WARNING: untranslated string: count
WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: fwdfw wd_tue
WARNING: untranslated string: fwdfw wd_wed
WARNING: untranslated string: fwhost OpenVPN N-2-N
+WARNING: untranslated string: fwhost addgeoipgrp
WARNING: untranslated string: fwhost addgrp
WARNING: untranslated string: fwhost addgrpname
WARNING: untranslated string: fwhost addhost
WARNING: untranslated string: fwhost ccdnet
WARNING: untranslated string: fwhost change
WARNING: untranslated string: fwhost cust addr
+WARNING: untranslated string: fwhost cust geoipgroup
+WARNING: untranslated string: fwhost cust geoipgrp
+WARNING: untranslated string: fwhost cust geoiplocation
WARNING: untranslated string: fwhost cust grp
WARNING: untranslated string: fwhost cust net
WARNING: untranslated string: fwhost cust service
WARNING: untranslated string: fwhost ipsec net
WARNING: untranslated string: fwhost menu
WARNING: untranslated string: fwhost netaddress
+WARNING: untranslated string: fwhost newgeoipgrp
WARNING: untranslated string: fwhost newgrp
WARNING: untranslated string: fwhost newhost
WARNING: untranslated string: fwhost newnet
WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: p2p block
WARNING: untranslated string: p2p block save notice
WARNING: untranslated string: pakfire ago
+WARNING: untranslated string: pptp netconfig
+WARNING: untranslated string: pptp peer
+WARNING: untranslated string: pptp route
WARNING: untranslated string: proxy reports
WARNING: untranslated string: proxy reports daily
WARNING: untranslated string: proxy reports monthly
WARNING: untranslated string: routing table
WARNING: untranslated string: samba join a domain
WARNING: untranslated string: samba join domain
+WARNING: untranslated string: search
WARNING: untranslated string: server restart
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: tor traffic limit soft
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
+WARNING: untranslated string: uncheck all
WARNING: untranslated string: uplink
WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: wlan client
WARNING: untranslated string: wlan client advanced settings
WARNING: untranslated string: wlan client and
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: ovpn_fastio
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+WARNING: untranslated string: check all
WARNING: untranslated string: count
WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: fwdfw wd_tue
WARNING: untranslated string: fwdfw wd_wed
WARNING: untranslated string: fwhost OpenVPN N-2-N
+WARNING: untranslated string: fwhost addgeoipgrp
WARNING: untranslated string: fwhost addgrp
WARNING: untranslated string: fwhost addgrpname
WARNING: untranslated string: fwhost addhost
WARNING: untranslated string: fwhost ccdnet
WARNING: untranslated string: fwhost change
WARNING: untranslated string: fwhost cust addr
+WARNING: untranslated string: fwhost cust geoipgroup
+WARNING: untranslated string: fwhost cust geoipgrp
+WARNING: untranslated string: fwhost cust geoiplocation
WARNING: untranslated string: fwhost cust grp
WARNING: untranslated string: fwhost cust net
WARNING: untranslated string: fwhost cust service
WARNING: untranslated string: fwhost ipsec net
WARNING: untranslated string: fwhost menu
WARNING: untranslated string: fwhost netaddress
+WARNING: untranslated string: fwhost newgeoipgrp
WARNING: untranslated string: fwhost newgrp
WARNING: untranslated string: fwhost newhost
WARNING: untranslated string: fwhost newnet
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: gen dh
WARNING: untranslated string: generate dh key
+WARNING: untranslated string: geoip
+WARNING: untranslated string: geoipblock
+WARNING: untranslated string: geoipblock block countries
+WARNING: untranslated string: geoipblock configuration
+WARNING: untranslated string: geoipblock country is allowed
+WARNING: untranslated string: geoipblock country is blocked
+WARNING: untranslated string: geoipblock enable feature
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: p2p block
WARNING: untranslated string: p2p block save notice
WARNING: untranslated string: pakfire ago
+WARNING: untranslated string: pptp netconfig
+WARNING: untranslated string: pptp peer
+WARNING: untranslated string: pptp route
WARNING: untranslated string: proxy reports
WARNING: untranslated string: proxy reports daily
WARNING: untranslated string: proxy reports monthly
WARNING: untranslated string: routing table
WARNING: untranslated string: samba join a domain
WARNING: untranslated string: samba join domain
+WARNING: untranslated string: search
WARNING: untranslated string: server restart
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: tor traffic limit soft
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
+WARNING: untranslated string: uncheck all
WARNING: untranslated string: uplink
WARNING: untranslated string: upload dh key
WARNING: untranslated string: upload new ruleset
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: wlan client
WARNING: untranslated string: wlan client advanced settings
WARNING: untranslated string: wlan client and
--- /dev/null
+WARNING: translation string unused: Client status and controlc
+WARNING: translation string unused: ConnSched scheduler
+WARNING: translation string unused: ConnSched select profile
+WARNING: translation string unused: HDD temperature
+WARNING: translation string unused: Level7 rule
+WARNING: translation string unused: Local VPN IP
+WARNING: translation string unused: Ping
+WARNING: translation string unused: Queuelenght
+WARNING: translation string unused: Remote IP
+WARNING: translation string unused: Remote VPN IP
+WARNING: translation string unused: Resolv
+WARNING: translation string unused: TOS Bits
+WARNING: translation string unused: Verbose
+WARNING: translation string unused: access allowed
+WARNING: translation string unused: access refused with this oinkcode
+WARNING: translation string unused: add a new rule
+WARNING: translation string unused: add network
+WARNING: translation string unused: add new ovpn
+WARNING: translation string unused: add service
+WARNING: translation string unused: add xtaccess
+WARNING: translation string unused: add-route
+WARNING: translation string unused: admin user password has been changed
+WARNING: translation string unused: administrator user password
+WARNING: translation string unused: advproxy LDAP auth
+WARNING: translation string unused: advproxy NTLM auth
+WARNING: translation string unused: advproxy advanced proxy
+WARNING: translation string unused: advproxy chgwebpwd ERROR
+WARNING: translation string unused: advproxy chgwebpwd SUCCESS
+WARNING: translation string unused: advproxy chgwebpwd change password
+WARNING: translation string unused: advproxy chgwebpwd change web password
+WARNING: translation string unused: advproxy chgwebpwd new password
+WARNING: translation string unused: advproxy chgwebpwd new password confirm
+WARNING: translation string unused: advproxy chgwebpwd old password
+WARNING: translation string unused: advproxy chgwebpwd username
+WARNING: translation string unused: advproxy cre disabled
+WARNING: translation string unused: advproxy errmsg change fail
+WARNING: translation string unused: advproxy errmsg change success
+WARNING: translation string unused: advproxy errmsg invalid user
+WARNING: translation string unused: advproxy errmsg no password
+WARNING: translation string unused: advproxy errmsg password incorrect
+WARNING: translation string unused: advproxy no cre groups
+WARNING: translation string unused: advproxy ssadvanced proxy
+WARNING: translation string unused: advproxy update information
+WARNING: translation string unused: advproxy update notification
+WARNING: translation string unused: again
+WARNING: translation string unused: age seconds
+WARNING: translation string unused: age shour
+WARNING: translation string unused: age sminute
+WARNING: translation string unused: age ssecond
+WARNING: translation string unused: alcatelusb help
+WARNING: translation string unused: alcatelusb upload
+WARNING: translation string unused: all interfaces
+WARNING: translation string unused: all updates installed
+WARNING: translation string unused: allmsg
+WARNING: translation string unused: alt information
+WARNING: translation string unused: alt ovpn
+WARNING: translation string unused: alt vpn
+WARNING: translation string unused: and
+WARNING: translation string unused: ansi t1.483
+WARNING: translation string unused: apply
+WARNING: translation string unused: archive not exist
+WARNING: translation string unused: attemps
+WARNING: translation string unused: available updates
+WARNING: translation string unused: avoid dod
+WARNING: translation string unused: backup archive
+WARNING: translation string unused: backup clear archive
+WARNING: translation string unused: backup config floppy
+WARNING: translation string unused: backup configuration
+WARNING: translation string unused: backup erase key
+WARNING: translation string unused: backup explain key
+WARNING: translation string unused: backup explain key li1
+WARNING: translation string unused: backup explain key li2
+WARNING: translation string unused: backup explain key li3
+WARNING: translation string unused: backup explain key no1
+WARNING: translation string unused: backup explain key no2
+WARNING: translation string unused: backup export key
+WARNING: translation string unused: backup extract key
+WARNING: translation string unused: backup generate key
+WARNING: translation string unused: backup import dat file
+WARNING: translation string unused: backup import key
+WARNING: translation string unused: backup key
+WARNING: translation string unused: backup key file
+WARNING: translation string unused: backup key info
+WARNING: translation string unused: backup media info
+WARNING: translation string unused: backup missing key
+WARNING: translation string unused: backup password
+WARNING: translation string unused: backup protect key password
+WARNING: translation string unused: backup sets
+WARNING: translation string unused: backup to floppy
+WARNING: translation string unused: bad characters in
+WARNING: translation string unused: behind a proxy
+WARNING: translation string unused: bewan adsl pci st
+WARNING: translation string unused: bewan adsl usb
+WARNING: translation string unused: bitrate
+WARNING: translation string unused: bleeding rules
+WARNING: translation string unused: blue access use hint
+WARNING: translation string unused: blue interface
+WARNING: translation string unused: cache management
+WARNING: translation string unused: cache size
+WARNING: translation string unused: calamaris report interval (in minutes)
+WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cant enable xtaccess
+WARNING: translation string unused: capsinactive
+WARNING: translation string unused: ccd err iroute
+WARNING: translation string unused: ccd err netadr
+WARNING: translation string unused: cfg restart
+WARNING: translation string unused: check for net traffic update
+WARNING: translation string unused: choose config
+WARNING: translation string unused: choose media
+WARNING: translation string unused: clear cache
+WARNING: translation string unused: compression
+WARNING: translation string unused: connect
+WARNING: translation string unused: connect the modem
+WARNING: translation string unused: core notice 1
+WARNING: translation string unused: core notice 2
+WARNING: translation string unused: core notice 3
+WARNING: translation string unused: could not connect to
+WARNING: translation string unused: could not connect to www ipcop org
+WARNING: translation string unused: could not connect to www ipfire org
+WARNING: translation string unused: could not create directory
+WARNING: translation string unused: could not download latest patch list
+WARNING: translation string unused: could not download the available updates list
+WARNING: translation string unused: could not open available updates file
+WARNING: translation string unused: could not open installed updates file
+WARNING: translation string unused: could not open update information file
+WARNING: translation string unused: create
+WARNING: translation string unused: create new backup
+WARNING: translation string unused: current dynamic leases
+WARNING: translation string unused: current media
+WARNING: translation string unused: current ovpn
+WARNING: translation string unused: current profile
+WARNING: translation string unused: custom networks
+WARNING: translation string unused: custom services
+WARNING: translation string unused: daily firewallhits
+WARNING: translation string unused: dat without key
+WARNING: translation string unused: day-graph
+WARNING: translation string unused: dbfile
+WARNING: translation string unused: ddns help dnsmadeeasy
+WARNING: translation string unused: ddns help freedns
+WARNING: translation string unused: ddns help plus
+WARNING: translation string unused: ddns minimize updates
+WARNING: translation string unused: ddns noip prefix
+WARNING: translation string unused: debugme
+WARNING: translation string unused: deep scan directories
+WARNING: translation string unused: default ip
+WARNING: translation string unused: default networks
+WARNING: translation string unused: default services
+WARNING: translation string unused: description
+WARNING: translation string unused: destination ip bad
+WARNING: translation string unused: destination ip or net
+WARNING: translation string unused: destination net
+WARNING: translation string unused: destination port overlaps
+WARNING: translation string unused: dh name is invalid
+WARNING: translation string unused: dhcp base ip fixed lease
+WARNING: translation string unused: dhcp create fixed leases
+WARNING: translation string unused: dhcp fixed lease err1
+WARNING: translation string unused: dhcp fixed lease help1
+WARNING: translation string unused: dhcp mode
+WARNING: translation string unused: dhcp server disabled on blue interface
+WARNING: translation string unused: dhcp server enabled on blue interface
+WARNING: translation string unused: dial user password
+WARNING: translation string unused: dial user password has been changed
+WARNING: translation string unused: dialup settings
+WARNING: translation string unused: disconnect
+WARNING: translation string unused: disconnects
+WARNING: translation string unused: display traffic at home
+WARNING: translation string unused: display webinterface effects
+WARNING: translation string unused: dmz pinhole configuration
+WARNING: translation string unused: dmz pinhole rule added
+WARNING: translation string unused: dmz pinhole rule removed
+WARNING: translation string unused: dmzpinholes for same net not necessary
+WARNING: translation string unused: dns server
+WARNING: translation string unused: do not log this port list
+WARNING: translation string unused: domain not set
+WARNING: translation string unused: donation-link
+WARNING: translation string unused: done
+WARNING: translation string unused: download dh parameter
+WARNING: translation string unused: driver
+WARNING: translation string unused: dstprt range overlaps
+WARNING: translation string unused: dstprt within existing
+WARNING: translation string unused: dynamic dns client
+WARNING: translation string unused: eciadsl help
+WARNING: translation string unused: eciadsl upload
+WARNING: translation string unused: edit a rule
+WARNING: translation string unused: edit network
+WARNING: translation string unused: edit service
+WARNING: translation string unused: editor
+WARNING: translation string unused: eg
+WARNING: translation string unused: email server can not be empty
+WARNING: translation string unused: enable javascript
+WARNING: translation string unused: enable wildcards
+WARNING: translation string unused: enabled on
+WARNING: translation string unused: enabledtitle
+WARNING: translation string unused: encrypted
+WARNING: translation string unused: err bk 1
+WARNING: translation string unused: err bk 10 password
+WARNING: translation string unused: err bk 2 key
+WARNING: translation string unused: err bk 3 tar
+WARNING: translation string unused: err bk 4 gz
+WARNING: translation string unused: err bk 5 encrypt
+WARNING: translation string unused: err rs 1
+WARNING: translation string unused: err rs 6 decrypt
+WARNING: translation string unused: err rs 7 untartst
+WARNING: translation string unused: err rs 8 untar
+WARNING: translation string unused: error config
+WARNING: translation string unused: error external access
+WARNING: translation string unused: esp encryption
+WARNING: translation string unused: esp grouptype
+WARNING: translation string unused: esp integrity
+WARNING: translation string unused: esp keylife
+WARNING: translation string unused: expected
+WARNING: translation string unused: expertoptions
+WARNING: translation string unused: exportkey
+WARNING: translation string unused: external access
+WARNING: translation string unused: external access configuration
+WARNING: translation string unused: external access rule added
+WARNING: translation string unused: external access rule changed
+WARNING: translation string unused: external access rule removed
+WARNING: translation string unused: extrahd
+WARNING: translation string unused: extrahd unable to read
+WARNING: translation string unused: extrahd unable to write
+WARNING: translation string unused: filename
+WARNING: translation string unused: firewall graphs
+WARNING: translation string unused: firewall log viewer
+WARNING: translation string unused: firmware
+WARNING: translation string unused: firmware upload
+WARNING: translation string unused: force update
+WARNING: translation string unused: forward firewall
+WARNING: translation string unused: forwarding rule added
+WARNING: translation string unused: forwarding rule removed
+WARNING: translation string unused: forwarding rule updated
+WARNING: translation string unused: frequency
+WARNING: translation string unused: fritzdsl help
+WARNING: translation string unused: fritzdsl upload
+WARNING: translation string unused: from email adr
+WARNING: translation string unused: from email pw
+WARNING: translation string unused: from email server
+WARNING: translation string unused: from email user
+WARNING: translation string unused: from warn email bad
+WARNING: translation string unused: fwdfw MODE1
+WARNING: translation string unused: fwdfw MODE2
+WARNING: translation string unused: fwdfw addrule
+WARNING: translation string unused: fwdfw err nosrcip
+WARNING: translation string unused: fwdfw err notgtip
+WARNING: translation string unused: fwdfw err prot_port1
+WARNING: translation string unused: fwdfw final_rule
+WARNING: translation string unused: fwdfw from
+WARNING: translation string unused: fwdfw ipsec network
+WARNING: translation string unused: fwdfw man port
+WARNING: translation string unused: fwdfw menu
+WARNING: translation string unused: fwdfw natport used
+WARNING: translation string unused: fwdfw p2p txt
+WARNING: translation string unused: fwdfw rule action
+WARNING: translation string unused: fwdfw rules
+WARNING: translation string unused: fwdfw std network
+WARNING: translation string unused: fwdfw till
+WARNING: translation string unused: fwdfw time
+WARNING: translation string unused: fwdfw xt access
+WARNING: translation string unused: fwhost Custom Host
+WARNING: translation string unused: fwhost Custom Network
+WARNING: translation string unused: fwhost IpSec Host
+WARNING: translation string unused: fwhost IpSec Network
+WARNING: translation string unused: fwhost OpenVPN static host
+WARNING: translation string unused: fwhost OpenVPN static network
+WARNING: translation string unused: fwhost Standard Network
+WARNING: translation string unused: fwhost attention
+WARNING: translation string unused: fwhost blue
+WARNING: translation string unused: fwhost changeremark
+WARNING: translation string unused: fwhost err addrgrp
+WARNING: translation string unused: fwhost err hostorip
+WARNING: translation string unused: fwhost err mac
+WARNING: translation string unused: fwhost err partofnet
+WARNING: translation string unused: fwhost green
+WARNING: translation string unused: fwhost hosts
+WARNING: translation string unused: fwhost ipadr
+WARNING: translation string unused: fwhost ipsec host
+WARNING: translation string unused: fwhost orange
+WARNING: translation string unused: fwhost reread
+WARNING: translation string unused: fwhost reset
+WARNING: translation string unused: fwhost wo subnet
+WARNING: translation string unused: g.dtm
+WARNING: translation string unused: g.lite
+WARNING: translation string unused: gen static key
+WARNING: translation string unused: generate
+WARNING: translation string unused: genkey
+WARNING: translation string unused: green interface
+WARNING: translation string unused: gz with key
+WARNING: translation string unused: hint
+WARNING: translation string unused: host
+WARNING: translation string unused: host configuration
+WARNING: translation string unused: hostname and domain already in use
+WARNING: translation string unused: hour-graph
+WARNING: translation string unused: hours2
+WARNING: translation string unused: ibod for dual isdn only
+WARNING: translation string unused: icmp selected but no type
+WARNING: translation string unused: icmp type
+WARNING: translation string unused: id
+WARNING: translation string unused: ids preprocessor
+WARNING: translation string unused: ike encryption
+WARNING: translation string unused: ike grouptype
+WARNING: translation string unused: ike integrity
+WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
+WARNING: translation string unused: import
+WARNING: translation string unused: importkey
+WARNING: translation string unused: in
+WARNING: translation string unused: incorrect password
+WARNING: translation string unused: insert floppy
+WARNING: translation string unused: insert removable device
+WARNING: translation string unused: install new update
+WARNING: translation string unused: installed
+WARNING: translation string unused: installed updates
+WARNING: translation string unused: intrusion detection system log viewer
+WARNING: translation string unused: intrusion detection system2
+WARNING: translation string unused: invalid cache size
+WARNING: translation string unused: invalid date entered
+WARNING: translation string unused: invalid downlink speed
+WARNING: translation string unused: invalid loaded file
+WARNING: translation string unused: invalid md5sum
+WARNING: translation string unused: invalid port list
+WARNING: translation string unused: invalid time entered
+WARNING: translation string unused: invalid uplink speed
+WARNING: translation string unused: invalid upstream proxy username or password setting
+WARNING: translation string unused: invert
+WARNING: translation string unused: ip address in use
+WARNING: translation string unused: ipfire side
+WARNING: translation string unused: ipsec no connections
+WARNING: translation string unused: iptable rules
+WARNING: translation string unused: isdn
+WARNING: translation string unused: isdn settings
+WARNING: translation string unused: isdn1
+WARNING: translation string unused: isdn2
+WARNING: translation string unused: javascript menu error1
+WARNING: translation string unused: javascript menu error2
+WARNING: translation string unused: kernel version
+WARNING: translation string unused: key stuff
+WARNING: translation string unused: lateprompting
+WARNING: translation string unused: length
+WARNING: translation string unused: line
+WARNING: translation string unused: loaded modules
+WARNING: translation string unused: local hard disk
+WARNING: translation string unused: localkeyfile
+WARNING: translation string unused: log enabled
+WARNING: translation string unused: log viewer
+WARNING: translation string unused: logging
+WARNING: translation string unused: loosedirectorychecking
+WARNING: translation string unused: ls_dhcpd
+WARNING: translation string unused: ls_disk space
+WARNING: translation string unused: ls_free/swan
+WARNING: translation string unused: ls_httpd
+WARNING: translation string unused: ls_init
+WARNING: translation string unused: ls_kernel
+WARNING: translation string unused: ls_modprobe
+WARNING: translation string unused: ls_pam_unix
+WARNING: translation string unused: ls_sshd
+WARNING: translation string unused: ls_syslogd
+WARNING: translation string unused: mac address error not 00
+WARNING: translation string unused: manage ovpn
+WARNING: translation string unused: manual control and status
+WARNING: translation string unused: marked
+WARNING: translation string unused: max incoming size
+WARNING: translation string unused: max outgoing size
+WARNING: translation string unused: max size
+WARNING: translation string unused: mbmon fan in
+WARNING: translation string unused: mbmon graphs
+WARNING: translation string unused: mbmon temp in
+WARNING: translation string unused: mbmon value
+WARNING: translation string unused: min size
+WARNING: translation string unused: missing dat
+WARNING: translation string unused: missing gz
+WARNING: translation string unused: mode
+WARNING: translation string unused: modem on com1
+WARNING: translation string unused: modem on com2
+WARNING: translation string unused: modem on com3
+WARNING: translation string unused: modem on com4
+WARNING: translation string unused: modem on com5
+WARNING: translation string unused: modulation
+WARNING: translation string unused: month-graph
+WARNING: translation string unused: monthly firewallhits
+WARNING: translation string unused: monthly start day bad
+WARNING: translation string unused: monthly traffic bad
+WARNING: translation string unused: monthly volume
+WARNING: translation string unused: monthly volume start day
+WARNING: translation string unused: monthly volume start day short
+WARNING: translation string unused: mount
+WARNING: translation string unused: mtu QoS
+WARNING: translation string unused: nat-traversal
+WARNING: translation string unused: net
+WARNING: translation string unused: net address
+WARNING: translation string unused: net config type
+WARNING: translation string unused: net config type help
+WARNING: translation string unused: net-traffic configuration
+WARNING: translation string unused: network added
+WARNING: translation string unused: network configuration
+WARNING: translation string unused: network removed
+WARNING: translation string unused: network status information
+WARNING: translation string unused: network time
+WARNING: translation string unused: network traffic graphs
+WARNING: translation string unused: network updated
+WARNING: translation string unused: networks settings
+WARNING: translation string unused: never
+WARNING: translation string unused: new optionsfw must boot
+WARNING: translation string unused: no alcatelusb firmware
+WARNING: translation string unused: no cfg upload
+WARNING: translation string unused: no eciadsl synch.bin file
+WARNING: translation string unused: no fritzdsl driver
+WARNING: translation string unused: no information available
+WARNING: translation string unused: no modem selected
+WARNING: translation string unused: no set selected
+WARNING: translation string unused: nonetworkname
+WARNING: translation string unused: noservicename
+WARNING: translation string unused: notes
+WARNING: translation string unused: o-no
+WARNING: translation string unused: o-yes
+WARNING: translation string unused: online help en
+WARNING: translation string unused: only red
+WARNING: translation string unused: open to all
+WARNING: translation string unused: openvpn disabled
+WARNING: translation string unused: openvpn enabled
+WARNING: translation string unused: optional data
+WARNING: translation string unused: optionsfw portlist hint
+WARNING: translation string unused: optionsfw warning
+WARNING: translation string unused: or
+WARNING: translation string unused: original
+WARNING: translation string unused: our donors
+WARNING: translation string unused: out
+WARNING: translation string unused: outgoing firewall
+WARNING: translation string unused: outgoing firewall add ip group
+WARNING: translation string unused: outgoing firewall add mac group
+WARNING: translation string unused: outgoing firewall edit ip group
+WARNING: translation string unused: outgoing firewall edit mac group
+WARNING: translation string unused: outgoing firewall group error
+WARNING: translation string unused: outgoing firewall groups
+WARNING: translation string unused: outgoing firewall ip groups
+WARNING: translation string unused: outgoing firewall mac groups
+WARNING: translation string unused: outgoing firewall mode0
+WARNING: translation string unused: outgoing firewall mode1
+WARNING: translation string unused: outgoing firewall mode2
+WARNING: translation string unused: outgoing firewall outgoing firewall reserved groupname
+WARNING: translation string unused: outgoing firewall p2p description 1
+WARNING: translation string unused: outgoing firewall p2p description 2
+WARNING: translation string unused: outgoing firewall p2p description 3
+WARNING: translation string unused: outgoing firewall reset
+WARNING: translation string unused: outgoing firewall view group
+WARNING: translation string unused: outgoing firewall warning
+WARNING: translation string unused: override mtu
+WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn device
+WARNING: translation string unused: ovpn dl
+WARNING: translation string unused: ovpn engines
+WARNING: translation string unused: ovpn log
+WARNING: translation string unused: ovpn reneg sec
+WARNING: translation string unused: ovpn_fastio
+WARNING: translation string unused: ovpn_mssfix
+WARNING: translation string unused: ovpn_mtudisc
+WARNING: translation string unused: ovpn_processprio
+WARNING: translation string unused: ovpn_processprioD
+WARNING: translation string unused: ovpn_processprioED
+WARNING: translation string unused: ovpn_processprioEH
+WARNING: translation string unused: ovpn_processprioEN
+WARNING: translation string unused: ovpn_processprioH
+WARNING: translation string unused: ovpn_processprioLN
+WARNING: translation string unused: ovpn_processprioN
+WARNING: translation string unused: ovpn_processprioVD
+WARNING: translation string unused: ovpn_processprioVH
+WARNING: translation string unused: ovpnstatus log
+WARNING: translation string unused: ovpnsys log
+WARNING: translation string unused: package failed to install
+WARNING: translation string unused: pakfire core update auto
+WARNING: translation string unused: pakfire updates
+WARNING: translation string unused: password contains illegal characters
+WARNING: translation string unused: password crypting key
+WARNING: translation string unused: passwords must be at least 6 characters in length
+WARNING: translation string unused: phase1 group
+WARNING: translation string unused: phonebook entry
+WARNING: translation string unused: ping disabled
+WARNING: translation string unused: polfile
+WARNING: translation string unused: port forwarding configuration
+WARNING: translation string unused: ports
+WARNING: translation string unused: pots
+WARNING: translation string unused: pppoe
+WARNING: translation string unused: present
+WARNING: translation string unused: profiles
+WARNING: translation string unused: proxy
+WARNING: translation string unused: proxy access graphs
+WARNING: translation string unused: proxy no proxy extend
+WARNING: translation string unused: proxy no proxy local
+WARNING: translation string unused: proxy port
+WARNING: translation string unused: psk
+WARNING: translation string unused: quick control
+WARNING: translation string unused: reboot ask
+WARNING: translation string unused: reboot question
+WARNING: translation string unused: reboot schedule
+WARNING: translation string unused: reboot sure
+WARNING: translation string unused: refresh update list
+WARNING: translation string unused: released
+WARNING: translation string unused: removable device advice
+WARNING: translation string unused: reportfile
+WARNING: translation string unused: requested data
+WARNING: translation string unused: reserved dst port
+WARNING: translation string unused: reserved src port
+WARNING: translation string unused: restore hardware settings
+WARNING: translation string unused: root
+WARNING: translation string unused: root path
+WARNING: translation string unused: root user password
+WARNING: translation string unused: route subnet is invalid
+WARNING: translation string unused: router ip
+WARNING: translation string unused: rsvd dst port overlap
+WARNING: translation string unused: rsvd src port overlap
+WARNING: translation string unused: rules already up to date
+WARNING: translation string unused: safe removal of umounted device
+WARNING: translation string unused: save error
+WARNING: translation string unused: select dest net
+WARNING: translation string unused: select media
+WARNING: translation string unused: select source net
+WARNING: translation string unused: selecttraffic
+WARNING: translation string unused: send email notification
+WARNING: translation string unused: send test mail
+WARNING: translation string unused: server reserved
+WARNING: translation string unused: service added
+WARNING: translation string unused: service removed
+WARNING: translation string unused: service updated
+WARNING: translation string unused: servicename
+WARNING: translation string unused: services settings
+WARNING: translation string unused: shaping add options
+WARNING: translation string unused: shaping list options
+WARNING: translation string unused: show areas
+WARNING: translation string unused: show lines
+WARNING: translation string unused: shutdown ask
+WARNING: translation string unused: shutdown sure
+WARNING: translation string unused: shutdown2
+WARNING: translation string unused: sitekeyfile
+WARNING: translation string unused: smbreload
+WARNING: translation string unused: source ip bad
+WARNING: translation string unused: source ip in use
+WARNING: translation string unused: source ip or net
+WARNING: translation string unused: source net
+WARNING: translation string unused: source network
+WARNING: translation string unused: source port in use
+WARNING: translation string unused: source port overlaps
+WARNING: translation string unused: squid extension methods
+WARNING: translation string unused: squid extension methods invalid
+WARNING: translation string unused: squid fix cache
+WARNING: translation string unused: srcprt range overlaps
+WARNING: translation string unused: srcprt within existing
+WARNING: translation string unused: ssdmz pinholes
+WARNING: translation string unused: ssh access tip
+WARNING: translation string unused: ssh1 disabled
+WARNING: translation string unused: ssh1 enabled
+WARNING: translation string unused: ssh1 support
+WARNING: translation string unused: ssnetwork status
+WARNING: translation string unused: sspasswords
+WARNING: translation string unused: ssport forwarding
+WARNING: translation string unused: ssproxy graphs
+WARNING: translation string unused: sssystem status
+WARNING: translation string unused: sstraffic graphs
+WARNING: translation string unused: subject test
+WARNING: translation string unused: subject warn
+WARNING: translation string unused: subnet
+WARNING: translation string unused: subnet is invalid
+WARNING: translation string unused: successfully refreshed updates list
+WARNING: translation string unused: system graphs
+WARNING: translation string unused: system log viewer
+WARNING: translation string unused: system status information
+WARNING: translation string unused: teovpn_fragment
+WARNING: translation string unused: test
+WARNING: translation string unused: test email could not be sent
+WARNING: translation string unused: test email was sent
+WARNING: translation string unused: the following update was successfully installed
+WARNING: translation string unused: there are updates
+WARNING: translation string unused: there are updates available
+WARNING: translation string unused: this feature has been sponsored by
+WARNING: translation string unused: this is not a valid archive
+WARNING: translation string unused: this is not an authorised update
+WARNING: translation string unused: this months volume
+WARNING: translation string unused: this update is already installed
+WARNING: translation string unused: this weeks volume
+WARNING: translation string unused: time date manually reset
+WARNING: translation string unused: to email adr
+WARNING: translation string unused: to install an update
+WARNING: translation string unused: to warn email bad
+WARNING: translation string unused: too long 80 char max
+WARNING: translation string unused: tor 0 = disabled
+WARNING: translation string unused: tor accounting period daily
+WARNING: translation string unused: tor accounting period monthly
+WARNING: translation string unused: tor accounting period weekly
+WARNING: translation string unused: tor bridge enabled
+WARNING: translation string unused: tor errmsg invalid node id
+WARNING: translation string unused: tor exit country
+WARNING: translation string unused: total connection time
+WARNING: translation string unused: traffic back
+WARNING: translation string unused: traffic calc time
+WARNING: translation string unused: traffic calc time bad
+WARNING: translation string unused: traffic info messages
+WARNING: translation string unused: traffic monitor
+WARNING: translation string unused: traffic shaping
+WARNING: translation string unused: traffic shaping settings
+WARNING: translation string unused: traffic warn level bad
+WARNING: translation string unused: trafficblue
+WARNING: translation string unused: trafficdate
+WARNING: translation string unused: trafficfrom
+WARNING: translation string unused: trafficgreen
+WARNING: translation string unused: trafficin
+WARNING: translation string unused: trafficorange
+WARNING: translation string unused: trafficout
+WARNING: translation string unused: trafficred
+WARNING: translation string unused: trafficsum
+WARNING: translation string unused: trafficto
+WARNING: translation string unused: transfer limits
+WARNING: translation string unused: transparent on
+WARNING: translation string unused: umount
+WARNING: translation string unused: umount removable media before to unplug
+WARNING: translation string unused: unencrypted
+WARNING: translation string unused: update transcript
+WARNING: translation string unused: updates
+WARNING: translation string unused: updates is old1
+WARNING: translation string unused: updates is old2
+WARNING: translation string unused: updxlrtr children
+WARNING: translation string unused: updxlrtr invalid num of children
+WARNING: translation string unused: updxlrtr sources
+WARNING: translation string unused: updxlrtr standard view
+WARNING: translation string unused: updxlrtr unknown
+WARNING: translation string unused: updxlrtr update information
+WARNING: translation string unused: updxlrtr update notification
+WARNING: translation string unused: updxlrtr used by
+WARNING: translation string unused: upload fcdsl.o
+WARNING: translation string unused: upload file
+WARNING: translation string unused: upload static key
+WARNING: translation string unused: upload successful
+WARNING: translation string unused: upload synch.bin
+WARNING: translation string unused: upload update file
+WARNING: translation string unused: upstream password
+WARNING: translation string unused: upstream proxy host:port
+WARNING: translation string unused: upstream username
+WARNING: translation string unused: uptime
+WARNING: translation string unused: uptime and users
+WARNING: translation string unused: urlfilter background image
+WARNING: translation string unused: urlfilter background text
+WARNING: translation string unused: urlfilter enable jpeg
+WARNING: translation string unused: urlfilter update information
+WARNING: translation string unused: urlfilter update notification
+WARNING: translation string unused: urlfilter update results
+WARNING: translation string unused: urlfilter upload background
+WARNING: translation string unused: use
+WARNING: translation string unused: use dov
+WARNING: translation string unused: use ibod
+WARNING: translation string unused: view log
+WARNING: translation string unused: vpn aggrmode
+WARNING: translation string unused: vpn configuration main
+WARNING: translation string unused: vpn incompatible use of defaultroute
+WARNING: translation string unused: vpn mtu invalid
+WARNING: translation string unused: vpn on blue
+WARNING: translation string unused: vpn on green
+WARNING: translation string unused: vpn on orange
+WARNING: translation string unused: vpn watch
+WARNING: translation string unused: warn when traffic reaches
+WARNING: translation string unused: web proxy configuration
+WARNING: translation string unused: week-graph
+WARNING: translation string unused: weekly firewallhits
+WARNING: translation string unused: wildcards
+WARNING: translation string unused: wlanap wlan services
+WARNING: translation string unused: xtaccess all error
+WARNING: translation string unused: xtaccess bad transfert
+WARNING: translation string unused: year-graph
+WARNING: translation string unused: yearly firewallhits
+WARNING: untranslated string: MTU settings
+WARNING: untranslated string: Number of Countries for the pie chart
+WARNING: untranslated string: Scan for Songs
+WARNING: untranslated string: administrator password
+WARNING: untranslated string: administrator username
+WARNING: untranslated string: advproxy AUTH method ntlm auth
+WARNING: untranslated string: advproxy basic authentication
+WARNING: untranslated string: advproxy group access control
+WARNING: untranslated string: advproxy group required
+WARNING: untranslated string: bytes
+WARNING: untranslated string: check all
+WARNING: untranslated string: fwdfw err concon
+WARNING: untranslated string: fwdfw err ratecon
+WARNING: untranslated string: fwdfw limitconcon
+WARNING: untranslated string: fwdfw maxconcon
+WARNING: untranslated string: fwdfw numcon
+WARNING: untranslated string: fwdfw ratelimit
+WARNING: untranslated string: fwhost addgeoipgrp
+WARNING: untranslated string: fwhost cust geoipgroup
+WARNING: untranslated string: fwhost cust geoipgrp
+WARNING: untranslated string: fwhost cust geoiplocation
+WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: fwhost newgeoipgrp
+WARNING: untranslated string: geoip
+WARNING: untranslated string: geoipblock
+WARNING: untranslated string: geoipblock block countries
+WARNING: untranslated string: geoipblock configuration
+WARNING: untranslated string: geoipblock country is allowed
+WARNING: untranslated string: geoipblock country is blocked
+WARNING: untranslated string: geoipblock enable feature
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
+WARNING: untranslated string: incoming compression in bytes per second
+WARNING: untranslated string: incoming overhead in bytes per second
+WARNING: untranslated string: invalid input for valid till days
+WARNING: untranslated string: masquerade blue
+WARNING: untranslated string: masquerade green
+WARNING: untranslated string: masquerade orange
+WARNING: untranslated string: masquerading
+WARNING: untranslated string: masquerading disabled
+WARNING: untranslated string: masquerading enabled
+WARNING: untranslated string: messages
+WARNING: untranslated string: no data
+WARNING: untranslated string: outgoing compression in bytes per second
+WARNING: untranslated string: outgoing overhead in bytes per second
+WARNING: untranslated string: ovpn add conf
+WARNING: untranslated string: pptp netconfig
+WARNING: untranslated string: pptp peer
+WARNING: untranslated string: pptp route
+WARNING: untranslated string: route config changed
+WARNING: untranslated string: routing config added
+WARNING: untranslated string: routing config changed
+WARNING: untranslated string: routing table
+WARNING: untranslated string: samba join a domain
+WARNING: untranslated string: samba join domain
+WARNING: untranslated string: search
+WARNING: untranslated string: uncheck all
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: ovpn_fastio
WARNING: untranslated string: atm device
WARNING: untranslated string: bytes
WARNING: untranslated string: capabilities
+WARNING: untranslated string: check all
WARNING: untranslated string: default
WARNING: untranslated string: dh
WARNING: untranslated string: dh key move failed
WARNING: untranslated string: fwdfw maxconcon
WARNING: untranslated string: fwdfw numcon
WARNING: untranslated string: fwdfw ratelimit
+WARNING: untranslated string: fwhost addgeoipgrp
+WARNING: untranslated string: fwhost cust geoipgroup
+WARNING: untranslated string: fwhost cust geoipgrp
+WARNING: untranslated string: fwhost cust geoiplocation
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: fwhost newgeoipgrp
WARNING: untranslated string: gen dh
WARNING: untranslated string: generate dh key
+WARNING: untranslated string: geoip
+WARNING: untranslated string: geoipblock
+WARNING: untranslated string: geoipblock block countries
+WARNING: untranslated string: geoipblock configuration
+WARNING: untranslated string: geoipblock country is allowed
+WARNING: untranslated string: geoipblock country is blocked
+WARNING: untranslated string: geoipblock enable feature
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: ovpn generating the root and host certificates
WARNING: untranslated string: ovpn ha
WARNING: untranslated string: ovpn hmac
+WARNING: untranslated string: pptp netconfig
+WARNING: untranslated string: pptp peer
+WARNING: untranslated string: pptp route
WARNING: untranslated string: random number generator daemon
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing table
WARNING: untranslated string: samba join a domain
WARNING: untranslated string: samba join domain
+WARNING: untranslated string: search
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: software version
WARNING: untranslated string: source ip country
WARNING: untranslated string: ta key
+WARNING: untranslated string: uncheck all
WARNING: untranslated string: upload dh key
WARNING: untranslated string: vendor
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: translation string unused: gen static key
WARNING: translation string unused: generate
WARNING: translation string unused: genkey
+WARNING: translation string unused: geoipblock country code
+WARNING: translation string unused: geoipblock country name
+WARNING: translation string unused: geoipblock flag
WARNING: translation string unused: green interface
WARNING: translation string unused: gz with key
WARNING: translation string unused: hint
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: ovpn_fastio
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+WARNING: untranslated string: check all
WARNING: untranslated string: count
WARNING: untranslated string: countries
WARNING: untranslated string: country codes and flags
WARNING: untranslated string: fwdfw wd_tue
WARNING: untranslated string: fwdfw wd_wed
WARNING: untranslated string: fwhost OpenVPN N-2-N
+WARNING: untranslated string: fwhost addgeoipgrp
WARNING: untranslated string: fwhost addgrp
WARNING: untranslated string: fwhost addgrpname
WARNING: untranslated string: fwhost addhost
WARNING: untranslated string: fwhost ccdnet
WARNING: untranslated string: fwhost change
WARNING: untranslated string: fwhost cust addr
+WARNING: untranslated string: fwhost cust geoipgroup
+WARNING: untranslated string: fwhost cust geoipgrp
+WARNING: untranslated string: fwhost cust geoiplocation
WARNING: untranslated string: fwhost cust grp
WARNING: untranslated string: fwhost cust net
WARNING: untranslated string: fwhost cust service
WARNING: untranslated string: fwhost ipsec net
WARNING: untranslated string: fwhost menu
WARNING: untranslated string: fwhost netaddress
+WARNING: untranslated string: fwhost newgeoipgrp
WARNING: untranslated string: fwhost newgrp
WARNING: untranslated string: fwhost newhost
WARNING: untranslated string: fwhost newnet
WARNING: untranslated string: generate dh key
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: p2p block
WARNING: untranslated string: p2p block save notice
WARNING: untranslated string: pakfire ago
+WARNING: untranslated string: pptp netconfig
+WARNING: untranslated string: pptp peer
+WARNING: untranslated string: pptp route
WARNING: untranslated string: proxy reports
WARNING: untranslated string: proxy reports daily
WARNING: untranslated string: proxy reports monthly
WARNING: untranslated string: routing table
WARNING: untranslated string: samba join a domain
WARNING: untranslated string: samba join domain
+WARNING: untranslated string: search
WARNING: untranslated string: server restart
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: tor traffic limit soft
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
+WARNING: untranslated string: uncheck all
WARNING: untranslated string: uplink
WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: wlan client
WARNING: untranslated string: wlan client advanced settings
WARNING: untranslated string: wlan client and
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn log
WARNING: translation string unused: ovpn_fastio
WARNING: untranslated string: ccd routes
WARNING: untranslated string: ccd subnet
WARNING: untranslated string: ccd used
+WARNING: untranslated string: check all
WARNING: untranslated string: community rules
WARNING: untranslated string: count
WARNING: untranslated string: countries
WARNING: untranslated string: fwdfw wd_tue
WARNING: untranslated string: fwdfw wd_wed
WARNING: untranslated string: fwhost OpenVPN N-2-N
+WARNING: untranslated string: fwhost addgeoipgrp
WARNING: untranslated string: fwhost addgrp
WARNING: untranslated string: fwhost addgrpname
WARNING: untranslated string: fwhost addhost
WARNING: untranslated string: fwhost ccdnet
WARNING: untranslated string: fwhost change
WARNING: untranslated string: fwhost cust addr
+WARNING: untranslated string: fwhost cust geoipgroup
+WARNING: untranslated string: fwhost cust geoipgrp
+WARNING: untranslated string: fwhost cust geoiplocation
WARNING: untranslated string: fwhost cust grp
WARNING: untranslated string: fwhost cust net
WARNING: untranslated string: fwhost cust service
WARNING: untranslated string: fwhost ipsec net
WARNING: untranslated string: fwhost menu
WARNING: untranslated string: fwhost netaddress
+WARNING: untranslated string: fwhost newgeoipgrp
WARNING: untranslated string: fwhost newgrp
WARNING: untranslated string: fwhost newhost
WARNING: untranslated string: fwhost newnet
WARNING: untranslated string: fwhost welcome
WARNING: untranslated string: gen dh
WARNING: untranslated string: generate dh key
+WARNING: untranslated string: geoip
+WARNING: untranslated string: geoipblock
+WARNING: untranslated string: geoipblock block countries
+WARNING: untranslated string: geoipblock configuration
+WARNING: untranslated string: geoipblock country is allowed
+WARNING: untranslated string: geoipblock country is blocked
+WARNING: untranslated string: geoipblock enable feature
WARNING: untranslated string: grouptype
WARNING: untranslated string: hardware support
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: imei
WARNING: untranslated string: imsi
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: ovpn port in root range
WARNING: untranslated string: p2p block
WARNING: untranslated string: p2p block save notice
+WARNING: untranslated string: pptp netconfig
+WARNING: untranslated string: pptp peer
+WARNING: untranslated string: pptp route
WARNING: untranslated string: proxy reports
WARNING: untranslated string: proxy reports daily
WARNING: untranslated string: proxy reports monthly
WARNING: untranslated string: routing table
WARNING: untranslated string: samba join a domain
WARNING: untranslated string: samba join domain
+WARNING: untranslated string: search
WARNING: untranslated string: server restart
WARNING: untranslated string: show dh
WARNING: untranslated string: show tls-auth key
WARNING: untranslated string: tor traffic limit soft
WARNING: untranslated string: tor traffic read written
WARNING: untranslated string: tor use exit nodes
+WARNING: untranslated string: uncheck all
WARNING: untranslated string: uplink
WARNING: untranslated string: upload dh key
WARNING: untranslated string: uptime load average
WARNING: untranslated string: vendor
WARNING: untranslated string: visit us at
WARNING: untranslated string: vpn keyexchange
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
WARNING: untranslated string: wlan client
WARNING: untranslated string: wlan client advanced settings
WARNING: untranslated string: wlan client and
WARNING: translation string unused: ike grouptype
WARNING: translation string unused: ike integrity
WARNING: translation string unused: ike lifetime
+WARNING: translation string unused: ike lifetime should be between 1 and 24 hours
WARNING: translation string unused: import
WARNING: translation string unused: importkey
WARNING: translation string unused: in
WARNING: translation string unused: outgoing firewall warning
WARNING: translation string unused: override mtu
WARNING: translation string unused: ovpn config
+WARNING: translation string unused: ovpn device
WARNING: translation string unused: ovpn dl
WARNING: translation string unused: ovpn engines
WARNING: translation string unused: ovpn log
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: Scan for Songs
WARNING: untranslated string: bytes
+WARNING: untranslated string: check all
+WARNING: untranslated string: fwhost addgeoipgrp
+WARNING: untranslated string: fwhost cust geoipgroup
+WARNING: untranslated string: fwhost cust geoipgrp
+WARNING: untranslated string: fwhost cust geoiplocation
WARNING: untranslated string: fwhost err hostip
+WARNING: untranslated string: fwhost newgeoipgrp
+WARNING: untranslated string: geoip
+WARNING: untranslated string: geoipblock
+WARNING: untranslated string: geoipblock block countries
+WARNING: untranslated string: geoipblock configuration
+WARNING: untranslated string: geoipblock country is allowed
+WARNING: untranslated string: geoipblock country is blocked
+WARNING: untranslated string: geoipblock enable feature
+WARNING: untranslated string: ike lifetime should be between 1 and 8 hours
WARNING: untranslated string: incoming compression in bytes per second
WARNING: untranslated string: incoming overhead in bytes per second
WARNING: untranslated string: invalid input for valid till days
WARNING: untranslated string: outgoing compression in bytes per second
WARNING: untranslated string: outgoing overhead in bytes per second
WARNING: untranslated string: ovpn add conf
+WARNING: untranslated string: pptp netconfig
+WARNING: untranslated string: pptp peer
+WARNING: untranslated string: pptp route
WARNING: untranslated string: route config changed
WARNING: untranslated string: routing config added
WARNING: untranslated string: routing config changed
WARNING: untranslated string: routing table
+WARNING: untranslated string: search
+WARNING: untranslated string: uncheck all
+WARNING: untranslated string: vpn statistic n2n
+WARNING: untranslated string: vpn statistic rw
+WARNING: untranslated string: vpn statistics n2n
< atm device
< attention
< bit
+< block
< capabilities
< ccd add
< ccd choose net
< ccd routes
< ccd subnet
< ccd used
+< check all
< ConnSched dial
< ConnSched hangup
< ConnSched reboot
< fwdfw wd_tue
< fwdfw wd_wed
< fwdfw xt access
+< fwhost addgeoipgrp
< fwhost addgrp
< fwhost addgrpname
< fwhost addhost
< fwhost change
< fwhost changeremark
< fwhost cust addr
+< fwhost cust geoip
+< fwhost cust geoipgroup
+< fwhost cust geoiplocation
< fwhost cust grp
< fwhost cust net
< fwhost Custom Host
< fwhost IpSec Network
< fwhost menu
< fwhost netaddress
+< fwhost newgeoipgrp
< fwhost newgrp
< fwhost newhost
< fwhost newnet
< fw settings ruletable
< gen dh
< generate dh key
+< geoip
+< geoipblock
+< geoipblock block countries
+< geoipblock configuration
+< geoipblock country code
+< geoipblock country is allowed
+< geoipblock country is blocked
+< geoipblock country name
+< geoipblock enable feature
+< geoipblock flag
< grouptype
< hardware support
< imei
< ovpn reneg sec
< p2p block
< p2p block save notice
+< pptp netconfig
+< pptp peer
+< pptp route
< proxy reports
< proxy reports daily
< proxy reports monthly
< red1
< samba join a domain
< samba join domain
+< search
< server restart
< show dh
< snat new source ip address
< tor traffic limit soft
< tor traffic read written
< tor use exit nodes
+< unblock
+< unblock all
+< uncheck all
< updxlrtr sources
< updxlrtr standard view
< uplink
< vendor
< visit us at
< vpn keyexchange
+< vpn statistic n2n
+< vpn statistic rw
< wlanap access point
< wlanap channel
< wlanap country
< atm device
< attention
< bit
+< block
< capabilities
< ccd add
< ccd choose net
< ccd routes
< ccd subnet
< ccd used
+< check all
< ConnSched dial
< ConnSched hangup
< ConnSched reboot
< fwdfw wd_tue
< fwdfw wd_wed
< fwdfw xt access
+< fwhost addgeoipgrp
< fwhost addgrp
< fwhost addgrpname
< fwhost addhost
< fwhost change
< fwhost changeremark
< fwhost cust addr
+< fwhost cust geoip
+< fwhost cust geoipgroup
+< fwhost cust geoiplocation
< fwhost cust grp
< fwhost cust net
< fwhost Custom Host
< fwhost IpSec Network
< fwhost menu
< fwhost netaddress
+< fwhost newgeoipgrp
< fwhost newgrp
< fwhost newhost
< fwhost newnet
< ovpn routes push options
< p2p block
< p2p block save notice
+< pptp netconfig
+< pptp peer
+< pptp route
< proxy reports
< proxy reports daily
< proxy reports monthly
< red1
< samba join a domain
< samba join domain
+< search
< server restart
< Set time on boot
< show dh
< tor traffic limit soft
< tor traffic read written
< tor use exit nodes
+< unblock
+< unblock all
+< uncheck all
< updxlrtr sources
< updxlrtr standard view
< uplink
< vendor
< visit us at
< vpn keyexchange
+< vpn statistic n2n
+< vpn statistic rw
< wlanap country
< wlan client
< wlan client advanced settings
< atm device
< attention
< bit
+< block
< capabilities
< ccd add
< ccd choose net
< ccd routes
< ccd subnet
< ccd used
+< check all
< ConnSched dial
< ConnSched hangup
< ConnSched reboot
< fwdfw wd_tue
< fwdfw wd_wed
< fwdfw xt access
+< fwhost addgeoipgrp
< fwhost addgrp
< fwhost addgrpname
< fwhost addhost
< fwhost change
< fwhost changeremark
< fwhost cust addr
+< fwhost cust geoip
+< fwhost cust geoipgroup
+< fwhost cust geoiplocation
< fwhost cust grp
< fwhost cust net
< fwhost Custom Host
< fwhost IpSec Network
< fwhost menu
< fwhost netaddress
+< fwhost newgeoipgrp
< fwhost newgrp
< fwhost newhost
< fwhost newnet
< fw settings ruletable
< gen dh
< generate dh key
+< geoip
+< geoipblock
+< geoipblock block countries
+< geoipblock configuration
+< geoipblock country code
+< geoipblock country is allowed
+< geoipblock country is blocked
+< geoipblock country name
+< geoipblock enable feature
+< geoipblock flag
< grouptype
< hardware support
< imei
< ovpn routes push options
< p2p block
< p2p block save notice
+< pptp netconfig
+< pptp peer
+< pptp route
< proxy reports
< proxy reports daily
< proxy reports monthly
< red1
< samba join a domain
< samba join domain
+< search
< server restart
< show dh
< snat new source ip address
< tor traffic limit soft
< tor traffic read written
< tor use exit nodes
+< unblock
+< unblock all
+< uncheck all
< updxlrtr sources
< updxlrtr standard view
< uplink
< vendor
< visit us at
< vpn keyexchange
+< vpn statistic n2n
+< vpn statistic rw
< wlanap country
< wlan client
< wlan client advanced settings
< atm device
< attention
< bit
+< block
< capabilities
< ccd add
< ccd choose net
< ccd routes
< ccd subnet
< ccd used
+< check all
< ConnSched dial
< ConnSched hangup
< ConnSched reboot
< fwdfw wd_tue
< fwdfw wd_wed
< fwdfw xt access
+< fwhost addgeoipgrp
< fwhost addgrp
< fwhost addgrpname
< fwhost addhost
< fwhost change
< fwhost changeremark
< fwhost cust addr
+< fwhost cust geoip
+< fwhost cust geoipgroup
+< fwhost cust geoiplocation
< fwhost cust grp
< fwhost cust net
< fwhost Custom Host
< fwhost IpSec Network
< fwhost menu
< fwhost netaddress
+< fwhost newgeoipgrp
< fwhost newgrp
< fwhost newhost
< fwhost newnet
< fw settings ruletable
< gen dh
< generate dh key
+< geoip
+< geoipblock
+< geoipblock block countries
+< geoipblock configuration
+< geoipblock country code
+< geoipblock country is allowed
+< geoipblock country is blocked
+< geoipblock country name
+< geoipblock enable feature
+< geoipblock flag
< grouptype
< hardware support
< hour-graph
< ovpn reneg sec
< p2p block
< p2p block save notice
+< pptp netconfig
+< pptp peer
+< pptp route
< proxy reports
< proxy reports daily
< proxy reports monthly
< red1
< samba join a domain
< samba join domain
+< search
< server restart
< show dh
< snat new source ip address
< tor traffic limit soft
< tor traffic read written
< tor use exit nodes
+< unblock
+< unblock all
+< uncheck all
< updxlrtr sources
< updxlrtr standard view
< uplink
< vendor
< visit us at
< vpn keyexchange
+< vpn statistic n2n
+< vpn statistic rw
< week-graph
< wlanap country
< wlan client
}
my $sip_colour = ipcolour($sip);
- my $dip_colour = ipcolour($dip);
+ # use colour of destination network for DNAT
+ my $dip_colour = $dip ne $dip_ret ? ipcolour($dip_ret) : ipcolour($dip);
my $sserv = '';
if ($sport < 1024) {
use strict;
-use Locale::Country;
+use Locale::Codes::Country;
-my $flagdir = '/srv/web/ipfire/html/images/flags';
+my $col;
my $lines = '1';
my $lines2 = '';
-my @flaglist=();
-my @flaglistfiles=();
-my $flag = '';
require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/geoip-functions.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
&Header::openbigbox('100%', 'left');
&Header::openbox('100%', 'left', $Lang::tr{'country codes and flags'});
-print "<table class='tbl'>";
-print "<tr><th style='width=5%;'><b>$Lang::tr{'flag'}</b></th>";
-print "<th style='width=5%;'><b>$Lang::tr{'countrycode'}</b></th>";
-print "<th style='width=40%; text-align:left;'><b>$Lang::tr{'country'}</b></th>";
-print "<th> </th>";
-print "<th style='width=5%;'><b>$Lang::tr{'flag'}</b></th>";
-print "<th style='width=5%;'><b>$Lang::tr{'countrycode'}</b></th>";
-print "<th style='width=40%; text-align:left;'><b>$Lang::tr{'country'}</b></th></tr>";
-
-@flaglist = <$flagdir/*>;
-
-undef @flaglistfiles;
-
-foreach (@flaglist)
-{
- if (!-d) { push(@flaglistfiles,substr($_,rindex($_,"/")+1)); }
-}
-my $col="";
-foreach $flag (@flaglistfiles)
-{
+
+print<<END;
+<table class='tbl'>
+ <tr>
+ <th style='width=5%'><b>$Lang::tr{'flag'}</b></th>
+ <th style='width=5%'><b>$Lang::tr{'countrycode'}</b></th>
+ <th style='width=40% text-align:left'><b>$Lang::tr{'country'}</b></th>
+ <th> </th>
+ <th style='width=5%'><b>$Lang::tr{'flag'}</b></th>
+ <th style='width=5%;'><b>$Lang::tr{'countrycode'}</b></th>
+ <th style='width=40% text-align:left;'><b>$Lang::tr{'country'}</b></th>
+ </tr>
+END
+
+# Get a list of all supported country codes.
+my @countries = Locale::Codes::Country::all_country_codes();
+
+# Loop through whole country list.
+foreach my $country (@countries) {
$lines++;
- my $flagcode = uc(substr($flag, 0, 2));
- my $fcode = lc($flagcode);
- my $country = Locale::Country::code2country($fcode);
- if($fcode eq 'eu') { $country = 'Europe'; }
- if($fcode eq 'tp') { $country = 'East Timor'; }
- if($fcode eq 'yu') { $country = 'Yugoslavia'; }
+ # Convert country code into upper case.
+ my $country_uc = uc($country);
+
+ # Get flag icon for of the country.
+ my $flag_icon = &GeoIP::get_flag_icon($country);
+
+ # Get country name.
+ my $name = &GeoIP::get_full_country_name($country);
+
if ($lines % 2) {
- print "<td $col><a id='$fcode'><img src='/images/flags/$fcode.png' alt='$flagcode' title='$flagcode'/></a></td>";
- print "<td $col>$flagcode</td>";
- print "<td $col>$country</td></tr>\n";
- }
- else {
+ print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>";
+ print "<td $col>$country_uc</td>";
+ print "<td $col>$name</td></tr>\n";
+ } else {
$lines2++;
if($lines2 % 2) {
$col="style='background-color:${Header::table2colour};'";
$col="style='background-color:${Header::table1colour};'";
}
print "<tr>";
- print "<td $col><a id='$fcode'><img src='/images/flags/$fcode.png' alt='$flagcode' title='$flagcode'/></a></td>";
- print "<td $col>$flagcode</td>";
- print "<td $col>$country</td>";
+ print "<td $col><a id='$country'><img src='$flag_icon' alt='$country_uc' title='$country_uc'/></a></td>";
+ print "<td $col>$country_uc</td>";
+ print "<td $col>$name</td>";
print "<td $col> </td>";
+
+ # Finish column when the last element in the array has passed and we have an uneven amount of items.
+ if ( $country eq $countries[-1] ) {
+ print "<td $col> </td>\n";
+ print "<td $col> </td>\n";
+ print "<td $col> </td></tr>\n";
+ }
}
}
-
-
print "</table>";
&Header::closebox();
&Header::closebigbox();
-print <<END
-<div style='text-align:center'>
-<a href='$ENV{'HTTP_REFERER'}'>$Lang::tr{'back'}</a>
-</div>
-END
-;
+print "<div style='text-align:center'><a href='$ENV{'HTTP_REFERER'}'>$Lang::tr{'back'}</a></div>\n";
&Header::closepage();
# Config file to store the configured ddns providers.
my $datafile = "${General::swroot}/ddns/config";
-# Dynamic ddns programm call.
-my @ddnsprog = ("/usr/bin/ddns", "--config",
- "/var/ipfire/ddns/ddns.conf",
- "update-all");
+# Call the ddnsctrl helper binary to perform the update.
+my @ddnsprog = ("/usr/local/bin/ddnsctrl", "update-all");
my %settings=();
my $errormessage = '';
print FILE "password = $password\n";
}
- # These providers need to be set to only use IPv4.
- if ($provider ~~ ["freedns.afraid.org", "nsupdate.info", "opendns.com", "variomedia.de", "zoneedit.com"]) {
- print FILE "proto = ipv4\n";
- }
-
print FILE "\n";
}
if ($dhcpsettings{'KEY2'} eq '') { #add or edit ?
unshift (@current2, "$dhcpsettings{'FIX_MAC'},$dhcpsettings{'FIX_ADDR'},$dhcpsettings{'FIX_ENABLED'},$dhcpsettings{'FIX_NEXTADDR'},$dhcpsettings{'FIX_FILENAME'},$dhcpsettings{'FIX_ROOTPATH'},$dhcpsettings{'FIX_REMARK'}\n");
&General::log($Lang::tr{'fixed ip lease added'});
+
+ # Enter edit mode
+ $dhcpsettings{'KEY2'} = $key;
} else {
@current2[$dhcpsettings{'KEY2'}] = "$dhcpsettings{'FIX_MAC'},$dhcpsettings{'FIX_ADDR'},$dhcpsettings{'FIX_ENABLED'},$dhcpsettings{'FIX_NEXTADDR'},$dhcpsettings{'FIX_FILENAME'},$dhcpsettings{'FIX_ROOTPATH'},$dhcpsettings{'FIX_REMARK'}\n";
$dhcpsettings{'KEY2'} = ''; # End edit mode
</tr>
</table>
</form>
+<hr />
END
;
#Edited line number (KEY2) passed until cleared by 'save' or 'remove' or 'new sort order'
+# Search for static leases
+my $search_query = $dhcpsettings{'q'};
+
+if (scalar @current2 >= 10) {
+ print <<END;
+ <form method="POST" action="#search">
+ <a name="search"></a>
+ <table width='100%'>
+ <tr>
+ <td>
+ <input type="text" name="q" value="$search_query">
+ <input type="submit" value="$Lang::tr{'search'}">
+ </td>
+ </tr>
+ </table>
+ </form>
+END
+}
+
print <<END
-<hr />
<table width='100%' class='tbl'>
<tr>
<th width='20%' align='center'><a href='$ENV{'SCRIPT_NAME'}?FETHER'><b>$Lang::tr{'mac address'}</b></a></th>
$gdesc = $Lang::tr{'click to enable'};
}
+ # Skip all entries that do not match the search query
+ if ($search_query ne "") {
+ next if (!grep(/$search_query/, @temp));
+ }
+
if ($dhcpsettings{'KEY2'} eq $key) {
print "<tr>";
$col="bgcolor='${Header::colouryellow}'";
require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
+require "${General::swroot}/geoip-functions.pl";
require "/usr/lib/firewall/firewall-lib.pl";
unless (-d "${General::swroot}/firewall") { system("mkdir ${General::swroot}/firewall"); }
my %netsettings=();
my %customhost=();
my %customgrp=();
+my %customgeoipgrp=();
my %customnetworks=();
my %customservice=();
my %customservicegrp=();
my $confignet = "${General::swroot}/fwhosts/customnetworks";
my $confighost = "${General::swroot}/fwhosts/customhosts";
my $configgrp = "${General::swroot}/fwhosts/customgroups";
+my $configgeoipgrp = "${General::swroot}/fwhosts/customgeoipgrp";
my $configsrv = "${General::swroot}/fwhosts/customservices";
my $configsrvgrp = "${General::swroot}/fwhosts/customservicegrp";
my $configccdnet = "${General::swroot}/ovpn/ccd.conf";
\$("#actions").toggle();
});
+ // Hide SNAT items when DNAT is selected and vice versa.
+ if (\$('input[name=nat]:checked').val() == 'dnat') {
+ \$('.snat').hide();
+ } else {
+ \$('.dnat').hide();
+ }
+
+ // Show/Hide elements when SNAT/DNAT get changed.
+ \$('input[name=nat]').change(function() {
+ \$('.snat').toggle();
+ \$('.dnat').toggle();
+ });
+
// Time constraints
if(!\$("#USE_TIME_CONSTRAINTS").attr("checked")) {
\$("#TIME_CONSTRAINTS").hide();
}
print"</select></td>";
}
+ # geoip locations / groups.
+ my @geoip_locations = &fwlib::get_geoip_locations();
+
+ print "<tr>\n";
+ print "<td valign='top'><input type='radio' name='$grp' id='cust_geoip_$srctgt' value='cust_geoip_$srctgt' $checked{$grp}{'cust_geoip_'.$srctgt}></td>\n";
+ print "<td>$Lang::tr{'geoip'}</td>\n";
+ print "<td align='right'><select name='cust_geoip_$srctgt' style='width:200px;'>\n";
+
+ # Add GeoIP groups to dropdown.
+ if (!-z $configgeoipgrp) {
+ print "<optgroup label='$Lang::tr{'fwhost cust geoipgroup'}'>\n";
+ foreach my $key (sort { ncmp($customgeoipgrp{$a}[0],$customgeoipgrp{$b}[0]) } keys %customgeoipgrp) {
+ my $selected;
+
+ # Generate stored value for select detection.
+ my $stored = join(':', "group",$customgeoipgrp{$key}[0]);
+
+ # Only show a group once and group with elements.
+ if($helper ne $customgeoipgrp{$key}[0] && $customgeoipgrp{$key}[2] ne 'none') {
+ # Mark current entry as selected.
+ if ($fwdfwsettings{$fwdfwsettings{$grp}} eq $stored) {
+ $selected = "selected='selected'";
+ }
+ print"<option $selected value='group:$customgeoipgrp{$key}[0]'>$customgeoipgrp{$key}[0]</option>\n";
+ }
+ $helper=$customgeoipgrp{$key}[0];
+ }
+ print "</optgroup>\n";
+ }
+
+ # Add locations.
+ print "<optgroup label='$Lang::tr{'fwhost cust geoiplocation'}'>\n";
+ foreach my $location (@geoip_locations) {
+ # Get country name.
+ my $country_name = &GeoIP::get_full_country_name($location);
+
+ # Mark current entry as selected.
+ my $selected;
+ if ($fwdfwsettings{$fwdfwsettings{$grp}} eq $location) {
+ $selected = "selected='selected'";
+ }
+ print "<option $selected value='$location'>$location - $country_name</option>\n";
+ }
+ print "</optgroup>\n";
+
+ # Close GeoIP dropdown.
+ print "</select></td>\n";
+
#End left table. start right table (vpn)
print"</tr></table></td><td valign='top'><table width='95%' border='0' align='right'><tr>";
# CCD networks
&General::readhasharray("$confighost", \%customhost);
&General::readhasharray("$configccdhost", \%ccdhost);
&General::readhasharray("$configgrp", \%customgrp);
+ &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
&General::readhasharray("$configipsec", \%ipsecconf);
&General::get_aliases(\%aliases);
my %checked=();
$Lang::tr{'fwdfw use nat'}
</label>
<div class="NAT">
- <table width='100%' border='0'>
+ <table class='fw-nat' width='100%' border='0'>
<tr>
<td width='5%'></td>
<td width='40%'>
END
print <<END;
- <td width='25%' align='right'>$Lang::tr{'dnat address'}:</td>
+ <td width='25%' align='right'><span class='dnat'>$Lang::tr{'dnat address'}:</span></td>
<td width='30%'>
- <select name='dnat' style='width: 100%;'>
+ <select name='dnat' class='dnat' style='width: 100%;'>
<option value='AUTO' $selected{'dnat'}{'AUTO'}>- $Lang::tr{'automatic'} -</option>
<option value='Default IP' $selected{'dnat'}{'Default IP'}>$Lang::tr{'red1'} ($redip)</option>
END
$Lang::tr{'fwdfw snat'}
</label>
</td>
- <td width='25%' align='right'>$Lang::tr{'snat new source ip address'}:</td>
+ <td width='25%' align='right'><span class='snat'>$Lang::tr{'snat new source ip address'}:</span></td>
<td width='30%'>
- <select name='snat' style='width: 100%;'>
+ <select name='snat' class='snat' style='width: 100%;'>
END
foreach my $alias (sort keys %aliases) {
}else{
print $$hash{$key}[4];
}
+ }elsif ($$hash{$key}[3] eq 'cust_geoip_src') {
+ my ($split1,$split2) = split(":", $$hash{$key}[4]);
+ if ($split2) {
+ print "$split2\n";
+ }else{
+ print "$Lang::tr{'geoip'}: $$hash{$key}[4]\n";
+ }
}elsif ($$hash{$key}[4] eq 'RED1'){
print "$ipfireiface $Lang::tr{'fwdfw red'}";
}elsif ($$hash{$key}[4] eq 'ALL'){
}else{
print $$hash{$key}[6];
}
+ }elsif ($$hash{$key}[5] eq 'cust_geoip_tgt') {
+ my ($split1,$split2) = split(":", $$hash{$key}[6]);
+ if ($split2) {
+ print "$split2\n";
+ }else{
+ print "$Lang::tr{'geoip'}: $$hash{$key}[6]\n";
+ }
}elsif ($$hash{$key}[5] eq 'tgt_addr'){
my ($split1,$split2) = split("/",$$hash{$key}[6]);
if ($split2 eq '32'){
#RULE ACTIVE
if($$hash{$key}[2] eq 'ON'){
$gif="/images/on.gif"
-
}else{
$gif="/images/off.gif"
}
use CGI::Carp 'fatalsToBrowser';
no warnings 'uninitialized';
require '/var/ipfire/general-functions.pl';
+require "/var/ipfire/geoip-functions.pl";
+require "/usr/lib/firewall/firewall-lib.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
my %customgrp=();
my %customservice=();
my %customservicegrp=();
+my %customgeoipgrp=();
my %ccdnet=();
my %ccdhost=();
my %ipsecconf=();
my $configipsec = "${General::swroot}/vpn/config";
my $configsrv = "${General::swroot}/fwhosts/customservices";
my $configsrvgrp = "${General::swroot}/fwhosts/customservicegrp";
+my $configgeoipgrp = "${General::swroot}/fwhosts/customgeoipgrp";
my $fwconfigfwd = "${General::swroot}/firewall/config";
my $fwconfiginp = "${General::swroot}/firewall/input";
my $fwconfigout = "${General::swroot}/firewall/outgoing";
unless (-e $configgrp) { system("touch $configgrp"); }
unless (-e $configsrv) { system("touch $configsrv"); }
unless (-e $configsrvgrp) { system("touch $configsrvgrp"); }
+unless (-e $configgeoipgrp) { system("touch $configgeoipgrp"); }
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
&addgrp;
&viewtablegrp;
}
+if ($fwhostsettings{'ACTION'} eq 'savegeoipgrp')
+{
+ my $grp=$fwhostsettings{'grp_name'};
+ my $rem=$fwhostsettings{'remark'};
+ my $count;
+ my $type;
+ my @target;
+ my @newgrp;
+ &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
+ &General::readhasharray("$fwconfigfwd", \%fwfwd);
+ &General::readhasharray("$fwconfiginp", \%fwinp);
+ &General::readhasharray("$fwconfigout", \%fwout);
+
+ # Check for existing group name.
+ if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){
+ $errormessage = $Lang::tr{'fwhost err grpexist'};
+ }
+
+ # Check remark.
+ if ($rem ne '' && !&validremark($rem) && $fwhostsettings{'update'} ne 'on'){
+ $errormessage = $Lang::tr{'fwhost err remark'};
+ }
+
+ if ($fwhostsettings{'update'} eq 'on'){
+ @target=$fwhostsettings{'COUNTRY_CODE'};
+ $type='GeoIP Group';
+
+ #check if host/net exists in grp
+ my $test="$grp,$fwhostsettings{'oldremark'},@target";
+ foreach my $key (keys %customgeoipgrp) {
+ my $test1="$customgeoipgrp{$key}[0],$customgeoipgrp{$key}[1],$customgeoipgrp{$key}[2]";
+ if ($test1 eq $test){
+ $errormessage=$Lang::tr{'fwhost err isingrp'};
+ $fwhostsettings{'update'} = 'on';
+ }
+ }
+ }
+
+ if (!$errormessage){
+ #on first save, we have an empty @target, so fill it with nothing
+ my $targetvalues=@target;
+ if ($targetvalues == '0'){
+ @target="none";
+ }
+ #on update, we have to delete the dummy entry
+ foreach my $key (keys %customgeoipgrp){
+ if ($customgeoipgrp{$key}[0] eq $grp && $customgeoipgrp{$key}[2] eq "none"){
+ delete $customgeoipgrp{$key};
+ last;
+ }
+ }
+ &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
+ &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
+ #create array with new lines
+ foreach my $line (@target){
+ push (@newgrp,"$grp,$rem,$line");
+ }
+ #append new entries
+ my $key = &General::findhasharraykey (\%customgeoipgrp);
+ foreach my $line (@newgrp){
+ foreach my $i (0 .. 3) { $customgeoipgrp{$key}[$i] = "";}
+ my ($a,$b,$c,$d) = split (",",$line);
+ $customgeoipgrp{$key}[0] = $a;
+ $customgeoipgrp{$key}[1] = $b;
+ $customgeoipgrp{$key}[2] = $c;
+ $customgeoipgrp{$key}[3] = $type;
+ }
+ &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
+ #update counter in Host/Net
+ $fwhostsettings{'update'}='on';
+ }
+ #check if ruleupdate is needed
+ my $geoipgrpcount=0;
+ $geoipgrpcount=&getgeoipcount($grp);
+ if($geoipgrpcount > 0 )
+ {
+ &General::firewall_config_changed();
+ }
+ &addgeoipgrp;
+ &viewtablegeoipgrp;
+}
if ($fwhostsettings{'ACTION'} eq 'saveservice')
{
my $ICMP;
&addgrp;
&viewtablegrp;
}
+if ($fwhostsettings{'ACTION'} eq 'editgeoipgrp')
+{
+ $fwhostsettings{'update'}='on';
+ &addgeoipgrp;
+ &viewtablegeoipgrp;
+}
if ($fwhostsettings{'ACTION'} eq 'editservice')
{
$fwhostsettings{'updatesrv'}='on';
$fwhostsettings{'remark'} ="";
&showmenu;
}
+if ($fwhostsettings{'ACTION'} eq 'resetgeoipgrp')
+{
+ $fwhostsettings{'grp_name'} ="";
+ $fwhostsettings{'remark'} ="";
+ &showmenu;
+}
# delete
if ($fwhostsettings{'ACTION'} eq 'delnet')
{
&addgrp;
&viewtablegrp;
}
+if ($fwhostsettings{'ACTION'} eq 'deletegeoipgrpentry')
+{
+ my $grpremark;
+ my $grpname;
+ &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
+ foreach my $key (keys %customgeoipgrp){
+ if($customgeoipgrp{$key}[0].",".$customgeoipgrp{$key}[1].",".$customgeoipgrp{$key}[2].",".$customgeoipgrp{$key}[3] eq $fwhostsettings{'delentry'}){
+ $grpname=$customgeoipgrp{$key}[0];
+ $grpremark=$customgeoipgrp{$key}[1];
+ #check if we delete the last entry, then generate dummy
+ if ($fwhostsettings{'last'} eq 'on'){
+ $customgeoipgrp{$key}[1] = '';
+ $customgeoipgrp{$key}[2] = 'none';
+ $customgeoipgrp{$key}[3] = '';
+ $fwhostsettings{'last'}='';
+ last;
+ }else{
+ delete $customgeoipgrp{$key};
+ }
+ }
+ }
+ &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
+ &General::firewall_config_changed();
+ if ($fwhostsettings{'update'} eq 'on'){
+ $fwhostsettings{'remark'}= $grpremark;
+ $fwhostsettings{'grp_name'}=$grpname;
+ }
+ &addgeoipgrp;
+ &viewtablegeoipgrp;
+}
+
if ($fwhostsettings{'ACTION'} eq 'delgrp')
{
&General::readhasharray("$configgrp", \%customgrp);
&addgrp;
&viewtablegrp;
}
+if ($fwhostsettings{'ACTION'} eq 'delgeoipgrp')
+{
+ &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
+ &decrease($fwhostsettings{'grp_name'});
+ foreach my $key (sort keys %customgeoipgrp)
+ {
+ if($customgeoipgrp{$key}[0] eq $fwhostsettings{'grp_name'})
+ {
+ delete $customgeoipgrp{$key};
+ }
+ }
+ &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
+ $fwhostsettings{'grp_name'}='';
+ &addgeoipgrp;
+ &viewtablegeoipgrp;
+}
if ($fwhostsettings{'ACTION'} eq 'delservice')
{
&General::readhasharray("$configsrv", \%customservice);
&addgrp;
&viewtablegrp;
}
+if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newgeoipgrp'})
+{
+ &addgeoipgrp;
+ &viewtablegeoipgrp;
+}
if ($fwhostsettings{'ACTION'} eq $Lang::tr{'fwhost newservice'})
{
&addservice;
&addgrp;
&viewtablegrp;
}
+if ($fwhostsettings{'ACTION'} eq 'changegeoipgrpremark')
+{
+ &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
+ if ($fwhostsettings{'oldrem'} ne $fwhostsettings{'newrem'} && (&validremark($fwhostsettings{'newrem'}) || $fwhostsettings{'newrem'} eq '')){
+ foreach my $key (sort keys %customgeoipgrp)
+ {
+ if($customgeoipgrp{$key}[0] eq $fwhostsettings{'grp'} && $customgeoipgrp{$key}[1] eq $fwhostsettings{'oldrem'})
+ {
+ $customgeoipgrp{$key}[1]='';
+ $customgeoipgrp{$key}[1]=$fwhostsettings{'newrem'};
+ }
+ }
+ &General::writehasharray("$configgeoipgrp", \%customgeoipgrp);
+ $fwhostsettings{'update'}='on';
+ $fwhostsettings{'remark'}=$fwhostsettings{'newrem'};
+ }else{
+ $errormessage=$Lang::tr{'fwhost err remark'};
+ $fwhostsettings{'remark'}=$fwhostsettings{'oldrem'};
+ $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
+ $fwhostsettings{'update'} = 'on';
+ }
+ $fwhostsettings{'grp_name'}=$fwhostsettings{'grp'};
+ &addgeoipgrp;
+ &viewtablegeoipgrp;
+}
if ($fwhostsettings{'ACTION'} eq 'changesrvgrpremark')
{
&General::readhasharray("$configsrvgrp", \%customservicegrp );
&addgrp;
&viewtablegrp;
}
+if ($fwhostsettings{'ACTION'} eq 'changegeoipgrpname')
+{
+ &General::readhasharray("$configgeoipgrp", \%customgeoipgrp );
+ if ($fwhostsettings{'oldgrpname'} ne $fwhostsettings{'grp'}){
+ #Check new groupname
+ if (!&validhostname($fwhostsettings{'grp'})){
+ $errormessage.=$Lang::tr{'fwhost err name'}."<br>";
+ }
+ if (!$errormessage){
+ # Rename group.
+ foreach my $key (keys %customgeoipgrp) {
+ if($customgeoipgrp{$key}[0] eq $fwhostsettings{'oldgrpname'}){
+ $customgeoipgrp{$key}[0]=$fwhostsettings{'grp'};
+ }
+ }
+ &General::writehasharray("$configgeoipgrp", \%customgeoipgrp );
+ #change name in FW Rules
+ &changenameinfw($fwhostsettings{'oldgrpname'},$fwhostsettings{'grp'},6);
+ }
+ }
+ &addgeoipgrp;
+ &viewtablegeoipgrp;
+}
### VIEW ###
if($fwhostsettings{'ACTION'} eq '')
{
print "$Lang::tr{'fwhost welcome'}";
print<<END;
<br><br><table border='0' width='100%'>
- <tr><td><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newnet'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newhost'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgrp'}' ></form></td>
+ <tr><td><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newnet'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newhost'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgrp'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newgeoipgrp'}' ></form></td>
<td align='right'><form method='post'><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservice'}' ><input type='submit' name='ACTION' value='$Lang::tr{'fwhost newservicegrp'}' ></form></td></tr>
<tr><td colspan='6'></td></tr></table>
END
print"<tr><td style='text-align:right;'><input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' /><input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'><input type='hidden' name='update' value=\"$fwhostsettings{'update'}\"><input type='hidden' name='ACTION' value='savegrp' ></form><form method='post' style='display:inline'><input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'><input type='hidden' name='ACTION' value='resetgrp'></form></td></table>";
&Header::closebox();
}
+sub addgeoipgrp
+{
+ &hint;
+ &error;
+ &showmenu;
+ &Header::openbox('100%', 'left', $Lang::tr{'fwhost addgeoipgrp'});
+
+ my %checked=();
+ my $show='';
+ $checked{'check1'}{'off'} = '';
+ $checked{'check1'}{'on'} = '';
+ $checked{'grp2'}{$fwhostsettings{'grp2'}} = 'CHECKED';
+ $fwhostsettings{'oldremark'}=$fwhostsettings{'remark'};
+ $fwhostsettings{'oldgrpname'}=$fwhostsettings{'grp_name'};
+ my $grp=$fwhostsettings{'grp_name'};
+ my $rem=$fwhostsettings{'remark'};
+ if ($fwhostsettings{'update'} eq ''){
+ print<<END;
+ <table width='100%' border='0'>
+ <tr>
+ <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
+ <td><form method='post'><input type='TEXT' name='grp_name' value='$fwhostsettings{'grp_name'}' size='30'></td>
+ </tr>
+ <tr>
+ <td>$Lang::tr{'remark'}:</td>
+ <td ><input type='TEXT' name='remark' value='$fwhostsettings{'remark'}' style='width: 99%;'></td>
+ </tr>
+ <tr>
+ <td colspan='2'><br></td>
+ </tr>
+ </table>
+END
+ } else {
+ print<<END;
+ <table width='100%' border='0'>
+ <form method='post'><tr>
+ <td style='width:15%;'>$Lang::tr{'fwhost addgrpname'}</td>
+ <td style='width:30%;'><input type='TEXT' name='grp' value='$fwhostsettings{'grp_name'}' size='30'></td>
+ <td>
+ <input type='submit' value='$Lang::tr{'fwhost change'}'>
+ <input type='hidden' name='oldgrpname' value='$fwhostsettings{'oldgrpname'}'>
+ <input type='hidden' name='ACTION' value='changegeoipgrpname'>
+ </td>
+ <td></td>
+ </tr></form>
+ <tr><form method='post' style='display:inline'>
+ <td>$Lang::tr{'remark'}:</td>
+ <td colspan='2' style='width:98%;'>
+ <input type='TEXT' name='newrem' value='$fwhostsettings{'remark'}' style='width:98%;'>
+ </td>
+ <td align='right'>
+ <input type='submit' value='$Lang::tr{'fwhost change'}'>
+ <input type='hidden' name='grp' value='$fwhostsettings{'grp_name'}'>
+ <input type='hidden' name='oldrem' value='$fwhostsettings{'oldremark'}'>
+ <input type='hidden' name='ACTION' value='changegeoipgrpremark'>
+ </td>
+ </tr></form>
+ </table>
+ <br><br>
+END
+ }
+ if ($fwhostsettings{'update'} eq 'on') {
+ my @geoip_locations = &fwlib::get_geoip_locations();
+
+ print<<END;
+ <form method='post'>
+ <input type='hidden' name='remark' value='$rem'>
+ <input type='hidden' name='grp_name' value='$grp'>
+
+ <table width='100%' border='0'>
+ <tr>
+ <td style='text-align:left;'>
+ <select name='COUNTRY_CODE' style='width:16em;'>";
+END
+ foreach my $location (@geoip_locations) {
+ # Get full country name.
+ my $fullname = &GeoIP::get_full_country_name($location);
+
+ print"<option value='$location'>$location - $fullname</option>\n";
+ }
+ print <<END;
+ </select>
+ </td>
+ </tr>
+ </table>
+ <br><br>
+END
+ }
+ print <<END;
+ <table width='100%'>
+ <tr><td style='text-align:right;'>
+ <input type='submit' value='$Lang::tr{'add'}' style='min-width:100px;' />
+ <input type='hidden' name='oldremark' value='$fwhostsettings{'oldremark'}'>
+ <input type='hidden' name='update' value=\"$fwhostsettings{'update'}\">
+ <input type='hidden' name='ACTION' value='savegeoipgrp' >
+ </form>
+
+ <form method='post' style='display:inline'>
+
+ <input type='submit' value='$Lang::tr{'fwhost back'}' style='min-width:100px;'>
+ <input type='hidden' name='ACTION' value='resetgeoipgrp'>
+
+ </form>
+ </td></tr></table>
+END
+ &Header::closebox();
+}
sub addservice
{
&error;
&Header::closebox();
}
+}
+sub viewtablegeoipgrp
+{
+ # If our filesize is "zero" there is nothing to read-in.
+ if (-z "$configgeoipgrp") {
+ return;
+ }
+
+ &Header::openbox('100%', 'left', $Lang::tr{'fwhost cust geoipgrp'});
+ &General::readhasharray("$configgeoipgrp", \%customgeoipgrp);
+ &General::readhasharray("$fwconfigfwd", \%fwfwd);
+ &General::readhasharray("$fwconfiginp", \%fwinp);
+ &General::readhasharray("$fwconfigout", \%fwout);
+ my @grp=();
+ my $helper='';
+ my $count=1;
+ my $country_code;
+ my $grpname;
+ my $remark;
+ my $number;
+ my $delflag;
+ my @counter;
+ my %hash;
+
+ # If there are no groups we are finished here.
+ if (!keys %customgeoipgrp) {
+ print "<center><b>$Lang::tr{'fwhost err emptytable'}</b>";
+ return;
+ }
+
+ # Put all groups in a hash.
+ foreach my $key (sort { ncmp($customgeoipgrp{$a}[0],$customgeoipgrp{$b}[0]) }
+ sort { ncmp($customgeoipgrp{$a}[2],$customgeoipgrp{$b}[2]) } keys %customgeoipgrp) {
+ push (@counter,$customgeoipgrp{$key}[0]);
+ }
+
+ # Increase current used key.
+ foreach my $key1 (@counter) {
+ $hash{$key1}++ ;
+ }
+
+ # Sort hash.
+ foreach my $key (sort { ncmp($customgeoipgrp{$a}[0],$customgeoipgrp{$b}[0]) }
+ sort { ncmp($customgeoipgrp{$a}[2],$customgeoipgrp{$b}[2]) } keys %customgeoipgrp) {
+ $count++;
+ if ($helper ne $customgeoipgrp{$key}[0]) {
+ $delflag='0';
+
+ foreach my $key1 (sort { ncmp($customgeoipgrp{$a}[0],$customgeoipgrp{$b}[0]) }
+ sort { ncmp($customgeoipgrp{$a}[2],$customgeoipgrp{$b}[2]) } keys %customgeoipgrp) {
+
+ if ($customgeoipgrp{$key}[0] eq $customgeoipgrp{$key1}[0])
+ {
+ $delflag++;
+ }
+ if($delflag > 1){
+ last;
+ }
+ }
+
+ $number=1;
+
+ # Groupname.
+ $grpname=$customgeoipgrp{$key}[0];
+
+ # Group remark.
+ $remark="$customgeoipgrp{$key}[1]";
+
+ # Country code.
+ $country_code="$customgeoipgrp{$key}[2]";
+
+ if ($count gt 1){
+ print"</table>";
+ $count=1;
+ }
+
+ # Display groups header.
+ print "<br><b><u>$grpname</u></b> \n";
+ print "<b>$Lang::tr{'remark'}:</b>  $remark  \n" if ($remark ne '');
+
+ # Get group count.
+ my $geoipgrpcount=&getgeoipcount($grpname);
+ print "<b>$Lang::tr{'used'}:</b> $geoipgrpcount x";
+
+ # Only display delete icon, if the group is not used by a firewall rule.
+ if($geoipgrpcount == '0') {
+ print"<form method='post' style='display:inline'>\n";
+ print"<input type='image' src='/images/delete.gif' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}' align='right' />\n";
+ print"<input type='hidden' name='grp_name' value='$grpname' >\n";
+ print"<input type='hidden' name='ACTION' value='delgeoipgrp'>\n";
+ print"</form>";
+ }
+
+ # Icon for group editing.
+print <<END;
+ <form method='post' style='display:inline'>
+ <input type='image' src='/images/edit.gif' alt='$Lang::tr{'edit'}' title='$Lang::tr{'edit'}' align='right'/>
+ <input type='hidden' name='grp_name' value='$grpname' >
+ <input type='hidden' name='remark' value='$remark' >
+ <input type='hidden' name='ACTION' value='editgeoipgrp'>
+ </form>
+
+ <table width='100%' cellspacing='0' class='tbl'>
+END
+ # Display headlines if the group contains any entries.
+ if ($country_code ne "none") {
+print <<END;
+ <tr>
+ <td width='10%' align='center'>
+ <b>$Lang::tr{'flag'}</b>
+ </td>
+
+ <td width='10%'align='center'>
+ <b>$Lang::tr{'countrycode'}</b>
+ </td>
+
+ <td width='70%'align='left'>
+ <b>$Lang::tr{'country'}</b>
+ </td>
+
+ <td width='10%' align='right'></td>
+ </tr>
+END
+ }
+ }
+
+ # Check if our group contains any entries.
+ if ($country_code eq "none") {
+ print "<tr><td>$Lang::tr{'fwhost err emptytable'}</td></tr>\n";
+ } else {
+ # Check if we are currently editing a group and assign column backgound colors.
+ my $col='';
+ if ( ($fwhostsettings{'ACTION'} eq 'editgeoipgrp' || $fwhostsettings{'update'} ne '')
+ && $fwhostsettings{'grp_name'} eq $customgeoipgrp{$key}[0]) {
+ $col="bgcolor='${Header::colouryellow}'";
+ } elsif ($count %2 == 0){
+ $col="bgcolor='$color{'color20'}'";
+ } else {
+ $col="bgcolor='$color{'color22'}'";
+ }
+
+ # Get country flag.
+ my $icon = &GeoIP::get_flag_icon($customgeoipgrp{$key}[2]);
+
+ # Print column with flag icon.
+ my $col_content;
+ if ($icon) {
+ $col_content = "<img src='$icon' alt='$customgeoipgrp{$key}[2]' title='$customgeoipgrp{$key}[2]'>";
+ } else {
+ $col_content = "<b>N/A</b>";
+ }
+
+ print "<td align='center' $col>$col_content</td>\n";
+
+ # Print column with country code.
+ print "<td align='center' $col>$customgeoipgrp{$key}[2]</td>\n";
+
+ # Print column with full country name.
+ my $country_name = &GeoIP::get_full_country_name($customgeoipgrp{$key}[2]);
+ print "<td align='left' $col>$country_name</td>\n";
+
+ # Generate from for removing entries from a group.
+ print "<td align='right' width='1%' $col><form method='post'>\n";
+
+ if ($delflag > 0){
+ print"<input type='image' src='/images/delete.gif' align='middle' alt='$Lang::tr{'delete'}' title='$Lang::tr{'delete'}'/>\n";
+
+ # Check if this group only has a single entry.
+ foreach my $key2 (keys %hash) {
+ if ($hash{$key2}<2 && $key2 eq $customgeoipgrp{$key}[0]){
+ print "<input type='hidden' name='last' value='on'>" ;
+ }
+ }
+ }
+
+ print "<input type='hidden' name='ACTION' value='deletegeoipgrpentry'>\n";
+ print "<input type='hidden' name='update' value='$fwhostsettings{'update'}'>\n";
+ print "<input type='hidden' name='delentry' value='$grpname,$remark,$customgeoipgrp{$key}[2],$customgeoipgrp{$key}[3]'>\n";
+ print "</form>\n";
+ print "</td>\n";
+ print "</tr>\n";
+ }
+
+ $helper=$customgeoipgrp{$key}[0];
+ $number++;
+ }
+
+ print"</table>\n";
+ &Header::closebox();
}
sub viewtableservice
{
}
return $srvcounter;
}
+sub getgeoipcount
+{
+ my $groupname=shift;
+ my $counter=0;
+
+ # GeoIP groups are stored as "group:groupname" in the
+ # firewall settings files.
+ my $searchstring = join(':', "group",$groupname);
+
+ # Count services used in firewall - forward
+ foreach my $key1 (keys %fwfwd) {
+ if($fwfwd{$key1}[4] eq $searchstring){
+ $counter++;
+ }
+ if($fwfwd{$key1}[6] eq $searchstring){
+ $counter++;
+ }
+ }
+ #Count services used in firewall - input
+ foreach my $key2 (keys %fwinp) {
+ if($fwinp{$key2}[4] eq $searchstring){
+ $counter++;
+ }
+ if($fwinp{$key2}[6] eq $searchstring){
+ $counter++;
+ }
+ }
+ #Count services used in firewall - outgoing
+ foreach my $key3 (keys %fwout) {
+ if($fwout{$key3}[4] eq $searchstring){
+ $counter++;
+ }
+ if($fwout{$key3}[6] eq $searchstring){
+ $counter++;
+ }
+ }
+ return $counter;
+}
sub getnetcount
{
my $searchstring=shift;
--- /dev/null
+#!/usr/bin/perl
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2014 IPFire Developemnt Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+use strict;
+# enable only the following on debugging purpose
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
+
+require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/geoip-functions.pl";
+require "${General::swroot}/lang.pl";
+require "${General::swroot}/header.pl";
+require "/usr/lib/firewall/firewall-lib.pl";
+
+my $notice;
+my $settingsfile = "${General::swroot}/firewall/geoipblock";
+
+my %color = ();
+my %mainsettings = ();
+my %settings = ();
+my %cgiparams = ();
+
+# Read configuration file.
+&General::readhash("$settingsfile", \%settings);
+
+&General::readhash("${General::swroot}/main/settings", \%mainsettings);
+&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+
+&Header::showhttpheaders();
+
+#Get GUI values
+&Header::getcgihash(\%cgiparams);
+
+# Call subfunction to get all available locations.
+my @locations = &fwlib::get_geoip_locations();
+
+if ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
+ # Check if we want to disable geoipblock.
+ if (exists $cgiparams{'GEOIPBLOCK_ENABLED'}) {
+ $settings{'GEOIPBLOCK_ENABLED'} = "on";
+ } else {
+ $settings{'GEOIPBLOCK_ENABLED'} = "off";
+ }
+
+ # Loop through our locations array to prevent from
+ # non existing countries or code.
+ foreach my $cn (@locations) {
+ # Check if blocking for this country should be enabled/disabled.
+ if (exists $cgiparams{$cn}) {
+ $settings{$cn} = "on";
+ } else {
+ $settings{$cn} = "off";
+ }
+ }
+
+ &General::writehash("$settingsfile", \%settings);
+
+ # Mark the firewall config as changed.
+ &General::firewall_config_changed();
+
+ # Assign reload notice. We directly can use
+ # the notice from p2p block.
+ $notice = $Lang::tr{'p2p block save notice'};
+}
+
+&Header::openpage($Lang::tr{'geoipblock configuration'}, 1, '');
+
+# Print notice that a firewall reload is required.
+if ($notice) {
+ &Header::openbox('100%', 'left', $Lang::tr{'notice'});
+ print "<font class='base'>$notice</font>";
+ &Header::closebox();
+}
+
+# Checkbox pre-selection.
+my $checked;
+if ($settings{'GEOIPBLOCK_ENABLED'} eq "on") {
+ $checked = "checked='checked'";
+}
+
+# Print box to enable/disable geoipblock.
+print"<form method='POST' action='$ENV{'SCRIPT_NAME'}'>\n";
+
+&Header::openbox('100%', 'center', $Lang::tr{'geoipblock'});
+print <<END;
+ <table width='95%'>
+ <tr>
+ <td width='25%' class='base'>$Lang::tr{'geoipblock enable feature'}
+ <td><input type='checkbox' name='GEOIPBLOCK_ENABLED' $checked></td>
+ </tr>
+ <tr>
+ <td colspan='2'><br></td>
+ </tr>
+ </table>
+
+ <hr>
+
+ <table width='95%'>
+ <tr>
+ <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
+ </tr>
+ </table>
+END
+
+&Header::closebox();
+
+&Header::openbox('100%', 'center', $Lang::tr{'geoipblock block countries'});
+### JAVA SCRIPT ###
+print <<END;
+<script>
+ // Function to allow checking all checkboxes at once.
+ function check_all() {
+ \$("#countries").find(":checkbox").prop("checked", true);
+ }
+
+ function uncheck_all() {
+ \$("#countries").find(":checkbox").prop("checked", false);
+ }
+</script>
+
+<table width='95%' class='tbl' id="countries">
+ <tr>
+ <td width='5%' align='center' bgcolor='$color{'color20'}'></td>
+ <td width='5%' align='center' bgcolor='$color{'color20'}'>
+ <b>$Lang::tr{'flag'}</b>
+ </td>
+ <td width='5%' align='center' bgcolor='$color{'color20'}'>
+ <b>$Lang::tr{'countrycode'}</b>
+ </td>
+ <td with='35%' align='left' bgcolor='$color{'color20'}'>
+ <b>$Lang::tr{'country'}</b>
+ </td>
+
+ <td width='5%' bgcolor='$color{'color20'}'> </td>
+
+ <td width='5%' align='center' bgcolor='$color{'color20'}'></td>
+ <td width='5%' align='center' bgcolor='$color{'color20'}'>
+ <b>$Lang::tr{'flag'}</b>
+ </td>
+ <td width='5%' align='center' bgcolor='$color{'color20'}'>
+ <b>$Lang::tr{'countrycode'}</b>
+ </td>
+ <td with='35%' align='left' bgcolor='$color{'color20'}'>
+ <b>$Lang::tr{'country'}</b>
+ </td>
+ </tr>
+END
+
+my $lines;
+my $lines2;
+my $col;
+foreach my $location (@locations) {
+ # Country code in upper case. (DE)
+ my $ccode_uc = $location;
+
+ # County code in lower case. (de)
+ my $ccode_lc = lc($location);
+
+ # Full name of the country based on the country code.
+ my $cname = &GeoIP::get_full_country_name($ccode_lc);
+
+ # Get flag icon for of the country.
+ my $flag_icon = &GeoIP::get_flag_icon($ccode_uc);
+
+ my $flag;
+ # Check if a flag for the country is available.
+ if ($flag_icon) {
+ $flag="<img src='$flag_icon' alt='$ccode_uc' title='$ccode_uc'>";
+ } else {
+ $flag="<b>N/A</b>";
+ }
+
+ # Checkbox pre-selection.
+ my $checked;
+ if ($settings{$ccode_uc} eq "on") {
+ $checked = "checked='checked'";
+ }
+
+ # Colour lines.
+ if ($lines % 2) {
+ $col="bgcolor='$color{'color20'}'";
+ } else {
+ $col="bgcolor='$color{'color22'}'";
+ }
+
+ # Grouping elements.
+ my $line_start;
+ my $line_end;
+ if ($lines2 % 2) {
+ # Increase lines (background color by once.
+ $lines++;
+
+ # Add empty column in front.
+ $line_start="<td $col> </td>";
+
+ # When the line number can be diveded by "2",
+ # we are going to close the line.
+ $line_end="</tr>";
+ } else {
+ # When the line number is not divideable by "2",
+ # we are starting a new line.
+ $line_start="<tr>";
+ $line_end;
+ }
+
+ print "$line_start<td align='center' $col><input type='checkbox' name='$ccode_uc' $checked></td>\n";
+ print "<td align='center' $col>$flag</td>\n";
+ print "<td align='center' $col>$ccode_uc</td>\n";
+ print "<td align='left' $col>$cname</td>$line_end\n";
+
+ # Finish column when the last element in the array has passed and we have an uneven amount of items.
+ if(! ($lines2 % 2) && ($location eq $locations[-1] )) {
+ print "<td $col> </td>\n";
+ print "<td $col> </td>\n";
+ print "<td $col> </td>\n";
+ print "<td $col> </td>\n";
+ print "<td $col> </td></tr>\n";
+ }
+
+$lines2++;
+}
+
+print <<END;
+</table>
+
+<table width='95%'>
+ <tr>
+ <td align='right'>
+ <a href="javascript:check_all()">$Lang::tr{'check all'}</a> /
+ <a href="javascript:uncheck_all()">$Lang::tr{'uncheck all'}</a>
+ </td>
+ </tr>
+ <tr>
+ <td align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}'></td>
+ </tr>
+</table>
+
+<hr>
+
+<table width='70%'>
+ <tr>
+ <td width='5%'><img src='/images/on.gif'></td>
+ <td>$Lang::tr{'geoipblock country is blocked'}</td>
+ <td width='5%'><img src='/images/off.gif'></td>
+ <td>$Lang::tr{'geoipblock country is allowed'}</td>
+ </tr>
+</table>
+END
+
+&Header::closebox();
+print"</form>\n";
+
+&Header::closebigbox();
+&Header::closepage();
print '</td>';
print '</tr>';
}
-if ( $netsettings{'BLUE_DEV'} ) {
+if (&Header::blue_used()) {
my $sub=&General::iporsubtocidr($netsettings{'BLUE_NETMASK'});
print <<END;
<tr>
print '</td>';
print '</tr>';
}
-if ( $netsettings{'ORANGE_DEV'} ) {
+if (&Header::orange_used()) {
my $sub=&General::iporsubtocidr($netsettings{'ORANGE_NETMASK'});
print <<END;
<tr>
#use CGI::Carp 'fatalsToBrowser';
require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/geoip-functions.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
my $comment = $3;
my $packet = $4;
- $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
- $packet =~ /DST=([\d\.]+)/; my $dstaddr=$1;
- $packet =~ /MAC=([\w+\:]+)/; my $macaddr=$1;
- $packet =~ /PROTO=(\w+)/; my $proto=$1;
- $packet =~ /SPT=(\d+)/; my $srcport=$1;
- $packet =~ /DPT=(\d+)/; my $dstport=$1;
+ my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, $dstport);
+ $iface=$1 if $packet =~ /IN=(\w+)/;
+ $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/;
+ $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/;
+ $macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
+ $proto=$1 if $packet =~ /PROTO=(\w+)/;
+ $srcport=$1 if $packet =~ /SPT=(\d+)/;
+ $dstport=$1 if $packet =~ /DPT=(\d+)/;
my $gi = Geo::IP::PurePerl->new();
my $ccode = $gi->country_code_by_name($srcaddr);
<td align='center' $col>$srcport<br/>$dstport</td>
END
;
- if ( $fcode ne "" ){
- print "<td align='center' $col><a href='../country.cgi#$fcode'><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$ccode'></a></td>";}
- else {
- print "<td align='center' $col></td>";}
+ # Get flag icon for of the country.
+ my $flag_icon = &GeoIP::get_flag_icon($fcode);
+
+ if ( $flag_icon) {
+ print "<td align='center' $col><a href='../country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode'></a></td>";
+ } else {
+ print "<td align='center' $col></td>";
+ }
+
print <<END
<td align='center' $col>$macaddr</td>
</tr>
#use CGI::Carp 'fatalsToBrowser';
require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/geoip-functions.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
print "<td align='center' $col>$key[$s]</td>";
}
else {
- if($key[$s] ne 'unknown' ) {
- my $fcode = lc($key[$s]);
- print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$key[$s]' title='$key[$s]'></a></td>";}
- else {
- print "<td align='center' $col>$key[$s]</td>";
+ my $fcode = lc($key[$s]);
+
+ # Get flag icon for of the country.
+ my $flag_icon = &GeoIP::get_flag_icon($fcode);
+
+ if($flag_icon) {
+ print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$key[$s]' title='$key[$s]'></a></td>";
+ } else {
+ print "<td align='center' $col>$key[$s]</td>";
}
}
print "<td align='center' $col>$value[$s]</td>";
#use CGI::Carp 'fatalsToBrowser';
require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/geoip-functions.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
$color++;
print "<td align='center' $col><form method='post' action='showrequestfromip.dat'><input type='hidden' name='MONTH' value='$cgiparams{'MONTH'}'> <input type='hidden' name='DAY' value='$cgiparams{'DAY'}'> <input type='hidden' name='ip' value='$key[$s]'> <input type='submit' value='$Lang::tr{'details'}'></form></td>";
print "<td align='center' $col><a href='/cgi-bin/ipinfo.cgi?ip=$key[$s]'>$key[$s]</a></td>";
- if ( $fcode ne "" ){
- print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='/images/flags/$fcode.png' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>";}
- else {
- print "<td align='center' $col></td>";}
- print "<td align='center' $col>$value[$s]</td>";
- print "<td align='center' $col>$percent</td>";
- print "</tr>";
+
+ # Get flag icon for of the country.
+ my $flag_icon = &GeoIP::get_flag_icon($ccode);
+
+ if ( $flag_icon ) {
+ print "<td align='center' $col><a href='/cgi-bin/country.cgi#$fcode'><img src='$flag_icon' border='0' align='absmiddle' alt='$ccode' title='$ccode'></a></td>";
+ } else {
+ print "<td align='center' $col></td>";
+ }
+
+ print "<td align='center' $col>$value[$s]</td>";
+ print "<td align='center' $col>$percent</td>";
+ print "</tr>";
}
if($cgiparams{'otherspie'} == 2 ){}
###############################################################################
use strict;
-
+use URI::Escape;
# enable only the following on debugging purpose
#use warnings;
#use CGI::Carp 'fatalsToBrowser';
my @vpns=();
-my @querry = split(/\?/,$ENV{'QUERY_STRING'});
+my @querry = split(/\?/,uri_unescape($ENV{'QUERY_STRING'}));
$querry[0] = '' unless defined $querry[0];
$querry[1] = 'week' unless defined $querry[1];
&Graphs::updatevpngraph($querry[0],$querry[1]);
}else{
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'host to net vpn'}, 1, '');
+ &Header::openpage($Lang::tr{'vpn statistic rw'}, 1, '');
&Header::openbigbox('100%', 'left');
- my @vpngraphs = `find /var/log/rrd/collectd/localhost/openvpn-*/ -not -path *openvpn-UNDEF* -not -path *openvpn-*n2n* -name *.rrd|sort`;
+ my @vpngraphs = `find /var/log/rrd/collectd/localhost/openvpn-*/ -not -path *openvpn-UNDEF* -not -path *openvpn-*n2n* -name *.rrd 2>/dev/null|sort`;
foreach (@vpngraphs){
if($_ =~ /(.*)\/openvpn-(.*)\/if_octets_derive.rrd/){
push(@vpns,$2);
if(@vpns){
foreach (@vpns) {
&Header::openbox('100%', 'center', "$_ $Lang::tr{'graph'}");
- &Graphs::makegraphbox("netovpnrw.cgi",$_,"week");
+ &Graphs::makegraphbox("netovpnrw.cgi",$_, "day");
&Header::closebox();
}
}else{
&Graphs::updatevpnn2ngraph($querry[0],$querry[1]);
}else{
&Header::showhttpheaders();
- &Header::openpage($Lang::tr{'openvpn server'}, 1, '');
+ &Header::openpage($Lang::tr{'vpn statistic n2n'}, 1, '');
&Header::openbigbox('100%', 'left');
- my @vpngraphs = `find /var/log/rrd/collectd/localhost/openvpn-*-n2n/ -not -path *openvpn-UNDEF* -name *traffic.rrd|sort`;
+ my @vpngraphs = `find /var/log/rrd/collectd/localhost/openvpn-*-n2n/ -not -path *openvpn-UNDEF* -name *traffic.rrd 2>/dev/null|sort`;
foreach (@vpngraphs){
if($_ =~ /(.*)\/openvpn-(.*)\/if_octets_derive-traffic.rrd/){
push(@vpns,$2);
if (@vpns){
foreach (@vpns) {
&Header::openbox('100%', 'center', "$_ $Lang::tr{'graph'}");
- &Graphs::makegraphbox("netovpnsrv.cgi",$_,"week");
+ &Graphs::makegraphbox("netovpnsrv.cgi",$_, "day",320);
&Header::closebox();
}
}else{
print CONF "writepid /var/run/openvpn.pid\n";
print CONF "#DAN prepare OpenVPN for listening on blue and orange\n";
print CONF ";local $sovpnsettings{'VPN_IP'}\n";
- print CONF "dev $sovpnsettings{'DDEVICE'}\n";
+ print CONF "dev tun\n";
print CONF "proto $sovpnsettings{'DPROTOCOL'}\n";
print CONF "port $sovpnsettings{'DDEST_PORT'}\n";
print CONF "script-security 3 system\n";
# Check if we are using mssfix, fragment or mtu-disc and set the corretct mtu of 1500.
# If we doesn't use one of them, we can use the configured mtu value.
if ($sovpnsettings{'MSSFIX'} eq 'on')
- { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ { print CONF "tun-mtu 1500\n"; }
elsif ($sovpnsettings{'FRAGMENT'} ne '' && $sovpnsettings{'DPROTOCOL'} ne 'tcp')
- { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ { print CONF "tun-mtu 1500\n"; }
elsif (($sovpnsettings{'PMTU_DISCOVERY'} eq 'yes') ||
($sovpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
($sovpnsettings{'PMTU_DISCOVERY'} eq 'no' ))
- { print CONF "$sovpnsettings{'DDEVICE'}-mtu 1500\n"; }
+ { print CONF "tun-mtu 1500\n"; }
else
- { print CONF "$sovpnsettings{'DDEVICE'}-mtu $sovpnsettings{'DMTU'}\n"; }
+ { print CONF "tun-mtu $sovpnsettings{'DMTU'}\n"; }
if ($vpnsettings{'ROUTES_PUSH'} ne '') {
@temp = split(/\n/,$vpnsettings{'ROUTES_PUSH'});
}
}
+sub writecollectdconf {
+ my $vpncollectd;
+ my %ccdhash=();
+
+ open(COLLECTDVPN, ">${General::swroot}/ovpn/collectd.vpn") or die "Unable to open collectd.vpn: $!";
+ print COLLECTDVPN "Loadplugin openvpn\n";
+ print COLLECTDVPN "\n";
+ print COLLECTDVPN "<Plugin openvpn>\n";
+ print COLLECTDVPN "Statusfile \"/var/run/ovpnserver.log\"\n";
+
+ &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ccdhash);
+ foreach my $key (keys %ccdhash) {
+ if ($ccdhash{$key}[0] eq 'on' && $ccdhash{$key}[3] eq 'net') {
+ print COLLECTDVPN "Statusfile \"/var/run/openvpn/$ccdhash{$key}[1]-n2n\"\n";
+ }
+ }
+
+ print COLLECTDVPN "</Plugin>\n";
+ close(COLLECTDVPN);
+
+ # Reload collectd afterwards
+ system("/usr/local/bin/collectdctrl restart &>/dev/null");
+}
#hier die refresh page
if ( -e "${General::swroot}/ovpn/gencanow") {
$vpnsettings{'VPN_IP'} = $cgiparams{'VPN_IP'};
#new settings for daemon
$vpnsettings{'DOVPN_SUBNET'} = $cgiparams{'DOVPN_SUBNET'};
- $vpnsettings{'DDEVICE'} = $cgiparams{'DDEVICE'};
$vpnsettings{'DPROTOCOL'} = $cgiparams{'DPROTOCOL'};
$vpnsettings{'DDEST_PORT'} = $cgiparams{'DDEST_PORT'};
$vpnsettings{'DMTU'} = $cgiparams{'DMTU'};
my $file = '';
&General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+ # Kill all N2N connections
+ system("/usr/local/bin/openvpnctrl -kn2n &>/dev/null");
+
foreach my $key (keys %confighash) {
+ my $name = $confighash{$cgiparams{'$key'}}[1];
+
if ($confighash{$key}[4] eq 'cert') {
delete $confighash{$cgiparams{'$key'}};
}
+
+ system ("/usr/local/bin/openvpnctrl -drrd $name");
}
while ($file = glob("${General::swroot}/ovpn/ca/*")) {
unlink $file;
while ($file = glob("${General::swroot}/ovpn/ccd/*")) {
unlink $file
}
-# Delete all RRD files for Roadwarrior connections
- chdir('/var/ipfire/ovpn/ccd');
- while ($file = glob("*")) {
- system ("/usr/local/bin/openvpnctrl -drrd $file");
- }
while ($file = glob("${General::swroot}/ovpn/ccd/*")) {
unlink $file
}
system ("rm -rf $file");
}
+ # Remove everything from the collectd configuration
+ &writecollectdconf();
+
#&writeserverconf();
###
### Reset all step 1
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
- system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$cgiparams{'KEY'}}[1]);
+ system('/usr/local/bin/openvpnctrl', '-sn2n', $confighash{$cgiparams{'KEY'}}[1]);
+ &writecollectdconf();
}
} else {
&General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
if ($confighash{$cgiparams{'KEY'}}[3] eq 'net'){
- if ($n2nactive ne ''){
- system('/usr/local/bin/openvpnctrl', '-kn2n', $confighash{$cgiparams{'KEY'}}[1]);
- }
+ if ($n2nactive ne '') {
+ system('/usr/local/bin/openvpnctrl', '-kn2n', $confighash{$cgiparams{'KEY'}}[1]);
+ &writecollectdconf();
+ }
} else {
- $errormessage = $Lang::tr{'invalid key'};
+ $errormessage = $Lang::tr{'invalid key'};
}
- }
+ }
}
###
print CLIENTCONF "# Server Gateway Network\n";
print CLIENTCONF "route $remsubnet[0] $remsubnet[1]\n";
print CLIENTCONF "# tun Device\n";
- print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\n";
+ print CLIENTCONF "dev tun\n";
print CLIENTCONF "# Port and Protokoll\n";
print CLIENTCONF "port $confighash{$cgiparams{'KEY'}}[29]\n";
print CLIENTCONF "tls-client\r\n";
print CLIENTCONF "client\r\n";
print CLIENTCONF "nobind\r\n";
- print CLIENTCONF "dev $vpnsettings{'DDEVICE'}\r\n";
+ print CLIENTCONF "dev tun\r\n";
print CLIENTCONF "proto $vpnsettings{'DPROTOCOL'}\r\n";
# Check if we are using fragment, mssfix or mtu-disc and set MTU to 1500
# or use configured value.
if ($vpnsettings{FRAGMENT} ne '' && $vpnsettings{DPROTOCOL} ne 'tcp' )
- { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\r\n"; }
+ { print CLIENTCONF "tun-mtu 1500\r\n"; }
elsif ($vpnsettings{MSSFIX} eq 'on')
- { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\r\n"; }
+ { print CLIENTCONF "tun-mtu 1500\r\n"; }
elsif (($vpnsettings{'PMTU_DISCOVERY'} eq 'yes') ||
($vpnsettings{'PMTU_DISCOVERY'} eq 'maybe') ||
($vpnsettings{'PMTU_DISCOVERY'} eq 'no' ))
- { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu 1500\r\n"; }
+ { print CLIENTCONF "tun-mtu 1500\r\n"; }
else
- { print CLIENTCONF "$vpnsettings{'DDEVICE'}-mtu $vpnsettings{'DMTU'}\r\n"; }
+ { print CLIENTCONF "tun-mtu $vpnsettings{'DMTU'}\r\n"; }
if ( $vpnsettings{'ENABLED'} eq 'on'){
print CLIENTCONF "remote $vpnsettings{'VPN_IP'} $vpnsettings{'DDEST_PORT'}\r\n";
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+ &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
+ &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- if ($confighash{$cgiparams{'KEY'}}) {
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
-# }
-#
- my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
+ if ($confighash{$cgiparams{'KEY'}}) {
+ # Revoke certificate if certificate was deleted and rewrite the CRL
+ my $temp = `/usr/bin/openssl ca -revoke ${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
+ my $tempA = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
###
# m.a.d net2net
###
-if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
- my $conffile = glob("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]/$confighash{$cgiparams{'KEY'}}[1].conf");
- my $certfile = glob("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
- unlink ($certfile);
- unlink ($conffile);
+ if ($confighash{$cgiparams{'KEY'}}[3] eq 'net') {
+ # Stop the N2N connection before it is removed
+ system("/usr/local/bin/openvpnctrl -kn2n $confighash{$cgiparams{'KEY'}}[1] &>/dev/null");
- if (-e "${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") {
- rmdir ("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") || die "Kann Verzeichnis nicht loeschen: $!";
- }
-}
+ my $conffile = glob("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]/$confighash{$cgiparams{'KEY'}}[1].conf");
+ my $certfile = glob("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
+ unlink ($certfile);
+ unlink ($conffile);
+
+ if (-e "${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") {
+ rmdir ("${General::swroot}/ovpn/n2nconf/$confighash{$cgiparams{'KEY'}}[1]") || die "Kann Verzeichnis nicht loeschen: $!";
+ }
+ }
- unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
- unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
+ unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
+ unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
# A.Marx CCD delete ccd files and routes
-
- if (-f "${General::swroot}/ovpn/ccd/$confighash{$cgiparams{'KEY'}}[2]")
- {
- unlink "${General::swroot}/ovpn/ccd/$confighash{$cgiparams{'KEY'}}[2]";
- }
-
- &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
- foreach my $key (keys %ccdroutehash) {
- if ($ccdroutehash{$key}[0] eq $confighash{$cgiparams{'KEY'}}[1]){
- delete $ccdroutehash{$key};
+ if (-f "${General::swroot}/ovpn/ccd/$confighash{$cgiparams{'KEY'}}[2]")
+ {
+ unlink "${General::swroot}/ovpn/ccd/$confighash{$cgiparams{'KEY'}}[2]";
}
- }
- &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
- &General::readhasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
- foreach my $key (keys %ccdroute2hash) {
- if ($ccdroute2hash{$key}[0] eq $confighash{$cgiparams{'KEY'}}[1]){
- delete $ccdroute2hash{$key};
+ &General::readhasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
+ foreach my $key (keys %ccdroutehash) {
+ if ($ccdroutehash{$key}[0] eq $confighash{$cgiparams{'KEY'}}[1]){
+ delete $ccdroutehash{$key};
+ }
}
- }
- &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
- &writeserverconf;
-
+ &General::writehasharray("${General::swroot}/ovpn/ccdroute", \%ccdroutehash);
-# CCD end
+ &General::readhasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
+ foreach my $key (keys %ccdroute2hash) {
+ if ($ccdroute2hash{$key}[0] eq $confighash{$cgiparams{'KEY'}}[1]){
+ delete $ccdroute2hash{$key};
+ }
+ }
+ &General::writehasharray("${General::swroot}/ovpn/ccdroute2", \%ccdroute2hash);
+ &writeserverconf;
-###
-### Delete all RRD's for client
-###
- system ("/usr/local/bin/openvpnctrl -drrd $confighash{$cgiparams{'KEY'}}[1]");
- delete $confighash{$cgiparams{'KEY'}};
- my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+# CCD end
+ # Update collectd configuration and delete all RRD files of the removed connection
+ &writecollectdconf();
+ system ("/usr/local/bin/openvpnctrl -drrd $confighash{$cgiparams{'KEY'}}[1]");
- #&writeserverconf();
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
+ delete $confighash{$cgiparams{'KEY'}};
+ my $temp2 = `/usr/bin/openssl ca -gencrl -out ${General::swroot}/ovpn/crls/cacrl.pem -config ${General::swroot}/ovpn/openssl/ovpn.cnf`;
+ &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
+
+ } else {
+ $errormessage = $Lang::tr{'invalid key'};
+ }
&General::firewall_reload();
###
$errormessage = $Lang::tr{'invalid key'};
}
-###
-### Remove connection
-###
-} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'remove'}) {
- &General::readhash("${General::swroot}/ovpn/settings", \%vpnsettings);
- &General::readhasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
-
- if ($confighash{$cgiparams{'KEY'}}) {
-# if ($vpnsettings{'ENABLED'} eq 'on' ||
-# $vpnsettings{'ENABLED_BLUE'} eq 'on') {
-# system('/usr/local/bin/ipsecctrl', 'D', $cgiparams{'KEY'});
-# }
- unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
- unlink ("${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12");
- delete $confighash{$cgiparams{'KEY'}};
- &General::writehasharray("${General::swroot}/ovpn/ovpnconfig", \%confighash);
- #&writeserverconf();
- } else {
- $errormessage = $Lang::tr{'invalid key'};
- }
-#test33
-
-###
-### Choose between adding a host-net or net-net connection
-###
-
###
# m.a.d net2net
###
@firen2nconf = <FILE>;
close (FILE);
chomp(@firen2nconf);
-
} else {
$errormessage = "Filecount does not match only 2 files are allowed\n";
unless(-d "${General::swroot}/ovpn/n2nconf/"){mkdir "${General::swroot}/ovpn/n2nconf", 0755 or die "Unable to create dir $!";}
unless(-d "${General::swroot}/ovpn/n2nconf/$n2nname[0]"){mkdir "${General::swroot}/ovpn/n2nconf/$n2nname[0]", 0770 or die "Unable to create dir $!";}
+ #Add collectd settings to configfile
+ open(FILE, ">> $tempdir/$uplconffilename") or die 'Unable to open config file.';
+ print FILE "# Logfile\n";
+ print FILE "status-version 1\n";
+ print FILE "status /var/run/openvpn/$n2nname[0]-n2n 10\n";
+ close FILE;
+
move("$tempdir/$uplconffilename", "${General::swroot}/ovpn/n2nconf/$n2nname[0]/$uplconffilename2");
if ($? ne 0) {
$checked{'ENABLED_ORANGE'}{'off'} = '';
$checked{'ENABLED_ORANGE'}{'on'} = '';
$checked{'ENABLED_ORANGE'}{$cgiparams{'ENABLED_ORANGE'}} = 'CHECKED';
- $selected{'DDEVICE'}{'tun'} = '';
- $selected{'DDEVICE'}{'tap'} = '';
- $selected{'DDEVICE'}{$cgiparams{'DDEVICE'}} = 'SELECTED';
$selected{'DPROTOCOL'}{'udp'} = '';
$selected{'DPROTOCOL'}{'tcp'} = '';
print <<END;
<tr><td class='base' nowrap='nowrap' colspan='2'>$Lang::tr{'local vpn hostname/ip'}:<br /><input type='text' name='VPN_IP' value='$cgiparams{'VPN_IP'}' size='30' /></td>
<td class='boldbase' nowrap='nowrap' colspan='2'>$Lang::tr{'ovpn subnet'}<br /><input type='TEXT' name='DOVPN_SUBNET' value='$cgiparams{'DOVPN_SUBNET'}' size='30' /></td></tr>
- <tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'ovpn device'}</td>
- <td><select name='DDEVICE' ><option value='tun' $selected{'DDEVICE'}{'tun'}>TUN</option>
- <!-- this is still not working
- <option value='tap' $selected{'DDEVICE'}{'tap'}>TAP</option></select>--> </td>
<tr><td class='boldbase' nowrap='nowrap'>$Lang::tr{'protocol'}</td>
<td><select name='DPROTOCOL'><option value='udp' $selected{'DPROTOCOL'}{'udp'}>UDP</option>
<option value='tcp' $selected{'DPROTOCOL'}{'tcp'}>TCP</option></select></td>
}
print <<END
- <hr size='1'>
+
+ <br><hr><br>
+
<form method='post' enctype='multipart/form-data'>
- <table width='100%' border='0'cellspacing='1' cellpadding='0'>
- <tr>
- <td class'base'><b>$Lang::tr{'upload ca certificate'}</b></td>
- </tr>
- <tr>
- <td class='base' nowrap='nowrap'>$Lang::tr{'ca name'}:</td>
- <td nowrap='nowrap'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'/></td>
- <td nowrap='nowrap'><input type='file' name='FH' size='25' />
- <td nowrap='nowrap' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}' /></td>
- </tr>
+ <table border='0' width='100%'>
+ <tr>
+ <td colspan='4'><b>$Lang::tr{'upload ca certificate'}</b></td>
+ </tr>
- <tr align='right'>
- <td colspan='4' align='right' width='80%'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>
- </tr>
+ <tr>
+ <td width='10%'>$Lang::tr{'ca name'}:</td>
+ <td width='30%'><input type='text' name='CA_NAME' value='$cgiparams{'CA_NAME'}' size='15' align='left'></td>
+ <td width='30%'><input type='file' name='FH' size='25'>
+ <td width='30%'align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload ca certificate'}'></td>
+ </tr>
- <tr><td colspan=4><hr /></td></tr><tr>
- <tr>
- <td class'base'><b>$Lang::tr{'ovpn dh parameters'}</b></td>
- </tr>
+ <tr>
+ <td colspan='3'> </td>
+ <td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'show crl'}' /></td>
+ </tr>
+ </table>
- <tr>
- <td class='base' nowrap='nowrap'>$Lang::tr{'ovpn dh upload'}:</td>
- <td nowrap='nowrap'><size='15' align='left'/></td>
- <td nowrap='nowrap'><input type='file' name='FH' size='25' />
- <td colspan='4' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload dh key'}' /></td>
- </tr>
- <tr>
- <td class='base' nowrap='nowrap'>$Lang::tr{'ovpn dh new key'}:</td>
- <td nowrap='nowrap'><size='15' align='left'/></td>
- <td nowrap='nowrap'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
- </tr>
- </table>
+ <br>
+
+ <table border='0' width='100%'>
+ <tr>
+ <td colspan='4'><b>$Lang::tr{'ovpn dh parameters'}</b></td>
+ </tr>
+
+ <tr>
+ <td width='40%'>$Lang::tr{'ovpn dh upload'}:</td>
+ <td width='30%'><input type='file' name='FH' size='25'>
+ <td width='30%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'upload dh key'}'></td>
+ </tr>
+
+ <tr>
+ <td width='40%'>$Lang::tr{'ovpn dh new key'}:</td>
+ <td colspan='2' width='60%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'generate dh key'}' /></td>
+ </tr>
+ </table>
+ </form>
- <tr><td colspan=4><hr /></td></tr><tr>
+ <br><hr>
END
;
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<input type='image' alt='$Lang::tr{'reload'}' title='$Lang::tr{'reload'}' src='/images/view-refresh.png' />
</form>
- <tr><td colspan='2' align='left'><pre>
+ <tr><td colspan='2' align='left'><code>
END
my @output = `grep pakfire /var/log/messages | tail -20`;
foreach (@output) {
- print "$_";
+ print "$_<br>";
}
print <<END;
- </pre>
+ </code>
</table>
END
&Header::closebox();
<td colspan='4' width='100%' bgcolor='$color{'color20'}'><b>$Lang::tr{'pptp settings'}</b></td>
</tr>
<tr>
- <td width='25%'>Peer</td>
+ <td width='25%'>$Lang::tr{'pptp peer'}:</td>
<td colspan='3'><input size=50 type='text' name='PPTP_PEER' value='$pppsettings{'PPTP_PEER'}' /></td>
</tr>
<tr>
- <td width='25%'>My Netconfig</td>
+ <td width='25%'>$Lang::tr{'pptp netconfig'}:</td>
<td colspan='3'><input size=50 type='text' name='PPTP_NICCFG' value='$pppsettings{'PPTP_NICCFG'}' /></td>
</tr>
<tr>
- <td width='25%'>PPTP Route <img src='/blob.gif' alt='*' /></td>
+ <td width='25%'>$Lang::tr{'pptp route'}: <img src='/blob.gif' alt='*' /></td>
<td colspan='3'><input size=50 type='text' name='PPTP_ROUTE' value='$pppsettings{'PPTP_ROUTE'}' /></td>
</tr>
# mdadm should not stopped with webif because this could crash the system
#
chomp($_);
+ if ( $_ eq 'squid' ) {
+ next;
+ }
if ( ($_ ne "alsa") && ($_ ne "mdadm") ) {
$lines++;
if ($lines % 2){
###############################################################################
use strict;
-use Locale::Country;
+use Locale::Codes::Country;
# enable only the following on debugging purpose
use warnings;
<option value=''>- $Lang::tr{'tor exit country any'} -</option>
END
- my @country_names = Locale::Country::all_country_names();
+ my @country_names = Locale::Codes::Country::all_country_names();
foreach my $country_name (sort @country_names) {
- my $country_code = Locale::Country::country2code($country_name);
+ my $country_code = Locale::Codes::Country::country2code($country_name);
$country_code = uc($country_code);
print "<option value='$country_code'";
print CONF "\n";
# Add user includes to config file
- print CONF "include /etc/ipsec.user.conf\n";
- print CONF "\n";
+ if (-e "/etc/ipsec.user.conf") {
+ print CONF "include /etc/ipsec.user.conf\n";
+ print CONF "\n";
+ }
print SECRETS "include /etc/ipsec.user.secrets\n";
# Algorithms
if ($lconfighash{$key}[18] && $lconfighash{$key}[19] && $lconfighash{$key}[20]) {
- print CONF "\tike=";
- my @encs = split('\|', $lconfighash{$key}[18]);
- my @ints = split('\|', $lconfighash{$key}[19]);
- my @groups = split('\|', $lconfighash{$key}[20]);
- my $comma = 0;
- foreach my $i (@encs) {
- foreach my $j (@ints) {
- foreach my $k (@groups) {
- if ($comma != 0) { print CONF ","; } else { $comma = 1; }
-
- my @l = split("", $k);
- if ($l[0] eq "e") {
- shift @l;
- print CONF "$i-$j-ecp".join("", @l);
- } else {
- print CONF "$i-$j-modp$k";
- }
- }
- }
- }
- if ($lconfighash{$key}[24] eq 'on') { #only proposed algorythms?
- print CONF "!\n";
- } else {
- print CONF "\n";
- }
+ my @encs = split('\|', $lconfighash{$key}[18]);
+ my @ints = split('\|', $lconfighash{$key}[19]);
+ my @groups = split('\|', $lconfighash{$key}[20]);
+
+ my @algos = &make_algos("ike", \@encs, \@ints, \@groups, 1);
+ print CONF "\tike=" . join(",", @algos);
+
+ if ($lconfighash{$key}[24] eq 'on') { #only proposed algorythms?
+ print CONF "!\n";
+ } else {
+ print CONF "\n";
+ }
}
+
if ($lconfighash{$key}[21] && $lconfighash{$key}[22]) {
- print CONF "\tesp=";
- my @encs = split('\|', $lconfighash{$key}[21]);
- my @ints = split('\|', $lconfighash{$key}[22]);
- my @groups = split('\|', $lconfighash{$key}[20]);
- my $comma = 0;
- foreach my $i (@encs) {
- foreach my $j (@ints) {
- my $modp = "";
- if ($pfs eq "on") {
- foreach my $k (@groups) {
- if ($comma != 0) { print CONF ","; } else { $comma = 1; }
- if ($pfs eq "on") {
- my @l = split("", $k);
- if ($l[0] eq "e") {
- $modp = "";
- } else {
- $modp = "-modp$k";
- }
- } else {
- $modp = "";
- }
- print CONF "$i-$j$modp";
- }
- } else {
- if ($comma != 0) { print CONF ","; } else { $comma = 1; }
- print CONF "$i-$j";
- }
+ my @encs = split('\|', $lconfighash{$key}[21]);
+ my @ints = split('\|', $lconfighash{$key}[22]);
+ my @groups = split('\|', $lconfighash{$key}[20]);
+
+ my @algos = &make_algos("esp", \@encs, \@ints, \@groups, ($pfs eq "on"));
+ print CONF "\tesp=" . join(",", @algos);
+
+ if ($lconfighash{$key}[24] eq 'on') { #only proposed algorythms?
+ print CONF "!\n";
+ } else {
+ print CONF "\n";
}
- }
- if ($lconfighash{$key}[24] eq 'on') { #only proposed algorythms?
- print CONF "!\n";
- } else {
- print CONF "\n";
- }
}
# IKE V1 or V2
print CONF "\tdpddelay=0\n";
}
} else {
- my $dpddelay = $lconfighash{$key}[30];
+ my $dpddelay = $lconfighash{$key}[31];
if (!$dpddelay) {
$dpddelay = 30;
}
print CONF "\tdpddelay=$dpddelay\n";
- my $dpdtimeout = $lconfighash{$key}[31];
+ my $dpdtimeout = $lconfighash{$key}[30];
if (!$dpdtimeout) {
$dpdtimeout = 120;
}
} else {
print CONF "\tauto=start\n";
}
+
+ # Fragmentation
+ print CONF "\tfragmentation=yes\n";
+
print CONF "\n";
}#foreach key
if (!$errormessage) {
&General::log("ipsec", "Creating cacert...");
if (open(STDIN, "-|")) {
- my $opt = " req -x509 -nodes -rand /proc/interrupts:/proc/net/rt_cache";
+ my $opt = " req -x509 -sha256 -nodes";
$opt .= " -days 999999";
- $opt .= " -newkey rsa:2048";
+ $opt .= " -newkey rsa:4096";
$opt .= " -keyout ${General::swroot}/private/cakey.pem";
$opt .= " -out ${General::swroot}/ca/cacert.pem";
if (!$errormessage) {
&General::log("ipsec", "Creating host cert...");
if (open(STDIN, "-|")) {
- my $opt = " req -nodes -rand /proc/interrupts:/proc/net/rt_cache";
- $opt .= " -newkey rsa:1024";
+ my $opt = " req -sha256 -nodes";
+ $opt .= " -newkey rsa:2048";
$opt .= " -keyout ${General::swroot}/certs/hostkey.pem";
$opt .= " -out ${General::swroot}/certs/hostreq.pem";
$errormessage = &callssl ($opt);
print $fh "subjectAltName=$cgiparams{'SUBJECTALTNAME'}" if ($cgiparams{'SUBJECTALTNAME'});
close ($fh);
- my $opt = " ca -days 999999";
+ my $opt = " ca -md sha256 -days 999999";
$opt .= " -batch -notext";
$opt .= " -in ${General::swroot}/certs/hostreq.pem";
$opt .= " -out ${General::swroot}/certs/hostcert.pem";
# Sign the certificate request
&General::log("ipsec", "Signing your cert $cgiparams{'NAME'}...");
- my $opt = " ca -days 999999";
+ my $opt = " ca -md sha256 -days 999999";
$opt .= " -batch -notext";
$opt .= " -in $filename";
$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}cert.pem";
(my $city = $cgiparams{'CERT_CITY'}) =~ s/^\s*$/\./;
(my $state = $cgiparams{'CERT_STATE'}) =~ s/^\s*$/\./;
- # Create the Host certificate request
+ # Create the Client certificate request
&General::log("ipsec", "Creating a cert...");
if (open(STDIN, "-|")) {
my $opt = " req -nodes -rand /proc/interrupts:/proc/net/rt_cache";
- $opt .= " -newkey rsa:1024";
+ $opt .= " -newkey rsa:2048";
$opt .= " -keyout ${General::swroot}/certs/$cgiparams{'NAME'}key.pem";
$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}req.pem";
exit (0);
}
- # Sign the host certificate request
+ # Sign the client certificate request
&General::log("ipsec", "Signing the cert $cgiparams{'NAME'}...");
#No easy way for specifying the contain of subjectAltName without writing a config file...
basicConstraints=CA:FALSE
nsComment="OpenSSL Generated Certificate"
subjectKeyIdentifier=hash
+ extendedKeyUsage=clientAuth
authorityKeyIdentifier=keyid,issuer:always
END
;
print $fh "subjectAltName=$cgiparams{'SUBJECTALTNAME'}" if ($cgiparams{'SUBJECTALTNAME'});
close ($fh);
- my $opt = " ca -days 999999 -batch -notext";
+ my $opt = " ca -md sha256 -days 999999 -batch -notext";
$opt .= " -in ${General::swroot}/certs/$cgiparams{'NAME'}req.pem";
$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}cert.pem";
$opt .= " -extfile $v3extname";
$cgiparams{'REMOTE_ID'} = '';
#use default advanced value
- $cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|3des'; #[18];
- $cgiparams{'IKE_INTEGRITY'} = 'sha2_256|sha|md5'; #[19];
+ $cgiparams{'IKE_ENCRYPTION'} = 'aes256gcm128|aes256gcm96|aes256gcm64|aes256|aes192gcm128|aes192gcm96|aes192gcm64|aes192|aes128gcm128|aes128gcm96|aes128gcm64|aes128'; #[18];
+ $cgiparams{'IKE_INTEGRITY'} = 'sha2_512|sha2_256|sha'; #[19];
$cgiparams{'IKE_GROUPTYPE'} = '4096|3072|2048|1536|1024'; #[20];
$cgiparams{'IKE_LIFETIME'} = '3'; #[16];
- $cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|3des'; #[21];
- $cgiparams{'ESP_INTEGRITY'} = 'sha2_256|sha1|md5'; #[22];
+ $cgiparams{'ESP_ENCRYPTION'} = 'aes256gcm128|aes256gcm96|aes256gcm64|aes256|aes192gcm128|aes192gcm96|aes192gcm64|aes192|aes128gcm128|aes128gcm96|aes128gcm64|aes128'; #[21];
+ $cgiparams{'ESP_INTEGRITY'} = 'sha2_512|sha2_256|sha1'; #[22];
$cgiparams{'ESP_GROUPTYPE'} = ''; #[23];
$cgiparams{'ESP_KEYLIFE'} = '1'; #[17];
$cgiparams{'COMPRESSION'} = 'on'; #[13];
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes192|aes128|3des|camellia256|camellia192|camellia128)$/) {
+ if ($val !~ /^(aes(256|192|128)(gcm(128|96|64))?|3des|camellia(256|192|128))$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(sha2_512|sha2_384|sha2_256|sha|md5|aesxcbc)$/) {
+ if ($val !~ /^(sha2_(512|384|256)|sha|md5|aesxcbc)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
$errormessage = $Lang::tr{'invalid input for ike lifetime'};
goto ADVANCED_ERROR;
}
- if ($cgiparams{'IKE_LIFETIME'} < 1 || $cgiparams{'IKE_LIFETIME'} > 24) {
- $errormessage = $Lang::tr{'ike lifetime should be between 1 and 24 hours'};
+ if ($cgiparams{'IKE_LIFETIME'} < 1 || $cgiparams{'IKE_LIFETIME'} > 8) {
+ $errormessage = $Lang::tr{'ike lifetime should be between 1 and 8 hours'};
goto ADVANCED_ERROR;
}
@temp = split('\|', $cgiparams{'ESP_ENCRYPTION'});
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes192|aes128|3des|camellia256|camellia192|camellia128)$/) {
+ if ($val !~ /^(aes(256|192|128)(gcm(128|96|64))?|3des|camellia(256|192|128))$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(sha2_512|sha2_384|sha2_256|sha1|md5|aesxcbc)$/) {
+ if ($val !~ /^(sha2_(512|384|256)|sha1|md5|aesxcbc)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
$checked{'IKE_ENCRYPTION'}{'aes256'} = '';
$checked{'IKE_ENCRYPTION'}{'aes192'} = '';
$checked{'IKE_ENCRYPTION'}{'aes128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm64'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm64'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm64'} = '';
$checked{'IKE_ENCRYPTION'}{'3des'} = '';
$checked{'IKE_ENCRYPTION'}{'camellia256'} = '';
$checked{'IKE_ENCRYPTION'}{'camellia192'} = '';
$checked{'ESP_ENCRYPTION'}{'aes256'} = '';
$checked{'ESP_ENCRYPTION'}{'aes192'} = '';
$checked{'ESP_ENCRYPTION'}{'aes128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm64'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm64'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm64'} = '';
$checked{'ESP_ENCRYPTION'}{'3des'} = '';
$checked{'ESP_ENCRYPTION'}{'camellia256'} = '';
$checked{'ESP_ENCRYPTION'}{'camellia192'} = '';
<td class='boldbase' width="15%">$Lang::tr{'encryption'}</td>
<td class='boldbase'>
<select name='IKE_ENCRYPTION' multiple='multiple' size='6' style='width: 100%'>
- <option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
- <option value='aes192' $checked{'IKE_ENCRYPTION'}{'aes192'}>AES (192 bit)</option>
- <option value='aes128' $checked{'IKE_ENCRYPTION'}{'aes128'}>AES (128 bit)</option>
- <option value='3des' $checked{'IKE_ENCRYPTION'}{'3des'}>3DES</option>
- <option value='camellia256' $checked{'IKE_ENCRYPTION'}{'camellia256'}>Camellia (256 bit)</option>
- <option value='camellia192' $checked{'IKE_ENCRYPTION'}{'camellia192'}>Camellia (192 bit)</option>
- <option value='camellia128' $checked{'IKE_ENCRYPTION'}{'camellia128'}>Camellia (128 bit)</option>
+ <option value='aes256gcm128' $checked{'IKE_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit ICV</option>
+ <option value='aes256gcm96' $checked{'IKE_ENCRYPTION'}{'aes256gcm96'}>256 bit AES-GCM/96 bit ICV</option>
+ <option value='aes256gcm64' $checked{'IKE_ENCRYPTION'}{'aes256gcm64'}>256 bit AES-GCM/64 bit ICV</option>
+ <option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>256 bit AES-CBC</option>
+ <option value='camellia256' $checked{'IKE_ENCRYPTION'}{'camellia256'}>256 bit Camellia-CBC</option>
+ <option value='aes192gcm128' $checked{'IKE_ENCRYPTION'}{'aes192gcm128'}>192 bit AES-GCM/128 bit ICV</option>
+ <option value='aes192gcm96' $checked{'IKE_ENCRYPTION'}{'aes192gcm96'}>192 bit AES-GCM/96 bit ICV</option>
+ <option value='aes192gcm64' $checked{'IKE_ENCRYPTION'}{'aes192gcm64'}>192 bit AES-GCM/64 bit ICV</option>
+ <option value='aes192' $checked{'IKE_ENCRYPTION'}{'aes192'}>192 bit AES-CBC</option>
+ <option value='camellia192' $checked{'IKE_ENCRYPTION'}{'camellia192'}>192 bit Camellia-CBC</option>
+ <option value='aes128gcm128' $checked{'IKE_ENCRYPTION'}{'aes128gcm128'}>128 bit AES-GCM/128 bit ICV</option>
+ <option value='aes128gcm96' $checked{'IKE_ENCRYPTION'}{'aes128gcm96'}>128 bit AES-GCM/96 bit ICV</option>
+ <option value='aes128gcm64' $checked{'IKE_ENCRYPTION'}{'aes128gcm64'}>128 bit AES-GCM/64 bit ICV</option>
+ <option value='aes128' $checked{'IKE_ENCRYPTION'}{'aes128'}>128 bit AES-CBC</option>
+ <option value='camellia128' $checked{'IKE_ENCRYPTION'}{'camellia128'}>128 bit Camellia-CBC</option>
+ <option value='3des' $checked{'IKE_ENCRYPTION'}{'3des'}>168 bit 3DES-EDE-CBC</option>
</select>
</td>
<td class='boldbase'>
<select name='ESP_ENCRYPTION' multiple='multiple' size='6' style='width: 100%'>
- <option value='aes256' $checked{'ESP_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
- <option value='aes192' $checked{'ESP_ENCRYPTION'}{'aes192'}>AES (192 bit)</option>
- <option value='aes128' $checked{'ESP_ENCRYPTION'}{'aes128'}>AES (128 bit)</option>
- <option value='3des' $checked{'ESP_ENCRYPTION'}{'3des'}>3DES</option>
- <option value='camellia256' $checked{'ESP_ENCRYPTION'}{'camellia256'}>Camellia (256 bit)</option>
- <option value='camellia192' $checked{'ESP_ENCRYPTION'}{'camellia192'}>Camellia (192 bit)</option>
- <option value='camellia128' $checked{'ESP_ENCRYPTION'}{'camellia128'}>Camellia (128 bit)</option>
+ <option value='aes256gcm128' $checked{'ESP_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit ICV</option>
+ <option value='aes256gcm96' $checked{'ESP_ENCRYPTION'}{'aes256gcm96'}>256 bit AES-GCM/96 bit ICV</option>
+ <option value='aes256gcm64' $checked{'ESP_ENCRYPTION'}{'aes256gcm64'}>256 bit AES-GCM/64 bit ICV</option>
+ <option value='aes256' $checked{'ESP_ENCRYPTION'}{'aes256'}>256 bit AES-CBC</option>
+ <option value='camellia256' $checked{'ESP_ENCRYPTION'}{'camellia256'}>256 bit Camellia-CBC</option>
+ <option value='aes192gcm128' $checked{'ESP_ENCRYPTION'}{'aes192gcm128'}>192 bit AES-GCM/128 bit ICV</option>
+ <option value='aes192gcm96' $checked{'ESP_ENCRYPTION'}{'aes192gcm96'}>192 bit AES-GCM/96 bit ICV</option>
+ <option value='aes192gcm64' $checked{'ESP_ENCRYPTION'}{'aes192gcm64'}>192 bit AES-GCM/64 bit ICV</option>
+ <option value='aes192' $checked{'ESP_ENCRYPTION'}{'aes192'}>192 bit AES-CBC</option>
+ <option value='camellia192' $checked{'ESP_ENCRYPTION'}{'camellia192'}>192 bit Camellia-CBC</option>
+ <option value='aes128gcm128' $checked{'ESP_ENCRYPTION'}{'aes128gcm128'}>128 bit AES-GCM/128 bit ICV</option>
+ <option value='aes128gcm96' $checked{'ESP_ENCRYPTION'}{'aes128gcm96'}>128 bit AES-GCM/96 bit ICV</option>
+ <option value='aes128gcm64' $checked{'ESP_ENCRYPTION'}{'aes128gcm64'}>128 bit AES-GCM/64 bit ICV</option>
+ <option value='aes128' $checked{'ESP_ENCRYPTION'}{'aes128'}>128 bit AES-CBC</option>
+ <option value='camellia128' $checked{'ESP_ENCRYPTION'}{'camellia128'}>128 bit Camellia-CBC</option>
+ <option value='3des' $checked{'ESP_ENCRYPTION'}{'3des'}>168 bit 3DES-EDE-CBC</option>
</select>
</td>
</tr>
<option value='sha2_512' $checked{'IKE_INTEGRITY'}{'sha2_512'}>SHA2 512 bit</option>
<option value='sha2_384' $checked{'IKE_INTEGRITY'}{'sha2_384'}>SHA2 384 bit</option>
<option value='sha2_256' $checked{'IKE_INTEGRITY'}{'sha2_256'}>SHA2 256 bit</option>
+ <option value='aesxcbc' $checked{'IKE_INTEGRITY'}{'aesxcbc'}>AES XCBC</option>
<option value='sha' $checked{'IKE_INTEGRITY'}{'sha'}>SHA1</option>
<option value='md5' $checked{'IKE_INTEGRITY'}{'md5'}>MD5</option>
- <option value='aesxcbc' $checked{'IKE_INTEGRITY'}{'aesxcbc'}>AES XCBC</option>
</select>
</td>
<td class='boldbase'>
<option value='sha2_512' $checked{'ESP_INTEGRITY'}{'sha2_512'}>SHA2 512 bit</option>
<option value='sha2_384' $checked{'ESP_INTEGRITY'}{'sha2_384'}>SHA2 384 bit</option>
<option value='sha2_256' $checked{'ESP_INTEGRITY'}{'sha2_256'}>SHA2 256 bit</option>
+ <option value='aesxcbc' $checked{'ESP_INTEGRITY'}{'aesxcbc'}>AES XCBC</option>
<option value='sha1' $checked{'ESP_INTEGRITY'}{'sha1'}>SHA1</option>
<option value='md5' $checked{'ESP_INTEGRITY'}{'md5'}>MD5</option>
- <option value='aesxcbc' $checked{'ESP_INTEGRITY'}{'aesxcbc'}>AES XCBC</option>
</select>
</td>
</tr>
<td class='boldbase'>
<select name='IKE_GROUPTYPE' multiple='multiple' size='6' style='width: 100%'>
<option value='e521' $checked{'IKE_GROUPTYPE'}{'e521'}>ECP-521 (NIST)</option>
- <option value='e384' $checked{'IKE_GROUPTYPE'}{'e384'}>ECP-384 (NIST)</option>
- <option value='e256' $checked{'IKE_GROUPTYPE'}{'e256'}>ECP-256 (NIST)</option>
- <option value='e224' $checked{'IKE_GROUPTYPE'}{'e224'}>ECP-224 (NIST)</option>
- <option value='e192' $checked{'IKE_GROUPTYPE'}{'e192'}>ECP-192 (NIST)</option>
<option value='e512bp' $checked{'IKE_GROUPTYPE'}{'e512bp'}>ECP-512 (Brainpool)</option>
+ <option value='e384' $checked{'IKE_GROUPTYPE'}{'e384'}>ECP-384 (NIST)</option>
<option value='e384bp' $checked{'IKE_GROUPTYPE'}{'e384bp'}>ECP-384 (Brainpool)</option>
+ <option value='e256' $checked{'IKE_GROUPTYPE'}{'e256'}>ECP-256 (NIST)</option>
<option value='e256bp' $checked{'IKE_GROUPTYPE'}{'e256bp'}>ECP-256 (Brainpool)</option>
+ <option value='e224' $checked{'IKE_GROUPTYPE'}{'e224'}>ECP-224 (NIST)</option>
<option value='e224bp' $checked{'IKE_GROUPTYPE'}{'e224bp'}>ECP-224 (Brainpool)</option>
+ <option value='e192' $checked{'IKE_GROUPTYPE'}{'e192'}>ECP-192 (NIST)</option>
<option value='8192' $checked{'IKE_GROUPTYPE'}{'8192'}>MODP-8192</option>
<option value='6144' $checked{'IKE_GROUPTYPE'}{'6144'}>MODP-6144</option>
<option value='4096' $checked{'IKE_GROUPTYPE'}{'4096'}>MODP-4096</option>
&Header::closebox();
&Header::closebigbox();
&Header::closepage();
+
+sub array_unique($) {
+ my $array = shift;
+ my @unique = ();
+
+ my %seen = ();
+ foreach my $e (@$array) {
+ next if $seen{$e}++;
+ push(@unique, $e);
+ }
+
+ return @unique;
+}
+
+sub make_algos($$$$$) {
+ my ($mode, $encs, $ints, $grps, $pfs) = @_;
+ my @algos = ();
+
+ foreach my $enc (@$encs) {
+ foreach my $int (@$ints) {
+ foreach my $grp (@$grps) {
+ my @algo = ($enc);
+
+ if ($mode eq "ike") {
+ push(@algo, $int);
+
+ if ($grp =~ m/^e(.*)$/) {
+ push(@algo, "ecp$1");
+ } else {
+ push(@algo, "modp$grp");
+ }
+
+ } elsif ($mode eq "esp" && $pfs) {
+ my $is_aead = ($enc =~ m/[cg]cm/);
+
+ if (!$is_aead) {
+ push(@algo, $int);
+ }
+ }
+
+ push(@algos, join("-", @algo));
+ }
+ }
+ }
+
+ return &array_unique(\@algos);
+}
$wlanapsettings{'PWD'} = 'IPFire-2.x';
$wlanapsettings{'SYSLOGLEVEL'} = '0';
$wlanapsettings{'DEBUG'} = '4';
-$wlanapsettings{'DRIVER'} = 'MADWIFI';
+$wlanapsettings{'DRIVER'} = 'NL80211';
$wlanapsettings{'HTCAPS'} = '';
&General::readhash("/var/ipfire/wlanap/settings", \%wlanapsettings);
my $wiphy = `iw dev $wlanapsettings{'INTERFACE'} info | grep wiphy | cut -d" " -f2`;
chomp $wiphy;
-@channellist_cmd = `iw phy phy$wiphy info | grep " MHz \\\[" | grep -v "(disabled)" | grep -v "no IBSS" | grep -v "passive scanning" 2>/dev/null`;
+@channellist_cmd = `iw phy phy$wiphy info | grep " MHz \\\[" | grep -v "(disabled)" | grep -v "no IBSS" | grep -v "no IR" | grep -v "passive scanning" 2>/dev/null`;
# get available channels
my @temp;
}
# get available power
-my @temp;
-foreach (@txpower_cmd){
-$_ =~ /(\s)(\d+)(\s)dBm(\s)(.*)(\W)(\d+)(.*)/;
-$txpower = $7;chomp $txpower;
-if ( $txpower =~ /\d+/ ){push(@temp,$txpower."mW");}
-}
-my @txpower = @temp;
-push(@txpower,"auto");
-
$selected{'SYSLOGLEVEL'}{$wlanapsettings{'SYSLOGLEVEL'}} = "selected='selected'";
$selected{'DEBUG'}{$wlanapsettings{'DEBUG'}} = "selected='selected'";
;
print <<END
<tr><td width='25%' class='base'>HT Caps: </td><td class='base' colspan='3'><input type='text' name='HTCAPS' size='30' value='$wlanapsettings{'HTCAPS'}' /></td></tr>
-<tr><td width='25%' class='base'>Tx Power: </td><td class='base' colspan='3'>
-END
-;
-
-if ( $wlanapsettings{'DRIVER'} eq 'MADWIFI' ){
- print "<select name='TXPOWER'>";
- foreach $txpower (@txpower){
- print "<option $selected{'TXPOWER'}{$txpower}>$txpower</option> dBm";
- }
- print " </select></td></tr>";
-} else {
- print "<input type='text' name='TXPOWER' size='10' value='$wlanapsettings{'TXPOWER'}' /></td></tr>"
-}
-print <<END
+<tr><td width='25%' class='base'>Tx Power: </td><td class='base' colspan='3'><input type='text' name='TXPOWER' size='10' value='$wlanapsettings{'TXPOWER'}' /></td></tr>
<tr><td width='25%' class='base'>Loglevel (hostapd): </td><td class='base' width='25%'>
<select name='SYSLOGLEVEL'>
<option value='0' $selected{'SYSLOGLEVEL'}{'0'}>0 ($Lang::tr{'wlanap verbose'})</option>
END
;
my @status;
-if ( $wlanapsettings{'DRIVER'} eq 'MADWIFI' ){
- @status = `wlanconfig $wlanapsettings{'INTERFACE'} list`;
-}
if ( $wlanapsettings{'DRIVER'} eq 'NL80211' ){
@status = `iw dev $wlanapsettings{'INTERFACE'} info && iw dev $wlanapsettings{'INTERFACE'} station dump && echo ""`;
}
max-width: 2.5em;
}
+table.fw-nat tbody tr td {
+ height: 2.25em;
+}
+
/* LAYOUT - 3 COLUMNS */
/* Primary content */
max-width: 2.5em;
}
+table.fw-nat tbody tr td {
+ height: 2.25em;
+}
+
/* LAYOUT - 3 COLUMNS */
/* Primary content */
.tbl tr:last-child td {
border-bottom: 1px solid lightgrey;
}
+
+table.fw-nat tbody tr td {
+ height: 2.25em;
+}
max-width: 2.5em;
}
+table.fw-nat tbody tr td {
+ height: 2.25em;
+}
+
/* LAYOUT - 3 COLUMNS */
/* Primary content */
'bit' => 'Bit',
'bitrate' => 'Bitrate',
'bleeding rules' => 'Bleeding Edge Snort Rules',
+'block' => 'Blocken',
'blue' => 'BLAU',
'blue access' => 'Zugriff auf Blau',
'blue access use hint' => 'Sie müssen mindestens die MAC- oder die IP-Adresse für ein Gerät angeben. Optional können Sie sowohl MAC- als auch IP-Adresse angeben.',
'chain' => 'Verknüpfung',
'change passwords' => 'Passwörter ändern',
'change share' => 'Freigabeeinstellungen ändern',
+'check all' => 'Alle auswählen',
'check for net traffic update' => 'Prüfe auf Net-Traffic-Updates',
'check vpn lr' => 'Überprüfen',
'choose config' => 'Konfiguration auswählen',
'dhcp advopt removed' => 'DHCP Option entfernt',
'dhcp advopt scope' => 'Options-Wertebereich',
'dhcp advopt scope global' => 'Global',
-'dhcp advopt scope help' => 'Globaler Bereich oder begenze Bereich auf überprüfte Schnittstellen',
+'dhcp advopt scope help' => 'Globaler Bereich oder begrenze Bereich auf überprüfte Schnittstellen',
'dhcp advopt unknown' => 'Name der DHCP Option wurde nicht erkannt',
'dhcp advopt value' => 'Optionswert',
'dhcp allow bootp' => 'BOOTP Clients zulassen',
'fwhost OpenVPN static host' => 'OpenVPN statischer Host',
'fwhost OpenVPN static network' => 'OpenVPN statisches Netzwerk',
'fwhost Standard Network' => 'Standard-Netzwerk',
+'fwhost addgeoipgrp' => 'Neue GeoIP-Gruppe hinzufügen',
'fwhost addgrp' => 'Neue Gruppe hinzufügen',
'fwhost addgrpname' => 'Gruppenname:',
'fwhost addhost' => 'Neuen Host hinzufügen',
'fwhost change' => 'Ändern',
'fwhost changeremark' => 'Es wurde nur die Bemerkung angepasst.',
'fwhost cust addr' => 'Hosts',
+'fwhost cust geoip' => 'GeoIP-Gruppen',
+'fwhost cust geoipgroup' => 'GeoIP-Gruppen',
+'fwhost cust geoiplocation' => 'GeoIP Ländercodes',
'fwhost cust grp' => 'Gruppen',
'fwhost cust net' => 'Netzwerke',
'fwhost cust service' => 'Dienste',
'fwhost ipsec net' => 'IPsec-Netzwerke:',
'fwhost menu' => 'Firewallgruppen',
'fwhost netaddress' => 'Netzwerkadresse',
+'fwhost newgeoipgrp' => 'GeoIP-Gruppen',
'fwhost newgrp' => 'Netzwerk-/Hostgruppen',
'fwhost newhost' => 'Hosts',
'fwhost newnet' => 'Netzwerke',
'generating the root and host certificates may take a long time. it can take up to several minutes on older hardware. please be patient' => 'Die Erzeugung der Root- und Host-Zertifikate kann lange Zeit dauern. Auf älterer Hardware kann es mehrere Minuten lang dauern. Bitte haben Sie etwas Geduld.',
'genkey' => 'PSK erzeugen',
'genre' => 'Genre',
+'geoip' => 'GeoIP',
+'geoipblock' => 'GeoIP Block',
+'geoipblock block countries' => 'Länderfilter',
+'geoipblock configuration' => 'GeoIP Konfiguration',
+'geoipblock country code' => 'Ländercode',
+'geoipblock country is allowed' => 'Eingehende Verbindungen aus diesem Land sind erlaubt.',
+'geoipblock country is blocked' => 'Eingehende Verbindungen aus diesem Land werden blockiert.',
+'geoipblock country name' => 'Ländername',
+'geoipblock enable feature' => 'GeoIP basierte Filterung aktivieren:',
+'geoipblock flag' => 'Flagge',
'global settings' => 'Globale Einstellungen',
'gpl i accept these terms and conditions' => 'Ich akzeptiere diese Bedingungen und Konditionen',
'gpl license agreement' => 'Lizenz-Vereinbarung',
'ppp setup' => 'PPP-Einstellungen',
'pppoe' => 'PPPoE',
'pppoe settings' => 'Zusätzliche PPPoE-Einstellungen:',
+'pptp netconfig' => 'Eigene Netzkonfiguration',
+'pptp peer' => 'Gegenstelle',
+'pptp route' => 'PPTP-Route',
'pptp settings' => 'Zusätzliche PPTP-Einstellungen:',
'pre-shared key is too short' => 'Pre-shared Schlüsel ist zu kurz',
'prefered master' => 'Prefered Master',
'save settings' => 'Einstellungen speichern',
'save-adv-options' => 'Erweiterte Optionen speichern',
'script name' => 'Skriptname:',
+'search' => 'Suchen',
'secondary dns' => 'Sekundärer DNS:',
'secondary ntp server' => 'Sekundärer NTP-Server',
'secondary wins server address' => 'Sekundäre WINS-Server Adresse',
'umount removable media before to unplug' => 'Wechselmedien vor dem Entfernen unbedingt abmelden',
'unable to alter profiles while red is active' => 'Profile können nicht geändert werden, solange ROT aktiv ist.',
'unable to contact' => 'Kann nicht erreicht werden',
+'unblock' => 'Entblocken',
+'unblock all' => 'Alle entblocken',
+'uncheck all' => 'Alle abwählen',
'unencrypted' => 'Nicht verschlüsselt',
'uninstall' => 'Deinstallieren',
'unix charset' => 'UNIX-Charset',
'vpn payload compression' => 'Datennutzlast-Kompression aushandeln',
'vpn red name' => 'Öffentliche IP oder FQDN für das rote Interface oder <%defaultroute>',
'vpn remote id' => 'Remote ID',
+'vpn statistic n2n' => 'OpenVPN-Netz-zu-Netz-Statistik',
+'vpn statistic rw' => 'OpenVPN-Roadwarrior-Statistik',
'vpn subjectaltname' => 'Subjekt Alternativer Name',
'vpn vhost' => 'Roadwarrior virtuelle IP (manchmal auch Inner-IP genannt)',
'vpn watch' => 'Netz-zu-Netz VPN neu starten, wenn sich Remote-IP ändert (DynDNS).',
'bit' => 'bit',
'bitrate' => 'Bitrate',
'bleeding rules' => 'Bleeding Edge Snort Rules',
+'block' => 'Block',
'blue' => 'BLUE',
'blue access' => 'Blue Access',
'blue access use hint' => 'You have to enter the MAC or the IP Address for a device. To enter both is also possible',
'chain' => 'Chain',
'change passwords' => 'Change passwords',
'change share' => 'edit share options',
+'check all' => 'Check all',
'check for net traffic update' => 'Check for Net-Traffic updates',
'check vpn lr' => 'Check',
'choose config' => 'Choose config',
'fwhost OpenVPN static host' => 'OpenVPN static host',
'fwhost OpenVPN static network' => 'OpenVPN static network',
'fwhost Standard Network' => 'Standard network',
+'fwhost addgeoipgrp' => 'Add new GeoIP group',
'fwhost addgrp' => 'Add new network/host group',
'fwhost addgrpname' => 'Group name:',
'fwhost addhost' => 'Add new host',
'fwhost change' => 'Modify',
'fwhost changeremark' => 'You modified just the remark',
'fwhost cust addr' => 'Hosts',
+'fwhost cust geoip' => 'GeoIP Groups',
+'fwhost cust geoipgroup' => 'GeoIP Groups',
+'fwhost cust geoiplocation' => 'GeoIP Locations',
'fwhost cust grp' => 'Network/Host Groups',
'fwhost cust net' => 'Networks',
'fwhost cust service' => 'Services',
'fwhost ipsec net' => 'IPsec networks:',
'fwhost menu' => 'Firewall Groups',
'fwhost netaddress' => 'Network address',
+'fwhost newgeoipgrp' => 'GeoIP Groups',
'fwhost newgrp' => 'Network/Host Groups',
'fwhost newhost' => 'Hosts',
'fwhost newnet' => 'Networks',
'generating the root and host certificates may take a long time. it can take up to several minutes on older hardware. please be patient' => 'Generating the root and host certificates may take a long time. It can take up to several minutes on older hardware. Please be patient.',
'genkey' => 'Generate PSK',
'genre' => 'Genre',
+'geoip' => 'GeoIP',
+'geoipblock' => 'GeoIP Block',
+'geoipblock block countries' => 'Block countries',
+'geoipblock configuration' => 'GeoIP Configuration',
+'geoipblock country code' => 'Country Code',
+'geoipblock country is allowed' => 'Incoming traffic from this country is allowed',
+'geoipblock country is blocked' => 'Incoming traffic from this country will be blocked',
+'geoipblock country name' => 'Country Name',
+'geoipblock enable feature' => 'Enable GeoIP based blocking:',
+'geoipblock flag' => 'Flag',
'global settings' => 'Global Settings',
'gpl i accept these terms and conditions' => 'I accept these terms and conditions',
'gpl license agreement' => 'License Agreement',
'ppp setup' => 'PPP setup',
'pppoe' => 'PPPoE',
'pppoe settings' => 'Additional PPPoE settings:',
+'pptp netconfig' => 'My Net Config',
+'pptp peer' => 'Peer',
+'pptp route' => 'PPTP Route',
'pptp settings' => 'Additional PPTP settings:',
'pre-shared key is too short' => 'Pre-shared key is too short.',
'prefered master' => 'Prefered Master',
'save settings' => 'Save settings',
'save-adv-options' => 'Save advanced options',
'script name' => 'Script name:',
+'search' => 'Search',
'secondary dns' => 'Secondary DNS:',
'secondary ntp server' => 'Secondary NTP server',
'secondary wins server address' => 'Secondary WINS server address',
'umount removable media before to unplug' => 'Umount removable media before unplugging the device',
'unable to alter profiles while red is active' => 'Unable to alter profiles while RED is active.',
'unable to contact' => 'Unable to contact',
+'unblock' => 'Unblock',
+'unblock all' => 'Unblock all',
+'uncheck all' => 'Uncheck all',
'unencrypted' => 'Unencrypted',
'uninstall' => 'Uninstall',
'unix charset' => 'UNIX Charset',
'vpn payload compression' => 'Negotiate payload compression',
'vpn red name' => 'Public IP or FQDN for RED interface or <%defaultroute>',
'vpn remote id' => 'Remote ID',
+'vpn statistic n2n' => 'OpenVPN Net-to-Net Statistics',
+'vpn statistic rw' => 'OpenVPN Roadwarrior Statistics',
'vpn subjectaltname' => 'Subject Alt Name',
'vpn vhost' => 'Roadwarrior virtual IP (sometimes called Inner-IP)',
'vpn watch' => 'Restart net-to-net vpn when remote peer IP changes (dyndns).',
'generating the root and host certificates may take a long time. it can take up to several minutes on older hardware. please be patient' => 'Generar los certificador root y host puede tomar mucho tiempo. Puede durar varios minutos en equipos antiguos. Por favor sea paciente.',
'genkey' => 'Generar PSK',
'genre' => 'Género',
+'geoip' => 'GeoIP',
+'geoipblock' => 'GeoIP Block',
+'geoipblock block countries' => 'Países bloqueados',
+'geoipblock configuration' => 'Configuración GeoIP',
+'geoipblock country code' => 'Código del País',
+'geoipblock country is allowed' => 'Se permite el tráfico procedente de este País',
+'geoipblock country is blocked' => 'Se deniega el tráfico procedente de este País',
+'geoipblock country name' => 'Nombre del País',
+'geoipblock enable feature' => 'Habilitar bloqueo basado GeoIP:',
+'geoipblock flag' => 'Bandera',
'global settings' => 'Configuraciones globales',
'gpl i accept these terms and conditions' => 'I accept these terms and conditions',
'gpl license agreement' => 'License Agreement',
include Config
-VER = 2.07
+VER = 3.33
THISAPP = Locale-Codes-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = af0537cc4a882096d0320612c440df6d
+$(DL_FILE)_MD5 = bc7496f97889de8504e80addaa0ee40c
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.0.16
+VER = 2.0.23
THISAPP = acpid-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d59fc02c9c34f0d5c137495302e2c074
+$(DL_FILE)_MD5 = d7bcdcdefcd53b03730e50ba842554ea
install : $(TARGET)
include Config
-VER = 2.2.27
+VER = 2.2.29
THISAPP = httpd-$(VER)
DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
-ifeq "$(PASS)" "C"
- TARGET = $(DIR_INFO)/$(THISAPP)-config
-else
- TARGET = $(DIR_INFO)/$(THISAPP)
-endif
+
+TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
# Top-level Rules
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
httpd-2.2.2-config-1.patch = $(DL_FROM)/httpd-2.2.2-config-1.patch
-$(DL_FILE)_MD5 = 8faef0decf3fa7e69b2568eb2105a3d8
+$(DL_FILE)_MD5 = 579342fdeaa7b8b68d17fee91f8fab6e
httpd-2.2.2-config-1.patch_MD5 = e02a3ec5925eb9e111400b9aa229f822
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
-ifeq "$(PASS)" "C"
- # DO THIS IN AN EXTRA STEP BECAUSE PHP AND SUBVERSION WILL FAIL.
-
- cp -rf $(DIR_CONF)/httpd/* /etc/httpd/conf
- ln -sf $(CONFIG_ROOT)/main/hostname.conf /etc/httpd/conf/
-
- # Copy all html/cgi-bin files
- mkdir -p /srv/web/ipfire/{cgi-bin,html}
- mkdir -p /var/updatecache/{download,metadata}
- cp -aR $(DIR_SRC)/html/* /srv/web/ipfire
-
- # Change CONFIG_ROOT in cgi-scripts
- for i in /srv/web/ipfire/cgi-bin/{*,logs.cgi/*,vpn.cgi/*}; do \
- if [ -f $$i ]; then \
- sed -i "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" $$i; \
- fi; \
- done
- chown -R root:root /srv/web/ipfire
- chmod -R 755 /srv/web/ipfire/cgi-bin
- chmod -R 644 /srv/web/ipfire/html
- chmod 755 /srv/web/ipfire/html /srv/web/ipfire/html/{index.cgi,redirect.cgi,dial.cgi,images,include,themes,themes/*,themes/*/*}
- ln -svf ipfire /srv/web/ipfire/html/themes/ipfire-rounded
-
- # Reset permissions of redirect templates and theme directories
- find /srv/web/ipfire/html/{redirect-templates,themes} -type d | xargs chmod -v 755
-else
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 -i $(DIR_DL)/httpd-2.2.2-config-1.patch
/usr/share/man/man1/{dbmmanage,ht{dbm,digest,passwd,txt2dbm}}.1 \
/usr/share/man/man8/{ab,apachectl,apxs,htcacheclean,httpd}.8 \
/usr/share/man/man8/{logresolve,rotatelogs,suexec}.8
+
+ # Install apache config
+ cp -rf $(DIR_CONF)/httpd/* /etc/httpd/conf
+ ln -sf $(CONFIG_ROOT)/main/hostname.conf /etc/httpd/conf/
+
@rm -rf $(DIR_APP)
-endif
@$(POSTBUILD)
include Config
-VER = 11.15.0
+VER = 11.17.1
THISAPP = asterisk-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = asterisk
-PAK_VER = 14
+PAK_VER = 16
DEPS = "libsrtp"
asterisk-moh-opsound-gsm-2.03.tar.gz = $(URL_IPFIRE)/asterisk-moh-opsound-gsm-2.03.tar.gz
asterisk-1.4-de-prompts.tar.gz = $(URL_IPFIRE)/asterisk-1.4-de-prompts.tar.gz
-$(DL_FILE)_MD5 = 71e8c2e207255f7ef12b81b7f0da30ea
+$(DL_FILE)_MD5 = 2c6cd0f499152d0d5ff32f36e274fc2e
asterisk-extra-sounds-en-gsm-1.4.15.tar.gz_MD5 = 5099fc65f49008e33ba7fb043a4ec995
asterisk-moh-opsound-gsm-2.03.tar.gz_MD5 = 09066f55f1358f298bc1a6e4678a3ddf
asterisk-1.4-de-prompts.tar.gz_MD5 = 626a2b95071a5505851e43874dfbfd5c
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/compat-drivers-3.8.3-ath_ignore_eeprom_regdomain.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.22-iwlwifi-noibss_only_on_radar_chan.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10.37-rt2800usb_add_dlink_dwa137_usbid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/backports-3.18.1-1_rt2x00usb_suppress_queue_warnings.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/backports-3.18.1-1_add_libertas_uap.patch
# smsc mac address patch for pandaboard and raspberry pi
include Config
-VER = 0.98.6
+VER = 0.98.7
THISAPP = clamav-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = clamav
-PAK_VER = 28
+PAK_VER = 29
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 7f4f7e82a09e42c4ebf153d6d452d9d8
+$(DL_FILE)_MD5 = 157c601161da1c2d5a0e48ea1b49e067
install : $(TARGET)
cd $(DIR_APP) && patch -p1 -i $(DIR_SRC)/src/patches/collectd/0020-openvpn-Make-read-functions-robust-like-in-8516f9abb.patch
cd $(DIR_APP) && patch -p1 -i $(DIR_SRC)/src/patches/collectd/0021-openvpn-Fix-copy-and-paste-error.patch
cd $(DIR_APP) && patch -p1 -i $(DIR_SRC)/src/patches/collectd/0022-openvpn-Change-data-type-from-COUNTER-to-DERIVE.patch
+ cd $(DIR_APP) && patch -p1 -i $(DIR_SRC)/src/patches/collectd/silence-openvpn-errors.patch
cd $(DIR_APP) && ./configure --prefix=/usr --localstatedir=/var \
--disable-{apple_sensors,csv,ipvs,mbmon,memcached,mysql} \
--disable-{netlink,nginx,nut,perl,serial,snmp,tape,vserver,xmms} \
--with-librrd=/usr/share/rrdtool-1.2.30
cd $(DIR_APP) && make install
cp -vf $(DIR_SRC)/config/collectd/collectd.* /etc/
+ mv /etc/collectd.vpn /var/ipfire/ovpn/collectd.vpn
+ chown nobody.nobody /var/ipfire/ovpn/collectd.vpn
+ ln -f -s ../var/ipfire/ovpn/collectd.vpn /etc/collectd.vpn
ln -f -s ../init.d/collectd /etc/rc.d/rc0.d/K50collectd
ln -f -s ../init.d/collectd /etc/rc.d/rc3.d/S29collectd
ln -f -s ../init.d/collectd /etc/rc.d/rc6.d/K50collectd
for i in auth/users backup/include.user backup/exclude.user \
certs/index.txt ddns/config ddns/noipsettings ddns/settings ddns/ipcache dhcp/settings \
dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings dnsforward/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/scanned_nics \
- ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extrahd/settings firewall/settings firewall/config firewall/input firewall/outgoing \
- fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwlogs/ipsettings fwlogs/portsettings \
+ ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extrahd/settings firewall/settings firewall/config firewall/geoipblock firewall/input firewall/outgoing \
+ fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwhosts/customgeoipgrp fwlogs/ipsettings fwlogs/portsettings \
isdn/settings mac/settings main/disable_nf_sip main/hosts main/routing main/settings net-traffic/settings optionsfw/settings \
ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
cp $(DIR_SRC)/config/cfgroot/header.pl $(CONFIG_ROOT)/
cp $(DIR_SRC)/config/cfgroot/general-functions.pl $(CONFIG_ROOT)/
cp $(DIR_SRC)/config/cfgroot/network-functions.pl $(CONFIG_ROOT)/
+ cp $(DIR_SRC)/config/cfgroot/geoip-functions.pl $(CONFIG_ROOT)/
cp $(DIR_SRC)/config/cfgroot/lang.pl $(CONFIG_ROOT)/
cp $(DIR_SRC)/config/cfgroot/countries.pl $(CONFIG_ROOT)/
cp $(DIR_SRC)/config/cfgroot/graphs.pl $(CONFIG_ROOT)/
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 7.31.0
+VER = 7.40.0
THISAPP = curl-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 6f26843f7e3a2fb06e02f68a55efe8c7
+$(DL_FILE)_MD5 = 58943642ea0ed050ab0431ea1caf3a6f
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2011 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = cyrus-imapd
-PAK_VER = 3
+PAK_VER = 5
DEPS = ""
cp -f $(DIR_APP)/tools/mkimap /usr/bin
sudo -u cyrus /usr/bin/mkimap /var/ipfire/cyrusimap/imapd.conf
chown cyrus.mail /var/imap/socket
+ install -v -m 644 $(DIR_SRC)/config/backup/includes/cyrus-imapd \
+ /var/ipfire/backup/addons/includes/cyrus-imapd
@rm -rf $(DIR_APP) /usr/include/com_err.h
@$(POSTBUILD)
include Config
-VER = 2.1.21
+VER = 2.1.26
THISAPP = cyrus-sasl-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = dde02db234dea892bee298390890502e
+$(DL_FILE)_MD5 = a7f4e5e559a0e37b3ffc438c9456e425
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/cyrus-sasl-2.1.22-bad-elif.patch
cd $(DIR_APP) && sed -i '/sasl_global/s/^static //' lib/client.c
cd $(DIR_APP) && sed -i 's/cat8/man8/' saslauthd/Makefile.am
cd $(DIR_APP) && autoconf
ifeq "$(PASS)" ""
cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \
--with-dbpath=/var/lib/sasl/sasldb2 \
- --with-saslauthd=/var/run/saslauthd
+ --with-saslauthd=/var/run/saslauthd \
+ --with-des=no --with-rc4=no
cd $(DIR_APP) && make
cd $(DIR_APP) && make install
install -v -m700 -d /var/lib/sasl
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ddns/001-ddns-007-perform-lazy-database-init.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/ddns/002-ddns-007-also-open-database-for-search-operations.patch
+
cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh
cd $(DIR_APP) && ./configure \
--prefix=/usr \
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2012 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 4.2.2
+VER = 4.3.1
THISAPP = dhcp-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = bb0f0434cd796f76aa7cead391d71f31
+$(DL_FILE)_MD5 = b3a42ece3c7f2cd2e74a3e12ca881d20
install : $(TARGET)
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-remove-bind.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-errwarn-message.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-options.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-release-by-ifup.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-dhclient-decline-backoff.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-unicast-bootp.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-dhclient-usage.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-default-requested-options.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-xen-checksum.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-manpages.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-paths.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-CLOEXEC.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-inherit-leases.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-garbage-chars.patch
- # ???
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-missing-ipv6-not-fatal.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-add_timeout_when_NULL.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-64_bit_lease_parse.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-capability.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-logpid.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-UseMulticast.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-sendDecline.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-retransmission.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-rfc3442-classless-static-routes.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-honor-expired.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-noprefixavail.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-sharedlib.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-PPP.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-lpf-ib.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-improved-xid.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-gpxe-cid.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-invalid-dhclient-conf.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-remove-bind.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-errwarn-message.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-dhclient-options.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-release-by-ifup.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-unicast-bootp.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-default-requested-options.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-xen-checksum.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-manpages.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-paths.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-CLOEXEC.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-garbage-chars.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-64_bit_lease_parse.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-capability.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-logpid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-UseMulticast.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-sendDecline.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-rfc3442-classless-static-routes.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-honor-expired.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-sharedlib.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-PPP.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-paranoia.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-lpf-ib.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-improved-xid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-gpxe-cid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-stateless-DUID-LLT.patch
# Remove bundled BIND stuff.
# (requires newer autoconf)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2012 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 5.2.9
+VER = 6.7.1
THISAPP = dhcpcd-$(VER)
DL_FILE = $(THISAPP).tar.bz2
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = aabe4a3c1f23c55f2c99a416c9085de9
+$(DL_FILE)_MD5 = ffb716b0e9327968e7200d519e1d4c0d
install : $(TARGET)
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0055-Fix-last-commit-to-not-crash-if-uid-changing-not-con.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0056-New-version-of-contrib-reverse-dns.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0057-Tweak-DNSSEC-timestamp-code-to-create-file-later-rem.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0058-Fix-boilerplate-code-for-re-running-system-calls-on-.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0059-Make-address-example.com-equivalent-to-server-exampl.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0060-dhcp-set-outbound-interface-via-cmsg-in-unicast-repl.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0061-Don-t-fail-DNSSEC-when-a-signed-CNAME-dangles-into-a.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0062-Return-SERVFAIL-when-validation-abandoned.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0063-Protect-against-broken-DNSSEC-upstreams.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0064-DNSSEC-fix-for-non-ascii-characters-in-labels.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0065-Allow-control-characters-in-names-in-the-cache-handl.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0066-Fix-crash-in-last-commit.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0067-Merge-message-translations.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0068-add-tftp-no-fail-to-ignore-missing-tftp-root.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0069-Whitespace-fixes.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0070-Return-INSECURE-rather-than-BOGUS-when-DS-proved-not.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0071-Fix-compiler-warning-when-not-including-DNSSEC.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0072-Fix-crash-caused-by-looking-up-servers.bind-when-man.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0073-Fix-crash-on-receipt-of-certain-malformed-DNS-reques.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0074-Fix-crash-in-auth-code-with-odd-configuration.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0075-Auth-correct-replies-to-NS-and-SOA-in-.arpa-zones.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0076-Fix-srk-induced-crash-in-new-tftp_no_fail-code.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0077-Note-CVE-2015-3294.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0078-Log-domain-when-reporting-DNSSEC-validation-failure.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0079-Check-IP-address-command-line-arg-in-dhcp_release.c.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0080-Revert-61b838dd574c51d96fef100285a0d225824534f9-and-.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0081-Handle-domain-names-with-.-or-000-within-labels.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0082-Tweaks-to-previous-DNS-label-charset-commit.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0083-Logs-in-DHCPv6-not-suppressed-by-dhcp6-quiet.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0084-Make-get-version-work-when-repo-is-a-git-submodule.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0085-Fix-argument-order-botch-which-broke-DNSSEC-for-TCP-.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0086-Don-t-remove-RRSIG-RR-from-answers-to-ANY-queries-wh.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0087-Constify-some-DHCP-lease-management-functions.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0088-Handle-UDP-packet-loss-when-fragmentation-of-large-p.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0089-Check-IPv4-mapped-IPv6-addresses-with-stop-rebind.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0090-Tweak-EDNS-timeout-code.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0091-Pointer-to-mail-archive-mailing-list-mirror-in-doc.h.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0092-Allow-T1-and-T2-DHCPv4-options-to-be-set.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0093-Tweak-last-commit.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0094-Use-correct-DHCP-context-for-PXE-proxy-server-id.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0095-Fix-buffer-overflow-introduced-in-2.73rc6.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0096-Remove-support-for-DNS-Extended-Label-Types.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0097-Select-correct-DHCP-context-when-in-PXE-bootserver-m.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/0098-Tweak-immediately-previous-patch.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch
cd $(DIR_APP) && sed -i src/config.h \
-e 's|/\* #define HAVE_IDN \*/|#define HAVE_IDN|g' \
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dracut-038-always-enable-mdraid.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dracut-038_add_sdhci-pci.patch
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install sbindir=/sbin sysconfdir=/etc
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2013 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = elinks
-PAK_VER = 4
+PAK_VER = 5
DEPS = ""
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.0.0
+VER = 2.1.0
THISAPP = expat-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d945df7f1c0868c5c73cf66ba9596f3f
+$(DL_FILE)_MD5 = dd7dab7a5fea97d2a6a43f511449b7cd
install : $(TARGET)
cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
- cd $(DIR_APP) && install -v -m755 -d /usr/share/doc/expat-2.0.0
- cd $(DIR_APP) && install -v -m644 doc/*.{html,png,css} /usr/share/doc/expat-2.0.0
+ cd $(DIR_APP) && install -v -m755 -d /usr/share/doc/expat-2.1.0
+ cd $(DIR_APP) && install -v -m644 doc/*.{html,png,css} /usr/share/doc/expat-2.1.0
@rm -rf $(DIR_APP)
@$(POSTBUILD)
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Add-an-other-forbidden-string-Serial.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Skip-search-for-hypervisor-name-when-the-CPU-string-.patch
cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh
cd $(DIR_APP) && ./configure --prefix=/usr
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 2.6
+
+THISAPP = flag-icons-$(VER)
+DL_FILE = $(THISAPP).zip
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 992db1bc950dfdd436699b7d2ad33c2d
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ # Create DIR_APP and move the source tarball to its location.
+ @rm -rf $(DIR_APP) && mkdir -pv $(DIR_APP) && cd $(DIR_SRC) && cp -avf $(DIR_DL)/$(DL_FILE) $(DIR_APP)
+
+ # Extract the source tarball.
+ cd $(DIR_APP) && unzip $(DL_FILE)
+
+ # Create flage image folder.
+ cd $(DIR_APP) && mkdir -pv /srv/web/ipfire/html/images/flags/
+
+ # Only copy the country flags.
+ cd $(DIR_APP) && cp -avf flags-iso/shiny/16/??.png \
+ /srv/web/ipfire/html/images/flags/
+
+ # Copy flag icon for unknown countries.
+ cd $(DIR_APP) && cp -avf flags-iso/shiny/16/_unknown.png \
+ /srv/web/ipfire/html/images/flags/unknown.png
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
-fsck.ext4 -f -y $(PART_ROOT)
fsck.ext4 -f -y $(PART_ROOT)
+ sleep 10 #Ubuntu compiling: allow time to automount/dismount
kpartx -d -v $(DEVICE)
losetup -d $(DEVICE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc/glibc-rh1154563.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc/glibc-rh1170121.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc/glibc-rh1183533.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc/glibc-rh1207995.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc/glibc-rh1209375.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-resolv-stack_chk_fail.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/glibc-remove-ctors-dtors-output-sections.patch
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2011 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 1.21
+VER = 1.22.3
THISAPP = groff-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 8b8cd29385b97616a0f0d96d0951c5bf
+$(DL_FILE)_MD5 = cc825fa64bc7306a885f2fb2268d3ec5
install : $(TARGET)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = haproxy
-PAK_VER = 1
+PAK_VER = 2
DEPS = ""
include Config
-VER = 2.3
+VER = 2.4
THISAPP = hostapd-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = hostapd
-PAK_VER = 33
+PAK_VER = 34
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 40b89c61036add0c2dd1fc10767d3b5f
+$(DL_FILE)_MD5 = 04578f3f2c3eb1bec1adf30473813912
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/hostapd-2.3_increase_EAPOL-timeouts.patch
cd $(DIR_APP)/hostapd && cp $(DIR_SRC)/config/hostapd/config ./.config
cd $(DIR_APP)/hostapd && sed -e "s@/usr/local@/usr@g" -i Makefile
cd $(DIR_APP)/hostapd && make $(MAKETUNING) $(EXTRA_MAKE)
ln -sf ../init.d/firstsetup /etc/rc.d/rcsysinit.d/S75firstsetup
ln -sf ../init.d/localnet /etc/rc.d/rcsysinit.d/S80localnet
ln -sf ../init.d/firewall /etc/rc.d/rcsysinit.d/S85firewall
+ ln -sf ../init.d/network-trigger /etc/rc.d/rcsysinit.d/S90network-trigger
ln -sf ../init.d/network-vlans /etc/rc.d/rcsysinit.d/S91network-vlans
ln -sf ../init.d/rngd /etc/rc.d/rcsysinit.d/S92rngd
ln -sf ../init.d/wlanclient /etc/rc.d/rc0.d/K82wlanclient
cd $(DIR_APP) && cp -vf $(DIR_SRC)/netfilter-layer7-v2.22/iptables-1.4.3forward-for-kernel-2.6.20forward/* \
./extensions/
- # ipp2p 0.8.2-pomng
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/iptables-1.4.14-ipp2p-0.8.2-ipfire.patch
-
# imq
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/iptables-1.4.12-IMQ-test4.diff
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = ss020927
+VER = s20121221
THISAPP = iputils-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/iputils
+DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = b5493f7a2997130a4f86c486c9993b86
+$(DL_FILE)_MD5 = 6072aef64205720dd1893b375e184171
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iputils-20020927-headers.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iputils-20020927-rh.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iputils-glibckernheaders.patch
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && make ping tracepath
cd $(DIR_APP) && install -m 4755 ping /usr/bin
cd $(DIR_APP) && install -m 0755 tracepath /usr/bin
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 1.3.0
+VER = 1.3.1
THISAPP = libjpeg-turbo-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = e1e65cc711a1ade1322c06ad4a647741
+$(DL_FILE)_MD5 = 2c3a68129dac443a72815ff5bb374b05
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 1.1.2.1
+VER = 1.1.6
THISAPP = libnet-$(VER)
-DL_FILE = libnet.tar.gz
+DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/libnet
+DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = be845c41170d72c7db524f3411b50256
+$(DL_FILE)_MD5 = 710296fe424a49344e5fcc0d09e53317
install : $(TARGET)
include Config
-VER = 1.5.0
+VER = 1.5.2
THISAPP = libsrtp-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = libsrtp
-PAK_VER = 1
+PAK_VER = 2
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = ec49ba558b4fd056114df2c76935aa8e
+$(DL_FILE)_MD5 = 2309aa6027992810a4285b042c71e644
install : $(TARGET)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure --prefix=/usr
- cd $(DIR_APP) && make uninstall && make $(MAKETUNING) libsrtp.so
+ cd $(DIR_APP) && make uninstall && make $(MAKETUNING) shared_library
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
@$(POSTBUILD)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2012 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.4.2
+VER = 2.4.4
THISAPP = libtool-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 2ec8997e0c07249eb4cbd072417d70fe
+$(DL_FILE)_MD5 = 51bf400de3354687d68dfa2392506b7e
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.6.32
+VER = 2.9.2
THISAPP = libxml2-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 2621d322c16f0257e30f0ff2b13384de
+$(DL_FILE)_MD5 = 9e6a9aca9d155737868b3dc5fd82f788
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 1.1.17
+VER = 1.1.28
THISAPP = libxslt-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = fde6a7a93c0eb14cba628692fa3a1000
+$(DL_FILE)_MD5 = 9667bf6f9310b957254fdcf6596600b7
install : $(TARGET)
include Config
-VER = 3.14.33
+VER = 3.14.43
-RPI_PATCHES = 3.14.33-grsec-ipfire1
-A7M_PATCHES = 3.14.33-grsec-ipfire1
-GRS_PATCHES = grsecurity-3.0-3.14.33-201502180832.patch.xz
+RPI_PATCHES = 3.14.43-grsec-ipfire1
+A7M_PATCHES = 3.14.43-grsec-ipfire1
+GRS_PATCHES = grsecurity-3.1-3.14.43-201505191737.patch.xz
THISAPP = linux-$(VER)
DL_FILE = linux-$(VER).tar.xz
CFLAGS =
CXXFLAGS =
-PAK_VER = 58
+PAK_VER = 61
DEPS = ""
VERSUFIX=ipfire$(KCFG)
arm7-multi-patches-$(A7M_PATCHES).patch.xz = $(URL_IPFIRE)/arm7-multi-patches-$(A7M_PATCHES).patch.xz
$(GRS_PATCHES) = $(URL_IPFIRE)/$(GRS_PATCHES)
-$(DL_FILE)_MD5 = c19feb0646fde7e96602ac313fb7e5d6
-rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = e423c8b3a408f23b9a26f8f0f4384c50
-arm7-multi-patches-$(A7M_PATCHES).patch.xz_MD5 = f147ce7c81889d2c5134304f3a6e60e3
-$(GRS_PATCHES)_MD5 = 119943451628ff5a62437637d60a585d
+$(DL_FILE)_MD5 = 927f2343f298dfe531a8371f81356e53
+rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = b5ba925ae1d4279d3ac0f03c27dd16eb
+arm7-multi-patches-$(A7M_PATCHES).patch.xz_MD5 = b9c696fe4f22b05b81c168329ca33c94
+$(GRS_PATCHES)_MD5 = 35e26b1214b1b0b515ee67e5ce50633a
install : $(TARGET)
# Linux Intermediate Queueing Device
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.22-imq.patch
- # ipp2p 0.8.2-ipfire
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10-ipp2p-0.8.2-ipfire.patch
-
# Layer7-patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14-layer7-filter.patch
# r8169 L23 patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.32-r8169_disable_L23.patch
+ # HyperV 2008 patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.x-hyperv-2008-fix.patch
+
ifeq "$(KCFG)" "-kirkwood"
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.10.10-mv_cesa_disable_failing_hmac_sha1.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.22-kirkwood_legacy_boot.patch
# Install switch api userspace header
cd $(DIR_APP) && install -v -m644 include/uapi/linux/switch.h /usr/include/linux/
- # Fix Lamobo-R1 SATA Power
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.x-lamobo-r1-fix-sata-pwr.patch
endif
ifeq "$(KCFG)" "-rpi"
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 3.7.1
+VER = 3.8.1
THISAPP = logrotate-$(VER)
DL_FILE = logrotate_$(VER).orig.tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 552639142e163745f6bcd4f1f3816d8a
+$(DL_FILE)_MD5 = bd2e20d8dc644291b08f9215397d28a5
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 7.3.6
+VER = 7.4.1
THISAPP = logwatch-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 937d982006b2a76a83edfcfd2e5a9d7d
+$(DL_FILE)_MD5 = a0c3d8721f877bdcd4a9089eb1b4691b
install : $(TARGET)
-mkdir -p /var/log/logwatch
chmod -v 755 /var/log/logwatch
-rm -rf /etc/logwatch/conf
- ln -vsf /usr/share/logwatch/default.config /etc/logwatch/conf
+ ln -vsf /usr/share/logwatch/default.conf /etc/logwatch/conf
@rm -rf $(DIR_APP)
@$(POSTBUILD)
include Config
-VER = 5.11
+VER = 5.12.1
THISAPP = monit-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = monit
-PAK_VER = 4
+PAK_VER = 6
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = ff00f39d248ed7068932ed82211da9e6
+$(DL_FILE)_MD5 = 1ffde79207270925f6f7df787d19100a
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.10.03
+VER = 2.11.06
THISAPP = nasm-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = a5d0ed070476a7c5b4f0893dc4a4ea4b
+$(DL_FILE)_MD5 = 2b958e9f5d200641e6fc9564977aecc5
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2011 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 5.4.2.1
+VER = 5.7.3
THISAPP = net-snmp-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
-PROG = netsnmpd
-PAK_VER = 2
+PROG = netsnmpd
+PAK_VER = 4
DEPS = ""
###############################################################################
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 984932520143f0c8bf7b7ce1fc9e1da1
+$(DL_FILE)_MD5 = d4a3459e1577d0efa8d96ca70a885e53
install : $(TARGET)
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure \
- --prefix=/usr \
- --with-default-snmp-version="2" \
- --with-sys-contact="root@" \
- --with-sys-location="localhost" \
- --with-logfile="/var/log/snmpd.log" \
- --with-persistent-directory="/var/net-snmp" \
- --libdir=/usr/lib \
- --sysconfdir="/etc"
+ --prefix=/usr \
+ --with-default-snmp-version="2" \
+ --with-sys-contact="root@" \
+ --with-sys-location="localhost" \
+ --with-logfile="/var/log/snmpd.log" \
+ --with-persistent-directory="/var/net-snmp" \
+ --libdir=/usr/lib \
+ --sysconfdir="/etc"
cd $(DIR_APP) && make
cd $(DIR_APP) && make install
install -v -m644 $(DIR_SRC)/config/netsnmpd/snmpd.conf /etc/snmpd.conf
+ install -v -m 644 $(DIR_SRC)/config/backup/includes/netsnmpd \
+ /var/ipfire/backup/addons/includes/netsnmpd
install -v -m755 $(DIR_SRC)/src/initscripts/init.d/netsnmpd /etc/init.d/netsnmpd
ln -sf ../init.d/netsnmpd /etc/rc.d/rc3.d/S65netsnmpd
ln -sf ../init.d/netsnmpd /etc/rc.d/rc0.d/K02netsnmpd
ln -sf ../init.d/netsnmpd /etc/rc.d/rc6.d/K02netsnmpd
@rm -rf $(DIR_APP)
@$(POSTBUILD)
-
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 0.52.17
+VER = 0.52.18
THISAPP = newt-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = f36d4d908965a0c89fd6fd8b61a6118b
+$(DL_FILE)_MD5 = 685721bee1a318570704b19dcf31d268
install : $(TARGET)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = nfs
-PAK_VER = 5
+PAK_VER = 6
DEPS = "portmap"
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
-ifeq "$(PADLOCK)" "1"
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssh-4.7p1-padlock.patch
-endif
cd $(DIR_APP) && sed -i "s/lkrb5 -ldes/lkrb5/" configure
cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc/ssh \
--libexecdir=/usr/lib/openssh --with-md5-passwords \
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 1.0.1m
+VER = 1.0.2b
THISAPP = openssl-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
-TARGET = $(DIR_INFO)/$(THISAPP)
+
+TARGET = $(DIR_INFO)/$(THISAPP)$(KCFG)
+
+ifneq "$(KCFG)" "-sse2"
+CFLAGS += -DPURIFY
+else
+CFLAGS =-O2 -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fPIC
+CFLAGS+= -fstack-protector-all --param=ssp-buffer-size=4
+CFLAGS+= -march=i686 -mmmx -msse -msse2 -mfpmath=sse
+CFLAGS+= -fomit-frame-pointer -DPURIFY
+CXXFLAGS="${CFLAGS}"
+endif
+
+export RPM_OPT_FLAGS = $(CFLAGS)
+
+CONFIGURE_OPTIONS = \
+ --prefix=/usr \
+ --openssldir=/etc/ssl \
+ --enginesdir=/usr/lib/openssl/engines \
+ shared \
+ zlib-dynamic \
+ enable-camellia \
+ enable-md2 \
+ enable-seed \
+ enable-tlsext \
+ enable-rfc3779 \
+ no-idea \
+ no-mdc2 \
+ no-rc5 \
+ no-srp \
+ -DSSL_FORBID_ENULL
ifeq "$(MACHINE)" "i586"
- CONFIGURE_ARGS = linux-elf no-asm 386
+ CONFIGURE_OPTIONS += linux-elf
+
+ifneq "$(KCFG)" "-sse2"
+ CONFIGURE_OPTIONS += no-sse2
+endif
endif
ifeq "$(MACHINE)" "armv5tel"
- CONFIGURE_ARGS = linux-generic32
+ CONFIGURE_OPTIONS += linux-generic32
endif
-CFLAGS += -DPURIFY
-export RPM_OPT_FLAGS = $(CFLAGS)
-
###############################################################################
# Top-level Rules
###############################################################################
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d143d1555d842a069cb7cc34ba745a06
+$(DL_FILE)_MD5 = 7729b259e2dea7d60b32fc3934d6984b
install : $(TARGET)
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.0-beta5-enginesdir.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1e-rpmbuild.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2a-rpmbuild.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.1m-weak-ciphers.patch
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-disable-sslv2-sslv3.patch
+ # i586 specific patches
+ifeq "$(MACHINE)" "i586"
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2a_auto_enable_padlock.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-1.0.2a_disable_ssse3_for_amd.patch
+endif
+
# Apply our CFLAGS
cd $(DIR_APP) && sed -i Configure \
-e "s/-O3 -fomit-frame-pointer/$(CFLAGS)/g"
cd $(DIR_APP) && find crypto/ -name Makefile -exec \
sed 's/^ASFLAGS=/&-Wa,--noexecstack /' -i {} \;
- cd $(DIR_APP) && ./Configure \
- --prefix=/usr \
- --openssldir=/etc/ssl \
- --enginesdir=/usr/lib/openssl/engines \
- shared \
- zlib-dynamic \
- enable-camellia \
- enable-md2 \
- enable-seed \
- enable-tlsext \
- enable-rfc3779 \
- no-idea \
- no-mdc2 \
- no-rc5 \
- no-srp \
- $(CONFIGURE_ARGS) \
- -DSSL_FORBID_ENULL
+ cd $(DIR_APP) && ./Configure $(CONFIGURE_OPTIONS)
cd $(DIR_APP) && make depend
cd $(DIR_APP) && make
+ifeq "$(KCFG)" "-sse2"
+ -mkdir -pv /usr/lib/sse2
+ cd $(DIR_APP) && install -m 755 \
+ libcrypto.so.10 /usr/lib/sse2
+else
# Install everything.
cd $(DIR_APP) && make install
install -m 0644 $(DIR_SRC)/config/ssl/openssl.cnf /etc/ssl
-mkdir -pv /usr/lib/openssl
rm -vfr /usr/lib/openssl/engines
mv -v /usr/lib/engines /usr/lib/openssl
+endif
@rm -rf $(DIR_APP)
@$(POSTBUILD)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 8.36
+VER = 8.37
THISAPP = pcre-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = ff7b4bb14e355f04885cf18ff4125c98
+$(DL_FILE)_MD5 = 6e0cc6d1bdac7a4308151f9b3571b86e
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2014 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# #
###############################################################################
+
###############################################################################
# Definitions
###############################################################################
include Config
+VER = 1.12
-VER = 0.9.8zf
-
-THISAPP = openssl-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+THISAPP = Text-CSV_XS-$(VER)
+DL_FILE = ${THISAPP}.tgz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = c69a4a679233f7df189e1ad6659511ec
+$(DL_FILE)_MD5 = b91f2d806054b68c2a29d3da5821fe87
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
-
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssl-disable-sslv2-sslv3.patch
-
- # Apply our CFLAGS
- cd $(DIR_APP) && sed -i Configure \
- -e "s/-O3 -fomit-frame-pointer/$(CFLAGS)/g"
-
- cd $(DIR_APP) && sed -i -e 's/mcpu/march/' config
- cd $(DIR_APP) && sed -i -e 's/-O3/-O2/' -e 's/-march=i486/-march=i586/' Configure
-
- # Support for engines is disabled, because the shared objects from the
- # new version of openssl cannot be loaded by the old one.
-
- cd $(DIR_APP) && ./Configure \
- --prefix=/usr \
- --openssldir=/etc/ssl \
- shared linux-elf \
- zlib-dynamic \
- no-engines \
- no-asm 386 \
- -DSSL_FORBID_ENULL
-
- cd $(DIR_APP) && make depend
- cd $(DIR_APP) && make
-
- cd $(DIR_APP) && install -v -m 755 libcrypto.so.0.9.8 /usr/lib
- cd $(DIR_APP) && install -v -m 755 libssl.so.0.9.8 /usr/lib
-
+ cd $(DIR_APP) && perl Makefile.PL
+ cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
+ cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
@$(POSTBUILD)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = postfix
-PAK_VER = 7
+PAK_VER = 8
DEPS = "amavisd mysql"
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = pound
-PAK_VER = 7
+PAK_VER = 8
DEPS = ""
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc
+ cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \
+ --with-dh=1024
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
install -v -m 644 $(DIR_SRC)/config/backup/includes/pound \
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2011 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.7.1
+VER = 2.7.3
include python
PROG = python-optional-src
-PAK_VER = 2
+PAK_VER = 3
DEPS =
dist:
include Config
-VER = 0.15.0
+VER = 2.3.0
-THISAPP = qemu-kvm-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+THISAPP = qemu-$(VER)
+DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
SUP_ARCH = i586
PROG = qemu
-PAK_VER = 14
+PAK_VER = 15
DEPS = "sdl"
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = b45b0deebba4ce47dcaaab3807f6ed47
+$(DL_FILE)_MD5 = 2fab3ea4460de9b57192e5b8b311f221
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/qemu-0.15.0_missing_definitions_hack.patch
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \
+ --enable-kvm --disable-attr \
--target-list="i386-linux-user i386-softmmu arm-softmmu" \
--extra-cflags="$(CFLAGS)"
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
+
+ # install wrapper for old kvm parameter handling
+ install -m 755 $(DIR_SRC)/config/qemu/qemu /usr/bin/qemu
+
+ # disable PaX MPROTECT
+ paxctl -m /usr/bin/qemu-system-arm
+ paxctl -m /usr/bin/qemu-system-i386
+
@rm -rf $(DIR_APP)
@$(POSTBUILD)
###############################################################################
# #
# IPFire.org - An Open Source Firewall Solution #
-# Copyright (C) 2012 Michael Tremer #
+# Copyright (C) 2014 Michael Tremer #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.3.3
+VER = 2.3.9
THISAPP = sarg-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = sarg
-PAK_VER = 1
+PAK_VER = 2
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 09dba9a960d500acd7f17802de62512c
+$(DL_FILE)_MD5 = d6e8b854950f1bebb953e0ea2ca13428
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 2.2.4
+VER = 2.3.0
THISAPP = slang-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 86cd8689cd71e281b4720fef8453ceeb
+$(DL_FILE)_MD5 = 80f4e64189b6f28fd420b829b44a6723
install : $(TARGET)
include Config
-VER = 3.4.9
+VER = 3.4.13
THISAPP = squid-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 497e5be7b3430d12667628296760beca
+$(DL_FILE)_MD5 = a5f6c978b2d7a99b161c8275e1acb470
install : $(TARGET)
--libexecdir=/usr/lib/squid \
--localstatedir=/var \
--disable-ipv6 \
+ --disable-ssl \
--enable-poll \
--disable-icmp \
--disable-wccp \
--enable-ident-lookups \
--enable-storeio="aufs,diskd,ufs" \
- --enable-ssl \
--enable-underscores \
--enable-http-violations \
--enable-removal-policies="heap,lru" \
include Config
-VER = 1.0.2
+VER = 1.0.3
THISAPP = squid-accounting-$(VER)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = squid-accounting
-PAK_VER = 4
+PAK_VER = 5
DEPS = "perl-DBI perl-DBD-SQLite perl-File-ReadBackwards perl-PDF-API2 sendEmail"
-install -dv -m 1777 /tmp /var/tmp
-mkdir -pv /usr/{,local/}{bin,include,lib{,/sse2},sbin,src}
-mkdir -pv /usr/{,local/}share/{doc,info,locale,man}
- -mkdir -v /usr/{,local/}share/{misc,terminfo,zoneinfo}
+ -mkdir -v /usr/{,local/}share/{misc,terminfo,xt_geoip,zoneinfo}
-mkdir -pv /usr/{,local/}share/man/man{1..8}
#-for dir in /usr /usr/local; do \
# ln -sv share/{man,doc,info} $$dir; \
# Move script to correct place.
mv -vf /usr/local/bin/ovpn-ccd-convert /usr/sbin/
-
+ mv -vf /usr/local/bin/ovpn-collectd-convert /usr/sbin/
+
# Install firewall scripts.
mkdir -pv /usr/lib/firewall
install -m 755 $(DIR_SRC)/config/firewall/rules.pl \
include Config
-VER = 5.2.2
+VER = 5.3.1
THISAPP = strongswan-$(VER)
DL_FILE = $(THISAPP).tar.bz2
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 7ee1a33060b2bde35be0f6d78a1d26d0
+$(DL_FILE)_MD5 = 66f258901a3d6c271da1a0c7fb3e5013
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.0.2_ipfire.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-eb25190.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-650a3ad.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-816-dd0ebb.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.2.2-issue-819-cd2c30a.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-5.3.1-build-timeattack.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/strongswan-ipfire.patch
- cd $(DIR_APP) && [ -x "configure" ] || ./autogen.sh
+ cd $(DIR_APP) && autoreconf -vfi
cd $(DIR_APP) && ./configure \
--prefix="/usr" \
--sysconfdir="/etc" \
--enable-farp \
--enable-openssl \
--enable-gcrypt \
+ --enable-ccm \
+ --enable-ctr \
+ --enable-gcm \
--enable-xauth-eap \
--enable-xauth-noauth \
--enable-eap-radius \
include Config
-VER = 2015a
+VER = 2015d
TZDATA_VER = $(VER)
TZCODE_VER = $(VER)
tzdata$(TZDATA_VER).tar.gz = $(DL_FROM)/tzdata$(TZDATA_VER).tar.gz
tzcode$(TZCODE_VER).tar.gz = $(DL_FROM)/tzcode$(TZCODE_VER).tar.gz
-tzdata$(TZDATA_VER).tar.gz_MD5 = 4ed11c894a74a5ea64201b1c6dbb8831
-tzcode$(TZCODE_VER).tar.gz_MD5 = 8f375ede46ae137fbac047ac431bda37
+tzdata$(TZDATA_VER).tar.gz_MD5 = b595bdc4474b8fc1a15cffc67c66025b
+tzcode$(TZCODE_VER).tar.gz_MD5 = 4008a3abc025a398697b2587c48258b9
install : $(TARGET)
rm -f /lib/udev/rules.d/75-persistent-net-generator.rules
rm -f /lib/udev/rules.d/80-net-name-slot.rules
- # Create rule file for the setup
- touch /etc/udev/rules.d/30-persistent-network.rules
-
# Blacklist some modules
cp -vf $(DIR_SRC)/config/udev/blacklist.conf /etc/modprobe.d/blacklist.conf
install -v -m 644 $(DIR_SRC)/config/udev/25-alsa.rules \
/lib/udev/rules.d
+ # Install network rules.
+ install -v -m 755 $(DIR_SRC)/config/udev/network-hotplug-rename \
+ /lib/udev/network-hotplug-rename
+ install -v -m 644 $(DIR_SRC)/config/udev/60-net.rules \
+ /lib/udev/rules.d
+
# Install hwrng rules.
install -v -m 644 $(DIR_SRC)/config/udev/90-hwrng.rules \
/lib/udev/rules.d
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = vsftpd
-PAK_VER = 7
+PAK_VER = 8
DEPS = ""
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = ipfire
+
+THISAPP = web-user-interface-$(VER)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+install: $(TARGET)
+
+check:
+
+download:
+
+md5:
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+
+ # Copy all html/cgi-bin files
+ mkdir -p /srv/web/ipfire/{cgi-bin,html}
+ mkdir -p /var/updatecache/{download,metadata}
+ cp -aR $(DIR_SRC)/html/* /srv/web/ipfire
+
+ # Change CONFIG_ROOT in cgi-scripts
+ for i in /srv/web/ipfire/cgi-bin/{*,logs.cgi/*,vpn.cgi/*}; do \
+ if [ -f $$i ]; then \
+ sed -i "s+CONFIG_ROOT+$(CONFIG_ROOT)+g" $$i; \
+ fi; \
+ done
+ chown -R root:root /srv/web/ipfire
+ chmod -R 755 /srv/web/ipfire/cgi-bin
+ chmod -R 644 /srv/web/ipfire/html
+ chmod 755 /srv/web/ipfire/html /srv/web/ipfire/html/{index.cgi,redirect.cgi,dial.cgi,images,include,themes,themes/*,themes/*/*}
+ ln -svf ipfire /srv/web/ipfire/html/themes/ipfire-rounded
+
+ # Reset permissions of redirect templates and theme directories
+ find /srv/web/ipfire/html/{redirect-templates,themes} -type d | xargs chmod -v 755
+ @$(POSTBUILD)
include Config
-VER = 2.3
+VER = 2.4
THISAPP = wpa_supplicant-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = f2ed8fef72cf63d8d446a2d0a6da630a
+$(DL_FILE)_MD5 = f0037dbe03897dcaf2ad2722e659095d
install : $(TARGET)
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VERSUFIX = ipfire$(KCFG)
+MODPATH = /lib/modules/$(KVER)-$(VERSUFIX)/extra/
+
+VER = 2.6
+
+THISAPP = xtables-addons-$(VER)
+DL_FILE = $(THISAPP).tar.xz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+
+ifeq "$(USPACE)" "1"
+ TARGET = $(DIR_INFO)/$(THISAPP)
+else
+ TARGET = $(DIR_INFO)/$(THISAPP)-kmod-$(KVER)-$(VERSUFIX)
+endif
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 087835ba7e564481b6fd398692268340
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ $(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+
+ # Only build the specified modules.
+ cp -avf $(DIR_SRC)/config/xtables-addons/mconfig \
+ $(DIR_APP)/mconfig
+
+# Check if we build the modules for a kernel or the userspace parts.
+ifeq "$(USPACE)" "1"
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --without-kbuild
+
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+else
+ cd $(DIR_APP) && ./configure \
+ --with-kbuild=/usr/src/linux-$(KVER)/
+
+ cd $(DIR_APP) && make $(MAKETUNING)
+
+ # Install the built kernel modules.
+ cd $(DIR_APP) && for f in $$(ls extensions/*.ko); do \
+ install -m 644 $$f $(MODPATH); \
+ done
+endif
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
include Config
-VER = 5.0.5
+VER = 5.2.1
THISAPP = xz-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = aa17280f4521dbeebed0fbd11cd7fa30
+$(DL_FILE)_MD5 = b5e2dd95dc8498cea5354377ed89aa65
install : $(TARGET)
# along with IPFire; if not, write to the Free Software #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
# #
-# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org>. #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org>. #
# #
############################################################################
#
NAME="IPFire" # Software name
SNAME="ipfire" # Short name
VERSION="2.17" # Version number
-CORE="89" # Core Level (Filename)
-PAKFIRE_CORE="89" # Core Level (PAKFIRE)
+CORE="91" # Core Level (Filename)
+PAKFIRE_CORE="91" # Core Level (PAKFIRE)
GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch
SLOGAN="www.ipfire.org" # Software slogan
CONFIG_ROOT=/var/ipfire # Configuration rootdir
KVER=`grep --max-count=1 VER lfs/linux | awk '{ print $3 }'`
GIT_TAG=$(git tag | tail -1) # Git Tag
GIT_LASTCOMMIT=$(git log | head -n1 | cut -d" " -f2 |head -c8) # Last commit
-TOOLCHAINVER=8
+TOOLCHAINVER=9
# New architecture variables
BUILD_ARCH="$(uname -m)"
export LOGFILE
ipfiremake configroot
ipfiremake backup
+ ipfiremake pkg-config
ipfiremake libusb
ipfiremake libusbx
ipfiremake libpcap
ipfiremake multipath-tools
ipfiremake freetype
ipfiremake grub
+ ipfiremake libmnl
+ ipfiremake iptables
case "${TARGET_ARCH}" in
i586)
ipfiremake backports KCFG="-pae"
ipfiremake cryptodev KCFG="-pae"
ipfiremake e1000e KCFG="-pae"
- ipfiremake igb KCFG="-pae"
+# ipfiremake igb KCFG="-pae"
ipfiremake ixgbe KCFG="-pae"
+ ipfiremake xtables-addons KCFG="-pae"
ipfiremake linux-initrd KCFG="-pae"
# x86 kernel build
ipfiremake backports KCFG=""
ipfiremake cryptodev KCFG=""
ipfiremake e1000e KCFG=""
- ipfiremake igb KCFG=""
+# ipfiremake igb KCFG=""
ipfiremake ixgbe KCFG=""
+ ipfiremake xtables-addons KCFG=""
ipfiremake linux-initrd KCFG=""
;;
ipfiremake linux KCFG="-rpi"
ipfiremake backports KCFG="-rpi"
ipfiremake cryptodev KCFG="-rpi"
+ ipfiremake xtables-addons KCFG="-rpi"
ipfiremake linux-initrd KCFG="-rpi"
# arm multi platform (Panda, Wandboard ...) kernel build
ipfiremake backports KCFG="-multi"
ipfiremake cryptodev KCFG="-multi"
ipfiremake e1000e KCFG="-multi"
- ipfiremake igb KCFG="-multi"
+# ipfiremake igb KCFG="-multi"
ipfiremake ixgbe KCFG="-multi"
+ ipfiremake xtables-addons KCFG="-multi"
ipfiremake linux-initrd KCFG="-multi"
# arm-kirkwood (Dreamplug, ICY-Box ...) kernel build
ipfiremake backports KCFG="-kirkwood"
ipfiremake cryptodev KCFG="-kirkwood"
ipfiremake e1000e KCFG="-kirkwood"
- ipfiremake igb KCFG="-kirkwood"
+# ipfiremake igb KCFG="-kirkwood"
ipfiremake ixgbe KCFG="-kirkwood"
+ ipfiremake xtables-addons KCFG="-kirkwood"
ipfiremake linux-initrd KCFG="-kirkwood"
;;
esac
- ipfiremake pkg-config
+ ipfiremake xtables-addons USPACE="1"
ipfiremake openssl
- ipfiremake openssl-compat
+ [ "${TARGET_ARCH}" = "i586" ] && ipfiremake openssl KCFG='-sse2'
ipfiremake libgpg-error
ipfiremake libgcrypt
ipfiremake libassuan
ipfiremake openldap
ipfiremake apache2
ipfiremake php
- ipfiremake apache2 PASS=C
+ ipfiremake web-user-interface
+ ipfiremake flag-icons
ipfiremake jquery
ipfiremake arping
ipfiremake beep
ipfiremake mtools
ipfiremake initscripts
ipfiremake whatmask
- ipfiremake libmnl
- ipfiremake iptables
ipfiremake conntrack-tools
ipfiremake libupnp
ipfiremake ipaddr
ipfiremake squid-accounting
ipfiremake pigz
ipfiremake tmux
+ ipfiremake perl-Text-CSV_XS
ipfiremake swconfig
ipfiremake haproxy
}
cd $BASEDIR
tools/checknewlog.pl
- tools/checkwronginitlinks
+ tools/checkrootfiles
cd $PWD
beautify build_end
. /etc/sysconfig/rc
. ${rc_functions}
-# Pull custom configuration file
-if [ -e "/etc/sysconfig/dnsmasq" ]; then
- . /etc/sysconfig/dnsmasq
-fi
-
CACHE_SIZE=2500
ENABLE_DNSSEC=1
SHOW_SRV=1
TRUST_ANCHOR=".,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5"
+TIMESTAMP_FILE="/var/ipfire/dns/dnssec-timestamp"
+
+# Pull custom configuration file
+if [ -e "/etc/sysconfig/dnsmasq" ]; then
+ . /etc/sysconfig/dnsmasq
+fi
function dnssec_args() {
- local cmdline="--dnssec --dnssec-timestamp"
+ local cmdline="--dnssec --dnssec-timestamp ${TIMESTAMP_FILE}"
if [ -n "${TRUST_ANCHOR}" ]; then
cmdline="${cmdline} --trust-anchor=${TRUST_ANCHOR}"
iptables -A OUTPUT -o "${BLUE_DEV}" -j DHCPBLUEOUTPUT
fi
+ # GeoIP block
+ iptables -N GEOIPBLOCK
+ iptables -A INPUT -j GEOIPBLOCK
+ iptables -A FORWARD -j GEOIPBLOCK
+
# trafic from ipsecX/TUN/TAP interfaces, before "-i GREEN_DEV" accept everything
iptables -N IPSECINPUT
iptables -N IPSECFORWARD
echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae
echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae
- echo "Name: linux-pae" > /opt/pakfire/db/meta/meta-linux-pae
- echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-pae
- echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-pae
fi
fi
. /etc/sysconfig/rc
. ${rc_functions}
-CHANNEL="05"
+CHANNEL="6"
COUNTRY="00"
TXPOWER="auto"
INTERFACE="blue0"
if [ -e "/sys/class/net/$INTERFACE/phy80211" ]; then
DRIVER="NL80211"
driver="nl80211"
- elif [ -e "/sys/class/net/$INTERFACE/madwifi_name_type" ]; then
- DRIVER="MADWIFI"
- driver="madwifi"
elif [ "$(/bin/grep hostap /sys/class/net/$INTERFACE/uevent)" != "" ]; then
DRIVER="HOSTAP"
driver="hostap"
chmod 644 /var/ipfire/wlanap/settings.tmp
mv /var/ipfire/wlanap/settings.tmp /var/ipfire/wlanap/settings
- if [ "$DRIVER" == "MADWIFI" ]; then
- if [ "$(/usr/sbin/iwconfig $INTERFACE | /bin/grep "Mode:Master")" == "" ]; then
- boot_mesg "Setting MADWIFI wlan $INTERFACE to Master mode... "
- # Set Atheros Cards to master mode
- /usr/bin/wlanconfig $INTERFACE destroy > /dev/null
- /usr/bin/wlanconfig $INTERFACE create wlandev wifi0 wlanmode ap > /dev/null
- fi
- elif [ "$DRIVER" == "HOSTAP" ]; then
+ if [ "$DRIVER" == "HOSTAP" ]; then
if [ "$(/usr/sbin/iwconfig $INTERFACE | /bin/grep "Mode:Master")" == "" ]; then
boot_mesg "Setting HOSTAP wlan $INTERFACE to Master mode... "
# Set Prism Cards to master mode
/usr/bin/hostapd -P /var/run/hostapd /etc/hostapd.conf >/dev/null 2>&1 &
- sleep 2
-
- if [ $DRIVER == "MADWIFI" ]; then
- iwpriv $INTERFACE maccmd 3
- if [ $MACMODE != 0 ]; then
- FILE="/var/ipfire/wlanap/macfile"
- exec < $FILE
- while read LINE
- do
- iwpriv $INTERFACE addmac $LINE
- done
-
- iwpriv $INTERFACE maccmd $MACMODE
- fi
- fi
-
- sleep 2
+ sleep 3
if [ "$(/usr/sbin/iwconfig $INTERFACE | /bin/grep "Mode:Master")" == "" ]; then
killproc /usr/bin/hostapd > /dev/null 2>&1
--- /dev/null
+#!/bin/sh
+########################################################################
+# Begin $rc_base/init.d/network-trigger
+########################################################################
+
+. /etc/sysconfig/rc
+. ${rc_functions}
+
+case "${1}" in
+ start)
+ boot_mesg "Triggering network devices..."
+ udevadm trigger --action="add" --subsystem-match="net"
+ evaluate_retval
+ ;;
+
+ *)
+ echo "Usage: ${0} {start}"
+ exit 1
+ ;;
+esac
+
+# End $rc_base/init.d/network-trigger
fi
# Start dhcpcd.
- /sbin/dhcpcd "${device}" "${dhcp_start}" >/dev/null 2>&1
+ /sbin/dhcpcd ${dhcp_start} ${device} >/dev/null 2>&1
ret="$?"
if [ "${ret}" -eq 0 ]; then
fi
# Stop dhcpcd.
- /sbin/dhcpcd "${device}" "${dhcp_stop}" &> /dev/null
+ /sbin/dhcpcd ${dhcp_stop} ${device} &> /dev/null
ret="$?"
# Wait until dhcpd has stopped.
--- /dev/null
+#!/bin/bash
+
+# Get the GeoIP database if no one exists yet.
+
+DIR="/usr/share/xt_geoip/*"
+
+found=false
+
+# Check if the directory contains any data.
+for i in $DIR; do
+ # Ignore "." and ".."
+ if [ -d "$i" ]; then
+ found=true
+ break
+ fi
+done
+
+# Download ruleset if none has been found.
+if ! ${found}; then
+ /usr/local/bin/xt_geoip_update >/dev/null 2>&1
+fi
+
+exit 0
loadproc /usr/sbin/rpc.rquotad
fi
- # NFSD support only in 2.6 kernel
- /bin/uname -r | /bin/grep "2.6" 2>&1 > /dev/null
- if [ $? = 0 ]; then
- boot_mesg "Mounting nfsd virtual filesystem..."
- /bin/mount -t nfsd none /proc/fs/nfsd 2>&1 > /dev/null
- evaluate_retval
- fi
+ boot_mesg "Mounting nfsd virtual filesystem..."
+ /bin/mount -t nfsd none /proc/fs/nfsd 2>&1 > /dev/null
+ evaluate_retval
# Make ceratin that the list is refreshed on
# a restart.
/usr/sbin/exportfs -au 2>&1 > /dev/null
evaluate_retval
- # NFSD support only in 2.6 kernel
- /bin/uname -r | /bin/grep "2.6" 2>&1 > /dev/null
- if [ $? = 0 ]; then
- boot_mesg "Unmounting NFS Virtual Filesystem..."
- /bin/umount /proc/fs/nfsd 2>&1 > /dev/null
- evaluate_retval
- fi
+ boot_mesg "Unmounting NFS Virtual Filesystem..."
+ /bin/umount /proc/fs/nfsd 2>&1 > /dev/null
+ evaluate_retval
# Remove a pid file that isn't done automatically
boot_mesg "Removing the rpc.statd pid file if it exists"
# <major> and <minor> are the major and minor numbers used for the device.
########################################################################
+/var/run/ovpnserver.log file 644 nobody nobody
+/var/run/openvpn dir 644 nobody nobody
+
# End /etc/sysconfig/createfiles
static struct config {
int unattended;
int serial_console;
+ int novga;
int require_networking;
int perform_download;
int disable_swap;
} config = {
.unattended = 0,
.serial_console = 0,
+ .novga = 0,
.require_networking = 0,
.perform_download = 0,
.disable_swap = 0,
if ((strcmp(key, "console") == 0) && (strncmp(val, "ttyS", 4) == 0))
c->serial_console = 1;
+ // novga
+ else if (strcmp(key, "novga") == 0)
+ c->novga = 1;
+
// enable networking?
else if (strcmp(token, "installer.net") == 0)
c->require_networking = 1;
replace("/harddisk/etc/inittab", "#7:2345:respawn:", "7:2345:respawn:");
}
+ /* novga */
+ if (config.novga) {
+ /* grub */
+ FILE* f = fopen(DESTINATION_MOUNT_PATH "/etc/default/grub", "a");
+ if (!f) {
+ errorbox(_("Unable to open /etc/default/grub for writing."));
+ goto EXIT;
+ }
+
+ fprintf(f, "GRUB_GFXMODE=\"none\"\n");
+ fclose(f);
+ }
+
rc = hw_install_bootloader(destination, logfile);
if (rc) {
errorbox(_("Unable to install the bootloader."));
newtPopWindow();
- /* Set marker that the user has already accepted the gpl */
- mysystem(logfile, "/usr/bin/touch /harddisk/var/ipfire/main/gpl_accepted");
+ /* Set marker that the user has already accepted the GPL if the license has been shown
+ * in the installation process. In unatteded mode, the user will be presented the
+ * license when he or she logs on to the web user interface for the first time. */
+ if (!config.unattended)
+ mysystem(logfile, "/usr/bin/touch /harddisk/var/ipfire/main/gpl_accepted");
/* Copy restore file from cdrom */
char* backup_file = hw_find_backup_file(logfile, SOURCE_MOUNT_PATH);
# André Felipe Morro <andre@andremorro.com>, 2014
# Evertton de Lima <e.everttonlima@gmail.com>, 2015
# Leandro Luquetti Basilio da Silva <leandroluquetti@gmail.com>, 2014
+# Moisés Bites Borges de Castro <moisesbites@gmail.com>, 2015
msgid ""
msgstr ""
"Project-Id-Version: IPFire Project\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2014-11-05 01:29+0000\n"
-"PO-Revision-Date: 2015-02-16 23:04+0000\n"
-"Last-Translator: Evertton de Lima <e.everttonlima@gmail.com>\n"
+"PO-Revision-Date: 2015-03-24 21:30+0000\n"
+"Last-Translator: Moisés Bites Borges de Castro <moisesbites@gmail.com>\n"
"Language-Team: Portuguese (Brazil) (http://www.transifex.com/projects/p/ipfire/language/pt_BR/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"No source drive could be found.\n"
"\n"
"You can try downloading the required installation image."
-msgstr ""
+msgstr "Nenhum Drive de origem foi encontrado.\n\nVocê pode tentar baixar a imagem da instalação solicitada. "
#: main.c:456
msgid ""
"Please make sure to connect your machine to a network and the installer will"
" try connect to acquire an IP address."
-msgstr ""
+msgstr "Por favor certifique que sua máquina está conectada com uma rede e o instalador irá tentar conectar para pegar um endereço IP;"
#: main.c:460
msgid "Download installation image"
#: main.c:510
#, c-format
msgid "MD5 checksum mismatch"
-msgstr ""
+msgstr "Assinatura MD5 incompatível"
#: main.c:513
#, c-format
#: main.c:834
msgid "An error occured when the backup file was restored."
-msgstr "Um erro ocorreu enquanto a cópia de segurança foi restaurada."
+msgstr "Um erro ocorreu enquanto a cópia de segurança era restaurada."
#: main.c:869
msgid "Running post-install script..."
-msgstr "Executando post-install script..."
+msgstr "Executando script pós instalação..."
#: main.c:870
msgid "Post-install script failed."
-msgstr "Post-install script falhou."
+msgstr "Script de pós instalação falhou."
#: main.c:877
#, c-format
"%s was successfully installed!\n"
"\n"
"Please remove any installation mediums from this system and hit the reboot button. Once the system has restarted you will be asked to setup networking and system passwords. After that, you should point your web browser at https://%s:444 (or what ever you name your %s) for the web configuration console."
-msgstr ""
+msgstr "%s está instalado com sucesso!\n\nPor favor, remova qualquer mídia de instalação desse sistema e o reinicie. Assim que o sistema for reiniciado você será solicitado a configurar a rede e especificar as senhas de sistema. Após isso, você deve apontar seu navegador para https://%s:444 (ou use nome de %s) para a página de configuração web."
#: main.c:882
msgid "Congratulations!"
PROGS = iowrap
SUID_PROGS = squidctrl sshctrl ipfirereboot \
ipsecctrl timectrl dhcpctrl snortctrl \
- applejuicectrl rebuildhosts backupctrl \
+ applejuicectrl rebuildhosts backupctrl collectdctrl \
logwatch openvpnctrl firewallctrl \
wirelessctrl getipstat qosctrl launch-ether-wake \
redctrl syslogdctrl extrahdctrl sambactrl upnpctrl tripwirectrl \
smartctrl clamavctrl addonctrl pakfire mpfirectrl wlanapctrl \
setaliases urlfilterctrl updxlratorctrl fireinfoctrl rebuildroutes \
- getconntracktable wirelessclient dnsmasqctrl torctrl
+ getconntracktable wirelessclient dnsmasqctrl torctrl ddnsctrl
SUID_UPDX = updxsetperms
OBJS = $(patsubst %,%.o,$(PROGS) $(SUID_PROGS))
--- /dev/null
+/* This file is part of the IPFire Firewall.
+ *
+ * This program is distributed under the terms of the GNU General Public
+ * Licence. See the file COPYING for details.
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include "setuid.h"
+
+int main(int argc, char *argv[]) {
+ if (!(initsetuid()))
+ exit(1);
+
+ if (argc < 2) {
+ fprintf(stderr, "\nNo argument given.\n\ncollectdctrl (start|stop|restart)\n\n");
+ exit(1);
+ }
+
+ if (strcmp(argv[1], "restart") == 0) {
+ safe_system("/etc/rc.d/init.d/collectd restart");
+
+ } else if (strcmp(argv[1], "stop") == 0) {
+ safe_system("/etc/rc.d/init.d/collectd stop");
+
+ } else if (strcmp(argv[1], "start") == 0) {
+ safe_system("/etc/rc.d/init.d/collectd start");
+
+ } else {
+ fprintf(stderr, "\nBad argument given.\n\ncollectdctrl (start|stop|restart)\n\n");
+ exit(1);
+ }
+
+ return 0;
+}
--- /dev/null
+/* This file is part of the IPFire Firewall.
+*
+* This program is distributed under the terms of the GNU General Public
+* Licence. See the file COPYING for details.
+*
+*/
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "setuid.h"
+
+const char *conffile = "/var/ipfire/ddns/ddns.conf";
+
+int main(int argc, char *argv[]) {
+ char cmd[STRING_SIZE];
+
+ if (!(initsetuid()))
+ exit(1);
+
+ if (argc < 2) {
+ fprintf(stderr, "\nNo argument given.\n\nddnsctrl (update-all)\n\n");
+ exit(1);
+ }
+
+ if (strcmp(argv[1], "update-all") == 0) {
+ snprintf(cmd, sizeof(cmd), "/usr/bin/ddns --config %s update-all >/dev/null 2>&1", conffile);
+ safe_system(cmd);
+ } else {
+ fprintf(stderr, "\nBad argument given.\n\nddnsctrl (update-all)\n\n");
+ exit(1);
+ }
+
+ return 0;
+}
void open_physical (char *interface, int nat_traversal_port) {
char str[STRING_SIZE];
- // GRE ???
-// sprintf(str, "/sbin/iptables -A " phystable " -p 47 -i %s -j ACCEPT", interface);
-// safe_system(str);
- // ESP
-// sprintf(str, "/sbin/iptables -A " phystable " -p 50 -i %s -j ACCEPT", interface);
-// safe_system(str);
- // AH
-// sprintf(str, "/sbin/iptables -A " phystable " -p 51 -i %s -j ACCEPT", interface);
-// safe_system(str);
// IKE
-
- sprintf(str, "/sbin/iptables -D IPSECINPUT -p udp -i %s --dport 500 -j ACCEPT >/dev/null 2>&1", interface);
+ sprintf(str, "/sbin/iptables --wait -D IPSECINPUT -p udp -i %s --dport 500 -j ACCEPT >/dev/null 2>&1", interface);
safe_system(str);
- sprintf(str, "/sbin/iptables -A IPSECINPUT -p udp -i %s --dport 500 -j ACCEPT", interface);
+ sprintf(str, "/sbin/iptables --wait -A IPSECINPUT -p udp -i %s --dport 500 -j ACCEPT", interface);
safe_system(str);
if (! nat_traversal_port)
return;
- sprintf(str, "/sbin/iptables -D IPSECINPUT -p udp -i %s --dport %i -j ACCEPT >/dev/null 2>&1", interface, nat_traversal_port);
+ sprintf(str, "/sbin/iptables --wait -D IPSECINPUT -p udp -i %s --dport %i -j ACCEPT >/dev/null 2>&1", interface, nat_traversal_port);
safe_system(str);
- sprintf(str, "/sbin/iptables -A IPSECINPUT -p udp -i %s --dport %i -j ACCEPT", interface, nat_traversal_port);
+ sprintf(str, "/sbin/iptables --wait -A IPSECINPUT -p udp -i %s --dport %i -j ACCEPT", interface, nat_traversal_port);
safe_system(str);
}
void ipsec_norules() {
/* clear input rules */
- safe_system("/sbin/iptables -F IPSECINPUT");
- safe_system("/sbin/iptables -F IPSECFORWARD");
- safe_system("/sbin/iptables -F IPSECOUTPUT");
+ safe_system("/sbin/iptables --wait -F IPSECINPUT");
+ safe_system("/sbin/iptables --wait -F IPSECFORWARD");
+ safe_system("/sbin/iptables --wait -F IPSECOUTPUT");
}
/*
+#define _XOPEN_SOURCE 500
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <fcntl.h>
+#include <ftw.h>
#include "setuid.h"
#include "netutil.h"
#include "libsmooth.h"
typedef struct connection_struct connection;
+static int recursive_remove_callback(const char* fpath, const struct stat* sb, int typeflag, struct FTW* ftwbuf) {
+ int rv = remove(fpath);
+ if (rv)
+ perror(fpath);
+
+ return rv;
+}
+
+static int recursive_remove(const char* path) {
+ return nftw(path, recursive_remove_callback, 64, FTW_DEPTH | FTW_PHYS);
+}
+
void exithandler(void)
{
if(kv)
int killNet2Net(char *name) {
connection *conn = NULL;
connection *conn_iter;
+ int rc = 0;
conn_iter = getConnections();
snprintf(command, STRING_SIZE - 1, "/bin/rm -f %s", pidfile);
executeCommand(command);
+ char runfile[STRING_SIZE];
+ snprintf(runfile, STRING_SIZE - 1, "/var/run/openvpn/%s-n2n", conn->name);
+ rc = recursive_remove(runfile);
+ if (rc)
+ perror(runfile);
+
return 0;
}
int deleterrd(char *name) {
+ char rrd_dir[STRING_SIZE];
+
connection *conn = getConnections();
+ while(conn) {
+ if (strcmp(conn->name, name) != 0) {
+ conn = conn->next;
+ continue;
+ }
- char rrd_file[STRING_SIZE];
- snprintf(rrd_file, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s/if_octets.rrd", name);
+ // Handle RW connections
+ if (strcmp(conn->type, "host") == 0) {
+ snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s/", name);
- char rrd_dir[STRING_SIZE];
- snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s", name);
+ // Handle N2N connections
+ } else if (strcmp(conn->type, "net") == 0) {
+ snprintf(rrd_dir, STRING_SIZE - 1, "/var/log/rrd/collectd/localhost/openvpn-%s-n2n/", name);
- while(conn) {
- /* Find only RW-Connections with the given name. */
- if (((strcmp(conn->type, "host") == 0) && (strcmp(conn->name, name) == 0))) {
- remove(rrd_file);
- remove(rrd_dir);
- return 0;
+ // Unhandled connection type
+ } else {
+ conn = conn->next;
+ continue;
}
- conn = conn->next;
+
+ return recursive_remove(rrd_dir);
}
return 1;
freekeyvalues(kv);
kv = NULL;
- if (!(gw = fopen(CONFIG_ROOT "/red/remote-ipaddress", "r")))
- {
+ if ((gw = fopen(CONFIG_ROOT "/red/remote-ipaddress", "r"))) {
+ if (fgets(gateway, STRING_SIZE, gw) == NULL) {
+ fprintf(stderr, "Couldn't read remote-ipaddress\n");
+ exit(1);
+ }
+ } else {
fprintf(stderr, "Couldn't open remote-ipaddress file\n");
- fclose(gw);
- gw = NULL;
- exit(1);
- }
-
- if (fgets(gateway, STRING_SIZE, gw) == NULL)
- {
- fprintf(stderr, "Couldn't read remote-ipaddress\n");
- exit(1);
}
if (!(fd = fopen(CONFIG_ROOT "/main/hosts", "r")))
else
fprintf(hosts, "%s\t%s\n",address,hostname);
- fprintf(hosts, "%s\tgateway\n",gateway);
+ if (strlen(gateway) > 0)
+ fprintf(hosts, "%s\tgateway\n", gateway);
while (fgets(buffer, STRING_SIZE, fd))
{
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
foreach $file (@files) {
next if ( $file eq "." );
next if ( $file eq ".." );
+ next if ( $file eq "meta-" );
next if ( $file =~ /^old/ );
open(FILE, "<$Conf::dbdir/meta/$file");
@meta = <FILE>;
return @all;
}
+sub resolvedeps_recursive {
+ my @packages = shift;
+ my @result = ();
+
+ foreach my $pkg (@packages) {
+ my @deps = &Pakfire::resolvedeps($pkg);
+
+ foreach my $dep (@deps) {
+ push(@result, $dep);
+ }
+ }
+
+ # Sort the result array and remove dupes
+ my %sort = map{ $_, 1 } @result;
+ @result = keys %sort;
+
+ return @result;
+}
+
sub cleanup {
my $dir = shift;
my $path;
}
unless ($file) {
- message("No filename given in meta-file. Please phone the developers.");
+ message("No filename given in meta-file.");
exit 1;
}
unless ( "$ret" eq "0" ) {
message("CRYPTO WARN: The GnuPG isn't configured corectly. Trying now to fix this.");
message("CRYPTO WARN: It's normal to see this on first execution.");
+ message("CRYPTO WARN: If this message is being shown repeatedly, check if time and date are set correctly, and if IPFire can connect via port 11371 TCP.");
my $command = "gpg --keyserver pgp.ipfire.org --always-trust --status-fd 2";
system("$command --recv-key $myid >> $Conf::logdir/gnupg-database.log 2>&1");
system("$command --recv-key $trustid >> $Conf::logdir/gnupg-database.log 2>&1");
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
} elsif ("$ARGV[0]" eq "upgrade") {
&Pakfire::upgradecore();
my @upgradepaks = &Pakfire::dblist("upgrade", "noweb");
- my @temp, $pak;
-
- foreach (@upgradepaks) {
- @temp = &Pakfire::resolvedeps("$_");
- foreach (@temp) { push(@upgradepaks,$_) if $_; }
- }
-
+
if (@upgradepaks) {
+ # Resolve the dependencies of the to be upgraded packages
+ my @deps = &Pakfire::resolvedeps_recursive(@upgradepaks);
+
&Pakfire::message("");
&Pakfire::message("PAKFIRE UPGR: We are going to install all packages listed above.");
if ($interactive) {
}
}
- ### Download first
+ # Download packages
foreach $pak (@upgradepaks) {
- #system("mv $Conf::dbdir/meta/meta-$pak $Conf::dbdir/meta/old-meta-$pak");
&Pakfire::getpak("$pak", "");
}
-
+
+ # Download dependencies
+ foreach $pak (@deps) {
+ &Pakfire::getpak("$pak", "");
+ }
+
+ # Install dependencies first
+ foreach $pak (@deps) {
+ &Pakfire::setuppak("$pak");
+ }
+
+ # Install all upgrades
foreach $pak (@upgradepaks) {
- if (&Pakfire::upgradepak("$pak")) {
- #system("mv $Conf::dbdir/meta/old-meta-$pak $Conf::dbdir/meta/meta-$pak");
- }
+ &Pakfire::upgradepak("$pak");
}
} elsif ("$ARGV[0]" eq "list") {
############################################################################
#
. /opt/pakfire/lib/functions.sh
+extract_backup_includes
stop_service ${NAME}
make_backup ${NAME}
remove_files
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+extract_files
+
+# Enable autostart
+ln -sf ../init.d/haproxy /etc/rc.d/rc0.d/K25haproxy
+ln -sf ../init.d/haproxy /etc/rc.d/rc3.d/S35haproxy
+ln -sf ../init.d/haproxy /etc/rc.d/rc6.d/K25haproxy
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+remove_files
+rm -rfv /etc/rc.d/rc*.d/*haproxy
#
/usr/bin/dracut --force --xz /boot/initramfs-$KVER-ipfire-pae.img $KVER-ipfire-pae
-
-ROOT="$(find_partition "/")"
-case $ROOT in
- xvd* )
- #
- # We are on XEN so create new grub.conf / menu.lst for pygrub
- #
- echo "timeout 10" > /boot/grub/grub.conf
- echo "default 0" >> /boot/grub/grub.conf
- echo "title IPFire (pae-kernel)" >> /boot/grub/grub.conf
- echo " kernel /vmlinuz-$KVER-ipfire-pae root=/dev/$ROOT rootdelay=10 panic=10 console=hvc0" \
- >> /boot/grub/grub.conf
- echo " initrd /initramfs-$KVER-ipfire-pae.img" >> /boot/grub/grub.conf
- echo "# savedefault 0" >> /boot/grub/grub.conf
- ln -s grub.conf $MNThdd/boot/grub/menu.lst
- ;;
- * )
- #
- # Update grub2 config
- #
- grub-mkconfig > /boot/grub/grub.cfg
- ;;
-esac
+if [ -e /boot/grub/grub.cfg ]; then
+ #
+ # Update grub2 config
+ #
+ grub-mkconfig > /boot/grub/grub.cfg
+else
+ #
+ # xen pv with pygrub need grub.conf / menu.lst
+ #
+ echo "timeout 10" > /boot/grub/grub.conf
+ echo "default 0" >> /boot/grub/grub.conf
+ echo "title IPFire (pae-kernel)" >> /boot/grub/grub.conf
+ echo " kernel /vmlinuz-$KVER-ipfire-pae root=/dev/$ROOT rootdelay=10 panic=10 console=hvc0" \
+ >> /boot/grub/grub.conf
+ echo " initrd /initramfs-$KVER-ipfire-pae.img" >> /boot/grub/grub.conf
+ echo "# savedefault 0" >> /boot/grub/grub.conf
+ ln -s grub.conf $MNThdd/boot/grub/menu.lst
+fi
# request a reboot if pae is supported
if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
############################################################################
#
. /opt/pakfire/lib/functions.sh
+extract_backup_includes
stop_service ${NAME}
make_backup ${NAME}
remove_files
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 2 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2007 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+./uninstall.sh
+./install.sh
#
. /opt/pakfire/lib/functions.sh
extract_files
+restore_backup ${NAME}
postalias /etc/aliases
# Set postfix's hostname
postconf -e "myhostname=$(hostname -f)"
-/etc/init.d/postfix start
+
+start_service ${NAME}
# Enable autostart for postfix
ln -sf ../init.d/postfix /etc/rc.d/rc0.d/K25postfix
############################################################################
#
. /opt/pakfire/lib/functions.sh
+extract_backup_includes
+stop_service ${NAME}
+make_backup ${NAME}
remove_files
rm -rfv /etc/rc.d/rc*.d/*postfix
--- /dev/null
+diff -Naur backports-3.18.1-1.org/drivers/net/wireless/rt2x00/rt2800usb.c backports-3.18.1-1/drivers/net/wireless/rt2x00/rt2800usb.c
+--- backports-3.18.1-1.org/drivers/net/wireless/rt2x00/rt2800usb.c 2014-12-21 22:37:14.000000000 +0100
++++ backports-3.18.1-1/drivers/net/wireless/rt2x00/rt2800usb.c 2015-04-07 11:44:16.647963570 +0200
+@@ -444,7 +444,7 @@
+
+ rt2x00usb_register_read(rt2x00dev, TXRXQ_PCNT, ®);
+ if (rt2x00_get_field32(reg, TXRXQ_PCNT_TX0Q)) {
+- rt2x00_warn(rt2x00dev, "TX HW queue 0 timed out, invoke forced kick\n");
++ rt2x00_dbg(rt2x00dev, "TX HW queue 0 timed out, invoke forced kick\n");
+
+ rt2x00usb_register_write(rt2x00dev, PBF_CFG, 0xf40012);
+
+@@ -459,7 +459,7 @@
+
+ rt2x00usb_register_read(rt2x00dev, TXRXQ_PCNT, ®);
+ if (rt2x00_get_field32(reg, TXRXQ_PCNT_TX1Q)) {
+- rt2x00_warn(rt2x00dev, "TX HW queue 1 timed out, invoke forced kick\n");
++ rt2x00_dbg(rt2x00dev, "TX HW queue 1 timed out, invoke forced kick\n");
+
+ rt2x00usb_register_write(rt2x00dev, PBF_CFG, 0xf4000a);
+
+@@ -609,7 +609,7 @@
+
+ if (unlikely(test_bit(ENTRY_OWNER_DEVICE_DATA, &entry->flags) ||
+ !test_bit(ENTRY_DATA_STATUS_PENDING, &entry->flags))) {
+- rt2x00_warn(rt2x00dev, "Data pending for entry %u in queue %u\n",
++ rt2x00_dbg(rt2x00dev, "Data pending for entry %u in queue %u\n",
+ entry->entry_idx, qid);
+ break;
+ }
+diff -Naur backports-3.18.1-1.org/drivers/net/wireless/rt2x00/rt2x00usb.c backports-3.18.1-1/drivers/net/wireless/rt2x00/rt2x00usb.c
+--- backports-3.18.1-1.org/drivers/net/wireless/rt2x00/rt2x00usb.c 2014-12-21 22:37:14.000000000 +0100
++++ backports-3.18.1-1/drivers/net/wireless/rt2x00/rt2x00usb.c 2015-04-07 11:42:41.723492892 +0200
+@@ -524,7 +524,7 @@
+
+ static void rt2x00usb_watchdog_tx_dma(struct data_queue *queue)
+ {
+- rt2x00_warn(queue->rt2x00dev, "TX queue %d DMA timed out, invoke forced forced reset\n",
++ rt2x00_dbg(queue->rt2x00dev, "TX queue %d DMA timed out, invoke forced reset\n",
+ queue->qid);
+
+ rt2x00queue_stop_queue(queue);
sstrncpy (vl.plugin_instance, pinst,
sizeof (vl.plugin_instance));
- sstrncpy (vl.type, "compression", sizeof (vl.type));
-+ sstrncpy (vl.type, "compression_dervice", sizeof (vl.type));
++ sstrncpy (vl.type, "compression_derive", sizeof (vl.type));
if (tinst != NULL)
sstrncpy (vl.type_instance, tinst, sizeof (vl.type_instance));
--- /dev/null
+diff --git a/src/openvpn.c b/src/openvpn.c
+index d446e9957b68..ef5bf1078285 100644
+--- a/src/openvpn.c
++++ b/src/openvpn.c
+@@ -70,6 +70,7 @@ static const char *config_keys[] =
+ };
+ static int config_keys_num = STATIC_ARRAY_SIZE (config_keys);
+
++static int version_detect (const char *filename);
+
+ /* Helper function
+ * copy-n-pasted from common.c - changed delim to "," */
+@@ -540,6 +541,11 @@ static int openvpn_read (void)
+ continue;
+ }
+
++ // If the version was not detected yet, we try to guess again
++ if (vpn_list[i]->version == 0) {
++ vpn_list[i]->version = version_detect(vpn_list[i]->file);
++ }
++
+ switch (vpn_list[i]->version)
+ {
+ case SINGLE:
+@@ -567,7 +573,7 @@ static int openvpn_read (void)
+ read += vpn_read;
+ }
+
+- return (read ? 0 : -1);
++ return 0;
+ } /* int openvpn_read */
+
+ static int version_detect (const char *filename)
+@@ -630,16 +636,6 @@ static int version_detect (const char *filename)
+ }
+ }
+
+- if (version == 0)
+- {
+- /* This is only reached during configuration, so complaining to
+- * the user is in order. */
+- NOTICE ("openvpn plugin: %s: Unknown file format, please "
+- "report this as bug. Make sure to include "
+- "your status file, so the plugin can "
+- "be adapted.", filename);
+- }
+-
+ fclose (fh);
+
+ return version;
+@@ -656,13 +652,6 @@ static int openvpn_config (const char *key, const char *value)
+ /* try to detect the status file format */
+ status_version = version_detect (value);
+
+- if (status_version == 0)
+- {
+- WARNING ("openvpn plugin: unable to detect status version, \
+- discarding status file \"%s\".", value);
+- return (1);
+- }
+-
+ status_file = sstrdup (value);
+ if (status_file == NULL)
+ {
+++ /dev/null
-diff -up cyrus-sasl-2.1.22/plugins/digestmd5.c.elif cyrus-sasl-2.1.22/plugins/digestmd5.c
---- cyrus-sasl-2.1.22/plugins/digestmd5.c.elif 2009-01-23 09:40:31.000000000 +0100
-+++ cyrus-sasl-2.1.22/plugins/digestmd5.c 2009-02-06 15:20:15.000000000 +0100
-@@ -2743,7 +2743,7 @@ static sasl_server_plug_t digestmd5_serv
- "DIGEST-MD5", /* mech_name */
- #ifdef WITH_RC4
- 128, /* max_ssf */
--#elif WITH_DES
-+#elif defined(WITH_DES)
- 112,
- #else
- 1,
-@@ -4071,7 +4071,7 @@ static sasl_client_plug_t digestmd5_clie
- "DIGEST-MD5",
- #ifdef WITH_RC4 /* mech_name */
- 128, /* max ssf */
--#elif WITH_DES
-+#elif defined(WITH_DES)
- 112,
- #else
- 1,
--- /dev/null
+commit 63e16feedea3639ef1f21fecbff9ed2ae256728b
+Author: Michael Tremer <michael.tremer@ipfire.org>
+Date: Sat Apr 25 13:18:07 2015 +0200
+
+ Perform lazy initialization of the database
+
+ The database will only be initialized when it is actually
+ needed. That makes starting up ddns a bit faster and allows
+ us to execute it as non-root for simple commands like
+ "list-providers".
+
+ If the database path is not writable at all, the database
+ feature is disable and an error message is logged. This
+ will hopefully help us to perform the DNS update even when
+ there is a local misconfiguration.
+
+diff --git a/src/ddns/database.py b/src/ddns/database.py
+index 5d4ffc9..42c3433 100644
+--- a/src/ddns/database.py
++++ b/src/ddns/database.py
+@@ -20,7 +20,7 @@
+ ###############################################################################
+
+ import datetime
+-import os.path
++import os
+ import sqlite3
+
+ # Initialize the logger.
+@@ -31,9 +31,11 @@ logger.propagate = 1
+ class DDNSDatabase(object):
+ def __init__(self, core, path):
+ self.core = core
++ self.path = path
+
+- # Open the database file
+- self._db = self._open_database(path)
++ # We won't open the connection to the database directly
++ # so that we do not do it unnecessarily.
++ self._db = None
+
+ def __del__(self):
+ self._close_database()
+@@ -46,7 +48,7 @@ class DDNSDatabase(object):
+ conn = sqlite3.connect(path, detect_types=sqlite3.PARSE_DECLTYPES|sqlite3.PARSE_COLNAMES)
+ conn.isolation_level = None
+
+- if not exists:
++ if not exists and self.is_writable():
+ logger.debug("Initialising database layout")
+ c = conn.cursor()
+ c.executescript("""
+@@ -68,12 +70,25 @@ class DDNSDatabase(object):
+
+ return conn
+
++ def is_writable(self):
++ # Check if the database file exists and is writable.
++ ret = os.access(self.path, os.W_OK)
++ if ret:
++ return True
++
++ # If not, we check if we are able to write to the directory.
++ # In that case the database file will be created in _open_database().
++ return os.access(os.path.dirname(self.path), os.W_OK)
++
+ def _close_database(self):
+ if self._db:
+ self._db_close()
+ self._db = None
+
+ def _execute(self, query, *parameters):
++ if self._db is None:
++ self._db = self._open_database(self.path)
++
+ c = self._db.cursor()
+ try:
+ c.execute(query, parameters)
+@@ -81,6 +96,10 @@ class DDNSDatabase(object):
+ c.close()
+
+ def add_update(self, hostname, status, message=None):
++ if not self.is_writable():
++ logger.warning("Could not log any updates because the database is not writable")
++ return
++
+ self._execute("INSERT INTO updates(hostname, status, message, timestamp) \
+ VALUES(?, ?, ?, ?)", hostname, status, message, datetime.datetime.utcnow())
+
--- /dev/null
+commit f62fa5baffe2d225604460ecd03b8159b987df8f
+Author: Michael Tremer <michael.tremer@ipfire.org>
+Date: Sun Apr 26 20:15:33 2015 +0200
+
+ database: Open database for the search operations, too
+
+diff --git a/src/ddns/database.py b/src/ddns/database.py
+index 42c3433..70a7363 100644
+--- a/src/ddns/database.py
++++ b/src/ddns/database.py
+@@ -122,6 +122,9 @@ class DDNSDatabase(object):
+ """
+ Returns the timestamp of the last update (with the given status code).
+ """
++ if self._db is None:
++ self._db = self._open_database(self.path)
++
+ c = self._db.cursor()
+
+ try:
+@@ -141,6 +144,9 @@ class DDNSDatabase(object):
+ """
+ Returns the update status of the last update.
+ """
++ if self._db is None:
++ self._db = self._open_database(self.path)
++
+ c = self._db.cursor()
+
+ try:
+@@ -156,6 +162,9 @@ class DDNSDatabase(object):
+ """
+ Returns the reason string for the last failed update (if any).
+ """
++ if self._db is None:
++ self._db = self._open_database(self.path)
++
+ c = self._db.cursor()
+
+ try:
+++ /dev/null
-commit 78046ffe2187d91c61d6c2f910249b8a5be71b08
-Author: Stefan Schantl <stefan.schantl@ipfire.org>
-Date: Wed Oct 22 21:39:09 2014 +0200
-
- Add changeip.com as new provider.
-
- Fixes #10639.
-
-diff --git a/README b/README
-index 5944102..6a06f4b 100644
---- a/README
-+++ b/README
-@@ -49,6 +49,7 @@ INSTALLATION:
-
- SUPPORTED PROVIDERS:
- all-inkl.com
-+ changeip.com
- dhs.org
- dns.lightningwirelabs.com
- dnspark.com
-diff --git a/ddns.conf.sample b/ddns.conf.sample
-index d3ac53f..0048a46 100644
---- a/ddns.conf.sample
-+++ b/ddns.conf.sample
-@@ -30,6 +30,11 @@
- # secret = XYZ
- # ttl = 60
-
-+# [test.changeip.com]
-+# provider = changeip.com
-+# username = user
-+# password = pass
-+
- # [test.dhs.org]
- # provider = dhs.org
- # username = user
-diff --git a/src/ddns/providers.py b/src/ddns/providers.py
-index 1e88995..587d5ff 100644
---- a/src/ddns/providers.py
-+++ b/src/ddns/providers.py
-@@ -539,6 +539,44 @@ class DDNSProviderBindNsupdate(DDNSProvider):
- return "\n".join(scriptlet)
-
-
-+class DDNSProviderChangeIP(DDNSProvider):
-+ handle = "changeip.com"
-+ name = "ChangeIP.com"
-+ website = "https://changeip.com"
-+ protocols = ("ipv4",)
-+
-+ # Detailed information about the update api can be found here.
-+ # http://www.changeip.com/accounts/knowledgebase.php?action=displayarticle&id=34
-+
-+ url = "https://nic.changeip.com/nic/update"
-+ can_remove_records = False
-+
-+ def update_protocol(self, proto):
-+ data = {
-+ "hostname" : self.hostname,
-+ "myip" : self.get_address(proto),
-+ }
-+
-+ # Send update to the server.
-+ try:
-+ response = self.send_request(self.url, username=self.username, password=self.password,
-+ data=data)
-+
-+ # Handle error codes.
-+ except urllib2.HTTPError, e:
-+ if e.code == 422:
-+ raise DDNSRequestError(_("Domain not found."))
-+
-+ raise
-+
-+ # Handle success message.
-+ if response.code == 200:
-+ return
-+
-+ # If we got here, some other update error happened.
-+ raise DDNSUpdateError(_("Server response: %s") % output)
-+
-+
- class DDNSProviderDHS(DDNSProvider):
- handle = "dhs.org"
- name = "DHS International"
+++ /dev/null
-commit 25f39b4e437627bd1a49393280271d59ad28b86e
-Author: Stefan Schantl <stefan.schantl@ipfire.org>
-Date: Mon Jan 5 21:37:55 2015 +0100
-
- spdns.de: Fix authentication.
-
- There was a simple copy and paste issue which prevents a
- correct authentication with username and password against the
- providers API.
-
-diff --git a/src/ddns/providers.py b/src/ddns/providers.py
-index 587d5ff..bcfb088 100644
---- a/src/ddns/providers.py
-+++ b/src/ddns/providers.py
-@@ -1271,7 +1271,7 @@ class DDNSProviderSPDNS(DDNSProtocolDynDNS2, DDNSProvider):
-
- @property
- def password(self):
-- return self.get("username") or self.token
-+ return self.get("password") or self.token
-
-
- class DDNSProviderStrato(DDNSProtocolDynDNS2, DDNSProvider):
+++ /dev/null
-diff -up dhcp-4.2.0/common/dispatch.c.dracut dhcp-4.2.0/common/dispatch.c
---- dhcp-4.2.0/common/dispatch.c.dracut 2010-06-01 19:29:59.000000000 +0200
-+++ dhcp-4.2.0/common/dispatch.c 2010-07-21 16:10:09.000000000 +0200
-@@ -189,6 +189,10 @@ void add_timeout (when, where, what, ref
- isc_interval_t interval;
- isc_time_t expires;
-
-+ if (when == NULL) {
-+ return;
-+ }
-+
- /* See if this timeout supersedes an existing timeout. */
- t = (struct timeout *)0;
- for (q = timeouts; q; q = q->next) {
+++ /dev/null
-diff -up dhcp-4.2.0/omapip/errwarn.c.errwarn dhcp-4.2.0/omapip/errwarn.c
---- dhcp-4.2.0/omapip/errwarn.c.errwarn 2009-07-23 20:52:21.000000000 +0200
-+++ dhcp-4.2.0/omapip/errwarn.c 2010-07-21 13:23:47.000000000 +0200
-@@ -76,20 +76,13 @@ void log_fatal (const char * fmt, ... )
-
- #if !defined (NOMINUM)
- log_error ("%s", "");
-- log_error ("If you did not get this software from ftp.isc.org, please");
-- log_error ("get the latest from ftp.isc.org and install that before");
-- log_error ("requesting help.");
-+ log_error ("This version of ISC DHCP is based on the release available");
-+ log_error ("on ftp.isc.org. Features have been added and other changes");
-+ log_error ("have been made to the base software release in order to make");
-+ log_error ("it work better with this distribution.");
- log_error ("%s", "");
-- log_error ("If you did get this software from ftp.isc.org and have not");
-- log_error ("yet read the README, please read it before requesting help.");
-- log_error ("If you intend to request help from the dhcp-server@isc.org");
-- log_error ("mailing list, please read the section on the README about");
-- log_error ("submitting bug reports and requests for help.");
-- log_error ("%s", "");
-- log_error ("Please do not under any circumstances send requests for");
-- log_error ("help directly to the authors of this software - please");
-- log_error ("send them to the appropriate mailing list as described in");
-- log_error ("the README file.");
-+ log_error ("Please report for this software via the Red Hat Bugzilla site:");
-+ log_error (" http://bugzilla.redhat.com");
- log_error ("%s", "");
- log_error ("exiting.");
- #endif
+++ /dev/null
-diff -up dhcp-4.2.0/common/tables.c.garbage dhcp-4.2.0/common/tables.c
---- dhcp-4.2.0/common/tables.c.garbage 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.0/common/tables.c 2010-07-21 14:40:56.000000000 +0200
-@@ -207,7 +207,7 @@ static struct option dhcp_options[] = {
- { "netinfo-server-tag", "t", &dhcp_universe, 113, 1 },
- { "default-url", "t", &dhcp_universe, 114, 1 },
- { "subnet-selection", "I", &dhcp_universe, 118, 1 },
-- { "domain-search", "Dc", &dhcp_universe, 119, 1 },
-+ { "domain-search", "D", &dhcp_universe, 119, 1 },
- { "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
- { "vivso", "Evendor.", &dhcp_universe, 125, 1 },
- #if 0
+++ /dev/null
-diff -up dhcp-4.2.0/client/dhclient.c.inherit dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.inherit 2010-07-21 14:33:44.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 14:40:05.000000000 +0200
-@@ -2322,6 +2322,7 @@ void send_request (cpp)
- {
- struct client_state *client = cpp;
-
-+ int i;
- int result;
- int interval;
- struct sockaddr_in destination;
-@@ -2381,6 +2382,22 @@ void send_request (cpp)
- /* Now do a preinit on the interface so that we can
- discover a new address. */
- script_init (client, "PREINIT", (struct string_list *)0);
-+
-+ /* Has an active lease */
-+ if (client -> interface -> addresses != NULL) {
-+ for (i = 0; i < client -> interface -> address_count; i++) {
-+ if (client -> active &&
-+ client -> active -> is_bootp &&
-+ client -> active -> expiry > cur_time &&
-+ client -> interface -> addresses[i].s_addr != 0 &&
-+ client -> active -> address.len == 4 &&
-+ memcpy (client -> active -> address.iabuf, &(client -> interface -> addresses[i]), 4) == 0) {
-+ client_envadd (client, "", "keep_old_ip", "%s", "yes");
-+ break;
-+ }
-+ }
-+ }
-+
- if (client -> alias)
- script_write_params (client, "alias_",
- client -> alias);
+++ /dev/null
-diff -up dhcp-4.2.0/client/dhclient.c.logpid dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.logpid 2010-07-21 16:13:52.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 16:16:51.000000000 +0200
-@@ -154,7 +154,7 @@ main(int argc, char **argv) {
- else if (fd != -1)
- close(fd);
-
-- openlog("dhclient", LOG_NDELAY, LOG_DAEMON);
-+ openlog("dhclient", LOG_NDELAY | LOG_PID, LOG_DAEMON);
-
- #if !(defined(DEBUG) || defined(__CYGWIN32__))
- setlogmask(LOG_UPTO(LOG_INFO));
+++ /dev/null
-diff -up dhcp-4.2.0/common/discover.c.noipv6 dhcp-4.2.0/common/discover.c
---- dhcp-4.2.0/common/discover.c.noipv6 2010-07-21 14:31:13.000000000 +0200
-+++ dhcp-4.2.0/common/discover.c 2010-07-21 16:04:57.000000000 +0200
-@@ -443,7 +443,7 @@ begin_iface_scan(struct iface_conf_list
- }
-
- #ifdef DHCPv6
-- if (local_family == AF_INET6) {
-+ if ((local_family == AF_INET6) && !access("/proc/net/if_inet6", R_OK)) {
- ifaces->fp6 = fopen("/proc/net/if_inet6", "re");
- if (ifaces->fp6 == NULL) {
- log_error("Error opening '/proc/net/if_inet6' to "
-@@ -454,6 +454,8 @@ begin_iface_scan(struct iface_conf_list
- ifaces->fp = NULL;
- return 0;
- }
-+ } else {
-+ ifaces->fp6 = NULL;
- }
- #endif
-
-@@ -721,7 +723,7 @@ next_iface(struct iface_info *info, int
- return 1;
- }
- #ifdef DHCPv6
-- if (!(*err)) {
-+ if (!(*err) && ifaces->fp6) {
- if (local_family == AF_INET6)
- return next_iface6(info, err, ifaces);
- }
-@@ -740,7 +742,8 @@ end_iface_scan(struct iface_conf_list *i
- ifaces->sock = -1;
- #ifdef DHCPv6
- if (local_family == AF_INET6) {
-- fclose(ifaces->fp6);
-+ if (ifaces->fp6)
-+ fclose(ifaces->fp6);
- ifaces->fp6 = NULL;
- }
- #endif
+++ /dev/null
-diff -up dhcp-4.2.0/server/dhcpv6.c.noprefixavail dhcp-4.2.0/server/dhcpv6.c
---- dhcp-4.2.0/server/dhcpv6.c.noprefixavail 2010-10-07 13:48:45.000000000 +0200
-+++ dhcp-4.2.0/server/dhcpv6.c 2010-10-13 11:00:25.000000000 +0200
-@@ -1134,7 +1134,7 @@ try_client_v6_prefix(struct iasubopt **p
- return DHCP_R_INVALIDARG;
- }
- tmp_plen = (int) requested_pref->data[0];
-- if ((tmp_plen < 3) || (tmp_plen > 128)) {
-+ if ((tmp_plen < 3) || (tmp_plen > 128) ||((int)tmp_plen != pool->units)) {
- return ISC_R_FAILURE;
- }
- memcpy(&tmp_pref, requested_pref->data + 1, sizeof(tmp_pref));
-@@ -1147,9 +1147,8 @@ try_client_v6_prefix(struct iasubopt **p
- return ISC_R_FAILURE;
- }
-
-- if (((int)tmp_plen != pool->units) ||
-- !ipv6_in_pool(&tmp_pref, pool)) {
-- return ISC_R_FAILURE;
-+ if (!ipv6_in_pool(&tmp_pref, pool)) {
-+ return ISC_R_ADDRNOTAVAIL;
- }
-
- if (prefix6_exists(pool, &tmp_pref, tmp_plen)) {
-@@ -1409,13 +1408,6 @@ lease_to_client(struct data_string *repl
- if ((status != ISC_R_SUCCESS) &&
- (status != ISC_R_NORESOURCES))
- goto exit;
--
-- /*
-- * If any prefix cannot be given to any IA_PD, then
-- * set the NoPrefixAvail status code.
-- */
-- if (reply.client_resources == 0)
-- no_resources_avail = ISC_TRUE;
- }
-
- /*
-@@ -1549,36 +1541,6 @@ lease_to_client(struct data_string *repl
- reply.opt_state, reply.packet,
- required_opts_NAA,
- NULL);
-- } else if (no_resources_avail && (reply.ia_count == 0) &&
-- (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
-- {
-- /* Set the NoPrefixAvail status code. */
-- if (!set_status_code(STATUS_NoPrefixAvail,
-- "No prefixes available for this "
-- "interface.", reply.opt_state)) {
-- log_error("lease_to_client: Unable to set "
-- "NoPrefixAvail status code.");
-- goto exit;
-- }
--
-- /* Rewind the cursor to the start. */
-- reply.cursor = REPLY_OPTIONS_INDEX;
--
-- /*
-- * Produce an advertise that includes only:
-- *
-- * Status code.
-- * Server DUID.
-- * Client DUID.
-- */
-- reply.buf.reply.msg_type = DHCPV6_ADVERTISE;
-- reply.cursor += store_options6((char *)reply.buf.data +
-- reply.cursor,
-- sizeof(reply.buf) -
-- reply.cursor,
-- reply.opt_state, reply.packet,
-- required_opts_NAA,
-- NULL);
- } else {
- /*
- * Having stored the client's IA's, store any options that
-@@ -2793,16 +2755,18 @@ find_client_temporaries(struct reply_sta
- */
- static isc_result_t
- reply_process_try_addr(struct reply_state *reply, struct iaddr *addr) {
-- isc_result_t status = ISC_R_NORESOURCES;
-+ isc_result_t status = ISC_R_ADDRNOTAVAIL;
- struct ipv6_pool *pool;
- int i;
- struct data_string data_addr;
-
- if ((reply == NULL) || (reply->shared == NULL) ||
-- (reply->shared->ipv6_pools == NULL) || (addr == NULL) ||
-- (reply->lease != NULL))
-+ (addr == NULL) || (reply->lease != NULL))
- return DHCP_R_INVALIDARG;
-
-+ if (reply->shared->ipv6_pools == NULL)
-+ return ISC_R_ADDRNOTAVAIL;
-+
- memset(&data_addr, 0, sizeof(data_addr));
- data_addr.len = addr->len;
- data_addr.data = addr->iabuf;
-@@ -3314,7 +3278,9 @@ reply_process_ia_pd(struct reply_state *
- if (status == ISC_R_CANCELED)
- break;
-
-- if ((status != ISC_R_SUCCESS) && (status != ISC_R_ADDRINUSE))
-+ if ((status != ISC_R_SUCCESS) &&
-+ (status != ISC_R_ADDRINUSE) &&
-+ (status != ISC_R_ADDRNOTAVAIL))
- goto cleanup;
- }
-
-@@ -3594,7 +3560,8 @@ reply_process_prefix(struct reply_state
-
- /* Either error out or skip this prefix. */
- if ((status != ISC_R_SUCCESS) &&
-- (status != ISC_R_ADDRINUSE))
-+ (status != ISC_R_ADDRINUSE) &&
-+ (status != ISC_R_ADDRNOTAVAIL))
- goto cleanup;
-
- if (reply->lease == NULL) {
-@@ -3773,16 +3740,18 @@ prefix_is_owned(struct reply_state *repl
- static isc_result_t
- reply_process_try_prefix(struct reply_state *reply,
- struct iaddrcidrnet *pref) {
-- isc_result_t status = ISC_R_NORESOURCES;
-+ isc_result_t status = ISC_R_ADDRNOTAVAIL;
- struct ipv6_pool *pool;
- int i;
- struct data_string data_pref;
-
- if ((reply == NULL) || (reply->shared == NULL) ||
-- (reply->shared->ipv6_pools == NULL) || (pref == NULL) ||
-- (reply->lease != NULL))
-+ (pref == NULL) || (reply->lease != NULL))
- return DHCP_R_INVALIDARG;
-
-+ if (reply->shared->ipv6_pools == NULL)
-+ return ISC_R_ADDRNOTAVAIL;
-+
- memset(&data_pref, 0, sizeof(data_pref));
- data_pref.len = 17;
- if (!buffer_allocate(&data_pref.buffer, data_pref.len, MDL)) {
+++ /dev/null
-diff -up dhcp-4.2.1b1/common/dispatch.c.64-bit_lease_parse dhcp-4.2.1b1/common/dispatch.c
-diff -up dhcp-4.2.1b1/common/parse.c.64-bit_lease_parse dhcp-4.2.1b1/common/parse.c
---- dhcp-4.2.1b1/common/parse.c.64-bit_lease_parse 2010-12-30 00:01:42.000000000 +0100
-+++ dhcp-4.2.1b1/common/parse.c 2011-01-28 08:01:10.000000000 +0100
-@@ -909,8 +909,8 @@ TIME
- parse_date_core(cfile)
- struct parse *cfile;
- {
-- int guess;
-- int tzoff, wday, year, mon, mday, hour, min, sec;
-+ TIME guess;
-+ long int tzoff, wday, year, mon, mday, hour, min, sec;
- const char *val;
- enum dhcp_token token;
- static int months[11] = { 31, 59, 90, 120, 151, 181,
-@@ -936,7 +936,7 @@ parse_date_core(cfile)
- }
-
- token = next_token(&val, NULL, cfile); /* consume number */
-- guess = atoi(val);
-+ guess = atol(val);
-
- return((TIME)guess);
- }
-@@ -948,7 +948,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume day of week */
-- wday = atoi(val);
-+ wday = atol(val);
-
- /* Year... */
- token = peek_token(&val, NULL, cfile);
-@@ -964,7 +964,7 @@ parse_date_core(cfile)
- somebody invents a time machine, I think we can safely disregard
- it. This actually works around a stupid Y2K bug that was present
- in a very early beta release of dhcpd. */
-- year = atoi(val);
-+ year = atol(val);
- if (year > 1900)
- year -= 1900;
-
-@@ -988,7 +988,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume month */
-- mon = atoi(val) - 1;
-+ mon = atol(val) - 1;
-
- /* Slash separating month from day... */
- token = peek_token(&val, NULL, cfile);
-@@ -1010,7 +1010,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume day of month */
-- mday = atoi(val);
-+ mday = atol(val);
-
- /* Hour... */
- token = peek_token(&val, NULL, cfile);
-@@ -1021,7 +1021,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume hour */
-- hour = atoi(val);
-+ hour = atol(val);
-
- /* Colon separating hour from minute... */
- token = peek_token(&val, NULL, cfile);
-@@ -1043,7 +1043,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume minute */
-- min = atoi(val);
-+ min = atol(val);
-
- /* Colon separating minute from second... */
- token = peek_token(&val, NULL, cfile);
-@@ -1065,13 +1065,13 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume second */
-- sec = atoi(val);
-+ sec = atol(val);
-
- tzoff = 0;
- token = peek_token(&val, NULL, cfile);
- if (token == NUMBER) {
- token = next_token(&val, NULL, cfile); /* consume tzoff */
-- tzoff = atoi(val);
-+ tzoff = atol(val);
- } else if (token != SEMI) {
- token = next_token(&val, NULL, cfile);
- parse_warn(cfile,
+++ /dev/null
-diff -up dhcp-4.2.1b1/client/dhclient.conf.supersede dhcp-4.2.1b1/client/dhclient.conf
---- dhcp-4.2.1b1/client/dhclient.conf.supersede 2010-09-15 01:03:56.000000000 +0200
-+++ dhcp-4.2.1b1/client/dhclient.conf 2011-01-27 18:38:28.000000000 +0100
-@@ -4,7 +4,7 @@ send dhcp-lease-time 3600;
- supersede domain-search "fugue.com", "home.vix.com";
- prepend domain-name-servers 127.0.0.1;
- request subnet-mask, broadcast-address, time-offset, routers,
-- domain-name, domain-name-servers, host-name;
-+ domain-search, domain-name-servers, host-name;
- require subnet-mask, domain-name-servers;
- timeout 60;
- retry 60;
+++ /dev/null
-diff -up dhcp-4.2.1b1/client/dhc6.c.retransmission dhcp-4.2.1b1/client/dhc6.c
---- dhcp-4.2.1b1/client/dhc6.c.retransmission 2011-01-28 08:40:56.000000000 +0100
-+++ dhcp-4.2.1b1/client/dhc6.c 2011-01-28 08:39:22.000000000 +0100
-@@ -361,7 +361,7 @@ dhc6_retrans_init(struct client_state *c
- static void
- dhc6_retrans_advance(struct client_state *client)
- {
-- struct timeval elapsed;
-+ struct timeval elapsed, elapsed_after_RT;
-
- /* elapsed = cur - start */
- elapsed.tv_sec = cur_tv.tv_sec - client->start_time.tv_sec;
-@@ -378,6 +378,8 @@ dhc6_retrans_advance(struct client_state
- elapsed.tv_sec += 1;
- elapsed.tv_usec -= 1000000;
- }
-+ elapsed_after_RT.tv_sec = elapsed.tv_sec;
-+ elapsed_after_RT.tv_usec = elapsed.tv_usec;
-
- /*
- * RT for each subsequent message transmission is based on the previous
-@@ -415,13 +417,10 @@ dhc6_retrans_advance(struct client_state
- elapsed.tv_usec -= 1000000;
- }
- if (elapsed.tv_sec >= client->MRD) {
-- /*
-- * wake at RT + cur = start + MRD
-- */
-- client->RT = client->MRD +
-- (client->start_time.tv_sec - cur_tv.tv_sec);
-- client->RT = client->RT * 100 +
-- (client->start_time.tv_usec - cur_tv.tv_usec) / 10000;
-+ client->RT = client->MRD - elapsed_after_RT.tv_sec;
-+ client->RT = client->RT * 100 - elapsed_after_RT.tv_usec / 10000;
-+ if (client->RT < 0)
-+ client->RT = 0;
- }
- client->txcount++;
- }
-@@ -1497,7 +1496,7 @@ check_timing6 (struct client_state *clie
- }
-
- /* Check if finished (-1 argument). */
-- if ((client->MRD != 0) && (elapsed.tv_sec > client->MRD)) {
-+ if ((client->MRD != 0) && (elapsed.tv_sec >= client->MRD)) {
- log_info("Max retransmission duration exceeded.");
- return(CHK_TIM_MRD_EXCEEDED);
- }
+++ /dev/null
-diff -up dhcp-4.2.2b1/client/dhclient.c.usage dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.usage 2011-07-01 13:55:16.000000000 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 13:58:55.243800602 +0200
-@@ -1047,6 +1047,10 @@ static void usage()
- " [-s server-addr] [-cf config-file] "
- "[-lf lease-file]\n"
- " [-pf pid-file] [--no-pid] [-e VAR=val]\n"
-+ " [-I <dhcp-client-identifier>] [-B]\n"
-+ " [-H <host-name> | -F <fqdn.fqdn>] [-timeout <timeout>]\n"
-+ " [-V <vendor-class-identifier>]\n"
-+ " [-R <request option list>]\n"
- " [-sf script-file] [interface]");
- }
-
+++ /dev/null
-diff -up dhcp-4.2.2/client/Makefile.am.rh637017 dhcp-4.2.2/client/Makefile.am
---- dhcp-4.2.2/client/Makefile.am.rh637017 2010-09-15 00:32:36.000000000 +0200
-+++ dhcp-4.2.2/client/Makefile.am 2011-08-11 17:28:58.923897561 +0200
-@@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
- scripts/netbsd scripts/nextstep scripts/openbsd \
- scripts/solaris scripts/openwrt
- dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
- man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
- EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2/common/tests/Makefile.am.rh637017 dhcp-4.2.2/common/tests/Makefile.am
---- dhcp-4.2.2/common/tests/Makefile.am.rh637017 2009-10-28 05:12:30.000000000 +0100
-+++ dhcp-4.2.2/common/tests/Makefile.am 2011-08-11 17:33:45.258637236 +0200
-@@ -6,6 +6,5 @@ TESTS = test_alloc
-
- test_alloc_SOURCES = test_alloc.c
- test_alloc_LDADD = ../libdhcp.a ../../tests/libt_api.a \
-- ../../omapip/libomapi.a ../../bind/lib/libdns.a \
-- ../../bind/lib/libisc.a
--
-+ ../../omapip/libomapi.a \
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
-diff -up dhcp-4.2.2/configure.ac.rh637017 dhcp-4.2.2/configure.ac
---- dhcp-4.2.2/configure.ac.rh637017 2011-07-20 02:32:18.000000000 +0200
-+++ dhcp-4.2.2/configure.ac 2011-08-11 17:28:58.924897535 +0200
-@@ -512,20 +512,37 @@ AC_CHECK_MEMBER(struct msghdr.msg_contro
- libbind=
- AC_ARG_WITH(libbind,
- AC_HELP_STRING([--with-libbind=PATH],
-- [bind includes and libraries are in PATH
-- (default is ./bind)]),
-+ [bind includes are in PATH
-+ (default is ./bind/includes)]),
- use_libbind="$withval", use_libbind="no")
- case "$use_libbind" in
-+yes|no)
-+ libbind="\${top_srcdir}/bind/include"
-+ ;;
-+*)
-+ libbind="$use_libbind"
-+ ;;
-+esac
-+
-+BIND9_LIBDIR='-L$(top_builddir)/bind/lib'
-+AC_ARG_WITH(libbind-libs,
-+ AC_HELP_STRING([--with-libbind-libs=PATH],
-+ [bind9 export libraries are in PATH]),
-+ [libbind_libs="$withval"], [libbind_libs='no'])
-+case "$libbind_libs" in
- yes)
-- libbind="\${top_srcdir}/bind"
-+ AC_MSG_ERROR([Specify path to bind9 libraries])
- ;;
- no)
-- libbind="\${top_srcdir}/bind"
-+ BUNDLED_BIND=yes
- ;;
- *)
-- libbind="$use_libbind"
-+ BIND9_LIBDIR="-L$libbind_libs"
-+ BUNDLED_BIND=no
- ;;
- esac
-+AM_CONDITIONAL([BUNDLED_BIND], [test "$BUNDLED_BIND" = yes])
-+AC_SUBST([BIND9_LIBDIR])
-
- # OpenLDAP support.
- AC_ARG_WITH(ldap,
-@@ -562,7 +579,7 @@ fi
- CFLAGS="$CFLAGS $STD_CWARNINGS"
-
- # Try to add the bind include directory
--CFLAGS="$CFLAGS -I$libbind/include"
-+CFLAGS="$CFLAGS -I$libbind"
-
- AC_C_FLEXIBLE_ARRAY_MEMBER
-
-diff -up dhcp-4.2.2/dhcpctl/Makefile.am.rh637017 dhcp-4.2.2/dhcpctl/Makefile.am
---- dhcp-4.2.2/dhcpctl/Makefile.am.rh637017 2009-10-28 05:12:30.000000000 +0100
-+++ dhcp-4.2.2/dhcpctl/Makefile.am 2011-08-11 17:28:58.924897535 +0200
-@@ -6,10 +6,10 @@ EXTRA_DIST = $(man_MANS)
-
- omshell_SOURCES = omshell.c
- omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
-
- libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
-
- cltest_SOURCES = cltest.c
- cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-\ No newline at end of file
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
-diff -up dhcp-4.2.2/Makefile.am.rh637017 dhcp-4.2.2/Makefile.am
---- dhcp-4.2.2/Makefile.am.rh637017 2010-03-25 00:30:38.000000000 +0100
-+++ dhcp-4.2.2/Makefile.am 2011-08-11 17:28:58.925897509 +0200
-@@ -21,7 +21,13 @@ EXTRA_DIST = RELNOTES LICENSE \
- util/bindvar.sh \
- bind/Makefile bind/bind.tar.gz bind/version.tmp
-
--SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
-+if BUNDLED_BIND
-+SUBDIRS = bind
-+else
-+SUBDIRS =
-+endif
-+
-+SUBDIRS += includes tests common dst omapip client dhcpctl relay server
-
- nobase_include_HEADERS = dhcpctl/dhcpctl.h
-
-diff -up dhcp-4.2.2/omapip/Makefile.am.rh637017 dhcp-4.2.2/omapip/Makefile.am
---- dhcp-4.2.2/omapip/Makefile.am.rh637017 2010-02-12 01:13:54.000000000 +0100
-+++ dhcp-4.2.2/omapip/Makefile.am 2011-08-11 17:28:58.939897149 +0200
-@@ -10,5 +10,5 @@ man_MANS = omapi.3
- EXTRA_DIST = $(man_MANS)
-
- svtest_SOURCES = test.c
--svtest_LDADD = libomapi.a ../bind/lib/libdns.a ../bind/lib/libisc.a
-+svtest_LDADD = libomapi.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-
-diff -up dhcp-4.2.2/relay/Makefile.am.rh637017 dhcp-4.2.2/relay/Makefile.am
---- dhcp-4.2.2/relay/Makefile.am.rh637017 2009-10-28 05:12:30.000000000 +0100
-+++ dhcp-4.2.2/relay/Makefile.am 2011-08-11 17:28:58.940897123 +0200
-@@ -3,7 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
- sbin_PROGRAMS = dhcrelay
- dhcrelay_SOURCES = dhcrelay.c
- dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
- man_MANS = dhcrelay.8
- EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2/server/Makefile.am.rh637017 dhcp-4.2.2/server/Makefile.am
---- dhcp-4.2.2/server/Makefile.am.rh637017 2010-03-24 22:49:47.000000000 +0100
-+++ dhcp-4.2.2/server/Makefile.am 2011-08-11 17:28:58.944897021 +0200
-@@ -8,8 +8,7 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
- dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a ../bind/lib/libdns.a \
-- ../bind/lib/libisc.a
-+ ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
- EXTRA_DIST = $(man_MANS)
+++ /dev/null
-diff -up dhcp-4.2.2/client/Makefile.am.sharedlib dhcp-4.2.2/client/Makefile.am
---- dhcp-4.2.2/client/Makefile.am.sharedlib 2011-09-09 16:35:56.000000000 +0200
-+++ dhcp-4.2.2/client/Makefile.am 2011-09-09 16:36:29.849007951 +0200
-@@ -4,7 +4,7 @@ dhclient_SOURCES = clparse.c dhclient.c
- scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
- scripts/netbsd scripts/nextstep scripts/openbsd \
- scripts/solaris scripts/openwrt
--dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
- man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
- EXTRA_DIST = $(man_MANS)
-diff -up dhcp-4.2.2/configure.ac.sharedlib dhcp-4.2.2/configure.ac
---- dhcp-4.2.2/configure.ac.sharedlib 2011-09-09 16:35:56.097000001 +0200
-+++ dhcp-4.2.2/configure.ac 2011-09-09 16:35:56.383000000 +0200
-@@ -30,7 +30,8 @@ fi
- # Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
- AC_USE_SYSTEM_EXTENSIONS
-
--AC_PROG_RANLIB
-+# Use libtool to simplify building of shared libraries
-+AC_PROG_LIBTOOL
- AC_CONFIG_HEADERS([includes/config.h])
-
- # we sometimes need to know byte order for building packets
-diff -up dhcp-4.2.2/dhcpctl/Makefile.am.sharedlib dhcp-4.2.2/dhcpctl/Makefile.am
---- dhcp-4.2.2/dhcpctl/Makefile.am.sharedlib 2011-09-09 16:35:55.459000001 +0200
-+++ dhcp-4.2.2/dhcpctl/Makefile.am 2011-09-09 16:35:56.384000000 +0200
-@@ -1,15 +1,15 @@
- bin_PROGRAMS = omshell
--lib_LIBRARIES = libdhcpctl.a
-+lib_LTLIBRARIES = libdhcpctl.la
- noinst_PROGRAMS = cltest
- man_MANS = omshell.1 dhcpctl.3
- EXTRA_DIST = $(man_MANS)
-
- omshell_SOURCES = omshell.c
--omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-+omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export
-
--libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
-+libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
-
- cltest_SOURCES = cltest.c
--cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-+cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export
-diff -up dhcp-4.2.2/dst/base64.c.sharedlib dhcp-4.2.2/dst/base64.c
---- dhcp-4.2.2/dst/base64.c.sharedlib 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2/dst/base64.c 2011-09-09 16:35:56.385000000 +0200
-@@ -64,6 +64,7 @@ static const char rcsid[] = "$Id: base64
-
- #include <sys/socket.h>
-
-+#include "dst_internal.h"
- #include "cdefs.h"
- #include "osdep.h"
- #include "arpa/nameser.h"
-diff -up dhcp-4.2.2/dst/Makefile.am.sharedlib dhcp-4.2.2/dst/Makefile.am
---- dhcp-4.2.2/dst/Makefile.am.sharedlib 2007-05-29 18:32:10.000000000 +0200
-+++ dhcp-4.2.2/dst/Makefile.am 2011-09-09 16:35:56.386000000 +0200
-@@ -1,8 +1,8 @@
- AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5
-
--lib_LIBRARIES = libdst.a
-+lib_LTLIBRARIES = libdst.la
-
--libdst_a_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
-+libdst_la_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
- base64.c prandom.c
-
- EXTRA_DIST = dst_internal.h md5.h md5_locl.h
-diff -up dhcp-4.2.2/omapip/Makefile.am.sharedlib dhcp-4.2.2/omapip/Makefile.am
---- dhcp-4.2.2/omapip/Makefile.am.sharedlib 2011-09-09 16:35:55.000000000 +0200
-+++ dhcp-4.2.2/omapip/Makefile.am 2011-09-09 16:37:36.734000324 +0200
-@@ -1,7 +1,7 @@
--lib_LIBRARIES = libomapi.a
-+lib_LTLIBRARIES = libomapi.la
- noinst_PROGRAMS = svtest
-
--libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
-+libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
- errwarn.c listener.c dispatch.c generic.c support.c \
- handle.c message.c convert.c hash.c auth.c inet_addr.c \
- array.c trace.c toisc.c iscprint.c isclib.c
-@@ -10,5 +10,5 @@ man_MANS = omapi.3
- EXTRA_DIST = $(man_MANS)
-
- svtest_SOURCES = test.c
--svtest_LDADD = libomapi.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-+svtest_LDADD = libomapi.la $(BIND9_LIBDIR) -ldns-export -lisc-export
-
-diff -up dhcp-4.2.2/relay/Makefile.am.sharedlib dhcp-4.2.2/relay/Makefile.am
---- dhcp-4.2.2/relay/Makefile.am.sharedlib 2011-09-09 16:35:56.000000000 +0200
-+++ dhcp-4.2.2/relay/Makefile.am 2011-09-09 16:37:57.058019749 +0200
-@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
-
- sbin_PROGRAMS = dhcrelay
- dhcrelay_SOURCES = dhcrelay.c
--dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-+dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
- man_MANS = dhcrelay.8
- EXTRA_DIST = $(man_MANS)
-diff -up dhcp-4.2.2/server/Makefile.am.sharedlib dhcp-4.2.2/server/Makefile.am
---- dhcp-4.2.2/server/Makefile.am.sharedlib 2011-09-09 16:35:56.000000000 +0200
-+++ dhcp-4.2.2/server/Makefile.am 2011-09-09 16:38:56.291004599 +0200
-@@ -7,8 +7,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
- dhcpv6.c mdb6.c ldap.c ldap_casa.c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
--dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export \
-+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
-+ ../dhcpctl/libdhcpctl.la $(BIND9_LIBDIR) -ldns-export -lisc-export \
- $(CAPNG_LDADD)
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
--- /dev/null
+diff -up dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse dhcp-4.3.0a1/common/parse.c
+--- dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/parse.c 2013-12-19 15:45:25.990771814 +0100
+@@ -938,8 +938,8 @@ TIME
+ parse_date_core(cfile)
+ struct parse *cfile;
+ {
+- int guess;
+- int tzoff, year, mon, mday, hour, min, sec;
++ TIME guess;
++ long int tzoff, year, mon, mday, hour, min, sec;
+ const char *val;
+ enum dhcp_token token;
+ static int months[11] = { 31, 59, 90, 120, 151, 181,
+@@ -965,7 +965,7 @@ parse_date_core(cfile)
+ }
+
+ skip_token(&val, NULL, cfile); /* consume number */
+- guess = atoi(val);
++ guess = atol(val);
+
+ return((TIME)guess);
+ }
+@@ -993,7 +993,7 @@ parse_date_core(cfile)
+ somebody invents a time machine, I think we can safely disregard
+ it. This actually works around a stupid Y2K bug that was present
+ in a very early beta release of dhcpd. */
+- year = atoi(val);
++ year = atol(val);
+ if (year > 1900)
+ year -= 1900;
+
+@@ -1039,7 +1039,7 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume day of month */
+- mday = atoi(val);
++ mday = atol(val);
+
+ /* Hour... */
+ token = peek_token(&val, NULL, cfile);
+@@ -1050,7 +1050,7 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume hour */
+- hour = atoi(val);
++ hour = atol(val);
+
+ /* Colon separating hour from minute... */
+ token = peek_token(&val, NULL, cfile);
+@@ -1072,7 +1072,7 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume minute */
+- min = atoi(val);
++ min = atol(val);
+
+ /* Colon separating minute from second... */
+ token = peek_token(&val, NULL, cfile);
+@@ -1094,13 +1094,13 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume second */
+- sec = atoi(val);
++ sec = atol(val);
+
+ tzoff = 0;
+ token = peek_token(&val, NULL, cfile);
+ if (token == NUMBER) {
+ skip_token(&val, NULL, cfile); /* consume tzoff */
+- tzoff = atoi(val);
++ tzoff = atol(val);
+ } else if (token != SEMI) {
+ skip_token(&val, NULL, cfile);
+ parse_warn(cfile,
-diff -up dhcp-4.2.2b1/client/clparse.c.cloexec dhcp-4.2.2b1/client/clparse.c
---- dhcp-4.2.2b1/client/clparse.c.cloexec 2011-07-01 14:13:30.973887714 +0200
-+++ dhcp-4.2.2b1/client/clparse.c 2011-07-01 14:15:15.021580693 +0200
-@@ -246,7 +246,7 @@ int read_client_conf_file (const char *n
+diff -up dhcp-4.3.0a1/client/clparse.c.cloexec dhcp-4.3.0a1/client/clparse.c
+--- dhcp-4.3.0a1/client/clparse.c.cloexec 2013-12-19 15:34:41.638886256 +0100
++++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:34:41.657885985 +0100
+@@ -253,7 +253,7 @@ int read_client_conf_file (const char *n
int token;
isc_result_t status;
return uerr2isc (errno);
cfile = NULL;
-@@ -283,7 +283,7 @@ void read_client_leases ()
+@@ -290,7 +290,7 @@ void read_client_leases ()
/* Open the lease file. If we can't open it, just return -
we can safely trust the server to remember our state. */
return;
cfile = NULL;
-diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.cloexec 2011-07-01 14:13:30.970887717 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 14:16:51.485930388 +0200
+diff -up dhcp-4.3.0a1/client/dhclient.c.cloexec dhcp-4.3.0a1/client/dhclient.c
+--- dhcp-4.3.0a1/client/dhclient.c.cloexec 2013-12-19 15:34:41.629886384 +0100
++++ dhcp-4.3.0a1/client/dhclient.c 2013-12-19 15:36:41.608180467 +0100
@@ -148,11 +148,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
-@@ -506,7 +506,7 @@ main(int argc, char **argv) {
+@@ -504,7 +504,7 @@ main(int argc, char **argv) {
+ long temp;
int e;
- oldpid = 0;
- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
-@@ -548,7 +548,7 @@ main(int argc, char **argv) {
+@@ -554,7 +554,7 @@ main(int argc, char **argv) {
strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx);
sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name);
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
-@@ -573,7 +573,7 @@ main(int argc, char **argv) {
+@@ -579,7 +579,7 @@ main(int argc, char **argv) {
int dhc_running = 0;
char procfn[256] = "";
if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) {
snprintf(procfn,256,"/proc/%u",dhcpid);
dhc_running = (access(procfn, F_OK) == 0);
-@@ -2995,7 +2995,7 @@ void rewrite_client_leases ()
+@@ -3077,7 +3077,7 @@ void rewrite_client_leases ()
if (leaseFile != NULL)
fclose (leaseFile);
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return;
-@@ -3105,7 +3105,7 @@ write_duid(struct data_string *duid)
+@@ -3261,7 +3261,7 @@ write_duid(struct data_string *duid)
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */
if (leaseFile == NULL) {
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
-@@ -3285,7 +3285,7 @@ int write_client_lease (client, lease, r
+@@ -3441,7 +3441,7 @@ int write_client_lease (client, lease, r
return 1;
if (leaseFile == NULL) { /* XXX */
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
-@@ -3772,9 +3772,9 @@ void go_daemon ()
- close(2);
+@@ -3952,9 +3952,9 @@ void go_daemon ()
+ (void) close(2);
/* Reopen them on /dev/null. */
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
write_client_pid_file ();
-@@ -3791,14 +3791,14 @@ void write_client_pid_file ()
+@@ -3971,14 +3971,14 @@ void write_client_pid_file ()
return;
}
if (!pf) {
close(pfdesc);
log_error ("Can't fdopen %s: %m", path_dhclient_pid);
-diff -up dhcp-4.2.2b1/common/bpf.c.cloexec dhcp-4.2.2b1/common/bpf.c
---- dhcp-4.2.2b1/common/bpf.c.cloexec 2011-07-01 14:13:30.976887712 +0200
-+++ dhcp-4.2.2b1/common/bpf.c 2011-07-01 14:13:31.030887673 +0200
-@@ -94,7 +94,7 @@ int if_register_bpf (info)
+diff -up dhcp-4.3.0a1/common/bpf.c.cloexec dhcp-4.3.0a1/common/bpf.c
+--- dhcp-4.3.0a1/common/bpf.c.cloexec 2013-12-19 15:34:41.640886227 +0100
++++ dhcp-4.3.0a1/common/bpf.c 2013-12-19 15:34:41.661885928 +0100
+@@ -95,7 +95,7 @@ int if_register_bpf (info)
for (b = 0; 1; b++) {
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
sprintf(filename, BPF_FORMAT, b);
if (sock < 0) {
if (errno == EBUSY) {
continue;
-diff -up dhcp-4.2.2b1/common/discover.c.cloexec dhcp-4.2.2b1/common/discover.c
---- dhcp-4.2.2b1/common/discover.c.cloexec 2011-06-27 18:18:20.000000000 +0200
-+++ dhcp-4.2.2b1/common/discover.c 2011-07-01 14:13:31.031887673 +0200
-@@ -421,7 +421,7 @@ begin_iface_scan(struct iface_conf_list
- int len;
- int i;
-
-- ifaces->fp = fopen("/proc/net/dev", "r");
-+ ifaces->fp = fopen("/proc/net/dev", "re");
- if (ifaces->fp == NULL) {
- log_error("Error opening '/proc/net/dev' to list interfaces");
- return 0;
-@@ -456,7 +456,7 @@ begin_iface_scan(struct iface_conf_list
-
- #ifdef DHCPv6
- if (local_family == AF_INET6) {
-- ifaces->fp6 = fopen("/proc/net/if_inet6", "r");
-+ ifaces->fp6 = fopen("/proc/net/if_inet6", "re");
- if (ifaces->fp6 == NULL) {
- log_error("Error opening '/proc/net/if_inet6' to "
- "list IPv6 interfaces; %m");
-diff -up dhcp-4.2.2b1/common/dlpi.c.cloexec dhcp-4.2.2b1/common/dlpi.c
---- dhcp-4.2.2b1/common/dlpi.c.cloexec 2011-07-01 14:13:30.977887712 +0200
-+++ dhcp-4.2.2b1/common/dlpi.c 2011-07-01 14:13:31.032887673 +0200
-@@ -806,7 +806,7 @@ dlpiopen(const char *ifname) {
+diff -up dhcp-4.3.0a1/common/dlpi.c.cloexec dhcp-4.3.0a1/common/dlpi.c
+--- dhcp-4.3.0a1/common/dlpi.c.cloexec 2013-12-19 15:34:41.641886213 +0100
++++ dhcp-4.3.0a1/common/dlpi.c 2013-12-19 15:34:41.662885914 +0100
+@@ -804,7 +804,7 @@ dlpiopen(const char *ifname) {
}
*dp = '\0';
}
/*
-diff -up dhcp-4.2.2b1/common/nit.c.cloexec dhcp-4.2.2b1/common/nit.c
---- dhcp-4.2.2b1/common/nit.c.cloexec 2011-07-01 14:13:30.978887712 +0200
-+++ dhcp-4.2.2b1/common/nit.c 2011-07-01 14:13:31.033887672 +0200
+diff -up dhcp-4.3.0a1/common/nit.c.cloexec dhcp-4.3.0a1/common/nit.c
+--- dhcp-4.3.0a1/common/nit.c.cloexec 2013-12-19 15:34:41.642886199 +0100
++++ dhcp-4.3.0a1/common/nit.c 2013-12-19 15:34:41.662885914 +0100
@@ -81,7 +81,7 @@ int if_register_nit (info)
struct strioctl sio;
if (sock < 0)
log_fatal ("Can't open NIT device for %s: %m", info -> name);
-diff -up dhcp-4.2.2b1/common/resolv.c.cloexec dhcp-4.2.2b1/common/resolv.c
---- dhcp-4.2.2b1/common/resolv.c.cloexec 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/common/resolv.c 2011-07-01 14:13:31.033887672 +0200
-@@ -49,7 +49,7 @@ void read_resolv_conf (parse_time)
+diff -up dhcp-4.3.0a1/common/resolv.c.cloexec dhcp-4.3.0a1/common/resolv.c
+--- dhcp-4.3.0a1/common/resolv.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/resolv.c 2013-12-19 15:34:41.663885900 +0100
+@@ -50,7 +50,7 @@ void read_resolv_conf (parse_time)
struct domain_search_list *dp, *dl, *nd;
isc_result_t status;
log_error ("Can't open %s: %m", path_resolv_conf);
return;
}
-diff -up dhcp-4.2.2b1/common/upf.c.cloexec dhcp-4.2.2b1/common/upf.c
---- dhcp-4.2.2b1/common/upf.c.cloexec 2011-07-01 14:13:30.979887712 +0200
-+++ dhcp-4.2.2b1/common/upf.c 2011-07-01 14:13:31.034887671 +0200
+diff -up dhcp-4.3.0a1/common/upf.c.cloexec dhcp-4.3.0a1/common/upf.c
+--- dhcp-4.3.0a1/common/upf.c.cloexec 2013-12-19 15:34:41.642886199 +0100
++++ dhcp-4.3.0a1/common/upf.c 2013-12-19 15:34:41.663885900 +0100
@@ -77,7 +77,7 @@ int if_register_upf (info)
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
sprintf(filename, "/dev/pf/pfilt%d", b);
if (sock < 0) {
if (errno == EBUSY) {
continue;
-diff -up dhcp-4.2.2b1/dst/dst_api.c.cloexec dhcp-4.2.2b1/dst/dst_api.c
---- dhcp-4.2.2b1/dst/dst_api.c.cloexec 2009-10-29 01:46:48.000000000 +0100
-+++ dhcp-4.2.2b1/dst/dst_api.c 2011-07-01 14:13:31.035887670 +0200
-@@ -437,7 +437,7 @@ dst_s_write_private_key(const DST_KEY *k
- PRIVATE_KEY, PATH_MAX);
-
- /* Do not overwrite an existing file */
-- if ((fp = dst_s_fopen(file, "w", 0600)) != NULL) {
-+ if ((fp = dst_s_fopen(file, "we", 0600)) != NULL) {
- int nn;
- if ((nn = fwrite(encoded_block, 1, len, fp)) != len) {
- EREPORT(("dst_write_private_key(): Write failure on %s %d != %d errno=%d\n",
-@@ -494,7 +494,7 @@ dst_s_read_public_key(const char *in_nam
- * flags, proto, alg stored as decimal (or hex numbers FIXME).
- * (FIXME: handle parentheses for line continuation.)
- */
-- if ((fp = dst_s_fopen(name, "r", 0)) == NULL) {
-+ if ((fp = dst_s_fopen(name, "re", 0)) == NULL) {
- EREPORT(("dst_read_public_key(): Public Key not found %s\n",
- name));
- return (NULL);
-@@ -620,7 +620,7 @@ dst_s_write_public_key(const DST_KEY *ke
- return (0);
- }
- /* create public key file */
-- if ((fp = dst_s_fopen(filename, "w+", 0644)) == NULL) {
-+ if ((fp = dst_s_fopen(filename, "w+e", 0644)) == NULL) {
- EREPORT(("DST_write_public_key: open of file:%s failed (errno=%d)\n",
- filename, errno));
- return (0);
-@@ -854,7 +854,7 @@ dst_s_read_private_key_file(char *name,
- return (0);
- }
- /* first check if we can find the key file */
-- if ((fp = dst_s_fopen(filename, "r", 0)) == NULL) {
-+ if ((fp = dst_s_fopen(filename, "re", 0)) == NULL) {
- EREPORT(("dst_s_read_private_key_file: Could not open file %s in directory %s\n",
- filename, dst_path[0] ? dst_path :
- (char *) getcwd(NULL, PATH_MAX - 1)));
-diff -up dhcp-4.2.2b1/dst/prandom.c.cloexec dhcp-4.2.2b1/dst/prandom.c
---- dhcp-4.2.2b1/dst/prandom.c.cloexec 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/dst/prandom.c 2011-07-01 14:13:31.035887670 +0200
-@@ -269,7 +269,7 @@ get_dev_random(u_char *output, unsigned
-
- s = stat("/dev/random", &st);
- if (s == 0 && S_ISCHR(st.st_mode)) {
-- if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK)) != -1) {
-+ if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK | O_CLOEXEC)) != -1) {
- if ((n = read(fd, output, size)) < 0)
- n = 0;
- close(fd);
-@@ -480,7 +480,7 @@ digest_file(dst_work *work)
- work->file_digest = dst_free_key(work->file_digest);
- return (0);
- }
-- if ((fp = fopen(name, "r")) == NULL)
-+ if ((fp = fopen(name, "re")) == NULL)
- return (0);
- for (no = 0; (i = fread(buf, sizeof(*buf), sizeof(buf), fp)) > 0;
- no += i)
-diff -up dhcp-4.2.2b1/omapip/trace.c.cloexec dhcp-4.2.2b1/omapip/trace.c
---- dhcp-4.2.2b1/omapip/trace.c.cloexec 2010-05-27 02:34:57.000000000 +0200
-+++ dhcp-4.2.2b1/omapip/trace.c 2011-07-01 14:13:31.036887669 +0200
-@@ -141,10 +141,10 @@ isc_result_t trace_begin (const char *fi
+diff -up dhcp-4.3.0a1/omapip/trace.c.cloexec dhcp-4.3.0a1/omapip/trace.c
+--- dhcp-4.3.0a1/omapip/trace.c.cloexec 2013-12-11 01:01:03.000000000 +0100
++++ dhcp-4.3.0a1/omapip/trace.c 2013-12-19 15:34:41.663885900 +0100
+@@ -142,10 +142,10 @@ isc_result_t trace_begin (const char *fi
return DHCP_R_INVALIDARG;
}
0600);
}
-@@ -431,7 +431,7 @@ void trace_file_replay (const char *file
+@@ -433,7 +433,7 @@ void trace_file_replay (const char *file
isc_result_t result;
int len;
if (!traceinfile) {
log_error("Can't open tracefile %s: %m", filename);
return;
-diff -up dhcp-4.2.2b1/relay/dhcrelay.c.cloexec dhcp-4.2.2b1/relay/dhcrelay.c
---- dhcp-4.2.2b1/relay/dhcrelay.c.cloexec 2011-05-10 15:07:37.000000000 +0200
-+++ dhcp-4.2.2b1/relay/dhcrelay.c 2011-07-01 14:18:07.630209767 +0200
-@@ -183,11 +183,11 @@ main(int argc, char **argv) {
+diff -up dhcp-4.3.0a1/relay/dhcrelay.c.cloexec dhcp-4.3.0a1/relay/dhcrelay.c
+--- dhcp-4.3.0a1/relay/dhcrelay.c.cloexec 2013-12-13 22:26:21.000000000 +0100
++++ dhcp-4.3.0a1/relay/dhcrelay.c 2013-12-19 15:34:41.664885886 +0100
+@@ -193,11 +193,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0(stdin), 1,(stdout), and
2(stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
-@@ -540,13 +540,13 @@ main(int argc, char **argv) {
+@@ -564,13 +564,13 @@ main(int argc, char **argv) {
if (no_pid_file == ISC_FALSE) {
pfdesc = open(path_dhcrelay_pid,
if (!pf)
log_error("Can't fdopen %s: %m",
path_dhcrelay_pid);
-diff -up dhcp-4.2.2b1/server/confpars.c.cloexec dhcp-4.2.2b1/server/confpars.c
---- dhcp-4.2.2b1/server/confpars.c.cloexec 2010-10-14 00:34:45.000000000 +0200
-+++ dhcp-4.2.2b1/server/confpars.c 2011-07-01 14:13:31.039887666 +0200
-@@ -116,7 +116,7 @@ isc_result_t read_conf_file (const char
+diff -up dhcp-4.3.0a1/server/confpars.c.cloexec dhcp-4.3.0a1/server/confpars.c
+--- dhcp-4.3.0a1/server/confpars.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/confpars.c 2013-12-19 15:34:41.665885871 +0100
+@@ -117,7 +117,7 @@ isc_result_t read_conf_file (const char
}
#endif
if (leasep) {
log_error ("Can't open lease database %s: %m --",
path_dhcpd_db);
-diff -up dhcp-4.2.2b1/server/db.c.cloexec dhcp-4.2.2b1/server/db.c
---- dhcp-4.2.2b1/server/db.c.cloexec 2010-09-14 00:15:26.000000000 +0200
-+++ dhcp-4.2.2b1/server/db.c 2011-07-01 14:13:31.040887665 +0200
-@@ -1035,7 +1035,7 @@ void db_startup (testp)
+diff -up dhcp-4.3.0a1/server/db.c.cloexec dhcp-4.3.0a1/server/db.c
+--- dhcp-4.3.0a1/server/db.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/db.c 2013-12-19 15:34:41.666885857 +0100
+@@ -1081,7 +1081,7 @@ void db_startup (testp)
}
#endif
if (!testp) {
if (!db_file)
log_fatal ("Can't open %s for append.", path_dhcpd_db);
expire_all_pools ();
-@@ -1083,12 +1083,12 @@ int new_lease_file ()
+@@ -1129,12 +1129,12 @@ int new_lease_file ()
path_dhcpd_db, (int)t) >= sizeof newfname)
log_fatal("new_lease_file: lease file path too long");
log_error("Can't fdopen new lease file: %m");
close(db_fd);
goto fdfail;
-diff -up dhcp-4.2.2b1/server/dhcpd.c.cloexec dhcp-4.2.2b1/server/dhcpd.c
---- dhcp-4.2.2b1/server/dhcpd.c.cloexec 2011-04-21 16:08:15.000000000 +0200
-+++ dhcp-4.2.2b1/server/dhcpd.c 2011-07-01 14:19:40.354124505 +0200
-@@ -270,11 +270,11 @@ main(int argc, char **argv) {
+diff -up dhcp-4.3.0a1/server/dhcpd.c.cloexec dhcp-4.3.0a1/server/dhcpd.c
+--- dhcp-4.3.0a1/server/dhcpd.c.cloexec 2013-12-13 22:26:01.000000000 +0100
++++ dhcp-4.3.0a1/server/dhcpd.c 2013-12-19 15:37:17.258674472 +0100
+@@ -193,11 +193,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
-@@ -793,7 +793,7 @@ main(int argc, char **argv) {
+@@ -716,7 +716,7 @@ main(int argc, char **argv) {
*/
if (no_pid_file == ISC_FALSE) {
/*Read previous pid file. */
status = read(i, pbuf, (sizeof pbuf) - 1);
close (i);
if (status > 0) {
-@@ -812,7 +812,7 @@ main(int argc, char **argv) {
+@@ -735,7 +735,7 @@ main(int argc, char **argv) {
}
/* Write new pid file. */
if (i >= 0) {
sprintf(pbuf, "%d\n", (int) getpid());
IGNORE_RET (write(i, pbuf, strlen(pbuf)));
-@@ -840,9 +840,9 @@ main(int argc, char **argv) {
- close(2);
+@@ -763,9 +763,9 @@ main(int argc, char **argv) {
+ (void) close(2);
/* Reopen them on /dev/null. */
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
log_perror = 0; /* No sense logging to /dev/null. */
IGNORE_RET (chdir("/"));
-diff -up dhcp-4.2.2b1/server/ldap.c.cloexec dhcp-4.2.2b1/server/ldap.c
---- dhcp-4.2.2b1/server/ldap.c.cloexec 2010-03-25 16:26:58.000000000 +0100
-+++ dhcp-4.2.2b1/server/ldap.c 2011-07-01 14:13:31.043887665 +0200
-@@ -685,7 +685,7 @@ ldap_start (void)
+diff -up dhcp-4.3.0a1/server/ldap.c.cloexec dhcp-4.3.0a1/server/ldap.c
+--- dhcp-4.3.0a1/server/ldap.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/ldap.c 2013-12-19 15:34:41.667885843 +0100
+@@ -684,7 +684,7 @@ ldap_start (void)
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
{
-diff -up dhcp-4.2.0-P1/client/dhc6.c.PPP dhcp-4.2.0-P1/client/dhc6.c
---- dhcp-4.2.0-P1/client/dhc6.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/client/dhc6.c 2010-11-09 15:54:12.000000000 +0100
-@@ -129,7 +129,7 @@ extern int stateless;
+diff -up dhcp-4.3.1b1/client/dhc6.c.mRfpsB dhcp-4.3.1b1/client/dhc6.c
+--- dhcp-4.3.1b1/client/dhc6.c.mRfpsB 2014-07-10 17:48:03.779424870 +0200
++++ dhcp-4.3.1b1/client/dhc6.c 2014-07-10 17:48:03.795424644 +0200
+@@ -5088,7 +5088,8 @@ make_client6_options(struct client_state
+ */
+ if ((oc = lookup_option(&dhcpv6_universe, *op,
+ D6O_CLIENTID)) == NULL) {
+- if (!option_cache(&oc, &default_duid, NULL, clientid_option,
++ if (default_duid.len == 0 ||
++ !option_cache(&oc, &default_duid, NULL, clientid_option,
+ MDL))
+ log_fatal("Failure assembling a DUID.");
+
+diff -up dhcp-4.3.1b1/client/dhclient.c.mRfpsB dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.mRfpsB 2014-07-10 17:39:25.853763858 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:49:49.882925843 +0200
+@@ -948,8 +948,8 @@ main(int argc, char **argv) {
+ if (default_duid.buffer != NULL)
+ data_string_forget(&default_duid, MDL);
+
+- form_duid(&default_duid, MDL);
+- write_duid(&default_duid);
++ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS)
++ write_duid(&default_duid);
+ }
+ }
+
+@@ -3267,7 +3267,7 @@ write_options(struct client_state *clien
* is not how it is intended. Upcoming rearchitecting the client should
* address this "one daemon model."
*/
form_duid(struct data_string *duid, const char *file, int line)
{
struct interface_info *ip;
-@@ -141,6 +141,15 @@ form_duid(struct data_string *duid, cons
+@@ -3280,6 +3280,15 @@ form_duid(struct data_string *duid, cons
if (ip == NULL)
log_fatal("Impossible condition at %s:%d.", MDL);
if ((ip->hw_address.hlen == 0) ||
(ip->hw_address.hlen > sizeof(ip->hw_address.hbuf)))
log_fatal("Impossible hardware address length at %s:%d.", MDL);
-@@ -176,6 +185,8 @@ form_duid(struct data_string *duid, cons
- memcpy(duid->buffer->data + 4, ip->hw_address.hbuf + 1,
- ip->hw_address.hlen - 1);
+@@ -3323,6 +3332,8 @@ form_duid(struct data_string *duid, cons
+ log_info("Created duid %s.", str);
+ dfree(str, MDL);
}
-+
++
+ return ISC_R_SUCCESS;
}
- /*
-@@ -5289,7 +5300,8 @@ make_client6_options(struct client_state
- */
- if ((oc = lookup_option(&dhcpv6_universe, *op,
- D6O_CLIENTID)) == NULL) {
-- if (!option_cache(&oc, &default_duid, NULL, clientid_option,
-+ if (default_duid.len == 0 ||
-+ !option_cache(&oc, &default_duid, NULL, clientid_option,
- MDL))
- log_fatal("Failure assembling a DUID.");
-
-diff -up dhcp-4.2.0-P1/client/dhclient.c.PPP dhcp-4.2.0-P1/client/dhclient.c
---- dhcp-4.2.0-P1/client/dhclient.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/client/dhclient.c 2010-11-09 15:37:26.000000000 +0100
-@@ -911,8 +911,8 @@ main(int argc, char **argv) {
- if (default_duid.buffer != NULL)
- data_string_forget(&default_duid, MDL);
-
-- form_duid(&default_duid, MDL);
-- write_duid(&default_duid);
-+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS)
-+ write_duid(&default_duid);
- }
-
- for (ip = interfaces ; ip != NULL ; ip = ip->next) {
-diff -up dhcp-4.2.0-P1/common/bpf.c.PPP dhcp-4.2.0-P1/common/bpf.c
---- dhcp-4.2.0-P1/common/bpf.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/common/bpf.c 2010-11-09 15:42:42.000000000 +0100
-@@ -599,6 +599,22 @@ get_hw_addr(const char *name, struct har
+ /* Write the default DUID to the lease store. */
+diff -up dhcp-4.3.1b1/common/bpf.c.mRfpsB dhcp-4.3.1b1/common/bpf.c
+--- dhcp-4.3.1b1/common/bpf.c.mRfpsB 2014-07-10 17:39:25.797764653 +0200
++++ dhcp-4.3.1b1/common/bpf.c 2014-07-10 17:48:03.797424616 +0200
+@@ -600,6 +600,22 @@ get_hw_addr(const char *name, struct har
memcpy(&hw->hbuf[1], LLADDR(sa), sa->sdl_alen);
break;
#endif /* IFT_FDDI */
default:
log_fatal("Unsupported device type %d for \"%s\"",
sa->sdl_type, name);
-diff -up dhcp-4.2.0-P1/common/lpf.c.PPP dhcp-4.2.0-P1/common/lpf.c
---- dhcp-4.2.0-P1/common/lpf.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/common/lpf.c 2010-11-09 15:45:40.000000000 +0100
-@@ -502,6 +502,22 @@ get_hw_addr(const char *name, struct har
+diff -up dhcp-4.3.1b1/common/lpf.c.mRfpsB dhcp-4.3.1b1/common/lpf.c
+--- dhcp-4.3.1b1/common/lpf.c.mRfpsB 2014-07-10 17:39:25.744765404 +0200
++++ dhcp-4.3.1b1/common/lpf.c 2014-07-10 17:48:03.797424616 +0200
+@@ -511,6 +511,22 @@ get_hw_addr(const char *name, struct har
hw->hbuf[0] = HTYPE_FDDI;
- memcpy(&hw->hbuf[1], sa->sa_data, 16);
+ memcpy(&hw->hbuf[1], sa->sa_data, 6);
break;
+#if defined(ARPHRD_PPP)
+ case ARPHRD_PPP:
default:
log_fatal("Unsupported device type %ld for \"%s\"",
(long int)sa->sa_family, name);
-diff -up dhcp-4.2.0-P1/includes/dhcpd.h.PPP dhcp-4.2.0-P1/includes/dhcpd.h
---- dhcp-4.2.0-P1/includes/dhcpd.h.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/includes/dhcpd.h 2010-11-09 15:46:58.000000000 +0100
-@@ -2733,7 +2733,7 @@ void dhcpv4_client_assignments(void);
- void dhcpv6_client_assignments(void);
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB 2014-07-10 17:48:03.761425124 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:48:03.798424601 +0200
+@@ -2839,7 +2839,7 @@ void client_dns_remove(struct client_sta
- /* dhc6.c */
+ void dhcpv4_client_assignments(void);
+ void dhcpv6_client_assignments(void);
-void form_duid(struct data_string *duid, const char *file, int line);
+isc_result_t form_duid(struct data_string *duid, const char *file, int line);
+
+ /* dhc6.c */
void dhc6_lease_destroy(struct dhc6_lease **src, const char *file, int line);
- void start_init6(struct client_state *client);
- void start_info_request6(struct client_state *client);
-diff -up dhcp-4.2.0-P1/includes/dhcp.h.PPP dhcp-4.2.0-P1/includes/dhcp.h
---- dhcp-4.2.0-P1/includes/dhcp.h.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/includes/dhcp.h 2010-11-09 15:48:53.000000000 +0100
-@@ -80,6 +80,8 @@ struct dhcp_packet {
- #define HTYPE_IEEE802 6 /* IEEE 802.2 Token Ring... */
- #define HTYPE_FDDI 8 /* FDDI... */
+diff -up dhcp-4.3.1b1/includes/dhcp.h.mRfpsB dhcp-4.3.1b1/includes/dhcp.h
+--- dhcp-4.3.1b1/includes/dhcp.h.mRfpsB 2014-07-10 17:48:03.761425124 +0200
++++ dhcp-4.3.1b1/includes/dhcp.h 2014-07-10 17:48:03.798424601 +0200
+@@ -81,6 +81,8 @@ struct dhcp_packet {
+ * is no standard for this so we
+ * just steal a type */
-+#define HTYPE_RESERVED 0 /* RFC 5494 */
++#define HTYPE_RESERVED 0 /* RFC 5494 */
+
/* Magic cookie validating dhcp options field (and bootp vendor
extensions field). */
#define DHCP_OPTIONS_COOKIE "\143\202\123\143"
-diff -up dhcp-4.2.0-P1/server/dhcpv6.c.PPP dhcp-4.2.0-P1/server/dhcpv6.c
---- dhcp-4.2.0-P1/server/dhcpv6.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/server/dhcpv6.c 2010-11-09 15:50:17.000000000 +0100
-@@ -300,6 +300,9 @@ generate_new_server_duid(void) {
+diff -up dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB dhcp-4.3.1b1/server/dhcpv6.c
+--- dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB 2014-07-10 17:47:31.464881409 +0200
++++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 17:48:03.800424573 +0200
+@@ -330,6 +330,9 @@ generate_new_server_duid(void) {
if (p->hw_address.hlen > 0) {
break;
}
-diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
---- dhcp-4.2.0/server/dhcpv6.c.UseMulticast 2010-06-01 19:30:00.000000000 +0200
-+++ dhcp-4.2.0/server/dhcpv6.c 2010-07-21 16:17:30.000000000 +0200
-@@ -346,6 +346,48 @@ generate_new_server_duid(void) {
+diff -up dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast dhcp-4.3.1b1/server/dhcpv6.c
+--- dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast 2014-07-02 19:58:40.000000000 +0200
++++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 18:20:03.066256219 +0200
+@@ -376,6 +376,48 @@ generate_new_server_duid(void) {
}
/*
+ }
+
+ execute_statements_in_scope(NULL, NULL, NULL, NULL, NULL,
-+ opt_state, &global_scope, root_group, NULL);
++ opt_state, &global_scope, root_group, NULL, NULL);
+
+ oc = lookup_option(&dhcpv6_universe, opt_state, D6O_UNICAST);
+ unicast_option_defined = (oc != NULL);
* Get the client identifier from the packet.
*/
isc_result_t
-@@ -1405,6 +1447,56 @@ lease_to_client(struct data_string *repl
- reply.shared->group);
+@@ -706,6 +748,12 @@ static const int required_opts[] = {
+ D6O_PREFERENCE,
+ 0
+ };
++static const int required_opts_NAA[] = {
++ D6O_CLIENTID,
++ D6O_SERVERID,
++ D6O_STATUS_CODE,
++ 0
++};
+ static const int required_opts_solicit[] = {
+ D6O_CLIENTID,
+ D6O_SERVERID,
+@@ -1587,6 +1635,56 @@ lease_to_client(struct data_string *repl
+ reply.shared->group, NULL);
}
+ /* reject unicast message, unless we set unicast option */
+ reply.opt_state, reply.packet,
+ required_opts_NAA,
+ NULL);
-+ } else if (no_resources_avail && (reply.ia_count != 0) &&
-+ (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
++ }
++
/*
* RFC3315 section 17.2.2 (Solicit):
*
-@@ -1429,8 +1521,6 @@ lease_to_client(struct data_string *repl
- * the server.
- * Sends a Renew/Rebind if the IA is not in the Reply message.
+@@ -1619,6 +1717,7 @@ lease_to_client(struct data_string *repl
+ * Having stored the client's IA's, store any options that
+ * will fit in the remaining space.
*/
-- if (no_resources_avail && (reply.ia_count != 0) &&
-- (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
- {
- /* Set the NoAddrsAvail status code. */
- if (!set_status_code(STATUS_NoAddrsAvail,
-@@ -4128,7 +4218,6 @@ dhcpv6_solicit(struct data_string *reply
++ else
+ reply.cursor += store_options6((char *)reply.buf.data + reply.cursor,
+ sizeof(reply.buf) - reply.cursor,
+ reply.opt_state, reply.packet,
+@@ -4748,7 +4847,6 @@ dhcpv6_solicit(struct data_string *reply
* Very similar to Solicit handling, except the server DUID is required.
*/
static void
dhcpv6_request(struct data_string *reply_ret, struct packet *packet) {
struct data_string client_id;
-@@ -4443,7 +4532,6 @@ exit:
+@@ -5078,7 +5176,6 @@ exit:
* except for the error code of when addresses don't match.
*/
static void
dhcpv6_renew(struct data_string *reply, struct packet *packet) {
struct data_string client_id;
-@@ -4688,18 +4776,60 @@ iterate_over_ia_na(struct data_string *r
+@@ -5322,18 +5419,60 @@ iterate_over_ia_na(struct data_string *r
goto exit;
}
/*
* Loop through the IA_NA reported by the client, and deal with
-@@ -4838,6 +4968,7 @@ iterate_over_ia_na(struct data_string *r
+@@ -5471,6 +5610,7 @@ iterate_over_ia_na(struct data_string *r
/*
* Return our reply to the caller.
*/
reply_ret->len = reply_ofs;
reply_ret->buffer = NULL;
if (!buffer_allocate(&reply_ret->buffer, reply_ofs, MDL)) {
-@@ -4883,7 +5014,6 @@ exit:
+@@ -5516,7 +5656,6 @@ exit:
* we still need to be aware of this possibility.
*/
/* TODO: IA_TA */
static void
dhcpv6_decline(struct data_string *reply, struct packet *packet) {
-@@ -5355,7 +5485,6 @@ exit:
+@@ -5986,7 +6125,6 @@ exit:
* Release means a client is done with the leases.
*/
--- /dev/null
+diff -up dhcp-4.3.0a1/common/dispatch.c.dracut dhcp-4.3.0a1/common/dispatch.c
+--- dhcp-4.3.0a1/common/dispatch.c.dracut 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/dispatch.c 2013-12-19 15:39:50.350505860 +0100
+@@ -210,6 +210,10 @@ void add_timeout (when, where, what, ref
+ isc_interval_t interval;
+ isc_time_t expires;
+
++ if (when == NULL) {
++ return;
++ }
++
+ /* See if this timeout supersedes an existing timeout. */
+ t = (struct timeout *)0;
+ for (q = timeouts; q; q = q->next) {
-diff -up dhcp-4.2.2b1/client/dhclient.8.capability dhcp-4.2.2b1/client/dhclient.8
---- dhcp-4.2.2b1/client/dhclient.8.capability 2011-07-01 15:09:06.603784531 +0200
-+++ dhcp-4.2.2b1/client/dhclient.8 2011-07-01 15:09:06.663783913 +0200
-@@ -118,6 +118,9 @@ dhclient - Dynamic Host Configuration Pr
+diff -up dhcp-4.3.1b1/client/dhclient.8.zzftXp dhcp-4.3.1b1/client/dhclient.8
+--- dhcp-4.3.1b1/client/dhclient.8.zzftXp 2014-07-10 17:38:26.938599402 +0200
++++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:39:25.852763873 +0200
+@@ -128,6 +128,9 @@ dhclient - Dynamic Host Configuration Pr
.B -w
]
[
.B -B
]
[
-@@ -296,6 +299,32 @@ has been added or removed, so that the c
+@@ -304,6 +307,32 @@ has been added or removed, so that the c
address on that interface.
.TP
.BI \-B
Set the BOOTP broadcast flag in request packets so servers will always
broadcast replies.
-diff -up dhcp-4.2.2b1/client/dhclient.c.capability dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.capability 2011-07-01 15:09:06.644784107 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 15:09:06.664783903 +0200
+diff -up dhcp-4.3.1b1/client/dhclient.c.zzftXp dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.zzftXp 2014-07-10 17:39:25.797764653 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:25.853763858 +0200
@@ -39,6 +39,10 @@
#include <limits.h>
#include <dns/result.h>
/*
* Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
* that when building ISC code.
-@@ -141,6 +145,9 @@ main(int argc, char **argv) {
+@@ -143,6 +147,9 @@ main(int argc, char **argv) {
int timeout_arg = 0;
char *arg_conf = NULL;
int arg_conf_len = 0;
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
-@@ -410,6 +417,10 @@ main(int argc, char **argv) {
+@@ -425,6 +432,10 @@ main(int argc, char **argv) {
}
dhclient_request_options = argv[i];
} else if (argv[i][0] == '-') {
usage();
} else if (interfaces_requested < 0) {
-@@ -458,6 +469,19 @@ main(int argc, char **argv) {
+@@ -473,6 +484,19 @@ main(int argc, char **argv) {
path_dhclient_script = s;
}
/* Set up the initial dhcp option universe. */
initialize_common_option_spaces();
-diff -up dhcp-4.2.2b1/client/dhclient-script.8.capability dhcp-4.2.2b1/client/dhclient-script.8
---- dhcp-4.2.2b1/client/dhclient-script.8.capability 2011-07-01 15:09:06.604784521 +0200
-+++ dhcp-4.2.2b1/client/dhclient-script.8 2011-07-01 15:09:06.666783883 +0200
-@@ -239,6 +239,16 @@ repeatedly initialized to the values pro
+diff -up dhcp-4.3.1b1/client/dhclient-script.8.zzftXp dhcp-4.3.1b1/client/dhclient-script.8
+--- dhcp-4.3.1b1/client/dhclient-script.8.zzftXp 2014-07-10 17:39:25.761765163 +0200
++++ dhcp-4.3.1b1/client/dhclient-script.8 2014-07-10 17:39:25.851763887 +0200
+@@ -243,6 +243,16 @@ repeatedly initialized to the values pro
the other. Assuming the information provided by both servers is
valid, this shouldn't cause any real problems, but it could be
confusing.
.SH SEE ALSO
dhclient(8), dhcpd(8), dhcrelay(8), dhclient.conf(5) and
dhclient.leases(5).
-diff -up dhcp-4.2.2b1/client/Makefile.am.capability dhcp-4.2.2b1/client/Makefile.am
---- dhcp-4.2.2b1/client/Makefile.am.capability 2011-07-01 15:09:06.526785327 +0200
-+++ dhcp-4.2.2b1/client/Makefile.am 2011-07-01 15:09:06.667783873 +0200
-@@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
+diff -up dhcp-4.3.1b1/client/Makefile.am.zzftXp dhcp-4.3.1b1/client/Makefile.am
+--- dhcp-4.3.1b1/client/Makefile.am.zzftXp 2014-07-10 17:38:10.778828583 +0200
++++ dhcp-4.3.1b1/client/Makefile.am 2014-07-10 17:39:25.851763887 +0200
+@@ -10,7 +10,7 @@ dhclient_SOURCES = clparse.c dhclient.c
+ scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
- dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- $(BIND9_LIBDIR) -ldns-export -lisc-export
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
+-dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
++dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2b1/configure.ac.capability dhcp-4.2.2b1/configure.ac
---- dhcp-4.2.2b1/configure.ac.capability 2011-07-01 15:09:06.527785317 +0200
-+++ dhcp-4.2.2b1/configure.ac 2011-07-01 15:09:06.667783873 +0200
-@@ -449,6 +449,41 @@ AC_TRY_LINK(
+diff -up dhcp-4.3.1b1/configure.ac.zzftXp dhcp-4.3.1b1/configure.ac
+--- dhcp-4.3.1b1/configure.ac.zzftXp 2014-07-10 17:38:10.779828569 +0200
++++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:39:25.854763844 +0200
+@@ -499,6 +499,41 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],
# Look for optional headers.
AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
# Solaris needs some libraries for functions
AC_SEARCH_LIBS(socket, [socket])
AC_SEARCH_LIBS(inet_ntoa, [nsl])
-diff -up dhcp-4.2.2b1/relay/dhcrelay.c.capability dhcp-4.2.2b1/relay/dhcrelay.c
---- dhcp-4.2.2b1/relay/dhcrelay.c.capability 2011-07-01 15:09:06.626784295 +0200
-+++ dhcp-4.2.2b1/relay/dhcrelay.c 2011-07-01 15:12:05.362223794 +0200
-@@ -36,6 +36,11 @@
- #include <syslog.h>
+diff -up dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp dhcp-4.3.1b1/relay/dhcrelay.c
+--- dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp 2014-07-10 17:39:25.799764624 +0200
++++ dhcp-4.3.1b1/relay/dhcrelay.c 2014-07-10 17:40:19.191007421 +0200
+@@ -31,6 +31,11 @@
+ #include <signal.h>
#include <sys/time.h>
+#ifdef HAVE_LIBCAP_NG
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
struct tree_cache *global_options[256];
-@@ -356,6 +361,10 @@ main(int argc, char **argv) {
- sl->next = upstreams;
- upstreams = sl;
+@@ -376,6 +381,10 @@ main(int argc, char **argv) {
+ usage();
+ dhcrelay_sub_id = argv[i];
#endif
+ } else if (!strcmp(argv[i], "-nc")) {
+#ifdef HAVE_LIBCAP_NG
} else if (!strcmp(argv[i], "-pf")) {
if (++i == argc)
usage();
-@@ -426,6 +435,17 @@ main(int argc, char **argv) {
+@@ -446,6 +455,17 @@ main(int argc, char **argv) {
#endif
}
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
log_info(copyright);
-@@ -573,6 +593,15 @@ main(int argc, char **argv) {
- dhcpv6_packet_handler = do_packet6;
+@@ -598,6 +618,15 @@ main(int argc, char **argv) {
+ signal(SIGTERM, dhcp_signal_handler); /* kill */
#endif
+#ifdef HAVE_LIBCAP_NG
/* Start dispatching packets and timeouts... */
dispatch();
-diff -up dhcp-4.2.2b1/relay/Makefile.am.capability dhcp-4.2.2b1/relay/Makefile.am
---- dhcp-4.2.2b1/relay/Makefile.am.capability 2011-07-01 15:09:06.546785121 +0200
-+++ dhcp-4.2.2b1/relay/Makefile.am 2011-07-01 15:09:06.670783841 +0200
-@@ -3,7 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
+diff -up dhcp-4.3.1b1/relay/Makefile.am.zzftXp dhcp-4.3.1b1/relay/Makefile.am
+--- dhcp-4.3.1b1/relay/Makefile.am.zzftXp 2014-07-10 17:38:10.780828554 +0200
++++ dhcp-4.3.1b1/relay/Makefile.am 2014-07-10 17:39:25.854763844 +0200
+@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
+
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
- dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- $(BIND9_LIBDIR) -ldns-export -lisc-export
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
+-dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
++dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2b1/server/dhcpd.c.capability dhcp-4.2.2b1/server/dhcpd.c
---- dhcp-4.2.2b1/server/dhcpd.c.capability 2011-07-01 15:09:06.636784192 +0200
-+++ dhcp-4.2.2b1/server/dhcpd.c 2011-07-01 15:09:06.670783841 +0200
-@@ -58,6 +58,11 @@ static const char url [] =
- # undef group
- #endif /* PARANOIA */
-
-+#ifdef HAVE_LIBCAP_NG
-+# include <cap-ng.h>
-+ int keep_capabilities = 0;
-+#endif
-+
- static void usage(void);
-
- struct iaddr server_identifier;
-@@ -403,6 +408,10 @@ main(int argc, char **argv) {
- traceinfile = argv [i];
- trace_replay_init ();
- #endif /* TRACING */
-+ } else if (!strcmp(argv[i], "-nc")) {
-+#ifdef HAVE_LIBCAP_NG
-+ keep_capabilities = 1;
-+#endif
- } else if (argv [i][0] == '-') {
- usage ();
- } else {
-@@ -459,6 +468,17 @@ main(int argc, char **argv) {
- }
- #endif /* DHCPv6 */
-
-+#ifdef HAVE_LIBCAP_NG
-+ /* Drop capabilities */
-+ if (!keep_capabilities) {
-+ capng_clear(CAPNG_SELECT_BOTH);
-+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
-+ CAP_NET_RAW, CAP_NET_BIND_SERVICE, CAP_SYS_CHROOT, CAP_SETUID, CAP_SETGID, -1);
-+ capng_apply(CAPNG_SELECT_BOTH);
-+ log_info ("Dropped all unnecessary capabilities.");
-+ }
-+#endif
-+
- /*
- * convert relative path names to absolute, for files that need
- * to be reopened after chdir() has been called
-@@ -859,6 +879,15 @@ main(int argc, char **argv) {
- omapi_set_int_value ((omapi_object_t *)dhcp_control_object,
- (omapi_object_t *)0, "state", server_running);
-
-+#ifdef HAVE_LIBCAP_NG
-+ /* Drop all capabilities */
-+ if (!keep_capabilities) {
-+ capng_clear(CAPNG_SELECT_BOTH);
-+ capng_apply(CAPNG_SELECT_BOTH);
-+ log_info ("Dropped all capabilities.");
-+ }
-+#endif
-+
- /* Receive packets and dispatch them... */
- dispatch ();
-
-diff -up dhcp-4.2.2b1/server/Makefile.am.capability dhcp-4.2.2b1/server/Makefile.am
---- dhcp-4.2.2b1/server/Makefile.am.capability 2011-07-01 15:09:06.546785121 +0200
-+++ dhcp-4.2.2b1/server/Makefile.am 2011-07-01 15:09:06.671783830 +0200
-@@ -8,7 +8,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
- dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-+ ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export \
-+ $(CAPNG_LDADD)
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
- EXTRA_DIST = $(man_MANS)
-diff -up dhcp-4.2.0/client/clparse.c.requested dhcp-4.2.0/client/clparse.c
---- dhcp-4.2.0/client/clparse.c.requested 2010-07-21 13:29:05.000000000 +0200
-+++ dhcp-4.2.0/client/clparse.c 2010-07-21 13:50:29.000000000 +0200
+diff -up dhcp-4.3.0a1/client/clparse.c.requested dhcp-4.3.0a1/client/clparse.c
+--- dhcp-4.3.0a1/client/clparse.c.requested 2013-12-19 15:13:27.276631307 +0100
++++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:13:27.313630789 +0100
@@ -37,7 +37,7 @@
struct client_config top_level_config;
struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1];
static void parse_client_default_duid(struct parse *cfile);
-@@ -111,6 +111,31 @@ isc_result_t read_client_conf ()
+@@ -119,6 +119,31 @@ isc_result_t read_client_conf ()
option_code_hash_lookup(&default_requested_options[8],
dhcpv6_universe.code_hash, &code, 0, MDL);
-diff -up dhcp-4.2.0/client/dhclient.c.backoff dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.backoff 2010-07-21 13:37:03.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 13:38:31.000000000 +0200
-@@ -1208,6 +1208,8 @@ void state_init (cpp)
+diff -up dhcp-4.3.1b1/client/dhclient.c.JwFUZj dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.JwFUZj 2014-07-10 17:38:50.511265091 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:16.164901267 +0200
+@@ -1281,6 +1281,8 @@ void state_init (cpp)
void *cpp;
{
struct client_state *client = cpp;
ASSERT_STATE(state, S_INIT);
-@@ -1220,9 +1222,18 @@ void state_init (cpp)
+@@ -1293,9 +1295,18 @@ void state_init (cpp)
client -> first_sending = cur_time;
client -> interval = client -> config -> initial_interval;
}
/*
-@@ -1501,6 +1512,7 @@ void bind_lease (client)
- send_decline (client);
- destroy_client_lease (client -> new);
- client -> new = (struct client_lease *)0;
-+ client -> state = S_DECLINED;
- state_init (client);
- return;
- }
-@@ -3711,6 +3723,7 @@ void client_location_changed ()
+@@ -1592,6 +1603,7 @@ void bind_lease (client)
+ "try (declined). Exiting.");
+ exit(2);
+ } else {
++ client -> state = S_DECLINED;
+ state_init(client);
+ return;
+ }
+@@ -4059,6 +4071,7 @@ void client_location_changed ()
case S_INIT:
case S_REBINDING:
case S_STOPPED:
break;
}
client -> state = S_INIT;
-diff -up dhcp-4.2.0/includes/dhcpd.h.backoff dhcp-4.2.0/includes/dhcpd.h
---- dhcp-4.2.0/includes/dhcpd.h.backoff 2010-07-21 13:29:05.000000000 +0200
-+++ dhcp-4.2.0/includes/dhcpd.h 2010-07-21 13:38:31.000000000 +0200
-@@ -1056,7 +1056,8 @@ enum dhcp_state {
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj 2014-07-10 17:38:26.941599360 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:38:50.526264878 +0200
+@@ -1087,7 +1087,8 @@ enum dhcp_state {
S_BOUND = 5,
S_RENEWING = 6,
S_REBINDING = 7,
-diff -up dhcp-4.2.2b1/client/clparse.c.options dhcp-4.2.2b1/client/clparse.c
---- dhcp-4.2.2b1/client/clparse.c.options 2011-04-21 16:08:14.000000000 +0200
-+++ dhcp-4.2.2b1/client/clparse.c 2011-07-01 13:51:52.935755570 +0200
-@@ -146,6 +146,7 @@ isc_result_t read_client_conf ()
+diff -up dhcp-4.3.1b1/client/clparse.c.fLPqYB dhcp-4.3.1b1/client/clparse.c
+--- dhcp-4.3.1b1/client/clparse.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/clparse.c 2014-07-10 17:38:26.938599402 +0200
+@@ -148,6 +148,7 @@ isc_result_t read_client_conf ()
/* Requested lease time, used by DHCPv6 (DHCPv4 uses the option cache)
*/
top_level_config.requested_lease = 7200;
group_allocate (&top_level_config.on_receipt, MDL);
if (!top_level_config.on_receipt)
-@@ -313,7 +314,8 @@ void read_client_leases ()
+@@ -353,7 +354,8 @@ void read_client_leases ()
interface-declaration |
LEASE client-lease-statement |
ALIAS client-lease-statement |
void parse_client_statement (cfile, ip, config)
struct parse *cfile;
-@@ -732,6 +734,12 @@ void parse_client_statement (cfile, ip,
+@@ -771,6 +773,12 @@ void parse_client_statement (cfile, ip,
parse_reject_statement (cfile, config);
return;
default:
lose = 0;
stmt = (struct executable_statement *)0;
-diff -up dhcp-4.2.2b1/client/dhclient.c.options dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.options 2011-05-11 16:20:59.000000000 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 13:51:52.936755545 +0200
+diff -up dhcp-4.3.1b1/client/dhclient.8.fLPqYB dhcp-4.3.1b1/client/dhclient.8
+--- dhcp-4.3.1b1/client/dhclient.8.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:38:26.938599402 +0200
+@@ -128,6 +128,33 @@ dhclient - Dynamic Host Configuration Pr
+ .B -w
+ ]
+ [
++.B -B
++]
++[
++.B -C
++.I dhcp-client-identifier
++]
++[
++.B -H
++.I host-name
++]
++[
++.B -F
++.I fqdn.fqdn
++]
++[
++.B -V
++.I vendor-class-identifier
++]
++[
++.B -R
++.I request-option-list
++]
++[
++.B -timeout
++.I timeout
++]
++[
+ .B -v
+ ]
+ [
+@@ -275,6 +302,69 @@ not to exit when it doesn't find any suc
+ program can then be used to notify the client when a network interface
+ has been added or removed, so that the client can attempt to configure an IP
+ address on that interface.
++
++.TP
++.BI \-B
++Set the BOOTP broadcast flag in request packets so servers will always
++broadcast replies.
++
++.TP
++.BI \-C\ <dhcp-client-identifier>
++Specify the dhcp-client-identifier option to send to the DHCP server.
++
++.TP
++.BI \-H\ <host-name>
++Specify the host-name option to send to the DHCP server. The host-name
++string only contains the client's hostname prefix, to which the server will
++append the ddns-domainname or domain-name options, if any, to derive the
++fully qualified domain name of the client. The
++.B -H
++option cannot be used with the
++.B -F
++option.
++
++.TP
++.BI \-F\ <fqdn.fqdn>
++Specify the fqdn.fqdn option to send to the DHCP server. This option cannot
++be used with the
++.B -H
++option. The fqdn.fqdn option must specify the complete domain name of the
++client host, which the server may use for dynamic DNS updates.
++
++.TP
++.BI \-V\ <vendor-class-identifier>
++Specify the vendor-class-identifier option to send to the DHCP server.
++
++.TP
++.BI \-R\ <option>[,<option>...]
++Specify the list of options the client is to request from the server. The
++option list must be a single string consisting of option names separated
++by at least one command and optional space characters. The default option
++list is:
++
++.BR
++ subnet-mask, broadcast-address, time-offset, routers,
++.BR
++ domain-search, domain-name, domain-name-servers, host-name,
++.BR
++ nis-domain, nis-servers, ntp-servers, interface-mtu
++
++.TP
++.B -R
++option does not append options to the default request, it overrides the
++default request list. Keep this in mind if you want to request an
++additional option besides the default request list. You will have to
++specify all option names for the
++.B -R
++parameter.
++
++.TP
++.BI \-timeout\ <timeout>
++Specify the time after which
++.B dhclient
++will decide that no DHCP servers can be contacted when no responses have been
++received.
++
+ .TP
+ .BI \-n
+ Do not configure any interfaces. This is most likely to be useful in
+diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:38:44.520350055 +0200
@@ -39,6 +39,12 @@
#include <limits.h>
#include <dns/result.h>
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
-@@ -87,6 +93,9 @@ int wanted_ia_na = -1; /* the absolute
+@@ -88,6 +94,9 @@ int wanted_ia_na = -1; /* the absolute
int wanted_ia_ta = 0;
int wanted_ia_pd = 0;
char *mockup_relay = NULL;
+int bootp_broadcast_always = 0;
+
-+extern u_int32_t default_requested_options[];
++extern struct option *default_requested_options[];
void run_stateless(int exit_mode);
-@@ -123,6 +132,15 @@ main(int argc, char **argv) {
+@@ -125,6 +134,15 @@ main(int argc, char **argv) {
int local_family_set = 0;
#endif /* DHCPv6 */
char *s;
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
-@@ -310,6 +328,88 @@ main(int argc, char **argv) {
- } else if (!strcmp(argv[i], "--version")) {
- log_info("isc-dhclient-%s", PACKAGE_VERSION);
+@@ -325,6 +343,88 @@ main(int argc, char **argv) {
+ strlen(PACKAGE_VERSION)));
+ IGNORE_RET(write(STDERR_FILENO, "\n", 1));
exit(0);
-+ } else if (!strcmp(argv[i], "-I")) {
++ } else if (!strcmp(argv[i], "-C")) {
+ if ((++i == argc) || (argv[i] == NULL) || (*(argv[i])=='\0')) {
+ usage();
+ exit(1);
+ }
+
+ if (strlen(argv[i]) >= DHCP_MAX_OPTION_LEN) {
-+ log_error("-I option dhcp-client-identifier string \"%s\" is too long - maximum length is: %d", argv[i], DHCP_MAX_OPTION_LEN-1);
++ log_error("-C option dhcp-client-identifier string \"%s\" is too long - maximum length is: %d", argv[i], DHCP_MAX_OPTION_LEN-1);
+ exit(1);
+ }
+
+ }
+
+ if ((timeout_arg = atoi(argv[i])) <= 0) {
-+ log_error("-T timeout option must be > 0 - bad value: %s",argv[i]);
++ log_error("timeout option must be > 0 - bad value: %s",argv[i]);
+ exit(1);
+ }
+ } else if (!strcmp(argv[i], "-V")) {
} else if (argv[i][0] == '-') {
usage();
} else if (interfaces_requested < 0) {
-@@ -484,6 +584,166 @@ main(int argc, char **argv) {
+@@ -507,6 +607,156 @@ main(int argc, char **argv) {
/* Parse the dhclient.conf file. */
read_client_conf();
+ arg_conf_len = asprintf(&arg_conf, "send dhcp-client-identifier \"%s\";", dhcp_client_identifier_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
-+ log_fatal("Unable to send -I option dhcp-client-identifier");
++ log_fatal("Unable to send -C option dhcp-client-identifier");
+ }
+
+ if ((dhcp_host_name_arg != NULL) && (*dhcp_host_name_arg != '\0')) {
+ if (arg_conf_len == 0)
+ if ((arg_conf_len = strlen(arg_conf)) == 0)
+ /* huh ? cannot happen ! */
-+ log_fatal("Unable to process -I/-H/-F/-timeout/-V/-R configuration arguments");
++ log_fatal("Unable to process -C/-H/-F/-timeout/-V/-R configuration arguments");
+
+ /* parse the extra dhclient.conf configuration arguments
+ * into top level config: */
+ const char *val = NULL;
+ int token;
+
-+ status = new_parse(&cfile, -1, arg_conf, arg_conf_len, "extra dhclient -I/-H/-F/-timeout/-V/-R configuration arguments", 0);
++ status = new_parse(&cfile, -1, arg_conf, arg_conf_len, "extra dhclient -C/-H/-F/-timeout/-V/-R configuration arguments", 0);
+
+ if ((status != ISC_R_SUCCESS) || (cfile -> warnings_occurred))
-+ log_fatal("Cannot parse -I/-H/-F/-timeout/-V/-R configuration arguments !");
++ log_fatal("Cannot parse -C/-H/-F/-timeout/-V/-R configuration arguments !");
+ /* more detailed parse failures will be logged */
+
+ do {
+ } while (1);
+
+ if (cfile -> warnings_occurred)
-+ log_fatal("Cannot parse -I/-H/-F/-timeout/-V/-R configuration arguments !");
++ log_fatal("Cannot parse -C/-H/-F/-timeout/-V/-R configuration arguments !");
+ end_parse(&cfile);
+
+ if (timeout_arg) {
+ /* we just set the toplevel timeout, but per-client
-+ * timeouts may still be at defaults. Also, it makes no
-+ * sense having the reboot_timeout or backoff_cutoff
-+ * greater than the timeout:
++ * timeouts may still be at defaults.
+ */
-+ if ((top_level_config.backoff_cutoff == 15) && (top_level_config.backoff_cutoff > (timeout_arg / 2)))
-+ top_level_config.backoff_cutoff = (((unsigned long)(timeout_arg / 2)) == 0) ? timeout_arg : (unsigned long)(timeout_arg / 2);
-+
+ for (ip=interfaces; ip; ip = ip->next) {
+ if (ip->client->config->timeout == 60)
+ ip->client->config->timeout = timeout_arg;
-+
-+ if ((ip->client->config->reboot_timeout == 10) && (ip->client->config->reboot_timeout > ip->client->config->timeout))
-+ ip->client->config->reboot_timeout = ip->client->config->timeout;
-+ if ((ip->client->config->backoff_cutoff == 15) && (ip->client->config->backoff_cutoff > top_level_config.backoff_cutoff))
-+ ip->client->config->backoff_cutoff = top_level_config.backoff_cutoff;
+ }
+ }
+
/* Parse the lease database. */
read_client_leases();
-@@ -2397,7 +2657,8 @@ void make_discover (client, lease)
+@@ -756,6 +1006,10 @@ static void usage()
+ " [-s server-addr] [-cf config-file]\n"
+ " [-df duid-file] [-lf lease-file]\n"
+ " [-pf pid-file] [--no-pid] [-e VAR=val]\n"
++ " [-C <dhcp-client-identifier>] [-B]\n"
++ " [-H <host-name> | -F <fqdn.fqdn>] [-timeout <timeout>]\n"
++ " [-V <vendor-class-identifier>]\n"
++ " [-R <request option list>]\n"
+ " [-sf script-file] [interface]");
+ }
+
+@@ -2531,7 +2785,8 @@ void make_discover (client, lease)
client -> packet.xid = random ();
client -> packet.secs = 0; /* filled in by send_discover. */
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
-@@ -2481,7 +2742,9 @@ void make_request (client, lease)
+@@ -2615,7 +2870,9 @@ void make_request (client, lease)
} else {
memset (&client -> packet.ciaddr, 0,
sizeof client -> packet.ciaddr);
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
-@@ -2543,7 +2806,8 @@ void make_decline (client, lease)
+@@ -2677,7 +2934,8 @@ void make_decline (client, lease)
client -> packet.hops = 0;
client -> packet.xid = client -> xid;
client -> packet.secs = 0; /* Filled in by send_request. */
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
-diff -up dhcp-4.2.2b1/common/conflex.c.options dhcp-4.2.2b1/common/conflex.c
---- dhcp-4.2.2b1/common/conflex.c.options 2011-05-11 16:20:59.000000000 +0200
-+++ dhcp-4.2.2b1/common/conflex.c 2011-07-01 13:51:52.938755494 +0200
-@@ -808,6 +808,8 @@ intern(char *atom, enum dhcp_token dfv)
+diff -up dhcp-4.3.1b1/common/conflex.c.fLPqYB dhcp-4.3.1b1/common/conflex.c
+--- dhcp-4.3.1b1/common/conflex.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/common/conflex.c 2014-07-10 17:38:26.940599374 +0200
+@@ -811,6 +811,8 @@ intern(char *atom, enum dhcp_token dfv)
return BALANCE;
if (!strcasecmp (atom + 1, "ound"))
return BOUND;
break;
case 'c':
if (!strcasecmp(atom + 1, "ase"))
-diff -up dhcp-4.2.2b1/includes/dhcpd.h.options dhcp-4.2.2b1/includes/dhcpd.h
---- dhcp-4.2.2b1/includes/dhcpd.h.options 2011-05-20 16:21:11.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhcpd.h 2011-07-01 13:51:52.940755442 +0200
-@@ -1147,6 +1147,9 @@ struct client_config {
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.fLPqYB dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.fLPqYB 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:38:26.941599360 +0200
+@@ -1152,6 +1152,9 @@ struct client_config {
int do_forward_update; /* If nonzero, and if we have the
information we need, update the
A record for the address we get. */
};
/* Per-interface state used in the dhcp client... */
-diff -up dhcp-4.2.2b1/includes/dhctoken.h.options dhcp-4.2.2b1/includes/dhctoken.h
---- dhcp-4.2.2b1/includes/dhctoken.h.options 2011-05-12 14:02:47.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhctoken.h 2011-07-01 13:53:43.316861637 +0200
-@@ -361,7 +361,8 @@ enum dhcp_token {
- GETHOSTNAME = 662,
- REWIND = 663,
- INITIAL_DELAY = 664,
-- GETHOSTBYNAME = 665
-+ GETHOSTBYNAME = 665,
-+ BOOTP_BROADCAST_ALWAYS = 666
+diff -up dhcp-4.3.1b1/includes/dhctoken.h.fLPqYB dhcp-4.3.1b1/includes/dhctoken.h
+--- dhcp-4.3.1b1/includes/dhctoken.h.fLPqYB 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/includes/dhctoken.h 2014-07-10 17:38:26.942599346 +0200
+@@ -367,7 +367,8 @@ enum dhcp_token {
+ TOKEN_INFINIBAND = 668,
+ POOL6 = 669,
+ V6RELAY = 670,
+- V6RELOPT = 671
++ V6RELOPT = 671,
++ BOOTP_BROADCAST_ALWAYS = 672
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \
--- /dev/null
+diff -up dhcp-4.3.0b1/omapip/errwarn.c.errwarn dhcp-4.3.0b1/omapip/errwarn.c
+--- dhcp-4.3.0b1/omapip/errwarn.c.errwarn 2014-01-21 09:31:47.301334249 +0100
++++ dhcp-4.3.0b1/omapip/errwarn.c 2014-01-21 09:33:20.569039072 +0100
+@@ -76,11 +76,13 @@ void log_fatal (const char * fmt, ... )
+ }
+
+ log_error ("%s", "");
+- log_error ("If you think you have received this message due to a bug rather");
+- log_error ("than a configuration issue please read the section on submitting");
+- log_error ("bugs on either our web page at www.isc.org or in the README file");
+- log_error ("before submitting a bug. These pages explain the proper");
+- log_error ("process and the information we find helpful for debugging..");
++ log_error ("This version of ISC DHCP is based on the release available");
++ log_error ("on ftp.isc.org. Features have been added and other changes");
++ log_error ("have been made to the base software release in order to make");
++ log_error ("it work better with this distribution.");
++ log_error ("%s", "");
++ log_error ("Please report for this software via the Red Hat Bugzilla site:");
++ log_error (" http://bugzilla.redhat.com");
+ log_error ("%s", "");
+ log_error ("exiting.");
+
--- /dev/null
+diff -up dhcp-4.3.0rc1/common/tables.c.garbage dhcp-4.3.0rc1/common/tables.c
+--- dhcp-4.3.0rc1/common/tables.c.garbage 2014-01-29 10:03:52.132624677 +0100
++++ dhcp-4.3.0rc1/common/tables.c 2014-01-29 10:04:51.413875343 +0100
+@@ -213,7 +213,7 @@ static struct option dhcp_options[] = {
+ { "name-service-search", "Sa", &dhcp_universe, 117, 1 },
+ #endif
+ { "subnet-selection", "I", &dhcp_universe, 118, 1 },
+- { "domain-search", "Dc", &dhcp_universe, 119, 1 },
++ { "domain-search", "D", &dhcp_universe, 119, 1 },
+ { "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
+ { "vivso", "Evendor.", &dhcp_universe, 125, 1 },
+ #if 0
-diff -up dhcp-4.2.2/client/dhclient.c.gpxe-cid dhcp-4.2.2/client/dhclient.c
---- dhcp-4.2.2/client/dhclient.c.gpxe-cid 2011-09-16 18:23:20.190453902 +0200
-+++ dhcp-4.2.2/client/dhclient.c 2011-09-16 18:27:15.568463599 +0200
-@@ -58,6 +58,13 @@ const char *path_dhclient_pid = NULL;
+diff -up dhcp-4.3.0a1/client/dhclient.c.gpxe-cid dhcp-4.3.0a1/client/dhclient.c
+--- dhcp-4.3.0a1/client/dhclient.c.gpxe-cid 2013-12-20 13:28:45.105048317 +0100
++++ dhcp-4.3.0a1/client/dhclient.c 2013-12-20 13:28:45.109048261 +0100
+@@ -47,6 +47,14 @@
+ const char *path_dhclient_pid = NULL;
static char path_dhclient_script_array[] = _PATH_DHCLIENT_SCRIPT;
char *path_dhclient_script = path_dhclient_script_array;
-
++
+/* Default Prefix */
+static unsigned char default_prefix[12] = {
+ 0xff, 0x00, 0x00, 0x00,
+ 0x00, 0x02, 0xc9, 0x00
+};
+
- /* False (default) => we write and use a pid file */
- isc_boolean_t no_pid_file = ISC_FALSE;
+ const char *path_dhclient_duid = NULL;
-@@ -1250,6 +1257,12 @@ int find_subnet (struct subnet **sp,
+ /* False (default) => we write and use a pid file */
+@@ -1253,6 +1260,12 @@ int find_subnet (struct subnet **sp,
static void setup_ib_interface(struct interface_info *ip)
{
struct group *g;
/* Set the broadcast flag */
ip->client->config->bootp_broadcast_always = 1;
-@@ -1266,8 +1279,39 @@ static void setup_ib_interface(struct in
+@@ -1269,8 +1282,39 @@ static void setup_ib_interface(struct in
}
}
}
/* Individual States:
-diff -up dhcp-4.2.2/common/lpf.c.gpxe-cid dhcp-4.2.2/common/lpf.c
---- dhcp-4.2.2/common/lpf.c.gpxe-cid 2011-09-16 18:23:20.183453996 +0200
-+++ dhcp-4.2.2/common/lpf.c 2011-09-16 18:25:28.235804421 +0200
-@@ -591,6 +591,37 @@ void maybe_setup_fallback ()
- }
- }
-
-+static unsigned char * get_ib_hw_addr(char * name)
-+{
-+ struct ifaddrs *ifaddrs;
-+ struct ifaddrs *ifa;
-+ struct sockaddr_ll *sll = NULL;
-+ static unsigned char hw_addr[8];
-+
-+ if (getifaddrs(&ifaddrs) == -1)
-+ return NULL;
-+
-+ for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {
-+ if (ifa->ifa_addr == NULL)
-+ continue;
-+ if (ifa->ifa_addr->sa_family != AF_PACKET)
-+ continue;
-+ if (ifa->ifa_flags & IFF_LOOPBACK)
-+ continue;
-+ if (strcmp(ifa->ifa_name, name) == 0) {
-+ sll = (struct sockaddr_ll *)(void *)ifa->ifa_addr;
-+ break;
-+ }
-+ }
-+ if (sll == NULL) {
-+ freeifaddrs(ifaddrs);
-+ return NULL;
-+ }
-+ memcpy(hw_addr, &sll->sll_addr[sll->sll_halen - 8], 8);
-+ freeifaddrs(ifaddrs);
-+ return (unsigned char *)&hw_addr;
-+}
-+
- void
- get_hw_addr(struct interface_info *info)
- {
-@@ -599,6 +630,7 @@ get_hw_addr(struct interface_info *info)
- struct ifaddrs *ifaddrs;
- struct ifaddrs *ifa;
- struct sockaddr_ll *sll = NULL;
-+ unsigned char *hw_addr;
-
- if (getifaddrs(&ifaddrs) == -1)
- log_fatal("Failed to get interfaces");
-@@ -660,6 +692,10 @@ get_hw_addr(struct interface_info *info)
-
- hw->hlen = 1;
- hw->hbuf[0] = HTYPE_INFINIBAND;
-+ hw_addr = get_ib_hw_addr(name);
-+ if (!hw_addr)
-+ log_fatal("Failed getting %s hw addr", name);
-+ memcpy (&hw->hbuf [1], hw_addr, 8);
- break;
- #if defined(ARPHRD_PPP)
- case ARPHRD_PPP:
-diff -up dhcp-4.2.0/client/dhc6.c.honor-expired dhcp-4.2.0/client/dhc6.c
---- dhcp-4.2.0/client/dhc6.c.honor-expired 2010-10-07 12:55:37.000000000 +0200
-+++ dhcp-4.2.0/client/dhc6.c 2010-10-07 12:56:43.000000000 +0200
-@@ -1405,6 +1405,32 @@ start_info_request6(struct client_state
+diff -up dhcp-4.3.0a1/client/dhc6.c.honor-expired dhcp-4.3.0a1/client/dhc6.c
+--- dhcp-4.3.0a1/client/dhc6.c.honor-expired 2013-12-19 16:00:28.062183037 +0100
++++ dhcp-4.3.0a1/client/dhc6.c 2013-12-19 16:00:28.076182842 +0100
+@@ -1351,6 +1351,32 @@ start_info_request6(struct client_state
go_daemon();
}
/*
* start_confirm6() kicks off an "init-reboot" version of the process, at
* startup to find out if old bindings are 'fair' and at runtime whenever
-@@ -1417,8 +1446,10 @@ start_confirm6(struct client_state *clie
+@@ -1363,8 +1389,10 @@ start_confirm6(struct client_state *clie
/* If there is no active lease, there is nothing to check. */
if ((client->active_lease == NULL) ||
-diff -up dhcp-4.2.2/client/dhclient.c.improved-xid dhcp-4.2.2/client/dhclient.c
---- dhcp-4.2.2/client/dhclient.c.improved-xid 2011-09-16 18:18:00.649730661 +0200
-+++ dhcp-4.2.2/client/dhclient.c 2011-09-16 18:22:36.815035513 +0200
-@@ -898,6 +898,26 @@ main(int argc, char **argv) {
+diff -up dhcp-4.3.0a1/client/dhclient.c.improved-xid dhcp-4.3.0a1/client/dhclient.c
+--- dhcp-4.3.0a1/client/dhclient.c.improved-xid 2013-12-20 13:29:41.836260810 +0100
++++ dhcp-4.3.0a1/client/dhclient.c 2013-12-20 13:29:41.843260713 +0100
+@@ -894,6 +894,26 @@ main(int argc, char **argv) {
}
}
/* At this point, all the interfaces that the script thinks
are relevant should be running, so now we once again call
discover_interfaces(), and this time ask it to actually set
-@@ -912,14 +932,36 @@ main(int argc, char **argv) {
+@@ -908,14 +928,36 @@ main(int argc, char **argv) {
Not much entropy, but we're booting, so we're not likely to
find anything better. */
seed = 0;
/* Setup specific Infiniband options */
for (ip = interfaces; ip; ip = ip->next) {
-@@ -1457,7 +1499,7 @@ void dhcpack (packet)
+@@ -1460,7 +1502,7 @@ void dhcpack (packet)
return;
}
lease = packet_to_lease (packet, client);
if (!lease) {
-@@ -2174,7 +2216,7 @@ void dhcpnak (packet)
+@@ -2171,7 +2213,7 @@ void dhcpnak (packet)
return;
}
if (!client -> active) {
#if defined (DEBUG)
-@@ -2300,10 +2342,10 @@ void send_discover (cpp)
+@@ -2298,10 +2340,10 @@ void send_discover (cpp)
client -> packet.secs = htons (65535);
client -> secs = client -> packet.secs;
+ ntohs (sockaddr_broadcast.sin_port), (long)(client -> interval), client -> xid);
/* Send out a packet. */
- result = send_packet (client -> interface, (struct packet *)0,
-@@ -2584,10 +2626,10 @@ void send_request (cpp)
+ result = send_packet(client->interface, NULL, &client->packet,
+@@ -2570,10 +2612,10 @@ void send_request (cpp)
client -> packet.secs = htons (65535);
}
+ ntohs (destination.sin_port), client -> xid);
if (destination.sin_addr.s_addr != INADDR_BROADCAST &&
- fallback_interface)
-@@ -2618,10 +2660,10 @@ void send_decline (cpp)
+ fallback_interface) {
+@@ -2613,10 +2655,10 @@ void send_decline (cpp)
int result;
- log_info ("DHCPDECLINE on %s to %s port %d",
+ log_info ("DHCPDECLINE on %s to %s port %d (xid=0x%x)",
- client -> name ? client -> name : client -> interface -> name,
- inet_ntoa (sockaddr_broadcast.sin_addr),
-- ntohs (sockaddr_broadcast.sin_port));
-+ ntohs (sockaddr_broadcast.sin_port), client -> xid);
+ client->name ? client->name : client->interface->name,
+ inet_ntoa(sockaddr_broadcast.sin_addr),
+- ntohs(sockaddr_broadcast.sin_port));
++ ntohs(sockaddr_broadcast.sin_port), client -> xid);
/* Send out a packet. */
- result = send_packet (client -> interface, (struct packet *)0,
-@@ -2661,10 +2703,10 @@ void send_release (cpp)
+ result = send_packet(client->interface, NULL, &client->packet,
+@@ -2659,10 +2701,10 @@ void send_release (cpp)
return;
}
- ntohs (destination.sin_port));
+ ntohs (destination.sin_port), client -> xid);
- if (fallback_interface)
- result = send_packet (fallback_interface,
+ if (fallback_interface) {
+ result = send_packet(fallback_interface, NULL, &client->packet,
--- /dev/null
+--- expanded_org/client/dhclient.c Wed Aug 06 23:35:00 2014
++++ expanded_logpid/client/dhclient.c Mon Feb 16 13:35:31 2015
+@@ -142,7 +142,7 @@
+ else if (fd != -1)
+ close(fd);
+
+- openlog("dhclient", DHCP_LOG_OPTIONS, LOG_DAEMON);
++ openlog("dhclient", LOG_NDELAY | LOG_PID, LOG_DAEMON);
+
+ #if !(defined(DEBUG) || defined(__CYGWIN32__))
+ setlogmask(LOG_UPTO(LOG_INFO));
-diff -up dhcp-4.2.2/client/dhclient.c.lpf-ib dhcp-4.2.2/client/dhclient.c
---- dhcp-4.2.2/client/dhclient.c.lpf-ib 2011-09-19 11:24:08.693775799 +0200
-+++ dhcp-4.2.2/client/dhclient.c 2011-09-19 11:24:08.703775541 +0200
-@@ -113,6 +113,8 @@ static int check_domain_name_list(const
+diff -up dhcp-4.3.1b1/client/dhclient.c.bmgpWV dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.bmgpWV 2014-07-10 17:50:26.922402550 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:53:43.629623477 +0200
+@@ -114,6 +114,8 @@ static int check_domain_name_list(const
static int check_option_values(struct universe *universe, unsigned int opt,
const char *ptr, size_t len);
+static void setup_ib_interface(struct interface_info *ip);
+
+ #ifndef UNIT_TEST
int
main(int argc, char **argv) {
- int fd;
-@@ -919,6 +921,14 @@ main(int argc, char **argv) {
+@@ -937,6 +939,13 @@ main(int argc, char **argv) {
}
srandom(seed + cur_time + (unsigned)getpid());
+ setup_ib_interface(ip);
+ }
+ }
-+
- /* Start a configuration state machine for each interface. */
- #ifdef DHCPv6
- if (local_family == AF_INET6) {
-@@ -1195,6 +1205,29 @@ int find_subnet (struct subnet **sp,
+
+ /*
+ * Establish a default DUID. We always do so for v6 and
+@@ -1230,6 +1239,29 @@ int find_subnet (struct subnet **sp,
return 0;
}
/* Individual States:
*
* Each routine is called from the dhclient_state_machine() in one of
-diff -up dhcp-4.2.2/common/bpf.c.lpf-ib dhcp-4.2.2/common/bpf.c
---- dhcp-4.2.2/common/bpf.c.lpf-ib 2011-09-19 11:24:08.694775773 +0200
-+++ dhcp-4.2.2/common/bpf.c 2011-09-19 11:24:08.704775516 +0200
-@@ -198,11 +198,44 @@ struct bpf_insn dhcp_bpf_filter [] = {
+diff -up dhcp-4.3.1b1/common/bpf.c.bmgpWV dhcp-4.3.1b1/common/bpf.c
+--- dhcp-4.3.1b1/common/bpf.c.bmgpWV 2014-07-10 17:48:03.797424616 +0200
++++ dhcp-4.3.1b1/common/bpf.c 2014-07-10 17:52:57.705272295 +0200
+@@ -199,11 +199,44 @@ struct bpf_insn dhcp_bpf_filter [] = {
BPF_STMT(BPF_RET+BPF_K, 0),
};
#if defined (HAVE_TR_SUPPORT)
struct bpf_insn dhcp_bpf_tr_filter [] = {
/* accept all token ring packets due to variable length header */
-diff -up dhcp-4.2.2/common/lpf.c.lpf-ib dhcp-4.2.2/common/lpf.c
---- dhcp-4.2.2/common/lpf.c.lpf-ib 2011-09-19 11:24:08.694775773 +0200
-+++ dhcp-4.2.2/common/lpf.c 2011-09-19 11:26:15.107109935 +0200
-@@ -42,6 +42,7 @@
- #include "includes/netinet/udp.h"
- #include "includes/netinet/if_ether.h"
+diff -up dhcp-4.3.1b1/common/lpf.c.bmgpWV dhcp-4.3.1b1/common/lpf.c
+--- dhcp-4.3.1b1/common/lpf.c.bmgpWV 2014-07-10 17:48:03.797424616 +0200
++++ dhcp-4.3.1b1/common/lpf.c 2014-07-10 17:52:57.706272281 +0200
+@@ -46,6 +46,17 @@
+ #if defined (USE_LPF_RECEIVE) || defined (USE_LPF_HWADDR)
+ #include <sys/ioctl.h>
#include <net/if.h>
+#include <ifaddrs.h>
-
- #ifndef PACKET_AUXDATA
- #define PACKET_AUXDATA 8
-@@ -59,6 +60,15 @@ struct tpacket_auxdata
- /* Reinitializes the specified interface after an address change. This
- is not required for packet-filter APIs. */
-
++
+/* Default broadcast address for IPoIB */
+static unsigned char default_ib_bcast_addr[20] = {
+ 0x00, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff
+};
+
- #ifdef USE_LPF_SEND
- void if_reinitialize_send (info)
- struct interface_info *info;
-@@ -86,10 +96,21 @@ int if_register_lpf (info)
+ #endif
+
+ #if defined (USE_LPF_SEND) || defined (USE_LPF_RECEIVE)
+@@ -92,10 +103,21 @@ int if_register_lpf (info)
struct sockaddr common;
} sa;
struct ifreq ifr;
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
-@@ -112,6 +133,7 @@ int if_register_lpf (info)
+@@ -118,6 +140,7 @@ int if_register_lpf (info)
/* Bind to the interface name */
memset (&sa, 0, sizeof sa);
sa.ll.sll_family = AF_PACKET;
sa.ll.sll_ifindex = ifr.ifr_ifindex;
if (bind (sock, &sa.common, sizeof sa)) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
-@@ -127,8 +149,6 @@ int if_register_lpf (info)
+@@ -133,8 +156,6 @@ int if_register_lpf (info)
log_fatal ("Bind socket to interface: %m");
}
return sock;
}
#endif /* USE_LPF_SEND || USE_LPF_RECEIVE */
-@@ -183,6 +203,8 @@ void if_deregister_send (info)
+@@ -189,6 +210,8 @@ void if_deregister_send (info)
in bpf includes... */
extern struct sock_filter dhcp_bpf_filter [];
extern int dhcp_bpf_filter_len;
#if defined (HAVE_TR_SUPPORT)
extern struct sock_filter dhcp_bpf_tr_filter [];
-@@ -200,11 +222,13 @@ void if_register_receive (info)
+@@ -206,11 +229,13 @@ void if_register_receive (info)
/* Open a LPF device and hang it on this interface... */
info -> rfdesc = if_register_lpf (info);
}
#if defined (HAVE_TR_SUPPORT)
-@@ -250,15 +274,28 @@ static void lpf_gen_filter_setup (info)
+@@ -256,15 +281,28 @@ static void lpf_gen_filter_setup (info)
memset(&p, 0, sizeof(p));
if (setsockopt (info -> rfdesc, SOL_SOCKET, SO_ATTACH_FILTER, &p,
sizeof p) < 0) {
-@@ -315,6 +352,54 @@ static void lpf_tr_filter_setup (info)
+@@ -321,6 +359,54 @@ static void lpf_tr_filter_setup (info)
#endif /* USE_LPF_RECEIVE */
#ifdef USE_LPF_SEND
ssize_t send_packet (interface, packet, raw, len, from, to, hto)
struct interface_info *interface;
struct packet *packet;
-@@ -335,6 +420,11 @@ ssize_t send_packet (interface, packet,
+@@ -341,6 +427,11 @@ ssize_t send_packet (interface, packet,
return send_fallback (interface, packet, raw,
len, from, to, hto);
if (hto == NULL && interface->anycast_mac_addr.hlen)
hto = &interface->anycast_mac_addr;
-@@ -356,6 +446,42 @@ ssize_t send_packet (interface, packet,
+@@ -362,6 +453,42 @@ ssize_t send_packet (interface, packet,
#endif /* USE_LPF_SEND */
#ifdef USE_LPF_RECEIVE
ssize_t receive_packet (interface, buf, len, from, hfrom)
struct interface_info *interface;
unsigned char *buf;
-@@ -382,6 +508,10 @@ ssize_t receive_packet (interface, buf,
+@@ -388,6 +515,10 @@ ssize_t receive_packet (interface, buf,
};
struct cmsghdr *cmsg;
length = recvmsg (interface -> rfdesc, &msg, 0);
if (length <= 0)
return length;
-@@ -462,33 +592,44 @@ void maybe_setup_fallback ()
- }
+@@ -469,11 +600,33 @@ void maybe_setup_fallback ()
+ #endif
- void
+ #if defined (USE_LPF_RECEIVE) || defined (USE_LPF_HWADDR)
+-void
-get_hw_addr(const char *name, struct hardware *hw) {
-- int sock;
-- struct ifreq tmp;
-- struct sockaddr *sa;
-+get_hw_addr(struct interface_info *info)
++struct sockaddr_ll *
++get_ll (struct ifaddrs *ifaddrs, struct ifaddrs **ifa, char *name)
+{
-+ struct hardware *hw = &info->hw_address;
-+ char *name = info->name;
-+ struct ifaddrs *ifaddrs;
-+ struct ifaddrs *ifa;
-+ struct sockaddr_ll *sll = NULL;
-
-- if (strlen(name) >= sizeof(tmp.ifr_name)) {
-- log_fatal("Device name too long: \"%s\"", name);
-- }
-+ if (getifaddrs(&ifaddrs) == -1)
-+ log_fatal("Failed to get interfaces");
-
-- sock = socket(AF_INET, SOCK_DGRAM, 0);
-- if (sock < 0) {
-- log_fatal("Can't create socket for \"%s\": %m", name);
-+ for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {
-+
-+ if (ifa->ifa_addr == NULL)
++ for (*ifa = ifaddrs; *ifa != NULL; *ifa = (*ifa)->ifa_next) {
++ if ((*ifa)->ifa_addr == NULL)
+ continue;
+
-+ if (ifa->ifa_addr->sa_family != AF_PACKET)
++ if ((*ifa)->ifa_addr->sa_family != AF_PACKET)
+ continue;
+
-+ if (ifa->ifa_flags & IFF_LOOPBACK)
++ if ((*ifa)->ifa_flags & IFF_LOOPBACK)
+ continue;
+
-+ if (strcmp(ifa->ifa_name, name) == 0) {
-+ sll = (struct sockaddr_ll *)(void *)ifa->ifa_addr;
-+ break;
-+ }
- }
++ if (strcmp((*ifa)->ifa_name, name) == 0)
++ return (struct sockaddr_ll *)(void *)(*ifa)->ifa_addr;
++ }
++ *ifa = NULL;
++ return NULL;
++}
++
++struct sockaddr_ll *
++ioctl_get_ll(char *name)
++{
+ int sock;
+ struct ifreq tmp;
+- struct sockaddr *sa;
++ struct sockaddr *sa = NULL;
++ struct sockaddr_ll *sll = NULL;
-- memset(&tmp, 0, sizeof(tmp));
-- strcpy(tmp.ifr_name, name);
-- if (ioctl(sock, SIOCGIFHWADDR, &tmp) < 0) {
+ if (strlen(name) >= sizeof(tmp.ifr_name)) {
+ log_fatal("Device name too long: \"%s\"", name);
+@@ -487,16 +640,62 @@ get_hw_addr(const char *name, struct har
+ memset(&tmp, 0, sizeof(tmp));
+ strcpy(tmp.ifr_name, name);
+ if (ioctl(sock, SIOCGIFHWADDR, &tmp) < 0) {
- log_fatal("Error getting hardware address for \"%s\": %m",
-- name);
-+ if (sll == NULL) {
-+ freeifaddrs(ifaddrs);
-+ log_fatal("Failed to get HW address for %s\n", name);
++ log_fatal("Error getting hardware address for \"%s\": %m",
+ name);
}
++ close(sock);
-- sa = &tmp.ifr_hwaddr;
+ sa = &tmp.ifr_hwaddr;
- switch (sa->sa_family) {
++ // needs to be freed outside this function
++ sll = dmalloc (sizeof (struct sockaddr_ll), MDL);
++ if (!sll)
++ log_fatal("Unable to allocate memory for link layer address");
++ memcpy(&sll->sll_hatype, &sa->sa_family, sizeof (sll->sll_hatype));
++ memcpy(sll->sll_addr, sa->sa_data, sizeof (sll->sll_addr));
++ switch (sll->sll_hatype) {
++ case ARPHRD_INFINIBAND:
++ /* ioctl limits hardware addresses to 8 bytes */
++ sll->sll_halen = 8;
++ break;
++ default:
++ break;
++ }
++ return sll;
++}
++
++void
++get_hw_addr(struct interface_info *info)
++{
++ struct hardware *hw = &info->hw_address;
++ char *name = info->name;
++ struct ifaddrs *ifaddrs = NULL;
++ struct ifaddrs *ifa = NULL;
++ struct sockaddr_ll *sll = NULL;
++ int sll_allocated = 0;
++ char *dup = NULL;
++ char *colon = NULL;
++
++ if (getifaddrs(&ifaddrs) == -1)
++ log_fatal("Failed to get interfaces");
++
++ if ((sll = get_ll(ifaddrs, &ifa, name)) == NULL) {
++ /*
++ * We were unable to get link-layer address for name.
++ * Fall back to ioctl(SIOCGIFHWADDR).
++ */
++ sll = ioctl_get_ll(name);
++ if (sll != NULL)
++ sll_allocated = 1;
++ else
++ // shouldn't happen
++ log_fatal("Unexpected internal error");
++ }
++
+ switch (sll->sll_hatype) {
case ARPHRD_ETHER:
hw->hlen = 7;
break;
case ARPHRD_IEEE802:
#ifdef ARPHRD_IEEE802_TR
-@@ -496,18 +637,35 @@ get_hw_addr(const char *name, struct har
+@@ -504,18 +703,48 @@ get_hw_addr(const char *name, struct har
#endif /* ARPHRD_IEEE802_TR */
hw->hlen = 7;
hw->hbuf[0] = HTYPE_IEEE802;
+ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
break;
case ARPHRD_FDDI:
- hw->hlen = 17;
+ hw->hlen = 7;
hw->hbuf[0] = HTYPE_FDDI;
-- memcpy(&hw->hbuf[1], sa->sa_data, 16);
-+ memcpy(&hw->hbuf[1], sll->sll_addr, 16);
+- memcpy(&hw->hbuf[1], sa->sa_data, 6);
++ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
+ break;
+ case ARPHRD_INFINIBAND:
++ dup = strdup(name);
++ /* Aliased infiniband interface is special case where
++ * neither get_ll() nor ioctl_get_ll() get's correct hw
++ * address, so we have to truncate the :0 and run
++ * get_ll() again for the rest.
++ */
++ if ((colon = strchr(dup, ':')) != NULL) {
++ *colon = '\0';
++ if ((sll = get_ll(ifaddrs, &ifa, dup)) == NULL)
++ log_fatal("Error getting hardware address for \"%s\": %m", name);
++ }
++ free (dup);
+ /* For Infiniband, save the broadcast address and store
+ * the port GUID into the hardware address.
+ */
-+ if (ifa->ifa_flags & IFF_BROADCAST) {
++ if (ifa && (ifa->ifa_flags & IFF_BROADCAST)) {
+ struct sockaddr_ll *bll;
+
+ bll = (struct sockaddr_ll *)ifa->ifa_broadaddr;
+
+ hw->hlen = 1;
+ hw->hbuf[0] = HTYPE_INFINIBAND;
++ memcpy(&hw->hbuf[1], &sll->sll_addr[sll->sll_halen - 8], 8);
break;
#if defined(ARPHRD_PPP)
case ARPHRD_PPP:
if (local_family != AF_INET6)
- log_fatal("Unsupported device type %d for \"%s\"",
- sa->sa_family, name);
-+ log_fatal("Unsupported device type %ld for \"%s\"",
-+ (long int)sll->sll_family, name);
++ log_fatal("local_family != AF_INET6 for \"%s\"",
++ name);
hw->hlen = 0;
hw->hbuf[0] = HTYPE_RESERVED;
/* 0xdeadbeef should never occur on the wire,
-@@ -520,10 +678,11 @@ get_hw_addr(const char *name, struct har
+@@ -528,10 +757,13 @@ get_hw_addr(const char *name, struct har
break;
#endif
default:
-+ freeifaddrs(ifaddrs);
- log_fatal("Unsupported device type %ld for \"%s\"",
+- log_fatal("Unsupported device type %ld for \"%s\"",
- (long int)sa->sa_family, name);
-+ (long int)sll->sll_family, name);
++ freeifaddrs(ifaddrs);
++ log_fatal("Unsupported device type %hu for \"%s\"",
++ sll->sll_hatype, name);
}
- close(sock);
++ if (sll_allocated)
++ dfree(sll, MDL);
+ freeifaddrs(ifaddrs);
}
#endif
-diff -up dhcp-4.2.2/common/socket.c.lpf-ib dhcp-4.2.2/common/socket.c
---- dhcp-4.2.2/common/socket.c.lpf-ib 2011-06-27 18:18:20.000000000 +0200
-+++ dhcp-4.2.2/common/socket.c 2011-09-19 11:24:08.705775490 +0200
-@@ -324,7 +324,7 @@ void if_register_send (info)
- info->wfdesc = if_register_socket(info, AF_INET, 0);
+diff -up dhcp-4.3.1b1/common/socket.c.bmgpWV dhcp-4.3.1b1/common/socket.c
+--- dhcp-4.3.1b1/common/socket.c.bmgpWV 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/common/socket.c 2014-07-10 17:52:57.706272281 +0200
+@@ -322,7 +322,7 @@ void if_register_send (info)
+ info->wfdesc = if_register_socket(info, AF_INET, 0, NULL);
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
- get_hw_addr(info->name, &info->hw_address);
#if defined (USE_SOCKET_FALLBACK)
/* Fallback only registers for send, but may need to receive as
well. */
-@@ -387,7 +387,7 @@ void if_register_receive (info)
+@@ -385,7 +385,7 @@ void if_register_receive (info)
#endif /* IP_PKTINFO... */
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
if (!quiet_interface_discovery)
log_info ("Listening on Socket/%s%s%s",
-@@ -497,7 +497,7 @@ if_register6(struct interface_info *info
+@@ -499,7 +499,7 @@ if_register6(struct interface_info *info
if (req_multi)
if_register_multicast(info);
if (!quiet_interface_discovery) {
if (info->shared_network != NULL) {
-diff -up dhcp-4.2.2/includes/dhcpd.h.lpf-ib dhcp-4.2.2/includes/dhcpd.h
---- dhcp-4.2.2/includes/dhcpd.h.lpf-ib 2011-09-19 11:24:08.696775721 +0200
-+++ dhcp-4.2.2/includes/dhcpd.h 2011-09-19 11:24:08.707775438 +0200
-@@ -1243,6 +1243,7 @@ struct interface_info {
+@@ -555,7 +555,7 @@ if_register_linklocal6(struct interface_
+ info->rfdesc = sock;
+ info->wfdesc = sock;
+
+- get_hw_addr(info->name, &info->hw_address);
++ get_hw_addr(info);
+
+ if (!quiet_interface_discovery) {
+ if (info->shared_network != NULL) {
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.bmgpWV dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.bmgpWV 2014-07-10 17:50:26.923402536 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:52:57.707272266 +0200
+@@ -1248,6 +1248,7 @@ struct interface_info {
struct shared_network *shared_network;
/* Networks connected to this interface. */
struct hardware hw_address; /* Its physical address. */
struct in_addr *addresses; /* Addresses associated with this
* interface.
*/
-@@ -2356,7 +2357,7 @@ void print_dns_status (int, struct dhcp_
+@@ -2439,7 +2440,7 @@ void print_dns_status (int, struct dhcp_
#endif
const char *print_time(TIME);
/* socket.c */
#if defined (USE_SOCKET_SEND) || defined (USE_SOCKET_RECEIVE) \
-diff -up dhcp-4.2.2/includes/dhcp.h.lpf-ib dhcp-4.2.2/includes/dhcp.h
---- dhcp-4.2.2/includes/dhcp.h.lpf-ib 2011-09-19 11:24:08.696775721 +0200
-+++ dhcp-4.2.2/includes/dhcp.h 2011-09-19 11:24:08.707775438 +0200
-@@ -79,6 +79,7 @@ struct dhcp_packet {
- #define HTYPE_ETHER 1 /* Ethernet 10Mbps */
- #define HTYPE_IEEE802 6 /* IEEE 802.2 Token Ring... */
- #define HTYPE_FDDI 8 /* FDDI... */
-+#define HTYPE_INFINIBAND 32 /* Infiniband IPoIB */
-
- #define HTYPE_RESERVED 0 /* RFC 5494 */
-
-diff -up dhcp-4.2.1b1/client/dhclient.8.man dhcp-4.2.1b1/client/dhclient.8
---- dhcp-4.2.1b1/client/dhclient.8.man 2010-07-14 22:09:34.000000000 +0200
-+++ dhcp-4.2.1b1/client/dhclient.8 2011-01-27 18:19:07.000000000 +0100
-@@ -115,6 +115,33 @@ dhclient - Dynamic Host Configuration Pr
- .B -w
- ]
- [
-+.B -B
-+]
-+[
-+.B -I
-+.I dhcp-client-identifier
-+]
-+[
-+.B -H
-+.I host-name
-+]
-+[
-+.B -F
-+.I fqdn.fqdn
-+]
-+[
-+.B -V
-+.I vendor-class-identifier
-+]
-+[
-+.B -R
-+.I request-option-list
-+]
-+[
-+.B -timeout
-+.I timeout
-+]
-+[
- .B -v
- ]
- [
-@@ -264,6 +291,69 @@ not to exit when it doesn't find any suc
- program can then be used to notify the client when a network interface
- has been added or removed, so that the client can attempt to configure an IP
- address on that interface.
-+
-+.TP
-+.BI \-B
-+Set the BOOTP broadcast flag in request packets so servers will always
-+broadcast replies.
-+
-+.TP
-+.BI \-I\ <dhcp-client-identifier>
-+Specify the dhcp-client-identifier option to send to the DHCP server.
-+
-+.TP
-+.BI \-H\ <host-name>
-+Specify the host-name option to send to the DHCP server. The host-name
-+string only contains the client's hostname prefix, to which the server will
-+append the ddns-domainname or domain-name options, if any, to derive the
-+fully qualified domain name of the client. The
-+.B -H
-+option cannot be used with the
-+.B -F
-+option.
-+
-+.TP
-+.BI \-F\ <fqdn.fqdn>
-+Specify the fqdn.fqdn option to send to the DHCP server. This option cannot
-+be used with the
-+.B -H
-+option. The fqdn.fqdn option must specify the complete domain name of the
-+client host, which the server may use for dynamic DNS updates.
-+
-+.TP
-+.BI \-V\ <vendor-class-identifier>
-+Specify the vendor-class-identifier option to send to the DHCP server.
-+
-+.TP
-+.BI \-R\ <option>[,<option>...]
-+Specify the list of options the client is to request from the server. The
-+option list must be a single string consisting of option names separated
-+by at least one command and optional space characters. The default option
-+list is:
-+
-+.BR
-+ subnet-mask, broadcast-address, time-offset, routers,
-+.BR
-+ domain-search, domain-name, domain-name-servers, host-name,
-+.BR
-+ nis-domain, nis-servers, ntp-servers, interface-mtu
-+
-+.TP
-+.B -R
-+option does not append options to the default request, it overrides the
-+default request list. Keep this in mind if you want to request an
-+additional option besides the default request list. You will have to
-+specify all option names for the
-+.B -R
-+parameter.
-+
-+.TP
-+.BI \-timeout\ <timeout>
-+Specify the time after which
-+.B dhclient
-+will decide that no DHCP servers can be contacted when no responses have been
-+received.
-+
- .TP
- .BI \-n
- Do not configure any interfaces. This is most likely to be useful in
-diff -up dhcp-4.2.1b1/client/dhclient.conf.5.man dhcp-4.2.1b1/client/dhclient.conf.5
---- dhcp-4.2.1b1/client/dhclient.conf.5.man 2010-09-15 01:03:56.000000000 +0200
-+++ dhcp-4.2.1b1/client/dhclient.conf.5 2011-01-27 18:22:56.000000000 +0100
-@@ -186,7 +186,8 @@ responding to the client send the client
- options. Only the option names should be specified in the request
- statement - not option parameters. By default, the DHCPv4 client
- requests the subnet-mask, broadcast-address, time-offset, routers,
--domain-name, domain-name-servers and host-name options while the DHCPv6
-+domain-search, domain-name, domain-name-servers, host-name, nis-domain,
-+nis-servers, ntp-servers and interface-mtu options while the DHCPv6
- client requests the dhcp6 name-servers and domain-search options. Note
- that if you enter a \'request\' statement, you over-ride these defaults
- and these options will not be requested.
-@@ -672,6 +673,17 @@ know the DHCP service(s) anycast MAC add
- client. The \fIlink-type\fR and \fImac-address\fR parameters are configured
- in a similar manner to the \fBhardware\fR statement.
- .PP
-+ \fBbootp-broadcast-always;\fR
-+.PP
-+The
-+.B bootp-broadcast-always
-+statement instructs dhclient to always set the bootp broadcast flag in
-+request packets, so that servers will always broadcast replies.
-+This is equivalent to supplying the dhclient -B argument, and has
-+the same effect as specifying 'always-broadcast' in the server's dhcpd.conf.
-+This option is provided as an extension to enable dhclient to work
-+on IBM s390 Linux guests.
-+.PP
- .SH SAMPLE
- The following configuration file is used on a laptop running NetBSD
- 1.3. The laptop has an IP alias of 192.5.5.213, and has one
-@@ -697,7 +709,7 @@ interface "ep0" {
- supersede domain-search "fugue.com", "rc.vix.com", "home.vix.com";
- prepend domain-name-servers 127.0.0.1;
- request subnet-mask, broadcast-address, time-offset, routers,
-- domain-name, domain-name-servers, host-name;
-+ domain-search, domain-name, domain-name-servers, host-name;
- require subnet-mask, domain-name-servers;
- script "CLIENTBINDIR/dhclient-script";
- media "media 10baseT/UTP", "media 10base2/BNC";
-diff -up dhcp-4.2.1b1/client/dhclient-script.8.man dhcp-4.2.1b1/client/dhclient-script.8
---- dhcp-4.2.1b1/client/dhclient-script.8.man 2010-07-06 21:03:11.000000000 +0200
-+++ dhcp-4.2.1b1/client/dhclient-script.8 2011-01-27 18:24:44.000000000 +0100
-@@ -47,7 +47,7 @@ customizations are needed, they should b
+diff -up dhcp-4.3.0a1/client/dhclient-script.8.man dhcp-4.3.0a1/client/dhclient-script.8
+--- dhcp-4.3.0a1/client/dhclient-script.8.man 2013-12-11 01:01:02.000000000 +0100
++++ dhcp-4.3.0a1/client/dhclient-script.8 2013-12-19 15:27:17.617118805 +0100
+@@ -48,7 +48,7 @@ customizations are needed, they should b
exit hooks provided (see HOOKS for details). These hooks will allow the
user to override the default behaviour of the client in creating a
.B /etc/resolv.conf
.PP
No standard client script exists for some operating systems, even though
the actual client may work, so a pioneering user may well need to create
-@@ -91,6 +91,26 @@ present. The
+@@ -92,6 +92,26 @@ present. The
.B ETCDIR/dhclient-exit-hooks
script can modify the valid of exit_status to change the exit status
of dhclient-script.
.SH OPERATION
When dhclient needs to invoke the client configuration script, it
defines a set of variables in the environment, and then invokes
-diff -up dhcp-4.2.1b1/common/dhcp-options.5.man dhcp-4.2.1b1/common/dhcp-options.5
---- dhcp-4.2.1b1/common/dhcp-options.5.man 2010-07-13 22:56:56.000000000 +0200
-+++ dhcp-4.2.1b1/common/dhcp-options.5 2011-01-27 18:25:57.000000000 +0100
-@@ -913,6 +913,21 @@ classless IP routing - it does not inclu
+diff -up dhcp-4.3.0a1/client/dhclient.conf.5.man dhcp-4.3.0a1/client/dhclient.conf.5
+--- dhcp-4.3.0a1/client/dhclient.conf.5.man 2013-12-11 01:01:02.000000000 +0100
++++ dhcp-4.3.0a1/client/dhclient.conf.5 2013-12-19 15:27:17.617118805 +0100
+@@ -202,7 +202,8 @@ responding to the client send the client
+ options. Only the option names should be specified in the request
+ statement - not option parameters. By default, the DHCPv4 client
+ requests the subnet-mask, broadcast-address, time-offset, routers,
+-domain-name, domain-name-servers and host-name options while the DHCPv6
++domain-search, domain-name, domain-name-servers, host-name, nis-domain,
++nis-servers, ntp-servers and interface-mtu options while the DHCPv6
+ client requests the dhcp6 name-servers and domain-search options. Note
+ that if you enter a \'request\' statement, you over-ride these defaults
+ and these options will not be requested.
+@@ -688,6 +689,17 @@ know the DHCP service(s) anycast MAC add
+ client. The \fIlink-type\fR and \fImac-address\fR parameters are configured
+ in a similar manner to the \fBhardware\fR statement.
+ .PP
++ \fBbootp-broadcast-always;\fR
++.PP
++The
++.B bootp-broadcast-always
++statement instructs dhclient to always set the bootp broadcast flag in
++request packets, so that servers will always broadcast replies.
++This is equivalent to supplying the dhclient -B argument, and has
++the same effect as specifying 'always-broadcast' in the server's dhcpd.conf.
++This option is provided as an extension to enable dhclient to work
++on IBM s390 Linux guests.
++.PP
+ .SH SAMPLE
+ The following configuration file is used on a laptop running NetBSD
+ 1.3. The laptop has an IP alias of 192.5.5.213, and has one
+@@ -713,7 +725,7 @@ interface "ep0" {
+ supersede domain-search "fugue.com", "rc.vix.com", "home.vix.com";
+ prepend domain-name-servers 127.0.0.1;
+ request subnet-mask, broadcast-address, time-offset, routers,
+- domain-name, domain-name-servers, host-name;
++ domain-search, domain-name, domain-name-servers, host-name;
+ require subnet-mask, domain-name-servers;
+ script "CLIENTBINDIR/dhclient-script";
+ media "media 10baseT/UTP", "media 10base2/BNC";
+diff -up dhcp-4.3.0a1/common/dhcp-options.5.man dhcp-4.3.0a1/common/dhcp-options.5
+--- dhcp-4.3.0a1/common/dhcp-options.5.man 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/dhcp-options.5 2013-12-19 15:27:17.618118791 +0100
+@@ -914,6 +914,21 @@ classless IP routing - it does not inclu
classless IP routing is now the most widely deployed routing standard,
this option is virtually useless, and is not implemented by any of the
popular DHCP clients, for example the Microsoft DHCP client.
.RE
.PP
.nf
-diff -up dhcp-4.2.1b1/server/dhcpd.conf.5.man dhcp-4.2.1b1/server/dhcpd.conf.5
---- dhcp-4.2.1b1/server/dhcpd.conf.5.man 2010-07-06 21:03:12.000000000 +0200
-+++ dhcp-4.2.1b1/server/dhcpd.conf.5 2011-01-27 18:29:12.000000000 +0100
-@@ -519,6 +519,9 @@ pool {
+diff -up dhcp-4.3.0a1/server/dhcpd.conf.5.man dhcp-4.3.0a1/server/dhcpd.conf.5
+--- dhcp-4.3.0a1/server/dhcpd.conf.5.man 2013-12-13 21:49:44.000000000 +0100
++++ dhcp-4.3.0a1/server/dhcpd.conf.5 2013-12-19 15:30:14.266670962 +0100
+@@ -527,6 +527,9 @@ pool {
};
.fi
.PP
The server currently does very little sanity checking, so if you
configure it wrong, it will just fail in odd ways. I would recommend
therefore that you either do failover or don't do failover, but don't
-@@ -533,9 +536,9 @@ primary server might look like this:
+@@ -541,9 +544,9 @@ primary server might look like this:
failover peer "foo" {
primary;
address anthrax.rc.vix.com;
max-response-delay 60;
max-unacked-updates 10;
mclt 3600;
-@@ -1305,7 +1308,7 @@ the zone containing PTR records - for IS
+@@ -1241,7 +1244,7 @@ the zone containing PTR records - for IS
.PP
.nf
key DHCP_UPDATER {
secret pRP5FapFoJ95JEL06sv4PQ==;
};
-@@ -1328,7 +1331,7 @@ dhcpd.conf file:
+@@ -1264,7 +1267,7 @@ dhcpd.conf file:
.PP
.nf
key DHCP_UPDATER {
secret pRP5FapFoJ95JEL06sv4PQ==;
};
-@@ -2540,7 +2543,8 @@ statement
+@@ -2539,7 +2542,8 @@ statement
The \fInext-server\fR statement is used to specify the host address of
the server from which the initial boot file (specified in the
- \fIfilename\fR statement) is to be loaded. \fIServer-name\fR should
+ \fIfilename\fR statement) is to be loaded. \fIServer-name\fR should
-be a numeric IP address or a domain name.
+be a numeric IP address or a domain name. If no \fInext-server\fR statement
+applies to a given client, the address 0.0.0.0 is used.
--- /dev/null
+diff -up dhcp-4.3.1b1/client/dhclient.c.dlTsyN dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.dlTsyN 2014-07-10 17:49:49.882925843 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:50:26.922402550 +0200
+@@ -1748,11 +1748,6 @@ int write_host (host)
+ return 0;
+ }
+
+-void db_startup (testp)
+- int testp;
+-{
+-}
+-
+ void bootp (packet)
+ struct packet *packet;
+ {
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN 2014-07-10 17:48:03.798424601 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:50:26.923402536 +0200
+@@ -2866,7 +2866,11 @@ void commit_leases_timeout (void *);
+ void commit_leases_readerdry(void *);
+ int commit_leases (void);
+ int commit_leases_timed (void);
++#if defined (PARANOIA)
++void db_startup (int, uid_t, gid_t);
++#else
+ void db_startup (int);
++#endif /* PARANOIA */
+ int new_lease_file (void);
+ int group_writer (struct group_object *);
+ int write_ia(const struct ia_xx *);
+diff -up dhcp-4.3.1b1/server/confpars.c.dlTsyN dhcp-4.3.1b1/server/confpars.c
+--- dhcp-4.3.1b1/server/confpars.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200
++++ dhcp-4.3.1b1/server/confpars.c 2014-07-10 17:50:26.924402522 +0200
+@@ -219,7 +219,11 @@ void trace_conf_input (trace_type_t *tty
+ }
+
+ if (!leaseconf_initialized && ttype == trace_readleases_type) {
++#if defined (PARANOIA)
++ db_startup (0, 0, 0);
++#else
+ db_startup (0);
++#endif /* PARANOIA */
+ leaseconf_initialized = 1;
+ postdb_startup ();
+ }
+diff -up dhcp-4.3.1b1/server/db.c.dlTsyN dhcp-4.3.1b1/server/db.c
+--- dhcp-4.3.1b1/server/db.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200
++++ dhcp-4.3.1b1/server/db.c 2014-07-10 17:50:26.925402508 +0200
+@@ -42,6 +42,10 @@ static int counting = 0;
+ static int count = 0;
+ TIME write_time;
+ int lease_file_is_corrupt = 0;
++#if defined (PARANOIA)
++uid_t global_set_uid = 0;
++gid_t global_set_gid = 0;
++#endif /* PARANOIA */
+
+ /* Write a single binding scope value in parsable format.
+ */
+@@ -1046,8 +1050,11 @@ int commit_leases_timed()
+ return (1);
+ }
+
+-void db_startup (testp)
+- int testp;
++#if defined (PARANOIA)
++void db_startup (int testp, uid_t set_uid, gid_t set_gid)
++#else
++void db_startup (int testp)
++#endif /* PARANOIA */
+ {
+ isc_result_t status;
+
+@@ -1066,6 +1073,11 @@ void db_startup (testp)
+ }
+ #endif
+
++#if defined (PARANOIA)
++ global_set_uid = set_uid;
++ global_set_gid = set_gid;
++#endif /* PARANOIA */
++
+ #if defined (TRACING)
+ /* If we're playing back, there is no lease file, so we can't
+ append it, so we create one immediately (maybe this isn't
+@@ -1128,6 +1140,17 @@ int new_lease_file ()
+ log_error ("Can't create new lease file: %m");
+ return 0;
+ }
++
++#if defined (PARANOIA)
++ if (global_set_uid && !geteuid() &&
++ global_set_gid && !getegid())
++ if (fchown(db_fd, global_set_uid, global_set_gid)) {
++ log_fatal ("Can't chown new lease file: %m");
++ close(db_fd);
++ goto fdfail;
++ }
++#endif /* PARANOIA */
++
+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
+ log_error("Can't fdopen new lease file: %m");
+ close(db_fd);
+diff -up dhcp-4.3.1b1/server/dhcpd.8.dlTsyN dhcp-4.3.1b1/server/dhcpd.8
+--- dhcp-4.3.1b1/server/dhcpd.8.dlTsyN 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/server/dhcpd.8 2014-07-10 17:50:26.925402508 +0200
+@@ -82,6 +82,18 @@ dhcpd - Dynamic Host Configuration Proto
+ .I trace-output-file
+ ]
+ [
++.B -user
++.I user
++]
++[
++.B -group
++.I group
++]
++[
++.B -chroot
++.I dir
++]
++[
+ .B -play
+ .I trace-playback-file
+ ]
+@@ -269,6 +281,15 @@ lease file.
+ .TP
+ .BI --version
+ Print version number and exit.
++.TP
++.BI \-user \ user
++Setuid to user after completing privileged operations, such as creating sockets that listen on privileged ports.
++.TP
++.BI \-group \ group
++Setgid to group after completing privileged operations, such as creating sockets that listen on privileged ports.
++.TP
++.BI \-chroot \ dir
++Chroot to directory after processing the command line arguments, but before reading the configuration file.
+ .PP
+ .I Modifying default file locations:
+ The following options can be used to modify the locations
+diff -up dhcp-4.3.1b1/server/dhcpd.c.dlTsyN dhcp-4.3.1b1/server/dhcpd.c
+--- dhcp-4.3.1b1/server/dhcpd.c.dlTsyN 2014-07-10 17:39:25.802764582 +0200
++++ dhcp-4.3.1b1/server/dhcpd.c 2014-07-10 17:52:35.341588248 +0200
+@@ -628,7 +628,11 @@ main(int argc, char **argv) {
+ group_write_hook = group_writer;
+
+ /* Start up the database... */
++#if defined (PARANOIA)
++ db_startup (lftest, set_uid, set_gid);
++#else
+ db_startup (lftest);
++#endif /* PARANOIA */
+
+ if (lftest)
+ exit (0);
-diff -up dhcp-4.2.0/includes/dhcpd.h.paths dhcp-4.2.0/includes/dhcpd.h
---- dhcp-4.2.0/includes/dhcpd.h.paths 2010-07-21 13:55:42.000000000 +0200
-+++ dhcp-4.2.0/includes/dhcpd.h 2010-07-21 14:29:57.000000000 +0200
-@@ -1390,15 +1390,15 @@ typedef unsigned char option_mask [16];
+--- expanded_org/includes/dhcpd.h Wed Aug 06 23:35:02 2014
++++ expanded_patched_51_4_2_0_paths_patch/includes/dhcpd.h Mon Feb 16 13:22:11 2015
+@@ -1424,15 +1424,15 @@
#else /* !DEBUG */
#ifndef _PATH_DHCPD_CONF
#endif
#ifndef _PATH_DHCPD_PID
-@@ -1412,7 +1412,7 @@ typedef unsigned char option_mask [16];
+@@ -1446,7 +1446,7 @@
#endif /* DEBUG */
#ifndef _PATH_DHCLIENT_CONF
#endif
#ifndef _PATH_DHCLIENT_SCRIPT
-@@ -1428,11 +1428,11 @@ typedef unsigned char option_mask [16];
+@@ -1462,11 +1462,11 @@
#endif
#ifndef _PATH_DHCLIENT_DB
-diff -up dhcp-4.2.0/client/dhclient.c.ifup dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.ifup 2010-07-21 13:30:10.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 13:37:03.000000000 +0200
-@@ -497,9 +497,81 @@ main(int argc, char **argv) {
- kill(oldpid, SIGTERM);
+diff -up dhcp-4.3.0a1/client/dhclient.c.ifup dhcp-4.3.0a1/client/dhclient.c
+--- dhcp-4.3.0a1/client/dhclient.c.ifup 2013-12-19 14:53:08.817760677 +0100
++++ dhcp-4.3.0a1/client/dhclient.c 2013-12-19 15:05:16.290518574 +0100
+@@ -521,9 +521,81 @@ main(int argc, char **argv) {
+ }
}
fclose(pidfd);
+ } else {
--- /dev/null
+diff -up dhcp-4.3.1b1/client/Makefile.am.brGmwh dhcp-4.3.1b1/client/Makefile.am
+--- dhcp-4.3.1b1/client/Makefile.am.brGmwh 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/Makefile.am 2014-07-10 17:36:30.484250976 +0200
+@@ -10,8 +10,8 @@ dhclient_SOURCES = clparse.c dhclient.c
+ scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
+ scripts/netbsd scripts/nextstep scripts/openbsd \
+ scripts/solaris scripts/openwrt
+-dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../bind/lib/libirs.a \
+- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a
++dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
+ EXTRA_DIST = $(man_MANS)
+
+diff -up dhcp-4.3.1b1/common/tests/Makefile.am.brGmwh dhcp-4.3.1b1/common/tests/Makefile.am
+--- dhcp-4.3.1b1/common/tests/Makefile.am.brGmwh 2014-07-10 17:36:30.485250962 +0200
++++ dhcp-4.3.1b1/common/tests/Makefile.am 2014-07-10 17:38:04.010924566 +0200
+@@ -13,21 +13,20 @@ ATF_TESTS += alloc_unittest dns_unittest
+ alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
+ alloc_unittest_LDADD = $(ATF_LDFLAGS)
+ alloc_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a ../../bind/lib/libirs.a \
+- ../../bind/lib/libdns.a ../../bind/lib/libisccfg.a ../../bind/lib/libisc.a
++ ../../omapip/libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ dns_unittest_SOURCES = dns_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
+ dns_unittest_LDADD = $(ATF_LDFLAGS)
+ dns_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a ../../bind/lib/libirs.a \
+- ../../bind/lib/libdns.a ../../bind/lib/libisccfg.a ../../bind/lib/libisc.a
++ ../../omapip/libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ misc_unittest_SOURCES = misc_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
+ misc_unittest_LDADD = $(ATF_LDFLAGS)
+ misc_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a ../../bind/lib/libirs.a \
+- ../../bind/lib/libdns.a ../../bind/lib/libisccfg.a ../../bind/lib/libisc.a
+-
++ ../../omapip/libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ check: $(ATF_TESTS)
+ atf-run | atf-report
+
+diff -up dhcp-4.3.1b1/configure.ac.brGmwh dhcp-4.3.1b1/configure.ac
+--- dhcp-4.3.1b1/configure.ac.brGmwh 2014-07-02 20:01:26.000000000 +0200
++++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:36:30.485250962 +0200
+@@ -562,20 +562,37 @@ AC_CHECK_MEMBER(struct msghdr.msg_contro
+
+ libbind=
+ AC_ARG_WITH(libbind,
+- AS_HELP_STRING([--with-libbind=PATH],[bind includes and libraries are in PATH
+- (default is ./bind)]),
++ AS_HELP_STRING([--with-libbind=PATH],[bind includes are in PATH
++ (default is ./bind/includes)]),
+ use_libbind="$withval", use_libbind="no")
+ case "$use_libbind" in
++yes|no)
++ libbind="\${top_srcdir}/bind/include"
++ ;;
++*)
++ libbind="$use_libbind"
++ ;;
++esac
++
++BIND9_LIBDIR='-L$(top_builddir)/bind/lib'
++AC_ARG_WITH(libbind-libs,
++ AC_HELP_STRING([--with-libbind-libs=PATH],
++ [bind9 export libraries are in PATH]),
++ [libbind_libs="$withval"], [libbind_libs='no'])
++case "$libbind_libs" in
+ yes)
+- libbind="\${top_srcdir}/bind"
++ AC_MSG_ERROR([Specify path to bind9 libraries])
+ ;;
+ no)
+- libbind="\${top_srcdir}/bind"
++ BUNDLED_BIND=yes
+ ;;
+ *)
+- libbind="$use_libbind"
++ BIND9_LIBDIR="-L$libbind_libs"
++ BUNDLED_BIND=no
+ ;;
+ esac
++AM_CONDITIONAL([BUNDLED_BIND], [test "$BUNDLED_BIND" = yes])
++AC_SUBST([BIND9_LIBDIR])
+
+ # OpenLDAP support.
+ AC_ARG_WITH(ldap,
+@@ -610,7 +627,7 @@ fi
+ CFLAGS="$CFLAGS $STD_CWARNINGS"
+
+ # Try to add the bind include directory
+-CFLAGS="$CFLAGS -I$libbind/include"
++CFLAGS="$CFLAGS -I$libbind"
+
+ case "$host" in
+ *-darwin*)
+diff -up dhcp-4.3.1b1/dhcpctl/Makefile.am.brGmwh dhcp-4.3.1b1/dhcpctl/Makefile.am
+--- dhcp-4.3.1b1/dhcpctl/Makefile.am.brGmwh 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/dhcpctl/Makefile.am 2014-07-10 17:36:30.485250962 +0200
+@@ -6,12 +6,9 @@ EXTRA_DIST = $(man_MANS)
+
+ omshell_SOURCES = omshell.c
+ omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
+- ../bind/lib/libirs.a ../bind/lib/libdns.a \
+- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
+-
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
+
+ cltest_SOURCES = cltest.c
+ cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
+- ../bind/lib/libirs.a ../bind/lib/libdns.a \
+- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+diff -up dhcp-4.3.1b1/Makefile.am.brGmwh dhcp-4.3.1b1/Makefile.am
+--- dhcp-4.3.1b1/Makefile.am.brGmwh 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/Makefile.am 2014-07-10 17:36:30.484250976 +0200
+@@ -25,7 +25,13 @@ EXTRA_DIST = RELNOTES LICENSE \
+ bind/Makefile bind/bind.tar.gz bind/version.tmp \
+ common/tests/Atffile server/tests/Atffile
+
+-SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
++if BUNDLED_BIND
++SUBDIRS = bind
++else
++SUBDIRS =
++endif
++
++SUBDIRS += includes tests common dst omapip client dhcpctl relay server
+
+ nobase_include_HEADERS = dhcpctl/dhcpctl.h
+
+diff -up dhcp-4.3.1b1/omapip/Makefile.am.brGmwh dhcp-4.3.1b1/omapip/Makefile.am
+--- dhcp-4.3.1b1/omapip/Makefile.am.brGmwh 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/omapip/Makefile.am 2014-07-10 17:36:30.486250948 +0200
+@@ -10,6 +10,5 @@ man_MANS = omapi.3
+ EXTRA_DIST = $(man_MANS)
+
+ svtest_SOURCES = test.c
+-svtest_LDADD = libomapi.a ../bind/lib/libirs.a ../bind/lib/libdns.a \
+- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
+-
++svtest_LDADD = libomapi.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+diff -up dhcp-4.3.1b1/relay/Makefile.am.brGmwh dhcp-4.3.1b1/relay/Makefile.am
+--- dhcp-4.3.1b1/relay/Makefile.am.brGmwh 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/relay/Makefile.am 2014-07-10 17:36:30.486250948 +0200
+@@ -3,8 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
+ sbin_PROGRAMS = dhcrelay
+ dhcrelay_SOURCES = dhcrelay.c
+ dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+- ../bind/lib/libirs.a ../bind/lib/libdns.a \
+- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ man_MANS = dhcrelay.8
+ EXTRA_DIST = $(man_MANS)
+
+diff -up dhcp-4.3.1b1/server/Makefile.am.brGmwh dhcp-4.3.1b1/server/Makefile.am
+--- dhcp-4.3.1b1/server/Makefile.am.brGmwh 2014-07-02 19:58:39.000000000 +0200
++++ dhcp-4.3.1b1/server/Makefile.am 2014-07-10 17:36:30.486250948 +0200
+@@ -13,10 +13,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
+ dhcpv6.c mdb6.c ldap.c ldap_casa.c
+
+ dhcpd_CFLAGS = $(LDAP_CFLAGS)
+-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+- ../dhcpctl/libdhcpctl.a ../bind/lib/libirs.a \
+- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a
+-
++dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dhcpctl/libdhcpctl.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
+ EXTRA_DIST = $(man_MANS)
+
+diff -up dhcp-4.3.1b1/server/tests/Makefile.am.brGmwh dhcp-4.3.1b1/server/tests/Makefile.am
+--- dhcp-4.3.1b1/server/tests/Makefile.am.brGmwh 2014-07-02 19:58:40.000000000 +0200
++++ dhcp-4.3.1b1/server/tests/Makefile.am 2014-07-10 17:36:30.486250948 +0200
+@@ -18,9 +18,8 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
+ ../ldap.c ../ldap_casa.c ../dhcpd.c
+
+ DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
+- $(top_builddir)/dhcpctl/libdhcpctl.a $(top_builddir)/bind/lib/libirs.a \
+- $(top_builddir)/bind/lib/libdns.a $(top_builddir)/bind/lib/libisccfg.a \
+- $(top_builddir)/bind/lib/libisc.a
++ $(top_builddir)/dhcpctl/libdhcpctl.a \
++ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ ATF_TESTS =
+ TESTS =
-diff -up dhcp-4.2.2b1/client/clparse.c.rfc3442 dhcp-4.2.2b1/client/clparse.c
---- dhcp-4.2.2b1/client/clparse.c.rfc3442 2011-07-01 14:22:38.031534508 +0200
-+++ dhcp-4.2.2b1/client/clparse.c 2011-07-01 14:22:38.128532940 +0200
-@@ -37,7 +37,7 @@
+diff -up dhcp-4.3.0rc1/client/clparse.c.rfc3442 dhcp-4.3.0rc1/client/clparse.c
+--- dhcp-4.3.0rc1/client/clparse.c.rfc3442 2014-01-29 10:05:48.474400352 +0100
++++ dhcp-4.3.0rc1/client/clparse.c 2014-01-29 10:05:48.517399955 +0100
+@@ -31,7 +31,7 @@
struct client_config top_level_config;
struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1];
static void parse_client_default_duid(struct parse *cfile);
-@@ -82,7 +82,11 @@ isc_result_t read_client_conf ()
+@@ -84,7 +84,11 @@ isc_result_t read_client_conf ()
dhcp_universe.code_hash, &code, 0, MDL);
/* 4 */
option_code_hash_lookup(&default_requested_options[3],
dhcp_universe.code_hash, &code, 0, MDL);
-@@ -136,6 +140,11 @@ isc_result_t read_client_conf ()
+@@ -138,6 +142,11 @@ isc_result_t read_client_conf ()
option_code_hash_lookup(&default_requested_options[13],
dhcp_universe.code_hash, &code, 0, MDL);
for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
if (default_requested_options[code] == NULL)
log_fatal("Unable to find option definition for "
-diff -up dhcp-4.2.2b1/common/dhcp-options.5.rfc3442 dhcp-4.2.2b1/common/dhcp-options.5
---- dhcp-4.2.2b1/common/dhcp-options.5.rfc3442 2011-07-01 14:22:38.020534686 +0200
-+++ dhcp-4.2.2b1/common/dhcp-options.5 2011-07-01 14:22:38.129532924 +0200
-@@ -115,6 +115,26 @@ hexadecimal, separated by colons. For
+diff -up dhcp-4.3.0rc1/common/dhcp-options.5.rfc3442 dhcp-4.3.0rc1/common/dhcp-options.5
+--- dhcp-4.3.0rc1/common/dhcp-options.5.rfc3442 2014-01-29 10:05:48.466400426 +0100
++++ dhcp-4.3.0rc1/common/dhcp-options.5 2014-01-29 10:05:48.518399945 +0100
+@@ -111,6 +111,26 @@ hexadecimal, separated by colons. For e
or
option dhcp-client-identifier 43:4c:49:45:54:2d:46:4f:4f;
.fi
+.fi
.SH SETTING OPTION VALUES USING EXPRESSIONS
Sometimes it's helpful to be able to set the value of a DHCP option
- based on some value that the client has sent. To do this, you can
-@@ -931,6 +951,29 @@ dhclient-script will create routes:
+ based on some value that the client has sent. To do this, you can
+@@ -972,6 +992,29 @@ dhclient-script will create routes:
.RE
.PP
.nf
.B option \fBstreettalk-directory-assistance-server\fR \fIip-address\fR
[\fB,\fR \fIip-address\fR...]\fB;\fR
.fi
-diff -up dhcp-4.2.2b1/common/inet.c.rfc3442 dhcp-4.2.2b1/common/inet.c
---- dhcp-4.2.2b1/common/inet.c.rfc3442 2011-05-11 02:47:22.000000000 +0200
-+++ dhcp-4.2.2b1/common/inet.c 2011-07-01 14:22:38.130532908 +0200
-@@ -528,6 +528,60 @@ free_iaddrcidrnetlist(struct iaddrcidrne
+diff -up dhcp-4.3.0rc1/common/inet.c.rfc3442 dhcp-4.3.0rc1/common/inet.c
+--- dhcp-4.3.0rc1/common/inet.c.rfc3442 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/common/inet.c 2014-01-29 10:05:48.519399936 +0100
+@@ -521,6 +521,60 @@ free_iaddrcidrnetlist(struct iaddrcidrne
return ISC_R_SUCCESS;
}
/* piaddr() turns an iaddr structure into a printable address. */
/* XXX: should use a const pointer rather than passing the structure */
const char *
-diff -up dhcp-4.2.2b1/common/options.c.rfc3442 dhcp-4.2.2b1/common/options.c
---- dhcp-4.2.2b1/common/options.c.rfc3442 2011-03-24 22:57:13.000000000 +0100
-+++ dhcp-4.2.2b1/common/options.c 2011-07-01 14:22:38.132532876 +0200
-@@ -706,7 +706,11 @@ cons_options(struct packet *inpacket, st
+diff -up dhcp-4.3.0rc1/common/options.c.rfc3442 dhcp-4.3.0rc1/common/options.c
+--- dhcp-4.3.0rc1/common/options.c.rfc3442 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/common/options.c 2014-01-29 10:05:48.520399927 +0100
+@@ -707,7 +707,11 @@ cons_options(struct packet *inpacket, st
* packet.
*/
priority_list[priority_len++] = DHO_SUBNET_MASK;
priority_list[priority_len++] = DHO_DOMAIN_NAME_SERVERS;
priority_list[priority_len++] = DHO_HOST_NAME;
priority_list[priority_len++] = DHO_FQDN;
-@@ -1683,6 +1687,7 @@ const char *pretty_print_option (option,
- const unsigned char *dp = data;
- char comma;
+@@ -1688,6 +1692,7 @@ const char *pretty_print_option (option,
unsigned long tval;
-+ unsigned int octets = 0;
+ isc_boolean_t a_array = ISC_FALSE;
+ int len_used;
++ unsigned int octets = 0;
if (emit_commas)
comma = ',';
-@@ -1691,6 +1696,7 @@ const char *pretty_print_option (option,
+@@ -1696,6 +1701,7 @@ const char *pretty_print_option (option,
memset (enumbuf, 0, sizeof enumbuf);
/* Figure out the size of the data. */
for (l = i = 0; option -> format [i]; i++, l++) {
if (l >= sizeof(fmtbuf) - 1)
-@@ -1840,6 +1846,33 @@ const char *pretty_print_option (option,
+@@ -1870,6 +1876,33 @@ const char *pretty_print_option (option,
if (numhunk < 0)
numhunk = 1;
+
/* Cycle through the array (or hunk) printing the data. */
for (i = 0; i < numhunk; i++) {
- for (j = 0; j < numelem; j++) {
-@@ -1978,6 +2011,20 @@ const char *pretty_print_option (option,
+ if ((a_array == ISC_TRUE) && (i != 0) && (numelem > 0)) {
+@@ -2025,6 +2058,20 @@ const char *pretty_print_option (option,
strcpy(op, piaddr(iaddr));
dp += 4;
break;
case '6':
iaddr.len = 16;
memcpy(iaddr.iabuf, dp, 16);
-diff -up dhcp-4.2.2b1/common/parse.c.rfc3442 dhcp-4.2.2b1/common/parse.c
---- dhcp-4.2.2b1/common/parse.c.rfc3442 2011-07-01 14:22:38.097533441 +0200
-+++ dhcp-4.2.2b1/common/parse.c 2011-07-01 14:22:38.135532828 +0200
-@@ -341,6 +341,39 @@ int parse_ip_addr (cfile, addr)
+diff -up dhcp-4.3.0rc1/common/parse.c.rfc3442 dhcp-4.3.0rc1/common/parse.c
+--- dhcp-4.3.0rc1/common/parse.c.rfc3442 2014-01-29 10:05:48.491400195 +0100
++++ dhcp-4.3.0rc1/common/parse.c 2014-01-29 10:05:48.522399908 +0100
+@@ -335,6 +335,39 @@ int parse_ip_addr (cfile, addr)
}
/*
* Return true if every character in the string is hexadecimal.
*/
static int
-@@ -700,8 +733,10 @@ unsigned char *parse_numeric_aggregate (
+@@ -713,8 +746,10 @@ unsigned char *parse_numeric_aggregate (
if (count) {
token = peek_token (&val, (unsigned *)0, cfile);
if (token != separator) {
if (token != RBRACE && token != LBRACE)
token = next_token (&val,
(unsigned *)0,
-@@ -1624,6 +1659,9 @@ int parse_option_code_definition (cfile,
+@@ -1654,6 +1689,9 @@ int parse_option_code_definition (cfile,
case IP_ADDRESS:
type = 'I';
break;
case IP6_ADDRESS:
type = '6';
break;
-@@ -5288,6 +5326,15 @@ int parse_option_token (rv, cfile, fmt,
+@@ -5071,6 +5109,15 @@ int parse_option_token (rv, cfile, fmt,
}
break;
case '6': /* IPv6 address. */
if (!parse_ip6_addr(cfile, &addr)) {
return 0;
-@@ -5548,6 +5595,13 @@ int parse_option_decl (oc, cfile)
+@@ -5348,6 +5395,13 @@ int parse_option_decl (oc, cfile)
goto exit;
len = ip_addr.len;
dp = ip_addr.iabuf;
alloc:
if (hunkix + len > sizeof hunkbuf) {
-diff -up dhcp-4.2.2b1/common/tables.c.rfc3442 dhcp-4.2.2b1/common/tables.c
---- dhcp-4.2.2b1/common/tables.c.rfc3442 2011-07-01 14:22:38.087533601 +0200
-+++ dhcp-4.2.2b1/common/tables.c 2011-07-01 14:22:38.137532796 +0200
-@@ -51,6 +51,7 @@ HASH_FUNCTIONS (option_code, const unsig
+diff -up dhcp-4.3.0rc1/common/tables.c.rfc3442 dhcp-4.3.0rc1/common/tables.c
+--- dhcp-4.3.0rc1/common/tables.c.rfc3442 2014-01-29 10:05:48.485400250 +0100
++++ dhcp-4.3.0rc1/common/tables.c 2014-01-29 10:06:25.724038563 +0100
+@@ -46,6 +46,7 @@ HASH_FUNCTIONS (option_code, const unsig
Format codes:
I - IPv4 address
6 - IPv6 address
l - 32-bit signed integer
L - 32-bit unsigned integer
-@@ -208,6 +209,7 @@ static struct option dhcp_options[] = {
- { "default-url", "t", &dhcp_universe, 114, 1 },
+@@ -214,6 +215,7 @@ static struct option dhcp_options[] = {
+ #endif
{ "subnet-selection", "I", &dhcp_universe, 118, 1 },
- { "domain-search", "D", &dhcp_universe, 119, 1 },
+ { "domain-search", "D", &dhcp_universe, 119, 1 },
+ { "classless-static-routes", "RIA", &dhcp_universe, 121, 1 },
{ "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
{ "vivso", "Evendor.", &dhcp_universe, 125, 1 },
#if 0
-diff -up dhcp-4.2.2b1/includes/dhcpd.h.rfc3442 dhcp-4.2.2b1/includes/dhcpd.h
---- dhcp-4.2.2b1/includes/dhcpd.h.rfc3442 2011-07-01 14:22:38.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhcpd.h 2011-07-01 14:24:19.999810333 +0200
-@@ -2662,6 +2662,7 @@ isc_result_t range2cidr(struct iaddrcidr
+diff -up dhcp-4.3.0rc1/includes/dhcpd.h.rfc3442 dhcp-4.3.0rc1/includes/dhcpd.h
+--- dhcp-4.3.0rc1/includes/dhcpd.h.rfc3442 2014-01-29 10:05:48.470400389 +0100
++++ dhcp-4.3.0rc1/includes/dhcpd.h 2014-01-29 10:05:48.525399881 +0100
+@@ -2725,6 +2725,7 @@ isc_result_t range2cidr(struct iaddrcidr
const struct iaddr *lo, const struct iaddr *hi);
isc_result_t free_iaddrcidrnetlist(struct iaddrcidrnetlist **result);
const char *piaddr (struct iaddr);
char *piaddrmask(struct iaddr *, struct iaddr *);
char *piaddrcidr(const struct iaddr *, unsigned int);
u_int16_t validate_port(char *);
-@@ -2869,6 +2870,7 @@ void parse_client_lease_declaration (str
+@@ -2934,6 +2935,7 @@ void parse_client_lease_declaration (str
int parse_option_decl (struct option_cache **, struct parse *);
void parse_string_list (struct parse *, struct string_list **, int);
int parse_ip_addr (struct parse *, struct iaddr *);
int parse_ip_addr_with_subnet(struct parse *, struct iaddrmatch *);
void parse_reject_statement (struct parse *, struct client_config *);
-diff -up dhcp-4.2.2b1/includes/dhcp.h.rfc3442 dhcp-4.2.2b1/includes/dhcp.h
---- dhcp-4.2.2b1/includes/dhcp.h.rfc3442 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/includes/dhcp.h 2011-07-01 14:22:38.145532665 +0200
-@@ -158,6 +158,7 @@ struct dhcp_packet {
+diff -up dhcp-4.3.0rc1/includes/dhcp.h.rfc3442 dhcp-4.3.0rc1/includes/dhcp.h
+--- dhcp-4.3.0rc1/includes/dhcp.h.rfc3442 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/includes/dhcp.h 2014-01-29 10:05:48.524399890 +0100
+@@ -159,6 +159,7 @@ struct dhcp_packet {
#define DHO_ASSOCIATED_IP 92
#define DHO_SUBNET_SELECTION 118 /* RFC3011! */
#define DHO_DOMAIN_SEARCH 119 /* RFC3397 */
#define DHO_VIVCO_SUBOPTIONS 124
#define DHO_VIVSO_SUBOPTIONS 125
-diff -up dhcp-4.2.2b1/includes/dhctoken.h.rfc3442 dhcp-4.2.2b1/includes/dhctoken.h
---- dhcp-4.2.2b1/includes/dhctoken.h.rfc3442 2011-07-01 14:22:37.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhctoken.h 2011-07-01 14:25:12.541867623 +0200
-@@ -362,7 +362,8 @@ enum dhcp_token {
- REWIND = 663,
- INITIAL_DELAY = 664,
- GETHOSTBYNAME = 665,
-- BOOTP_BROADCAST_ALWAYS = 666
-+ BOOTP_BROADCAST_ALWAYS = 666,
-+ DESTINATION_DESCRIPTOR = 667
+diff -up dhcp-4.3.0rc1/includes/dhctoken.h.rfc3442 dhcp-4.3.0rc1/includes/dhctoken.h
+--- dhcp-4.3.0rc1/includes/dhctoken.h.rfc3442 2014-01-29 10:05:48.435400713 +0100
++++ dhcp-4.3.0rc1/includes/dhctoken.h 2014-01-29 10:05:48.526399871 +0100
+@@ -368,7 +368,8 @@ enum dhcp_token {
+ POOL6 = 669,
+ V6RELAY = 670,
+ V6RELOPT = 671,
+- BOOTP_BROADCAST_ALWAYS = 672
++ BOOTP_BROADCAST_ALWAYS = 672,
++ DESTINATION_DESCRIPTOR = 673
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \
-diff -up dhcp-4.2.1-P1/client/dhc6.c.sendDecline dhcp-4.2.1-P1/client/dhc6.c
---- dhcp-4.2.1-P1/client/dhc6.c.sendDecline 2010-09-10 22:27:11.000000000 +0200
-+++ dhcp-4.2.1-P1/client/dhc6.c 2011-06-17 14:19:48.992099868 +0200
-@@ -95,6 +95,8 @@ void do_select6(void *input);
+diff -up dhcp-4.3.0a1/client/dhc6.c.sendDecline dhcp-4.3.0a1/client/dhc6.c
+--- dhcp-4.3.0a1/client/dhc6.c.sendDecline 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/client/dhc6.c 2013-12-19 15:56:18.297660118 +0100
+@@ -96,6 +96,8 @@ void do_select6(void *input);
void do_refresh6(void *input);
static void do_release6(void *input);
static void start_bound(struct client_state *client);
static void start_informed(struct client_state *client);
void informed_handler(struct packet *packet, struct client_state *client);
void bound_handler(struct packet *packet, struct client_state *client);
-@@ -2075,6 +2077,7 @@ start_release6(struct client_state *clie
+@@ -2017,6 +2019,7 @@ start_release6(struct client_state *clie
cancel_timeout(do_select6, client);
cancel_timeout(do_refresh6, client);
cancel_timeout(do_release6, client);
client->state = S_STOPPED;
/*
-@@ -2708,6 +2711,7 @@ dhc6_check_reply(struct client_state *cl
+@@ -2650,6 +2653,7 @@ dhc6_check_reply(struct client_state *cl
break;
case S_STOPPED:
action = dhc6_stop_action;
break;
-@@ -2809,6 +2813,7 @@ dhc6_check_reply(struct client_state *cl
+@@ -2751,6 +2755,7 @@ dhc6_check_reply(struct client_state *cl
break;
case S_STOPPED:
/* Nothing critical to do at this stage. */
break;
-@@ -3799,17 +3804,23 @@ reply_handler(struct packet *packet, str
+@@ -3741,17 +3746,23 @@ reply_handler(struct packet *packet, str
cancel_timeout(do_select6, client);
cancel_timeout(do_refresh6, client);
cancel_timeout(do_release6, client);
return;
}
-@@ -4336,7 +4347,11 @@ start_bound(struct client_state *client)
- oldia, oldaddr);
+@@ -4279,7 +4290,11 @@ start_bound(struct client_state *client)
dhc6_marshall_values("new_", client, lease, ia, addr);
+ script_write_requested6(client);
- script_go(client);
+ // when script returns 3, DAD failed
}
/* XXX: maybe we should loop on the old values instead? */
-@@ -4382,6 +4397,149 @@ start_bound(struct client_state *client)
+@@ -4327,6 +4342,149 @@ start_bound(struct client_state *client)
dhc6_check_times(client);
}
--- /dev/null
+diff -up dhcp-4.3.1b1/common/tests/Makefile.am.uCWMBl dhcp-4.3.1b1/common/tests/Makefile.am
+--- dhcp-4.3.1b1/common/tests/Makefile.am.uCWMBl 2014-07-10 17:38:10.779828569 +0200
++++ dhcp-4.3.1b1/common/tests/Makefile.am 2014-07-10 17:38:21.355678580 +0200
+@@ -13,19 +13,19 @@ ATF_TESTS += alloc_unittest dns_unittest
+ alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
+ alloc_unittest_LDADD = $(ATF_LDFLAGS)
+ alloc_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a \
++ ../../omapip/libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ dns_unittest_SOURCES = dns_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
+ dns_unittest_LDADD = $(ATF_LDFLAGS)
+-dns_unittest_LDADD += ../libdhcp.a \
++dns_unittest_LDADD += ../libdhcp.la \
+ ../../omapip/libomapi.a \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ misc_unittest_SOURCES = misc_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
+ misc_unittest_LDADD = $(ATF_LDFLAGS)
+ misc_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a \
++ ../../omapip/libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ check: $(ATF_TESTS)
+ atf-run | atf-report
+diff -up dhcp-4.3.1b1/configure.ac.uCWMBl dhcp-4.3.1b1/configure.ac
+--- dhcp-4.3.1b1/configure.ac.uCWMBl 2014-07-10 17:38:10.766828753 +0200
++++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:38:10.779828569 +0200
+@@ -39,7 +39,8 @@ fi
+ # Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
+ AC_USE_SYSTEM_EXTENSIONS
+
+-AC_PROG_RANLIB
++# Use libtool to simplify building of shared libraries
++AC_PROG_LIBTOOL
+ AC_CONFIG_HEADERS([includes/config.h])
+
+ # we sometimes need to know byte order for building packets
+diff -up dhcp-4.3.1b1/dhcpctl/Makefile.am.uCWMBl dhcp-4.3.1b1/dhcpctl/Makefile.am
+--- dhcp-4.3.1b1/dhcpctl/Makefile.am.uCWMBl 2014-07-10 17:36:30.485250962 +0200
++++ dhcp-4.3.1b1/dhcpctl/Makefile.am 2014-07-10 17:38:10.780828554 +0200
+@@ -1,14 +1,14 @@
+ bin_PROGRAMS = omshell
+-lib_LIBRARIES = libdhcpctl.a
++lib_LTLIBRARIES = libdhcpctl.la
+ noinst_PROGRAMS = cltest
+ man_MANS = omshell.1 dhcpctl.3
+ EXTRA_DIST = $(man_MANS)
+
+ omshell_SOURCES = omshell.c
+-omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
++omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+-libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
++libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
+
+ cltest_SOURCES = cltest.c
+-cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
++cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+diff -up dhcp-4.3.1b1/omapip/Makefile.am.uCWMBl dhcp-4.3.1b1/omapip/Makefile.am
+--- dhcp-4.3.1b1/omapip/Makefile.am.uCWMBl 2014-07-10 17:36:30.486250948 +0200
++++ dhcp-4.3.1b1/omapip/Makefile.am 2014-07-10 17:38:10.780828554 +0200
+@@ -1,7 +1,7 @@
+-lib_LIBRARIES = libomapi.a
++lib_LTLIBRARIES = libomapi.la
+ noinst_PROGRAMS = svtest
+
+-libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
++libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
+ errwarn.c listener.c dispatch.c generic.c support.c \
+ handle.c message.c convert.c hash.c auth.c inet_addr.c \
+ array.c trace.c toisc.c iscprint.c isclib.c
+@@ -10,5 +10,5 @@ man_MANS = omapi.3
+ EXTRA_DIST = $(man_MANS)
+
+ svtest_SOURCES = test.c
+-svtest_LDADD = libomapi.a \
++svtest_LDADD = libomapi.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+diff -up dhcp-4.3.1b1/server/Makefile.am.uCWMBl dhcp-4.3.1b1/server/Makefile.am
+--- dhcp-4.3.1b1/server/Makefile.am.uCWMBl 2014-07-10 17:36:30.486250948 +0200
++++ dhcp-4.3.1b1/server/Makefile.am 2014-07-10 17:38:10.780828554 +0200
+@@ -13,7 +13,7 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
+ dhcpv6.c mdb6.c ldap.c ldap_casa.c
+
+ dhcpd_CFLAGS = $(LDAP_CFLAGS)
+-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dhcpctl/libdhcpctl.a \
++dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dhcpctl/libdhcpctl.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+ man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
+ EXTRA_DIST = $(man_MANS)
+diff -up dhcp-4.3.1b1/server/tests/Makefile.am.uCWMBl dhcp-4.3.1b1/server/tests/Makefile.am
+--- dhcp-4.3.1b1/server/tests/Makefile.am.uCWMBl 2014-07-10 17:36:30.486250948 +0200
++++ dhcp-4.3.1b1/server/tests/Makefile.am 2014-07-10 17:38:10.780828554 +0200
+@@ -17,8 +17,8 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
+ ../ddns.c ../dhcpleasequery.c ../dhcpv6.c ../mdb6.c \
+ ../ldap.c ../ldap_casa.c ../dhcpd.c
+
+-DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
+- $(top_builddir)/dhcpctl/libdhcpctl.a \
++DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.la \
++ $(top_builddir)/dhcpctl/libdhcpctl.la \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
+
+ ATF_TESTS =
--- /dev/null
+From 61fa3dd9e789997f66e848c7e3fb2f554ee374e2 Mon Sep 17 00:00:00 2001
+From: Jiri Popelka <jpopelka@redhat.com>
+Date: Thu, 18 Dec 2014 11:53:26 +0100
+Subject: [PATCH] Write DUID_LLT even in stateless mode.
+
+By default, DHCPv6 dhclient creates DUID-LL
+if it is running in stateless mode (-6 -S) and
+doesn't write it into leases file, most likely
+because the DUID-LL is always generated the same.
+
+It's however possible to specify DUID to be of type LLT instead of LL
+with '-D LLT'. Rfc 3315 says that:
+'Clients and servers using this type of DUID MUST
+store the DUID-LLT in stable storage.'
+That's not fulfiled in this case (-6 -S -D LLT),
+because it's generated each time again.
+
+It's not a big deal because the server doesn't store any
+info about 'stateless' clients, so it doesn't matter
+that the DUID-LLT is different each time.
+But there's a TAHI test which tests this, i.e. that
+DUID-LLT is still the same even in stateless mode.
+It's a test DHCP_CONF.7.1.9, part B.
+https://www.ipv6ready.org/docs/Phase2_DHCPv6_Conformance_Latest.pdf
+
+Signed-off-by: Jiri Popelka <jpopelka@redhat.com>
+---
+ client/dhclient.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/client/dhclient.c b/client/dhclient.c
+index 5ef59cd..026e3fe 100644
+--- a/client/dhclient.c
++++ b/client/dhclient.c
+@@ -788,7 +788,9 @@ void run_stateless(int exit_mode)
+ if (default_duid.buffer != NULL)
+ data_string_forget(&default_duid, MDL);
+
+- form_duid(&default_duid, MDL);
++ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS &&
++ duid_type == DUID_LLT)
++ write_duid(&default_duid);
+ }
+
+ /* Start a configuration state machine. */
+--
+2.1.0
+
-diff -up dhcp-4.2.0/server/bootp.c.unicast dhcp-4.2.0/server/bootp.c
---- dhcp-4.2.0/server/bootp.c.unicast 2009-11-20 02:49:03.000000000 +0100
-+++ dhcp-4.2.0/server/bootp.c 2010-07-21 13:40:25.000000000 +0200
-@@ -58,6 +58,7 @@ void bootp (packet)
+diff -up dhcp-4.3.0a1/server/bootp.c.unicast dhcp-4.3.0a1/server/bootp.c
+--- dhcp-4.3.0a1/server/bootp.c.unicast 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/bootp.c 2013-12-19 15:12:12.974671154 +0100
+@@ -59,6 +59,7 @@ void bootp (packet)
char msgbuf [1024];
int ignorep;
int peer_has_leases = 0;
if (packet -> raw -> op != BOOTREQUEST)
return;
-@@ -73,7 +74,7 @@ void bootp (packet)
+@@ -74,7 +75,7 @@ void bootp (packet)
? inet_ntoa (packet -> raw -> giaddr)
: packet -> interface -> name);
log_info ("%s: network unknown", msgbuf);
return;
}
-@@ -390,6 +391,13 @@ void bootp (packet)
- from, &to, &hto);
+@@ -396,6 +397,15 @@ void bootp (packet)
+
goto out;
}
+ } else if (norelay == 2) {
+ to.sin_addr = raw.ciaddr;
+ to.sin_port = remote_port;
+ if (fallback_interface) {
-+ result = send_packet (fallback_interface, (struct packet *)0, &raw, outgoing.packet_length, from, &to, &hto);
++ result = send_packet (fallback_interface, NULL, &raw,
++ outgoing.packet_length, from,
++ &to, &hto);
+ goto out;
+ }
/* If it comes from a client that already knows its address
and is not requesting a broadcast response, and we can
-diff -up dhcp-4.2.0/server/dhcp.c.unicast dhcp-4.2.0/server/dhcp.c
---- dhcp-4.2.0/server/dhcp.c.unicast 2010-06-01 19:29:59.000000000 +0200
-+++ dhcp-4.2.0/server/dhcp.c 2010-07-21 13:40:25.000000000 +0200
-@@ -4185,6 +4185,7 @@ int locate_network (packet)
+diff -up dhcp-4.3.0a1/server/dhcp.c.unicast dhcp-4.3.0a1/server/dhcp.c
+--- dhcp-4.3.0a1/server/dhcp.c.unicast 2013-12-13 21:50:38.000000000 +0100
++++ dhcp-4.3.0a1/server/dhcp.c 2013-12-19 15:12:12.975671140 +0100
+@@ -4627,6 +4627,7 @@ int locate_network (packet)
struct data_string data;
struct subnet *subnet = (struct subnet *)0;
struct option_cache *oc;
/* See if there's a Relay Agent Link Selection Option, or a
* Subnet Selection Option. The Link-Select and Subnet-Select
-@@ -4200,12 +4201,24 @@ int locate_network (packet)
+@@ -4642,12 +4643,24 @@ int locate_network (packet)
from the interface, if there is one. If not, fail. */
if (!oc && !packet -> raw -> giaddr.s_addr) {
if (packet -> interface -> shared_network) {
}
/* If there's an option indicating link connection, and it's valid,
-@@ -4228,7 +4241,10 @@ int locate_network (packet)
+@@ -4670,7 +4683,10 @@ int locate_network (packet)
data_string_forget (&data, MDL);
} else {
ia.len = 4;
}
/* If we know the subnet on which the IP address lives, use it. */
-@@ -4236,7 +4252,10 @@ int locate_network (packet)
+@@ -4678,7 +4694,10 @@ int locate_network (packet)
shared_network_reference (&packet -> shared_network,
subnet -> shared_network, MDL);
subnet_dereference (&subnet, MDL);
-diff -up dhcp-4.2.2b1/common/bpf.c.xen dhcp-4.2.2b1/common/bpf.c
---- dhcp-4.2.2b1/common/bpf.c.xen 2009-11-20 02:48:59.000000000 +0100
-+++ dhcp-4.2.2b1/common/bpf.c 2011-07-01 14:00:16.936959001 +0200
-@@ -485,7 +485,7 @@ ssize_t receive_packet (interface, buf,
- offset = decode_udp_ip_header (interface,
- interface -> rbuf,
- interface -> rbuf_offset,
+diff -up dhcp-4.3.0rc1/common/bpf.c.xen dhcp-4.3.0rc1/common/bpf.c
+--- dhcp-4.3.0rc1/common/bpf.c.xen 2014-01-29 10:03:27.503941664 +0100
++++ dhcp-4.3.0rc1/common/bpf.c 2014-01-29 10:03:37.564812175 +0100
+@@ -481,7 +481,7 @@ ssize_t receive_packet (interface, buf,
+ /* Decode the IP and UDP headers... */
+ offset = decode_udp_ip_header(interface, interface->rbuf,
+ interface->rbuf_offset,
- from, hdr.bh_caplen, &paylen);
+ from, hdr.bh_caplen, &paylen, 0);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0) {
-diff -up dhcp-4.2.2b1/common/dlpi.c.xen dhcp-4.2.2b1/common/dlpi.c
---- dhcp-4.2.2b1/common/dlpi.c.xen 2011-05-11 16:20:59.000000000 +0200
-+++ dhcp-4.2.2b1/common/dlpi.c 2011-07-01 14:00:16.937958997 +0200
-@@ -693,7 +693,7 @@ ssize_t receive_packet (interface, buf,
+diff -up dhcp-4.3.0rc1/common/dlpi.c.xen dhcp-4.3.0rc1/common/dlpi.c
+--- dhcp-4.3.0rc1/common/dlpi.c.xen 2014-01-25 05:18:03.000000000 +0100
++++ dhcp-4.3.0rc1/common/dlpi.c 2014-01-29 10:03:27.503941664 +0100
+@@ -691,7 +691,7 @@ ssize_t receive_packet (interface, buf,
length -= offset;
#endif
offset = decode_udp_ip_header (interface, dbuf, bufix,
/*
* If the IP or UDP checksum was bad, skip the packet...
-diff -up dhcp-4.2.2b1/common/lpf.c.xen dhcp-4.2.2b1/common/lpf.c
---- dhcp-4.2.2b1/common/lpf.c.xen 2011-05-10 16:38:58.000000000 +0200
-+++ dhcp-4.2.2b1/common/lpf.c 2011-07-01 14:11:24.725748028 +0200
-@@ -29,19 +29,33 @@
+diff -up dhcp-4.3.0rc1/common/lpf.c.xen dhcp-4.3.0rc1/common/lpf.c
+--- dhcp-4.3.0rc1/common/lpf.c.xen 2014-01-25 05:18:03.000000000 +0100
++++ dhcp-4.3.0rc1/common/lpf.c 2014-01-29 10:03:27.504941651 +0100
+@@ -29,14 +29,15 @@
+
#include "dhcpd.h"
#if defined (USE_LPF_SEND) || defined (USE_LPF_RECEIVE)
- #include <sys/ioctl.h>
+#include <sys/socket.h>
#include <sys/uio.h>
#include <errno.h>
#include "includes/netinet/ip.h"
#include "includes/netinet/udp.h"
#include "includes/netinet/if_ether.h"
- #include <net/if.h>
+@@ -51,6 +52,19 @@
+ /* Reinitializes the specified interface after an address change. This
+ is not required for packet-filter APIs. */
+#ifndef PACKET_AUXDATA
+#define PACKET_AUXDATA 8
+};
+#endif
+
- /* Reinitializes the specified interface after an address change. This
- is not required for packet-filter APIs. */
-
-@@ -67,10 +81,14 @@ int if_register_lpf (info)
+ #ifdef USE_LPF_SEND
+ void if_reinitialize_send (info)
+ struct interface_info *info;
+@@ -73,10 +87,14 @@ int if_register_lpf (info)
struct interface_info *info;
{
int sock;
htons((short)ETH_P_ALL))) < 0) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
-@@ -85,11 +103,17 @@ int if_register_lpf (info)
+@@ -91,11 +109,17 @@ int if_register_lpf (info)
log_fatal ("Open a socket for LPF: %m");
}
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
-@@ -171,9 +195,18 @@ static void lpf_gen_filter_setup (struct
+@@ -177,9 +201,18 @@ static void lpf_gen_filter_setup (struct
void if_register_receive (info)
struct interface_info *info;
{
#if defined (HAVE_TR_SUPPORT)
if (info -> hw_address.hbuf [0] == HTYPE_IEEE802)
lpf_tr_filter_setup (info);
-@@ -295,7 +328,6 @@ ssize_t send_packet (interface, packet,
+@@ -301,7 +334,6 @@ ssize_t send_packet (interface, packet,
double hh [16];
double ih [1536 / sizeof (double)];
unsigned char *buf = (unsigned char *)ih;
int result;
int fudge;
-@@ -316,17 +348,7 @@ ssize_t send_packet (interface, packet,
+@@ -322,17 +354,7 @@ ssize_t send_packet (interface, packet,
(unsigned char *)raw, len);
memcpy (buf + ibufp, raw, len);
if (result < 0)
log_error ("send_packet: %m");
return result;
-@@ -343,14 +365,35 @@ ssize_t receive_packet (interface, buf,
+@@ -349,14 +371,35 @@ ssize_t receive_packet (interface, buf,
{
int length = 0;
int offset = 0;
bufix = 0;
/* Decode the physical header... */
offset = decode_hw_header (interface, ibuf, bufix, hfrom);
-@@ -367,7 +410,7 @@ ssize_t receive_packet (interface, buf,
+@@ -373,7 +416,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix, from,
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
-diff -up dhcp-4.2.2b1/common/nit.c.xen dhcp-4.2.2b1/common/nit.c
---- dhcp-4.2.2b1/common/nit.c.xen 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/common/nit.c 2011-07-01 14:00:16.939958989 +0200
-@@ -369,7 +369,7 @@ ssize_t receive_packet (interface, buf,
+diff -up dhcp-4.3.0rc1/common/nit.c.xen dhcp-4.3.0rc1/common/nit.c
+--- dhcp-4.3.0rc1/common/nit.c.xen 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/common/nit.c 2014-01-29 10:03:27.504941651 +0100
+@@ -363,7 +363,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix,
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
-diff -up dhcp-4.2.2b1/common/packet.c.xen dhcp-4.2.2b1/common/packet.c
---- dhcp-4.2.2b1/common/packet.c.xen 2009-07-23 20:52:20.000000000 +0200
-+++ dhcp-4.2.2b1/common/packet.c 2011-07-01 14:00:16.939958989 +0200
-@@ -211,7 +211,7 @@ ssize_t
+diff -up dhcp-4.3.0rc1/common/packet.c.xen dhcp-4.3.0rc1/common/packet.c
+--- dhcp-4.3.0rc1/common/packet.c.xen 2013-12-11 01:01:02.000000000 +0100
++++ dhcp-4.3.0rc1/common/packet.c 2014-01-29 10:03:27.504941651 +0100
+@@ -226,7 +226,7 @@ ssize_t
decode_udp_ip_header(struct interface_info *interface,
unsigned char *buf, unsigned bufix,
struct sockaddr_in *from, unsigned buflen,
{
unsigned char *data;
struct ip ip;
-@@ -322,7 +322,7 @@ decode_udp_ip_header(struct interface_in
+@@ -337,7 +337,7 @@ decode_udp_ip_header(struct interface_in
8, IPPROTO_UDP + ulen))));
udp_packets_seen++;
udp_packets_bad_checksum++;
if (udp_packets_seen > 4 &&
(udp_packets_seen / udp_packets_bad_checksum) < 2) {
-diff -up dhcp-4.2.2b1/common/upf.c.xen dhcp-4.2.2b1/common/upf.c
---- dhcp-4.2.2b1/common/upf.c.xen 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/common/upf.c 2011-07-01 14:00:16.940958986 +0200
-@@ -320,7 +320,7 @@ ssize_t receive_packet (interface, buf,
+diff -up dhcp-4.3.0rc1/common/upf.c.xen dhcp-4.3.0rc1/common/upf.c
+--- dhcp-4.3.0rc1/common/upf.c.xen 2014-01-26 19:40:44.000000000 +0100
++++ dhcp-4.3.0rc1/common/upf.c 2014-01-29 10:03:27.505941638 +0100
+@@ -314,7 +314,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix,
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
-diff -up dhcp-4.2.2b1/includes/dhcpd.h.xen dhcp-4.2.2b1/includes/dhcpd.h
---- dhcp-4.2.2b1/includes/dhcpd.h.xen 2011-07-01 14:00:16.000000000 +0200
-+++ dhcp-4.2.2b1/includes/dhcpd.h 2011-07-01 14:12:18.069642470 +0200
-@@ -2796,7 +2796,7 @@ ssize_t decode_hw_header (struct interfa
+diff -up dhcp-4.3.0rc1/includes/dhcpd.h.xen dhcp-4.3.0rc1/includes/dhcpd.h
+--- dhcp-4.3.0rc1/includes/dhcpd.h.xen 2014-01-29 10:03:27.489941844 +0100
++++ dhcp-4.3.0rc1/includes/dhcpd.h 2014-01-29 10:03:27.506941626 +0100
+@@ -2861,7 +2861,7 @@ ssize_t decode_hw_header (struct interfa
unsigned, struct hardware *);
ssize_t decode_udp_ip_header (struct interface_info *, unsigned char *,
unsigned, struct sockaddr_in *,
From f2658275b25ebfe691cdcb9fede85a3088cca168 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Thu, 25 Sep 2014 21:51:25 +0100
-Subject: [PATCH 01/55] Add newline at the end of example config file.
+Subject: [PATCH 01/98] Add newline at the end of example config file.
---
dnsmasq.conf.example | 2 +-
From 00cd9d551998307225312fd21f761cfa8868bd2c Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Thu, 2 Oct 2014 21:44:21 +0100
-Subject: [PATCH 02/55] crash at startup when an empty suffix is supplied to
+Subject: [PATCH 02/98] crash at startup when an empty suffix is supplied to
--conf-dir
---
From 6ac3bc0452a74e16e3d620a0757b0f8caab182ec Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Fri, 3 Oct 2014 08:48:11 +0100
-Subject: [PATCH 03/55] Debian build fixes for kFreeBSD
+Subject: [PATCH 03/98] Debian build fixes for kFreeBSD
---
src/tables.c | 6 +++++-
From e9828b6f66b22ce8873f8d30a773137d1aef1b92 Mon Sep 17 00:00:00 2001
From: Karl Vogel <karl.vogel@gmail.com>
Date: Fri, 3 Oct 2014 21:45:15 +0100
-Subject: [PATCH 04/55] Set conntrack mark before connect() call.
+Subject: [PATCH 04/98] Set conntrack mark before connect() call.
SO_MARK has to be done before issuing the connect() call on the
TCP socket.
From 17b475912f6a4e72797a543dad59d4d5dde6bb1b Mon Sep 17 00:00:00 2001
From: Daniel Collins <daniel.collins@smoothwall.net>
Date: Fri, 3 Oct 2014 21:58:43 +0100
-Subject: [PATCH 05/55] Fix typo in new Dbus code.
+Subject: [PATCH 05/98] Fix typo in new Dbus code.
Simon's fault.
---
From 3d9d2dd0018603a2ae4b9cd65ac6ff959f4fd8c7 Mon Sep 17 00:00:00 2001
From: Tomas Hozza <thozza@redhat.com>
Date: Mon, 6 Oct 2014 10:46:48 +0100
-Subject: [PATCH 06/55] Fit example conf file typo.
+Subject: [PATCH 06/98] Fit example conf file typo.
---
dnsmasq.conf.example | 2 +-
From b9ff5c8f435173cfa616e3c398bdc089ef690a07 Mon Sep 17 00:00:00 2001
From: Vladislav Grishenko <themiron@mail.ru>
Date: Mon, 6 Oct 2014 14:34:24 +0100
-Subject: [PATCH 07/55] Improve RFC-compliance when unable to supply addresses
+Subject: [PATCH 07/98] Improve RFC-compliance when unable to supply addresses
in DHCPv6
While testing https://github.com/sbyx/odhcp6c client I have noticed it
From 98906275a02ae260fe3f82133bd79054f8315f06 Mon Sep 17 00:00:00 2001
From: Hans Dedecker <dedeckeh@gmail.com>
Date: Tue, 9 Dec 2014 22:22:53 +0000
-Subject: [PATCH 08/55] Fix conntrack with --bind-interfaces
+Subject: [PATCH 08/98] Fix conntrack with --bind-interfaces
Make sure dst_addr is assigned the correct address in receive_query when OPTNOWILD is
enabled so the assigned mark can be correctly retrieved and set in forward_query when
From 193de4abf59e49c6b70d54cfe9720fcb95ca2f71 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 10 Dec 2014 17:32:16 +0000
-Subject: [PATCH 09/55] Use inotify instead of polling on Linux.
+Subject: [PATCH 09/98] Use inotify instead of polling on Linux.
This should solve problems people are seeing when a file changes
twice within a second and thus is missed for polling.
From 857973e6f7e0a3d03535a9df7f9373fd7a0b65cc Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 15 Dec 2014 15:58:13 +0000
-Subject: [PATCH 10/55] Teach the new inotify code about symlinks.
+Subject: [PATCH 10/98] Teach the new inotify code about symlinks.
---
src/inotify.c | 43 +++++++++++++++++++++++++++----------------
From 800c5cc1e7438818fd80f08c2d472df249a6942d Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 15 Dec 2014 17:50:15 +0000
-Subject: [PATCH 11/55] Remove floor on EDNS0 packet size with DNSSEC.
+Subject: [PATCH 11/98] Remove floor on EDNS0 packet size with DNSSEC.
---
CHANGELOG | 6 +++++-
From ad946d555dce44eb690c7699933b6ff40ab85bb6 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 15 Dec 2014 17:52:22 +0000
-Subject: [PATCH 12/55] CHANGELOG re. inotify.
+Subject: [PATCH 12/98] CHANGELOG re. inotify.
---
CHANGELOG | 4 ++++
From 3ad3f3bbd4ee716a7d2fb1e115cf89bd1b1a5de9 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 16 Dec 2014 18:25:17 +0000
-Subject: [PATCH 13/55] Fix breakage of --domain=<domain>,<subnet>,local
+Subject: [PATCH 13/98] Fix breakage of --domain=<domain>,<subnet>,local
---
CHANGELOG | 4 ++++
From bd9520b7ade7098ee423acc38965376aa57feb07 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 16 Dec 2014 20:41:29 +0000
-Subject: [PATCH 14/55] Remove redundant IN6_IS_ADDR_ULA(a) macro defn.
+Subject: [PATCH 14/98] Remove redundant IN6_IS_ADDR_ULA(a) macro defn.
---
src/network.c | 4 ----
From 476693678e778886b64d0b56e27eb7695cbcca99 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 17 Dec 2014 12:41:56 +0000
-Subject: [PATCH 15/55] Eliminate IPv6 privacy addresses from --interface-name
+Subject: [PATCH 15/98] Eliminate IPv6 privacy addresses from --interface-name
answers.
---
From 3267804598047bd1781cab91508d1bc516e5ddbb Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 17 Dec 2014 20:38:20 +0000
-Subject: [PATCH 16/55] Tweak field width in cache dump to avoid truncating
+Subject: [PATCH 16/98] Tweak field width in cache dump to avoid truncating
IPv6 addresses.
---
From 094b5c3d904bae9aeb3206d9f3b8348926b84975 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sun, 21 Dec 2014 16:11:52 +0000
-Subject: [PATCH 17/55] Fix crash in DNSSEC code when attempting to verify
+Subject: [PATCH 17/98] Fix crash in DNSSEC code when attempting to verify
large RRs.
---
From cbc652423403e3cef00e00240f6beef713142246 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sun, 21 Dec 2014 21:21:53 +0000
-Subject: [PATCH 18/55] Make caching work for CNAMEs pointing to A/AAAA records
+Subject: [PATCH 18/98] Make caching work for CNAMEs pointing to A/AAAA records
shadowed in /etc/hosts
If the answer to an upstream query is a CNAME which points to an
From fbc5205702c7f6f431d9f1043c553d7fb62ddfdb Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 23 Dec 2014 15:46:08 +0000
-Subject: [PATCH 19/55] Fix problems validating NSEC3 and wildcards.
+Subject: [PATCH 19/98] Fix problems validating NSEC3 and wildcards.
---
src/dnssec.c | 253 ++++++++++++++++++++++++++++++-----------------------------
From 83d2ed09fc0216b567d7fb2197e4ff3eae150b0d Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 23 Dec 2014 18:42:38 +0000
-Subject: [PATCH 20/55] Initialise return value.
+Subject: [PATCH 20/98] Initialise return value.
---
src/dnssec.c | 7 +++++--
From 32fc6dbe03569d70dd394420ceb73532cf303c33 Mon Sep 17 00:00:00 2001
From: Glen Huang <curvedmark@gmail.com>
Date: Sat, 27 Dec 2014 15:28:12 +0000
-Subject: [PATCH 21/55] Add --ignore-address option.
+Subject: [PATCH 21/98] Add --ignore-address option.
---
CHANGELOG | 8 ++++++++
From 0b1008d367d44e77352134a4c5178f896f0db3e7 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 27 Dec 2014 15:33:32 +0000
-Subject: [PATCH 22/55] Bad packet protection.
+Subject: [PATCH 22/98] Bad packet protection.
---
src/dnssec.c | 2 +-
From d310ab7ecbffce79d3d90debba621e0222f9bced Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Sat, 27 Dec 2014 15:36:38 +0000
-Subject: [PATCH 23/55] Fix build failure in new inotify code on BSD.
+Subject: [PATCH 23/98] Fix build failure in new inotify code on BSD.
---
src/inotify.c | 4 ++--
From 81c538efcebfce2ce4a1d3a420b6c885b8f08df9 Mon Sep 17 00:00:00 2001
From: Yousong Zhou <yszhou4tech@gmail.com>
Date: Sat, 3 Jan 2015 16:36:14 +0000
-Subject: [PATCH 24/55] Implement makefile dependencies on COPTS variable.
+Subject: [PATCH 24/98] Implement makefile dependencies on COPTS variable.
---
.gitignore | 2 +-
From d8dbd903d024f84a149dac2f8a674a68dfed47a3 Mon Sep 17 00:00:00 2001
From: Yousong Zhou <yszhou4tech@gmail.com>
Date: Mon, 5 Jan 2015 17:03:35 +0000
-Subject: [PATCH 25/55] Fix race condition issue in makefile.
+Subject: [PATCH 25/98] Fix race condition issue in makefile.
---
Makefile | 4 +++-
From 97e618a0e3f29465acc689d87288596b006f197e Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 7 Jan 2015 21:55:43 +0000
-Subject: [PATCH 26/55] DNSSEC: do top-down search for limit of secure
+Subject: [PATCH 26/98] DNSSEC: do top-down search for limit of secure
delegation.
---
From 25cf5e373eb41c088d4ee5e625209c4cf6a5659e Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Fri, 9 Jan 2015 15:53:03 +0000
-Subject: [PATCH 27/55] Add --log-queries=extra option for more complete
+Subject: [PATCH 27/98] Add --log-queries=extra option for more complete
logging.
---
From 28de38768e2c7d763b9aa5b7a4d251d5e56bab0b Mon Sep 17 00:00:00 2001
From: RinSatsuki <aa65535@live.com>
Date: Sat, 10 Jan 2015 15:22:21 +0000
-Subject: [PATCH 28/55] Add --min-cache-ttl option.
+Subject: [PATCH 28/98] Add --min-cache-ttl option.
---
CHANGELOG | 7 +++++++
From 9f79ee4ae34886c0319f06d8f162b81ef79d62fb Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 12 Jan 2015 20:18:18 +0000
-Subject: [PATCH 29/55] Log port of requestor when doing extra logging.
+Subject: [PATCH 29/98] Log port of requestor when doing extra logging.
---
src/cache.c | 6 +++---
From 5e321739db381a1d7b5964d76e9c81471d2564c9 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 12 Jan 2015 23:16:56 +0000
-Subject: [PATCH 30/55] Don't answer from cache RRsets from wildcards, as we
+Subject: [PATCH 30/98] Don't answer from cache RRsets from wildcards, as we
don't have NSECs.
---
From ae4624bf46b5e37ff1a9a2ba3c927e0dede95adb Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 12 Jan 2015 23:22:08 +0000
-Subject: [PATCH 31/55] Logs for DS records consistent.
+Subject: [PATCH 31/98] Logs for DS records consistent.
---
src/rfc1035.c | 2 +-
From 393415597c8b5b09558b789ab9ac238dbe3db65d Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sun, 18 Jan 2015 22:11:10 +0000
-Subject: [PATCH 32/55] Cope with multiple interfaces with the same LL address.
+Subject: [PATCH 32/98] Cope with multiple interfaces with the same LL address.
---
CHANGELOG | 4 ++++
From 2ae195f5a71f7c5a75717845de1bd72fc7dd67f3 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sun, 18 Jan 2015 22:20:48 +0000
-Subject: [PATCH 33/55] Don't treat SERVFAIL as a recoverable error.....
+Subject: [PATCH 33/98] Don't treat SERVFAIL as a recoverable error.....
---
src/forward.c | 2 +-
From 5f4dc5c6ca50655ab14f572c7e30815ed74cd51a Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 20 Jan 2015 20:51:02 +0000
-Subject: [PATCH 34/55] Add --dhcp-hostsdir config option.
+Subject: [PATCH 34/98] Add --dhcp-hostsdir config option.
---
CHANGELOG | 5 +++
From fbf01f7046e75f9aa73fd4aab2a94e43386d9052 Mon Sep 17 00:00:00 2001
From: Conrad Kostecki <ck@conrad-kostecki.de>
Date: Tue, 20 Jan 2015 21:07:56 +0000
-Subject: [PATCH 35/55] Update German translation.
+Subject: [PATCH 35/98] Update German translation.
---
po/de.po | 101 +++++++++++++++++++++++++++++----------------------------------
From 61b838dd574c51d96fef100285a0d225824534f9 Mon Sep 17 00:00:00 2001
From: Win King Wan <pinwing+dnsmasq@gmail.com>
Date: Wed, 21 Jan 2015 20:41:48 +0000
-Subject: [PATCH 36/55] Don't reply to DHCPv6 SOLICIT messages when not
+Subject: [PATCH 36/98] Don't reply to DHCPv6 SOLICIT messages when not
configured for statefull DHCPv6.
---
From 0491805d2ff6e7727f0272c94fd97d9897d1e22c Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 26 Jan 2015 11:23:43 +0000
-Subject: [PATCH 37/55] Allow inotify to be disabled at compile time on Linux.
+Subject: [PATCH 37/98] Allow inotify to be disabled at compile time on Linux.
---
CHANGELOG | 4 +++-
From 70d1873dd9e70041ed4bb88c69d5b886b7cc634c Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 31 Jan 2015 19:59:29 +0000
-Subject: [PATCH 38/55] Expand inotify code to dhcp-hostsdir, dhcp-optsdir and
+Subject: [PATCH 38/98] Expand inotify code to dhcp-hostsdir, dhcp-optsdir and
hostsdir.
---
From aff3396280e944833f0e23d834aa6acd5fe2605a Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 31 Jan 2015 20:13:40 +0000
-Subject: [PATCH 39/55] Update copyrights for dawn of 2015.
+Subject: [PATCH 39/98] Update copyrights for dawn of 2015.
---
Makefile | 2 +-
From 3d04f46334d0e345f589eda1372e638b946fe637 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 31 Jan 2015 21:59:13 +0000
-Subject: [PATCH 40/55] inotify documentation updates.
+Subject: [PATCH 40/98] inotify documentation updates.
---
man/dnsmasq.8 | 11 +++++++++--
From 6ef15b34ca83c62a939f69356d5c3f7a6bfef3d0 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 31 Jan 2015 22:44:26 +0000
-Subject: [PATCH 41/55] Fix broken ECDSA DNSSEC signatures.
+Subject: [PATCH 41/98] Fix broken ECDSA DNSSEC signatures.
---
CHANGELOG | 2 ++
From 106266761828a0acb006346ae47bf031dee46a5d Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sun, 1 Feb 2015 00:15:16 +0000
-Subject: [PATCH 42/55] BSD make support
+Subject: [PATCH 42/98] BSD make support
---
Makefile | 6 ++++--
From 8d8a54ec79d9f96979fabbd97b1dd2ddebc7d78f Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sun, 1 Feb 2015 21:48:46 +0000
-Subject: [PATCH 43/55] Fix build failure on openBSD.
+Subject: [PATCH 43/98] Fix build failure on openBSD.
---
src/tables.c | 2 +-
From d36b732c4cfa91ea09af64b5dc0f3a85a075e5bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thi=C3=A9baud=20Weksteen?= <thiebaud@weksteen.fr>
Date: Mon, 2 Feb 2015 21:37:27 +0000
-Subject: [PATCH 44/55] Manpage typo fix.
+Subject: [PATCH 44/98] Manpage typo fix.
---
man/dnsmasq.8 | 2 +-
From 2941d3ac898cf84b544e47c9735c5e4111711db1 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 2 Feb 2015 22:36:42 +0000
-Subject: [PATCH 45/55] Fixup dhcp-configs after reading extra hostfiles with
+Subject: [PATCH 45/98] Fixup dhcp-configs after reading extra hostfiles with
inotify.
---
From f9c863708c6b0aea31ff7a466647685dc739de50 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 3 Feb 2015 21:52:48 +0000
-Subject: [PATCH 46/55] Extra logging for inotify code.
+Subject: [PATCH 46/98] Extra logging for inotify code.
---
src/cache.c | 9 ++++-----
From efb8b5566aafc1f3ce18514a2df93af5a2e4998c Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 7 Feb 2015 22:36:34 +0000
-Subject: [PATCH 47/55] man page typo.
+Subject: [PATCH 47/98] man page typo.
---
man/dnsmasq.8 | 1 +
From f4f400776b3c1aa303d1a0fcd500f0ab5bc970f2 Mon Sep 17 00:00:00 2001
From: Shantanu Gadgil <shantanugadgil@yahoo.com>
Date: Wed, 11 Feb 2015 20:16:59 +0000
-Subject: [PATCH 48/55] Fix get-version script which returned wrong tag in some
+Subject: [PATCH 48/98] Fix get-version script which returned wrong tag in some
situations.
---
From 8ff70de618eb7de9147dbfbd4deca4a2dd62f0cb Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 14 Feb 2015 20:02:37 +0000
-Subject: [PATCH 49/55] Typos.
+Subject: [PATCH 49/98] Typos.
---
src/inotify.c | 3 ++-
From caeea190f12efd20139f694aac4942d1ac00019f Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 14 Feb 2015 20:08:56 +0000
-Subject: [PATCH 50/55] Make dynamic hosts files work when --no-hosts set.
+Subject: [PATCH 50/98] Make dynamic hosts files work when --no-hosts set.
---
src/cache.c | 21 +++++++++++----------
From 28b879ac47b872af6e8c5e86d76806c69338434d Mon Sep 17 00:00:00 2001
From: Chen Wei <weichen302@icloud.com>
Date: Tue, 17 Feb 2015 22:07:35 +0000
-Subject: [PATCH 51/55] Fix trivial memory leaks to quieten valgrind.
+Subject: [PATCH 51/98] Fix trivial memory leaks to quieten valgrind.
---
src/dnsmasq.c | 2 ++
From 0705a7e2d57654b27c7e14f35ca77241c1821f4d Mon Sep 17 00:00:00 2001
From: Tomas Hozza <thozza@redhat.com>
Date: Mon, 23 Feb 2015 21:26:26 +0000
-Subject: [PATCH 52/55] Fix uninitialized value used in get_client_mac()
+Subject: [PATCH 52/98] Fix uninitialized value used in get_client_mac()
---
src/dhcp6.c | 4 +++-
From 47b9ac59c715827252ae6e6732903c3dabb697fb Mon Sep 17 00:00:00 2001
From: Joachim Zobel <jz-2014@heute-morgen.de>
Date: Mon, 23 Feb 2015 21:38:11 +0000
-Subject: [PATCH 53/55] Log parsing utils in contrib/reverse-dns
+Subject: [PATCH 53/98] Log parsing utils in contrib/reverse-dns
---
contrib/reverse-dns/README | 18 ++++++++++++++++++
- contrib/reverse-dns/reverse_dns.sh | 29 +++++++++++++++++++++++++++++
contrib/reverse-dns/reverse_replace.sh | 28 ++++++++++++++++++++++++++++
- 3 files changed, 75 insertions(+)
+ 2 files changed, 46 insertions(+)
create mode 100644 contrib/reverse-dns/README
- create mode 100644 contrib/reverse-dns/reverse_dns.sh
create mode 100644 contrib/reverse-dns/reverse_replace.sh
diff --git a/contrib/reverse-dns/README b/contrib/reverse-dns/README
+Joachim\r
+\r
+\r
-diff --git a/contrib/reverse-dns/reverse_dns.sh b/contrib/reverse-dns/reverse_dns.sh
-new file mode 100644
-index 000000000000..c0fff300a947
---- /dev/null
-+++ b/contrib/reverse-dns/reverse_dns.sh
-@@ -0,0 +1,29 @@
-+#!/bin/bash
-+# $Id: reverse_dns.sh 4 2015-02-17 20:14:59Z jo $
-+#
-+# Usage: reverse_dns.sh IP
-+# Uses the dnsmasq query log to lookup the name
-+# that was last queried to return the given IP.
-+#
-+
-+IP=$1
-+qmIP=`echo $IP | sed 's#\.#\\.#g'`
-+LOG=/var/log/dnsmasq.log
-+
-+IP_regex='^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'
-+
-+if ! [[ $IP =~ $IP_regex ]]; then
-+ echo -n $IP
-+ exit
-+fi
-+
-+NAME=`tac $LOG | \
-+ grep " is $IP" | head -1 | \
-+ sed "s#.* \([^ ]*\) is $qmIP.*#\1#" `
-+
-+if [ -z "$NAME" ]; then
-+ echo -n $IP
-+else
-+ echo -n $NAME
-+fi
-+
diff --git a/contrib/reverse-dns/reverse_replace.sh b/contrib/reverse-dns/reverse_replace.sh
new file mode 100644
index 000000000000..a11c164b7f19
From f6e62e2af96f5fa0d1e3d93167a93a8f09bf6e61 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sun, 1 Mar 2015 18:17:54 +0000
-Subject: [PATCH 54/55] Add --dnssec-timestamp option and facility.
+Subject: [PATCH 54/98] Add --dnssec-timestamp option and facility.
---
CHANGELOG | 6 +++++
From 9003b50b13da624ca45f3e0cf99abb623b8d026b Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Mon, 2 Mar 2015 22:47:23 +0000
-Subject: [PATCH 55/55] Fix last commit to not crash if uid changing not
+Subject: [PATCH 55/98] Fix last commit to not crash if uid changing not
configured.
---
From 4c960fa90a975d20f75a1ecabd217247f1922c8f Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Wed, 4 Mar 2015 20:32:26 +0000
-Subject: [PATCH 56/57] New version of contrib/reverse-dns
+Subject: [PATCH 56/98] New version of contrib/reverse-dns
---
contrib/reverse-dns/README | 22 +++---
From 360f2513ab12a9bf1e262d388dd2ea8a566590a3 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 7 Mar 2015 18:28:06 +0000
-Subject: [PATCH 57/57] Tweak DNSSEC timestamp code to create file later,
+Subject: [PATCH 57/98] Tweak DNSSEC timestamp code to create file later,
removing need to chown it.
---
--- /dev/null
+From ff841ebf5a5d6864ff48571f607c32ce80dbb75a Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Wed, 11 Mar 2015 21:36:30 +0000
+Subject: [PATCH 58/98] Fix boilerplate code for re-running system calls on
+ EINTR and EAGAIN etc.
+
+The nasty code with static variable in retry_send() which
+avoids looping forever needs to be called on success of the syscall,
+to reset the static variable.
+---
+ src/bpf.c | 2 +-
+ src/dhcp.c | 2 +-
+ src/dhcp6.c | 6 +++---
+ src/dnsmasq.c | 35 +++++++++++++++++----------------
+ src/dnsmasq.h | 2 +-
+ src/forward.c | 41 ++++++++++++++++++--------------------
+ src/ipset.c | 8 ++++----
+ src/loop.c | 5 +++--
+ src/netlink.c | 8 ++++----
+ src/radv.c | 5 +++--
+ src/util.c | 63 ++++++++++++++++++++++++++++++++++-------------------------
+ 11 files changed, 93 insertions(+), 84 deletions(-)
+
+diff --git a/src/bpf.c b/src/bpf.c
+index 997d87421bed..a066641f969f 100644
+--- a/src/bpf.c
++++ b/src/bpf.c
+@@ -359,7 +359,7 @@ void send_via_bpf(struct dhcp_packet *mess, size_t len,
+ iov[3].iov_base = mess;
+ iov[3].iov_len = len;
+
+- while (writev(daemon->dhcp_raw_fd, iov, 4) == -1 && retry_send());
++ while (retry_send(writev(daemon->dhcp_raw_fd, iov, 4)));
+ }
+
+ #endif /* defined(HAVE_BSD_NETWORK) && defined(HAVE_DHCP) */
+diff --git a/src/dhcp.c b/src/dhcp.c
+index f29be9b489a7..5c3089ab94ff 100644
+--- a/src/dhcp.c
++++ b/src/dhcp.c
+@@ -443,7 +443,7 @@ void dhcp_packet(time_t now, int pxe_fd)
+ setsockopt(fd, IPPROTO_IP, IP_BOUND_IF, &iface_index, sizeof(iface_index));
+ #endif
+
+- while(sendmsg(fd, &msg, 0) == -1 && retry_send());
++ while(retry_send(sendmsg(fd, &msg, 0)));
+ }
+
+ /* check against secondary interface addresses */
+diff --git a/src/dhcp6.c b/src/dhcp6.c
+index c7144f5fee7c..ee2aa5d3bf3c 100644
+--- a/src/dhcp6.c
++++ b/src/dhcp6.c
+@@ -225,9 +225,9 @@ void dhcp6_packet(time_t now)
+ if (port != 0)
+ {
+ from.sin6_port = htons(port);
+- while (sendto(daemon->dhcp6fd, daemon->outpacket.iov_base, save_counter(0),
+- 0, (struct sockaddr *)&from, sizeof(from)) == -1 &&
+- retry_send());
++ while (retry_send(sendto(daemon->dhcp6fd, daemon->outpacket.iov_base,
++ save_counter(0), 0, (struct sockaddr *)&from,
++ sizeof(from))));
+ }
+ }
+
+diff --git a/src/dnsmasq.c b/src/dnsmasq.c
+index f3e5bcffec4f..b784951950d4 100644
+--- a/src/dnsmasq.c
++++ b/src/dnsmasq.c
+@@ -444,7 +444,7 @@ int main (int argc, char **argv)
+ char *msg;
+
+ /* close our copy of write-end */
+- close(err_pipe[1]);
++ while (retry_send(close(err_pipe[1])));
+
+ /* check for errors after the fork */
+ if (read_event(err_pipe[0], &ev, &msg))
+@@ -453,7 +453,7 @@ int main (int argc, char **argv)
+ _exit(EC_GOOD);
+ }
+
+- close(err_pipe[0]);
++ while (retry_send(close(err_pipe[0])));
+
+ /* NO calls to die() from here on. */
+
+@@ -505,10 +505,12 @@ int main (int argc, char **argv)
+ {
+ if (!read_write(fd, (unsigned char *)daemon->namebuff, strlen(daemon->namebuff), 0))
+ err = 1;
+-
+- while (!err && close(fd) == -1)
+- if (!retry_send())
+- err = 1;
++ else
++ {
++ while (retry_send(close(fd)));
++ if (errno != 0)
++ err = 1;
++ }
+ }
+
+ if (err)
+@@ -813,7 +815,7 @@ int main (int argc, char **argv)
+
+ /* finished start-up - release original process */
+ if (err_pipe[1] != -1)
+- close(err_pipe[1]);
++ while (retry_send(close(err_pipe[1])));
+
+ if (daemon->port != 0)
+ check_servers();
+@@ -1319,7 +1321,7 @@ static void async_event(int pipe, time_t now)
+ do {
+ helper_write();
+ } while (!helper_buf_empty() || do_script_run(now));
+- close(daemon->helperfd);
++ while (retry_send(close(daemon->helperfd)));
+ }
+ #endif
+
+@@ -1544,7 +1546,7 @@ static void check_dns_listeners(fd_set *set, time_t now)
+
+ if (getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) == -1)
+ {
+- close(confd);
++ while (retry_send(close(confd)));
+ continue;
+ }
+
+@@ -1609,7 +1611,7 @@ static void check_dns_listeners(fd_set *set, time_t now)
+ if (!client_ok)
+ {
+ shutdown(confd, SHUT_RDWR);
+- close(confd);
++ while (retry_send(close(confd)));
+ }
+ #ifndef NO_FORK
+ else if (!option_bool(OPT_DEBUG) && (p = fork()) != 0)
+@@ -1624,7 +1626,7 @@ static void check_dns_listeners(fd_set *set, time_t now)
+ break;
+ }
+ }
+- close(confd);
++ while (retry_send(close(confd)));
+
+ /* The child can use up to TCP_MAX_QUERIES ids, so skip that many. */
+ daemon->log_id += TCP_MAX_QUERIES;
+@@ -1669,7 +1671,7 @@ static void check_dns_listeners(fd_set *set, time_t now)
+ buff = tcp_request(confd, now, &tcp_addr, netmask, auth_dns);
+
+ shutdown(confd, SHUT_RDWR);
+- close(confd);
++ while (retry_send(close(confd)));
+
+ if (buff)
+ free(buff);
+@@ -1678,7 +1680,7 @@ static void check_dns_listeners(fd_set *set, time_t now)
+ if (s->tcpfd != -1)
+ {
+ shutdown(s->tcpfd, SHUT_RDWR);
+- close(s->tcpfd);
++ while (retry_send(close(s->tcpfd)));
+ }
+ #ifndef NO_FORK
+ if (!option_bool(OPT_DEBUG))
+@@ -1756,9 +1758,8 @@ int icmp_ping(struct in_addr addr)
+ j = (j & 0xffff) + (j >> 16);
+ packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j;
+
+- while (sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0,
+- (struct sockaddr *)&saddr, sizeof(saddr)) == -1 &&
+- retry_send());
++ while (retry_send(sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0,
++ (struct sockaddr *)&saddr, sizeof(saddr))));
+
+ for (now = start = dnsmasq_time();
+ difftime(now, start) < (float)PING_WAIT;)
+@@ -1820,7 +1821,7 @@ int icmp_ping(struct in_addr addr)
+ }
+
+ #if defined(HAVE_LINUX_NETWORK) || defined(HAVE_SOLARIS_NETWORK)
+- close(fd);
++ while (retry_send(close(fd)));
+ #else
+ opt = 1;
+ setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index fc7259881358..de95d0e875e3 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -1177,7 +1177,7 @@ int is_same_net6(struct in6_addr *a, struct in6_addr *b, int prefixlen);
+ u64 addr6part(struct in6_addr *addr);
+ void setaddr6part(struct in6_addr *addr, u64 host);
+ #endif
+-int retry_send(void);
++int retry_send(ssize_t rc);
+ void prettyprint_time(char *buf, unsigned int t);
+ int prettyprint_addr(union mysockaddr *addr, char *buf);
+ int parse_hex(char *in, unsigned char *out, int maxlen,
+diff --git a/src/forward.c b/src/forward.c
+index 438e9fa490b8..7c0fa8da3fdf 100644
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -103,15 +103,11 @@ int send_from(int fd, int nowild, char *packet, size_t len,
+ #endif
+ }
+
+- while (sendmsg(fd, &msg, 0) == -1)
++ while (retry_send(sendmsg(fd, &msg, 0)));
++
++ /* If interface is still in DAD, EINVAL results - ignore that. */
++ if (errno != 0 && errno != EINVAL)
+ {
+- if (retry_send())
+- continue;
+-
+- /* If interface is still in DAD, EINVAL results - ignore that. */
+- if (errno == EINVAL)
+- break;
+-
+ my_syslog(LOG_ERR, _("failed to send packet: %s"), strerror(errno));
+ return 0;
+ }
+@@ -297,9 +293,9 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
+ fd = forward->rfd4->fd;
+ }
+
+- while (sendto(fd, (char *)header, plen, 0,
+- &forward->sentto->addr.sa,
+- sa_len(&forward->sentto->addr)) == -1 && retry_send());
++ while (retry_send( sendto(fd, (char *)header, plen, 0,
++ &forward->sentto->addr.sa,
++ sa_len(&forward->sentto->addr))));
+
+ return 1;
+ }
+@@ -469,14 +465,12 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
+ #endif
+ }
+
+- if (sendto(fd, (char *)header, plen, 0,
+- &start->addr.sa,
+- sa_len(&start->addr)) == -1)
+- {
+- if (retry_send())
+- continue;
+- }
+- else
++ if (retry_send(sendto(fd, (char *)header, plen, 0,
++ &start->addr.sa,
++ sa_len(&start->addr))))
++ continue;
++
++ if (errno == 0)
+ {
+ /* Keep info in case we want to re-send this packet */
+ daemon->srv_save = start;
+@@ -932,7 +926,9 @@ void reply_query(int fd, int family, time_t now)
+
+ if (fd != -1)
+ {
+- while (sendto(fd, (char *)header, nn, 0, &server->addr.sa, sa_len(&server->addr)) == -1 && retry_send());
++ while (retry_send(sendto(fd, (char *)header, nn, 0,
++ &server->addr.sa,
++ sa_len(&server->addr))));
+ server->queries++;
+ }
+
+@@ -2228,8 +2224,9 @@ void resend_query()
+ else
+ return;
+
+- while(sendto(fd, daemon->packet, daemon->packet_len, 0,
+- &daemon->srv_save->addr.sa, sa_len(&daemon->srv_save->addr)) == -1 && retry_send());
++ while(retry_send(sendto(fd, daemon->packet, daemon->packet_len, 0,
++ &daemon->srv_save->addr.sa,
++ sa_len(&daemon->srv_save->addr))));
+ }
+ }
+
+diff --git a/src/ipset.c b/src/ipset.c
+index 8c5b72722371..a315e86bc7f4 100644
+--- a/src/ipset.c
++++ b/src/ipset.c
+@@ -121,7 +121,6 @@ static int new_add_to_ipset(const char *setname, const struct all_addr *ipaddr,
+ struct my_nlattr *nested[2];
+ uint8_t proto;
+ int addrsz = INADDRSZ;
+- ssize_t rc;
+
+ #ifdef HAVE_IPV6
+ if (af == AF_INET6)
+@@ -162,9 +161,10 @@ static int new_add_to_ipset(const char *setname, const struct all_addr *ipaddr,
+ nested[1]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void *)nested[1];
+ nested[0]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void *)nested[0];
+
+- while ((rc = sendto(ipset_sock, buffer, nlh->nlmsg_len, 0,
+- (struct sockaddr *)&snl, sizeof(snl))) == -1 && retry_send());
+- return rc;
++ while (retry_send(sendto(ipset_sock, buffer, nlh->nlmsg_len, 0,
++ (struct sockaddr *)&snl, sizeof(snl))));
++
++ return errno == 0 ? 0 : -1;
+ }
+
+
+diff --git a/src/loop.c b/src/loop.c
+index 565f7d8e58e0..c9ed075670de 100644
+--- a/src/loop.c
++++ b/src/loop.c
+@@ -45,8 +45,9 @@ void loop_send_probes()
+ fd = rfd->fd;
+ }
+
+- while (sendto(fd, daemon->packet, len, 0, &serv->addr.sa, sa_len(&serv->addr)) == -1 && retry_send());
+-
++ while (retry_send(sendto(fd, daemon->packet, len, 0,
++ &serv->addr.sa, sa_len(&serv->addr))));
++
+ free_rfd(rfd);
+ }
+ }
+diff --git a/src/netlink.c b/src/netlink.c
+index 10f94db25a14..753784dc20b4 100644
+--- a/src/netlink.c
++++ b/src/netlink.c
+@@ -169,10 +169,10 @@ int iface_enumerate(int family, void *parm, int (*callback)())
+ req.g.rtgen_family = family;
+
+ /* Don't block in recvfrom if send fails */
+- while((len = sendto(daemon->netlinkfd, (void *)&req, sizeof(req), 0,
+- (struct sockaddr *)&addr, sizeof(addr))) == -1 && retry_send());
+-
+- if (len == -1)
++ while(retry_send(sendto(daemon->netlinkfd, (void *)&req, sizeof(req), 0,
++ (struct sockaddr *)&addr, sizeof(addr))));
++
++ if (errno != 0)
+ return 0;
+
+ while (1)
+diff --git a/src/radv.c b/src/radv.c
+index 6da125b864ae..d0faddf8684a 100644
+--- a/src/radv.c
++++ b/src/radv.c
+@@ -479,8 +479,9 @@ static void send_ra(time_t now, int iface, char *iface_name, struct in6_addr *de
+ setsockopt(daemon->icmp6fd, IPPROTO_IPV6, IPV6_MULTICAST_IF, &iface, sizeof(iface));
+ }
+
+- while (sendto(daemon->icmp6fd, daemon->outpacket.iov_base, save_counter(0), 0,
+- (struct sockaddr *)&addr, sizeof(addr)) == -1 && retry_send());
++ while (retry_send(sendto(daemon->icmp6fd, daemon->outpacket.iov_base,
++ save_counter(0), 0, (struct sockaddr *)&addr,
++ sizeof(addr))));
+
+ }
+
+diff --git a/src/util.c b/src/util.c
+index 91d02410b13f..648bc4d4b428 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -569,17 +569,27 @@ void bump_maxfd(int fd, int *max)
+ *max = fd;
+ }
+
+-int retry_send(void)
++/* rc is return from sendto and friends.
++ Return 1 if we should retry.
++ Set errno to zero if we succeeded. */
++int retry_send(ssize_t rc)
+ {
++ static int retries = 0;
++ struct timespec waiter;
++
++ if (rc != -1)
++ {
++ retries = 0;
++ errno = 0;
++ return 0;
++ }
++
+ /* Linux kernels can return EAGAIN in perpetuity when calling
+ sendmsg() and the relevant interface has gone. Here we loop
+ retrying in EAGAIN for 1 second max, to avoid this hanging
+ dnsmasq. */
+
+- static int retries = 0;
+- struct timespec waiter;
+-
+- if (errno == EAGAIN || errno == EWOULDBLOCK)
++ if (errno == EAGAIN || errno == EWOULDBLOCK)
+ {
+ waiter.tv_sec = 0;
+ waiter.tv_nsec = 10000;
+@@ -587,13 +597,13 @@ int retry_send(void)
+ if (retries++ < 1000)
+ return 1;
+ }
+-
+- retries = 0;
+-
+- if (errno == EINTR)
+- return 1;
+-
+- return 0;
++
++ retries = 0;
++
++ if (errno == EINTR)
++ return 1;
++
++ return 0;
+ }
+
+ int read_write(int fd, unsigned char *packet, int size, int rw)
+@@ -602,22 +612,21 @@ int read_write(int fd, unsigned char *packet, int size, int rw)
+
+ for (done = 0; done < size; done += n)
+ {
+- retry:
+- if (rw)
+- n = read(fd, &packet[done], (size_t)(size - done));
+- else
+- n = write(fd, &packet[done], (size_t)(size - done));
+-
+- if (n == 0)
+- return 0;
+- else if (n == -1)
+- {
+- if (retry_send() || errno == ENOMEM || errno == ENOBUFS)
+- goto retry;
+- else
+- return 0;
+- }
++ do {
++ if (rw)
++ n = read(fd, &packet[done], (size_t)(size - done));
++ else
++ n = write(fd, &packet[done], (size_t)(size - done));
++
++ if (n == 0)
++ return 0;
++
++ } while (retry_send(n) || errno == ENOMEM || errno == ENOBUFS);
++
++ if (errno != 0)
++ return 0;
+ }
++
+ return 1;
+ }
+
+--
+2.1.0
+
--- /dev/null
+From 979fe86bc8693f660eddea232ae39cbbb50b294c Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 19 Mar 2015 22:50:22 +0000
+Subject: [PATCH 59/98] Make --address=/example.com/ equivalent to
+ --server=/example.com/
+
+---
+ man/dnsmasq.8 | 7 +++++--
+ src/network.c | 4 ++--
+ src/option.c | 2 --
+ 3 files changed, 7 insertions(+), 6 deletions(-)
+
+diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
+index 2db780d90987..1f1dd7b69c53 100644
+--- a/man/dnsmasq.8
++++ b/man/dnsmasq.8
+@@ -460,7 +460,7 @@ but provides some syntactic sugar to make specifying address-to-name queries eas
+ is exactly equivalent to
+ .B --server=/3.2.1.in-addr.arpa/192.168.0.1
+ .TP
+-.B \-A, --address=/<domain>/[domain/]<ipaddr>
++.B \-A, --address=/<domain>/[domain/][<ipaddr>]
+ Specify an IP address to return for any host in the given domains.
+ Queries in the domains are never forwarded and always replied to
+ with the specified IP address which may be IPv4 or IPv6. To give
+@@ -472,7 +472,10 @@ domain specification works in the same was as for --server, with the
+ additional facility that /#/ matches any domain. Thus
+ --address=/#/1.2.3.4 will always return 1.2.3.4 for any query not
+ answered from /etc/hosts or DHCP and not sent to an upstream
+-nameserver by a more specific --server directive.
++nameserver by a more specific --server directive. As for --server,
++one or more domains with no address returns a no-such-domain answer, so
++--address=/example.com/ is equivalent to --server=/example.com/ and returns
++NXDOMAIN for example.com and all its subdomains.
+ .TP
+ .B --ipset=/<domain>/[domain/]<ipset>[,<ipset>]
+ Places the resolved IP addresses of queries for the specified domains
+diff --git a/src/network.c b/src/network.c
+index 7045253d467b..992f023c31de 100644
+--- a/src/network.c
++++ b/src/network.c
+@@ -1459,7 +1459,7 @@ void check_servers(void)
+ }
+ }
+
+- if (!(serv->flags & SERV_NO_REBIND))
++ if (!(serv->flags & SERV_NO_REBIND) && !(serv->flags & SERV_LITERAL_ADDRESS))
+ {
+ if (serv->flags & (SERV_HAS_DOMAIN | SERV_FOR_NODOTS | SERV_USE_RESOLV))
+ {
+@@ -1475,7 +1475,7 @@ void check_servers(void)
+ my_syslog(LOG_INFO, _("using local addresses only for %s %s"), s1, s2);
+ else if (serv->flags & SERV_USE_RESOLV)
+ my_syslog(LOG_INFO, _("using standard nameservers for %s %s"), s1, s2);
+- else if (!(serv->flags & SERV_LITERAL_ADDRESS))
++ else
+ my_syslog(LOG_INFO, _("using nameserver %s#%d for %s %s"), daemon->namebuff, port, s1, s2);
+ }
+ #ifdef HAVE_LOOP
+diff --git a/src/option.c b/src/option.c
+index eace40bb566c..3009eb545fde 100644
+--- a/src/option.c
++++ b/src/option.c
+@@ -2284,8 +2284,6 @@ static int one_opt(int option, char *arg, char *errstr, char *gen_err, int comma
+ {
+ if (!(newlist->flags & SERV_NO_REBIND))
+ newlist->flags |= SERV_NO_ADDR; /* no server */
+- if (newlist->flags & SERV_LITERAL_ADDRESS)
+- ret_err(gen_err);
+ }
+
+ else if (strcmp(arg, "#") == 0)
+--
+2.1.0
+
--- /dev/null
+From 65c721200023ef0023114459a8d12f8b0a24cfd8 Mon Sep 17 00:00:00 2001
+From: Lung-Pin Chang <changlp@cs.nctu.edu.tw>
+Date: Thu, 19 Mar 2015 23:22:21 +0000
+Subject: [PATCH 60/98] dhcp: set outbound interface via cmsg in unicast reply
+
+ If multiple routes to the same network exist, Linux blindly picks
+ the first interface (route) based on destination address, which might not be
+ the one we're actually offering leases. Rather than relying on this,
+ always set the interface for outgoing unicast DHCP packets.
+---
+ src/dhcp.c | 45 +++++++++++++++++++++++++--------------------
+ 1 file changed, 25 insertions(+), 20 deletions(-)
+
+diff --git a/src/dhcp.c b/src/dhcp.c
+index 5c3089ab94ff..f1f43f8d8f90 100644
+--- a/src/dhcp.c
++++ b/src/dhcp.c
+@@ -376,10 +376,9 @@ void dhcp_packet(time_t now, int pxe_fd)
+ }
+ }
+ #if defined(HAVE_LINUX_NETWORK)
+- else if ((ntohs(mess->flags) & 0x8000) || mess->hlen == 0 ||
+- mess->hlen > sizeof(ifr.ifr_addr.sa_data) || mess->htype == 0)
++ else
+ {
+- /* broadcast to 255.255.255.255 (or mac address invalid) */
++ /* fill cmsg for outbound interface (both broadcast & unicast) */
+ struct in_pktinfo *pkt;
+ msg.msg_control = control_u.control;
+ msg.msg_controllen = sizeof(control_u);
+@@ -389,23 +388,29 @@ void dhcp_packet(time_t now, int pxe_fd)
+ pkt->ipi_spec_dst.s_addr = 0;
+ msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
+ cmptr->cmsg_level = IPPROTO_IP;
+- cmptr->cmsg_type = IP_PKTINFO;
+- dest.sin_addr.s_addr = INADDR_BROADCAST;
+- dest.sin_port = htons(daemon->dhcp_client_port);
+- }
+- else
+- {
+- /* unicast to unconfigured client. Inject mac address direct into ARP cache.
+- struct sockaddr limits size to 14 bytes. */
+- dest.sin_addr = mess->yiaddr;
+- dest.sin_port = htons(daemon->dhcp_client_port);
+- memcpy(&arp_req.arp_pa, &dest, sizeof(struct sockaddr_in));
+- arp_req.arp_ha.sa_family = mess->htype;
+- memcpy(arp_req.arp_ha.sa_data, mess->chaddr, mess->hlen);
+- /* interface name already copied in */
+- arp_req.arp_flags = ATF_COM;
+- if (ioctl(daemon->dhcpfd, SIOCSARP, &arp_req) == -1)
+- my_syslog(MS_DHCP | LOG_ERR, _("ARP-cache injection failed: %s"), strerror(errno));
++ cmptr->cmsg_type = IP_PKTINFO;
++
++ if ((ntohs(mess->flags) & 0x8000) || mess->hlen == 0 ||
++ mess->hlen > sizeof(ifr.ifr_addr.sa_data) || mess->htype == 0)
++ {
++ /* broadcast to 255.255.255.255 (or mac address invalid) */
++ dest.sin_addr.s_addr = INADDR_BROADCAST;
++ dest.sin_port = htons(daemon->dhcp_client_port);
++ }
++ else
++ {
++ /* unicast to unconfigured client. Inject mac address direct into ARP cache.
++ struct sockaddr limits size to 14 bytes. */
++ dest.sin_addr = mess->yiaddr;
++ dest.sin_port = htons(daemon->dhcp_client_port);
++ memcpy(&arp_req.arp_pa, &dest, sizeof(struct sockaddr_in));
++ arp_req.arp_ha.sa_family = mess->htype;
++ memcpy(arp_req.arp_ha.sa_data, mess->chaddr, mess->hlen);
++ /* interface name already copied in */
++ arp_req.arp_flags = ATF_COM;
++ if (ioctl(daemon->dhcpfd, SIOCSARP, &arp_req) == -1)
++ my_syslog(MS_DHCP | LOG_ERR, _("ARP-cache injection failed: %s"), strerror(errno));
++ }
+ }
+ #elif defined(HAVE_SOLARIS_NETWORK)
+ else if ((ntohs(mess->flags) & 0x8000) || mess->hlen != ETHER_ADDR_LEN || mess->htype != ARPHRD_ETHER)
+--
+2.1.0
+
--- /dev/null
+From 8805283088d670baecb92569252c01cf754cda51 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 26 Mar 2015 21:15:43 +0000
+Subject: [PATCH 61/98] Don't fail DNSSEC when a signed CNAME dangles into an
+ unsigned zone.
+
+---
+ src/dnssec.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index ad0d6f072ba2..db5c768bd751 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -2032,7 +2032,8 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
+ /* NXDOMAIN or NODATA reply, prove that (name, class1, type1) can't exist */
+ /* First marshall the NSEC records, if we've not done it previously */
+ if (!nsec_type && !(nsec_type = find_nsec_records(header, plen, &nsecs, &nsec_count, qclass)))
+- return STAT_BOGUS; /* No NSECs */
++ return STAT_NO_SIG; /* No NSECs, this is probably a dangling CNAME pointing into
++ an unsigned zone. Return STAT_NO_SIG to cause this to be proved. */
+
+ /* Get name of missing answer */
+ if (!extract_name(header, plen, &qname, name, 1, 0))
+--
+2.1.0
+
--- /dev/null
+From 150162bc37170a6edae9d488435e836b1e4e3a4e Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 27 Mar 2015 09:58:26 +0000
+Subject: [PATCH 62/98] Return SERVFAIL when validation abandoned.
+
+---
+ src/forward.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/src/forward.c b/src/forward.c
+index 7c0fa8da3fdf..985814c3aec5 100644
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -663,6 +663,7 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
+ header->ancount = htons(0);
+ header->nscount = htons(0);
+ header->arcount = htons(0);
++ header->hb3 &= ~HB3_TC;
+ }
+
+ /* the bogus-nxdomain stuff, doctor and NXDOMAIN->NODATA munging can all elide
+@@ -991,7 +992,10 @@ void reply_query(int fd, int family, time_t now)
+ char *result;
+
+ if (forward->work_counter == 0)
+- result = "ABANDONED";
++ {
++ result = "ABANDONED";
++ status = STAT_BOGUS;
++ }
+ else
+ result = (status == STAT_SECURE ? "SECURE" : (status == STAT_INSECURE ? "INSECURE" : "BOGUS"));
+
+@@ -1938,7 +1942,10 @@ unsigned char *tcp_request(int confd, time_t now,
+ char *result;
+
+ if (keycount == 0)
+- result = "ABANDONED";
++ {
++ result = "ABANDONED";
++ status = STAT_BOGUS;
++ }
+ else
+ result = (status == STAT_SECURE ? "SECURE" : (status == STAT_INSECURE ? "INSECURE" : "BOGUS"));
+
+--
+2.1.0
+
--- /dev/null
+From 0b8a5a30a77331974ba24a04e43e720585dfbc61 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 27 Mar 2015 11:44:55 +0000
+Subject: [PATCH 63/98] Protect against broken DNSSEC upstreams.
+
+---
+ src/dnssec.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index db5c768bd751..14bae7e9bf75 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -1177,7 +1177,7 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch
+ STAT_NO_DS It's proved there's no DS here.
+ STAT_NO_NS It's proved there's no DS _or_ NS here.
+ STAT_BOGUS no DS in reply or not signed, fails validation, bad packet.
+- STAT_NEED_DNSKEY DNSKEY records to validate a DS not found, name in keyname
++ STAT_NEED_KEY DNSKEY records to validate a DS not found, name in keyname
+ */
+
+ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class)
+@@ -1208,7 +1208,10 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
+ if (!(p = skip_section(p, ntohs(header->ancount), header, plen)))
+ val = STAT_BOGUS;
+
+- if (val == STAT_BOGUS)
++ /* If the key needed to validate the DS is on the same domain as the DS, we'll
++ loop getting nowhere. Stop that now. This can happen of the DS answer comes
++ from the DS's zone, and not the parent zone. */
++ if (val == STAT_BOGUS || (val == STAT_NEED_KEY && hostname_isequal(name, keyname)))
+ {
+ log_query(F_NOEXTRA | F_UPSTREAM, name, NULL, "BOGUS DS");
+ return STAT_BOGUS;
+--
+2.1.0
+
--- /dev/null
+From 1e153945def3c50d1e59ceea6a768db0ac770f98 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sat, 28 Mar 2015 21:34:07 +0000
+Subject: [PATCH 64/98] DNSSEC fix for non-ascii characters in labels.
+
+---
+ src/dnssec.c | 34 +++++++++++++++++-----------------
+ src/rfc1035.c | 5 +++--
+ 2 files changed, 20 insertions(+), 19 deletions(-)
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index 14bae7e9bf75..8bd5294ce773 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -552,7 +552,7 @@ static int get_rdata(struct dns_header *header, size_t plen, unsigned char *end,
+
+ (*desc)++;
+
+- if (d == 0 && extract_name(header, plen, p, buff, 1, 0))
++ if (d == 0 && extract_name(header, plen, p, buff, 2, 0))
+ /* domain-name, canonicalise */
+ return to_wire(buff);
+ else
+@@ -811,7 +811,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
+ GETLONG(sig_inception, p);
+ GETSHORT(key_tag, p);
+
+- if (!extract_name(header, plen, &p, keyname, 1, 0))
++ if (!extract_name(header, plen, &p, keyname, 2, 0))
+ return STAT_BOGUS;
+
+ /* RFC 4035 5.3.1 says that the Signer's Name field MUST equal
+@@ -866,7 +866,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
+ u16 len, *dp;
+
+ p = rrset[i];
+- if (!extract_name(header, plen, &p, name, 1, 10))
++ if (!extract_name(header, plen, &p, name, 2, 10))
+ return STAT_BOGUS;
+
+ name_start = name;
+@@ -923,7 +923,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
+
+ /* namebuff used for workspace above, restore to leave unchanged on exit */
+ p = (unsigned char*)(rrset[0]);
+- extract_name(header, plen, &p, name, 1, 0);
++ extract_name(header, plen, &p, name, 2, 0);
+
+ if (key)
+ {
+@@ -963,7 +963,7 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch
+ struct all_addr a;
+
+ if (ntohs(header->qdcount) != 1 ||
+- !extract_name(header, plen, &p, name, 1, 4))
++ !extract_name(header, plen, &p, name, 2, 4))
+ return STAT_BOGUS;
+
+ GETSHORT(qtype, p);
+@@ -1202,7 +1202,7 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
+ val = STAT_BOGUS;
+
+ p = (unsigned char *)(header+1);
+- extract_name(header, plen, &p, name, 1, 4);
++ extract_name(header, plen, &p, name, 2, 4);
+ p += 4; /* qtype, qclass */
+
+ if (!(p = skip_section(p, ntohs(header->ancount), header, plen)))
+@@ -1419,12 +1419,12 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi
+ for (i = 0; i < nsec_count; i++)
+ {
+ p = nsecs[i];
+- if (!extract_name(header, plen, &p, workspace1, 1, 10))
++ if (!extract_name(header, plen, &p, workspace1, 2, 10))
+ return STAT_BOGUS;
+ p += 8; /* class, type, TTL */
+ GETSHORT(rdlen, p);
+ psave = p;
+- if (!extract_name(header, plen, &p, workspace2, 1, 10))
++ if (!extract_name(header, plen, &p, workspace2, 2, 10))
+ return STAT_BOGUS;
+
+ rc = hostname_cmp(workspace1, name);
+@@ -1553,7 +1553,7 @@ static int check_nsec3_coverage(struct dns_header *header, size_t plen, int dige
+ for (i = 0; i < nsec_count; i++)
+ if ((p = nsecs[i]))
+ {
+- if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
++ if (!extract_name(header, plen, &p, workspace1, 2, 0) ||
+ !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
+ return 0;
+
+@@ -1730,7 +1730,7 @@ static int prove_non_existence_nsec3(struct dns_header *header, size_t plen, uns
+ for (i = 0; i < nsec_count; i++)
+ if ((p = nsecs[i]))
+ {
+- if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
++ if (!extract_name(header, plen, &p, workspace1, 2, 0) ||
+ !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
+ return STAT_BOGUS;
+
+@@ -1796,7 +1796,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
+
+ qname = p1 = (unsigned char *)(header+1);
+
+- if (!extract_name(header, plen, &p1, name, 1, 4))
++ if (!extract_name(header, plen, &p1, name, 2, 4))
+ return STAT_BOGUS;
+
+ GETSHORT(qtype, p1);
+@@ -1836,7 +1836,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
+ qname = p1;
+
+ /* looped CNAMES */
+- if (!cname_count-- || !extract_name(header, plen, &p1, name, 1, 0))
++ if (!cname_count-- || !extract_name(header, plen, &p1, name, 2, 0))
+ return STAT_BOGUS;
+
+ p1 = ans_start;
+@@ -1857,7 +1857,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
+
+ for (p1 = ans_start, i = 0; i < ntohs(header->ancount) + ntohs(header->nscount); i++)
+ {
+- if (!extract_name(header, plen, &p1, name, 1, 10))
++ if (!extract_name(header, plen, &p1, name, 2, 10))
+ return STAT_BOGUS; /* bad packet */
+
+ GETSHORT(type1, p1);
+@@ -2039,7 +2039,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
+ an unsigned zone. Return STAT_NO_SIG to cause this to be proved. */
+
+ /* Get name of missing answer */
+- if (!extract_name(header, plen, &qname, name, 1, 0))
++ if (!extract_name(header, plen, &qname, name, 2, 0))
+ return STAT_BOGUS;
+
+ if (nsec_type == T_NSEC)
+@@ -2061,7 +2061,7 @@ int dnssec_chase_cname(time_t now, struct dns_header *header, size_t plen, char
+ int cname_count = CNAME_CHAIN;
+
+ /* Get question */
+- if (!extract_name(header, plen, &p, name, 1, 4))
++ if (!extract_name(header, plen, &p, name, 2, 4))
+ return STAT_BOGUS;
+
+ p +=2; /* type */
+@@ -2102,7 +2102,7 @@ int dnssec_chase_cname(time_t now, struct dns_header *header, size_t plen, char
+
+ /* Loop down CNAME chain/ */
+ if (!cname_count-- ||
+- !extract_name(header, plen, &p, name, 1, 0) ||
++ !extract_name(header, plen, &p, name, 2, 0) ||
+ !(p = skip_questions(header, plen)))
+ return STAT_BOGUS;
+
+@@ -2419,7 +2419,7 @@ unsigned char* hash_questions(struct dns_header *header, size_t plen, char *name
+
+ for (q = ntohs(header->qdcount); q != 0; q--)
+ {
+- if (!extract_name(header, plen, &p, name, 1, 4))
++ if (!extract_name(header, plen, &p, name, 2, 4))
+ break; /* bad packet */
+
+ len = to_wire(name);
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 5ef5ddb7485e..10832a3d5d2e 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -16,6 +16,7 @@
+
+ #include "dnsmasq.h"
+
++/* isExtract == 2 -> DNSSEC mode, no bitstrings, no ascii checks. */
+ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ char *name, int isExtract, int extrabytes)
+ {
+@@ -86,7 +87,7 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ if ((l & 0x3f) != 1)
+ return 0; /* we only understand bitstrings */
+
+- if (!isExtract)
++ if (isExtract != 1)
+ return 0; /* Cannot compare bitsrings */
+
+ count = *p++;
+@@ -128,7 +129,7 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ if (isExtract)
+ {
+ unsigned char c = *p;
+- if (isascii(c) && !iscntrl(c) && c != '.')
++ if ((isExtract == 2 || (isascii(c) && !iscntrl(c))) && c != '.')
+ *cp++ = *p;
+ else
+ return 0;
+--
+2.1.0
+
--- /dev/null
+From 394ff492da6af5da7e7d356be9586683bc5fc011 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sun, 29 Mar 2015 22:17:14 +0100
+Subject: [PATCH 65/98] Allow control characters in names in the cache, handle
+ when logging.
+
+---
+ src/cache.c | 19 +++++++++++++++++--
+ src/dnssec.c | 34 +++++++++++++++++-----------------
+ src/rfc1035.c | 7 +++----
+ 3 files changed, 37 insertions(+), 23 deletions(-)
+
+diff --git a/src/cache.c b/src/cache.c
+index c95624c42b1c..873c5779044c 100644
+--- a/src/cache.c
++++ b/src/cache.c
+@@ -1399,6 +1399,19 @@ int cache_make_stat(struct txt_record *t)
+ return 1;
+ }
+
++/* There can be names in the cache containing control chars, don't
++ mess up logging or open security holes. */
++static char *sanitise(char *name)
++{
++ unsigned char *r;
++ for (r = (unsigned char *)name; *r; r++)
++ if (!isprint((int)*r))
++ return "<name unprintable>";
++
++ return name;
++}
++
++
+ void dump_cache(time_t now)
+ {
+ struct server *serv, *serv1;
+@@ -1452,9 +1465,9 @@ void dump_cache(time_t now)
+ *a = 0;
+ if (strlen(n) == 0 && !(cache->flags & F_REVERSE))
+ n = "<Root>";
+- p += sprintf(p, "%-30.30s ", n);
++ p += sprintf(p, "%-30.30s ", sanitise(n));
+ if ((cache->flags & F_CNAME) && !is_outdated_cname_pointer(cache))
+- a = cache_get_cname_target(cache);
++ a = sanitise(cache_get_cname_target(cache));
+ #ifdef HAVE_DNSSEC
+ else if (cache->flags & F_DS)
+ {
+@@ -1587,6 +1600,8 @@ void log_query(unsigned int flags, char *name, struct all_addr *addr, char *arg)
+ if (!option_bool(OPT_LOG))
+ return;
+
++ name = sanitise(name);
++
+ if (addr)
+ {
+ if (flags & F_KEYTAG)
+diff --git a/src/dnssec.c b/src/dnssec.c
+index 8bd5294ce773..14bae7e9bf75 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -552,7 +552,7 @@ static int get_rdata(struct dns_header *header, size_t plen, unsigned char *end,
+
+ (*desc)++;
+
+- if (d == 0 && extract_name(header, plen, p, buff, 2, 0))
++ if (d == 0 && extract_name(header, plen, p, buff, 1, 0))
+ /* domain-name, canonicalise */
+ return to_wire(buff);
+ else
+@@ -811,7 +811,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
+ GETLONG(sig_inception, p);
+ GETSHORT(key_tag, p);
+
+- if (!extract_name(header, plen, &p, keyname, 2, 0))
++ if (!extract_name(header, plen, &p, keyname, 1, 0))
+ return STAT_BOGUS;
+
+ /* RFC 4035 5.3.1 says that the Signer's Name field MUST equal
+@@ -866,7 +866,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
+ u16 len, *dp;
+
+ p = rrset[i];
+- if (!extract_name(header, plen, &p, name, 2, 10))
++ if (!extract_name(header, plen, &p, name, 1, 10))
+ return STAT_BOGUS;
+
+ name_start = name;
+@@ -923,7 +923,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
+
+ /* namebuff used for workspace above, restore to leave unchanged on exit */
+ p = (unsigned char*)(rrset[0]);
+- extract_name(header, plen, &p, name, 2, 0);
++ extract_name(header, plen, &p, name, 1, 0);
+
+ if (key)
+ {
+@@ -963,7 +963,7 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch
+ struct all_addr a;
+
+ if (ntohs(header->qdcount) != 1 ||
+- !extract_name(header, plen, &p, name, 2, 4))
++ !extract_name(header, plen, &p, name, 1, 4))
+ return STAT_BOGUS;
+
+ GETSHORT(qtype, p);
+@@ -1202,7 +1202,7 @@ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char
+ val = STAT_BOGUS;
+
+ p = (unsigned char *)(header+1);
+- extract_name(header, plen, &p, name, 2, 4);
++ extract_name(header, plen, &p, name, 1, 4);
+ p += 4; /* qtype, qclass */
+
+ if (!(p = skip_section(p, ntohs(header->ancount), header, plen)))
+@@ -1419,12 +1419,12 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi
+ for (i = 0; i < nsec_count; i++)
+ {
+ p = nsecs[i];
+- if (!extract_name(header, plen, &p, workspace1, 2, 10))
++ if (!extract_name(header, plen, &p, workspace1, 1, 10))
+ return STAT_BOGUS;
+ p += 8; /* class, type, TTL */
+ GETSHORT(rdlen, p);
+ psave = p;
+- if (!extract_name(header, plen, &p, workspace2, 2, 10))
++ if (!extract_name(header, plen, &p, workspace2, 1, 10))
+ return STAT_BOGUS;
+
+ rc = hostname_cmp(workspace1, name);
+@@ -1553,7 +1553,7 @@ static int check_nsec3_coverage(struct dns_header *header, size_t plen, int dige
+ for (i = 0; i < nsec_count; i++)
+ if ((p = nsecs[i]))
+ {
+- if (!extract_name(header, plen, &p, workspace1, 2, 0) ||
++ if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
+ !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
+ return 0;
+
+@@ -1730,7 +1730,7 @@ static int prove_non_existence_nsec3(struct dns_header *header, size_t plen, uns
+ for (i = 0; i < nsec_count; i++)
+ if ((p = nsecs[i]))
+ {
+- if (!extract_name(header, plen, &p, workspace1, 2, 0) ||
++ if (!extract_name(header, plen, &p, workspace1, 1, 0) ||
+ !(base32_len = base32_decode(workspace1, (unsigned char *)workspace2)))
+ return STAT_BOGUS;
+
+@@ -1796,7 +1796,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
+
+ qname = p1 = (unsigned char *)(header+1);
+
+- if (!extract_name(header, plen, &p1, name, 2, 4))
++ if (!extract_name(header, plen, &p1, name, 1, 4))
+ return STAT_BOGUS;
+
+ GETSHORT(qtype, p1);
+@@ -1836,7 +1836,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
+ qname = p1;
+
+ /* looped CNAMES */
+- if (!cname_count-- || !extract_name(header, plen, &p1, name, 2, 0))
++ if (!cname_count-- || !extract_name(header, plen, &p1, name, 1, 0))
+ return STAT_BOGUS;
+
+ p1 = ans_start;
+@@ -1857,7 +1857,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
+
+ for (p1 = ans_start, i = 0; i < ntohs(header->ancount) + ntohs(header->nscount); i++)
+ {
+- if (!extract_name(header, plen, &p1, name, 2, 10))
++ if (!extract_name(header, plen, &p1, name, 1, 10))
+ return STAT_BOGUS; /* bad packet */
+
+ GETSHORT(type1, p1);
+@@ -2039,7 +2039,7 @@ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, ch
+ an unsigned zone. Return STAT_NO_SIG to cause this to be proved. */
+
+ /* Get name of missing answer */
+- if (!extract_name(header, plen, &qname, name, 2, 0))
++ if (!extract_name(header, plen, &qname, name, 1, 0))
+ return STAT_BOGUS;
+
+ if (nsec_type == T_NSEC)
+@@ -2061,7 +2061,7 @@ int dnssec_chase_cname(time_t now, struct dns_header *header, size_t plen, char
+ int cname_count = CNAME_CHAIN;
+
+ /* Get question */
+- if (!extract_name(header, plen, &p, name, 2, 4))
++ if (!extract_name(header, plen, &p, name, 1, 4))
+ return STAT_BOGUS;
+
+ p +=2; /* type */
+@@ -2102,7 +2102,7 @@ int dnssec_chase_cname(time_t now, struct dns_header *header, size_t plen, char
+
+ /* Loop down CNAME chain/ */
+ if (!cname_count-- ||
+- !extract_name(header, plen, &p, name, 2, 0) ||
++ !extract_name(header, plen, &p, name, 1, 0) ||
+ !(p = skip_questions(header, plen)))
+ return STAT_BOGUS;
+
+@@ -2419,7 +2419,7 @@ unsigned char* hash_questions(struct dns_header *header, size_t plen, char *name
+
+ for (q = ntohs(header->qdcount); q != 0; q--)
+ {
+- if (!extract_name(header, plen, &p, name, 2, 4))
++ if (!extract_name(header, plen, &p, name, 1, 4))
+ break; /* bad packet */
+
+ len = to_wire(name);
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 10832a3d5d2e..7a07b0cee906 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -16,7 +16,6 @@
+
+ #include "dnsmasq.h"
+
+-/* isExtract == 2 -> DNSSEC mode, no bitstrings, no ascii checks. */
+ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ char *name, int isExtract, int extrabytes)
+ {
+@@ -87,7 +86,7 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ if ((l & 0x3f) != 1)
+ return 0; /* we only understand bitstrings */
+
+- if (isExtract != 1)
++ if (!isExtract)
+ return 0; /* Cannot compare bitsrings */
+
+ count = *p++;
+@@ -129,8 +128,8 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ if (isExtract)
+ {
+ unsigned char c = *p;
+- if ((isExtract == 2 || (isascii(c) && !iscntrl(c))) && c != '.')
+- *cp++ = *p;
++ if (c != 0 && c != '.')
++ *cp++ = c;
+ else
+ return 0;
+ }
+--
+2.1.0
+
--- /dev/null
+From 794fccca7ffebfba4468bfffc6276b68bbf6afd9 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sun, 29 Mar 2015 22:35:44 +0100
+Subject: [PATCH 66/98] Fix crash in last commit.
+
+---
+ src/cache.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/cache.c b/src/cache.c
+index 873c5779044c..d7bea574c0d8 100644
+--- a/src/cache.c
++++ b/src/cache.c
+@@ -1404,9 +1404,10 @@ int cache_make_stat(struct txt_record *t)
+ static char *sanitise(char *name)
+ {
+ unsigned char *r;
+- for (r = (unsigned char *)name; *r; r++)
+- if (!isprint((int)*r))
+- return "<name unprintable>";
++ if (name)
++ for (r = (unsigned char *)name; *r; r++)
++ if (!isprint((int)*r))
++ return "<name unprintable>";
+
+ return name;
+ }
+--
+2.1.0
+
--- /dev/null
+From fd6ad9e481ab7c812a6b1515244908818cbb0442 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Mon, 30 Mar 2015 07:52:21 +0100
+Subject: [PATCH 67/98] Merge message translations.
+
+---
+ po/de.po | 803 +++++++++++++++++++++++++++++++++--------------------------
+ po/es.po | 798 ++++++++++++++++++++++++++++++++--------------------------
+ po/fi.po | 786 +++++++++++++++++++++++++++++++--------------------------
+ po/fr.po | 799 ++++++++++++++++++++++++++++++++--------------------------
+ po/id.po | 814 +++++++++++++++++++++++++++++++++---------------------------
+ po/it.po | 786 +++++++++++++++++++++++++++++++--------------------------
+ po/no.po | 797 ++++++++++++++++++++++++++++++++--------------------------
+ po/pl.po | 803 +++++++++++++++++++++++++++++++++--------------------------
+ po/pt_BR.po | 786 +++++++++++++++++++++++++++++++--------------------------
+ po/ro.po | 797 ++++++++++++++++++++++++++++++++--------------------------
+ 10 files changed, 4396 insertions(+), 3573 deletions(-)
+
+diff --git a/po/de.po b/po/de.po
+index 4c93c5b28ef2..a03173845b35 100644
+--- a/po/de.po
++++ b/po/de.po
+@@ -23,70 +23,70 @@ msgstr ""
+ "X-Generator: Poedit 1.7.3\n"
+ "X-Poedit-SourceCharset: UTF-8\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr "Interner Fehler im Cache."
+
+-#: cache.c:908
++#: cache.c:941
+ #, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr "Fehler beim Laden der Namen von %s: %s"
+
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, c-format
+ msgid "bad address at %s line %d"
+ msgstr "Fehlerhafte Adresse in %s Zeile %d"
+
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr "Fehlerhafter Name in %s Zeile %d"
+
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr "%s gelesen - %d Adressen"
+
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr "Cache geleert"
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr "Keine IPv4-Adresse für %s gefunden"
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr "%s ist ein CNAME, weise es der DHCP-Lease von %s nicht zu"
+
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr "Name %s wurde dem DHCP-Lease von %s nicht zugewiesen, da der Name in %s bereits mit Adresse %s existiert"
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr "Zeit %lu"
+
+-#: cache.c:1367
++#: cache.c:1422
+ #, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr "Cache Größe %d, %d/%d Cache-Einfügungen verwendeten nicht abgelaufene Cache-Einträge wieder."
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr "%u weitergeleitete Anfragen, %u lokal beantwortete Anfragen"
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr "Anfragen nach autoritativen Zonen %u"
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr "Server %s#%d: %u Anfragen gesendet, %u erneut versucht oder fehlgeschlagen"
+@@ -100,7 +100,7 @@ msgstr "Konnte den Zufallszahlengenerator nicht initialisieren: %s"
+ msgid "failed to allocate memory"
+ msgstr "Konnte Speicher nicht belegen"
+
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr "Speicher nicht verfügbar"
+
+@@ -115,593 +115,626 @@ msgid "failed to allocate %d bytes"
+ msgstr "Konnte %d Bytes nicht belegen"
+
+ # @Simon: not perfect but I cannot get nearer right now.
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr "unendlich"
+
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr "Lokale abzuhörende Adresse(n) angeben."
+
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr "IP-Adresse für alle Hosts in angegebenen Domänen festlegen."
+
+ # FIXME: the English test is not to the point. Just use a shortened description
+ # from the manpage instead. -- MA
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr "Für private Adressbereiche nach RFC1918 \"keine solche Domain\" liefern."
+
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr "Diese IP-Adresse als NXDOMAIN interpretieren (wehrt \"Suchhilfen\" ab)."
+
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr "Größe des Caches (Zahl der Einträge) festlegen (Voreinstellung: %s)."
+
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr "Konfigurationsdatei festlegen (Voreinstellung: %s)."
+
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr "NICHT in den Hintergrund gehen: Betrieb im Debug-Modus"
+
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr "Anfragen ohne Domänen-Teil NICHT weiterschicken."
+
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr "Für lokale Einträge MX-Einträge liefern, die auf sich selbst zeigen."
+
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr "Erweitere einfache Namen in /etc/hosts mit der Domänen-Endung."
+
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr "'unechte' DNS-Anfragen von Windows-Rechnern nicht weiterleiten"
+
+ # @Simon: I'm a bit unsure about "spurious"
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr "DHCP für angegebenen Bereich und Dauer einschalten"
+
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr "Nach dem Start in diese Benutzergruppe wechseln (Voreinstellung %s)."
+
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr "Adresse oder Hostnamen für einen angegebenen Computer setzen."
+
+-#: option.c:332
++#: option.c:344
+ msgid "Read DHCP host specs from file."
+ msgstr "DHCP-Host-Angaben aus Datei lesen."
+
+-#: option.c:333
++#: option.c:345
+ msgid "Read DHCP option specs from file."
+ msgstr "DHCP-Optionen aus Datei lesen."
+
+-#: option.c:334
++#: option.c:346
++#, fuzzy
++msgid "Read DHCP host specs from a directory."
++msgstr "DHCP-Host-Angaben aus Datei lesen."
++
++#: option.c:347
++#, fuzzy
++msgid "Read DHCP options from a directory."
++msgstr "DHCP-Optionen aus Datei lesen."
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr "Auswertung eines Ausdrucks bedingter Marken."
+
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr "%s-Datei NICHT laden."
+
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr "Hosts-Datei festlegen, die zusätzlich zu %s gelesen wird."
+
+-#: option.c:337
++#: option.c:351
++#, fuzzy
++msgid "Read hosts files from a directory."
++msgstr "DHCP-Host-Angaben aus Datei lesen."
++
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr "Schnittstelle(n) zum Empfang festlegen."
+
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr "Schnittstelle(n) festlegen, die NICHT empfangen sollen."
+
+-#: option.c:339
++#: option.c:354
+ msgid "Map DHCP user class to tag."
+ msgstr "DHCP-Benutzerklasse auf Marke abbilden."
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr "RFC3046 \"circuit-id\" auf Marke abbilden."
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr "RFC3046 \"remote-id\" auf Marke abbilden."
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr "RFC3993 \"subscriber-id\" auf Marke abbilden."
+
+-#: option.c:343
++#: option.c:358
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr "Kein DHCP für Hosts mit gesetzter Marke verwenden."
+
+-#: option.c:344
++#: option.c:359
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr "Rundsendung für Hosts mit gesetzter Marke erzwingen."
+
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr "NICHT in den Hintergrund wechseln, NICHT im Debug-Modus laufen."
+
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr "Voraussetzen, dass wir der einzige DHCP-Server im lokalen Netz sind."
+
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr "Festlegen, wo DHCP-Leases gespeichert werden (Voreinstellung %s)."
+
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr "MX-Einträge für lokale Hosts liefern."
+
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr "Einen MX-Eintrag festlegen."
+
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr "BOOTP-Optionen für DHCP-Server festlegen."
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr "%s-Datei NICHT abfragen, nur bei SIGHUP neu laden."
+
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr "Fehlerhafte Suchergebnisse NICHT zwischenspeichern."
+
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr "Namensserver streng in der in %s angegebenen Reihenfolge verwenden."
+
+-#: option.c:354
++#: option.c:369
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr "Optionen festlegen, die an DHCP-Klienten gesendet werden."
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr "DHCP-Option, die selbst ohne Klientenanfrage gesendet wird."
+
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr "Port zum Abhören der DNS-Anfragen festlegen (53 voreingestellt)."
+
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr "Maximale unterstützte UDP-Paketgröße für EDNS.0 (Voreinstellung %s)."
+
+-#: option.c:358
++#: option.c:373
+ msgid "Log DNS queries."
+ msgstr "DNS-Anfragen protokollieren."
+
+-#: option.c:359
++#: option.c:374
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr "Ausgehenden Port erzwingen für DNS-Anfragen an vorgelagerte Server."
+
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr "resolv.conf NICHT lesen."
+
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr "Pfad zu resolv.conf festlegen (%s voreingestellt)."
+
+-#: option.c:362
++#: option.c:377
+ msgid "Specify path to file with server= options"
+ msgstr " Dateipfad mit der Option server= angeben"
+
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr "Adresse(n) vorgelagerter Server festlegen, optional mit Domänen."
+
+-#: option.c:364
++#: option.c:379
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr "Adresse(n) vorgelagerter Server festlegen, für reverse Adressanfragen"
+
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr "Anfragen für angegebene Domänen niemals weiterleiten."
+
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr "Domäne festlegen, die für DHCP-Leases zugewiesen wird."
+
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr "Voreingestelltes Ziel für MX-Einträge festlegen."
+
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr "Gültigkeitsdauer für Antworten aus /etc/hosts festlegen."
+
+-#: option.c:369
++#: option.c:384
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr "Gültigkeitsdauer in Sekunden für Caching negativer Ergebnisse festlegen."
+
+-#: option.c:370
++#: option.c:385
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr "Gültigkeitsdauer in Sekunden für Caching negativer Ergebnisse festlegen."
+
+-#: option.c:371
++#: option.c:386
++#, fuzzy
++msgid "Specify time-to-live ceiling for cache."
++msgstr "Gültigkeitsdauer in Sekunden für Caching negativer Ergebnisse festlegen."
++
++#: option.c:387
++#, fuzzy
++msgid "Specify time-to-live floor for cache."
++msgstr "Gültigkeitsdauer in Sekunden für Caching negativer Ergebnisse festlegen."
++
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr "Nach dem Start diese Benutzerrechte annehmen (%s voreingestellt)."
+
+-#: option.c:372
++#: option.c:389
+ msgid "Map DHCP vendor class to tag."
+ msgstr "DHCP-\"vendor class\" auf Marke abbilden."
+
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr "dnsmasq-Version und Urheberrecht anzeigen."
+
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr "IPv4-Adressen von vorgelagerten Servern übersetzen."
+
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr "SRV-Eintrag festlegen."
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr "Diese Hilfe anzeigen. Benutzen Sie --help dhcp für bekannte DHCP-Optionen."
+
+-#: option.c:377
++#: option.c:394
+ #, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr "Dateipfad für Prozesskennung (PID) festlegen (Voreinstellung: %s)."
+
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr "Höchstzahl der DHCP-Leases festlegen (%s voreingestellt)."
+
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr "DNS-Anfragen abhängig der Emfpangsschnittstelle beantworten."
+
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr "DNS-TXT-Eintrag festlegen."
+
+-#: option.c:381
++#: option.c:398
+ msgid "Specify PTR DNS record."
+ msgstr "DNS-PTR-Eintrag festlegen."
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr "Schnittstellennamen zur IPv4-Adresse des Interfaces auflösen."
+
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr "Nur an verwendete Schnittstellen binden."
+
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr "Statische DHCP-Host-Information aus %s lesen."
+
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr "DBus-Schnittstelle zum Festlegen vorgelagerter Server usw. festlegen."
+
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr "Auf dieser Schnittstelle kein DHCP anbieten, sondern nur DNS."
+
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr "Dynamische Adressbelegung für bootp einschalten."
+
+-#: option.c:388
++#: option.c:405
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr "MAC-Adresse (mit Jokerzeichen) auf Netzmarke abbilden."
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr "DHCP-Anfragen von Alias-Schnittstellen für die Hauptschnittstelle beantworten."
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr "ICMP-Echo-Adressprüfung im DHCP-Server abschalten."
+
+-#: option.c:391
++#: option.c:408
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr "Skript, das bei Erzeugung/Löschung einer DHCP-Lease laufen soll."
+
+-#: option.c:392
++#: option.c:409
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr "Lua-Skript, welches bei Erzeugung/Löschung eines DHCP-Leases laufen soll."
+
+-#: option.c:393
++#: option.c:410
+ msgid "Run lease-change scripts as this user."
+ msgstr "Lease-Änderungs-Skript mit den Rechten dieses Nutzers ausführen."
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr "Konfiguration aus allen Dateien in diesem Verzeichnis lesen."
+
+-#: option.c:395
++#: option.c:412
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr "Für diese Syslog-Anlage oder in Datei loggen (Voreinstellung DAEMON)."
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr "Keine Lease-Datei benützen."
+
+-#: option.c:397
++#: option.c:414
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr "Höchstzahl nebenläufiger DNS-Anfragen (%s voreingestellt)."
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr "DNS-Cache beim Neuladen von %s löschen."
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr "Von DHCP-Clients gelieferte Hostnamen ignorieren."
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr "Dateinamen und Server-Datenfehler für zusätzliche DHCP-Optionen NICHT wiederverwenden."
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr "Eingebauten Nur-Lese-TFTP-Server einschalten."
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr "Nur vom festgelegten Unterbaum Dateien per TFTP exportieren."
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr "IP-Adresse des Klienten an tftp-root anhängen."
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr "Zugriff nur auf Dateien gestatten, die dem dnsmasq aufrufenden Benutzer gehören."
+
+-#: option.c:405
++#: option.c:422
+ #, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr "Höchstzahl nebenläufiger TFTP-Übertragungen (%s voreingestellt)."
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr "TFTP-Blockgrößen-Erweiterung abschalten."
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr "Konvertiere TFTP Dateinamen in Kleinschreibung"
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr "Bereich für vorübergehende Ports für TFTP-Übertragungen."
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr "Erweiterte DHCP-Protokollierung."
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr "Asynchrone Protokollierung einschalten, opt. Warteschlangenlänge festlegen."
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr "DNS-Rebinding unterbinden, private IP-Bereiche bei der Auflösung ausfiltern."
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr "Auflösung zu 127.0.0.0/8 erlauben, für RBL-Server."
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr "DNS-Rebind-Schutz für diese Domäne sperren."
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr "DNS-Anfragen immer an alle Server weiterleiten."
+
+-#: option.c:415
++#: option.c:432
+ msgid "Set tag if client includes matching option in request."
+ msgstr "Marke setzen, wenn Klient eine entsprechende Option anfragt."
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr "Alternative Ports für DHCP verwenden."
+
+-#: option.c:417
++#: option.c:434
+ msgid "Specify NAPTR DNS record."
+ msgstr "DNS-NAPTR-Eintrag festlegen."
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr "Niedrigsten verfügbaren Port für Übertragung von DNS-Anfragen festlegen."
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr "Für DHCP-Klienten nur vollständig bestimmte Domänennamen benutzen."
+
+ # FIXME: probably typo in original message. -- MA
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr "Generiere Hostnamen auf Basis der MAC-Adresse für namenlose Klienten."
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr "Diese DHCP-Relais als vollwertige Proxies verwenden."
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr "Leute DHCP Anfragen an entfernten Server weiter"
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr "Alias für LOKALEN DNS-Namen festlegen."
+
+-#: option.c:424
++#: option.c:441
+ msgid "Prompt to send to PXE clients."
+ msgstr "Aufforderung, die an PXE-Klienten geschickt wird."
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr "Boot-Dienst für PXE-Menü."
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr "Konfigurationssyntax prüfen."
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr "Anfragende MAC-Adresse in die weiterleitende DNS-Anfrage einfügen"
+
+-#: option.c:428
++#: option.c:445
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr "Füge das IP-Subnetz des Anfragenden in die weitergeleiteten DNS-Anfragen hinzu."
+
+-#: option.c:429
++#: option.c:446
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr "Proxy-DNSSEC-Validierung-Ergebnisse von Upstream-Namensservern."
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr "Versuche sequenzielle IP-Adressen an DHCP-Klienten zu vergeben."
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr "Kopiere \"connection-track mark\" von Anfragen nach Upstream-Verbindungen."
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr "Erlaube DHCP-Klienten ihre eigenen DDNS-Updates durchzuführen."
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr "Sende \"Router-Advertisments\" für Netzwerkschnittstellen, welche DHCPv6 nutzen"
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr "Spezifiziere DUID_EN-type DHCPv6 Server DUID"
+
+-#: option.c:435
++#: option.c:452
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr "Spezifiziere Host (A/AAAA und PTR) Einträge"
+
+-#: option.c:436
++#: option.c:453
+ msgid "Specify arbitrary DNS resource record"
+ msgstr "Spezifiziere einen beliebiegen DNS Eintrag"
+
+-#: option.c:437
++#: option.c:454
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr "Bindung zu Schnittstellen in Benutzung - prüfe auf neue Schnittstellen"
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr "Exportiere lokale Namen in das globale DNS"
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr "Domain für das Exportieren des globalen DNS"
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr "Setzte TTL für autoritative Antworten"
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr "Setze autoritative Zoneninformationen"
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr "Sekundärer autoritativer Nameserver für weitergeleitete Domains"
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr "Peers welche einen Zonentransfer durchführen dürfen"
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr "Spezifiziere IPSets zu welcher passende Domains hinzugefügt werden sollen"
+
+-#: option.c:445
++#: option.c:462
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr "Spezifiziere eine Domain und Adressbereich für synthetisierte Namen"
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr "Aktiviere DNSSEC-Validierung"
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr "Spezifiziere Vertrauensursprung (Trust Anchor) der Schlüssel-Prüfdaten (Key Digest)."
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr "Deaktiviere die Überprüfung vorgelagerter Server für DNSSEC-Debugging"
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr "Stellt sicher, dass Antworten ohne DNSSEC sich in einer unsignierten Zone befinden."
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr "DNSSEC Signatur-Zeitstempel nicht prüfen, bis erstmalig der Cache neugeladen wird"
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr "Spezifiziere DHCPv6 Prefix Klasse"
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr "Setze Priorität, Intervall des erneuten Sendens und Router Lebenszeit"
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr "Protokolliere kein DHCP."
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr "Protokolliere kein DHCPv6."
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr "RA nicht protokollieren."
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr "Akzeptiere nur Anfragen von direkt verbundenen Netzwerken"
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr "Erkennen und Entfernen von DNS-Weiterleitungsschleifen"
+
+-#: option.c:661
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+@@ -710,312 +743,312 @@ msgstr ""
+ "Verwendung: dnsmasq [Optionen]\n"
+ "\n"
+
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr "Auf der Befehlszeile nur kurze Optionen verwenden!\n"
+
+-#: option.c:665
++#: option.c:684
+ #, c-format
+ msgid "Valid options are:\n"
+ msgstr "Gültige Optionen sind:\n"
+
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr "unzulässiger Port"
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr "Schnittstellenbindung nicht unterstützt"
+
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ msgid "bad interface name"
+ msgstr "unzulässiger Schnittestellenname"
+
+-#: option.c:792
++#: option.c:811
+ msgid "bad address"
+ msgstr "Fehlerhafte Adresse"
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr "Nicht unterstützte Verkapselung für eine IPv6-Option"
+
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr "Fehlerhafte DHCP-Option"
+
+-#: option.c:1056
++#: option.c:1075
+ msgid "bad IP address"
+ msgstr "Fehlerhafte IP-Adresse"
+
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ msgid "bad IPv6 address"
+ msgstr "Fehlerhafte IPv6-Adresse"
+
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr "Fehlerhafte Domäne in DHCP-Option"
+
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr "DHCP-Option zu lang"
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr "Unzulässige dhcp-match-Option"
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr "unzulässig wiederholte Markierung"
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr "unzulässig wiederholtes Schlüsselwort"
+
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr "Kann auf Verzeichnis %s nicht zugreifen: %s"
+
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, c-format
+ msgid "cannot access %s: %s"
+ msgstr "Kann auf %s nicht zugreifen: %s"
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr "Die Einstellung Protokolliereinrichtung kann unter Android nicht gesetzt werden"
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr "Falsche Protokolliereinrichtung"
+
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr "unzulässige MX-Präferenz-Angabe"
+
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr "unzulässiger MX-Name"
+
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr "unzulässiges MX-Ziel"
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr "unter uClinux ist die Skriptausführung nicht möglich"
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr "Neuübersetzung mit HAVE_SCRIPT nötig, um Lease-Änderungs-Skripte auszuführen"
+
+-#: option.c:1687
++#: option.c:1714
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr "Um Benutzerdefinierte Lua-Scripte zu ermöglichen, muss mit HAVE_LUASCRIPT neu kompiliert werden"
+
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ msgid "bad prefix"
+ msgstr "unzulässiger Präfix"
+
+-#: option.c:2289
++#: option.c:2352
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr "Um IPSet-Direktiven zu aktivieren, muss mit HAVE_IPSET neu übersetzt werden"
+
+-#: option.c:2469
++#: option.c:2545
+ msgid "bad port range"
+ msgstr "unzulässiger Portbereich"
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr "unzulässige Brücken-Schnittstelle"
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr "nur eine Marke zulässig"
+
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr "unzulässiger DHCP-Bereich"
+
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr "inkonsistenter DHCP-Bereich"
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr "Die Präfixlenge muss genau 64 für RA Subnetze sein"
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr "Die Präfixlenge muss genau 64 für Subnet Konstruktoren sein"
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr "Die Präfixlänge muss mindestens 64 sein"
+
+-#: option.c:2660
++#: option.c:2736
+ msgid "inconsistent DHCPv6 range"
+ msgstr "Inkonsistenter DHCPv6-Bereich"
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr "Prefix muss mit dem \"constructor:\" Argument Null sein"
+
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ msgid "bad hex constant"
+ msgstr "Falscher Hexwert"
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr "Kann die Tags in --dhcp-host nicht abgleichen"
+
+-#: option.c:2852
++#: option.c:2928
+ #, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr "doppelte dhcp-host IP-Adresse %s"
+
+-#: option.c:2910
++#: option.c:2986
+ msgid "bad DHCP host name"
+ msgstr "unzulässiger DHCP-Hostname"
+
+-#: option.c:2992
++#: option.c:3068
+ msgid "bad tag-if"
+ msgstr "unzulässige bedingte Marke (tag-if)"
+
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr "unzulässige Portnummer"
+
+-#: option.c:3378
++#: option.c:3454
+ msgid "bad dhcp-proxy address"
+ msgstr "Fehlerhafte DHCP-Proxy-Adresse"
+
+-#: option.c:3404
++#: option.c:3480
+ msgid "Bad dhcp-relay"
+ msgstr "unzulässiger dhcp-relay"
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr "unzulässige RA-Parameter"
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr "unzulässige DUID"
+
+-#: option.c:3481
++#: option.c:3557
+ msgid "invalid alias range"
+ msgstr "unzulässiger Alias-Bereich"
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr "unzulässiger CNAME"
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr "doppelter CNAME"
+
+-#: option.c:3560
++#: option.c:3636
+ msgid "bad PTR record"
+ msgstr "unzulässiger PTR-Eintrag"
+
+-#: option.c:3591
++#: option.c:3667
+ msgid "bad NAPTR record"
+ msgstr "unzulässiger NAPTR-Eintrag"
+
+-#: option.c:3625
++#: option.c:3701
+ msgid "bad RR record"
+ msgstr "unzulässiger RR-Eintrag"
+
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr "unzulässiger TXT-Eintrag"
+
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr "unzulässiger SRV-Eintrag"
+
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr "unzulässiges SRV-Ziel"
+
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr "unzulässige Priorität"
+
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr "unzulässige Wichtung"
+
+-#: option.c:3748
++#: option.c:3824
+ msgid "Bad host-record"
+ msgstr "unzulässiger host-record"
+
+-#: option.c:3765
++#: option.c:3841
+ msgid "Bad name in host-record"
+ msgstr "Unzulässiger Name in host-record"
+
+-#: option.c:3826
++#: option.c:3906
+ msgid "bad trust anchor"
+ msgstr "unzulässiger Vertrauensursprung (Trust Anchor)"
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr "unzulässiger Hexwert in Vertrauensursprung (Trust Anchor)"
+
+-#: option.c:3850
++#: option.c:3930
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr "Nicht unterstützte Option (prüfen Sie, ob DNSMasq mit DHCP/TFTP/DNSSEC/DBus-Unterstützung übersetzt wurde)"
+
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr "fehlende \\\""
+
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr "unzulässige Option"
+
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr "überschüssiger Parameter"
+
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr "fehler Parameter"
+
+-#: option.c:3972
++#: option.c:4052
+ msgid "illegal option"
+ msgstr "unzulässige Option"
+
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr "Fehler"
+
+-#: option.c:3981
++#: option.c:4061
+ #, c-format
+ msgid " at line %d of %s"
+ msgstr " in Zeile %d von %s"
+
+-#: option.c:4045 option.c:4168 tftp.c:667
+-#, c-format
+-msgid "cannot read %s: %s"
+-msgstr "kann %s nicht lesen: %s"
+-
+-#: option.c:4229 option.c:4265
++#: option.c:4076 option.c:4323 option.c:4359
+ #, c-format
+ msgid "read %s"
+ msgstr "%s gelesen"
+
+-#: option.c:4331
++#: option.c:4139 option.c:4262 tftp.c:667
++#, c-format
++msgid "cannot read %s: %s"
++msgstr "kann %s nicht lesen: %s"
++
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr "Mist in der Kommandozeile gefunden"
+
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr "Dnsmasq Version %s %s\n"
+
+-#: option.c:4367
++#: option.c:4461
+ #, c-format
+ msgid ""
+ "Compile time options: %s\n"
+@@ -1024,90 +1057,90 @@ msgstr ""
+ "Kompilierungs-Optionen %s\n"
+ "\n"
+
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr "Für diese Software wird ABSOLUT KEINE GARANTIE gewährt.\n"
+
+ # FIXME: this must be one long string! -- MA
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr "Dnsmasq ist freie Software, und du bist willkommen es weiter zu verteilen\n"
+
+-#: option.c:4370
++#: option.c:4464
+ #, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr "unter den Bedingungen der GNU General Public Lizenz, Version 2 oder 3.\n"
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr "versuchen Sie --help"
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr "versuchen Sie -w"
+
+-#: option.c:4385
++#: option.c:4479
+ #, c-format
+ msgid "bad command line options: %s"
+ msgstr "unzulässige Optionen auf der Befehlszeile: %s"
+
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr "kann Hostnamen nicht ermitteln: %s"
+
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr "mit -n/--no-poll ist nur eine resolv.conf-Datei zulässig."
+
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr "Um die Domäne zu lesen, muss genau eine resolv.conf-Datei verwendet werden."
+
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, c-format
+ msgid "failed to read %s: %s"
+ msgstr "konnte %s nicht lesen: %s"
+
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr "keine \"search\"-Anweisung in %s gefunden"
+
+-#: option.c:4513
++#: option.c:4614
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr "Es muss eine standard Domain gesetzt sein, wenn --dhcp-fqdn gesetzt ist"
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr "Syntaxprüfung OK"
+
+-#: forward.c:114
++#: forward.c:111
+ #, c-format
+ msgid "failed to send packet: %s"
+ msgstr "Fehlgeschlagen, folgendes Paket zu senden: %s"
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr "Verwerfe DNS Antwort: Subnetoption stimmt nicht überrein"
+
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr "Namensserver %s hat eine rekursive Anfrage verweigert"
+
+-#: forward.c:629
++#: forward.c:627
+ #, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr "möglichen DNS-Rebind-Angriff entdeckt: %s"
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr "Ignoriere Anfragen vom nicht lokalen Netzwerk"
+
+-#: forward.c:2101
++#: forward.c:2178
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr "Maximale Anzahl an nebenläufiger DNS-Anfragen erreicht (Max: %d)"
+@@ -1198,265 +1231,284 @@ msgstr "Benutze Namensserver %s#%d(via %s)"
+ msgid "using nameserver %s#%d"
+ msgstr "Benutze Namensserver %s#%d"
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
++msgstr ""
++
++#: dnsmasq.c:156
++#, fuzzy
++msgid "no trust anchors provided for DNSSEC"
+ msgstr "Keine Vertrauensursprünge (Trust Anchor) für DNSSEC verfügbar"
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:159
++#, fuzzy
++msgid "cannot reduce cache size from default when DNSSEC enabled"
+ msgstr "Kann die Standard Cachegröße nicht verkleinern, wenn DNSSEC aktiviert ist"
+
+-#: dnsmasq.c:159
++#: dnsmasq.c:161
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr "DNSSEC nicht verfügbar: setzen Sie HAVE_DNSSEC in src/config.h"
+
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr "TFTP-Server nicht verfügbar, setzen Sie HAVE_TFTP in src/config.h"
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++#, fuzzy
++msgid "cannot use --conntrack AND --query-port"
+ msgstr "Kann nicht --conntrack UND --query-port einsetzen"
+
+-#: dnsmasq.c:173
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++#: dnsmasq.c:175
++#, fuzzy
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr "Conntrack-Unterstützung nicht verfügbar: setze HAVE_CONNTRACK in src/config.h"
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ msgid "asychronous logging is not available under Solaris"
+ msgstr "asynchrone Protokollierung unter Solaris nicht verfügbar"
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ msgid "asychronous logging is not available under Android"
+ msgstr "Asynchrone Protokollierung unter Android nicht verfügbar"
+
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr "Authoritatives DNS nicht verfügbar: Es muss HAVE_AUTH in src/config.h gesetzt sein"
+
+-#: dnsmasq.c:193
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++#: dnsmasq.c:195
++#, fuzzy
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr "Loop-Erkennung nicht verfügbar, setzen Sie HAVE_LOOP in src/config.h"
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr "Zonen Seriennummer muss mit --auth-soa konfiguriert werden"
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr "dhcp-range Konstruktor ist auf dieser Plattform nicht verfübar"
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr "Kann nicht --bind-interfaces und --bind-dynamic setzen"
+
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr "konnte Schnitstellenliste nicht beziehen: %s"
+
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr "unbekannte Schnittstelle %s"
+
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr "DBus-Fehler: %s"
+
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr "DBus nicht verfügbar: setzen Sie HAVE_DBUS in src/config.h"
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr "Unbekannter Benutzer oder Gruppe: %s"
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr "kann nicht ins Wurzelverzeichnis des Dateisystems wechseln: %s"
+
+ # FIXME: this and the next would need commas after the version
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr "gestartet, Version %s, DNS abgeschaltet"
+
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr "gestartet, Version %s, Cachegröße %d"
+
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr "Gestartet, Version %s Cache deaktiviert"
+
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr "Übersetzungsoptionen: %s"
+
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr "DBus-Unterstützung eingeschaltet: mit Systembus verbunden"
+
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr "DBus-Unterstützung eingeschaltet: warte auf Systembus-Verbindung"
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr "DNS-Dienst auf lokale Subnetze eingeschränkt"
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr "DNSSEC-Validierung aktiviert"
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr "DNSSEC Signatur-Zeitstempel werden erst ab dem ersten Neuladen des Caches überprüft"
+
+-#: dnsmasq.c:684
++#: dnsmasq.c:708
++#, fuzzy
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr "DNSSEC Signatur-Zeitstempel werden erst ab dem ersten Neuladen des Caches überprüft"
++
++#: dnsmasq.c:713
+ #, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr "Warnung: konnte den Besitzer von %s nicht ändern: %s"
+
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr "Aktiviere --bind-interfaces wegen Einschränkungen des Betriebssystems"
+
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr "Warnung: Schnittstelle %s existiert derzeit nicht"
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr "Warnung: Ignoriere \"resolv-file\", weil \"no-resolv\" aktiv ist"
+
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ msgid "warning: no upstream servers configured"
+ msgstr "Warnung: keine vorgelagerten (Upstream) Server konfiguriert"
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr "asynchrone Protokollierung eingeschaltet, Warteschlange fasst %d Nachrichten"
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr "IPv6-Router-Advertisement aktiviert"
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr "DHCP, Sockets exklusiv an das Interface %s gebunden"
+
+ # FIXME: this and the next few must be full strings to be translatable - do not assemble in code"
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr "Wurzel ist "
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "enabled"
+ msgstr "Aktiviert"
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr "sicherer Modus"
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr "Begrenze gleichzeitige TFTP-Übertragungen auf maximal %d"
+
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr "Mit System-DBus verbunden"
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr "kann nicht in den Hintergrund abspalten: %s"
+
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, c-format
+ msgid "failed to create helper: %s"
+ msgstr "kann Helfer nicht erzeugen: %s"
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr "kann \"capabilities\" nicht setzen: %s"
+
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr "Kann nicht Benutzerrechte %s annehmen: %s"
+
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr "Kann nicht Gruppenrechte %s annehmen: %s"
+
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr "kann die Prozessidentifikations-(PID)-Datei %s nicht öffnen: %s"
+
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, c-format
+ msgid "cannot open log %s: %s"
+ msgstr "Kann Logdatei %s nicht öffnen: %s"
+
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr "Konnte Lua-Script nicht laden: %s"
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr "Das TFTP-Verzeichnis %s ist nicht zugreifbar: %s"
+
+-#: dnsmasq.c:1151
++#: dnsmasq.c:1183
++#, fuzzy, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr "kann Lease-Datei %s nicht öffnen: %s"
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr "Prüfe jetzt DNSSEC Signatur-Zeitstempel"
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, c-format
+ msgid "script process killed by signal %d"
+ msgstr "Scriptprozess durch Signal %d getötet"
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, c-format
+ msgid "script process exited with status %d"
+ msgstr "Scriptprozess hat sich mit Status %d beendet"
+
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, c-format
+ msgid "failed to execute %s: %s"
+ msgstr "konnte %s nicht ausführen: %s"
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr "beende nach Empfang von SIGTERM"
+
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, c-format
+ msgid "failed to access %s: %s"
+ msgstr "konnte auf %s nicht zugreifen: %s"
+
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr "lese %s"
+
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr "keine Server in %s gefunden, werde es später neu versuchen"
+@@ -1496,27 +1548,27 @@ msgstr "unbekannte Schnittstelle %s in bridge-interface"
+ msgid "DHCP packet received on %s which has no address"
+ msgstr "DHCP-Paket ohne Adresse an Schnittstelle %s empfangen"
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr "APR-Cache Injektion fehlgeschlagen: %s"
+
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr "DHCP-Bereich %s - %s passt nicht zur Netzmaske %s"
+
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, c-format
+ msgid "bad line at %s line %d"
+ msgstr "ungültige Zeile %2$d in Datei %1$s"
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr "ignoriere %s Zeile %d, doppelter Name oder doppelte IP-Adresse"
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr "DHCP Weiterleitung %s -> %s"
+@@ -1591,12 +1643,12 @@ msgstr "%u Benutzerklasse: %s"
+ msgid "disabled"
+ msgstr "deaktiviert"
+
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr "ignoriert"
+
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr "Adresse in Nutzung"
+
+@@ -1616,7 +1668,7 @@ msgstr "Keine Adresse konfiguriert"
+ msgid "no leases left"
+ msgstr "Keine Leases übrig"
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, c-format
+ msgid "%u client provides name: %s"
+ msgstr "%u Klient stellt Name bereit: %s"
+@@ -1625,7 +1677,7 @@ msgstr "%u Klient stellt Name bereit: %s"
+ msgid "PXE BIS not supported"
+ msgstr "PXE BIS nicht unterstützt"
+
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr "schalte statische DHCP-Adresse %s für %s ab"
+@@ -1663,7 +1715,7 @@ msgstr "Falsche Server-ID"
+ msgid "wrong address"
+ msgstr "Falsche Adresse"
+
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr "Lease nicht gefunden"
+
+@@ -1713,7 +1765,7 @@ msgstr "kann DHCP/BOOTP-Opition %d nicht setzen: kein Platz mehr im Paket"
+ msgid "PXE menu too large"
+ msgstr "PXE-Menüeintrag zu groß"
+
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, c-format
+ msgid "%u requested options: %s"
+ msgstr "%u angeforderte Optionen: %s"
+@@ -1728,7 +1780,7 @@ msgstr "Kann RFC3925-Option nicht senden: zu viele Optionen für Unternehmen Nr.
+ msgid "cannot create netlink socket: %s"
+ msgstr "kann Netlink-Socket nicht erzeugen: %s"
+
+-#: netlink.c:347
++#: netlink.c:348
+ #, c-format
+ msgid "netlink returns error: %s"
+ msgstr "Netlink liefert Fehler %s"
+@@ -1846,63 +1898,63 @@ msgstr "Kein Adressbereich verfügbar für die DHCPv6-Anfrage via %s"
+ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr "%u verfügbare(s) DHCPv6-Subnetz: %s/%d"
+
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, c-format
+ msgid "%u vendor class: %u"
+ msgstr "%u Herstellerklasse: %u"
+
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, c-format
+ msgid "%u client MAC address: %s"
+ msgstr "%u Klient MAC-Adresse: %s"
+
+ # FIXME: do not assemble
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, c-format
+ msgid "unknown prefix-class %d"
+ msgstr "unbekannte Präfixklasse %d"
+
+-#: rfc3315.c:791 rfc3315.c:913
++#: rfc3315.c:803 rfc3315.c:902
++msgid "address unavailable"
++msgstr "Adresse nicht verfügbar"
++
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
+ msgid "success"
+ msgstr "Erfolg"
+
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
+ msgid "no addresses available"
+ msgstr "Keine Adressen verfügbar"
+
+-#: rfc3315.c:865
+-msgid "address unavailable"
+-msgstr "Adresse nicht verfügbar"
+-
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr "nicht on link"
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr "Keine Bindung gefunden"
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr "veraltet"
+
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ msgid "address invalid"
+ msgstr "Adresse ungültig"
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr "Bestätigung fehlgeschlagen"
+
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ msgid "all addresses still on link"
+ msgstr "Alle Adressen immer noch on link"
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr "Freigabe empfangen"
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr "Kann nicht zum DHCPv6 Server multicasten ohne korrekte Schnittstelle"
+
+@@ -1995,7 +2047,7 @@ msgstr "DHCP Weiterleitung von %s nach %s"
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr "Kann ICMPv6-Socket nicht erzeugen: %s"
+
+-#: auth.c:429
++#: auth.c:436
+ #, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr "ignoriere Zonentransfer-Anfrage von %s"
+@@ -2010,54 +2062,89 @@ msgstr "konnte Kernelversion nicht finden: %s"
+ msgid "failed to create IPset control socket: %s"
+ msgstr "konnte IPset-Kontroll-Socket nicht erzeugen: %s"
+
++#: dnssec.c:425 dnssec.c:469
++#, fuzzy, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr "kann die Prozessidentifikations-(PID)-Datei %s nicht öffnen: %s"
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr "DNSSEC Speicher in Benutzung %u, Max %u, zugewiesen %u"
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr "Fehler: fill_addr falsch verwendet"
+
+-#: tables.c:105
++#: tables.c:109
+ #, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr "konnte auf pf Geräte nicht zugreifen: %s"
+
+-#: tables.c:119
++#: tables.c:123
+ #, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr "Warnung: Keine geöffneten pf Geräte %s"
+
+-#: tables.c:127
++#: tables.c:131
+ #, c-format
+ msgid "error: cannot use table name %s"
+ msgstr "Fehler: Kann Tabellenname %s nicht benutzen"
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr "Fehler: Kann den Tabellennamen %s nicht strlcpy"
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr "Warnung: pfr_add_tables: %s(%d)"
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr "Info: Tabelle erstellt"
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr "Warnung: DIOCR%sADDRS: %s"
+
+-#: tables.c:162
++#: tables.c:166
+ #, c-format
+ msgid "%d addresses %s"
+ msgstr "%d Adressen %s"
+
++#: inotify.c:46
++#, fuzzy, c-format
++msgid "failed to create inotify: %s"
++msgstr "kann Helfer nicht erzeugen: %s"
++
++#: inotify.c:60
++#, fuzzy, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr "kann Lease-Datei %s nicht öffnen: %s"
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++#: inotify.c:75 inotify.c:112
++#, fuzzy, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr "Konnte Empfangs-Socket für %s: %s nicht erzeugen"
++
++#: inotify.c:97
++#, fuzzy, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr "Kann auf Verzeichnis %s nicht zugreifen: %s"
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
++
+ #~ msgid "no interface with address %s"
+ #~ msgstr "keine Schnittstelle mit Adresse %s"
+
+diff --git a/po/es.po b/po/es.po
+index 0bdff67f720b..b85696072661 100644
+--- a/po/es.po
++++ b/po/es.po
+@@ -16,70 +16,70 @@ msgstr ""
+ "Content-Transfer-Encoding: 8bit\n"
+ "Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr ""
+
+-#: cache.c:908
++#: cache.c:941
+ #, fuzzy, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr "no se pudo cargar nombres desde %s: %s"
+
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, fuzzy, c-format
+ msgid "bad address at %s line %d"
+ msgstr "dirección errónea en %s línea %d"
+
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr "nombre erróneo en %s línea %d"
+
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr "direcciónes %s - %d leídas"
+
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr "el caché fue liberado"
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr ""
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr "%s es un CNAME, no se le está dando concesión DHCP de %s"
+
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr "no otorgando nombre %s a concesión DHCP de %s porque el nombre existe en %s con dirección %s"
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr "tiempo %lu"
+
+-#: cache.c:1367
++#: cache.c:1422
+ #, fuzzy, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr "tamaño de caché %d, %d/%d inserciónes de caché reutilizaron objetos no vencidos."
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr "búsquedas reenviadas %u, búsquedas respondidas localmente %u"
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, fuzzy, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr "Fijar TTL para respuestas autoritarias"
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr "servidor %s#%d: búsquedas enviadas %u, reintentadas o fallidas %u"
+@@ -94,7 +94,7 @@ msgstr "no se pudo crear valor semilla para el generador de n
+ msgid "failed to allocate memory"
+ msgstr "no se pudo asignar memoria"
+
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr "no se pudo adquirir memoria"
+
+@@ -108,617 +108,650 @@ msgstr "no se puede crear pipe: %s"
+ msgid "failed to allocate %d bytes"
+ msgstr "no se pudo asignar %d bytes"
+
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr "infinito"
+
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr "Especificar dirección(es) locales dónde escuchar."
+
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr "Retornar ipaddr (dirección IP) para todos los hosts en los dominios especificados."
+
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr "Falsificar búsquedas reversas para rangos de dirección privados RFC1918."
+
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr "Tratar ipaddr (dirección IP) como NXDOMAIN (derrota comodín Verisign)."
+
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr "Especificar tamaño de caché en cuanto a cantidad de objetos (%s por predeterminado)."
+
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr "Especificar archivo de configuración (%s por predeterminado)."
+
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr "NO hacer un fork hacia el fondo: correr en modo debug."
+
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr "NO reenviar búsquedas sin parte de dominio."
+
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr "Retornar expedientes MX auto-señaladores para hosts locales."
+
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr "Expandir nombres simples en /etc/hosts con domain-suffix (sufijo de dominio)."
+
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr "No reenviar pedidos DNS falsos desde máquinas Windows."
+
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr "Habilitar DHCP dentro del rango brindado con duración de concesión."
+
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr "Cambiar a este grupo después del inicio (%s por predeterminado)."
+
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr "Fijar dirección o nombre de host para una máquina especificada."
+
+-#: option.c:332
++#: option.c:344
+ #, fuzzy
+ msgid "Read DHCP host specs from file."
+ msgstr "Leer especificaciones DHCP de host desde archivo"
+
+-#: option.c:333
++#: option.c:345
+ #, fuzzy
+ msgid "Read DHCP option specs from file."
+ msgstr "Leer opciones DHCP de host desde archivo"
+
+-#: option.c:334
++#: option.c:346
++#, fuzzy
++msgid "Read DHCP host specs from a directory."
++msgstr "Leer especificaciones DHCP de host desde archivo"
++
++#: option.c:347
++#, fuzzy
++msgid "Read DHCP options from a directory."
++msgstr "Leer opciones DHCP de host desde archivo"
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr "Evaluar expresión condicional de etiqueta."
+
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr "NO cargar archivo %s."
+
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr "Especificar un archivo de hosts para ser leído adicionalmente a %s."
+
+-#: option.c:337
++#: option.c:351
++#, fuzzy
++msgid "Read hosts files from a directory."
++msgstr "Leer especificaciones DHCP de host desde archivo"
++
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr "Especificar interfase(s) donde escuchar."
+
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr "Especificar interfase(s) donde NO escuchar."
+
+-#: option.c:339
++#: option.c:354
+ #, fuzzy
+ msgid "Map DHCP user class to tag."
+ msgstr "Trazar clase de usuario DHCP a etiqueta."
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr "Trazar circuit-id (identificación de circuito) RFC3046 a etiqueta."
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr "Trazar remote-id (identificación remota) RFC3046 a etiqueta."
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr "Trazar subscriber-id (identificación de suscritor) RFC3993 a etiqueta."
+
+-#: option.c:343
++#: option.c:358
+ #, fuzzy
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr "No hacer DHCP para hosts con etiqueta fijada."
+
+-#: option.c:344
++#: option.c:359
+ #, fuzzy
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr "Forzar respuestas broadcast para hosts con etiqueta fijada."
+
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr "NO hacer un fork hacia el fondo, NO correr en modo debug."
+
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr "Asumir que somos el único servidor DHCP en la red local."
+
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr "Especificar donde almacenar concesión DHCP (%s por predeterminado)."
+
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr "Retornar expedientes MX para hosts locales."
+
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr "Especificar un expediente MX."
+
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr "Especificar opciones BOOTP a servidor DHCP."
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr "NO revisar archivo %s periódicamente, recargar solo con SIGHUP."
+
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr "NO almacenar en caché resultados de búsquedas fallidas."
+
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr "Usar servidores DNS estrictamente en el órden brindado en %s."
+
+-#: option.c:354
++#: option.c:369
+ #, fuzzy
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr "Especificar opciones para ser enviadas a clientes DHCP."
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr "Opción DHCP enviada aún si el cliente no la pide."
+
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr "Especificar puerto donde escuchar por búsquedas DNS (53 por predeterminado)."
+
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr "Tamaño máximo de paquetes UDP soportado para EDNS.0 (%s por predeterminado)."
+
+-#: option.c:358
++#: option.c:373
+ #, fuzzy
+ msgid "Log DNS queries."
+ msgstr "Bitacorear búsquedas DNS."
+
+-#: option.c:359
++#: option.c:374
+ #, fuzzy
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr "Enforzar el puerto original para búsquedas DNS subida."
+
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr "NO leer resolv.conf."
+
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr "Especificar el path hacia resolv.conf (%s por predeterminado)."
+
+-#: option.c:362
++#: option.c:377
+ #, fuzzy
+ msgid "Specify path to file with server= options"
+ msgstr "Especificar path de archivo PID (%s por predeterminado)."
+
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr "Especificar dirección(es) de servidores subida con dominios opcionales."
+
+-#: option.c:364
++#: option.c:379
+ #, fuzzy
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr "Especificar dirección(es) de servidores subida con dominios opcionales."
+
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr "Nunca reenviar búsquedas a dominios especificados."
+
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr "Especificar el dominio para ser asignado en concesión DHCP."
+
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr "Especificar destino predeterminado en un expediente MX."
+
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr "Especificar tiempo de vida en segundos para respuestas desde /etc/hosts."
+
+-#: option.c:369
++#: option.c:384
+ #, fuzzy
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr "Especificar tiempo de vida en segundos para caché negativo."
+
+-#: option.c:370
++#: option.c:385
+ #, fuzzy
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr "Especificar tiempo de vida en segundos para respuestas desde /etc/hosts."
+
+-#: option.c:371
++#: option.c:386
++#, fuzzy
++msgid "Specify time-to-live ceiling for cache."
++msgstr "Especificar tiempo de vida en segundos para caché negativo."
++
++#: option.c:387
++#, fuzzy
++msgid "Specify time-to-live floor for cache."
++msgstr "Especificar tiempo de vida en segundos para caché negativo."
++
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr "Cambiar a este usuario despues del inicio (%s por predeterminado)."
+
+-#: option.c:372
++#: option.c:389
+ #, fuzzy
+ msgid "Map DHCP vendor class to tag."
+ msgstr "Trazar clase de vendedor DHCP a etiqueta."
+
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr "Mostrar información sobre la versión y copyright de dnsmasq."
+
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr "Traducir direcciones IPv4 desde servidores subida."
+
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr "Especificar un expediente SRV."
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr "Mostrar este mensaje. Usar --help dhcp para opciones DHCP conocidas."
+
+-#: option.c:377
++#: option.c:394
+ #, fuzzy, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr "Especificar path de archivo PID (%s por predeterminado)."
+
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr "Especificar número máximo de concesión DHCP (%s por predeterminado)."
+
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr "Responder a búsquedas DNS en base a la interfase a la cuál fueron enviadas."
+
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr "Especificar expediente DNS TXT."
+
+-#: option.c:381
++#: option.c:398
+ #, fuzzy
+ msgid "Specify PTR DNS record."
+ msgstr "Especificar expediente DNS PTR."
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr "Otorgar nombre DNS a dirección IPv4 de interfase."
+
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr "Acoplar solo a interfases en uso."
+
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr "Leer información sobre hosts DHCP estáticos desde %s."
+
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr "Habilitar la interfase DBus para fijar servidores subida, etc."
+
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr "No proveer DHCP en esta interfase, sólo proveer DNS."
+
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr "Habilitar alocación dinámica de direcciónes para BOOTP."
+
+-#: option.c:388
++#: option.c:405
+ #, fuzzy
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr "Trazar dirección MAC (con comodínes) a opción fijada."
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr "Tratar pedidos DHCP en alias como si llegaran de la interfase."
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr "Deshabilitar verificación de direcciónes para echo ICMP en el servidor DHCP."
+
+-#: option.c:391
++#: option.c:408
+ #, fuzzy
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr "Archivo guión para ejecutar cuando se crea o destruye una concesión DHCP."
+
+-#: option.c:392
++#: option.c:409
+ #, fuzzy
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr "Archivo guión para ejecutar cuando se crea o destruye una concesión DHCP."
+
+-#: option.c:393
++#: option.c:410
+ #, fuzzy
+ msgid "Run lease-change scripts as this user."
+ msgstr "Correr archivo guión de cambio de concesión como este usuario."
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr "Leer configuración desde todos los archivos en este directorio."
+
+-#: option.c:395
++#: option.c:412
+ #, fuzzy
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr "Bitacorear a esta facilidad syslog o archivo. (DAEMON por predeterminado)"
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr "No usar archivo de concesión."
+
+-#: option.c:397
++#: option.c:414
+ #, fuzzy, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr "Número máximo de búsquedas DNS simultáneas. (%s por predeterminado)"
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr "Liberar caché DNS al recargar %s."
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr "Ignorar nombres de host brindados por clientes DHCP."
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr "NO reutilizar campos de nombre de archivo y servidor para opciones DHCP extra."
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr "Habilitar servidor integrado TFTP solo-lectura."
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr "Exportar archivos vía TFTP solo del sub-árbol especificado."
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr "Agregar IP de cliente a tftp-root."
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr "Permitir acceso solo a archivos pertenecientes al usuario que corre dnsmasq."
+
+-#: option.c:405
++#: option.c:422
+ #, fuzzy, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr "Número máximo de transferencias TFTP simultáneas (%s por predeterminado)."
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr "Deshabilitar la extensión TFTP blocksize (tamaño de bloque)."
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr "Convertir a minúsculas los nombres de archivos TFTP"
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr "Rango de puertos efímeros para ser usados en transferencias TFTP."
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr "Log extra para DHCP."
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr "Habilitar registro asíncrono; opcionalmente fijar tamaño de cola."
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr "Detener revinculación DNS. Filtrar rangos de IP privados al resolver."
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr "Permitir revinculación de 127.0.0.0/8, para servidores RBL."
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr "Inhibir protección de revinculación DNS en este dominio."
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr "Siempre realizar búsquedas DNS a todos los servidores."
+
+-#: option.c:415
++#: option.c:432
+ #, fuzzy
+ msgid "Set tag if client includes matching option in request."
+ msgstr "Fijar etiqueta si cliente incluye opción coincidente en pedido."
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr "Usar puertos alternativos para DHCP."
+
+-#: option.c:417
++#: option.c:434
+ #, fuzzy
+ msgid "Specify NAPTR DNS record."
+ msgstr "Especificar expediente DNS NAPTR."
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr "Especificar puerto más bajo disponible para transmisión de búsquedas DNS."
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr "Usar solo nombres de dominio completamente calificados para clientes DHCP."
+
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr "Generar hostnames basados en direcciones MAC para clientes sin nombre."
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr "Usar estos relays DHCP como proxies completos."
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr ""
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr "Especificar nombre alias para nombre DNS LOCAL."
+
+-#: option.c:424
++#: option.c:441
+ #, fuzzy
+ msgid "Prompt to send to PXE clients."
+ msgstr "Aviso a ser enviado a clientes PXE."
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr "Servicio de arranque para menú PXE."
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr "Revisar sintaxis de configuración."
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr "Añadir direcciones MAC de los peticionarios a los filtros DNS enviados"
+
+-#: option.c:428
++#: option.c:445
+ #, fuzzy
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr "Añadir direcciones MAC de los peticionarios a los filtros DNS enviados"
+
+-#: option.c:429
++#: option.c:446
+ #, fuzzy
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr "Traducir direcciones IPv4 desde servidores subida."
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr "Intento de instaurar direcciones IP secuenciales a cliente DHCP"
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr "Copiar la marca de connection-track desde los filtros a las conexiones salientes"
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr "Permite a clientes DHCP realizar sus propias actualizaciones DDNS"
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr "Enviar anuncios del router a los interfases realizando DHCPv6"
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr ""
+
+-#: option.c:435
++#: option.c:452
+ #, fuzzy
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr "Especificar un expediente MX."
+
+-#: option.c:436
++#: option.c:453
+ #, fuzzy
+ msgid "Specify arbitrary DNS resource record"
+ msgstr "Especificar expediente DNS TXT."
+
+-#: option.c:437
++#: option.c:454
+ #, fuzzy
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr "interfase desconocida %s en bridge-interfase"
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr "Exportar nombres DNS locales a globales"
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr "Dominio a exportar a DNS global"
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr "Fijar TTL para respuestas autoritarias"
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr "Fijar información de zona autoritaria"
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr "Nombres de servidor secundario autoritatorios para dominios enviados"
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr "Colegas autorizados a la zona de transferencia (transfer)"
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr "Especificar los ipsets coincidentes en dominio que debrían ser añadidos"
+
+-#: option.c:445
++#: option.c:462
+ #, fuzzy
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr "Especificar dominio y rango de direcciones para los nombres acrónimos"
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr ""
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr ""
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr ""
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr ""
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr ""
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr "Especificar prefijo de clase DHCPv6"
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr ""
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr ""
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr ""
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr ""
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr ""
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr ""
+
+-#: option.c:661
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+@@ -727,335 +760,335 @@ msgstr ""
+ "Modo de uso: dnsmasq [opciones]\n"
+ "\n"
+
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr "Usar opciones cortas solo en la línea de comandos.\n"
+
+-#: option.c:665
++#: option.c:684
+ #, fuzzy, c-format
+ msgid "Valid options are:\n"
+ msgstr "Opciones válidas son :\n"
+
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr "puerto erróneo"
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr "vinculación de interfase no está soportado"
+
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ #, fuzzy
+ msgid "bad interface name"
+ msgstr "nombre de interfase erróneo"
+
+-#: option.c:792
++#: option.c:811
+ #, fuzzy
+ msgid "bad address"
+ msgstr "dirección IP errónea"
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr "Encapsulación no soportada para opción IPv6"
+
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr "opción dhcp-option errónea"
+
+-#: option.c:1056
++#: option.c:1075
+ #, fuzzy
+ msgid "bad IP address"
+ msgstr "dirección IP errónea"
+
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ #, fuzzy
+ msgid "bad IPv6 address"
+ msgstr "dirección IP errónea"
+
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr "dominio erróneo en dhcp-option"
+
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr "opción dhcp-option demasiado larga"
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr "dhcp-match ilegal"
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr "opción repetida ilegal"
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr "palabra clave repetida ilegal"
+
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, fuzzy, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr "no se puede acceder a directorio %s: %s"
+
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, fuzzy, c-format
+ msgid "cannot access %s: %s"
+ msgstr "no se puede acceder %s: %s"
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr "la creación de un registro no es posible en Android"
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr "ubicación del registro errónea"
+
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr "preferencia MX errónea"
+
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr "nombre MX erróneo"
+
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr "destino MX erróneo"
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr "no se pueden correr archivos 'script' bajo uClinux"
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr "recompilar con HAVE_SCRIPT definido para habilitar guiónes de cambio de concesión"
+
+-#: option.c:1687
++#: option.c:1714
+ #, fuzzy
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr "recompilar con HAVE_SCRIPT definido para habilitar 'scripts' en Lua"
+
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ #, fuzzy
+ msgid "bad prefix"
+ msgstr "prefijo erróneo"
+
+-#: option.c:2289
++#: option.c:2352
+ #, fuzzy
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr "recompilar con HAVE_SCRIPT definido para habilitar directivas ipset"
+
+-#: option.c:2469
++#: option.c:2545
+ #, fuzzy
+ msgid "bad port range"
+ msgstr "rango de puertos erróneo"
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr "opción bridge-interface (interfase puente) errónea"
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr "solo una etiqueta permitida"
+
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr "opción dhcp-range (rango DHCP) errónea"
+
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr "rango DHCP inconsistente"
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr "la longitud del prefijo debe ser 64 exacto para subredes RA"
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr "la longitud del prefijo debe ser 64 exacto para subredes constructoras"
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr "la longitud del prefijo debe ser al menos 64"
+
+-#: option.c:2660
++#: option.c:2736
+ #, fuzzy
+ msgid "inconsistent DHCPv6 range"
+ msgstr "rango DHCP inconsistente"
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr "prefijo debe ser cero con argumento \"constructor:\""
+
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ #, fuzzy
+ msgid "bad hex constant"
+ msgstr "constante hexadecimal errónea"
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr "no coinciden etiquetas en --dhcp-host"
+
+-#: option.c:2852
++#: option.c:2928
+ #, fuzzy, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr "dirección IP duplicada %s en %s."
+
+-#: option.c:2910
++#: option.c:2986
+ #, fuzzy
+ msgid "bad DHCP host name"
+ msgstr "nombre de host DHCP erróneo"
+
+-#: option.c:2992
++#: option.c:3068
+ #, fuzzy
+ msgid "bad tag-if"
+ msgstr "etiqueta tag-if errónea"
+
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr "número de puerto inválido"
+
+-#: option.c:3378
++#: option.c:3454
+ #, fuzzy
+ msgid "bad dhcp-proxy address"
+ msgstr "dirección IP errónea"
+
+-#: option.c:3404
++#: option.c:3480
+ #, fuzzy
+ msgid "Bad dhcp-relay"
+ msgstr "opción dhcp-range (rango DHCP) errónea"
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr ""
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr "DUID erróneo"
+
+-#: option.c:3481
++#: option.c:3557
+ #, fuzzy
+ msgid "invalid alias range"
+ msgstr "rango alias inválido"
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr "CNAME erróneo"
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr "CNAME duplicado"
+
+-#: option.c:3560
++#: option.c:3636
+ #, fuzzy
+ msgid "bad PTR record"
+ msgstr "registro PTR erróneo"
+
+-#: option.c:3591
++#: option.c:3667
+ #, fuzzy
+ msgid "bad NAPTR record"
+ msgstr "registro NAPTR erróneo"
+
+-#: option.c:3625
++#: option.c:3701
+ #, fuzzy
+ msgid "bad RR record"
+ msgstr "registro PTR erróneo"
+
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr "registro TXT erróneo"
+
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr "registro SRV erróneo"
+
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr "destino SRV erróneo"
+
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr "prioridad inválida"
+
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr "peso inválido"
+
+-#: option.c:3748
++#: option.c:3824
+ #, fuzzy
+ msgid "Bad host-record"
+ msgstr "registro PTR erróneo"
+
+-#: option.c:3765
++#: option.c:3841
+ #, fuzzy
+ msgid "Bad name in host-record"
+ msgstr "nombre erróneo en %s"
+
+-#: option.c:3826
++#: option.c:3906
+ #, fuzzy
+ msgid "bad trust anchor"
+ msgstr "rango de puertos erróneo"
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr ""
+
+-#: option.c:3850
++#: option.c:3930
+ #, fuzzy
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr "opción no soportada (verificar que dnsmasq fue compilado con soporte para DHCP/TFTP/DBus)"
+
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr "falta \""
+
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr "opción errónea"
+
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr "parámetro extraño"
+
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr "parámetro ausente"
+
+-#: option.c:3972
++#: option.c:4052
+ #, fuzzy
+ msgid "illegal option"
+ msgstr "opción errónea"
+
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr "error"
+
+-#: option.c:3981
++#: option.c:4061
+ #, fuzzy, c-format
+ msgid " at line %d of %s"
+ msgstr "%s en línea %d de %%s"
+
+-#: option.c:4045 option.c:4168 tftp.c:667
+-#, c-format
+-msgid "cannot read %s: %s"
+-msgstr "no se puede leer %s: %s"
+-
+-#: option.c:4229 option.c:4265
++#: option.c:4076 option.c:4323 option.c:4359
+ #, fuzzy, c-format
+ msgid "read %s"
+ msgstr "lee %s"
+
+-#: option.c:4331
++#: option.c:4139 option.c:4262 tftp.c:667
++#, c-format
++msgid "cannot read %s: %s"
++msgstr "no se puede leer %s: %s"
++
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr "basura encontrada en linea de comando"
+
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr "Versión dnsmasq %s %s\n"
+
+-#: option.c:4367
++#: option.c:4461
+ #, fuzzy, c-format
+ msgid ""
+ "Compile time options: %s\n"
+@@ -1064,90 +1097,90 @@ msgstr ""
+ "Opciones de compilación %s\n"
+ "\n"
+
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr "Este software viene SIN NINGUNA GARANTIA.\n"
+
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr "Dnsmasq es software libre, y usted está autorizado a redistribuirlo\n"
+
+-#: option.c:4370
++#: option.c:4464
+ #, fuzzy, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr "bajo los términos de la GNU General Public License, versión 2 o 3.\n"
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr "pruebe --help"
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr "pruebe -w"
+
+-#: option.c:4385
++#: option.c:4479
+ #, fuzzy, c-format
+ msgid "bad command line options: %s"
+ msgstr "opciones de línea de comandos erróneas: %s"
+
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr "no se puede obtener host-name (nombre de host): %s"
+
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr "solo un archivo resolv.conf está permitido en modo no-poll."
+
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr "debe haber exáctamente un resolv.conf desde donde leer dominio."
+
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, fuzzy, c-format
+ msgid "failed to read %s: %s"
+ msgstr "no se pudo leer %s: %s"
+
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr "ninguna directiva de búsqueda encontrada en %s"
+
+-#: option.c:4513
++#: option.c:4614
+ #, fuzzy
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr "debe haber un dominio predeterminado cuando --dhcp-fqdn está fijado"
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr "revisión de sintaxis OK"
+
+-#: forward.c:114
++#: forward.c:111
+ #, fuzzy, c-format
+ msgid "failed to send packet: %s"
+ msgstr "no se pudo escuchar en socket: %s"
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr ""
+
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr "servidor DNS %s rechazó realizar una búsqueda recursiva"
+
+-#: forward.c:629
++#: forward.c:627
+ #, fuzzy, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr "posible ataque de revinculación DNS detectado"
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr ""
+
+-#: forward.c:2101
++#: forward.c:2178
+ #, fuzzy, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr "Número máximo de búsquedas DNS simultáneas alcanzado. (%s por predeterminado)"
+@@ -1237,272 +1270,286 @@ msgstr "usando nombre de servidor %s#%d(v
+ msgid "using nameserver %s#%d"
+ msgstr "usando nombre de servidor %s#%d"
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:156
++msgid "no trust anchors provided for DNSSEC"
+ msgstr ""
+
+ #: dnsmasq.c:159
++msgid "cannot reduce cache size from default when DNSSEC enabled"
++msgstr ""
++
++#: dnsmasq.c:161
+ #, fuzzy
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr "DBus no disponible: fijar HAVE_DBUS en src/config.h"
+
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ #, fuzzy
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr "servidor TFTP no disponible: fijar HAVE_TFTP en src/config.h"
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++#, fuzzy
++msgid "cannot use --conntrack AND --query-port"
+ msgstr "No puede usar --conntrack AND --query-port"
+
+-#: dnsmasq.c:173
++#: dnsmasq.c:175
+ #, fuzzy
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr "servidor TFTP no disponible: fijar HAVE_TFTP en src/config.h"
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ #, fuzzy
+ msgid "asychronous logging is not available under Solaris"
+ msgstr "registro asíncrono no está disponible bajo Solaris"
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ #, fuzzy
+ msgid "asychronous logging is not available under Android"
+ msgstr "registro asíncrono no está disponible bajo Solaris"
+
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ #, fuzzy
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr "DBus no disponible: fijar HAVE_DBUS en src/config.h"
+
+-#: dnsmasq.c:193
++#: dnsmasq.c:195
+ #, fuzzy
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr "servidor TFTP no disponible: fijar HAVE_TFTP en src/config.h"
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr "zona serie debe ser configurada en --auth-soa"
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr "constructor rango dhcp no disponible en esta plataforma"
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr "no puede usar --bind-interfases y --bind-dynamic"
+
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr "no se pudo encontrar lista de interfases: %s"
+
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr "interfase desconocida %s"
+
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr "error DBus: %s"
+
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr "DBus no disponible: fijar HAVE_DBUS en src/config.h"
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr "usuario o grupo desconocido: %s"
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr "no se puede cambiar directorio a raíz de sistema de archivos: %s"
+
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, fuzzy, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr "iniciado, versión %s DNS deshabilitado"
+
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr "iniciado, versión %s tamaño de caché %d"
+
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr "iniciado, versión %s caché deshabilitado"
+
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr "opciones de compilación: %s"
+
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr "soporte DBus habilitado: conectado a bus de sistema"
+
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr "soporte DBus habilitado: conexión a bus pendiente"
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr ""
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr ""
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr ""
+
+-#: dnsmasq.c:684
++#: dnsmasq.c:708
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr ""
++
++#: dnsmasq.c:713
+ #, fuzzy, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr "advertencia: no se pudo cambiar propietario de %s: %s"
+
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr "fijando opción --bind-interfases debido a limitaciones de sistema operativo"
+
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr "advertencia: interfase %s no existe actualmente"
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr "advertencia: ignorando opción resolv-file porque no-resolv está fijado"
+
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ #, fuzzy
+ msgid "warning: no upstream servers configured"
+ msgstr "advertencia: ningún servidor de subida configurado"
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr "registro asíncrono habilitado, el límite de la cola es %d mensajes"
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr "Anuncio de router IPv6 habilitado"
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr "root está "
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ #, fuzzy
+ msgid "enabled"
+ msgstr "habilitado"
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr "modo seguro"
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr "limitando número máximo de transferencias TFTP simultáneas a %d"
+
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr "conectado a DBus de sistema"
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr "no se puede hacer fork en background: %s"
+
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, fuzzy, c-format
+ msgid "failed to create helper: %s"
+ msgstr "no se pudo crear ayudante: %s"
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, fuzzy, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr "configuración de capacidades ha fallado: %s"
+
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, fuzzy, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr "no se pudo cambiar user-id a %s: %s"
+
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, fuzzy, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr "no se pudo cambiar group-id a %s: %s"
+
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, fuzzy, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr "no se pudo abrir archivo PID %s: %s"
+
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, fuzzy, c-format
+ msgid "cannot open log %s: %s"
+ msgstr "no se puede abrir registro %s: %s"
+
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, fuzzy, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr "no se pudo cargar script Lua %s: %s"
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr "directorio TFTP % inaccesible: %s"
+
+-#: dnsmasq.c:1151
++#: dnsmasq.c:1183
++#, fuzzy, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr "no se puede abrir o crear archivo de concesión %s: %s"
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr ""
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, fuzzy, c-format
+ msgid "script process killed by signal %d"
+ msgstr "proceso script eliminado por señal %d"
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, fuzzy, c-format
+ msgid "script process exited with status %d"
+ msgstr "proceso script salió con con estado %d"
+
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, fuzzy, c-format
+ msgid "failed to execute %s: %s"
+ msgstr "no se pudo ejecutar %s: %s"
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr "saliendo al recibir SIGTERM"
+
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, fuzzy, c-format
+ msgid "failed to access %s: %s"
+ msgstr "no se pudo acceder %s: %s"
+
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr "leyendo %s"
+
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, fuzzy, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr "ningún servidor encontrado en %s, se reintentará"
+@@ -1542,27 +1589,27 @@ msgstr "interfase desconocida %s en bridge-interface"
+ msgid "DHCP packet received on %s which has no address"
+ msgstr "Paquete DHCP recibido en %s que no tiene dirección"
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr ""
+
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr "rango DHCP %s -- %s no coincide con máscara de subred %s"
+
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, fuzzy, c-format
+ msgid "bad line at %s line %d"
+ msgstr "línea errónea en %s línea %d"
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr "ignorando %s línea %d, nombre o dirección IP duplicada"
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr "DHCP relay %s -> %s"
+@@ -1633,12 +1680,12 @@ msgstr "%u Clase de usuario: %s"
+ msgid "disabled"
+ msgstr "deshabilitado"
+
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr "ignorado"
+
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr "dirección en uso"
+
+@@ -1658,7 +1705,7 @@ msgstr "ninguna direcci
+ msgid "no leases left"
+ msgstr "no sobra ninguna concesión"
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, fuzzy, c-format
+ msgid "%u client provides name: %s"
+ msgstr "%u cliente provee nombre: %s"
+@@ -1667,7 +1714,7 @@ msgstr "%u cliente provee nombre: %s"
+ msgid "PXE BIS not supported"
+ msgstr "no hay soporte para BIS PXE"
+
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, fuzzy, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr "deshabilitando dirección DHCP estática %s para %s"
+@@ -1703,7 +1750,7 @@ msgstr "ID de servidor equivocada"
+ msgid "wrong address"
+ msgstr "dirección equivocada"
+
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr "concesión no encontrada"
+
+@@ -1753,7 +1800,7 @@ msgstr "no se puede enviar opci
+ msgid "PXE menu too large"
+ msgstr "menú PXE demasiado largo"
+
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, fuzzy, c-format
+ msgid "%u requested options: %s"
+ msgstr "%u opciones solicitadas: %s"
+@@ -1768,7 +1815,7 @@ msgstr "no se puede enviar opci
+ msgid "cannot create netlink socket: %s"
+ msgstr "no se puede crear zócalo netlink: %s"
+
+-#: netlink.c:347
++#: netlink.c:348
+ #, fuzzy, c-format
+ msgid "netlink returns error: %s"
+ msgstr "netlink retorna error: %s"
+@@ -1886,66 +1933,66 @@ msgstr "ning
+ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr "%u Subred DHCP disponible: %s/%s"
+
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, fuzzy, c-format
+ msgid "%u vendor class: %u"
+ msgstr "%u Clase de vendedor: %s"
+
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, fuzzy, c-format
+ msgid "%u client MAC address: %s"
+ msgstr "%u cliente provee nombre: %s"
+
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, fuzzy, c-format
+ msgid "unknown prefix-class %d"
+ msgstr "clase de prefijo desconocida"
+
+-#: rfc3315.c:791 rfc3315.c:913
++#: rfc3315.c:803 rfc3315.c:902
++#, fuzzy
++msgid "address unavailable"
++msgstr "dirección no disponible"
++
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
+ msgid "success"
+ msgstr ""
+
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
+ #, fuzzy
+ msgid "no addresses available"
+ msgstr "ninguna dirección disponible"
+
+-#: rfc3315.c:865
+-#, fuzzy
+-msgid "address unavailable"
+-msgstr "dirección no disponible"
+-
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr "no en el enlace"
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr "uniones no encontradas"
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr "descartado"
+
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ #, fuzzy
+ msgid "address invalid"
+ msgstr "dirección en uso"
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr "confirmación falló"
+
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ #, fuzzy
+ msgid "all addresses still on link"
+ msgstr "dirección errónea en %s línea %d"
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr "concesión recibida"
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr "No puede hacer multicast DHCPv6 sin el interfase correcto"
+
+@@ -2038,7 +2085,7 @@ msgstr ""
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr "no se puede crear socket DHCP: %s"
+
+-#: auth.c:429
++#: auth.c:436
+ #, fuzzy, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr "pedido no-soportado desde %s"
+@@ -2053,54 +2100,89 @@ msgstr "no se pudo acoplar socket de servidor DHCP: %s"
+ msgid "failed to create IPset control socket: %s"
+ msgstr "no se pudo crear socket TFTP: %s"
+
++#: dnssec.c:425 dnssec.c:469
++#, fuzzy, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr "no se pudo abrir archivo PID %s: %s"
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr ""
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr ""
+
+-#: tables.c:105
++#: tables.c:109
+ #, fuzzy, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr "no se pudo acceder %s: %s"
+
+-#: tables.c:119
++#: tables.c:123
+ #, fuzzy, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr "usando direcciones locales solo para %s %s"
+
+-#: tables.c:127
++#: tables.c:131
+ #, fuzzy, c-format
+ msgid "error: cannot use table name %s"
+ msgstr "no se puede obtener host-name (nombre de host): %s"
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr ""
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr ""
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr ""
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr ""
+
+-#: tables.c:162
++#: tables.c:166
+ #, fuzzy, c-format
+ msgid "%d addresses %s"
+ msgstr "dirección IP errónea"
+
++#: inotify.c:46
++#, fuzzy, c-format
++msgid "failed to create inotify: %s"
++msgstr "no se pudo crear ayudante: %s"
++
++#: inotify.c:60
++#, fuzzy, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr "no se puede abrir o crear archivo de concesión %s: %s"
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++#: inotify.c:75 inotify.c:112
++#, fuzzy, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr "no se pudo crear un zócalo de escucha: %s"
++
++#: inotify.c:97
++#, fuzzy, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr "no se puede acceder a directorio %s: %s"
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
++
+ #~ msgid "no interface with address %s"
+ #~ msgstr "ninguna interfase con dirección %s"
+
+diff --git a/po/fi.po b/po/fi.po
+index 36f430986e79..760b08107510 100644
+--- a/po/fi.po
++++ b/po/fi.po
+@@ -16,70 +16,70 @@ msgstr ""
+ "Content-Transfer-Encoding: 8bit\n"
+ "Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr ""
+
+-#: cache.c:908
++#: cache.c:941
+ #, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr ""
+
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, c-format
+ msgid "bad address at %s line %d"
+ msgstr ""
+
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr ""
+
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr ""
+
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr ""
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr ""
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr ""
+
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr ""
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr ""
+
+-#: cache.c:1367
++#: cache.c:1422
+ #, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr ""
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr ""
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr ""
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr ""
+@@ -93,7 +93,7 @@ msgstr ""
+ msgid "failed to allocate memory"
+ msgstr ""
+
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr ""
+
+@@ -107,990 +107,1018 @@ msgstr ""
+ msgid "failed to allocate %d bytes"
+ msgstr ""
+
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr ""
+
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr ""
+
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr ""
+
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr ""
+
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr ""
+
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr ""
+
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr ""
+
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr ""
+
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr ""
+
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr ""
+
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr ""
+
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr ""
+
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr ""
+
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr ""
+
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr ""
+
+-#: option.c:332
++#: option.c:344
+ msgid "Read DHCP host specs from file."
+ msgstr ""
+
+-#: option.c:333
++#: option.c:345
+ msgid "Read DHCP option specs from file."
+ msgstr ""
+
+-#: option.c:334
++#: option.c:346
++msgid "Read DHCP host specs from a directory."
++msgstr ""
++
++#: option.c:347
++msgid "Read DHCP options from a directory."
++msgstr ""
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr ""
+
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr ""
+
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr ""
+
+-#: option.c:337
++#: option.c:351
++msgid "Read hosts files from a directory."
++msgstr ""
++
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr ""
+
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr ""
+
+-#: option.c:339
++#: option.c:354
+ msgid "Map DHCP user class to tag."
+ msgstr ""
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr ""
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr ""
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr ""
+
+-#: option.c:343
++#: option.c:358
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr ""
+
+-#: option.c:344
++#: option.c:359
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr ""
+
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr ""
+
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr ""
+
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr ""
+
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr ""
+
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr ""
+
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr ""
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr ""
+
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr ""
+
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr ""
+
+-#: option.c:354
++#: option.c:369
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr ""
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr ""
+
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr ""
+
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr ""
+
+-#: option.c:358
++#: option.c:373
+ msgid "Log DNS queries."
+ msgstr ""
+
+-#: option.c:359
++#: option.c:374
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr ""
+
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr ""
+
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr ""
+
+-#: option.c:362
++#: option.c:377
+ msgid "Specify path to file with server= options"
+ msgstr ""
+
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr ""
+
+-#: option.c:364
++#: option.c:379
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr ""
+
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr ""
+
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr ""
+
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr ""
+
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr ""
+
+-#: option.c:369
++#: option.c:384
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr ""
+
+-#: option.c:370
++#: option.c:385
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr ""
+
+-#: option.c:371
++#: option.c:386
++msgid "Specify time-to-live ceiling for cache."
++msgstr ""
++
++#: option.c:387
++msgid "Specify time-to-live floor for cache."
++msgstr ""
++
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr ""
+
+-#: option.c:372
++#: option.c:389
+ msgid "Map DHCP vendor class to tag."
+ msgstr ""
+
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr ""
+
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr ""
+
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr ""
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr ""
+
+-#: option.c:377
++#: option.c:394
+ #, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr ""
+
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr ""
+
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr ""
+
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr ""
+
+-#: option.c:381
++#: option.c:398
+ msgid "Specify PTR DNS record."
+ msgstr ""
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr ""
+
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr ""
+
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr ""
+
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr ""
+
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr ""
+
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr ""
+
+-#: option.c:388
++#: option.c:405
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr ""
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr ""
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr ""
+
+-#: option.c:391
++#: option.c:408
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:392
++#: option.c:409
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:393
++#: option.c:410
+ msgid "Run lease-change scripts as this user."
+ msgstr ""
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr ""
+
+-#: option.c:395
++#: option.c:412
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr ""
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr ""
+
+-#: option.c:397
++#: option.c:414
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr ""
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr ""
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr ""
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr ""
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr ""
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr ""
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr ""
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr ""
+
+-#: option.c:405
++#: option.c:422
+ #, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr ""
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr ""
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr ""
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr ""
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr ""
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr ""
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr ""
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr ""
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr ""
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr ""
+
+-#: option.c:415
++#: option.c:432
+ msgid "Set tag if client includes matching option in request."
+ msgstr ""
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr ""
+
+-#: option.c:417
++#: option.c:434
+ msgid "Specify NAPTR DNS record."
+ msgstr ""
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr ""
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr ""
+
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr ""
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr ""
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr ""
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr ""
+
+-#: option.c:424
++#: option.c:441
+ msgid "Prompt to send to PXE clients."
+ msgstr ""
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr ""
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr ""
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:428
++#: option.c:445
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:429
++#: option.c:446
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr ""
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr ""
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr ""
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr ""
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr ""
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr ""
+
+-#: option.c:435
++#: option.c:452
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr ""
+
+-#: option.c:436
++#: option.c:453
+ msgid "Specify arbitrary DNS resource record"
+ msgstr ""
+
+-#: option.c:437
++#: option.c:454
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr ""
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr ""
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr ""
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr ""
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr ""
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr ""
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr ""
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr ""
+
+-#: option.c:445
++#: option.c:462
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr ""
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr ""
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr ""
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr ""
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr ""
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr ""
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr ""
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr ""
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr ""
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr ""
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr ""
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr ""
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr ""
+
+-#: option.c:661
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+ "\n"
+ msgstr ""
+
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr ""
+
+-#: option.c:665
++#: option.c:684
+ #, c-format
+ msgid "Valid options are:\n"
+ msgstr ""
+
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr ""
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr ""
+
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ msgid "bad interface name"
+ msgstr ""
+
+-#: option.c:792
++#: option.c:811
+ msgid "bad address"
+ msgstr ""
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr ""
+
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr ""
+
+-#: option.c:1056
++#: option.c:1075
+ msgid "bad IP address"
+ msgstr ""
+
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ msgid "bad IPv6 address"
+ msgstr ""
+
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr ""
+
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr ""
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr ""
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr ""
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr ""
+
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr ""
+
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, c-format
+ msgid "cannot access %s: %s"
+ msgstr ""
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr ""
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr ""
+
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr ""
+
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr ""
+
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr ""
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr ""
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr ""
+
+-#: option.c:1687
++#: option.c:1714
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr ""
+
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ msgid "bad prefix"
+ msgstr ""
+
+-#: option.c:2289
++#: option.c:2352
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr ""
+
+-#: option.c:2469
++#: option.c:2545
+ msgid "bad port range"
+ msgstr ""
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr ""
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr ""
+
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr ""
+
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr ""
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr ""
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr ""
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr ""
+
+-#: option.c:2660
++#: option.c:2736
+ msgid "inconsistent DHCPv6 range"
+ msgstr ""
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr ""
+
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ msgid "bad hex constant"
+ msgstr ""
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr ""
+
+-#: option.c:2852
++#: option.c:2928
+ #, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr ""
+
+-#: option.c:2910
++#: option.c:2986
+ msgid "bad DHCP host name"
+ msgstr ""
+
+-#: option.c:2992
++#: option.c:3068
+ msgid "bad tag-if"
+ msgstr ""
+
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr ""
+
+-#: option.c:3378
++#: option.c:3454
+ msgid "bad dhcp-proxy address"
+ msgstr ""
+
+-#: option.c:3404
++#: option.c:3480
+ msgid "Bad dhcp-relay"
+ msgstr ""
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr ""
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr ""
+
+-#: option.c:3481
++#: option.c:3557
+ msgid "invalid alias range"
+ msgstr ""
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr ""
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr ""
+
+-#: option.c:3560
++#: option.c:3636
+ msgid "bad PTR record"
+ msgstr ""
+
+-#: option.c:3591
++#: option.c:3667
+ msgid "bad NAPTR record"
+ msgstr ""
+
+-#: option.c:3625
++#: option.c:3701
+ msgid "bad RR record"
+ msgstr ""
+
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr ""
+
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr ""
+
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr ""
+
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr ""
+
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr ""
+
+-#: option.c:3748
++#: option.c:3824
+ msgid "Bad host-record"
+ msgstr ""
+
+-#: option.c:3765
++#: option.c:3841
+ msgid "Bad name in host-record"
+ msgstr ""
+
+-#: option.c:3826
++#: option.c:3906
+ msgid "bad trust anchor"
+ msgstr ""
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr ""
+
+-#: option.c:3850
++#: option.c:3930
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr ""
+
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr ""
+
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr ""
+
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr ""
+
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr ""
+
+-#: option.c:3972
++#: option.c:4052
+ msgid "illegal option"
+ msgstr ""
+
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr ""
+
+-#: option.c:3981
++#: option.c:4061
+ #, c-format
+ msgid " at line %d of %s"
+ msgstr ""
+
+-#: option.c:4045 option.c:4168 tftp.c:667
++#: option.c:4076 option.c:4323 option.c:4359
+ #, c-format
+-msgid "cannot read %s: %s"
++msgid "read %s"
+ msgstr ""
+
+-#: option.c:4229 option.c:4265
++#: option.c:4139 option.c:4262 tftp.c:667
+ #, c-format
+-msgid "read %s"
++msgid "cannot read %s: %s"
+ msgstr ""
+
+-#: option.c:4331
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr ""
+
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr ""
+
+-#: option.c:4367
++#: option.c:4461
+ #, c-format
+ msgid ""
+ "Compile time options: %s\n"
+ "\n"
+ msgstr ""
+
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr ""
+
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr ""
+
+-#: option.c:4370
++#: option.c:4464
+ #, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr ""
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr ""
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr ""
+
+-#: option.c:4385
++#: option.c:4479
+ #, c-format
+ msgid "bad command line options: %s"
+ msgstr ""
+
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr ""
+
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr ""
+
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr ""
+
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, c-format
+ msgid "failed to read %s: %s"
+ msgstr ""
+
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr ""
+
+-#: option.c:4513
++#: option.c:4614
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr ""
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr ""
+
+-#: forward.c:114
++#: forward.c:111
+ #, c-format
+ msgid "failed to send packet: %s"
+ msgstr ""
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr ""
+
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr ""
+
+-#: forward.c:629
++#: forward.c:627
+ #, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr ""
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr ""
+
+-#: forward.c:2101
++#: forward.c:2178
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr ""
+@@ -1180,263 +1208,276 @@ msgstr ""
+ msgid "using nameserver %s#%d"
+ msgstr ""
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:156
++msgid "no trust anchors provided for DNSSEC"
+ msgstr ""
+
+ #: dnsmasq.c:159
++msgid "cannot reduce cache size from default when DNSSEC enabled"
++msgstr ""
++
++#: dnsmasq.c:161
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++msgid "cannot use --conntrack AND --query-port"
+ msgstr ""
+
+-#: dnsmasq.c:173
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++#: dnsmasq.c:175
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ msgid "asychronous logging is not available under Solaris"
+ msgstr ""
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ msgid "asychronous logging is not available under Android"
+ msgstr ""
+
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:193
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++#: dnsmasq.c:195
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr ""
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr ""
+
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr ""
+
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr ""
+
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr ""
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr ""
+
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr ""
+
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr ""
+
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr ""
+
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr ""
+
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr ""
+
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr ""
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr ""
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr ""
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr ""
+
+-#: dnsmasq.c:684
++#: dnsmasq.c:708
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr ""
++
++#: dnsmasq.c:713
+ #, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr ""
+
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr ""
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr ""
+
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ msgid "warning: no upstream servers configured"
+ msgstr ""
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr ""
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr ""
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "enabled"
+ msgstr ""
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr ""
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr ""
+
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr ""
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, c-format
+ msgid "failed to create helper: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, c-format
+ msgid "cannot open log %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1151
++#: dnsmasq.c:1183
++#, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr ""
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr ""
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, c-format
+ msgid "script process killed by signal %d"
+ msgstr ""
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, c-format
+ msgid "script process exited with status %d"
+ msgstr ""
+
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, c-format
+ msgid "failed to execute %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr ""
+
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, c-format
+ msgid "failed to access %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr ""
+
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr ""
+@@ -1476,27 +1517,27 @@ msgstr ""
+ msgid "DHCP packet received on %s which has no address"
+ msgstr ""
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr ""
+
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr ""
+
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, c-format
+ msgid "bad line at %s line %d"
+ msgstr ""
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr ""
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr ""
+@@ -1567,12 +1608,12 @@ msgstr ""
+ msgid "disabled"
+ msgstr ""
+
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr ""
+
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr ""
+
+@@ -1592,7 +1633,7 @@ msgstr ""
+ msgid "no leases left"
+ msgstr ""
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, c-format
+ msgid "%u client provides name: %s"
+ msgstr ""
+@@ -1601,7 +1642,7 @@ msgstr ""
+ msgid "PXE BIS not supported"
+ msgstr ""
+
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr ""
+@@ -1637,7 +1678,7 @@ msgstr ""
+ msgid "wrong address"
+ msgstr ""
+
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr ""
+
+@@ -1687,7 +1728,7 @@ msgstr ""
+ msgid "PXE menu too large"
+ msgstr ""
+
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, c-format
+ msgid "%u requested options: %s"
+ msgstr ""
+@@ -1702,7 +1743,7 @@ msgstr ""
+ msgid "cannot create netlink socket: %s"
+ msgstr ""
+
+-#: netlink.c:347
++#: netlink.c:348
+ #, c-format
+ msgid "netlink returns error: %s"
+ msgstr ""
+@@ -1820,62 +1861,62 @@ msgstr ""
+ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr ""
+
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, c-format
+ msgid "%u vendor class: %u"
+ msgstr ""
+
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, c-format
+ msgid "%u client MAC address: %s"
+ msgstr ""
+
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, c-format
+ msgid "unknown prefix-class %d"
+ msgstr ""
+
+-#: rfc3315.c:791 rfc3315.c:913
+-msgid "success"
++#: rfc3315.c:803 rfc3315.c:902
++msgid "address unavailable"
+ msgstr ""
+
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
+-msgid "no addresses available"
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
++msgid "success"
+ msgstr ""
+
+-#: rfc3315.c:865
+-msgid "address unavailable"
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
++msgid "no addresses available"
+ msgstr ""
+
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr ""
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr ""
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr ""
+
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ msgid "address invalid"
+ msgstr ""
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr ""
+
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ msgid "all addresses still on link"
+ msgstr ""
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr ""
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr ""
+
+@@ -1968,7 +2009,7 @@ msgstr ""
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr ""
+
+-#: auth.c:429
++#: auth.c:436
+ #, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr ""
+@@ -1983,50 +2024,85 @@ msgstr ""
+ msgid "failed to create IPset control socket: %s"
+ msgstr ""
+
++#: dnssec.c:425 dnssec.c:469
++#, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr ""
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr ""
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr ""
+
+-#: tables.c:105
++#: tables.c:109
+ #, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr ""
+
+-#: tables.c:119
++#: tables.c:123
+ #, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr ""
+
+-#: tables.c:127
++#: tables.c:131
+ #, c-format
+ msgid "error: cannot use table name %s"
+ msgstr ""
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr ""
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr ""
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr ""
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr ""
+
+-#: tables.c:162
++#: tables.c:166
+ #, c-format
+ msgid "%d addresses %s"
+ msgstr ""
++
++#: inotify.c:46
++#, c-format
++msgid "failed to create inotify: %s"
++msgstr ""
++
++#: inotify.c:60
++#, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr ""
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++#: inotify.c:75 inotify.c:112
++#, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr ""
++
++#: inotify.c:97
++#, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr ""
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
+diff --git a/po/fr.po b/po/fr.po
+index 1ac4848b9fa9..fbddad73887a 100644
+--- a/po/fr.po
++++ b/po/fr.po
+@@ -14,70 +14,70 @@ msgstr ""
+ "Content-Transfer-Encoding: 8bit\n"
+ "Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr ""
+
+-#: cache.c:908
++#: cache.c:941
+ #, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr "Impossible de charger les noms à partir de %s : %s"
+
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, c-format
+ msgid "bad address at %s line %d"
+ msgstr "mauvaise adresse dans %s ligne %d"
+
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr "mauvais nom dans %s ligne %d"
+
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr "lecture %s - %d adresses"
+
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr "cache vidé"
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr "Aucune adresse IPv4 trouvée pour %s"
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr "%s est un CNAME, il ne sera pas donné au bail DHCP de %s"
+
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr "ne donne pas de nom %s au bail DHCP de %s parce-que le nom existe dans %s avec l'adresse %s"
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr "horodatage %lu"
+
+-#: cache.c:1367
++#: cache.c:1422
+ #, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr "taille de cache %d, %d/%d insertions dans le cache entrées non-expirées réutilisées"
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr "requêtes transmises %u, requêtes résolues localement %u"
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, fuzzy, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr "Configure la durée de vie (Time To Live) pour les réponses faisant autorité"
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr "serveur %s#%d: requêtes envoyées %u, requêtes réessayées ou échouées %u"
+@@ -91,7 +91,7 @@ msgstr "impossible d'initialiser le g
+ msgid "failed to allocate memory"
+ msgstr "impossible d'allouer la mémoire"
+
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr "impossible d'allouer de la mémoire"
+
+@@ -105,607 +105,642 @@ msgstr "Ne peut pas cr
+ msgid "failed to allocate %d bytes"
+ msgstr "impossible d'allouer %d octets"
+
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr "illimité(e)"
+
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr "Spécifie la ou les adresse(s) locales où le démon doit se mettre à l'écoute."
+
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr "Retourne les adresses IP pour toutes les machines présentes dans les domaines spécifiés"
+
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr "Traduction inverse truquée pour la plage d'adresse privée RFC1918"
+
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr "Traite l'adresse IP comme un domaine inexistant NXDOMAIN (contourne le systeme de redirection de Verisign)"
+
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr "Spécifie le nombre d'entrées que contiendra le cache (par défaut : %s)."
+
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr "Spécifie le nom du fichier de configuration (par défaut : %s)"
+
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr "Ne passe pas en tâche de fond : démarre en mode debug"
+
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr "Ne retransmet pas les requêtes qui n'ont pas de domaine."
+
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr "Retourne les champs MX pour les machines locales."
+
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr "Etend les noms uniques des machines dans /etc/hosts avec le suffixe du domaine."
+
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr "Ne retransmet pas les fausses requêtes DNS en provenance des machines Windows."
+
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr "Autorise DHCP dans la plage d'adresses donnée sur la durée de validité du bail."
+
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr "On change pour ce groupe après le démarrage (par défaut : %s)."
+
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr "On assigne une adresse ou un nom pour une machine spécifiée."
+
+-#: option.c:332
++#: option.c:344
+ msgid "Read DHCP host specs from file."
+ msgstr "Lecture des spécifications d'hôtes DHCP à partir du fichier"
+
+-#: option.c:333
++#: option.c:345
+ msgid "Read DHCP option specs from file."
+ msgstr "Lecture des options DHCP à partir du fichier"
+
+-#: option.c:334
++#: option.c:346
++#, fuzzy
++msgid "Read DHCP host specs from a directory."
++msgstr "Lecture des spécifications d'hôtes DHCP à partir du fichier"
++
++#: option.c:347
++#, fuzzy
++msgid "Read DHCP options from a directory."
++msgstr "Lecture des options DHCP à partir du fichier"
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr "Expression d'évaluation conditionnelle d'étiquette"
+
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr "Ne charge PAS le fichier %s."
+
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr "Spécifie un nom de fichier hosts à lire en complément de %s"
+
+-#: option.c:337
++#: option.c:351
++#, fuzzy
++msgid "Read hosts files from a directory."
++msgstr "Lecture des spécifications d'hôtes DHCP à partir du fichier"
++
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr "Spécifie la ou les interface(s) où le démon doit se mettre à l'écoute."
+
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr "Spécifie la ou les interface(s) que le démon ne doit PAS traiter."
+
+ #
+-#: option.c:339
++#: option.c:354
+ msgid "Map DHCP user class to tag."
+ msgstr "Associe les classes d'utilisateurs ('user class') DHCP aux options."
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr "Associe les identifiants de circuits RFC3046 ('circuit-id') aux options"
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr "Associe les identifiants distants RFC3046 ('remote-id') aux options"
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr "Associe les identifiants de souscripteurs RFC3993 ('subscriber-id') aux options"
+
+ #
+-#: option.c:343
++#: option.c:358
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr "Ne pas autoriser DHCP pour les machines énumerées dans les options."
+
+ #
+-#: option.c:344
++#: option.c:359
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr "Forcer les réponses par 'broadcast' pour les machines énumerées dans les options."
+
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr "Ne passe pas en tâche de fond, ne pas s'exécuter en mode debug."
+
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr "On considère que l'on est le seul serveur DHCP sur le réseau local."
+
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr "Spécifie où il faut sauvegarder les baux DHCP (par défaut : %s)."
+
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr "Retourne les champs MX pour les machines locales."
+
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr "Spécifie un champ MX."
+
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr "Spécifie les options BOOTP pour le serveur DHCP."
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr "Ne pas scruter le fichier %s, ne recharger les modifications que sur réception du signal SIGHUP."
+
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr "Ne place pas en cache le résultat des requêtes qui ont échouées."
+
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr "Utilise les serveurs de noms dans l'ordre donné dans %s."
+
+ #
+-#: option.c:354
++#: option.c:369
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr "Options supplémentaires à associer aux clients DHCP."
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr "Option DHCP envoyée même si le client de la demande pas."
+
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr "Spécifie le port où il faut écouter les requêtes DNS (par défaut : 53)."
+
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr "Taille maximale des paquets UDP supportés pour EDNS.0 (par défaut : %s)."
+
+ #
+-#: option.c:358
++#: option.c:373
+ msgid "Log DNS queries."
+ msgstr "Enregistre les requêtes DNS dans un journal d'activité."
+
+ #
+-#: option.c:359
++#: option.c:374
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr "Force le port d'origine pour les requêtes vers les serveurs amonts."
+
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr "Ne pas lire le fichier resolv.conf."
+
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr "Spécifie le chemin pour le fichier resolv.conf (par défaut : %s)."
+
+-#: option.c:362
++#: option.c:377
+ #, fuzzy
+ msgid "Specify path to file with server= options"
+ msgstr "Spécifie un chemin pour le fichier PID (par défaut : %s)."
+
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr "Spécifie la ou les adresses des serveurs amonts avec des domaines optionels."
+
+-#: option.c:364
++#: option.c:379
+ #, fuzzy
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr "Spécifie la ou les adresses des serveurs amonts avec des domaines optionels."
+
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr "Ne jamais retransmettre les requêtes pour les domaines spécifiés."
+
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr "Spécifie le domaine qui doit etre assigné aux baux DHCP."
+
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr "Spécifie la cible par défaut dans un champ MX."
+
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr "Spécifie le TTL en secondes pour les réponses qui utilisent /etc/hosts."
+
+ #
+-#: option.c:369
++#: option.c:384
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr "Spécifie le TTL en secondes pour les réponses qui utilisent /etc/hosts."
+
+-#: option.c:370
++#: option.c:385
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr "Spécifie, en secondes, la valeur maximum de TTL à renvoyer aux clients."
+
+-#: option.c:371
++#
++#: option.c:386
++#, fuzzy
++msgid "Specify time-to-live ceiling for cache."
++msgstr "Spécifie le TTL en secondes pour les réponses qui utilisent /etc/hosts."
++
++#
++#: option.c:387
++#, fuzzy
++msgid "Specify time-to-live floor for cache."
++msgstr "Spécifie le TTL en secondes pour les réponses qui utilisent /etc/hosts."
++
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr "Change pour cet utilisateur après le démarrage (par défaut : %s)."
+
+ #
+-#: option.c:372
++#: option.c:389
+ msgid "Map DHCP vendor class to tag."
+ msgstr "Associe les classes de fournisseurs ('vendor class') DHCP aux options."
+
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr "Affiche la version de Dnsmasq et les informations liées au copyright."
+
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr "Traduit les adresses IPV4 des serveurs amonts."
+
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr "Spécifie un champ SRV."
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr "Afficher ce message. Utiliser --help dhcp pour obtenir la liste des options DHCP connues."
+
+-#: option.c:377
++#: option.c:394
+ #, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr "Spécifie un chemin pour le fichier PID (par défaut : %s)."
+
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr "Spécifie le nombre maximum de baux DHCP (par défaut : %s)."
+
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr "Repond aux requêtes DNS en se basant sur l'interface ou a été envoyée la requête."
+
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr "Spécifie un champ DNS TXT"
+
+ #
+-#: option.c:381
++#: option.c:398
+ msgid "Specify PTR DNS record."
+ msgstr "Spécifie un champ DNS PTR"
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr "Donne le nom DNS pour l'adresse IPv4 de l'interface."
+
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr "Association uniquement aux interfaces réseau actuellement actives."
+
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr "Lecture des informations de DHCP statique à partir de %s."
+
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr "Autorise l'interface DBus pour la configuration des serveurs amonts, etc."
+
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr "Ne pas assurer de fonction DHCP sur cette interface, mais seulement la fonction DNS."
+
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr "Autorise l'allocation dynamique d'adresse pour bootp."
+
+ #
+-#: option.c:388
++#: option.c:405
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr "Associe l'adresse MAC (avec les jokers) aux options."
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr "Traiter les requêtes DHCP sur les alias comme arrivant de l'interface."
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr "Supprime la vérification d'adresse sur le serveur au moyen de paquets ICMP echo"
+
+-#: option.c:391
++#: option.c:408
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr "Script shell à exécuter lors de la création ou destruction de bail DHCP."
+
+-#: option.c:392
++#: option.c:409
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr "Script Lua à exécuter lors de la création ou destruction de bail DHCP."
+
+-#: option.c:393
++#: option.c:410
+ msgid "Run lease-change scripts as this user."
+ msgstr "Lancer le script 'lease-change' avec cet utilisateur."
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr "Lecture de la configuration dans tous les fichiers de ce répertoire."
+
+ #
+-#: option.c:395
++#: option.c:412
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr "Enregistrer les journaux d'activité dans cette facilité syslog. (défaut : DAEMON)"
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr "Ne pas utiliser de fichier de baux."
+
+-#: option.c:397
++#: option.c:414
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr "Spécifie le nombre maximum de requêtes DHCP concurrentes (par défaut : %s)."
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr "Vider le cache DNS lors du rechargement de %s."
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr "Ignorer les noms d'hôtes fournis par les clients DHCP"
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr "Ne pas réutiliser les champs nom de fichier et serveur dans les options DHCP supplémentaires."
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr "Activer le server TFTP intégré (fonctionnant en lecture seulement)"
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr "N'exporter par TFTP que les fichiers de l'arborescence de fichier spécifiée"
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr "Ajouter les adresses IP clientes à la racine tftp ('tftp-root')."
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr "Accès aux seuls fichiers appartenants à l'utilisateur sous lequel tourne dnsmasq"
+
+-#: option.c:405
++#: option.c:422
+ #, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr "Spécifie le nombre maximum de transfert TFTP concurrents (défaut : %s)."
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr "Désactivation de l'extension TFTP « taille de bloc »"
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr "Convertis les noms de fichiers TFTP en minuscule"
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr "Gamme de ports dans laquelle seront choisis les ports temporaires utilisés dans les transferts TFTP."
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr "Traces supplémentaires pour le DHCP."
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr "Active l'écriture de traces en mode asynchrone. Peut prendre en option la valeur de la longueur de la queue."
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr "Stopper la réassociation DNS ('DNS rebinding'). Filtre les gammes d'adresses IP privées lors de la résolution."
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr "Autorise la réassociation de 127.0.0/8, pour les serveurs RBL (Realtime Blackhole List)"
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr "Désactive la protection contre les réassociation DNS pour ce domaine"
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr "Toujours effectuer les requêtes DNS à tous les serveurs."
+
+ #
+-#: option.c:415
++#: option.c:432
+ msgid "Set tag if client includes matching option in request."
+ msgstr "Spécifie le label si le client inclus l'option dans la requête."
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr "Utiliser des ports alternatifs pour le DHCP."
+
+ #
+-#: option.c:417
++#: option.c:434
+ msgid "Specify NAPTR DNS record."
+ msgstr "Spécifie un champ DNS NAPTR."
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr "Définie le plus petit port utilisé pour la transmission d'une requête DNS."
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr "Utilise seulement les noms de domaine pleinement qualifiés pour les clients DHCP."
+
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr "Génère les noms d'hôtes à partir de l'adresse MAC pour les clients sans nom."
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr "Utilise ces relais DHCP en temps que proxy complets."
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr "Requêtes de relais DHCP à un serveur distant"
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr "Spécifie un alias pour un nom DNS local."
+
+ #
+-#: option.c:424
++#: option.c:441
+ msgid "Prompt to send to PXE clients."
+ msgstr "Invite à envoyer aux clients PXE."
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr "Service de démarrage pour menu PXE."
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr "vérification de la syntaxe de la configuration."
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr "Ajoute l'adresse MAC du requêteur aux requêtes DNS transmises"
+
+-#: option.c:428
++#: option.c:445
+ #, fuzzy
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr "Ajoute l'adresse MAC du requêteur aux requêtes DNS transmises"
+
+-#: option.c:429
++#: option.c:446
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr "Copie dans la réponse DNS le résultat de la validation DNSSEC effectuée par les serveurs DNS amonts."
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr "Essaie d'allouer des adresses IP séquentielles aux clients DHCP."
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr "Copie les marques de suivi de connexion pour les requêtes amont."
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr "Autoriser les clients DHCP à faire leurs propres mises à jour DDNS (Dynamic DNS)"
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr "Envoyer des annonces de routeurs pour toutes les interfaces faisant du DHCPv6"
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr "Spécifie pour le serveur DHCPv6 un identifiant unique DHCP (DUID) basé sur un numéro unique de vendeur (DUID_EN)"
+
+-#: option.c:435
++#: option.c:452
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr "Spécifie les enregistrements (A/AAAA et PTR) d'un hôte."
+
+-#: option.c:436
++#: option.c:453
+ msgid "Specify arbitrary DNS resource record"
+ msgstr "Définie une resource DNS d'un type spécifique"
+
+-#: option.c:437
++#: option.c:454
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr "Se lie aux interfaces préexistantes - vérifie l'apparition de nouvelles interfaces"
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr "Exporte les noms locaux dans le DNS global"
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr "Domaine à exporter dans le DNS global"
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr "Configure la durée de vie (Time To Live) pour les réponses faisant autorité"
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr "Configure les informations pour une zone de nom faisant autorité"
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr "Serveurs de noms secondaires faisant autorité pour les domaines délégués"
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr "Pairs autorisés à faire des transferts de zone"
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr "Spécifie les ipsets auxquels les domaines correspondants doivent-être ajoutés"
+
+-#: option.c:445
++#: option.c:462
+ #, fuzzy
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr "Spécifie un domaine et une plage d'adresses pour les noms auto-générés"
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr ""
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr ""
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr ""
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr ""
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr ""
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr "Spécifie le préfixe de classe DHCPv6"
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr ""
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr ""
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr ""
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr ""
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr ""
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr ""
+
+-#: option.c:661
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+@@ -714,328 +749,328 @@ msgstr ""
+ "Usage : dnsmasq [options]\n"
+ "\n"
+
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr "Utilisez les options courtes uniquement sur la ligne de commande.\n"
+
+-#: option.c:665
++#: option.c:684
+ #, c-format
+ msgid "Valid options are:\n"
+ msgstr "Les options valides sont :\n"
+
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr "numéro de port incorrect"
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr "association d'interface non supportée"
+
+ #
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ msgid "bad interface name"
+ msgstr "nom d'interface invalide"
+
+ #
+-#: option.c:792
++#: option.c:811
+ msgid "bad address"
+ msgstr "mauvaise adresse"
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr "encapsulation d'option non supportée pour IPv6"
+
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr "mauvaise valeur de 'dhcp-option'"
+
+ #
+-#: option.c:1056
++#: option.c:1075
+ msgid "bad IP address"
+ msgstr "mauvaise adresse IP"
+
+ #
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ msgid "bad IPv6 address"
+ msgstr "mauvaise adresse IPv6"
+
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr "mauvais domaine dans dhcp-option"
+
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr "dhcp-option trop long"
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr "valeur illégale pour 'dhcp-match'"
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr "Une option ne pouvant être spécifié qu'une seule fois à été donnée plusieurs fois"
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr "Mot-clef ne pouvant être répété"
+
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr "Ne peut pas lire le répertoire %s : %s"
+
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, c-format
+ msgid "cannot access %s: %s"
+ msgstr "Ne peut pas lire %s : %s"
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr "Sous android, impossible de positionner la cible (facility) pour les traces (logs)."
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr "Mauvaise cible (facility) pour les traces."
+
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr "préference MX incorrecte"
+
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr "nom MX incorrect"
+
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr "valeur MX cible incorrecte"
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr "ne peut exécuter de script sous uClinux"
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr "recompiler en définissant HAVE_SCRIPT pour permettre l'exécution de scripts shell au changement de bail (lease-change)"
+
+-#: option.c:1687
++#: option.c:1714
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr "recompiler en définissant HAVE_LUASCRIPT pour permettre l'exécution de scripts LUA au changement de bail (lease-change)"
+
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ msgid "bad prefix"
+ msgstr "mauvais préfixe"
+
+-#: option.c:2289
++#: option.c:2352
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr "recompiler en définissant HAVE_IPSET pour permettre l'utilisation de directives de groupes d'IP (IPset)"
+
+ #
+-#: option.c:2469
++#: option.c:2545
+ msgid "bad port range"
+ msgstr "gamme de ports incorrecte"
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr "interface-pont incorrecte"
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr "une seule étiquette est autorisée"
+
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr "plage d'adresses DHCP (dhcp-range) incorrecte"
+
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr "plage d'adresses DHCP incohérente"
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr "la taille du préfixe doit être exactement 64 pour les sous-réseaux d'annonces de routeurs (RA)"
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr "la taille du préfixe doit être exactement 64 pour le constructeur de sous-réseaux"
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr "la taille de préfixe doit être au minimum 64"
+
+-#: option.c:2660
++#: option.c:2736
+ msgid "inconsistent DHCPv6 range"
+ msgstr "plage d'adresses DHCPv6 incohérente"
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr "le préfixe doit avoir une taille de 0 lorsque l'argument \"constructor:\" est utilisé"
+
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ msgid "bad hex constant"
+ msgstr "mauvaise constante hexadecimale"
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr "L'utilisation de labels est prohibée dans --dhcp-host"
+
+-#: option.c:2852
++#: option.c:2928
+ #, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr "adresse IP dhcp-host dupliquée dans %s."
+
+ #
+-#: option.c:2910
++#: option.c:2986
+ msgid "bad DHCP host name"
+ msgstr "nom d'hôte DHCP incorrect"
+
+-#: option.c:2992
++#: option.c:3068
+ msgid "bad tag-if"
+ msgstr "mauvaise étiquette tag-if"
+
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr "numéro de port invalide"
+
+ #
+-#: option.c:3378
++#: option.c:3454
+ msgid "bad dhcp-proxy address"
+ msgstr "adresse dhcp-proxy incorrecte"
+
+-#: option.c:3404
++#: option.c:3480
+ msgid "Bad dhcp-relay"
+ msgstr "valeur incorrecte pour le relais DHCP (dhcp-relay)"
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr ""
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr "mauvais identifiant unique DHCP (DUID)"
+
+ #
+-#: option.c:3481
++#: option.c:3557
+ msgid "invalid alias range"
+ msgstr "poids invalide"
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr "mauvais CNAME"
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr "ce CNAME existe déja"
+
+ #
+-#: option.c:3560
++#: option.c:3636
+ msgid "bad PTR record"
+ msgstr "mauvais champ PTR"
+
+ #
+-#: option.c:3591
++#: option.c:3667
+ msgid "bad NAPTR record"
+ msgstr "mauvais champ NAPTR"
+
+ #
+-#: option.c:3625
++#: option.c:3701
+ msgid "bad RR record"
+ msgstr "mauvais enregistrement RR"
+
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr "champ TXT invalide"
+
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr "champ SRV invalide"
+
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr "cible SRV invalide"
+
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr "priorité invalide"
+
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr "poids invalide"
+
+ #
+-#: option.c:3748
++#: option.c:3824
+ msgid "Bad host-record"
+ msgstr "mauvais champ host-record"
+
+-#: option.c:3765
++#: option.c:3841
+ msgid "Bad name in host-record"
+ msgstr "mauvais nom dans le champ host-record"
+
+ #
+-#: option.c:3826
++#: option.c:3906
+ #, fuzzy
+ msgid "bad trust anchor"
+ msgstr "gamme de ports incorrecte"
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr ""
+
+-#: option.c:3850
++#: option.c:3930
+ #, fuzzy
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr "option non supportée (vérifier que Dnsmasq a été compilé avec le support DHCP/TFTP/DBus)"
+
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr "il manque \""
+
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr "mauvaise option"
+
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr "paramètre en trop"
+
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr "paramètre manquant"
+
+-#: option.c:3972
++#: option.c:4052
+ #, fuzzy
+ msgid "illegal option"
+ msgstr "mauvaise option"
+
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr "erreur"
+
+-#: option.c:3981
++#: option.c:4061
+ #, c-format
+ msgid " at line %d of %s"
+ msgstr "à la ligne %d de %s"
+
+-#: option.c:4045 option.c:4168 tftp.c:667
+-#, c-format
+-msgid "cannot read %s: %s"
+-msgstr "Ne peut pas lire %s : %s"
+-
+-#: option.c:4229 option.c:4265
++#: option.c:4076 option.c:4323 option.c:4359
+ #, c-format
+ msgid "read %s"
+ msgstr "Lecture de %s"
+
+-#: option.c:4331
++#: option.c:4139 option.c:4262 tftp.c:667
++#, c-format
++msgid "cannot read %s: %s"
++msgstr "Ne peut pas lire %s : %s"
++
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr "la ligne de commande contient des éléments indésirables ou incompréhensibles"
+
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr "Version de Dnsmasq %s %s\n"
+
+-#: option.c:4367
++#: option.c:4461
+ #, c-format
+ msgid ""
+ "Compile time options: %s\n"
+@@ -1044,89 +1079,89 @@ msgstr ""
+ "Options à la compilation %s\n"
+ "\n"
+
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr "Ce logiciel est fourni sans AUCUNE GARANTIE.\n"
+
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr "Dnsmasq est un logiciel libre, il vous est permis de le redistribuer\n"
+
+-#: option.c:4370
++#: option.c:4464
+ #, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr "sous les termes de la licence GPL (GNU General Public License), version 2 ou 3.\n"
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr "essayez avec --help"
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr "essayez avec -w"
+
+-#: option.c:4385
++#: option.c:4479
+ #, c-format
+ msgid "bad command line options: %s"
+ msgstr "mauvaises options en ligne de commande : %s."
+
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr "ne peut pas obtenir le nom de la machine : %s"
+
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr "seul un fichier resolv.conf est autorisé dans le mode no-poll"
+
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr "un fichier resolv.conf (et un seul) est nécessaire pour y récuperer le nom de domaine."
+
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, c-format
+ msgid "failed to read %s: %s"
+ msgstr "impossible de lire %s : %s"
+
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr "pas de directive de recherche trouvée dans %s"
+
+-#: option.c:4513
++#: option.c:4614
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr "un domaine par défaut doit être spécifié lorsque l'option --dhcp-fqdn est utilisée"
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr "vérification de syntaxe OK"
+
+-#: forward.c:114
++#: forward.c:111
+ #, c-format
+ msgid "failed to send packet: %s"
+ msgstr "impossible d'envoyer le paquet : %s"
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr ""
+
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr "le serveur de nom %s a refusé de faire une recherche récursive"
+
+-#: forward.c:629
++#: forward.c:627
+ #, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr "détection d'une possible attaque de type DNS-rebind: %s"
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr ""
+
+-#: forward.c:2101
++#: forward.c:2178
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr "Nombre maximum de requêtes DNS concurrentes atteint (maximum : %d)."
+@@ -1216,271 +1251,286 @@ msgstr "utilise le serveur de nom %s#%d (via %s)"
+ msgid "using nameserver %s#%d"
+ msgstr "utilise le serveur de nom %s#%d"
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:156
++msgid "no trust anchors provided for DNSSEC"
+ msgstr ""
+
+ #: dnsmasq.c:159
++msgid "cannot reduce cache size from default when DNSSEC enabled"
++msgstr ""
++
++#: dnsmasq.c:161
+ #, fuzzy
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr "DBus n'est pas disponible : activez HAVE_DBUS dans src/config.h"
+
+ #
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr "TFTP n'est pas disponible : activez HAVE_TFTP dans src/config.h"
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++#, fuzzy
++msgid "cannot use --conntrack AND --query-port"
+ msgstr "impossible d'utiliser conjointement --conntrack et --query-port"
+
+ #
+-#: dnsmasq.c:173
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++#: dnsmasq.c:175
++#, fuzzy
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr "Support de suivi de connexion non disponible : activez HAVE_CONNTRACK dans src/config.h"
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ msgid "asychronous logging is not available under Solaris"
+ msgstr "l'écriture de traces en mode asynchrone n'est pas disponible sous Solaris."
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ msgid "asychronous logging is not available under Android"
+ msgstr "l'écriture de traces en mode asynchrone n'est pas disponible sous Android."
+
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr "le mode « autorité DNS » n'est pas disponible : activez HAVE_AUTH dans src/config.h"
+
+ #
+-#: dnsmasq.c:193
++#: dnsmasq.c:195
+ #, fuzzy
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr "TFTP n'est pas disponible : activez HAVE_TFTP dans src/config.h"
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr "le numéro de série de la zone doit être configuré dans --auth-soa"
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr "le constructeur de plage dhcp n'est pas disponible sur cette plate-forme"
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr "--bind-interfaces et --bind-dynamic sont mutuellement exclusives"
+
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr "impossible de trouver la liste des interfaces : %s"
+
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr "interface %s inconnue"
+
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr "Erreur DBus : %s"
+
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr "DBus n'est pas disponible : activez HAVE_DBUS dans src/config.h"
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr "utilisateur ou groupe inconnu : %s"
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr "Ne peut effectuer un 'chdir' à la racine du système de fichier : %s"
+
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr "démarrage avec le DNS désactivé (version %s)"
+
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr "demarré, version %s (taille de cache %d)"
+
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr "démarrage avec le cache désactivé (version %s)"
+
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr "options à la compilation : %s"
+
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr "Support DBus autorisé : connecté au bus système"
+
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr "Support DBus autorisé : connexion au bus en attente"
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr ""
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr ""
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr ""
+
+-#: dnsmasq.c:684
++#: dnsmasq.c:708
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr ""
++
++#: dnsmasq.c:713
+ #, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr "Impossible de changer pour l'utilisateur %s : %s"
+
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr "active l'option --bind-interfaces à cause de limitations dans le système d'exploitation"
+
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr "attention : l'interface %s n'existe pas actuellement"
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr "attention : l'option « resolv-file » sera ignorée car « no-resolv » a été spécifié"
+
+ #
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ msgid "warning: no upstream servers configured"
+ msgstr "attention : aucun serveur amont n'est configuré"
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr "mode asynchrone d'écriture de traces, la taille maximum de la queue est de %d messages."
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr "annonces de routeur IPv6 activées"
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr "root est"
+
+ #
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "enabled"
+ msgstr "activé"
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr "mode sécurisé"
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr "le nombre maximum de transferts TFTP simultanés sera restreint à %d"
+
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr "connecté au systeme DBus"
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr "Ne peut se lancer en tâche de fond : %s"
+
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, c-format
+ msgid "failed to create helper: %s"
+ msgstr "impossible de créer le 'helper' : %s"
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr "impossible de configurer la capacité %s"
+
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr "Impossible de changer l'identifiant utilisateur pour %s : %s"
+
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr "Impossible de changer l'identifiant de groupe pour %s : %s"
+
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr "impossible de lire le fichier de PID %s : %s"
+
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, c-format
+ msgid "cannot open log %s: %s"
+ msgstr "Ne peut ouvrir le fichier de log %s : %s"
+
+ #
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr "impossible de charger le script Lua : %s"
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr "répertoire TFTP %s inaccessible : %s"
+
+-#: dnsmasq.c:1151
++#: dnsmasq.c:1183
++#, fuzzy, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr "ne peut ouvrir ou créer le fichiers de baux %s : %s"
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr ""
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, c-format
+ msgid "script process killed by signal %d"
+ msgstr "Le script a été terminé par le signal %d"
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, c-format
+ msgid "script process exited with status %d"
+ msgstr "Le script s'est terminé avec le statut %d"
+
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, c-format
+ msgid "failed to execute %s: %s"
+ msgstr "impossible d'exécuter à %s : %s"
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr "sortie sur réception du signal SIGTERM"
+
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, c-format
+ msgid "failed to access %s: %s"
+ msgstr "impossible d'accéder à %s : %s"
+
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr "Lecture de %s"
+
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr "aucun serveur trouvé dans %s, va réessayer"
+@@ -1520,27 +1570,27 @@ msgstr "interface %s inconnue sp
+ msgid "DHCP packet received on %s which has no address"
+ msgstr "Paquet DHCP reçu sur %s qui n'a pas d'adresse"
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr ""
+
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr "La plage d'adresses DHCP %s -- %s n'est pas cohérente avec le masque de réseau %s"
+
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, c-format
+ msgid "bad line at %s line %d"
+ msgstr "mauvaise ligne dans %s ligne %d"
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr "ignore %s à la ligne %d : duplication de nom ou d'adresse IP"
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr "Relais DHCP %s -> %s"
+@@ -1611,12 +1661,12 @@ msgstr "%u Classe d'utilisateur : %s"
+ msgid "disabled"
+ msgstr "désactivé"
+
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr "ignoré"
+
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr "adresse déjà utilisée"
+
+@@ -1636,7 +1686,7 @@ msgstr "pas d'adresse configur
+ msgid "no leases left"
+ msgstr "plus aucun bail disponible"
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, c-format
+ msgid "%u client provides name: %s"
+ msgstr "le client %u fourni le nom : %s"
+@@ -1645,7 +1695,7 @@ msgstr "le client %u fourni le nom : %s"
+ msgid "PXE BIS not supported"
+ msgstr "Service PXE BIS (Boot Integrity Services) non supporté"
+
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr "désactive l'adresse statique DHCP %s pour %s"
+@@ -1681,7 +1731,7 @@ msgstr "mauvais identifiant de serveur"
+ msgid "wrong address"
+ msgstr "mauvaise adresse"
+
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr "bail non trouvé"
+
+@@ -1731,7 +1781,7 @@ msgstr "Impossible d'envoyer l'option DHCP/BOOTP %d : pas assez d'espace dans le
+ msgid "PXE menu too large"
+ msgstr "menu PXE trop grand"
+
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, c-format
+ msgid "%u requested options: %s"
+ msgstr "%u options demandées : %s"
+@@ -1746,7 +1796,7 @@ msgstr "ne peux envoyer l'option RFC3925 : trop d'options pour le num
+ msgid "cannot create netlink socket: %s"
+ msgstr "ne peux lier une socket netlink : %s"
+
+-#: netlink.c:347
++#: netlink.c:348
+ #, c-format
+ msgid "netlink returns error: %s"
+ msgstr "Erreur netlink : %s"
+@@ -1864,62 +1914,62 @@ msgstr "pas de plage d'adresse disponible pour la requ
+ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr "%u sous-réseaux DHCPv6 disponibles : %s/%d"
+
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, c-format
+ msgid "%u vendor class: %u"
+ msgstr "%u Classe de vendeur ('Vendor Class') : %u"
+
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, c-format
+ msgid "%u client MAC address: %s"
+ msgstr "%u MAC adresse du client : %s"
+
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, c-format
+ msgid "unknown prefix-class %d"
+ msgstr "préfixe de classe inconnu %d"
+
+-#: rfc3315.c:791 rfc3315.c:913
++#: rfc3315.c:803 rfc3315.c:902
++msgid "address unavailable"
++msgstr "adresse non disponible"
++
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
+ msgid "success"
+ msgstr "réussi"
+
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
+ msgid "no addresses available"
+ msgstr "pas d'adresse disponible"
+
+-#: rfc3315.c:865
+-msgid "address unavailable"
+-msgstr "adresse non disponible"
+-
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr "pas sur ce lien"
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr "aucune liaison trouvée"
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr "obsolète"
+
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ msgid "address invalid"
+ msgstr "adresse non valide"
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr "confirmation d'échec"
+
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ msgid "all addresses still on link"
+ msgstr "toutes les adresses sont toujours sur le lien"
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr "libération reçue"
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr "Impossible de faire du multicast au server DHCPv6 sans interface valide"
+
+@@ -2012,7 +2062,7 @@ msgstr "Relais DHCP de %s
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr "ne peut créer la socket ICMPv6: %s"
+
+-#: auth.c:429
++#: auth.c:436
+ #, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr "la requête de transfert de zone en provenance de %s est ignorée"
+@@ -2027,55 +2077,90 @@ msgstr "impossible de trouver la version de noyau : %s"
+ msgid "failed to create IPset control socket: %s"
+ msgstr "impossible de créer une socket de contrôle IPset : %s"
+
++#: dnssec.c:425 dnssec.c:469
++#, fuzzy, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr "impossible de lire le fichier de PID %s : %s"
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr ""
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr ""
+
+-#: tables.c:105
++#: tables.c:109
+ #, fuzzy, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr "impossible d'accéder à %s : %s"
+
+-#: tables.c:119
++#: tables.c:123
+ #, fuzzy, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr "utilise les adresses locales seulement pour %s %s"
+
+-#: tables.c:127
++#: tables.c:131
+ #, fuzzy, c-format
+ msgid "error: cannot use table name %s"
+ msgstr "ne peut pas obtenir le nom de la machine : %s"
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr ""
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr ""
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr ""
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr ""
+
+ #
+-#: tables.c:162
++#: tables.c:166
+ #, fuzzy, c-format
+ msgid "%d addresses %s"
+ msgstr "mauvaise adresse"
+
++#: inotify.c:46
++#, fuzzy, c-format
++msgid "failed to create inotify: %s"
++msgstr "impossible de créer le 'helper' : %s"
++
++#: inotify.c:60
++#, fuzzy, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr "ne peut ouvrir ou créer le fichiers de baux %s : %s"
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++#: inotify.c:75 inotify.c:112
++#, fuzzy, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr "impossible de créer une socket d'écoute pour %s : %s"
++
++#: inotify.c:97
++#, fuzzy, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr "Ne peut pas lire le répertoire %s : %s"
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
++
+ #~ msgid "Always send frequent router-advertisements"
+ #~ msgstr "Envoyer des annonces de routeurs fréquentes"
+
+diff --git a/po/id.po b/po/id.po
+index b1809b695168..a0ff0f062e8b 100644
+--- a/po/id.po
++++ b/po/id.po
+@@ -15,77 +15,77 @@ msgstr ""
+ "Content-Type: text/plain; charset=ASCII\n"
+ "Content-Transfer-Encoding: 8bit\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr ""
+
+ # OK
+-#: cache.c:908
++#: cache.c:941
+ #, fuzzy, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr "gagal memuat nama-nama dari %s: %s"
+
+ # OK
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, fuzzy, c-format
+ msgid "bad address at %s line %d"
+ msgstr "kesalahan nama pada %s baris %d"
+
+ # OK
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr "kesalahan nama pada %s baris %d"
+
+ # OK
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr "membaca %s - %d alamat"
+
+ # OK
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr "cache telah dihapus"
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr ""
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr ""
+
+ # OK
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr "tidak memberikan nama %s kepada lease DHCP %s karena nama telah ada dalam %sdengan alamat %s"
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr ""
+
+ # OK
+-#: cache.c:1367
++#: cache.c:1422
+ #, fuzzy, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr "ukuran cache %d, %d/%d penyisipan cache menimpa cache yang belum kadaluwarsa"
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr ""
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr ""
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr ""
+@@ -103,7 +103,7 @@ msgid "failed to allocate memory"
+ msgstr "gagal memuat %S: %m"
+
+ # OK
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr "tidak bisa mendapatkan memory"
+
+@@ -120,682 +120,720 @@ msgid "failed to allocate %d bytes"
+ msgstr "gagal memuat %S: %m"
+
+ # OK
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr "tak terbatas"
+
+ # OK
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr "Tentukan alamat lokal untuk mendengarkan."
+
+ # OK
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr "Menghasilkan ipaddr untuk semua host dalam domain yang dipilih."
+
+ # OK
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr "Fake pencarian balik untuk alamat private sesuai dengan RFC1918."
+
+ # OK
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr "Perlakukan ipaddr sebagai NXDOMAIN (mengalahkan wildcard Verisign)."
+
+ # OK
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr "Tentukan ukuran cache, dalam jumlah isian (default %s)."
+
+ # OK
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr "Tentukan file konfigurasi (default %s)."
+
+ # OK
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr "JANGAN berjalan di background: berjalan dalam modus debug."
+
+ # OK
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr "JANGAN teruskan permintaan tanpa bagian domain."
+
+ # OK
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr "Mengembalikan record MX untuk diri sendiri host-host lokal."
+
+ # OK
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr "Melengkapi nama-nama di /etc/hosts dengan akhiran domain."
+
+ # OK
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr "Jangan meneruskan permintaan DNS spurious dari host-host Windows."
+
+ # OK
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr "Bolehkan DHCP dalam jangkauan yang diberikan dengan durasi lease."
+
+ # OK
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr "Ubah ke group ini setelah mulai (default %s)."
+
+ # OK
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr "Setel alamat atau nama host untuk mesin yang disebutkan."
+
+ # OK
+-#: option.c:332
++#: option.c:344
+ #, fuzzy
+ msgid "Read DHCP host specs from file."
+ msgstr "nama MX salah"
+
+-#: option.c:333
++#: option.c:345
+ msgid "Read DHCP option specs from file."
+ msgstr ""
+
+-#: option.c:334
++# OK
++#: option.c:346
++#, fuzzy
++msgid "Read DHCP host specs from a directory."
++msgstr "nama MX salah"
++
++# OK
++#: option.c:347
++#, fuzzy
++msgid "Read DHCP options from a directory."
++msgstr "nama MX salah"
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr ""
+
+ # OK
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr "JANGAN muat file %s."
+
+ # OK
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr "Sebutkan sebuah file hosts yang harus dibaca sebagai tambahan untuk %s."
+
+ # OK
+-#: option.c:337
++#: option.c:351
++#, fuzzy
++msgid "Read hosts files from a directory."
++msgstr "nama MX salah"
++
++# OK
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr "Sebutkan antarmuka untuk mendengarkan."
+
+ # OK
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr "Sebutkan antarmuka untuk TIDAK mendengarkan."
+
+ # OK
+-#: option.c:339
++#: option.c:354
+ #, fuzzy
+ msgid "Map DHCP user class to tag."
+ msgstr "Petakan kelas user DHCP ke setelan yang dipilih."
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr ""
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr ""
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr ""
+
+ # OK
+-#: option.c:343
++#: option.c:358
+ #, fuzzy
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr "Jangan menggunakan DHCP untuk host-host yang dipilih."
+
+ # OK
+-#: option.c:344
++#: option.c:359
+ #, fuzzy
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr "Jangan menggunakan DHCP untuk host-host yang dipilih."
+
+ # OK
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr "JANGAN berjalan di background, jangan berjalan dalam modus debug."
+
+ # OK
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr "Berpikir bahwa kita satu-satunya DHCP server dalam jaringan."
+
+ # OK
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr "Sebutkan lokasi untuk menyimpan lease DHCP (default %s)."
+
+ # OK
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr "Kembalikan rekord MX untuk host-host lokal."
+
+ # OK
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr "Sebutkan sebuah rekord MX."
+
+ # OK
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr "Sebutkan pilihan-pilihan BOOTP untuk DHCP server."
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr "Jangan kumpulkan file %s, muat kembali saat SIGHUP."
+
+ # OK
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr "JANGAN menyimpan hasil pencarian yang gagal."
+
+ # OK
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr "Gunakan secara ketat namaserver yang disebutkan sesuai urutan di %s."
+
+ # OK
+-#: option.c:354
++#: option.c:369
+ #, fuzzy
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr "Setel pilihan-pilihan tambahan yang akan disetel untuk klien-klien DHCP."
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr ""
+
+ # OK
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr "Sebutkan port untuk mendengarkan permintaan DNS (default port 53)."
+
+ # OK
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr "Ukuran maksimum paket UDP yang didukung untuk EDNS.0 (default %s)."
+
+ # OK
+-#: option.c:358
++#: option.c:373
+ #, fuzzy
+ msgid "Log DNS queries."
+ msgstr "Permintaan log."
+
+ # OK
+-#: option.c:359
++#: option.c:374
+ #, fuzzy
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr "Paksa port asal untuk permintaan ke atas."
+
+ # OK
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr "JANGAN baca resolv.conf."
+
+ # OK
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr "Sebutkan path ke resolv.conf (default %s)."
+
+ # OK
+-#: option.c:362
++#: option.c:377
+ #, fuzzy
+ msgid "Specify path to file with server= options"
+ msgstr "Sebutkan path file PID. (default %s)."
+
+ # OK
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr "Sebutkan alamat-alamat server di atas, boleh dilengkapi dengan nama domain."
+
+ # OK
+-#: option.c:364
++#: option.c:379
+ #, fuzzy
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr "Sebutkan alamat-alamat server di atas, boleh dilengkapi dengan nama domain."
+
+ # OK
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr "JANGAN pernah meneruskan permintaan ke domain yang disebutkan."
+
+ # OK
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr "Sebutkan domain yang digunakan dalam lease DHCP."
+
+ # OK
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr "Sebutkan tujuan default dalam rekord MX."
+
+ # OK
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr "Sebutkan time-to-live dalam detik untuk jawaban dari /etc/hosts."
+
+ # OK
+-#: option.c:369
++#: option.c:384
+ #, fuzzy
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr "Sebutkan time-to-live dalam detik untuk jawaban dari /etc/hosts."
+
+ # OK
+-#: option.c:370
++#: option.c:385
+ #, fuzzy
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr "Sebutkan time-to-live dalam detik untuk jawaban dari /etc/hosts."
+
+ # OK
+-#: option.c:371
++#: option.c:386
++#, fuzzy
++msgid "Specify time-to-live ceiling for cache."
++msgstr "Sebutkan time-to-live dalam detik untuk jawaban dari /etc/hosts."
++
++# OK
++#: option.c:387
++#, fuzzy
++msgid "Specify time-to-live floor for cache."
++msgstr "Sebutkan time-to-live dalam detik untuk jawaban dari /etc/hosts."
++
++# OK
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr "Ubah ke user ini setelah mulai. (default %s)."
+
+ # OK
+-#: option.c:372
++#: option.c:389
+ #, fuzzy
+ msgid "Map DHCP vendor class to tag."
+ msgstr "Memetakan kelas vendor DHCP ke daftar pilihan."
+
+ # OK
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr "Menampilkan versi dan informasi hak cipta dnsmasq."
+
+ # OK
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr "Terjemahkan alamat-alamat IPv4 dari server-server di atas."
+
+ # OK
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr "Sebutkan rekord SRV."
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr ""
+
+ # OK
+-#: option.c:377
++#: option.c:394
+ #, fuzzy, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr "Sebutkan path file PID. (default %s)."
+
+ # OK
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr "Sebutkan jumlah maksimum lease DHCP (default %s)."
+
+ # OK
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr "Jawab permintaan DNS berdasarkan antarmuka dimana permintaan dikirimkan."
+
+ # OK
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr "Sebutkan rekord TXT DNS."
+
+ # OK
+-#: option.c:381
++#: option.c:398
+ #, fuzzy
+ msgid "Specify PTR DNS record."
+ msgstr "Sebutkan rekord TXT DNS."
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr ""
+
+ # OK
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr "Hanya kaitkan ke antarmuka yang sedang digunakan saja."
+
+ # OK
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr "Baca informasi statik host DHCP dari %s."
+
+ # OK
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr "Mungkinkan antar muka DBus untuk menyetel server-server di atas, dsb."
+
+ # OK
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr "JANGAN menyediakan DHCP pada antarmuka ini, hanya menyediakan DNS."
+
+ # OK
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr "Mungkinkan alokasi alamat dinamis untuk bootp."
+
+ # OK
+-#: option.c:388
++#: option.c:405
+ #, fuzzy
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr "Memetakan kelas vendor DHCP ke daftar pilihan."
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr ""
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr ""
+
+-#: option.c:391
++#: option.c:408
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:392
++#: option.c:409
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:393
++#: option.c:410
+ msgid "Run lease-change scripts as this user."
+ msgstr ""
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr ""
+
+ # OK
+-#: option.c:395
++#: option.c:412
+ #, fuzzy
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr "Ubah ke user ini setelah mulai. (default %s)."
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr ""
+
+ # OK
+-#: option.c:397
++#: option.c:414
+ #, fuzzy, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr "Sebutkan jumlah maksimum lease DHCP (default %s)."
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr ""
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr ""
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr ""
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr ""
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr ""
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr ""
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr ""
+
+ # OK
+-#: option.c:405
++#: option.c:422
+ #, fuzzy, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr "Sebutkan jumlah maksimum lease DHCP (default %s)."
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr ""
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr ""
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr ""
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr ""
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr ""
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr ""
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr ""
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr ""
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr ""
+
+-#: option.c:415
++#: option.c:432
+ msgid "Set tag if client includes matching option in request."
+ msgstr ""
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr ""
+
+ # OK
+-#: option.c:417
++#: option.c:434
+ #, fuzzy
+ msgid "Specify NAPTR DNS record."
+ msgstr "Sebutkan rekord TXT DNS."
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr ""
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr ""
+
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr ""
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr ""
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr ""
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr ""
+
+ # OK
+-#: option.c:424
++#: option.c:441
+ #, fuzzy
+ msgid "Prompt to send to PXE clients."
+ msgstr "Setel pilihan-pilihan tambahan yang akan disetel untuk klien-klien DHCP."
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr ""
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr ""
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:428
++#: option.c:445
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr ""
+
+ # OK
+-#: option.c:429
++#: option.c:446
+ #, fuzzy
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr "Terjemahkan alamat-alamat IPv4 dari server-server di atas."
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr ""
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr ""
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr ""
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr ""
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr ""
+
+ # OK
+-#: option.c:435
++#: option.c:452
+ #, fuzzy
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr "Sebutkan sebuah rekord MX."
+
+ # OK
+-#: option.c:436
++#: option.c:453
+ #, fuzzy
+ msgid "Specify arbitrary DNS resource record"
+ msgstr "Sebutkan rekord TXT DNS."
+
+ # OK
+-#: option.c:437
++#: option.c:454
+ #, fuzzy
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr "antarmuka tidak dikenal %s"
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr ""
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr ""
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr ""
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr ""
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr ""
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr ""
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr ""
+
+-#: option.c:445
++#: option.c:462
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr ""
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr ""
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr ""
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr ""
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr ""
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr ""
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr ""
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr ""
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr ""
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr ""
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr ""
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr ""
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr ""
+
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
+ # OK
+-#: option.c:661
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+@@ -805,381 +843,381 @@ msgstr ""
+ "\n"
+
+ # OK
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr "Gunakan pilihan pendek saja pada perintah baris.\n"
+
+ # OK
+-#: option.c:665
++#: option.c:684
+ #, fuzzy, c-format
+ msgid "Valid options are:\n"
+ msgstr "Pilihan yang boleh adalah:\n"
+
+ # OK
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr "port salah"
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr ""
+
+ # OK
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ #, fuzzy
+ msgid "bad interface name"
+ msgstr "nama MX salah"
+
+ # OK
+-#: option.c:792
++#: option.c:811
+ #, fuzzy
+ msgid "bad address"
+ msgstr "membaca %s - %d alamat"
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr ""
+
+ # OK
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr "dhcp-option salah"
+
+ # OK
+-#: option.c:1056
++#: option.c:1075
+ #, fuzzy
+ msgid "bad IP address"
+ msgstr "membaca %s - %d alamat"
+
+ # OK
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ #, fuzzy
+ msgid "bad IPv6 address"
+ msgstr "membaca %s - %d alamat"
+
+ # OK
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr "domain dalam dhcp-option salah"
+
+ # OK
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr "dhcp-option terlalu panjang"
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr ""
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr ""
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr ""
+
+ # OK
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, fuzzy, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr "tidak bisa membaca %s: %s"
+
+ # OK
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, fuzzy, c-format
+ msgid "cannot access %s: %s"
+ msgstr "tidak bisa membaca %s: %s"
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr ""
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr ""
+
+ # OK
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr "kesukaan MX salah"
+
+ # OK
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr "nama MX salah"
+
+ # OK
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr "target MX salah"
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr ""
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr ""
+
+-#: option.c:1687
++#: option.c:1714
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr ""
+
+ # OK
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ #, fuzzy
+ msgid "bad prefix"
+ msgstr "port salah"
+
+-#: option.c:2289
++#: option.c:2352
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr ""
+
+ # OK
+-#: option.c:2469
++#: option.c:2545
+ #, fuzzy
+ msgid "bad port range"
+ msgstr "port salah"
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr ""
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr ""
+
+ # OK
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr "dhcp-range salah"
+
+ # OK
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr "jangkauan DHCP tidak konsisten"
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr ""
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr ""
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr ""
+
+ # OK
+-#: option.c:2660
++#: option.c:2736
+ #, fuzzy
+ msgid "inconsistent DHCPv6 range"
+ msgstr "jangkauan DHCP tidak konsisten"
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr ""
+
+ # OK
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ #, fuzzy
+ msgid "bad hex constant"
+ msgstr "dhcp-host salah"
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr ""
+
+ # OK
+-#: option.c:2852
++#: option.c:2928
+ #, fuzzy, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr "alamat IP kembar %s dalam direktif dhcp-config"
+
+ # OK
+-#: option.c:2910
++#: option.c:2986
+ #, fuzzy
+ msgid "bad DHCP host name"
+ msgstr "nama MX salah"
+
+ # OK
+-#: option.c:2992
++#: option.c:3068
+ #, fuzzy
+ msgid "bad tag-if"
+ msgstr "target MX salah"
+
+ # OK
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr "nomor port tidak benar"
+
+ # OK
+-#: option.c:3378
++#: option.c:3454
+ #, fuzzy
+ msgid "bad dhcp-proxy address"
+ msgstr "membaca %s - %d alamat"
+
+ # OK
+-#: option.c:3404
++#: option.c:3480
+ #, fuzzy
+ msgid "Bad dhcp-relay"
+ msgstr "dhcp-range salah"
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr ""
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr ""
+
+ # OK
+-#: option.c:3481
++#: option.c:3557
+ #, fuzzy
+ msgid "invalid alias range"
+ msgstr "weight tidak benar"
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr ""
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr ""
+
+ # OK
+-#: option.c:3560
++#: option.c:3636
+ #, fuzzy
+ msgid "bad PTR record"
+ msgstr "rekord SRV salah"
+
+ # OK
+-#: option.c:3591
++#: option.c:3667
+ #, fuzzy
+ msgid "bad NAPTR record"
+ msgstr "rekord SRV salah"
+
+ # OK
+-#: option.c:3625
++#: option.c:3701
+ #, fuzzy
+ msgid "bad RR record"
+ msgstr "rekord SRV salah"
+
+ # OK
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr "rekord TXT salah"
+
+ # OK
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr "rekord SRV salah"
+
+ # OK
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr "target SRV salah"
+
+ # OK
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr "prioritas tidak benar"
+
+ # OK
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr "weight tidak benar"
+
+ # OK
+-#: option.c:3748
++#: option.c:3824
+ #, fuzzy
+ msgid "Bad host-record"
+ msgstr "rekord SRV salah"
+
+ # OK
+-#: option.c:3765
++#: option.c:3841
+ #, fuzzy
+ msgid "Bad name in host-record"
+ msgstr "kesalahan nama di %s"
+
+ # OK
+-#: option.c:3826
++#: option.c:3906
+ #, fuzzy
+ msgid "bad trust anchor"
+ msgstr "port salah"
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr ""
+
+-#: option.c:3850
++#: option.c:3930
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr ""
+
+ # OK
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr "kurang \""
+
+ # OK
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr "pilihan salah"
+
+ # OK
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr "parameter berlebihan"
+
+ # OK
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr "parameter kurang"
+
+ # OK
+-#: option.c:3972
++#: option.c:4052
+ #, fuzzy
+ msgid "illegal option"
+ msgstr "pilihan salah"
+
+ # OK
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr "kesalahan"
+
+ # OK
+-#: option.c:3981
++#: option.c:4061
+ #, fuzzy, c-format
+ msgid " at line %d of %s"
+ msgstr "%s pada baris %d dari %%s"
+
+ # OK
+-#: option.c:4045 option.c:4168 tftp.c:667
+-#, c-format
+-msgid "cannot read %s: %s"
+-msgstr "tidak bisa membaca %s: %s"
+-
+-# OK
+-#: option.c:4229 option.c:4265
++#: option.c:4076 option.c:4323 option.c:4359
+ #, fuzzy, c-format
+ msgid "read %s"
+ msgstr "membaca %s"
+
+-#: option.c:4331
++# OK
++#: option.c:4139 option.c:4262 tftp.c:667
++#, c-format
++msgid "cannot read %s: %s"
++msgstr "tidak bisa membaca %s: %s"
++
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr ""
+
+ # OK
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr "Dnsmasq versi %s %s\n"
+
+ # OK
+-#: option.c:4367
++#: option.c:4461
+ #, fuzzy, c-format
+ msgid ""
+ "Compile time options: %s\n"
+@@ -1189,100 +1227,100 @@ msgstr ""
+ "\n"
+
+ # OK
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr "Perangkat lunak ini tersedia TANPA JAMINAN SEDIKITPUN.\n"
+
+ # OK
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr "Dnsdmasq adalah perangkat lunak bebas, dan Anda dipersilahkan untuk membagikannya\n"
+
+ # OK
+-#: option.c:4370
++#: option.c:4464
+ #, fuzzy, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr "dengan aturan GNU General Public License, versi 2.\n"
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr ""
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr ""
+
+ # OK
+-#: option.c:4385
++#: option.c:4479
+ #, fuzzy, c-format
+ msgid "bad command line options: %s"
+ msgstr "pilihan baris perintah salah: %s."
+
+ # OK
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr "tidak bisa mendapatkan host-name: %s"
+
+ # OK
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr "hanya satu file resolv.conf yang diperbolehkan dalam modus no-poll."
+
+ # OK
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr "harus mempunyai tepat satu resolv.conf untuk mendapatkan nama domain."
+
+ # OK
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, fuzzy, c-format
+ msgid "failed to read %s: %s"
+ msgstr "gagal membaca %s: %s"
+
+ # OK
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr "tidak ditemukan direktif search di %s"
+
+-#: option.c:4513
++#: option.c:4614
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr ""
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr ""
+
+ # OK
+-#: forward.c:114
++#: forward.c:111
+ #, fuzzy, c-format
+ msgid "failed to send packet: %s"
+ msgstr "gagal mendengarkan di socket: %s"
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr ""
+
+ # OK
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr "nameserver %s menolak melakukan resolusi rekursif"
+
+-#: forward.c:629
++#: forward.c:627
+ #, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr ""
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr ""
+
+ # OK
+-#: forward.c:2101
++#: forward.c:2178
+ #, fuzzy, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr "Sebutkan jumlah maksimum lease DHCP (default %s)."
+@@ -1385,301 +1423,315 @@ msgstr "menggunakan nameserver %s#%d"
+ msgid "using nameserver %s#%d"
+ msgstr "menggunakan nameserver %s#%d"
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:156
++msgid "no trust anchors provided for DNSSEC"
+ msgstr ""
+
+-# OK
+ #: dnsmasq.c:159
++msgid "cannot reduce cache size from default when DNSSEC enabled"
++msgstr ""
++
++# OK
++#: dnsmasq.c:161
+ #, fuzzy
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr "DBus tidak tersedia: setel HAVE_DBUS dalam src/config.h"
+
+ # OK
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ #, fuzzy
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr "DBus tidak tersedia: setel HAVE_DBUS dalam src/config.h"
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++msgid "cannot use --conntrack AND --query-port"
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:173
++#: dnsmasq.c:175
+ #, fuzzy
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr "DBus tidak tersedia: setel HAVE_DBUS dalam src/config.h"
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ msgid "asychronous logging is not available under Solaris"
+ msgstr ""
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ msgid "asychronous logging is not available under Android"
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ #, fuzzy
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr "DBus tidak tersedia: setel HAVE_DBUS dalam src/config.h"
+
+ # OK
+-#: dnsmasq.c:193
++#: dnsmasq.c:195
+ #, fuzzy
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr "DBus tidak tersedia: setel HAVE_DBUS dalam src/config.h"
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr ""
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr "gagal mendapatkan daftar antarmuka: %s"
+
+ # OK
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr "antarmuka tidak dikenal %s"
+
+ # OK
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr "DBus error: %s"
+
+ # OK
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr "DBus tidak tersedia: setel HAVE_DBUS dalam src/config.h"
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr ""
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, fuzzy, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr "dimulai, cache versi %s di disable"
+
+ # OK
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr "dimulai, versi %s ukuran cache %d"
+
+ # OK
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr "dimulai, cache versi %s di disable"
+
+ # OK
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr "pilihan-pilihan saat kompilasi: %s"
+
+ # OK
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr "dukungan DBus dimungkinkan: terkoneksi pada bus sistem"
+
+ # OK
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr "dukungan DBus dimungkinkan: koneksi bus ditunda"
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr ""
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr ""
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr ""
+
++#: dnsmasq.c:708
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr ""
++
+ # OK
+-#: dnsmasq.c:684
++#: dnsmasq.c:713
+ #, fuzzy, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr "gagal memuat nama-nama dari %s: %s"
+
+ # OK
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr "setelan opsi --bind-interfaces disebabkan keterbatasan OS"
+
+ # OK
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr "peringatan: antarmuka %s tidak ada"
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ #, fuzzy
+ msgid "warning: no upstream servers configured"
+ msgstr "menyetel server-server di atas dengan DBus"
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr ""
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr ""
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ #, fuzzy
+ msgid "enabled"
+ msgstr "di disable"
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr ""
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr "terhubung ke sistem DBus"
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, fuzzy, c-format
+ msgid "failed to create helper: %s"
+ msgstr "gagal membaca %s: %s"
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, fuzzy, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr "gagal memuat nama-nama dari %s: %s"
+
+ # OK
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, fuzzy, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr "gagal memuat nama-nama dari %s: %s"
+
+ # OK
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, fuzzy, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr "gagal membaca %s: %s"
+
+ # OK
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, fuzzy, c-format
+ msgid "cannot open log %s: %s"
+ msgstr "tidak bisa membuka %s:%s"
+
+ # OK
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, fuzzy, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr "gagal memuat %S: %s"
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1151
++# OK
++#: dnsmasq.c:1183
++#, fuzzy, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr "tidak dapat membuka atau membuat file lease: %s"
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr ""
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, c-format
+ msgid "script process killed by signal %d"
+ msgstr ""
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, c-format
+ msgid "script process exited with status %d"
+ msgstr ""
+
+ # OK
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, fuzzy, c-format
+ msgid "failed to execute %s: %s"
+ msgstr "gagal mengakses %s: %s"
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr "keluar karena menerima SIGTERM"
+
+ # OK
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, fuzzy, c-format
+ msgid "failed to access %s: %s"
+ msgstr "gagal mengakses %s: %s"
+
+ # OK
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr "membaca %s"
+
+ # OK
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, fuzzy, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr "tidak ditemukan direktif search di %s"
+@@ -1725,29 +1777,29 @@ msgstr "antarmuka tidak dikenal %s"
+ msgid "DHCP packet received on %s which has no address"
+ msgstr ""
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr ""
+
+ # OK
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr "jangkauan DHCP %s -- %s tidak konsisten dengan netmask %s"
+
+ # OK
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, fuzzy, c-format
+ msgid "bad line at %s line %d"
+ msgstr "kesalahan nama pada %s baris %d"
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr ""
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr ""
+@@ -1830,13 +1882,13 @@ msgid "disabled"
+ msgstr "di disable"
+
+ # OK
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr "diabaikan"
+
+ # OK
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr "alamat telah digunakan"
+
+@@ -1860,7 +1912,7 @@ msgstr "tak ada alamat yang disetel"
+ msgid "no leases left"
+ msgstr "tak ada lease yang tersisa"
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, c-format
+ msgid "%u client provides name: %s"
+ msgstr ""
+@@ -1870,7 +1922,7 @@ msgid "PXE BIS not supported"
+ msgstr ""
+
+ # OK
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, fuzzy, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr "men-disable alamat statik DHCP %s"
+@@ -1909,7 +1961,7 @@ msgid "wrong address"
+ msgstr "alamat salah"
+
+ # OK
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr "lease tak ditemukan"
+
+@@ -1965,7 +2017,7 @@ msgid "PXE menu too large"
+ msgstr ""
+
+ # OK
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, fuzzy, c-format
+ msgid "%u requested options: %s"
+ msgstr "pilihan-pilihan saat kompilasi: %s"
+@@ -1982,7 +2034,7 @@ msgid "cannot create netlink socket: %s"
+ msgstr "tidak bisa mem-bind netlink socket: %s"
+
+ # OK
+-#: netlink.c:347
++#: netlink.c:348
+ #, fuzzy, c-format
+ msgid "netlink returns error: %s"
+ msgstr "DBus error: %s"
+@@ -2116,72 +2168,72 @@ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr "tidak ada alamat yang bisa dipakai untuk permintaan DHCP %s %s"
+
+ # OK
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, fuzzy, c-format
+ msgid "%u vendor class: %u"
+ msgstr "DBus error: %s"
+
+ # OK
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, fuzzy, c-format
+ msgid "%u client MAC address: %s"
+ msgstr "tidak ada antarmuka dengan alamat %s"
+
+ # OK
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, fuzzy, c-format
+ msgid "unknown prefix-class %d"
+ msgstr "lease tidak diketahui"
+
+-#: rfc3315.c:791 rfc3315.c:913
++# OK
++#: rfc3315.c:803 rfc3315.c:902
++#, fuzzy
++msgid "address unavailable"
++msgstr "alamat tak tersedia"
++
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
+ msgid "success"
+ msgstr ""
+
+ # OK
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
+ #, fuzzy
+ msgid "no addresses available"
+ msgstr "tak ada alamat yang tersedia"
+
+-# OK
+-#: rfc3315.c:865
+-#, fuzzy
+-msgid "address unavailable"
+-msgstr "alamat tak tersedia"
+-
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr ""
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr ""
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr ""
+
+ # OK
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ #, fuzzy
+ msgid "address invalid"
+ msgstr "alamat telah digunakan"
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr ""
+
+ # OK
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ #, fuzzy
+ msgid "all addresses still on link"
+ msgstr "kesalahan nama pada %s baris %d"
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr ""
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr ""
+
+@@ -2280,7 +2332,7 @@ msgstr ""
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr "tidak bisa membuat socket DHCP: %s"
+
+-#: auth.c:429
++#: auth.c:436
+ #, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr ""
+@@ -2297,59 +2349,99 @@ msgstr "gagal mem-bind socket server DHCP: %s"
+ msgid "failed to create IPset control socket: %s"
+ msgstr "gagal membuat socket: %s "
+
++# OK
++#: dnssec.c:425 dnssec.c:469
++#, fuzzy, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr "gagal membaca %s: %s"
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr ""
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr ""
+
+ # OK
+-#: tables.c:105
++#: tables.c:109
+ #, fuzzy, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr "gagal mengakses %s: %s"
+
+ # OK
+-#: tables.c:119
++#: tables.c:123
+ #, fuzzy, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr "menggunakan alamat lokal saja untuk %s %s"
+
+ # OK
+-#: tables.c:127
++#: tables.c:131
+ #, fuzzy, c-format
+ msgid "error: cannot use table name %s"
+ msgstr "tidak bisa mendapatkan host-name: %s"
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr ""
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr ""
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr ""
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr ""
+
+ # OK
+-#: tables.c:162
++#: tables.c:166
+ #, fuzzy, c-format
+ msgid "%d addresses %s"
+ msgstr "membaca %s - %d alamat"
+
+ # OK
++#: inotify.c:46
++#, fuzzy, c-format
++msgid "failed to create inotify: %s"
++msgstr "gagal membaca %s: %s"
++
++# OK
++#: inotify.c:60
++#, fuzzy, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr "tidak dapat membuka atau membuat file lease: %s"
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++# OK
++#: inotify.c:75 inotify.c:112
++#, fuzzy, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr "gagal membuat socket: %s "
++
++# OK
++#: inotify.c:97
++#, fuzzy, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr "tidak bisa membaca %s: %s"
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
++
++# OK
+ #~ msgid "duplicate IP address %s in dhcp-config directive."
+ #~ msgstr "alamat IP kembar %s dalam direktif dhcp-config"
+
+diff --git a/po/it.po b/po/it.po
+index f3b547576ba4..64342c9804ba 100644
+--- a/po/it.po
++++ b/po/it.po
+@@ -16,70 +16,70 @@ msgstr ""
+ "Content-Transfer-Encoding: 8bit\n"
+ "Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr ""
+
+-#: cache.c:908
++#: cache.c:941
+ #, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr ""
+
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, c-format
+ msgid "bad address at %s line %d"
+ msgstr ""
+
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr ""
+
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr ""
+
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr ""
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr ""
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr ""
+
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr ""
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr ""
+
+-#: cache.c:1367
++#: cache.c:1422
+ #, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr ""
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr ""
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr ""
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr ""
+@@ -93,7 +93,7 @@ msgstr ""
+ msgid "failed to allocate memory"
+ msgstr ""
+
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr ""
+
+@@ -107,990 +107,1018 @@ msgstr ""
+ msgid "failed to allocate %d bytes"
+ msgstr ""
+
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr ""
+
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr ""
+
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr ""
+
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr ""
+
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr ""
+
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr ""
+
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr ""
+
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr ""
+
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr ""
+
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr ""
+
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr ""
+
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr ""
+
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr ""
+
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr ""
+
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr ""
+
+-#: option.c:332
++#: option.c:344
+ msgid "Read DHCP host specs from file."
+ msgstr ""
+
+-#: option.c:333
++#: option.c:345
+ msgid "Read DHCP option specs from file."
+ msgstr ""
+
+-#: option.c:334
++#: option.c:346
++msgid "Read DHCP host specs from a directory."
++msgstr ""
++
++#: option.c:347
++msgid "Read DHCP options from a directory."
++msgstr ""
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr ""
+
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr ""
+
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr ""
+
+-#: option.c:337
++#: option.c:351
++msgid "Read hosts files from a directory."
++msgstr ""
++
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr ""
+
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr ""
+
+-#: option.c:339
++#: option.c:354
+ msgid "Map DHCP user class to tag."
+ msgstr ""
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr ""
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr ""
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr ""
+
+-#: option.c:343
++#: option.c:358
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr ""
+
+-#: option.c:344
++#: option.c:359
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr ""
+
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr ""
+
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr ""
+
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr ""
+
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr ""
+
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr ""
+
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr ""
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr ""
+
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr ""
+
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr ""
+
+-#: option.c:354
++#: option.c:369
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr ""
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr ""
+
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr ""
+
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr ""
+
+-#: option.c:358
++#: option.c:373
+ msgid "Log DNS queries."
+ msgstr ""
+
+-#: option.c:359
++#: option.c:374
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr ""
+
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr ""
+
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr ""
+
+-#: option.c:362
++#: option.c:377
+ msgid "Specify path to file with server= options"
+ msgstr ""
+
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr ""
+
+-#: option.c:364
++#: option.c:379
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr ""
+
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr ""
+
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr ""
+
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr ""
+
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr ""
+
+-#: option.c:369
++#: option.c:384
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr ""
+
+-#: option.c:370
++#: option.c:385
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr ""
+
+-#: option.c:371
++#: option.c:386
++msgid "Specify time-to-live ceiling for cache."
++msgstr ""
++
++#: option.c:387
++msgid "Specify time-to-live floor for cache."
++msgstr ""
++
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr ""
+
+-#: option.c:372
++#: option.c:389
+ msgid "Map DHCP vendor class to tag."
+ msgstr ""
+
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr ""
+
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr ""
+
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr ""
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr ""
+
+-#: option.c:377
++#: option.c:394
+ #, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr ""
+
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr ""
+
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr ""
+
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr ""
+
+-#: option.c:381
++#: option.c:398
+ msgid "Specify PTR DNS record."
+ msgstr ""
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr ""
+
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr ""
+
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr ""
+
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr ""
+
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr ""
+
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr ""
+
+-#: option.c:388
++#: option.c:405
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr ""
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr ""
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr ""
+
+-#: option.c:391
++#: option.c:408
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:392
++#: option.c:409
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:393
++#: option.c:410
+ msgid "Run lease-change scripts as this user."
+ msgstr ""
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr ""
+
+-#: option.c:395
++#: option.c:412
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr ""
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr ""
+
+-#: option.c:397
++#: option.c:414
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr ""
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr ""
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr ""
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr ""
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr ""
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr ""
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr ""
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr ""
+
+-#: option.c:405
++#: option.c:422
+ #, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr ""
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr ""
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr ""
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr ""
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr ""
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr ""
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr ""
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr ""
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr ""
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr ""
+
+-#: option.c:415
++#: option.c:432
+ msgid "Set tag if client includes matching option in request."
+ msgstr ""
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr ""
+
+-#: option.c:417
++#: option.c:434
+ msgid "Specify NAPTR DNS record."
+ msgstr ""
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr ""
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr ""
+
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr ""
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr ""
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr ""
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr ""
+
+-#: option.c:424
++#: option.c:441
+ msgid "Prompt to send to PXE clients."
+ msgstr ""
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr ""
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr ""
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:428
++#: option.c:445
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:429
++#: option.c:446
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr ""
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr ""
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr ""
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr ""
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr ""
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr ""
+
+-#: option.c:435
++#: option.c:452
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr ""
+
+-#: option.c:436
++#: option.c:453
+ msgid "Specify arbitrary DNS resource record"
+ msgstr ""
+
+-#: option.c:437
++#: option.c:454
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr ""
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr ""
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr ""
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr ""
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr ""
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr ""
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr ""
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr ""
+
+-#: option.c:445
++#: option.c:462
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr ""
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr ""
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr ""
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr ""
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr ""
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr ""
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr ""
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr ""
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr ""
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr ""
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr ""
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr ""
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr ""
+
+-#: option.c:661
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+ "\n"
+ msgstr ""
+
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr ""
+
+-#: option.c:665
++#: option.c:684
+ #, c-format
+ msgid "Valid options are:\n"
+ msgstr ""
+
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr ""
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr ""
+
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ msgid "bad interface name"
+ msgstr ""
+
+-#: option.c:792
++#: option.c:811
+ msgid "bad address"
+ msgstr ""
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr ""
+
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr ""
+
+-#: option.c:1056
++#: option.c:1075
+ msgid "bad IP address"
+ msgstr ""
+
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ msgid "bad IPv6 address"
+ msgstr ""
+
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr ""
+
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr ""
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr ""
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr ""
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr ""
+
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr ""
+
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, c-format
+ msgid "cannot access %s: %s"
+ msgstr ""
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr ""
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr ""
+
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr ""
+
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr ""
+
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr ""
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr ""
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr ""
+
+-#: option.c:1687
++#: option.c:1714
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr ""
+
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ msgid "bad prefix"
+ msgstr ""
+
+-#: option.c:2289
++#: option.c:2352
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr ""
+
+-#: option.c:2469
++#: option.c:2545
+ msgid "bad port range"
+ msgstr ""
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr ""
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr ""
+
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr ""
+
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr ""
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr ""
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr ""
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr ""
+
+-#: option.c:2660
++#: option.c:2736
+ msgid "inconsistent DHCPv6 range"
+ msgstr ""
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr ""
+
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ msgid "bad hex constant"
+ msgstr ""
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr ""
+
+-#: option.c:2852
++#: option.c:2928
+ #, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr ""
+
+-#: option.c:2910
++#: option.c:2986
+ msgid "bad DHCP host name"
+ msgstr ""
+
+-#: option.c:2992
++#: option.c:3068
+ msgid "bad tag-if"
+ msgstr ""
+
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr ""
+
+-#: option.c:3378
++#: option.c:3454
+ msgid "bad dhcp-proxy address"
+ msgstr ""
+
+-#: option.c:3404
++#: option.c:3480
+ msgid "Bad dhcp-relay"
+ msgstr ""
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr ""
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr ""
+
+-#: option.c:3481
++#: option.c:3557
+ msgid "invalid alias range"
+ msgstr ""
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr ""
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr ""
+
+-#: option.c:3560
++#: option.c:3636
+ msgid "bad PTR record"
+ msgstr ""
+
+-#: option.c:3591
++#: option.c:3667
+ msgid "bad NAPTR record"
+ msgstr ""
+
+-#: option.c:3625
++#: option.c:3701
+ msgid "bad RR record"
+ msgstr ""
+
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr ""
+
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr ""
+
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr ""
+
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr ""
+
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr ""
+
+-#: option.c:3748
++#: option.c:3824
+ msgid "Bad host-record"
+ msgstr ""
+
+-#: option.c:3765
++#: option.c:3841
+ msgid "Bad name in host-record"
+ msgstr ""
+
+-#: option.c:3826
++#: option.c:3906
+ msgid "bad trust anchor"
+ msgstr ""
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr ""
+
+-#: option.c:3850
++#: option.c:3930
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr ""
+
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr ""
+
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr ""
+
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr ""
+
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr ""
+
+-#: option.c:3972
++#: option.c:4052
+ msgid "illegal option"
+ msgstr ""
+
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr ""
+
+-#: option.c:3981
++#: option.c:4061
+ #, c-format
+ msgid " at line %d of %s"
+ msgstr ""
+
+-#: option.c:4045 option.c:4168 tftp.c:667
++#: option.c:4076 option.c:4323 option.c:4359
+ #, c-format
+-msgid "cannot read %s: %s"
++msgid "read %s"
+ msgstr ""
+
+-#: option.c:4229 option.c:4265
++#: option.c:4139 option.c:4262 tftp.c:667
+ #, c-format
+-msgid "read %s"
++msgid "cannot read %s: %s"
+ msgstr ""
+
+-#: option.c:4331
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr ""
+
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr ""
+
+-#: option.c:4367
++#: option.c:4461
+ #, c-format
+ msgid ""
+ "Compile time options: %s\n"
+ "\n"
+ msgstr ""
+
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr ""
+
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr ""
+
+-#: option.c:4370
++#: option.c:4464
+ #, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr ""
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr ""
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr ""
+
+-#: option.c:4385
++#: option.c:4479
+ #, c-format
+ msgid "bad command line options: %s"
+ msgstr ""
+
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr ""
+
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr ""
+
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr ""
+
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, c-format
+ msgid "failed to read %s: %s"
+ msgstr ""
+
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr ""
+
+-#: option.c:4513
++#: option.c:4614
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr ""
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr ""
+
+-#: forward.c:114
++#: forward.c:111
+ #, c-format
+ msgid "failed to send packet: %s"
+ msgstr ""
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr ""
+
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr ""
+
+-#: forward.c:629
++#: forward.c:627
+ #, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr ""
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr ""
+
+-#: forward.c:2101
++#: forward.c:2178
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr ""
+@@ -1180,263 +1208,276 @@ msgstr ""
+ msgid "using nameserver %s#%d"
+ msgstr ""
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:156
++msgid "no trust anchors provided for DNSSEC"
+ msgstr ""
+
+ #: dnsmasq.c:159
++msgid "cannot reduce cache size from default when DNSSEC enabled"
++msgstr ""
++
++#: dnsmasq.c:161
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++msgid "cannot use --conntrack AND --query-port"
+ msgstr ""
+
+-#: dnsmasq.c:173
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++#: dnsmasq.c:175
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ msgid "asychronous logging is not available under Solaris"
+ msgstr ""
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ msgid "asychronous logging is not available under Android"
+ msgstr ""
+
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:193
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++#: dnsmasq.c:195
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr ""
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr ""
+
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr ""
+
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr ""
+
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr ""
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr ""
+
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr ""
+
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr ""
+
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr ""
+
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr ""
+
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr ""
+
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr ""
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr ""
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr ""
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr ""
+
+-#: dnsmasq.c:684
++#: dnsmasq.c:708
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr ""
++
++#: dnsmasq.c:713
+ #, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr ""
+
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr ""
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr ""
+
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ msgid "warning: no upstream servers configured"
+ msgstr ""
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr ""
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr ""
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "enabled"
+ msgstr ""
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr ""
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr ""
+
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr ""
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, c-format
+ msgid "failed to create helper: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, c-format
+ msgid "cannot open log %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1151
++#: dnsmasq.c:1183
++#, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr ""
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr ""
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, c-format
+ msgid "script process killed by signal %d"
+ msgstr ""
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, c-format
+ msgid "script process exited with status %d"
+ msgstr ""
+
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, c-format
+ msgid "failed to execute %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr ""
+
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, c-format
+ msgid "failed to access %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr ""
+
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr ""
+@@ -1476,27 +1517,27 @@ msgstr ""
+ msgid "DHCP packet received on %s which has no address"
+ msgstr ""
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr ""
+
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr ""
+
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, c-format
+ msgid "bad line at %s line %d"
+ msgstr ""
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr ""
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr ""
+@@ -1567,12 +1608,12 @@ msgstr ""
+ msgid "disabled"
+ msgstr ""
+
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr ""
+
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr ""
+
+@@ -1592,7 +1633,7 @@ msgstr ""
+ msgid "no leases left"
+ msgstr ""
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, c-format
+ msgid "%u client provides name: %s"
+ msgstr ""
+@@ -1601,7 +1642,7 @@ msgstr ""
+ msgid "PXE BIS not supported"
+ msgstr ""
+
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr ""
+@@ -1637,7 +1678,7 @@ msgstr ""
+ msgid "wrong address"
+ msgstr ""
+
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr ""
+
+@@ -1687,7 +1728,7 @@ msgstr ""
+ msgid "PXE menu too large"
+ msgstr ""
+
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, c-format
+ msgid "%u requested options: %s"
+ msgstr ""
+@@ -1702,7 +1743,7 @@ msgstr ""
+ msgid "cannot create netlink socket: %s"
+ msgstr ""
+
+-#: netlink.c:347
++#: netlink.c:348
+ #, c-format
+ msgid "netlink returns error: %s"
+ msgstr ""
+@@ -1820,62 +1861,62 @@ msgstr ""
+ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr ""
+
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, c-format
+ msgid "%u vendor class: %u"
+ msgstr ""
+
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, c-format
+ msgid "%u client MAC address: %s"
+ msgstr ""
+
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, c-format
+ msgid "unknown prefix-class %d"
+ msgstr ""
+
+-#: rfc3315.c:791 rfc3315.c:913
+-msgid "success"
++#: rfc3315.c:803 rfc3315.c:902
++msgid "address unavailable"
+ msgstr ""
+
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
+-msgid "no addresses available"
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
++msgid "success"
+ msgstr ""
+
+-#: rfc3315.c:865
+-msgid "address unavailable"
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
++msgid "no addresses available"
+ msgstr ""
+
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr ""
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr ""
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr ""
+
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ msgid "address invalid"
+ msgstr ""
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr ""
+
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ msgid "all addresses still on link"
+ msgstr ""
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr ""
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr ""
+
+@@ -1968,7 +2009,7 @@ msgstr ""
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr ""
+
+-#: auth.c:429
++#: auth.c:436
+ #, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr ""
+@@ -1983,50 +2024,85 @@ msgstr ""
+ msgid "failed to create IPset control socket: %s"
+ msgstr ""
+
++#: dnssec.c:425 dnssec.c:469
++#, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr ""
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr ""
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr ""
+
+-#: tables.c:105
++#: tables.c:109
+ #, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr ""
+
+-#: tables.c:119
++#: tables.c:123
+ #, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr ""
+
+-#: tables.c:127
++#: tables.c:131
+ #, c-format
+ msgid "error: cannot use table name %s"
+ msgstr ""
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr ""
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr ""
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr ""
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr ""
+
+-#: tables.c:162
++#: tables.c:166
+ #, c-format
+ msgid "%d addresses %s"
+ msgstr ""
++
++#: inotify.c:46
++#, c-format
++msgid "failed to create inotify: %s"
++msgstr ""
++
++#: inotify.c:60
++#, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr ""
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++#: inotify.c:75 inotify.c:112
++#, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr ""
++
++#: inotify.c:97
++#, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr ""
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
+diff --git a/po/no.po b/po/no.po
+index ff7eaad9cad1..c2e7067d2304 100644
+--- a/po/no.po
++++ b/po/no.po
+@@ -18,70 +18,70 @@ msgstr ""
+ "Content-Transfer-Encoding: 8bit\n"
+ "Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr ""
+
+-#: cache.c:908
++#: cache.c:941
+ #, fuzzy, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr "feilet å laste navn fra %s: %s"
+
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, c-format
+ msgid "bad address at %s line %d"
+ msgstr "dårlig adresse ved %s linje %d"
+
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr "dårlig navn ved %s linje %d"
+
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr "les %s - %d adresser"
+
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr "mellomlager tømt"
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr ""
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr ""
+
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr "gir ikke navnet %s til DHCP leien for %s fordi navnet eksisterer i %s med adressen %s"
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr ""
+
+-#: cache.c:1367
++#: cache.c:1422
+ #, fuzzy, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr "mellomlager størrelse %d, %d/%d mellomlager innsettinger re-bruker mellomlager plasser som ikke er utløpt"
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr ""
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr ""
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr ""
+@@ -96,7 +96,7 @@ msgstr "feilet
+ msgid "failed to allocate memory"
+ msgstr "feilet å laste %d bytes"
+
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr "kunne ikke få minne"
+
+@@ -110,610 +110,643 @@ msgstr "kan ikke lese %s: %s"
+ msgid "failed to allocate %d bytes"
+ msgstr "feilet å laste %d bytes"
+
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr "uendelig"
+
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr "Spesifiser lokal(e) adresse(r) å lytte på."
+
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr "Returner ipaddr for alle verter i det spesifiserte domenet."
+
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr "Forfalsk revers oppslag for RFC1918 private adresse områder."
+
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr "Behandle ipaddr som NXDOMAIN (omgår Verisign wildcard)."
+
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr "Spesifiser størrelsen på mellomlager plassene (standard er %s)."
+
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr "Spesifiser konfigurasjonsfil (standard er %s)."
+
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr "IKKE legg (fork) som bakgrunnsprosess: kjør i debug modus."
+
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr "IKKE videresend oppslag som mangler domene del."
+
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr "Returner selv-pekende MX post for lokale verter."
+
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr "Utvid enkle navn i /etc/hosts med domene-suffiks."
+
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr "Ikke videresend falske/uekte DNS forespørsler fra Windows verter."
+
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr "Aktiver DHCP i det gitte området med leie varighet"
+
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr "Skift til denne gruppen etter oppstart (standard er %s)."
+
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr "Sett adresse eller vertsnavn for en spesifikk maskin."
+
+-#: option.c:332
++#: option.c:344
+ #, fuzzy
+ msgid "Read DHCP host specs from file."
+ msgstr "dårlig MX navn"
+
+-#: option.c:333
++#: option.c:345
+ msgid "Read DHCP option specs from file."
+ msgstr ""
+
+-#: option.c:334
++#: option.c:346
++#, fuzzy
++msgid "Read DHCP host specs from a directory."
++msgstr "dårlig MX navn"
++
++#: option.c:347
++#, fuzzy
++msgid "Read DHCP options from a directory."
++msgstr "dårlig MX navn"
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr ""
+
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr "IKKE last %s filen."
+
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr "Spesifiser en verts (hosts) fil som skal leses i tilleg til %s."
+
+-#: option.c:337
++#: option.c:351
++#, fuzzy
++msgid "Read hosts files from a directory."
++msgstr "dårlig MX navn"
++
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr "Spesifiser nettverkskort det skal lyttes på."
+
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr "Spesifiser nettverkskort det IKKE skal lyttes på."
+
+-#: option.c:339
++#: option.c:354
+ #, fuzzy
+ msgid "Map DHCP user class to tag."
+ msgstr "Map DHCP bruker klasse til opsjon sett."
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr ""
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr ""
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr ""
+
+-#: option.c:343
++#: option.c:358
+ #, fuzzy
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr "Ikke utfør DHCP for klienter i opsjon sett."
+
+-#: option.c:344
++#: option.c:359
+ #, fuzzy
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr "Ikke utfør DHCP for klienter i opsjon sett."
+
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr "IKKE last (fork) som bakgrunnsprosess, IKKE kjør i debug modus."
+
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr "Anta at vi er den eneste DHCP tjeneren på det lokale nettverket."
+
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr "Spesifiser hvor DHCP leiene skal lagres (standard er %s)."
+
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr "Returner MX records for lokale verter."
+
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr "Spesifiser en MX post."
+
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr "Spesifiser BOOTP opsjoner til DHCP tjener."
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr "IKKE spør (poll) %s fil, les på nytt kun ved SIGHUP"
+
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr "IKKE mellomlagre søkeresultater som feiler."
+
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr "Bruk navnetjenere kun som bestemt i rekkefølgen gitt i %s."
+
+-#: option.c:354
++#: option.c:369
+ #, fuzzy
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr "Sett ekstra opsjoner som skal fordeles til DHCP klientene."
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr ""
+
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr "Spesifiser lytteport for DNS oppslag (standard er 53)."
+
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr "Maksimal støttet UDP pakkestørrelse for EDNS.0 (standard er %s)."
+
+-#: option.c:358
++#: option.c:373
+ #, fuzzy
+ msgid "Log DNS queries."
+ msgstr "Logg oppslag."
+
+-#: option.c:359
++#: option.c:374
+ #, fuzzy
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr "Tving bruk av opprinnelig port for oppstrøms oppslag."
+
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr "IKKE les resolv.conf."
+
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr "Spesifiser stien til resolv.conf (standard er %s)."
+
+-#: option.c:362
++#: option.c:377
+ #, fuzzy
+ msgid "Specify path to file with server= options"
+ msgstr "Spesifiser stien til PID fil. (standard er %s)."
+
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr "Spesifiser adressen(e) til oppstrøms tjenere med valgfrie domener."
+
+-#: option.c:364
++#: option.c:379
+ #, fuzzy
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr "Spesifiser adressen(e) til oppstrøms tjenere med valgfrie domener."
+
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr "Aldri videresend oppslag til spesifiserte domener."
+
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr "Spesifiser domenet som skal tildeles i DHCP leien."
+
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr "Spesifiser default mål i en MX post."
+
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr "Spesifiser time-to-live i sekunder for svar fra /etc/hosts."
+
+-#: option.c:369
++#: option.c:384
+ #, fuzzy
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr "Spesifiser time-to-live i sekunder for svar fra /etc/hosts."
+
+-#: option.c:370
++#: option.c:385
+ #, fuzzy
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr "Spesifiser time-to-live i sekunder for svar fra /etc/hosts."
+
+-#: option.c:371
++#: option.c:386
++#, fuzzy
++msgid "Specify time-to-live ceiling for cache."
++msgstr "Spesifiser time-to-live i sekunder for svar fra /etc/hosts."
++
++#: option.c:387
++#, fuzzy
++msgid "Specify time-to-live floor for cache."
++msgstr "Spesifiser time-to-live i sekunder for svar fra /etc/hosts."
++
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr "Skift til denne bruker etter oppstart (standard er %s)."
+
+-#: option.c:372
++#: option.c:389
+ #, fuzzy
+ msgid "Map DHCP vendor class to tag."
+ msgstr "Map DHCP produsent klasse til opsjon sett."
+
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr "Vis dnsmasq versjon og copyright informasjon."
+
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr "Oversett IPv4 adresser fra oppstrøms tjenere."
+
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr "Spesifiser en SRV post."
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr ""
+
+-#: option.c:377
++#: option.c:394
+ #, fuzzy, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr "Spesifiser stien til PID fil. (standard er %s)."
+
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr "Spesifiser maksimum antall DHCP leier (standard er %s)"
+
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr "Svar DNS oppslag basert på nettverkskortet oppslaget ble sendt til."
+
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr "Spesifiser TXT DNS post."
+
+-#: option.c:381
++#: option.c:398
+ #, fuzzy
+ msgid "Specify PTR DNS record."
+ msgstr "Spesifiser TXT DNS post."
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr ""
+
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr "Bind kun til nettverkskort som er i bruk."
+
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr "Les DHCP statisk vert informasjon fra %s."
+
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr "Aktiver DBus interface for å sette oppstrøms tjenere, osv."
+
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr "Ikke lever DHCP på dette nettverkskortet, kun lever DNS."
+
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr "Aktiver dynamisk adresse allokering for bootp."
+
+-#: option.c:388
++#: option.c:405
+ #, fuzzy
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr "Map DHCP produsent klasse til opsjon sett."
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr ""
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr ""
+
+-#: option.c:391
++#: option.c:408
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:392
++#: option.c:409
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:393
++#: option.c:410
+ msgid "Run lease-change scripts as this user."
+ msgstr ""
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr ""
+
+-#: option.c:395
++#: option.c:412
+ #, fuzzy
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr "Skift til denne bruker etter oppstart (standard er %s)."
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr ""
+
+-#: option.c:397
++#: option.c:414
+ #, fuzzy, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr "Spesifiser maksimum antall DHCP leier (standard er %s)"
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr ""
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr ""
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr ""
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr ""
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr ""
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr ""
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr ""
+
+-#: option.c:405
++#: option.c:422
+ #, fuzzy, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr "Spesifiser maksimum antall DHCP leier (standard er %s)"
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr ""
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr ""
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr ""
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr ""
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr ""
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr ""
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr ""
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr ""
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr ""
+
+-#: option.c:415
++#: option.c:432
+ msgid "Set tag if client includes matching option in request."
+ msgstr ""
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr ""
+
+-#: option.c:417
++#: option.c:434
+ #, fuzzy
+ msgid "Specify NAPTR DNS record."
+ msgstr "Spesifiser TXT DNS post."
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr ""
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr ""
+
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr ""
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr ""
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr ""
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr ""
+
+-#: option.c:424
++#: option.c:441
+ #, fuzzy
+ msgid "Prompt to send to PXE clients."
+ msgstr "Sett ekstra opsjoner som skal fordeles til DHCP klientene."
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr ""
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr ""
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:428
++#: option.c:445
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:429
++#: option.c:446
+ #, fuzzy
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr "Oversett IPv4 adresser fra oppstrøms tjenere."
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr ""
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr ""
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr ""
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr ""
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr ""
+
+-#: option.c:435
++#: option.c:452
+ #, fuzzy
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr "Spesifiser en MX post."
+
+-#: option.c:436
++#: option.c:453
+ #, fuzzy
+ msgid "Specify arbitrary DNS resource record"
+ msgstr "Spesifiser TXT DNS post."
+
+-#: option.c:437
++#: option.c:454
+ #, fuzzy
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr "ukjent tilknytning (interface) %s"
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr ""
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr ""
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr ""
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr ""
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr ""
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr ""
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr ""
+
+-#: option.c:445
++#: option.c:462
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr ""
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr ""
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr ""
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr ""
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr ""
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr ""
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr ""
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr ""
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr ""
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr ""
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr ""
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr ""
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr ""
+
+-#: option.c:661
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+@@ -722,332 +755,332 @@ msgstr ""
+ "Bruk: dnsmasq [opsjoner]\n"
+ "\n"
+
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr "Bruk korte opsjoner kun på kommandolinjen.\n"
+
+-#: option.c:665
++#: option.c:684
+ #, fuzzy, c-format
+ msgid "Valid options are:\n"
+ msgstr "Gyldige opsjoner er :\n"
+
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr "dårlig port"
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr ""
+
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ #, fuzzy
+ msgid "bad interface name"
+ msgstr "dårlig MX navn"
+
+-#: option.c:792
++#: option.c:811
+ #, fuzzy
+ msgid "bad address"
+ msgstr "les %s - %d adresser"
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr ""
+
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr "dårlig dhcp-opsjon"
+
+-#: option.c:1056
++#: option.c:1075
+ #, fuzzy
+ msgid "bad IP address"
+ msgstr "les %s - %d adresser"
+
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ #, fuzzy
+ msgid "bad IPv6 address"
+ msgstr "les %s - %d adresser"
+
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr "dårlig domene i dhcp-opsjon"
+
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr "dhcp-opsjon for lang"
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr ""
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr ""
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr ""
+
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, fuzzy, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr "kan ikke lese %s: %s"
+
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, fuzzy, c-format
+ msgid "cannot access %s: %s"
+ msgstr "kan ikke lese %s: %s"
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr ""
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr ""
+
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr "dårlig MX preferanse"
+
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr "dårlig MX navn"
+
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr "dårlig MX mål"
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr ""
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr ""
+
+-#: option.c:1687
++#: option.c:1714
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr ""
+
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ #, fuzzy
+ msgid "bad prefix"
+ msgstr "dårlig port"
+
+-#: option.c:2289
++#: option.c:2352
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr ""
+
+-#: option.c:2469
++#: option.c:2545
+ #, fuzzy
+ msgid "bad port range"
+ msgstr "dårlig port"
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr ""
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr ""
+
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr "dårlig dhcp-område"
+
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr "ikke konsistent DHCP område"
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr ""
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr ""
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr ""
+
+-#: option.c:2660
++#: option.c:2736
+ #, fuzzy
+ msgid "inconsistent DHCPv6 range"
+ msgstr "ikke konsistent DHCP område"
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr ""
+
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ #, fuzzy
+ msgid "bad hex constant"
+ msgstr "dårlig dhcp-vert"
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr ""
+
+-#: option.c:2852
++#: option.c:2928
+ #, fuzzy, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr "dubliserte IP adresser i %s dhcp-config direktiv."
+
+-#: option.c:2910
++#: option.c:2986
+ #, fuzzy
+ msgid "bad DHCP host name"
+ msgstr "dårlig MX navn"
+
+-#: option.c:2992
++#: option.c:3068
+ #, fuzzy
+ msgid "bad tag-if"
+ msgstr "dårlig MX mål"
+
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr "ugyldig portnummer"
+
+-#: option.c:3378
++#: option.c:3454
+ #, fuzzy
+ msgid "bad dhcp-proxy address"
+ msgstr "les %s - %d adresser"
+
+-#: option.c:3404
++#: option.c:3480
+ #, fuzzy
+ msgid "Bad dhcp-relay"
+ msgstr "dårlig dhcp-område"
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr ""
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr ""
+
+-#: option.c:3481
++#: option.c:3557
+ #, fuzzy
+ msgid "invalid alias range"
+ msgstr "ugyldig vekt"
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr ""
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr ""
+
+-#: option.c:3560
++#: option.c:3636
+ #, fuzzy
+ msgid "bad PTR record"
+ msgstr "dårlig SRV post"
+
+-#: option.c:3591
++#: option.c:3667
+ #, fuzzy
+ msgid "bad NAPTR record"
+ msgstr "dårlig SRV post"
+
+-#: option.c:3625
++#: option.c:3701
+ #, fuzzy
+ msgid "bad RR record"
+ msgstr "dårlig SRV post"
+
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr "dårlig TXT post"
+
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr "dårlig SRV post"
+
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr "dårlig SRV mål"
+
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr "ugyldig prioritet"
+
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr "ugyldig vekt"
+
+-#: option.c:3748
++#: option.c:3824
+ #, fuzzy
+ msgid "Bad host-record"
+ msgstr "dårlig SRV post"
+
+-#: option.c:3765
++#: option.c:3841
+ #, fuzzy
+ msgid "Bad name in host-record"
+ msgstr "dårlig navn i %s"
+
+-#: option.c:3826
++#: option.c:3906
+ #, fuzzy
+ msgid "bad trust anchor"
+ msgstr "dårlig port"
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr ""
+
+-#: option.c:3850
++#: option.c:3930
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr ""
+
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr "mangler \""
+
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr "dårlig opsjon"
+
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr "overflødig parameter"
+
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr "mangler parameter"
+
+-#: option.c:3972
++#: option.c:4052
+ #, fuzzy
+ msgid "illegal option"
+ msgstr "dårlig opsjon"
+
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr "feil"
+
+-#: option.c:3981
++#: option.c:4061
+ #, fuzzy, c-format
+ msgid " at line %d of %s"
+ msgstr "%s på linje %d av %%s"
+
+-#: option.c:4045 option.c:4168 tftp.c:667
+-#, c-format
+-msgid "cannot read %s: %s"
+-msgstr "kan ikke lese %s: %s"
+-
+-#: option.c:4229 option.c:4265
++#: option.c:4076 option.c:4323 option.c:4359
+ #, fuzzy, c-format
+ msgid "read %s"
+ msgstr "leser %s"
+
+-#: option.c:4331
++#: option.c:4139 option.c:4262 tftp.c:667
++#, c-format
++msgid "cannot read %s: %s"
++msgstr "kan ikke lese %s: %s"
++
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr ""
+
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr "Dnsmasq versjon %s %s\n"
+
+-#: option.c:4367
++#: option.c:4461
+ #, fuzzy, c-format
+ msgid ""
+ "Compile time options: %s\n"
+@@ -1056,89 +1089,89 @@ msgstr ""
+ "Kompileringsopsjoner %s\n"
+ "\n"
+
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr "Denne programvaren kommer med ABSOLUTT INGEN GARANTI.\n"
+
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr "DNsmasq er fri programvare, du er velkommen til å redistribuere den\n"
+
+-#: option.c:4370
++#: option.c:4464
+ #, fuzzy, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr "under vilkårene gitt i GNU General Public License, versjon 2.\n"
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr ""
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr ""
+
+-#: option.c:4385
++#: option.c:4479
+ #, fuzzy, c-format
+ msgid "bad command line options: %s"
+ msgstr "dårlige kommandlinje opsjoner: %s."
+
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr "klarer ikke å få vertsnavn: %s"
+
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr "kun en resolv.conf fil tillat i no-poll modus."
+
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr "må ha nøyaktig en resolv.conf å lese domene fra."
+
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, fuzzy, c-format
+ msgid "failed to read %s: %s"
+ msgstr "feilet å lese %s: %s"
+
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr "intet søke direktiv funnet i %s"
+
+-#: option.c:4513
++#: option.c:4614
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr ""
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr ""
+
+-#: forward.c:114
++#: forward.c:111
+ #, fuzzy, c-format
+ msgid "failed to send packet: %s"
+ msgstr "feilet å lytte på socket: %s"
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr ""
+
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr "navnetjener %s nektet å gjøre et rekursivt oppslag"
+
+-#: forward.c:629
++#: forward.c:627
+ #, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr ""
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr ""
+
+-#: forward.c:2101
++#: forward.c:2178
+ #, fuzzy, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr "Spesifiser maksimum antall DHCP leier (standard er %s)"
+@@ -1228,270 +1261,283 @@ msgstr "benytter navnetjener %s#%d"
+ msgid "using nameserver %s#%d"
+ msgstr "benytter navnetjener %s#%d"
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:156
++msgid "no trust anchors provided for DNSSEC"
+ msgstr ""
+
+ #: dnsmasq.c:159
++msgid "cannot reduce cache size from default when DNSSEC enabled"
++msgstr ""
++
++#: dnsmasq.c:161
+ #, fuzzy
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr "DBus ikke tilgjengelig: sett HAVE_DBUS i src/config.h"
+
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ #, fuzzy
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr "DBus ikke tilgjengelig: sett HAVE_DBUS i src/config.h"
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++msgid "cannot use --conntrack AND --query-port"
+ msgstr ""
+
+-#: dnsmasq.c:173
++#: dnsmasq.c:175
+ #, fuzzy
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr "DBus ikke tilgjengelig: sett HAVE_DBUS i src/config.h"
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ msgid "asychronous logging is not available under Solaris"
+ msgstr ""
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ msgid "asychronous logging is not available under Android"
+ msgstr ""
+
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ #, fuzzy
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr "DBus ikke tilgjengelig: sett HAVE_DBUS i src/config.h"
+
+-#: dnsmasq.c:193
++#: dnsmasq.c:195
+ #, fuzzy
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr "DBus ikke tilgjengelig: sett HAVE_DBUS i src/config.h"
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr ""
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr ""
+
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr "feilet å finne liste av tilknytninger (interfaces): %s"
+
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr "ukjent tilknytning (interface) %s"
+
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr "DBus feil: %s"
+
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr "DBus ikke tilgjengelig: sett HAVE_DBUS i src/config.h"
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr ""
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr ""
+
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, fuzzy, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr "startet, versjon %s mellomlager deaktivert"
+
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr "startet, versjon %s mellomlager størrelse %d"
+
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr "startet, versjon %s mellomlager deaktivert"
+
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr "kompilerings opsjoner: %s"
+
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr "DBus støtte aktivert: koblet til system buss"
+
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr "DBus støtte aktivert: avventer buss tilkobling"
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr ""
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr ""
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr ""
+
+-#: dnsmasq.c:684
++#: dnsmasq.c:708
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr ""
++
++#: dnsmasq.c:713
+ #, fuzzy, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr "feilet å laste navn fra %s: %s"
+
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr "setter --bind-interfaces opsjon på grunn av OS begrensninger"
+
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr "advarsel: nettverkskort %s eksisterer ikke for tiden"
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr ""
+
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ #, fuzzy
+ msgid "warning: no upstream servers configured"
+ msgstr "setter oppstrøms tjener fra DBus"
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr ""
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr ""
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ #, fuzzy
+ msgid "enabled"
+ msgstr "deaktivert"
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr ""
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr ""
+
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr "tilkoblet til system DBus"
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, fuzzy, c-format
+ msgid "failed to create helper: %s"
+ msgstr "feilet å lese %s: %s"
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, fuzzy, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr "feilet å laste navn fra %s: %s"
+
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, fuzzy, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr "feilet å laste navn fra %s: %s"
+
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, fuzzy, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr "feilet å lese %s: %s"
+
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, fuzzy, c-format
+ msgid "cannot open log %s: %s"
+ msgstr "kan ikke åpne %s:%s"
+
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, fuzzy, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr "feilet å laste %s: %s"
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1151
++#: dnsmasq.c:1183
++#, fuzzy, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr "kan ikke åpne eller lage leie fil: %s"
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr ""
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, c-format
+ msgid "script process killed by signal %d"
+ msgstr ""
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, c-format
+ msgid "script process exited with status %d"
+ msgstr ""
+
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, fuzzy, c-format
+ msgid "failed to execute %s: %s"
+ msgstr "feilet å få tilgang til %s: %s"
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr "avslutter etter mottak av SIGTERM"
+
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, fuzzy, c-format
+ msgid "failed to access %s: %s"
+ msgstr "feilet å få tilgang til %s: %s"
+
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr "leser %s"
+
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, fuzzy, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr "intet søke direktiv funnet i %s"
+@@ -1531,27 +1577,27 @@ msgstr "ukjent tilknytning (interface) %s"
+ msgid "DHCP packet received on %s which has no address"
+ msgstr ""
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr ""
+
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr "DHCP område %s -- %s er ikke konsistent med nettmaske %s"
+
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, c-format
+ msgid "bad line at %s line %d"
+ msgstr "dårlig linje ved %s linje %d"
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr ""
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr ""
+@@ -1622,12 +1668,12 @@ msgstr "DBus feil: %s"
+ msgid "disabled"
+ msgstr "deaktivert"
+
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr "oversett"
+
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr "adresse i bruk"
+
+@@ -1647,7 +1693,7 @@ msgstr "ingen adresse konfigurert"
+ msgid "no leases left"
+ msgstr "ingen leier igjen"
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, c-format
+ msgid "%u client provides name: %s"
+ msgstr ""
+@@ -1656,7 +1702,7 @@ msgstr ""
+ msgid "PXE BIS not supported"
+ msgstr ""
+
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, fuzzy, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr "deaktiverer DHCP statisk adresse %s"
+@@ -1692,7 +1738,7 @@ msgstr ""
+ msgid "wrong address"
+ msgstr "gal adresse"
+
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr "leie ikke funnet"
+
+@@ -1742,7 +1788,7 @@ msgstr "kan ikke sende DHCP opsjon %d: ikke mer plass i pakken"
+ msgid "PXE menu too large"
+ msgstr ""
+
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, fuzzy, c-format
+ msgid "%u requested options: %s"
+ msgstr "kompilerings opsjoner: %s"
+@@ -1757,7 +1803,7 @@ msgstr ""
+ msgid "cannot create netlink socket: %s"
+ msgstr "kan ikke binde netlink socket: %s"
+
+-#: netlink.c:347
++#: netlink.c:348
+ #, fuzzy, c-format
+ msgid "netlink returns error: %s"
+ msgstr "DBus feil: %s"
+@@ -1875,66 +1921,66 @@ msgstr "ingen adresse omr
+ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr "ingen adresse område tilgjengelig for DHCP krav %s %s"
+
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, fuzzy, c-format
+ msgid "%u vendor class: %u"
+ msgstr "DBus feil: %s"
+
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, fuzzy, c-format
+ msgid "%u client MAC address: %s"
+ msgstr "ingen tilknytning (interface) med adresse %s"
+
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, fuzzy, c-format
+ msgid "unknown prefix-class %d"
+ msgstr "ukjent leie"
+
+-#: rfc3315.c:791 rfc3315.c:913
++#: rfc3315.c:803 rfc3315.c:902
++#, fuzzy
++msgid "address unavailable"
++msgstr "adresse ikke tilgjengelig"
++
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
+ msgid "success"
+ msgstr ""
+
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
+ #, fuzzy
+ msgid "no addresses available"
+ msgstr "ingen adresse tilgjengelig"
+
+-#: rfc3315.c:865
+-#, fuzzy
+-msgid "address unavailable"
+-msgstr "adresse ikke tilgjengelig"
+-
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr ""
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr ""
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr ""
+
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ #, fuzzy
+ msgid "address invalid"
+ msgstr "adresse i bruk"
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr ""
+
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ #, fuzzy
+ msgid "all addresses still on link"
+ msgstr "dårlig adresse ved %s linje %d"
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr ""
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr ""
+
+@@ -2027,7 +2073,7 @@ msgstr ""
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr "kan ikke lage DHCP socket: %s"
+
+-#: auth.c:429
++#: auth.c:436
+ #, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr ""
+@@ -2042,54 +2088,89 @@ msgstr "feilet
+ msgid "failed to create IPset control socket: %s"
+ msgstr "feilet å lage lytte socket: %s"
+
++#: dnssec.c:425 dnssec.c:469
++#, fuzzy, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr "feilet å lese %s: %s"
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr ""
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr ""
+
+-#: tables.c:105
++#: tables.c:109
+ #, fuzzy, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr "feilet å få tilgang til %s: %s"
+
+-#: tables.c:119
++#: tables.c:123
+ #, fuzzy, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr "benytter lokale adresser kun for %s %s"
+
+-#: tables.c:127
++#: tables.c:131
+ #, fuzzy, c-format
+ msgid "error: cannot use table name %s"
+ msgstr "klarer ikke å få vertsnavn: %s"
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr ""
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr ""
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr ""
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr ""
+
+-#: tables.c:162
++#: tables.c:166
+ #, fuzzy, c-format
+ msgid "%d addresses %s"
+ msgstr "les %s - %d adresser"
+
++#: inotify.c:46
++#, fuzzy, c-format
++msgid "failed to create inotify: %s"
++msgstr "feilet å lese %s: %s"
++
++#: inotify.c:60
++#, fuzzy, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr "kan ikke åpne eller lage leie fil: %s"
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++#: inotify.c:75 inotify.c:112
++#, fuzzy, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr "feilet å lage lytte socket: %s"
++
++#: inotify.c:97
++#, fuzzy, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr "kan ikke lese %s: %s"
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
++
+ #~ msgid "duplicate IP address %s in dhcp-config directive."
+ #~ msgstr "dubliserte IP adresser i %s dhcp-config direktiv."
+
+diff --git a/po/pl.po b/po/pl.po
+index 705f1779390f..362e41226644 100644
+--- a/po/pl.po
++++ b/po/pl.po
+@@ -21,70 +21,70 @@ msgstr ""
+ "X-Generator: Poedit 1.6.9\n"
+ "X-Language: pl_PL\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr "Wewnętrzny błąd w pamięci podręcznej."
+
+-#: cache.c:908
++#: cache.c:941
+ #, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr "nie potrafię wczytać nazw z %s: %s"
+
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, c-format
+ msgid "bad address at %s line %d"
+ msgstr "błędny adres w pliku %s, w linii %d"
+
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr "błędna nazwa w pliku %s, w linii %d"
+
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr "wczytałem %s - %d adresów"
+
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr "wyczyszczono pamięć podręczną"
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr "Nie znalazłem adresu IPv4 komputera %s"
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr "%s to nazwa CNAME, nie przypisuję jej dzierżawie DHCP %s"
+
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr "nazwa %s nie została nadana dzierżawie DHCP %s, ponieważ nazwa istnieje w %s i ma już adres %s"
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr "czas %lu"
+
+-#: cache.c:1367
++#: cache.c:1422
+ #, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr "wielkość pamięci podręcznej: %d; %d z %d miejsc aktualnych wpisów użyto ponownie."
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr "%u zapytań przesłanych dalej, %u odpowiedzi udzielonych samodzielnie"
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr "zapytań do stref autorytatywnych %u"
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr "serwer %s#%d: %u zapytań wysłanych, %u ponowionych lub nieudanych"
+@@ -98,7 +98,7 @@ msgstr "brak możliwości użycia generatora liczb losowych: %s"
+ msgid "failed to allocate memory"
+ msgstr "nie udało się przydzielić pamięci"
+
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr "nie można dostać pamięci"
+
+@@ -112,589 +112,622 @@ msgstr "błąd podczas próby utworzenia potoku: %s"
+ msgid "failed to allocate %d bytes"
+ msgstr "niemożliwość przydzielenia %d bajtów pamięci"
+
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr "nieskończona"
+
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr "Wskazanie adresów, na których należy nasłuchiwać."
+
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr "Zwracanie adresu IP dla wszystkich hostów we wskazanych domenach."
+
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr "Wyłączenie przekazywania zapytań odwrotnych dla prywatnych zakresów IP."
+
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr "Traktowanie adresu IP jako NXDOMAIN (unieważnia ,,Verisign wildcard'')."
+
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr "Wskazanie wielkości pamięci podręcznej (domyślnie: %s miejsc)."
+
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr "Wskazanie pliku konfiguracyjnego (domyślnie: %s)."
+
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr "NIE twórz procesu potomnego w tle: działanie w trybie debugowania."
+
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr "Wyłączenie przekazywania zapytań bez podanej części domenowej."
+
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr "Zwracanie samowskazującego rekordu MX dla lokalnych hostów."
+
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr "Rozwijanie prostych nazw z /etc/hosts przyrostkiem domenowym."
+
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr "Wyłączenie przekazywania pozornych zapytań DNS z komputerów działających pod Windows."
+
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr "Włączenie serwera DHCP dla wskazanego zakresu adresów."
+
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr "Po uruchomieniu zmiana grupy procesu na podaną (domyślnie: %s)."
+
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr "Ustawienie adresu lub nazwy dla wskazanego komputera."
+
+-#: option.c:332
++#: option.c:344
+ msgid "Read DHCP host specs from file."
+ msgstr "Wskazanie pliku z wartościami 'dhcp-host='."
+
+-#: option.c:333
++#: option.c:345
+ msgid "Read DHCP option specs from file."
+ msgstr "Wskazanie pliku z wartościami 'dhcp-option='."
+
+-#: option.c:334
++#: option.c:346
++#, fuzzy
++msgid "Read DHCP host specs from a directory."
++msgstr "Wskazanie pliku z wartościami 'dhcp-host='."
++
++#: option.c:347
++#, fuzzy
++msgid "Read DHCP options from a directory."
++msgstr "Wskazanie pliku z wartościami 'dhcp-option='."
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr "Warunkowe ustawianie znaczników."
+
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr "NIE wczytywanie pliku %s."
+
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr "Wskazanie dodatkowego pliku 'hosts' oprócz %s."
+
+-#: option.c:337
++#: option.c:351
++#, fuzzy
++msgid "Read hosts files from a directory."
++msgstr "Wskazanie pliku z wartościami 'dhcp-host='."
++
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr "Interfejsy, na których nasłuchiwać."
+
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr "Interfejsy, na których NIE nasłuchiwać."
+
+-#: option.c:339
++#: option.c:354
+ msgid "Map DHCP user class to tag."
+ msgstr "Przyporządkowanie znacznika w zależności od klasy użytkownika DHCP."
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr "Przyporządkowanie znacznika w zależności od numeru obwodu (w rozumieniu RFC3046)."
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr "Przyporządkowanie znacznika w zależności od numeru agenta (w rozumieniu RFC3046)."
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr "Przyporządkowanie znacznika w zależności od numeru subskrybenta (w rozumieniu RFC3993)."
+
+-#: option.c:343
++#: option.c:358
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr "Wyłączenie DHCP dla hostów z określonym znacznikiem."
+
+-#: option.c:344
++#: option.c:359
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr "Wymuszenie odpowiedzi w trybie rozgłoszeniowym dla hostów z określonym znacznikiem."
+
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr "NIE twórz procesu potomnego w tle i NIE włączaj trybu debugowania."
+
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr "Zakładanie, że jesteśmy jedynym serwerem DHCP w sieci lokalnej."
+
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr "Ścieżka przechowywania pliku dzierżaw DHCP (domyślnie: %s)."
+
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr "Włączenie zwracania rekordu MX dla hostów lokalnych."
+
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr "Specyfikacja rekordu MX."
+
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr "Określenie opcji BOOTP serwera DHCP."
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr "Wyłączenie obserwowania pliku %s; ponowne odczytywanie tylko po odebraniu sygnału SIGHUP."
+
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr "Wyłączenie przechowywania w pamięci podręcznej wyników nieudanych wyszukiwań."
+
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr "Odpytywanie serwerów nazw w kolejności ich wystąpienia w %s."
+
+-#: option.c:354
++#: option.c:369
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr "Specyfikacja opcji wysyłanej do klientów DHCP."
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr "Opcja DHCP wysyłana nawet jeżeli klient o nią nie prosi."
+
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr "Wskazanie portu do nasłuchiwania zapytań DNS (domyślnie: 53)."
+
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr "Maksymalna obsługiwana wielkość pakietu EDNS.0 (domyślnie: %s)."
+
+-#: option.c:358
++#: option.c:373
+ msgid "Log DNS queries."
+ msgstr "Włączenie spisywania zapytań DNS do logu."
+
+-#: option.c:359
++#: option.c:374
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr "Wymuszenie użycia wskazanego portu UDP do odpytywania nadrzędnych serwerów DNS i odbierania od nich odpowiedzi."
+
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr "Wyłączenie czytania pliku resolv.conf."
+
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr "Wskazanie położenia pliku resolv.conf (domyślnie: %s)."
+
+-#: option.c:362
++#: option.c:377
+ msgid "Specify path to file with server= options"
+ msgstr "Wskazanie położenia pliku z opcjami server="
+
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr "Wskazywanie adresów serwerów nazw, opcjonalnie z przypisaniem do domeny."
+
+-#: option.c:364
++#: option.c:379
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr "Wskazanie serwerów nazw do odwrotnej translacji adresów."
+
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr "Wyłączenie przekazywania zapytań do wskazanych domen."
+
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr "Wskazanie domeny dla serwera DHCP."
+
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr "Określenie domyślnego celu w rekordzie MX."
+
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr "Określenie (w sekundach) czasu ważności odpowiedzi udzielonych na podstawie /etc/hosts (domyślnie 0)."
+
+-#: option.c:369
++#: option.c:384
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr "Określenie (w sekundach) czasu ważności negatywnych odpowiedzi."
+
+-#: option.c:370
++#: option.c:385
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr "Ograniczenie maksymalnego czasu ważności odpowiedzi (TTL) podawanego klientom [w sekundach]."
+
+-#: option.c:371
++#: option.c:386
++#, fuzzy
++msgid "Specify time-to-live ceiling for cache."
++msgstr "Określenie (w sekundach) czasu ważności negatywnych odpowiedzi."
++
++#: option.c:387
++#, fuzzy
++msgid "Specify time-to-live floor for cache."
++msgstr "Określenie (w sekundach) czasu ważności negatywnych odpowiedzi."
++
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr "Zmiana użytkownika procesu na wskazanego (po uruchomieniu, domyślnie: %s)."
+
+-#: option.c:372
++#: option.c:389
+ msgid "Map DHCP vendor class to tag."
+ msgstr "Przyporządkowanie znacznika w zależności od typu klienta DHCP."
+
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr "Wydrukowanie informacji o programie i ochronie praw autorskich."
+
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr "Tłumaczenie adresów IPv4 z serwerów nadrzędnych."
+
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr "Określenie rekordu SRV."
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr "Wyświetla ten komunikat. Użyj '--help dhcp' chcąc przejrzeć listę opcji DHCP (dhcp-option=xxx,...)."
+
+-#: option.c:377
++#: option.c:394
+ #, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr "Określenie ścieżki do pliku PID (domyślnie: %s)."
+
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr "Maksymalna liczba dzierżaw DHCP (domyślnie: %s)."
+
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr "Uzależnienie odpowiedzi DNS od interfejsu, na którym odebrano zapytanie (wygodne dla serwerów kilku podsieci z różnymi adresami w /etc/hosts)."
+
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr "Specyfikacja rekordu DNS TXT."
+
+-#: option.c:381
++#: option.c:398
+ msgid "Specify PTR DNS record."
+ msgstr "Specyfikacja rekordu DNS PTR."
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr "Zwraca nazwę domenową powiązaną z adresem interfejsu sieciowego."
+
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr "Nasłuchiwanie tylko na wykorzystywanych interfejsach (umożliwia uruchomienie osobnych serwerów dla różnych kart)."
+
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr "Wczytanie przyporządkowań adresów z %s."
+
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr "Włączenie używania interfejsu DBus do informowania o zmianach konfiguracji."
+
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr "Uruchomienie na wskazanym interfejsie tylko DNS-a, bez usług DHCP i TFTP."
+
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr "Włączenie dynamicznego przydzielania adresów dla klientów BOOTP."
+
+-#: option.c:388
++#: option.c:405
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr "Przyporządkowanie znacznika w zależności od adresu MAC (można używać uogólnień: *)."
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr "Traktowanie żądań DHCP odebranych na interfejsach alias, ..., jako odebranych na iface."
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr "Pominięcie sprawdzania za pomocą ICMP niezajętości adresu przed jego wydzierżawieniem."
+
+-#: option.c:391
++#: option.c:408
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr "Skrypt powłoki uruchamiany po przyznaniu lub zwolnieniu adresu."
+
+-#: option.c:392
++#: option.c:409
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr "Skrypt Lua uruchamiany po przyznaniu lub zwolnieniu adresu."
+
+-#: option.c:393
++#: option.c:410
+ msgid "Run lease-change scripts as this user."
+ msgstr "Wskazanie użytkownika z którego uprawnieniami będą uruchamiane skrypty."
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr "Wczytanie wszystkich plików ze wskazanego katalogu jako konfiguracyjnych."
+
+-#: option.c:395
++#: option.c:412
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr "Wskazanie kanału syslog-a do którego mają trafiać komunikaty (domyślnie: DAEMON)"
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr "Nieużywanie bazy dzierżaw."
+
+-#: option.c:397
++#: option.c:414
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr "Maksymalna liczba jednocześnie obsługiwanych zapytań DNS (domyślnie: %s)"
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr "Czyszczenie pamięci podręcznej serwera nazw w przypadku ponownego odczytu %s."
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr "Nie zwracanie uwagi na nazwę podawaną przez klienta w przypadku dopasowania wszystkich wymienionych znaczników."
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr "Wyłączenie oszczędzania miejsca w pakiecie DHCP przez przesuwanie pól servername i filename do opcji DHCP. Wymusza prostszy tryb budowy pakietu rozwiązując problemy z nieprzystosowanymi klientami DHCP."
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr "Włączenie wbudowanego serwera TFTP (tylko do wysyłania)."
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr "Ograniczenie działania serwera TFTP do wskazanego katalogu i podkatalogów. Nazwy z .. są odrzucane, / odnosi się do wskazanego katalogu."
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr "Doklejanie adresu IP klienta do głównego katalogu TFTP. Jeżeli wynikowy katalog nie istnieje, nadal wykorzystuje się tftp-root."
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr "Ograniczenie dostępu do plików przez TFTP do tych, których właścicielem jest użytkownik uruchamiający dnsmasq-a."
+
+-#: option.c:405
++#: option.c:422
+ #, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr "Maksymalna liczba jednocześnie obsługiwanych połączeń TFTP (domyślnie %s)."
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr "Wyłączenie możliwości negocjowania wielkości bloku dla przesyłów przez TFTP."
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr "Konwertowanie nazw plików żądanych przez TFTP do małych liter"
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr "Wskazanie zakresu portów do użytku TFTP."
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr "Włączenie spisywania w logu operacji DHCP."
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr "Włączenie asynchronicznego zapisywania do logu z ewentualnym wskazaniem długości kolejki."
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr "Odfiltrowywanie adresów wskazujących na komputery w sieciach wewnętrznych spośród odpowiedzi od zewnętrznych serwerów DNS."
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr "Zezwolenie na przekazywanie odpowiedzi w klasie 127.0.0.0/8. Dla serwerów RBL."
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr "Dezaktywacja zabezpieczenia przed atakami DNS-rebind dla wskazanych domen."
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr "Jednoczesne odpytywanie wszystkich serwerów nadrzędnych; klientowi przekazywana jest pierwsza odpowiedź."
+
+-#: option.c:415
++#: option.c:432
+ msgid "Set tag if client includes matching option in request."
+ msgstr "Ustawienie znacznika jeżeli w żądaniu DHCP pojawi się wskazana opcja, ewentualnie o konkretnej wartości."
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr "Użycie alternatywnych portów dla usługi DHCP."
+
+-#: option.c:417
++#: option.c:434
+ msgid "Specify NAPTR DNS record."
+ msgstr "Specyfikacja rekordu DNS NAPTR."
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr "Ustawienie dolnej granicy numerów portów do przesyłania zapytań DNS."
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr "Przechowywanie w serwerze DNS dnsmasq-a tylko w pełni kwalifikowanych nazw zgłaszanych przez klientów DHCP."
+
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr "Generowanie nazw na podstawie MAC-adresów dla klientów bez nazwy."
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr "Traktowanie wskazanych serwerów pośredniczących DHCP jako działających w trybie \"pełnomocnika\" (full-proxy)."
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr "Przekazywanie żądań DHCP do zdalnego serwera"
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr "Wskazanie synonimu nazwy komputera lokalnego - znanego z /etc/hosts albo z DHCP."
+
+-#: option.c:424
++#: option.c:441
+ msgid "Prompt to send to PXE clients."
+ msgstr "Zgłoszenie wysyłane klientom PXE."
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr "Składnik menu PXE (--> man)."
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr "Sprawdzenie składni."
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr "Przekazywanie MAC-adresu komputera pytającego w ruchu wychodzącym DNS."
+
+-#: option.c:428
++#: option.c:445
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr "Zamieszczanie adresu IP pytającego w przekazywanych zapytaniach DNS."
+
+-#: option.c:429
++#: option.c:446
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr "Przekazywanie wyników weryfikacji DNSSEC z serwerów nadrzędnych."
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr "Zmiana sposobu przydzielania adresów IP na sekwencyjny."
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr "Zachowanie znacznika połączenia z odebranego zapytania DNS w ruchu zewnętrznym."
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr "Zezwolenie klientom DHCP na uaktualnianie DDNS-ów."
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr "Załączenie anonsowania (RA) na interfejsach serwujących DHCPv6"
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr "Określenie DHCPv6 DUID"
+
+-#: option.c:435
++#: option.c:452
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr "Określenie rekordów A/AAAA i PTR"
+
+-#: option.c:436
++#: option.c:453
+ msgid "Specify arbitrary DNS resource record"
+ msgstr "Określenie rekordu TXT"
+
+-#: option.c:437
++#: option.c:454
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr "Dynamiczne podpinanie do interfejsów sieciowych"
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr "Eksportowanie lokalnych nazw hostów do globalnego DNS-a"
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr "Domena pod którą będą eksportowane lokalne nazwy"
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr "Określenie TTL dla odpowiedzi autorytatywnych"
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr "Określenie danych strefy autorytatywnej (SOA)"
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr "Pomocnicze serwery autorytatywne dla forwardowanych domen"
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr "Wskazanie serwerów uprawnionych do transferu stref"
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr "Wyszczególnienie ipset-ów, do których będą dopisywane adresy IP leżące we wskazanych domenach"
+
+-#: option.c:445
++#: option.c:462
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr "Wskazanie domeny i zakresu adresów dla generowanych nazw"
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr "Uaktywnienie walidacji DNSSEC"
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr "Wskazanie punktu zaufania dla uwierzytelniania DNSSEC."
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr "Akceptowanie nieuwiarygodnionych odpowiedzi DNSSEC (ustawienie bitu CD w zapytaniach)."
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr "Upewnianie się, że odpowiedzi bez DNSSEC pochodzą ze stref niepodpisanych."
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr "Wyłączenie sprawdzania sygnatur czasowych DNSSEC do pierwszego przeładowania pamięci podręcznej."
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr "Określenie prefiksu klasy DHCPv6"
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr "Ustawianie priorytetu, okresu rozsyłania oraz czasu życia rutera (RA)."
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr "Wyłączenie logowania zwyczajnego DHCP."
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr "Wyłączenie logowania zwyczajnego DHCPv6."
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr "Wyłączenie logowania RA."
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr "Akceptowanie zapytań wyłącznie z sieci podpiętych bezpośrednio."
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr "Wykrywanie i usuwanie pętli zapytań DNS."
+
+-#: option.c:661
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+@@ -703,312 +736,312 @@ msgstr ""
+ "Użycie: dnsmasq [opcje]\n"
+ "\n"
+
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr "W tym systemie w linii poleceń można używać wyłącznie jednoliterowych opcji.\n"
+
+-#: option.c:665
++#: option.c:684
+ #, c-format
+ msgid "Valid options are:\n"
+ msgstr "Dostępne opcje:\n"
+
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr "nieprawidłowy numer portu"
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr "nie ma możliwości dowiązywania do interfejsu"
+
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ msgid "bad interface name"
+ msgstr "nieprawidłowa nazwa interfejsu"
+
+-#: option.c:792
++#: option.c:811
+ msgid "bad address"
+ msgstr "zły adres"
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr "nieobsługiwany rodzaj enkapsulacji opcji IPv6"
+
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr "błąd w dhcp-option"
+
+-#: option.c:1056
++#: option.c:1075
+ msgid "bad IP address"
+ msgstr "zły adres IP"
+
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ msgid "bad IPv6 address"
+ msgstr "zły adres IPv6"
+
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr "nieprawidłowa nazwa domeny w dhcp-option"
+
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr "zbyt długa dhcp-option (>255 znaków)"
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr "niedopuszczalne dhcp-match"
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr "wielokrotne użycie opcji niedozwolone (pojawiła się wcześniej w linii poleceń)"
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr "wielokrotne użycie opcji niedozwolone (pojawiła się wsześniej w pliku konfiguracyjnym)"
+
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr "brak dostępu do katalogu %s: %s"
+
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, c-format
+ msgid "cannot access %s: %s"
+ msgstr "brak dostępu do %s: %s"
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr "zmiana log-facility w systemie Android nie jest możliwa"
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr "nierozpoznany znacznik logów"
+
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr "nieprawidłowa wartość preferencji MX"
+
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr "nieprawidłowa nazwa MX"
+
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr "nieprawidłowa wartość celu MX"
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr "w uClinuksie nie ma możliwości uruchamiania skryptów"
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr "żeby mieć możliwość używania skryptów wywoływanych przy zmianie dzierżawy, przekompiluj dnsmasq-a z włączoną flagą HAVE_SCRIPT"
+
+-#: option.c:1687
++#: option.c:1714
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr "używanie skryptów Lua, wymaga skompilowania dnsmasq-a z flagą HAVE_LUASCRIPT"
+
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ msgid "bad prefix"
+ msgstr "zła maska"
+
+-#: option.c:2289
++#: option.c:2352
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr "chcąc korzystać z ipsets przekompiluj dnsmasq-a z HAVE_IPSET"
+
+-#: option.c:2469
++#: option.c:2545
+ msgid "bad port range"
+ msgstr "nieprawidłowy zakres numerów portów"
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr "nieprawidłowa nazwa urządzenia w bridge-interface"
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr "można wskazać tylko jeden znacznik sieci"
+
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr "nieprawidłowy zakres dhcp-range"
+
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr "niespójny zakres adresów DHCP"
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr "długość prefiksu musi wynosić dokładnie 64 dla podsieci RA"
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr "długość prefiksu musi wynosić dokładnie 64 dla konstruktorów podsieci"
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr "długość prefiksu musi wynosić co najmniej 64"
+
+-#: option.c:2660
++#: option.c:2736
+ msgid "inconsistent DHCPv6 range"
+ msgstr "niespójny zakres adresów DHCPv6"
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr "prefiks musi wynosić zero z argumentem \"constructor:\""
+
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ msgid "bad hex constant"
+ msgstr "zapis niezgodny z formatem szesnastkowym"
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr "--dhcp-host nie dopuszcza dopasowywania na podstawie znaczników"
+
+-#: option.c:2852
++#: option.c:2928
+ #, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr "powtórzony adres IP %s w specyfikacji dhcp-host"
+
+-#: option.c:2910
++#: option.c:2986
+ msgid "bad DHCP host name"
+ msgstr "niedopuszczalna nazwa komputera w dhcp-host"
+
+-#: option.c:2992
++#: option.c:3068
+ msgid "bad tag-if"
+ msgstr "nieprawidłowa składnia 'tag-if'"
+
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr "nieprawidłowy numer portu"
+
+-#: option.c:3378
++#: option.c:3454
+ msgid "bad dhcp-proxy address"
+ msgstr "zły adres dhcp-proxy"
+
+-#: option.c:3404
++#: option.c:3480
+ msgid "Bad dhcp-relay"
+ msgstr "zły dhcp-relay"
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr "nieprawidłowe argumenty RA"
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr "zły DUID"
+
+-#: option.c:3481
++#: option.c:3557
+ msgid "invalid alias range"
+ msgstr "nieprawidłowy zakres adresów w --alias"
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr "zła CNAME"
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr "powtórzona CNAME"
+
+-#: option.c:3560
++#: option.c:3636
+ msgid "bad PTR record"
+ msgstr "nieprawidłowy zapis rekordu PTR"
+
+-#: option.c:3591
++#: option.c:3667
+ msgid "bad NAPTR record"
+ msgstr "nieprawidłowy zapis rekordu NAPTR"
+
+-#: option.c:3625
++#: option.c:3701
+ msgid "bad RR record"
+ msgstr "nieprawidłowy zapis rekordu RR"
+
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr "nieprawidłowy zapis rekordu TXT"
+
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr "nieprawidłowy zapis rekordu SRV"
+
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr "nieprawidłowa wartość celu SRV"
+
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr "nieprawidłowy priorytet"
+
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr "nieprawidłowa waga"
+
+-#: option.c:3748
++#: option.c:3824
+ msgid "Bad host-record"
+ msgstr "nieprawidłowy zapis host-record"
+
+-#: option.c:3765
++#: option.c:3841
+ msgid "Bad name in host-record"
+ msgstr "niedopuszczalna nazwa w host-record"
+
+-#: option.c:3826
++#: option.c:3906
+ msgid "bad trust anchor"
+ msgstr "nieprawidłowa specyfikacja punktu zaufania"
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr "zły zapis szesnastkowy"
+
+-#: option.c:3850
++#: option.c:3930
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr "nieobsługiwana opcja (sprawdź, czy obsługa DHCP/TFTP/DNSSEC/DBus została wkompilowana)"
+
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr "brakuje \""
+
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr "nieprawidłowa opcja"
+
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr "nadwyżkowy parametr"
+
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr "brak parametru"
+
+-#: option.c:3972
++#: option.c:4052
+ msgid "illegal option"
+ msgstr "niedopuszczalna opcja"
+
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr "błąd"
+
+-#: option.c:3981
++#: option.c:4061
+ #, c-format
+ msgid " at line %d of %s"
+ msgstr " w linii %d pliku %s"
+
+-#: option.c:4045 option.c:4168 tftp.c:667
+-#, c-format
+-msgid "cannot read %s: %s"
+-msgstr "błąd odczytu z pliku %s: %s"
+-
+-#: option.c:4229 option.c:4265
++#: option.c:4076 option.c:4323 option.c:4359
+ #, c-format
+ msgid "read %s"
+ msgstr "przeczytałem %s"
+
+-#: option.c:4331
++#: option.c:4139 option.c:4262 tftp.c:667
++#, c-format
++msgid "cannot read %s: %s"
++msgstr "błąd odczytu z pliku %s: %s"
++
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr "jakieś śmieci w linii poleceń"
+
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr "Dnsmasq, wersja %s %s\n"
+
+-#: option.c:4367
++#: option.c:4461
+ #, c-format
+ msgid ""
+ "Compile time options: %s\n"
+@@ -1017,89 +1050,89 @@ msgstr ""
+ "Wkompilowane opcje %s\n"
+ "\n"
+
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr "Autor nie daje ŻADNYCH GWARANCJI egzekwowalnych prawnie.\n"
+
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr "Dnsmasq jest wolnym oprogramowaniem, możesz go rozprowadzać\n"
+
+-#: option.c:4370
++#: option.c:4464
+ #, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr "na warunkach określonych w GNU General Public Licence, w wersji 2 lub 3.\n"
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr "spróbuj: --help"
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr "spróbuj: -w"
+
+-#: option.c:4385
++#: option.c:4479
+ #, c-format
+ msgid "bad command line options: %s"
+ msgstr "nieprawidłowa opcja w linii poleceń %s"
+
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr "nie można pobrać nazwy hosta: %s"
+
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr "w trybie no-poll można wskazać najwyżej jeden plik resolv.conf."
+
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr "musisz mieć dokładnie jeden plik resolv.conf do odczytu domen."
+
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, c-format
+ msgid "failed to read %s: %s"
+ msgstr "nie udało się odczytać %s: %s"
+
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr "brak wytycznych wyszukiwania w %s"
+
+-#: option.c:4513
++#: option.c:4614
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr "w przypadku używania --dhcp-fqdn trzeba wskazać domyślną domenę"
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr "składnia sprawdzona, jest prawidłowa"
+
+-#: forward.c:114
++#: forward.c:111
+ #, c-format
+ msgid "failed to send packet: %s"
+ msgstr "wysyłanie pakietu nie powiodło się: %s"
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr "odrzucam odpowiedź DNS: nie zgadza się specyfikacja podsieci"
+
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr "serwer nazw %s odmawia wykonania zapytania rekurencyjnego"
+
+-#: forward.c:629
++#: forward.c:627
+ #, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr "prawdopodobnie wykryto atak DNS-rebind: %s"
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr "Ignorowanie zapytań z sieci pozalokalnych."
+
+-#: forward.c:2101
++#: forward.c:2178
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr "Osiągnięto graniczną ilość jednocześnie obsługiwanych zapytań DNS (maks: %d)"
+@@ -1189,263 +1222,282 @@ msgstr "używam serwera nazw %s#%d (przez %s)"
+ msgid "using nameserver %s#%d"
+ msgstr "używam serwera nazw %s#%d"
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
++msgstr ""
++
++#: dnsmasq.c:156
++#, fuzzy
++msgid "no trust anchors provided for DNSSEC"
+ msgstr "Nie wskazano punktów zaufania dla DNSSEC."
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:159
++#, fuzzy
++msgid "cannot reduce cache size from default when DNSSEC enabled"
+ msgstr "Brak możliwości zmniejszenia pamięci podręcznej poniżej wielkości domyślnej w przypadku używania DNSSEC."
+
+-#: dnsmasq.c:159
++#: dnsmasq.c:161
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr "obsługa DNSSEC niedostępna - ustaw HAVE_DNSSEC w src/config.h"
+
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr "Serwer TFTP nie został wkompilowany -- ustaw HAVE_TFTP w src/config.h"
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++#, fuzzy
++msgid "cannot use --conntrack AND --query-port"
+ msgstr "--conntrack i --query-port wykluczają się wzajemnie"
+
+-#: dnsmasq.c:173
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++#: dnsmasq.c:175
++#, fuzzy
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr "Wsparcie dla przekazywania znaczników połączeń (conntrack) nie zostało wkompilowane - ustaw HAVE_CONNTRACK w src/config.h"
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ msgid "asychronous logging is not available under Solaris"
+ msgstr "zapis do logów w trybie asynchronicznym nie jest dostępny w Solarisie"
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ msgid "asychronous logging is not available under Android"
+ msgstr "zapis do logów w trybie asynchronicznym nie jest dostępny w Androidzie"
+
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr "tryb autorytatywny DNS-a niedostępny - ustaw HAVE_AUTH w src/config.h"
+
+-#: dnsmasq.c:193
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++#: dnsmasq.c:195
++#, fuzzy
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr "Wykrywanie pętli zapytań nie zostało wkompilowane - ustaw HAVE_LOOP w src/config.h"
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr "za pomocą --auth-soa musi zostać ustawiony numer seryjny strefy"
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr "konstrukcja dhcp-range nie jest dostępna w tym systemie"
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr "--bind-interfaces i --bind-dynamic wzajemnie się wykluczają"
+
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr "błąd podczas tworzenia listy interfejsów sieciowych: %s"
+
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr "nieznany interfejs %s"
+
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr "błąd DBus: %s"
+
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr "Obsługa DBus nie została wkompilowana -- ustaw HAVE_DBUS w src/config.h"
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr "nieznany użytkownik lub grupa: %s"
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr "nie potrafię wejść do głównego katalogu: %s"
+
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr "uruchomiony, wersja %s, DNS wyłączony"
+
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr "uruchomiony, wersja %s, %d miejsc w pamięci podręcznej"
+
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr "uruchomiony, wersja %s, pamięć podręczna wyłączona"
+
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr "opcje kompilacji: %s"
+
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr "obsługa DBus włączona, podłączono do serwera DBus"
+
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr "obsługa DBus włączona, trwa podłączanie do serwera DBus"
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr "usługa DNS ograniczona do lokalnych podsieci"
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr "walidacja DNSSEC włączona"
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr "sprawdzanie sygnatur czasowych DNSSEC wyłączone do czasu przeładowania pamięci podręcznej"
+
+-#: dnsmasq.c:684
++#: dnsmasq.c:708
++#, fuzzy
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr "sprawdzanie sygnatur czasowych DNSSEC wyłączone do czasu przeładowania pamięci podręcznej"
++
++#: dnsmasq.c:713
+ #, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr "UWAGA! Nie udało się zmienić użytkownika pliku %s: %s"
+
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr "ustawiam --bind-interfaces z powodu ograniczeń systemu operacyjnego"
+
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr "uwaga: interfejs %s nie jest włączony"
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr "uwaga: ignoruję opcję resolv-file, ponieważ wybrano tryb no-resolv"
+
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ msgid "warning: no upstream servers configured"
+ msgstr "uwaga: nie wskazano nadrzędnych serwerów DNS"
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr "włączono asynchroniczny tryb zapisu do logów z kolejką na %d komunikatów"
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr "anonsowanie rutera IPv6 włączone"
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr "DHCP, gniazda dowiązane na wyłączność interfejsowi %s"
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr "z głównym katalogiem w "
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "enabled"
+ msgstr "włączony"
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr "w trybie bezpiecznym"
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr "ograniczam ilość jednoczesnych przesłań TFTP do %d"
+
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr "podłączono do DBus-a"
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr "nie potrafię przełączyć się do pracy w tle: %s"
+
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, c-format
+ msgid "failed to create helper: %s"
+ msgstr "nie udało się utworzyć procesu pomocniczego: %s"
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr "nie powiodło się ustawianie ograniczeń (capabilities): %s"
+
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr "nie udało się zmienić użytkownika procesu na %s: %s"
+
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr "nie udało się zmienić grupy procesu na %s: %s"
+
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr "nie udało się otworzyć pliku z PID-em %s: %s"
+
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, c-format
+ msgid "cannot open log %s: %s"
+ msgstr "nie udało się otworzyć logu %s: %s"
+
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr "nie udało się wczytać skryptu Lua: %s"
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr "katalog TFTP %s nie jest dostępny: %s"
+
+-#: dnsmasq.c:1151
++#: dnsmasq.c:1183
++#, fuzzy, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr "nie potrafię otworzyć albo utworzyć pliku dzierżaw %s: %s"
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr "trwa sprawdzanie sygnatur czasowych podpisów DNSSEC"
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, c-format
+ msgid "script process killed by signal %d"
+ msgstr "skrypt został zabity sygnałem %d"
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, c-format
+ msgid "script process exited with status %d"
+ msgstr "skrypt zakończył się z kodem powrotu %d"
+
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, c-format
+ msgid "failed to execute %s: %s"
+ msgstr "nie udało się uruchomić %s: %s"
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr "zakończyłem działanie z powodu odebrania SIGTERM"
+
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, c-format
+ msgid "failed to access %s: %s"
+ msgstr "brak dostępu do %s: %s"
+
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr "czytanie %s"
+
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr "w %s nie znalazłem serwerów, spróbuję ponownie później"
+@@ -1485,27 +1537,27 @@ msgstr "nieznany interfejs %s w bridge-u"
+ msgid "DHCP packet received on %s which has no address"
+ msgstr "żądanie DHCP odebrano na interfejsie %s, który nie ma adresu"
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr "uzupełnienie pamięci podręcznej ARP nie powiodło się: %s"
+
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr "zakres adresów DHCP %s -- %s jest niespójny z maską sieci %s"
+
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, c-format
+ msgid "bad line at %s line %d"
+ msgstr "zła zawartość pliku %s, w linii %d"
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr "w %s pomijam linię %d -- powtórzona nazwa lub adres IP"
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr "przekazywanie DHCP %s -> %s"
+@@ -1576,12 +1628,12 @@ msgstr "%u klasa użytkownika: %s"
+ msgid "disabled"
+ msgstr "wyłączony(a)"
+
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr "ignoruję"
+
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr "adres jest w użyciu"
+
+@@ -1601,7 +1653,7 @@ msgstr "brak skonfigurowanego adresu"
+ msgid "no leases left"
+ msgstr "brak wolnych dzierżaw"
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, c-format
+ msgid "%u client provides name: %s"
+ msgstr "klient %u przedstawia się jako %s"
+@@ -1610,7 +1662,7 @@ msgstr "klient %u przedstawia się jako %s"
+ msgid "PXE BIS not supported"
+ msgstr "PXE BIS nie jest obsługiwane"
+
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr "wyłączam statyczne przypisanie adresu %s dla %s"
+@@ -1646,7 +1698,7 @@ msgstr "nieprawidłowy identyfikator serwera (server-ID)"
+ msgid "wrong address"
+ msgstr "błędny adres"
+
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr "dzierżawa nieznaleziona"
+
+@@ -1696,7 +1748,7 @@ msgstr "nie mam możliwości wysłania opcji %d DHCP/BOOTP: niedostateczna iloś
+ msgid "PXE menu too large"
+ msgstr "menu PXE zbyt duże"
+
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, c-format
+ msgid "%u requested options: %s"
+ msgstr "%u zażądano: %s"
+@@ -1711,7 +1763,7 @@ msgstr "nie mogę wysłać opcji RFC3925: za długi łańcuch opcji przy numerze
+ msgid "cannot create netlink socket: %s"
+ msgstr "nie potrafię utworzyć połączenia netlink %s"
+
+-#: netlink.c:347
++#: netlink.c:348
+ #, c-format
+ msgid "netlink returns error: %s"
+ msgstr "wystąpił błąd w połączeniu netlink %s"
+@@ -1829,62 +1881,62 @@ msgstr "nie zdefiniowano zakresu adresów odpowiedniego dla żądania DHCPv6 od
+ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr "%u dostępna podsieć DHCPv6: %s/%d"
+
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, c-format
+ msgid "%u vendor class: %u"
+ msgstr "%u klasa dostawcy: %u"
+
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, c-format
+ msgid "%u client MAC address: %s"
+ msgstr "adres MAC klienta %u: %s"
+
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, c-format
+ msgid "unknown prefix-class %d"
+ msgstr "nieznana klasa sieci %d"
+
+-#: rfc3315.c:791 rfc3315.c:913
++#: rfc3315.c:803 rfc3315.c:902
++msgid "address unavailable"
++msgstr "adres niedostępny"
++
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
+ msgid "success"
+ msgstr "udane"
+
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
+ msgid "no addresses available"
+ msgstr "brak wolnych adresów"
+
+-#: rfc3315.c:865
+-msgid "address unavailable"
+-msgstr "adres niedostępny"
+-
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr "poza zasięgiem"
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr "brak powiązania"
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr "przestarzały"
+
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ msgid "address invalid"
+ msgstr "niepoprawny adres"
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr "brak potwierdzenia"
+
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ msgid "all addresses still on link"
+ msgstr "wszystkie adresy ciągle w użyciu"
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr "adres został zwolniony"
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr "Nie mogę rozesłać do serwerów DHCPv6 nie mając prawidłowego interfejsu"
+
+@@ -1977,7 +2029,7 @@ msgstr "przekazywanie DHCP z %s do %s"
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr "nie udało się utworzyć gniazda dla ICMPv6: %s"
+
+-#: auth.c:429
++#: auth.c:436
+ #, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr "ignoruję żądanie transferu strefy od %s"
+@@ -1992,54 +2044,89 @@ msgstr "niezgodna wersja jądra: %s"
+ msgid "failed to create IPset control socket: %s"
+ msgstr "nie powiodło się otwieranie gniazda sterującego IPset: %s"
+
++#: dnssec.c:425 dnssec.c:469
++#, fuzzy, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr "nie udało się otworzyć pliku z PID-em %s: %s"
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr "DNSSEC: zużycie pamięci %u, maks. %u, przydzielona %u"
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr "błąd: niepoprawnie użyty fill_addr"
+
+-#: tables.c:105
++#: tables.c:109
+ #, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr "brak dostępu do /dev/pf (filtra pakietów): %s"
+
+-#: tables.c:119
++#: tables.c:123
+ #, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr "uwaga: brak otwartych filtrów pakietów %s"
+
+-#: tables.c:127
++#: tables.c:131
+ #, c-format
+ msgid "error: cannot use table name %s"
+ msgstr "błąd: nie potrafię użyć nazwy tablicy %s"
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr "błąd: nie potrafię strlcpy nazwy tablicy %s"
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr "uwaga: pfr_add_tables: %s(%d)"
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr "info: tablica utworzona"
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr "uwaga: DIOCR%sADDRS: %s"
+
+-#: tables.c:162
++#: tables.c:166
+ #, c-format
+ msgid "%d addresses %s"
+ msgstr "%d adresów %s"
+
++#: inotify.c:46
++#, fuzzy, c-format
++msgid "failed to create inotify: %s"
++msgstr "nie udało się utworzyć procesu pomocniczego: %s"
++
++#: inotify.c:60
++#, fuzzy, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr "nie potrafię otworzyć albo utworzyć pliku dzierżaw %s: %s"
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++#: inotify.c:75 inotify.c:112
++#, fuzzy, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr "nie udało się otworzyć gniazda %s: %s"
++
++#: inotify.c:97
++#, fuzzy, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr "brak dostępu do katalogu %s: %s"
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
++
+ #~ msgid "Always send frequent router-advertisements"
+ #~ msgstr "Rozsyłanie wielokrotne anonsów rutera (RA)"
+
+diff --git a/po/pt_BR.po b/po/pt_BR.po
+index b91cf6ce53b4..ef6e4cbf529b 100644
+--- a/po/pt_BR.po
++++ b/po/pt_BR.po
+@@ -16,70 +16,70 @@ msgstr ""
+ "Content-Transfer-Encoding: 8bit\n"
+ "Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr ""
+
+-#: cache.c:908
++#: cache.c:941
+ #, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr ""
+
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, c-format
+ msgid "bad address at %s line %d"
+ msgstr ""
+
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr ""
+
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr ""
+
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr ""
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr ""
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr ""
+
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr ""
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr ""
+
+-#: cache.c:1367
++#: cache.c:1422
+ #, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr ""
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr ""
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr ""
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr ""
+@@ -93,7 +93,7 @@ msgstr ""
+ msgid "failed to allocate memory"
+ msgstr ""
+
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr ""
+
+@@ -107,990 +107,1018 @@ msgstr ""
+ msgid "failed to allocate %d bytes"
+ msgstr ""
+
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr ""
+
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr ""
+
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr ""
+
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr ""
+
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr ""
+
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr ""
+
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr ""
+
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr ""
+
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr ""
+
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr ""
+
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr ""
+
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr ""
+
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr ""
+
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr ""
+
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr ""
+
+-#: option.c:332
++#: option.c:344
+ msgid "Read DHCP host specs from file."
+ msgstr ""
+
+-#: option.c:333
++#: option.c:345
+ msgid "Read DHCP option specs from file."
+ msgstr ""
+
+-#: option.c:334
++#: option.c:346
++msgid "Read DHCP host specs from a directory."
++msgstr ""
++
++#: option.c:347
++msgid "Read DHCP options from a directory."
++msgstr ""
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr ""
+
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr ""
+
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr ""
+
+-#: option.c:337
++#: option.c:351
++msgid "Read hosts files from a directory."
++msgstr ""
++
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr ""
+
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr ""
+
+-#: option.c:339
++#: option.c:354
+ msgid "Map DHCP user class to tag."
+ msgstr ""
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr ""
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr ""
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr ""
+
+-#: option.c:343
++#: option.c:358
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr ""
+
+-#: option.c:344
++#: option.c:359
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr ""
+
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr ""
+
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr ""
+
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr ""
+
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr ""
+
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr ""
+
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr ""
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr ""
+
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr ""
+
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr ""
+
+-#: option.c:354
++#: option.c:369
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr ""
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr ""
+
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr ""
+
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr ""
+
+-#: option.c:358
++#: option.c:373
+ msgid "Log DNS queries."
+ msgstr ""
+
+-#: option.c:359
++#: option.c:374
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr ""
+
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr ""
+
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr ""
+
+-#: option.c:362
++#: option.c:377
+ msgid "Specify path to file with server= options"
+ msgstr ""
+
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr ""
+
+-#: option.c:364
++#: option.c:379
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr ""
+
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr ""
+
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr ""
+
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr ""
+
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr ""
+
+-#: option.c:369
++#: option.c:384
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr ""
+
+-#: option.c:370
++#: option.c:385
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr ""
+
+-#: option.c:371
++#: option.c:386
++msgid "Specify time-to-live ceiling for cache."
++msgstr ""
++
++#: option.c:387
++msgid "Specify time-to-live floor for cache."
++msgstr ""
++
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr ""
+
+-#: option.c:372
++#: option.c:389
+ msgid "Map DHCP vendor class to tag."
+ msgstr ""
+
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr ""
+
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr ""
+
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr ""
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr ""
+
+-#: option.c:377
++#: option.c:394
+ #, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr ""
+
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr ""
+
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr ""
+
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr ""
+
+-#: option.c:381
++#: option.c:398
+ msgid "Specify PTR DNS record."
+ msgstr ""
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr ""
+
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr ""
+
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr ""
+
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr ""
+
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr ""
+
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr ""
+
+-#: option.c:388
++#: option.c:405
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr ""
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr ""
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr ""
+
+-#: option.c:391
++#: option.c:408
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:392
++#: option.c:409
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:393
++#: option.c:410
+ msgid "Run lease-change scripts as this user."
+ msgstr ""
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr ""
+
+-#: option.c:395
++#: option.c:412
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr ""
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr ""
+
+-#: option.c:397
++#: option.c:414
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr ""
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr ""
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr ""
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr ""
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr ""
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr ""
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr ""
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr ""
+
+-#: option.c:405
++#: option.c:422
+ #, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr ""
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr ""
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr ""
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr ""
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr ""
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr ""
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr ""
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr ""
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr ""
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr ""
+
+-#: option.c:415
++#: option.c:432
+ msgid "Set tag if client includes matching option in request."
+ msgstr ""
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr ""
+
+-#: option.c:417
++#: option.c:434
+ msgid "Specify NAPTR DNS record."
+ msgstr ""
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr ""
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr ""
+
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr ""
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr ""
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr ""
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr ""
+
+-#: option.c:424
++#: option.c:441
+ msgid "Prompt to send to PXE clients."
+ msgstr ""
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr ""
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr ""
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:428
++#: option.c:445
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:429
++#: option.c:446
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr ""
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr ""
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr ""
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr ""
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr ""
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr ""
+
+-#: option.c:435
++#: option.c:452
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr ""
+
+-#: option.c:436
++#: option.c:453
+ msgid "Specify arbitrary DNS resource record"
+ msgstr ""
+
+-#: option.c:437
++#: option.c:454
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr ""
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr ""
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr ""
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr ""
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr ""
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr ""
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr ""
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr ""
+
+-#: option.c:445
++#: option.c:462
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr ""
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr ""
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr ""
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr ""
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr ""
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr ""
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr ""
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr ""
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr ""
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr ""
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr ""
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr ""
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr ""
+
+-#: option.c:661
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+ "\n"
+ msgstr ""
+
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr ""
+
+-#: option.c:665
++#: option.c:684
+ #, c-format
+ msgid "Valid options are:\n"
+ msgstr ""
+
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr ""
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr ""
+
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ msgid "bad interface name"
+ msgstr ""
+
+-#: option.c:792
++#: option.c:811
+ msgid "bad address"
+ msgstr ""
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr ""
+
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr ""
+
+-#: option.c:1056
++#: option.c:1075
+ msgid "bad IP address"
+ msgstr ""
+
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ msgid "bad IPv6 address"
+ msgstr ""
+
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr ""
+
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr ""
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr ""
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr ""
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr ""
+
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr ""
+
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, c-format
+ msgid "cannot access %s: %s"
+ msgstr ""
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr ""
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr ""
+
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr ""
+
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr ""
+
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr ""
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr ""
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr ""
+
+-#: option.c:1687
++#: option.c:1714
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr ""
+
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ msgid "bad prefix"
+ msgstr ""
+
+-#: option.c:2289
++#: option.c:2352
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr ""
+
+-#: option.c:2469
++#: option.c:2545
+ msgid "bad port range"
+ msgstr ""
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr ""
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr ""
+
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr ""
+
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr ""
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr ""
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr ""
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr ""
+
+-#: option.c:2660
++#: option.c:2736
+ msgid "inconsistent DHCPv6 range"
+ msgstr ""
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr ""
+
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ msgid "bad hex constant"
+ msgstr ""
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr ""
+
+-#: option.c:2852
++#: option.c:2928
+ #, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr ""
+
+-#: option.c:2910
++#: option.c:2986
+ msgid "bad DHCP host name"
+ msgstr ""
+
+-#: option.c:2992
++#: option.c:3068
+ msgid "bad tag-if"
+ msgstr ""
+
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr ""
+
+-#: option.c:3378
++#: option.c:3454
+ msgid "bad dhcp-proxy address"
+ msgstr ""
+
+-#: option.c:3404
++#: option.c:3480
+ msgid "Bad dhcp-relay"
+ msgstr ""
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr ""
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr ""
+
+-#: option.c:3481
++#: option.c:3557
+ msgid "invalid alias range"
+ msgstr ""
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr ""
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr ""
+
+-#: option.c:3560
++#: option.c:3636
+ msgid "bad PTR record"
+ msgstr ""
+
+-#: option.c:3591
++#: option.c:3667
+ msgid "bad NAPTR record"
+ msgstr ""
+
+-#: option.c:3625
++#: option.c:3701
+ msgid "bad RR record"
+ msgstr ""
+
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr ""
+
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr ""
+
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr ""
+
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr ""
+
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr ""
+
+-#: option.c:3748
++#: option.c:3824
+ msgid "Bad host-record"
+ msgstr ""
+
+-#: option.c:3765
++#: option.c:3841
+ msgid "Bad name in host-record"
+ msgstr ""
+
+-#: option.c:3826
++#: option.c:3906
+ msgid "bad trust anchor"
+ msgstr ""
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr ""
+
+-#: option.c:3850
++#: option.c:3930
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr ""
+
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr ""
+
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr ""
+
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr ""
+
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr ""
+
+-#: option.c:3972
++#: option.c:4052
+ msgid "illegal option"
+ msgstr ""
+
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr ""
+
+-#: option.c:3981
++#: option.c:4061
+ #, c-format
+ msgid " at line %d of %s"
+ msgstr ""
+
+-#: option.c:4045 option.c:4168 tftp.c:667
++#: option.c:4076 option.c:4323 option.c:4359
+ #, c-format
+-msgid "cannot read %s: %s"
++msgid "read %s"
+ msgstr ""
+
+-#: option.c:4229 option.c:4265
++#: option.c:4139 option.c:4262 tftp.c:667
+ #, c-format
+-msgid "read %s"
++msgid "cannot read %s: %s"
+ msgstr ""
+
+-#: option.c:4331
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr ""
+
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr ""
+
+-#: option.c:4367
++#: option.c:4461
+ #, c-format
+ msgid ""
+ "Compile time options: %s\n"
+ "\n"
+ msgstr ""
+
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr ""
+
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr ""
+
+-#: option.c:4370
++#: option.c:4464
+ #, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr ""
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr ""
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr ""
+
+-#: option.c:4385
++#: option.c:4479
+ #, c-format
+ msgid "bad command line options: %s"
+ msgstr ""
+
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr ""
+
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr ""
+
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr ""
+
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, c-format
+ msgid "failed to read %s: %s"
+ msgstr ""
+
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr ""
+
+-#: option.c:4513
++#: option.c:4614
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr ""
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr ""
+
+-#: forward.c:114
++#: forward.c:111
+ #, c-format
+ msgid "failed to send packet: %s"
+ msgstr ""
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr ""
+
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr ""
+
+-#: forward.c:629
++#: forward.c:627
+ #, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr ""
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr ""
+
+-#: forward.c:2101
++#: forward.c:2178
+ #, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr ""
+@@ -1180,263 +1208,276 @@ msgstr ""
+ msgid "using nameserver %s#%d"
+ msgstr ""
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:156
++msgid "no trust anchors provided for DNSSEC"
+ msgstr ""
+
+ #: dnsmasq.c:159
++msgid "cannot reduce cache size from default when DNSSEC enabled"
++msgstr ""
++
++#: dnsmasq.c:161
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++msgid "cannot use --conntrack AND --query-port"
+ msgstr ""
+
+-#: dnsmasq.c:173
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++#: dnsmasq.c:175
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ msgid "asychronous logging is not available under Solaris"
+ msgstr ""
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ msgid "asychronous logging is not available under Android"
+ msgstr ""
+
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:193
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++#: dnsmasq.c:195
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr ""
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr ""
+
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr ""
+
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr ""
+
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr ""
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr ""
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr ""
+
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr ""
+
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr ""
+
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr ""
+
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr ""
+
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr ""
+
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr ""
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr ""
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr ""
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr ""
+
+-#: dnsmasq.c:684
++#: dnsmasq.c:708
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr ""
++
++#: dnsmasq.c:713
+ #, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr ""
+
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr ""
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr ""
+
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ msgid "warning: no upstream servers configured"
+ msgstr ""
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr ""
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr ""
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "enabled"
+ msgstr ""
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr ""
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr ""
+
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr ""
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, c-format
+ msgid "failed to create helper: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, c-format
+ msgid "cannot open log %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1151
++#: dnsmasq.c:1183
++#, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr ""
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr ""
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, c-format
+ msgid "script process killed by signal %d"
+ msgstr ""
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, c-format
+ msgid "script process exited with status %d"
+ msgstr ""
+
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, c-format
+ msgid "failed to execute %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr ""
+
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, c-format
+ msgid "failed to access %s: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr ""
+
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr ""
+@@ -1476,27 +1517,27 @@ msgstr ""
+ msgid "DHCP packet received on %s which has no address"
+ msgstr ""
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr ""
+
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr ""
+
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, c-format
+ msgid "bad line at %s line %d"
+ msgstr ""
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr ""
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr ""
+@@ -1567,12 +1608,12 @@ msgstr ""
+ msgid "disabled"
+ msgstr ""
+
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr ""
+
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr ""
+
+@@ -1592,7 +1633,7 @@ msgstr ""
+ msgid "no leases left"
+ msgstr ""
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, c-format
+ msgid "%u client provides name: %s"
+ msgstr ""
+@@ -1601,7 +1642,7 @@ msgstr ""
+ msgid "PXE BIS not supported"
+ msgstr ""
+
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr ""
+@@ -1637,7 +1678,7 @@ msgstr ""
+ msgid "wrong address"
+ msgstr ""
+
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr ""
+
+@@ -1687,7 +1728,7 @@ msgstr ""
+ msgid "PXE menu too large"
+ msgstr ""
+
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, c-format
+ msgid "%u requested options: %s"
+ msgstr ""
+@@ -1702,7 +1743,7 @@ msgstr ""
+ msgid "cannot create netlink socket: %s"
+ msgstr ""
+
+-#: netlink.c:347
++#: netlink.c:348
+ #, c-format
+ msgid "netlink returns error: %s"
+ msgstr ""
+@@ -1820,62 +1861,62 @@ msgstr ""
+ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr ""
+
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, c-format
+ msgid "%u vendor class: %u"
+ msgstr ""
+
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, c-format
+ msgid "%u client MAC address: %s"
+ msgstr ""
+
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, c-format
+ msgid "unknown prefix-class %d"
+ msgstr ""
+
+-#: rfc3315.c:791 rfc3315.c:913
+-msgid "success"
++#: rfc3315.c:803 rfc3315.c:902
++msgid "address unavailable"
+ msgstr ""
+
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
+-msgid "no addresses available"
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
++msgid "success"
+ msgstr ""
+
+-#: rfc3315.c:865
+-msgid "address unavailable"
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
++msgid "no addresses available"
+ msgstr ""
+
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr ""
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr ""
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr ""
+
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ msgid "address invalid"
+ msgstr ""
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr ""
+
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ msgid "all addresses still on link"
+ msgstr ""
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr ""
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr ""
+
+@@ -1968,7 +2009,7 @@ msgstr ""
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr ""
+
+-#: auth.c:429
++#: auth.c:436
+ #, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr ""
+@@ -1983,50 +2024,85 @@ msgstr ""
+ msgid "failed to create IPset control socket: %s"
+ msgstr ""
+
++#: dnssec.c:425 dnssec.c:469
++#, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr ""
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr ""
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr ""
+
+-#: tables.c:105
++#: tables.c:109
+ #, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr ""
+
+-#: tables.c:119
++#: tables.c:123
+ #, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr ""
+
+-#: tables.c:127
++#: tables.c:131
+ #, c-format
+ msgid "error: cannot use table name %s"
+ msgstr ""
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr ""
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr ""
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr ""
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr ""
+
+-#: tables.c:162
++#: tables.c:166
+ #, c-format
+ msgid "%d addresses %s"
+ msgstr ""
++
++#: inotify.c:46
++#, c-format
++msgid "failed to create inotify: %s"
++msgstr ""
++
++#: inotify.c:60
++#, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr ""
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++#: inotify.c:75 inotify.c:112
++#, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr ""
++
++#: inotify.c:97
++#, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr ""
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
+diff --git a/po/ro.po b/po/ro.po
+index 6887fcb62636..0ac8bd63e25f 100644
+--- a/po/ro.po
++++ b/po/ro.po
+@@ -15,71 +15,71 @@ msgstr ""
+ "Content-Type: text/plain; charset=UTF-8\n"
+ "Content-Transfer-Encoding: 8bit\n"
+
+-#: cache.c:505
++#: cache.c:523
+ msgid "Internal error in cache."
+ msgstr ""
+
+ # for compatibility purposes the letters â, ă, ş, ţ and î can be written as their look-alike correspondent.
+-#: cache.c:908
++#: cache.c:941
+ #, fuzzy, c-format
+ msgid "failed to load names from %s: %s"
+ msgstr "încărcarea numelor din %s: %s a eşuat"
+
+-#: cache.c:934 dhcp.c:820
++#: cache.c:967 dhcp.c:825
+ #, c-format
+ msgid "bad address at %s line %d"
+ msgstr "adresă greşită în %s, linia %d"
+
+-#: cache.c:985 dhcp.c:836
++#: cache.c:1018 dhcp.c:841
+ #, c-format
+ msgid "bad name at %s line %d"
+ msgstr "nume greşit în %s linia %d"
+
+-#: cache.c:992 dhcp.c:911
++#: cache.c:1027 dhcp.c:916
+ #, c-format
+ msgid "read %s - %d addresses"
+ msgstr "citesc %s - %d adrese"
+
+-#: cache.c:1100
++#: cache.c:1135
+ msgid "cleared cache"
+ msgstr "memoria temporară a fost ştearsă"
+
+-#: cache.c:1123
++#: cache.c:1164
+ #, c-format
+ msgid "No IPv4 address found for %s"
+ msgstr ""
+
+-#: cache.c:1201
++#: cache.c:1242
+ #, c-format
+ msgid "%s is a CNAME, not giving it to the DHCP lease of %s"
+ msgstr ""
+
+-#: cache.c:1225
++#: cache.c:1266
+ #, c-format
+ msgid "not giving name %s to the DHCP lease of %s because the name exists in %s with address %s"
+ msgstr "nu pot da numele %s împrumutului de adresă DHCP a lui %s deoarece numeleexistă în %s cu adresa %s"
+
+-#: cache.c:1366
++#: cache.c:1421
+ #, c-format
+ msgid "time %lu"
+ msgstr ""
+
+-#: cache.c:1367
++#: cache.c:1422
+ #, fuzzy, c-format
+ msgid "cache size %d, %d/%d cache insertions re-used unexpired cache entries."
+ msgstr "cantitate de memorie temporară %d, %d/%d stocări temporare aureutilizat locaţii neexpirate."
+
+-#: cache.c:1369
++#: cache.c:1424
+ #, c-format
+ msgid "queries forwarded %u, queries answered locally %u"
+ msgstr ""
+
+-#: cache.c:1372
++#: cache.c:1427
+ #, c-format
+ msgid "queries for authoritative zones %u"
+ msgstr ""
+
+-#: cache.c:1398
++#: cache.c:1453
+ #, c-format
+ msgid "server %s#%d: queries sent %u, retried or failed %u"
+ msgstr ""
+@@ -94,7 +94,7 @@ msgstr "ascultarea pe socket a eşuat: %s"
+ msgid "failed to allocate memory"
+ msgstr "nu pot încărca %d bytes"
+
+-#: util.c:243 option.c:579
++#: util.c:243 option.c:598
+ msgid "could not get memory"
+ msgstr "nu am putut aloca memorie"
+
+@@ -108,610 +108,643 @@ msgstr "nu pot citi %s: %s"
+ msgid "failed to allocate %d bytes"
+ msgstr "nu pot încărca %d bytes"
+
+-#: util.c:429
++#: util.c:430
+ #, c-format
+ msgid "infinite"
+ msgstr "infinit"
+
+-#: option.c:318
++#: option.c:330
+ msgid "Specify local address(es) to listen on."
+ msgstr "Specificaţi adresele locale deservite."
+
+-#: option.c:319
++#: option.c:331
+ msgid "Return ipaddr for all hosts in specified domains."
+ msgstr "Afişează adresele IP ale maşinilor în domeniul dat."
+
+-#: option.c:320
++#: option.c:332
+ msgid "Fake reverse lookups for RFC1918 private address ranges."
+ msgstr "Simulează căutări după adresă pentru domenii de adresă private (RFC1918)."
+
+-#: option.c:321
++#: option.c:333
+ msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+ msgstr "Interpretează adresa IP ca NXDOMAIN (împotriva manipulărilor Verisign)"
+
+-#: option.c:322
++#: option.c:334
+ #, c-format
+ msgid "Specify the size of the cache in entries (defaults to %s)."
+ msgstr "Specifică mărimea înregistrărilor temporare (implicit e %s)."
+
+-#: option.c:323
++#: option.c:335
+ #, c-format
+ msgid "Specify configuration file (defaults to %s)."
+ msgstr "Specifică fişier de configurare (implicit e %s)."
+
+-#: option.c:324
++#: option.c:336
+ msgid "Do NOT fork into the background: run in debug mode."
+ msgstr "NU porneşte în fundal: rulează în modul depanare."
+
+-#: option.c:325
++#: option.c:337
+ msgid "Do NOT forward queries with no domain part."
+ msgstr "NU înainta cererile ce nu conţin domeniu DNS."
+
+-#: option.c:326
++#: option.c:338
+ msgid "Return self-pointing MX records for local hosts."
+ msgstr "Răspunde cu înregistrări MX spre el însuşi pentru maşini locale."
+
+-#: option.c:327
++#: option.c:339
+ msgid "Expand simple names in /etc/hosts with domain-suffix."
+ msgstr "Adaugă numelor simple din /etc/hosts numele domeniului ca sufix."
+
+-#: option.c:328
++#: option.c:340
+ msgid "Don't forward spurious DNS requests from Windows hosts."
+ msgstr "Nu inainta cereri DNS defecte provenite de la maşini Windows."
+
+-#: option.c:329
++#: option.c:341
+ msgid "Enable DHCP in the range given with lease duration."
+ msgstr "Activează DHCP în domeniul dat cu durată limitată de împrumut."
+
+-#: option.c:330
++#: option.c:342
+ #, c-format
+ msgid "Change to this group after startup (defaults to %s)."
+ msgstr "Rulează sub acest grup după pornire (implicit e %s)."
+
+-#: option.c:331
++#: option.c:343
+ msgid "Set address or hostname for a specified machine."
+ msgstr "Schimbă adresa sau numele maşinii specificate."
+
+-#: option.c:332
++#: option.c:344
+ #, fuzzy
+ msgid "Read DHCP host specs from file."
+ msgstr "nume MX invalid"
+
+-#: option.c:333
++#: option.c:345
+ msgid "Read DHCP option specs from file."
+ msgstr ""
+
+-#: option.c:334
++#: option.c:346
++#, fuzzy
++msgid "Read DHCP host specs from a directory."
++msgstr "nume MX invalid"
++
++#: option.c:347
++#, fuzzy
++msgid "Read DHCP options from a directory."
++msgstr "nume MX invalid"
++
++#: option.c:348
+ msgid "Evaluate conditional tag expression."
+ msgstr ""
+
+-#: option.c:335
++#: option.c:349
+ #, c-format
+ msgid "Do NOT load %s file."
+ msgstr "Nu încarcă fişierul %s."
+
+-#: option.c:336
++#: option.c:350
+ #, c-format
+ msgid "Specify a hosts file to be read in addition to %s."
+ msgstr "Specifică spre citire un fişier hosts adiţional la %s."
+
+-#: option.c:337
++#: option.c:351
++#, fuzzy
++msgid "Read hosts files from a directory."
++msgstr "nume MX invalid"
++
++#: option.c:352
+ msgid "Specify interface(s) to listen on."
+ msgstr "Specifică interfeţele deservite."
+
+-#: option.c:338
++#: option.c:353
+ msgid "Specify interface(s) NOT to listen on."
+ msgstr "Specifică interfeţele NE-deservite."
+
+-#: option.c:339
++#: option.c:354
+ #, fuzzy
+ msgid "Map DHCP user class to tag."
+ msgstr "Leagă clasa de utilizator DHCP cu grup de opţiuni."
+
+-#: option.c:340
++#: option.c:355
+ msgid "Map RFC3046 circuit-id to tag."
+ msgstr ""
+
+-#: option.c:341
++#: option.c:356
+ msgid "Map RFC3046 remote-id to tag."
+ msgstr ""
+
+-#: option.c:342
++#: option.c:357
+ msgid "Map RFC3993 subscriber-id to tag."
+ msgstr ""
+
+-#: option.c:343
++#: option.c:358
+ #, fuzzy
+ msgid "Don't do DHCP for hosts with tag set."
+ msgstr "Nu furniza DHCP maşinilor din grupul de opţiuni."
+
+-#: option.c:344
++#: option.c:359
+ #, fuzzy
+ msgid "Force broadcast replies for hosts with tag set."
+ msgstr "Nu furniza DHCP maşinilor din grupul de opţiuni."
+
+-#: option.c:345
++#: option.c:360
+ msgid "Do NOT fork into the background, do NOT run in debug mode."
+ msgstr "NU porneşte în fundal, NU rulează în modul depanare."
+
+-#: option.c:346
++#: option.c:361
+ msgid "Assume we are the only DHCP server on the local network."
+ msgstr "Presupune că suntem singurul server DHCP din reţeaua locală."
+
+-#: option.c:347
++#: option.c:362
+ #, c-format
+ msgid "Specify where to store DHCP leases (defaults to %s)."
+ msgstr "Specifică fişierul de stocare a împrumuturilor DHCP (implicit e %s)."
+
+-#: option.c:348
++#: option.c:363
+ msgid "Return MX records for local hosts."
+ msgstr "Răspunde cu întregistrări MX pentru maşini locale."
+
+-#: option.c:349
++#: option.c:364
+ msgid "Specify an MX record."
+ msgstr "Specifică o înregistrare MX."
+
+-#: option.c:350
++#: option.c:365
+ msgid "Specify BOOTP options to DHCP server."
+ msgstr "Specifică opţiuni BOOTP serverului DHCP."
+
+-#: option.c:351
++#: option.c:366
+ #, c-format
+ msgid "Do NOT poll %s file, reload only on SIGHUP."
+ msgstr "Nu încărca fişierul %s, citeşte-l doar la SIGHUP."
+
+-#: option.c:352
++#: option.c:367
+ msgid "Do NOT cache failed search results."
+ msgstr "NU memora rezultatele de căutare DNS eşuatată."
+
+-#: option.c:353
++#: option.c:368
+ #, c-format
+ msgid "Use nameservers strictly in the order given in %s."
+ msgstr "Foloseşte servere DNS strict în ordinea dată în %s."
+
+-#: option.c:354
++#: option.c:369
+ #, fuzzy
+ msgid "Specify options to be sent to DHCP clients."
+ msgstr "Configurează opţiuni în plusce trebuie trimise clienţilor DHCP."
+
+-#: option.c:355
++#: option.c:370
+ msgid "DHCP option sent even if the client does not request it."
+ msgstr ""
+
+-#: option.c:356
++#: option.c:371
+ msgid "Specify port to listen for DNS requests on (defaults to 53)."
+ msgstr "Specifică numărul portului pentru cereri DNS (implicit e 53)."
+
+-#: option.c:357
++#: option.c:372
+ #, c-format
+ msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+ msgstr "Marimea maximă a pachetului UDP pentru EDNS.0 (implicit e %s)."
+
+-#: option.c:358
++#: option.c:373
+ #, fuzzy
+ msgid "Log DNS queries."
+ msgstr "Înregistrează tranzacţiile."
+
+-#: option.c:359
++#: option.c:374
+ #, fuzzy
+ msgid "Force the originating port for upstream DNS queries."
+ msgstr "Forţează acest port pentru datele ce pleacă."
+
+-#: option.c:360
++#: option.c:375
+ msgid "Do NOT read resolv.conf."
+ msgstr "NU citi fişierul resolv.conf"
+
+-#: option.c:361
++#: option.c:376
+ #, c-format
+ msgid "Specify path to resolv.conf (defaults to %s)."
+ msgstr "Specifică calea către resolv.conf (implicit e %s)."
+
+-#: option.c:362
++#: option.c:377
+ #, fuzzy
+ msgid "Specify path to file with server= options"
+ msgstr "Specifică o cale pentru fişierul PID. (implicit %s)."
+
+-#: option.c:363
++#: option.c:378
+ msgid "Specify address(es) of upstream servers with optional domains."
+ msgstr "Specifică adresele server(elor) superioare cu domenii opţionale."
+
+-#: option.c:364
++#: option.c:379
+ #, fuzzy
+ msgid "Specify address of upstream servers for reverse address queries"
+ msgstr "Specifică adresele server(elor) superioare cu domenii opţionale."
+
+-#: option.c:365
++#: option.c:380
+ msgid "Never forward queries to specified domains."
+ msgstr "Nu înaintează cererile spre domeniile specificate."
+
+-#: option.c:366
++#: option.c:381
+ msgid "Specify the domain to be assigned in DHCP leases."
+ msgstr "Specifică domeniul de transmis prin DHCP."
+
+-#: option.c:367
++#: option.c:382
+ msgid "Specify default target in an MX record."
+ msgstr "Specifică o ţintă într-o înregistrare MX."
+
+-#: option.c:368
++#: option.c:383
+ msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+ msgstr "Specifică TTL în secunde pentru răspunsurile din /etc/hosts."
+
+-#: option.c:369
++#: option.c:384
+ #, fuzzy
+ msgid "Specify time-to-live in seconds for negative caching."
+ msgstr "Specifică TTL în secunde pentru răspunsurile din /etc/hosts."
+
+-#: option.c:370
++#: option.c:385
+ #, fuzzy
+ msgid "Specify time-to-live in seconds for maximum TTL to send to clients."
+ msgstr "Specifică TTL în secunde pentru răspunsurile din /etc/hosts."
+
+-#: option.c:371
++#: option.c:386
++#, fuzzy
++msgid "Specify time-to-live ceiling for cache."
++msgstr "Specifică TTL în secunde pentru răspunsurile din /etc/hosts."
++
++#: option.c:387
++#, fuzzy
++msgid "Specify time-to-live floor for cache."
++msgstr "Specifică TTL în secunde pentru răspunsurile din /etc/hosts."
++
++#: option.c:388
+ #, c-format
+ msgid "Change to this user after startup. (defaults to %s)."
+ msgstr "Rulează sub acest utilizator după pornire. (implicit e %s)."
+
+-#: option.c:372
++#: option.c:389
+ #, fuzzy
+ msgid "Map DHCP vendor class to tag."
+ msgstr "Trimite opţiuni DHCP în funcţie de marca plăcii de reţea."
+
+-#: option.c:373
++#: option.c:390
+ msgid "Display dnsmasq version and copyright information."
+ msgstr "Afişează versiunea dnsmasq şi drepturile de autor."
+
+-#: option.c:374
++#: option.c:391
+ msgid "Translate IPv4 addresses from upstream servers."
+ msgstr "Traduce adresele IPv4 de la serverele DNS superioare."
+
+-#: option.c:375
++#: option.c:392
+ msgid "Specify a SRV record."
+ msgstr "Specifică o înregistrare SRV."
+
+-#: option.c:376
++#: option.c:393
+ msgid "Display this message. Use --help dhcp for known DHCP options."
+ msgstr ""
+
+-#: option.c:377
++#: option.c:394
+ #, fuzzy, c-format
+ msgid "Specify path of PID file (defaults to %s)."
+ msgstr "Specifică o cale pentru fişierul PID. (implicit %s)."
+
+-#: option.c:378
++#: option.c:395
+ #, c-format
+ msgid "Specify maximum number of DHCP leases (defaults to %s)."
+ msgstr "Specifică numărul maxim de împrumuturi DHCP (implicit %s)."
+
+-#: option.c:379
++#: option.c:396
+ msgid "Answer DNS queries based on the interface a query was sent to."
+ msgstr "Răspunde cererilor DNS în funcţie de interfaţa pe care a venit cererea."
+
+-#: option.c:380
++#: option.c:397
+ msgid "Specify TXT DNS record."
+ msgstr "Specifică o înregistrare TXT."
+
+-#: option.c:381
++#: option.c:398
+ #, fuzzy
+ msgid "Specify PTR DNS record."
+ msgstr "Specifică o înregistrare TXT."
+
+-#: option.c:382
++#: option.c:399
+ msgid "Give DNS name to IPv4 address of interface."
+ msgstr ""
+
+-#: option.c:383
++#: option.c:400
+ msgid "Bind only to interfaces in use."
+ msgstr "Ascultă doar pe interfeţele active."
+
+-#: option.c:384
++#: option.c:401
+ #, c-format
+ msgid "Read DHCP static host information from %s."
+ msgstr "Citeşte informaţii DHCP statice despre maşină din %s."
+
+-#: option.c:385
++#: option.c:402
+ msgid "Enable the DBus interface for setting upstream servers, etc."
+ msgstr "Activeaza interfaţa DBus pentru configurarea serverelor superioare."
+
+-#: option.c:386
++#: option.c:403
+ msgid "Do not provide DHCP on this interface, only provide DNS."
+ msgstr "Nu activează DHCP ci doar DNS pe această interfaţă."
+
+-#: option.c:387
++#: option.c:404
+ msgid "Enable dynamic address allocation for bootp."
+ msgstr "Activează alocarea dinamică a adreselor pentru BOOTP."
+
+-#: option.c:388
++#: option.c:405
+ #, fuzzy
+ msgid "Map MAC address (with wildcards) to option set."
+ msgstr "Trimite opţiuni DHCP în funcţie de marca plăcii de reţea."
+
+-#: option.c:389
++#: option.c:406
+ msgid "Treat DHCP requests on aliases as arriving from interface."
+ msgstr ""
+
+-#: option.c:390
++#: option.c:407
+ msgid "Disable ICMP echo address checking in the DHCP server."
+ msgstr ""
+
+-#: option.c:391
++#: option.c:408
+ msgid "Shell script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:392
++#: option.c:409
+ msgid "Lua script to run on DHCP lease creation and destruction."
+ msgstr ""
+
+-#: option.c:393
++#: option.c:410
+ msgid "Run lease-change scripts as this user."
+ msgstr ""
+
+-#: option.c:394
++#: option.c:411
+ msgid "Read configuration from all the files in this directory."
+ msgstr ""
+
+-#: option.c:395
++#: option.c:412
+ #, fuzzy
+ msgid "Log to this syslog facility or file. (defaults to DAEMON)"
+ msgstr "Rulează sub acest utilizator după pornire. (implicit e %s)."
+
+-#: option.c:396
++#: option.c:413
+ msgid "Do not use leasefile."
+ msgstr ""
+
+-#: option.c:397
++#: option.c:414
+ #, fuzzy, c-format
+ msgid "Maximum number of concurrent DNS queries. (defaults to %s)"
+ msgstr "Specifică numărul maxim de împrumuturi DHCP (implicit %s)."
+
+-#: option.c:398
++#: option.c:415
+ #, c-format
+ msgid "Clear DNS cache when reloading %s."
+ msgstr ""
+
+-#: option.c:399
++#: option.c:416
+ msgid "Ignore hostnames provided by DHCP clients."
+ msgstr ""
+
+-#: option.c:400
++#: option.c:417
+ msgid "Do NOT reuse filename and server fields for extra DHCP options."
+ msgstr ""
+
+-#: option.c:401
++#: option.c:418
+ msgid "Enable integrated read-only TFTP server."
+ msgstr ""
+
+-#: option.c:402
++#: option.c:419
+ msgid "Export files by TFTP only from the specified subtree."
+ msgstr ""
+
+-#: option.c:403
++#: option.c:420
+ msgid "Add client IP address to tftp-root."
+ msgstr ""
+
+-#: option.c:404
++#: option.c:421
+ msgid "Allow access only to files owned by the user running dnsmasq."
+ msgstr ""
+
+-#: option.c:405
++#: option.c:422
+ #, fuzzy, c-format
+ msgid "Maximum number of conncurrent TFTP transfers (defaults to %s)."
+ msgstr "Specifică numărul maxim de împrumuturi DHCP (implicit %s)."
+
+-#: option.c:406
++#: option.c:423
+ msgid "Disable the TFTP blocksize extension."
+ msgstr ""
+
+-#: option.c:407
++#: option.c:424
+ msgid "Convert TFTP filenames to lowercase"
+ msgstr ""
+
+-#: option.c:408
++#: option.c:425
+ msgid "Ephemeral port range for use by TFTP transfers."
+ msgstr ""
+
+-#: option.c:409
++#: option.c:426
+ msgid "Extra logging for DHCP."
+ msgstr ""
+
+-#: option.c:410
++#: option.c:427
+ msgid "Enable async. logging; optionally set queue length."
+ msgstr ""
+
+-#: option.c:411
++#: option.c:428
+ msgid "Stop DNS rebinding. Filter private IP ranges when resolving."
+ msgstr ""
+
+-#: option.c:412
++#: option.c:429
+ msgid "Allow rebinding of 127.0.0.0/8, for RBL servers."
+ msgstr ""
+
+-#: option.c:413
++#: option.c:430
+ msgid "Inhibit DNS-rebind protection on this domain."
+ msgstr ""
+
+-#: option.c:414
++#: option.c:431
+ msgid "Always perform DNS queries to all servers."
+ msgstr ""
+
+-#: option.c:415
++#: option.c:432
+ msgid "Set tag if client includes matching option in request."
+ msgstr ""
+
+-#: option.c:416
++#: option.c:433
+ msgid "Use alternative ports for DHCP."
+ msgstr ""
+
+-#: option.c:417
++#: option.c:434
+ #, fuzzy
+ msgid "Specify NAPTR DNS record."
+ msgstr "Specifică o înregistrare TXT."
+
+-#: option.c:418
++#: option.c:435
+ msgid "Specify lowest port available for DNS query transmission."
+ msgstr ""
+
+-#: option.c:419
++#: option.c:436
+ msgid "Use only fully qualified domain names for DHCP clients."
+ msgstr ""
+
+-#: option.c:420
++#: option.c:437
+ msgid "Generate hostnames based on MAC address for nameless clients."
+ msgstr ""
+
+-#: option.c:421
++#: option.c:438
+ msgid "Use these DHCP relays as full proxies."
+ msgstr ""
+
+-#: option.c:422
++#: option.c:439
+ msgid "Relay DHCP requests to a remote server"
+ msgstr ""
+
+-#: option.c:423
++#: option.c:440
+ msgid "Specify alias name for LOCAL DNS name."
+ msgstr ""
+
+-#: option.c:424
++#: option.c:441
+ #, fuzzy
+ msgid "Prompt to send to PXE clients."
+ msgstr "Configurează opţiuni în plusce trebuie trimise clienţilor DHCP."
+
+-#: option.c:425
++#: option.c:442
+ msgid "Boot service for PXE menu."
+ msgstr ""
+
+-#: option.c:426
++#: option.c:443
+ msgid "Check configuration syntax."
+ msgstr ""
+
+-#: option.c:427
++#: option.c:444
+ msgid "Add requestor's MAC address to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:428
++#: option.c:445
+ msgid "Add requestor's IP subnet to forwarded DNS queries."
+ msgstr ""
+
+-#: option.c:429
++#: option.c:446
+ #, fuzzy
+ msgid "Proxy DNSSEC validation results from upstream nameservers."
+ msgstr "Traduce adresele IPv4 de la serverele DNS superioare."
+
+-#: option.c:430
++#: option.c:447
+ msgid "Attempt to allocate sequential IP addresses to DHCP clients."
+ msgstr ""
+
+-#: option.c:431
++#: option.c:448
+ msgid "Copy connection-track mark from queries to upstream connections."
+ msgstr ""
+
+-#: option.c:432
++#: option.c:449
+ msgid "Allow DHCP clients to do their own DDNS updates."
+ msgstr ""
+
+-#: option.c:433
++#: option.c:450
+ msgid "Send router-advertisements for interfaces doing DHCPv6"
+ msgstr ""
+
+-#: option.c:434
++#: option.c:451
+ msgid "Specify DUID_EN-type DHCPv6 server DUID"
+ msgstr ""
+
+-#: option.c:435
++#: option.c:452
+ #, fuzzy
+ msgid "Specify host (A/AAAA and PTR) records"
+ msgstr "Specifică o înregistrare MX."
+
+-#: option.c:436
++#: option.c:453
+ #, fuzzy
+ msgid "Specify arbitrary DNS resource record"
+ msgstr "Specifică o înregistrare TXT."
+
+-#: option.c:437
++#: option.c:454
+ #, fuzzy
+ msgid "Bind to interfaces in use - check for new interfaces"
+ msgstr "interfaţă necunoscută %s"
+
+-#: option.c:438
++#: option.c:455
+ msgid "Export local names to global DNS"
+ msgstr ""
+
+-#: option.c:439
++#: option.c:456
+ msgid "Domain to export to global DNS"
+ msgstr ""
+
+-#: option.c:440
++#: option.c:457
+ msgid "Set TTL for authoritative replies"
+ msgstr ""
+
+-#: option.c:441
++#: option.c:458
+ msgid "Set authoritive zone information"
+ msgstr ""
+
+-#: option.c:442
++#: option.c:459
+ msgid "Secondary authoritative nameservers for forward domains"
+ msgstr ""
+
+-#: option.c:443
++#: option.c:460
+ msgid "Peers which are allowed to do zone transfer"
+ msgstr ""
+
+-#: option.c:444
++#: option.c:461
+ msgid "Specify ipsets to which matching domains should be added"
+ msgstr ""
+
+-#: option.c:445
++#: option.c:462
+ msgid "Specify a domain and address range for synthesised names"
+ msgstr ""
+
+-#: option.c:446
++#: option.c:463
+ msgid "Activate DNSSEC validation"
+ msgstr ""
+
+-#: option.c:447
++#: option.c:464
+ msgid "Specify trust anchor key digest."
+ msgstr ""
+
+-#: option.c:448
++#: option.c:465
+ msgid "Disable upstream checking for DNSSEC debugging."
+ msgstr ""
+
+-#: option.c:449
++#: option.c:466
+ msgid "Ensure answers without DNSSEC are in unsigned zones."
+ msgstr ""
+
+-#: option.c:450
++#: option.c:467
+ msgid "Don't check DNSSEC signature timestamps until first cache-reload"
+ msgstr ""
+
+-#: option.c:452
++#: option.c:468
++msgid "Timestamp file to verify system clock for DNSSEC"
++msgstr ""
++
++#: option.c:470
+ msgid "Specify DHCPv6 prefix class"
+ msgstr ""
+
+-#: option.c:454
++#: option.c:472
+ msgid "Set priority, resend-interval and router-lifetime"
+ msgstr ""
+
+-#: option.c:455
++#: option.c:473
+ msgid "Do not log routine DHCP."
+ msgstr ""
+
+-#: option.c:456
++#: option.c:474
+ msgid "Do not log routine DHCPv6."
+ msgstr ""
+
+-#: option.c:457
++#: option.c:475
+ msgid "Do not log RA."
+ msgstr ""
+
+-#: option.c:458
++#: option.c:476
+ msgid "Accept queries only from directly-connected networks"
+ msgstr ""
+
+-#: option.c:459
++#: option.c:477
+ msgid "Detect and remove DNS forwarding loops"
+ msgstr ""
+
+-#: option.c:661
++#: option.c:478
++msgid "Ignore DNS responses containing ipaddr."
++msgstr ""
++
++#: option.c:680
+ #, c-format
+ msgid ""
+ "Usage: dnsmasq [options]\n"
+@@ -720,332 +753,332 @@ msgstr ""
+ "Utilizare: dnsmasq [opţiuni]\n"
+ "\n"
+
+-#: option.c:663
++#: option.c:682
+ #, c-format
+ msgid "Use short options only on the command line.\n"
+ msgstr "Folosiţi opţiunile prescurtate doar în linie de comandă.\n"
+
+-#: option.c:665
++#: option.c:684
+ #, fuzzy, c-format
+ msgid "Valid options are:\n"
+ msgstr "Opţiunile valide sunt:\n"
+
+-#: option.c:722 option.c:726
++#: option.c:741 option.c:745
+ msgid "bad port"
+ msgstr "port invalid"
+
+-#: option.c:753 option.c:785
++#: option.c:772 option.c:804
+ msgid "interface binding not supported"
+ msgstr ""
+
+-#: option.c:762 option.c:3494
++#: option.c:781 option.c:3570
+ #, fuzzy
+ msgid "bad interface name"
+ msgstr "nume MX invalid"
+
+-#: option.c:792
++#: option.c:811
+ #, fuzzy
+ msgid "bad address"
+ msgstr "citesc %s - %d adrese"
+
+-#: option.c:974
++#: option.c:993
+ msgid "unsupported encapsulation for IPv6 option"
+ msgstr ""
+
+-#: option.c:988
++#: option.c:1007
+ msgid "bad dhcp-option"
+ msgstr "dhcp-option invalid"
+
+-#: option.c:1056
++#: option.c:1075
+ #, fuzzy
+ msgid "bad IP address"
+ msgstr "citesc %s - %d adrese"
+
+-#: option.c:1059 option.c:1197 option.c:2812
++#: option.c:1078 option.c:1216 option.c:2888
+ #, fuzzy
+ msgid "bad IPv6 address"
+ msgstr "citesc %s - %d adrese"
+
+-#: option.c:1224 option.c:1318
++#: option.c:1243 option.c:1337
+ msgid "bad domain in dhcp-option"
+ msgstr "domeniu DNS invalid în declaraţia dhcp-option"
+
+-#: option.c:1356
++#: option.c:1375
+ msgid "dhcp-option too long"
+ msgstr "declararea dhcp-option este prea lungă"
+
+-#: option.c:1363
++#: option.c:1382
+ msgid "illegal dhcp-match"
+ msgstr ""
+
+-#: option.c:1425
++#: option.c:1444
+ msgid "illegal repeated flag"
+ msgstr ""
+
+-#: option.c:1433
++#: option.c:1452
+ msgid "illegal repeated keyword"
+ msgstr ""
+
+-#: option.c:1495 option.c:4092
++#: option.c:1517 option.c:4186
+ #, fuzzy, c-format
+ msgid "cannot access directory %s: %s"
+ msgstr "nu pot citi %s: %s"
+
+-#: option.c:1541 tftp.c:493
++#: option.c:1563 tftp.c:493
+ #, fuzzy, c-format
+ msgid "cannot access %s: %s"
+ msgstr "nu pot citi %s: %s"
+
+-#: option.c:1588
++#: option.c:1615
+ msgid "setting log facility is not possible under Android"
+ msgstr ""
+
+-#: option.c:1597
++#: option.c:1624
+ msgid "bad log facility"
+ msgstr ""
+
+-#: option.c:1650
++#: option.c:1677
+ msgid "bad MX preference"
+ msgstr "preferinţă MX invalidă"
+
+-#: option.c:1655
++#: option.c:1682
+ msgid "bad MX name"
+ msgstr "nume MX invalid"
+
+-#: option.c:1669
++#: option.c:1696
+ msgid "bad MX target"
+ msgstr "ţintă MX invalidă"
+
+-#: option.c:1681
++#: option.c:1708
+ msgid "cannot run scripts under uClinux"
+ msgstr ""
+
+-#: option.c:1683
++#: option.c:1710
+ msgid "recompile with HAVE_SCRIPT defined to enable lease-change scripts"
+ msgstr ""
+
+-#: option.c:1687
++#: option.c:1714
+ msgid "recompile with HAVE_LUASCRIPT defined to enable Lua scripts"
+ msgstr ""
+
+-#: option.c:1928 option.c:1966 option.c:2015
++#: option.c:1970 option.c:2015 option.c:2071
+ #, fuzzy
+ msgid "bad prefix"
+ msgstr "port invalid"
+
+-#: option.c:2289
++#: option.c:2352
+ msgid "recompile with HAVE_IPSET defined to enable ipset directives"
+ msgstr ""
+
+-#: option.c:2469
++#: option.c:2545
+ #, fuzzy
+ msgid "bad port range"
+ msgstr "port invalid"
+
+-#: option.c:2485
++#: option.c:2561
+ msgid "bad bridge-interface"
+ msgstr ""
+
+-#: option.c:2545
++#: option.c:2621
+ msgid "only one tag allowed"
+ msgstr ""
+
+-#: option.c:2565 option.c:2577 option.c:2683 option.c:2724
++#: option.c:2641 option.c:2653 option.c:2759 option.c:2800
+ msgid "bad dhcp-range"
+ msgstr "dhcp-range invalid"
+
+-#: option.c:2592
++#: option.c:2668
+ msgid "inconsistent DHCP range"
+ msgstr "domeniu DHCP inconsistent"
+
+-#: option.c:2651
++#: option.c:2727
+ msgid "prefix length must be exactly 64 for RA subnets"
+ msgstr ""
+
+-#: option.c:2653
++#: option.c:2729
+ msgid "prefix length must be exactly 64 for subnet constructors"
+ msgstr ""
+
+-#: option.c:2657
++#: option.c:2733
+ msgid "prefix length must be at least 64"
+ msgstr ""
+
+-#: option.c:2660
++#: option.c:2736
+ #, fuzzy
+ msgid "inconsistent DHCPv6 range"
+ msgstr "domeniu DHCP inconsistent"
+
+-#: option.c:2671
++#: option.c:2747
+ msgid "prefix must be zero with \"constructor:\" argument"
+ msgstr ""
+
+-#: option.c:2782 option.c:2830
++#: option.c:2858 option.c:2906
+ #, fuzzy
+ msgid "bad hex constant"
+ msgstr "dhcp-host invalid"
+
+-#: option.c:2804
++#: option.c:2880
+ msgid "cannot match tags in --dhcp-host"
+ msgstr ""
+
+-#: option.c:2852
++#: option.c:2928
+ #, fuzzy, c-format
+ msgid "duplicate dhcp-host IP address %s"
+ msgstr "adresă IP duplicat %s în declaraţia dhcp-config."
+
+-#: option.c:2910
++#: option.c:2986
+ #, fuzzy
+ msgid "bad DHCP host name"
+ msgstr "nume MX invalid"
+
+-#: option.c:2992
++#: option.c:3068
+ #, fuzzy
+ msgid "bad tag-if"
+ msgstr "ţintă MX invalidă"
+
+-#: option.c:3316 option.c:3710
++#: option.c:3392 option.c:3786
+ msgid "invalid port number"
+ msgstr "număr de port invalid"
+
+-#: option.c:3378
++#: option.c:3454
+ #, fuzzy
+ msgid "bad dhcp-proxy address"
+ msgstr "citesc %s - %d adrese"
+
+-#: option.c:3404
++#: option.c:3480
+ #, fuzzy
+ msgid "Bad dhcp-relay"
+ msgstr "dhcp-range invalid"
+
+-#: option.c:3430
++#: option.c:3506
+ msgid "bad RA-params"
+ msgstr ""
+
+-#: option.c:3439
++#: option.c:3515
+ msgid "bad DUID"
+ msgstr ""
+
+-#: option.c:3481
++#: option.c:3557
+ #, fuzzy
+ msgid "invalid alias range"
+ msgstr "pondere invalidă"
+
+-#: option.c:3535
++#: option.c:3611
+ msgid "bad CNAME"
+ msgstr ""
+
+-#: option.c:3540
++#: option.c:3616
+ msgid "duplicate CNAME"
+ msgstr ""
+
+-#: option.c:3560
++#: option.c:3636
+ #, fuzzy
+ msgid "bad PTR record"
+ msgstr "înregistrare SRV invalidă"
+
+-#: option.c:3591
++#: option.c:3667
+ #, fuzzy
+ msgid "bad NAPTR record"
+ msgstr "înregistrare SRV invalidă"
+
+-#: option.c:3625
++#: option.c:3701
+ #, fuzzy
+ msgid "bad RR record"
+ msgstr "înregistrare SRV invalidă"
+
+-#: option.c:3655
++#: option.c:3731
+ msgid "bad TXT record"
+ msgstr "înregistrare TXT invalidă"
+
+-#: option.c:3696
++#: option.c:3772
+ msgid "bad SRV record"
+ msgstr "înregistrare SRV invalidă"
+
+-#: option.c:3703
++#: option.c:3779
+ msgid "bad SRV target"
+ msgstr "ţintă SRV invalidă"
+
+-#: option.c:3717
++#: option.c:3793
+ msgid "invalid priority"
+ msgstr "prioritate invalidă"
+
+-#: option.c:3724
++#: option.c:3800
+ msgid "invalid weight"
+ msgstr "pondere invalidă"
+
+-#: option.c:3748
++#: option.c:3824
+ #, fuzzy
+ msgid "Bad host-record"
+ msgstr "înregistrare SRV invalidă"
+
+-#: option.c:3765
++#: option.c:3841
+ #, fuzzy
+ msgid "Bad name in host-record"
+ msgstr "nume invalid în %s"
+
+-#: option.c:3826
++#: option.c:3906
+ #, fuzzy
+ msgid "bad trust anchor"
+ msgstr "port invalid"
+
+-#: option.c:3840
++#: option.c:3920
+ msgid "bad HEX in trust anchor"
+ msgstr ""
+
+-#: option.c:3850
++#: option.c:3930
+ msgid "unsupported option (check that dnsmasq was compiled with DHCP/TFTP/DNSSEC/DBus support)"
+ msgstr ""
+
+-#: option.c:3909
++#: option.c:3989
+ msgid "missing \""
+ msgstr "lipseşte \""
+
+-#: option.c:3966
++#: option.c:4046
+ msgid "bad option"
+ msgstr "opţiune invalidă"
+
+-#: option.c:3968
++#: option.c:4048
+ msgid "extraneous parameter"
+ msgstr "parametru nerecunoscut"
+
+-#: option.c:3970
++#: option.c:4050
+ msgid "missing parameter"
+ msgstr "parametru lipsa"
+
+-#: option.c:3972
++#: option.c:4052
+ #, fuzzy
+ msgid "illegal option"
+ msgstr "opţiune invalidă"
+
+-#: option.c:3979
++#: option.c:4059
+ msgid "error"
+ msgstr "eroare"
+
+-#: option.c:3981
++#: option.c:4061
+ #, fuzzy, c-format
+ msgid " at line %d of %s"
+ msgstr "%s la linia %d din %%s"
+
+-#: option.c:4045 option.c:4168 tftp.c:667
+-#, c-format
+-msgid "cannot read %s: %s"
+-msgstr "nu pot citi %s: %s"
+-
+-#: option.c:4229 option.c:4265
++#: option.c:4076 option.c:4323 option.c:4359
+ #, fuzzy, c-format
+ msgid "read %s"
+ msgstr "citesc %s"
+
+-#: option.c:4331
++#: option.c:4139 option.c:4262 tftp.c:667
++#, c-format
++msgid "cannot read %s: %s"
++msgstr "nu pot citi %s: %s"
++
++#: option.c:4425
+ msgid "junk found in command line"
+ msgstr ""
+
+-#: option.c:4366
++#: option.c:4460
+ #, c-format
+ msgid "Dnsmasq version %s %s\n"
+ msgstr "dnsmasq versiunea %s %s\n"
+
+-#: option.c:4367
++#: option.c:4461
+ #, fuzzy, c-format
+ msgid ""
+ "Compile time options: %s\n"
+@@ -1054,89 +1087,89 @@ msgstr ""
+ "Opţiuni cu care a fost compilat %s\n"
+ "\n"
+
+-#: option.c:4368
++#: option.c:4462
+ #, c-format
+ msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+ msgstr "Acest program vine FĂRĂ NICI O GARANŢIE.\n"
+
+-#: option.c:4369
++#: option.c:4463
+ #, c-format
+ msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+ msgstr "Dnsmasq este un program gratuit, sunteţi invitaţi să-l redistribuiţi\n"
+
+-#: option.c:4370
++#: option.c:4464
+ #, fuzzy, c-format
+ msgid "under the terms of the GNU General Public License, version 2 or 3.\n"
+ msgstr "în termenii Licenţei publice generale GNU, versiunea 2.\n"
+
+-#: option.c:4381
++#: option.c:4475
+ msgid "try --help"
+ msgstr ""
+
+-#: option.c:4383
++#: option.c:4477
+ msgid "try -w"
+ msgstr ""
+
+-#: option.c:4385
++#: option.c:4479
+ #, fuzzy, c-format
+ msgid "bad command line options: %s"
+ msgstr "opţiuni în linie de comandă invalide: %s."
+
+-#: option.c:4434
++#: option.c:4535
+ #, c-format
+ msgid "cannot get host-name: %s"
+ msgstr "nu pot citi numele maşinii: %s"
+
+-#: option.c:4462
++#: option.c:4563
+ msgid "only one resolv.conf file allowed in no-poll mode."
+ msgstr "se permite un singur fişier resolv.conf în modul no-poll"
+
+-#: option.c:4472
++#: option.c:4573
+ msgid "must have exactly one resolv.conf to read domain from."
+ msgstr "am nevoie de un singur resolv.conf din care să citesc numele domeniului."
+
+-#: option.c:4475 network.c:1506 dhcp.c:769
++#: option.c:4576 network.c:1506 dhcp.c:774
+ #, fuzzy, c-format
+ msgid "failed to read %s: %s"
+ msgstr "nu pot citi %s: %s"
+
+-#: option.c:4492
++#: option.c:4593
+ #, c-format
+ msgid "no search directive found in %s"
+ msgstr "nu s-a găsit nici un criteriu de căutare în %s"
+
+-#: option.c:4513
++#: option.c:4614
+ msgid "there must be a default domain when --dhcp-fqdn is set"
+ msgstr ""
+
+-#: option.c:4522
++#: option.c:4623
+ msgid "syntax check OK"
+ msgstr ""
+
+-#: forward.c:114
++#: forward.c:111
+ #, fuzzy, c-format
+ msgid "failed to send packet: %s"
+ msgstr "ascultarea pe socket a eşuat: %s"
+
+-#: forward.c:574
++#: forward.c:572
+ msgid "discarding DNS reply: subnet option mismatch"
+ msgstr ""
+
+-#: forward.c:597
++#: forward.c:595
+ #, c-format
+ msgid "nameserver %s refused to do a recursive query"
+ msgstr "serverul DNS %s refuză interogările recursive"
+
+-#: forward.c:629
++#: forward.c:627
+ #, c-format
+ msgid "possible DNS-rebind attack detected: %s"
+ msgstr ""
+
+-#: forward.c:1132 forward.c:1663
++#: forward.c:1156 forward.c:1722
+ msgid "Ignoring query from non-local network"
+ msgstr ""
+
+-#: forward.c:2101
++#: forward.c:2178
+ #, fuzzy, c-format
+ msgid "Maximum number of concurrent DNS queries reached (max: %d)"
+ msgstr "Specifică numărul maxim de împrumuturi DHCP (implicit %s)."
+@@ -1226,273 +1259,286 @@ msgstr "folosim serverul DNS %s#%d"
+ msgid "using nameserver %s#%d"
+ msgstr "folosim serverul DNS %s#%d"
+
+-#: dnsmasq.c:154
+-msgid "No trust anchors provided for DNSSEC"
++#: dnsmasq.c:149
++msgid "dhcp-hostsdir, dhcp-optsdir and hostsdir are not supported on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:157
+-msgid "Cannot reduce cache size from default when DNSSEC enabled"
++#: dnsmasq.c:156
++msgid "no trust anchors provided for DNSSEC"
+ msgstr ""
+
+ #: dnsmasq.c:159
++msgid "cannot reduce cache size from default when DNSSEC enabled"
++msgstr ""
++
++#: dnsmasq.c:161
+ #, fuzzy
+ msgid "DNSSEC not available: set HAVE_DNSSEC in src/config.h"
+ msgstr "DBus nu este disponibil: puneţi HAVE_DBUS in src/config.h"
+
+-#: dnsmasq.c:165
++#: dnsmasq.c:167
+ #, fuzzy
+ msgid "TFTP server not available: set HAVE_TFTP in src/config.h"
+ msgstr "DBus nu este disponibil: puneţi HAVE_DBUS in src/config.h"
+
+-#: dnsmasq.c:170
+-msgid "Cannot use --conntrack AND --query-port"
++#: dnsmasq.c:172
++msgid "cannot use --conntrack AND --query-port"
+ msgstr ""
+
+-#: dnsmasq.c:173
++#: dnsmasq.c:175
+ #, fuzzy
+-msgid "Conntrack support not available: set HAVE_CONNTRACK in src/config.h"
++msgid "conntrack support not available: set HAVE_CONNTRACK in src/config.h"
+ msgstr "DBus nu este disponibil: puneţi HAVE_DBUS in src/config.h"
+
+-#: dnsmasq.c:178
++#: dnsmasq.c:180
+ msgid "asychronous logging is not available under Solaris"
+ msgstr ""
+
+-#: dnsmasq.c:183
++#: dnsmasq.c:185
+ msgid "asychronous logging is not available under Android"
+ msgstr ""
+
+-#: dnsmasq.c:188
++#: dnsmasq.c:190
+ #, fuzzy
+ msgid "authoritative DNS not available: set HAVE_AUTH in src/config.h"
+ msgstr "DBus nu este disponibil: puneţi HAVE_DBUS in src/config.h"
+
+-#: dnsmasq.c:193
++#: dnsmasq.c:195
+ #, fuzzy
+-msgid "Loop detection not available: set HAVE_LOOP in src/config.h"
++msgid "loop detection not available: set HAVE_LOOP in src/config.h"
+ msgstr "DBus nu este disponibil: puneţi HAVE_DBUS in src/config.h"
+
+-#: dnsmasq.c:201
++#: dnsmasq.c:203
+ msgid "zone serial must be configured in --auth-soa"
+ msgstr ""
+
+-#: dnsmasq.c:219
++#: dnsmasq.c:221
+ msgid "dhcp-range constructor not available on this platform"
+ msgstr ""
+
+-#: dnsmasq.c:262
++#: dnsmasq.c:264
+ msgid "cannot set --bind-interfaces and --bind-dynamic"
+ msgstr ""
+
+-#: dnsmasq.c:265
++#: dnsmasq.c:267
+ #, c-format
+ msgid "failed to find list of interfaces: %s"
+ msgstr "enumerarea interfeţelor a eşuat: %s"
+
+-#: dnsmasq.c:274
++#: dnsmasq.c:276
+ #, c-format
+ msgid "unknown interface %s"
+ msgstr "interfaţă necunoscută %s"
+
+-#: dnsmasq.c:330 dnsmasq.c:954
++#: dnsmasq.c:340 dnsmasq.c:1004
+ #, c-format
+ msgid "DBus error: %s"
+ msgstr "eroare DBus: %s"
+
+-#: dnsmasq.c:333
++#: dnsmasq.c:343
+ msgid "DBus not available: set HAVE_DBUS in src/config.h"
+ msgstr "DBus nu este disponibil: puneţi HAVE_DBUS in src/config.h"
+
+-#: dnsmasq.c:361
++#: dnsmasq.c:371
+ #, c-format
+ msgid "unknown user or group: %s"
+ msgstr ""
+
+-#: dnsmasq.c:416
++#: dnsmasq.c:426
+ #, c-format
+ msgid "cannot chdir to filesystem root: %s"
+ msgstr ""
+
+-#: dnsmasq.c:653
++#: dnsmasq.c:667
+ #, fuzzy, c-format
+ msgid "started, version %s DNS disabled"
+ msgstr "am pornit, versiunea %s memorie temporară dezactivată"
+
+-#: dnsmasq.c:655
++#: dnsmasq.c:669
+ #, c-format
+ msgid "started, version %s cachesize %d"
+ msgstr "am ponit, versiunea %s memorie temporară %d"
+
+-#: dnsmasq.c:657
++#: dnsmasq.c:671
+ #, c-format
+ msgid "started, version %s cache disabled"
+ msgstr "am pornit, versiunea %s memorie temporară dezactivată"
+
+-#: dnsmasq.c:659
++#: dnsmasq.c:673
+ #, c-format
+ msgid "compile time options: %s"
+ msgstr "compilat cu opţiunile: %s"
+
+-#: dnsmasq.c:665
++#: dnsmasq.c:679
+ msgid "DBus support enabled: connected to system bus"
+ msgstr "suportul DBus activ: sunt conectat la magistrala sistem"
+
+-#: dnsmasq.c:667
++#: dnsmasq.c:681
+ msgid "DBus support enabled: bus connection pending"
+ msgstr "suportul DBus activ: aştept conexiunea la magistrală"
+
+-#: dnsmasq.c:672
++#: dnsmasq.c:686
+ msgid "DNS service limited to local subnets"
+ msgstr ""
+
+-#: dnsmasq.c:677
++#: dnsmasq.c:702
+ msgid "DNSSEC validation enabled"
+ msgstr ""
+
+-#: dnsmasq.c:679
++#: dnsmasq.c:705
+ msgid "DNSSEC signature timestamps not checked until first cache reload"
+ msgstr ""
+
++#: dnsmasq.c:708
++msgid "DNSSEC signature timestamps not checked until system time valid"
++msgstr ""
++
+ # for compatibility purposes the letters â, ă, ş, ţ and î can be written as their look-alike correspondent.
+-#: dnsmasq.c:684
++#: dnsmasq.c:713
+ #, fuzzy, c-format
+ msgid "warning: failed to change owner of %s: %s"
+ msgstr "încărcarea numelor din %s: %s a eşuat"
+
+-#: dnsmasq.c:688
++#: dnsmasq.c:717
+ msgid "setting --bind-interfaces option because of OS limitations"
+ msgstr "specific opţiunea --bind-interfaces din cauza limitărilor SO"
+
+-#: dnsmasq.c:698
++#: dnsmasq.c:727
+ #, c-format
+ msgid "warning: interface %s does not currently exist"
+ msgstr "atenţie: interfaţa %s nu există momentan"
+
+-#: dnsmasq.c:703
++#: dnsmasq.c:732
+ msgid "warning: ignoring resolv-file flag because no-resolv is set"
+ msgstr ""
+
+-#: dnsmasq.c:706
++#: dnsmasq.c:735
+ #, fuzzy
+ msgid "warning: no upstream servers configured"
+ msgstr "configurăm serverele superioare prin Dbus"
+
+-#: dnsmasq.c:710
++#: dnsmasq.c:739
+ #, c-format
+ msgid "asynchronous logging enabled, queue limit is %d messages"
+ msgstr ""
+
+-#: dnsmasq.c:731
++#: dnsmasq.c:760
+ msgid "IPv6 router advertisement enabled"
+ msgstr ""
+
+-#: dnsmasq.c:736
++#: dnsmasq.c:765
+ #, c-format
+ msgid "DHCP, sockets bound exclusively to interface %s"
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ msgid "root is "
+ msgstr ""
+
+-#: dnsmasq.c:753
++#: dnsmasq.c:782
+ #, fuzzy
+ msgid "enabled"
+ msgstr "dezactivat"
+
+-#: dnsmasq.c:755
++#: dnsmasq.c:784
+ msgid "secure mode"
+ msgstr ""
+
+-#: dnsmasq.c:781
++#: dnsmasq.c:810
+ #, c-format
+ msgid "restricting maximum simultaneous TFTP transfers to %d"
+ msgstr ""
+
+-#: dnsmasq.c:956
++#: dnsmasq.c:1006
+ msgid "connected to system DBus"
+ msgstr "magistrala sistem Dbus conectată"
+
+-#: dnsmasq.c:1106
++#: dnsmasq.c:1156
+ #, c-format
+ msgid "cannot fork into background: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1109
++#: dnsmasq.c:1159
+ #, fuzzy, c-format
+ msgid "failed to create helper: %s"
+ msgstr "nu pot citi %s: %s"
+
+-#: dnsmasq.c:1112
++#: dnsmasq.c:1162
+ #, c-format
+ msgid "setting capabilities failed: %s"
+ msgstr ""
+
+ # for compatibility purposes the letters â, ă, ş, ţ and î can be written as their look-alike correspondent.
+-#: dnsmasq.c:1115
++#: dnsmasq.c:1165
+ #, fuzzy, c-format
+ msgid "failed to change user-id to %s: %s"
+ msgstr "încărcarea numelor din %s: %s a eşuat"
+
+ # for compatibility purposes the letters â, ă, ş, ţ and î can be written as their look-alike correspondent.
+-#: dnsmasq.c:1118
++#: dnsmasq.c:1168
+ #, fuzzy, c-format
+ msgid "failed to change group-id to %s: %s"
+ msgstr "încărcarea numelor din %s: %s a eşuat"
+
+-#: dnsmasq.c:1121
++#: dnsmasq.c:1171
+ #, fuzzy, c-format
+ msgid "failed to open pidfile %s: %s"
+ msgstr "nu pot citi %s: %s"
+
+-#: dnsmasq.c:1124
++#: dnsmasq.c:1174
+ #, fuzzy, c-format
+ msgid "cannot open log %s: %s"
+ msgstr "nu pot deschide %s:%s"
+
+-#: dnsmasq.c:1127
++#: dnsmasq.c:1177
+ #, fuzzy, c-format
+ msgid "failed to load Lua script: %s"
+ msgstr "nu pot încărca %s: %s"
+
+-#: dnsmasq.c:1130
++#: dnsmasq.c:1180
+ #, c-format
+ msgid "TFTP directory %s inaccessible: %s"
+ msgstr ""
+
+-#: dnsmasq.c:1151
++#: dnsmasq.c:1183
++#, fuzzy, c-format
++msgid "cannot create timestamp file %s: %s"
++msgstr "nu pot creea sau deschide fişierul cu împrumuturi: %s"
++
++#: dnsmasq.c:1204
+ msgid "now checking DNSSEC signature timestamps"
+ msgstr ""
+
+-#: dnsmasq.c:1218
++#: dnsmasq.c:1271
+ #, c-format
+ msgid "script process killed by signal %d"
+ msgstr ""
+
+-#: dnsmasq.c:1222
++#: dnsmasq.c:1275
+ #, c-format
+ msgid "script process exited with status %d"
+ msgstr ""
+
+-#: dnsmasq.c:1226
++#: dnsmasq.c:1279
+ #, fuzzy, c-format
+ msgid "failed to execute %s: %s"
+ msgstr "accesarea serverului %s a eşuat: %s"
+
+-#: dnsmasq.c:1281
++#: dnsmasq.c:1334
+ msgid "exiting on receipt of SIGTERM"
+ msgstr "am primit SIGTERM, am terminat"
+
+-#: dnsmasq.c:1309
++#: dnsmasq.c:1362
+ #, fuzzy, c-format
+ msgid "failed to access %s: %s"
+ msgstr "accesarea serverului %s a eşuat: %s"
+
+-#: dnsmasq.c:1339
++#: dnsmasq.c:1392
+ #, c-format
+ msgid "reading %s"
+ msgstr "citesc %s"
+
+-#: dnsmasq.c:1350
++#: dnsmasq.c:1403
+ #, fuzzy, c-format
+ msgid "no servers found in %s, will retry"
+ msgstr "nu s-a găsit nici un criteriu de căutare în %s"
+@@ -1532,27 +1578,27 @@ msgstr "interfaţă necunoscută %s"
+ msgid "DHCP packet received on %s which has no address"
+ msgstr ""
+
+-#: dhcp.c:408
++#: dhcp.c:412
+ #, c-format
+ msgid "ARP-cache injection failed: %s"
+ msgstr ""
+
+-#: dhcp.c:506
++#: dhcp.c:511
+ #, c-format
+ msgid "DHCP range %s -- %s is not consistent with netmask %s"
+ msgstr "domeniu DHCP %s -- %s nu este consistent cu masca de reţea %s"
+
+-#: dhcp.c:807
++#: dhcp.c:812
+ #, c-format
+ msgid "bad line at %s line %d"
+ msgstr "linie invalidă în %s rândul %d"
+
+-#: dhcp.c:850
++#: dhcp.c:855
+ #, c-format
+ msgid "ignoring %s line %d, duplicate name or IP address"
+ msgstr ""
+
+-#: dhcp.c:994 rfc3315.c:2089
++#: dhcp.c:999 rfc3315.c:2139
+ #, c-format
+ msgid "DHCP relay %s -> %s"
+ msgstr ""
+@@ -1623,12 +1669,12 @@ msgstr "eroare DBus: %s"
+ msgid "disabled"
+ msgstr "dezactivat"
+
+-#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:602 rfc3315.c:823
+-#: rfc3315.c:1095
++#: rfc2131.c:539 rfc2131.c:967 rfc2131.c:1385 rfc3315.c:603 rfc3315.c:860
++#: rfc3315.c:1139
+ msgid "ignored"
+ msgstr "ignorat"
+
+-#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:873
++#: rfc2131.c:554 rfc2131.c:1205 rfc3315.c:910
+ msgid "address in use"
+ msgstr "adresa este folosită"
+
+@@ -1648,7 +1694,7 @@ msgstr "adresă lipsă"
+ msgid "no leases left"
+ msgstr "nu mai am de unde să împrumut"
+
+-#: rfc2131.c:691 rfc3315.c:475
++#: rfc2131.c:691 rfc3315.c:476
+ #, c-format
+ msgid "%u client provides name: %s"
+ msgstr ""
+@@ -1657,7 +1703,7 @@ msgstr ""
+ msgid "PXE BIS not supported"
+ msgstr ""
+
+-#: rfc2131.c:935 rfc3315.c:1189
++#: rfc2131.c:935 rfc3315.c:1233
+ #, fuzzy, c-format
+ msgid "disabling DHCP static address %s for %s"
+ msgstr "dezactivăm adresele DHCP statice %s"
+@@ -1693,7 +1739,7 @@ msgstr ""
+ msgid "wrong address"
+ msgstr "adresă greşită"
+
+-#: rfc2131.c:1143 rfc3315.c:969
++#: rfc2131.c:1143 rfc3315.c:1006
+ msgid "lease not found"
+ msgstr "împrumutul nu a fost găsit"
+
+@@ -1743,7 +1789,7 @@ msgstr "nu pot trimite opţiunea DHCP %d: nu mai este loc în pachet"
+ msgid "PXE menu too large"
+ msgstr ""
+
+-#: rfc2131.c:2173 rfc3315.c:1456
++#: rfc2131.c:2173 rfc3315.c:1506
+ #, fuzzy, c-format
+ msgid "%u requested options: %s"
+ msgstr "compilat cu opţiunile: %s"
+@@ -1758,7 +1804,7 @@ msgstr ""
+ msgid "cannot create netlink socket: %s"
+ msgstr "nu pot să activez socket-ul netlink: %s"
+
+-#: netlink.c:347
++#: netlink.c:348
+ #, fuzzy, c-format
+ msgid "netlink returns error: %s"
+ msgstr "eroare DBus: %s"
+@@ -1876,66 +1922,66 @@ msgstr "nici un domeniu de adrese disponibil pentru cererea DHCP %s %s"
+ msgid "%u available DHCPv6 subnet: %s/%d"
+ msgstr "nici un domeniu de adrese disponibil pentru cererea DHCP %s %s"
+
+-#: rfc3315.c:379
++#: rfc3315.c:380
+ #, fuzzy, c-format
+ msgid "%u vendor class: %u"
+ msgstr "eroare DBus: %s"
+
+-#: rfc3315.c:427
++#: rfc3315.c:428
+ #, fuzzy, c-format
+ msgid "%u client MAC address: %s"
+ msgstr "nu exista interfaţă pentru adresa %s"
+
+-#: rfc3315.c:659
++#: rfc3315.c:660
+ #, fuzzy, c-format
+ msgid "unknown prefix-class %d"
+ msgstr "împrumut necunoscut"
+
+-#: rfc3315.c:791 rfc3315.c:913
++#: rfc3315.c:803 rfc3315.c:902
++#, fuzzy
++msgid "address unavailable"
++msgstr "adresă indisponibilă"
++
++#: rfc3315.c:815 rfc3315.c:950 rfc3315.c:1283
+ msgid "success"
+ msgstr ""
+
+-#: rfc3315.c:806 rfc3315.c:808 rfc3315.c:921 rfc3315.c:923
++#: rfc3315.c:843 rfc3315.c:845 rfc3315.c:958 rfc3315.c:960
+ #, fuzzy
+ msgid "no addresses available"
+ msgstr "nici o adresă disponibilă"
+
+-#: rfc3315.c:865
+-#, fuzzy
+-msgid "address unavailable"
+-msgstr "adresă indisponibilă"
+-
+-#: rfc3315.c:900
++#: rfc3315.c:937
+ msgid "not on link"
+ msgstr ""
+
+-#: rfc3315.c:973 rfc3315.c:1151 rfc3315.c:1228
++#: rfc3315.c:1010 rfc3315.c:1195 rfc3315.c:1272
+ msgid "no binding found"
+ msgstr ""
+
+-#: rfc3315.c:1011
++#: rfc3315.c:1048
+ msgid "deprecated"
+ msgstr ""
+
+-#: rfc3315.c:1016
++#: rfc3315.c:1053
+ #, fuzzy
+ msgid "address invalid"
+ msgstr "adresa este folosită"
+
+-#: rfc3315.c:1061
++#: rfc3315.c:1100
+ msgid "confirm failed"
+ msgstr ""
+
+-#: rfc3315.c:1072
++#: rfc3315.c:1116
+ #, fuzzy
+ msgid "all addresses still on link"
+ msgstr "adresă greşită în %s, linia %d"
+
+-#: rfc3315.c:1160
++#: rfc3315.c:1204
+ msgid "release received"
+ msgstr ""
+
+-#: rfc3315.c:2080
++#: rfc3315.c:2130
+ msgid "Cannot multicast to DHCPv6 server without correct interface"
+ msgstr ""
+
+@@ -2028,7 +2074,7 @@ msgstr ""
+ msgid "cannot create ICMPv6 socket: %s"
+ msgstr "nu pot creea socket DHCP: %s"
+
+-#: auth.c:429
++#: auth.c:436
+ #, c-format
+ msgid "ignoring zone transfer request from %s"
+ msgstr ""
+@@ -2043,54 +2089,89 @@ msgstr "activarea socket-ului server-ului DHCP a eşuat: %s"
+ msgid "failed to create IPset control socket: %s"
+ msgstr "creearea socket-ului de ascultare a eşuat: %s"
+
++#: dnssec.c:425 dnssec.c:469
++#, fuzzy, c-format
++msgid "failed to update mtime on %s: %s"
++msgstr "nu pot citi %s: %s"
++
+ #: blockdata.c:58
+ #, c-format
+ msgid "DNSSEC memory in use %u, max %u, allocated %u"
+ msgstr ""
+
+-#: tables.c:76
++#: tables.c:80
+ msgid "error: fill_addr missused"
+ msgstr ""
+
+-#: tables.c:105
++#: tables.c:109
+ #, fuzzy, c-format
+ msgid "failed to access pf devices: %s"
+ msgstr "accesarea serverului %s a eşuat: %s"
+
+-#: tables.c:119
++#: tables.c:123
+ #, fuzzy, c-format
+ msgid "warning: no opened pf devices %s"
+ msgstr "folosim adresele locale doar pentru %S %s"
+
+-#: tables.c:127
++#: tables.c:131
+ #, fuzzy, c-format
+ msgid "error: cannot use table name %s"
+ msgstr "nu pot citi numele maşinii: %s"
+
+-#: tables.c:135
++#: tables.c:139
+ #, c-format
+ msgid "error: cannot strlcpy table name %s"
+ msgstr ""
+
+-#: tables.c:141
++#: tables.c:145
+ #, c-format
+ msgid "warning: pfr_add_tables: %s(%d)"
+ msgstr ""
+
+-#: tables.c:147
++#: tables.c:151
+ msgid "info: table created"
+ msgstr ""
+
+-#: tables.c:158
++#: tables.c:162
+ #, c-format
+ msgid "warning: DIOCR%sADDRS: %s"
+ msgstr ""
+
+-#: tables.c:162
++#: tables.c:166
+ #, fuzzy, c-format
+ msgid "%d addresses %s"
+ msgstr "citesc %s - %d adrese"
+
++#: inotify.c:46
++#, fuzzy, c-format
++msgid "failed to create inotify: %s"
++msgstr "nu pot citi %s: %s"
++
++#: inotify.c:60
++#, fuzzy, c-format
++msgid "cannot cannonicalise resolv-file %s: %s"
++msgstr "nu pot creea sau deschide fişierul cu împrumuturi: %s"
++
++#: inotify.c:72
++#, c-format
++msgid "directory %s for resolv-file is missing, cannot poll"
++msgstr ""
++
++#: inotify.c:75 inotify.c:112
++#, fuzzy, c-format
++msgid "failed to create inotify for %s: %s"
++msgstr "creearea socket-ului de ascultare a eşuat: %s"
++
++#: inotify.c:97
++#, fuzzy, c-format
++msgid "bad dynamic directory %s: %s"
++msgstr "nu pot citi %s: %s"
++
++#: inotify.c:197
++#, c-format
++msgid "inotify, new or changed file %s"
++msgstr ""
++
+ #~ msgid "duplicate IP address %s in dhcp-config directive."
+ #~ msgstr "adresă IP duplicat %s în declaraţia dhcp-config."
+
+--
+2.1.0
+
--- /dev/null
+From 30d0879ed55cb67b1b735beab3d93f3bb3ef1dd2 Mon Sep 17 00:00:00 2001
+From: Stefan Tomanek <stefan.tomanek+dnsmasq@wertarbyte.de>
+Date: Tue, 31 Mar 2015 22:32:11 +0100
+Subject: [PATCH 68/98] add --tftp-no-fail to ignore missing tftp root
+
+---
+ CHANGELOG | 3 +++
+ dnsmasq.conf.example | 3 +++
+ man/dnsmasq.8 | 3 +++
+ src/dnsmasq.c | 40 ++++++++++++++++++++++++++++++----------
+ src/dnsmasq.h | 4 +++-
+ src/option.c | 3 +++
+ 6 files changed, 45 insertions(+), 11 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 4f4fa305deaa..34432ae4807f 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -72,6 +72,9 @@ version 2.73
+ on systems without an RTC, whilst allowing DNS queries before the
+ clock is valid so that NTP can run. Thanks to
+ Kevin Darbyshire-Bryant for developing this idea.
++
++ Add --tftp-no-fail option. Thanks to Stefan Tomanek for
++ the patch.
+
+
+ version 2.72
+diff --git a/dnsmasq.conf.example b/dnsmasq.conf.example
+index 1bd305dbdbad..67be99acb028 100644
+--- a/dnsmasq.conf.example
++++ b/dnsmasq.conf.example
+@@ -486,6 +486,9 @@
+ # Set the root directory for files available via FTP.
+ #tftp-root=/var/ftpd
+
++# Do not abort if the tftp-root is unavailable
++#tftp-no-fail
++
+ # Make the TFTP server more secure: with this set, only files owned by
+ # the user dnsmasq is running as will be send over the net.
+ #tftp-secure
+diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
+index 1f1dd7b69c53..6b4626cc0aad 100644
+--- a/man/dnsmasq.8
++++ b/man/dnsmasq.8
+@@ -1711,6 +1711,9 @@ Absolute paths (starting with /) are allowed, but they must be within
+ the tftp-root. If the optional interface argument is given, the
+ directory is only used for TFTP requests via that interface.
+ .TP
++.B --tftp-no-fail
++Do not abort startup if specified tftp root directories are inaccessible.
++.TP
+ .B --tftp-unique-root
+ Add the IP address of the TFTP client as a path component on the end
+ of the TFTP-root (in standard dotted-quad format). Only valid if a
+diff --git a/src/dnsmasq.c b/src/dnsmasq.c
+index b784951950d4..0d4d4558a2e2 100644
+--- a/src/dnsmasq.c
++++ b/src/dnsmasq.c
+@@ -58,6 +58,9 @@ int main (int argc, char **argv)
+ struct dhcp_context *context;
+ struct dhcp_relay *relay;
+ #endif
++#ifdef HAVE_TFTP
++ int tftp_prefix_missing = 0;
++#endif
+
+ #ifdef LOCALEDIR
+ setlocale(LC_ALL, "");
+@@ -636,7 +639,7 @@ int main (int argc, char **argv)
+ #endif
+
+ #ifdef HAVE_TFTP
+- if (option_bool(OPT_TFTP))
++ if (option_bool(OPT_TFTP))
+ {
+ DIR *dir;
+ struct tftp_prefix *p;
+@@ -645,24 +648,33 @@ int main (int argc, char **argv)
+ {
+ if (!((dir = opendir(daemon->tftp_prefix))))
+ {
+- send_event(err_pipe[1], EVENT_TFTP_ERR, errno, daemon->tftp_prefix);
+- _exit(0);
++ tftp_prefix_missing = 1;
++ if (!option_bool(OPT_TFTP_NO_FAIL))
++ {
++ send_event(err_pipe[1], EVENT_TFTP_ERR, errno, daemon->tftp_prefix);
++ _exit(0);
++ }
+ }
+ closedir(dir);
+ }
+-
++
+ for (p = daemon->if_prefix; p; p = p->next)
+ {
++ p->missing = 0;
+ if (!((dir = opendir(p->prefix))))
+- {
+- send_event(err_pipe[1], EVENT_TFTP_ERR, errno, p->prefix);
+- _exit(0);
+- }
++ {
++ p->missing = 1;
++ if (!option_bool(OPT_TFTP_NO_FAIL))
++ {
++ send_event(err_pipe[1], EVENT_TFTP_ERR, errno, p->prefix);
++ _exit(0);
++ }
++ }
+ closedir(dir);
+ }
+ }
+ #endif
+-
++
+ if (daemon->port == 0)
+ my_syslog(LOG_INFO, _("started, version %s DNS disabled"), VERSION);
+ else if (daemon->cachesize != 0)
+@@ -772,7 +784,8 @@ int main (int argc, char **argv)
+
+ #ifdef HAVE_TFTP
+ if (option_bool(OPT_TFTP))
+- {
++ {
++ struct tftp_prefix *p;
+ #ifdef FD_SETSIZE
+ if (FD_SETSIZE < (unsigned)max_fd)
+ max_fd = FD_SETSIZE;
+@@ -782,7 +795,14 @@ int main (int argc, char **argv)
+ daemon->tftp_prefix ? _("root is ") : _("enabled"),
+ daemon->tftp_prefix ? daemon->tftp_prefix: "",
+ option_bool(OPT_TFTP_SECURE) ? _("secure mode") : "");
++
++ if (tftp_prefix_missing)
++ my_syslog(MS_TFTP | LOG_WARNING, _("warning: %s inaccessible"), daemon->tftp_prefix);
+
++ for (p = daemon->if_prefix; p; p = p->next)
++ if (p->missing)
++ my_syslog(MS_TFTP | LOG_WARNING, _("warning: TFTP directory %s inaccessible"), p->prefix);
++
+ /* This is a guess, it assumes that for small limits,
+ disjoint files might be served, but for large limits,
+ a single file will be sent to may clients (the file only needs
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index de95d0e875e3..42952fc76c7a 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -240,7 +240,8 @@ struct event_desc {
+ #define OPT_LOCAL_SERVICE 49
+ #define OPT_LOOP_DETECT 50
+ #define OPT_EXTRALOG 51
+-#define OPT_LAST 52
++#define OPT_TFTP_NO_FAIL 52
++#define OPT_LAST 53
+
+ /* extra flags for my_syslog, we use a couple of facilities since they are known
+ not to occupy the same bits as priorities, no matter how syslog.h is set up. */
+@@ -901,6 +902,7 @@ struct addr_list {
+ struct tftp_prefix {
+ char *interface;
+ char *prefix;
++ int missing;
+ struct tftp_prefix *next;
+ };
+
+diff --git a/src/option.c b/src/option.c
+index 3009eb545fde..f91cfbb1aa54 100644
+--- a/src/option.c
++++ b/src/option.c
+@@ -153,6 +153,7 @@ struct myoption {
+ #define LOPT_DHOPT_INOTIFY 341
+ #define LOPT_HOST_INOTIFY 342
+ #define LOPT_DNSSEC_STAMP 343
++#define LOPT_TFTP_NO_FAIL 344
+
+ #ifdef HAVE_GETOPT_LONG
+ static const struct option opts[] =
+@@ -235,6 +236,7 @@ static const struct myoption opts[] =
+ { "dhcp-ignore-names", 2, 0, LOPT_NO_NAMES },
+ { "enable-tftp", 2, 0, LOPT_TFTP },
+ { "tftp-secure", 0, 0, LOPT_SECURE },
++ { "tftp-no-fail", 0, 0, LOPT_TFTP_NO_FAIL },
+ { "tftp-unique-root", 0, 0, LOPT_APREF },
+ { "tftp-root", 1, 0, LOPT_PREFIX },
+ { "tftp-max", 1, 0, LOPT_TFTP_MAX },
+@@ -419,6 +421,7 @@ static struct {
+ { LOPT_PREFIX, ARG_DUP, "<dir>[,<iface>]", gettext_noop("Export files by TFTP only from the specified subtree."), NULL },
+ { LOPT_APREF, OPT_TFTP_APREF, NULL, gettext_noop("Add client IP address to tftp-root."), NULL },
+ { LOPT_SECURE, OPT_TFTP_SECURE, NULL, gettext_noop("Allow access only to files owned by the user running dnsmasq."), NULL },
++ { LOPT_TFTP_NO_FAIL, OPT_TFTP_NO_FAIL, NULL, gettext_noop("Do not terminate the service if TFTP directories are inaccessible."), NULL },
+ { LOPT_TFTP_MAX, ARG_ONE, "<integer>", gettext_noop("Maximum number of conncurrent TFTP transfers (defaults to %s)."), "#" },
+ { LOPT_NOBLOCK, OPT_TFTP_NOBLOCK, NULL, gettext_noop("Disable the TFTP blocksize extension."), NULL },
+ { LOPT_TFTP_LC, OPT_TFTP_LC, NULL, gettext_noop("Convert TFTP filenames to lowercase"), NULL },
+--
+2.1.0
+
--- /dev/null
+From 7aa970e2c7043201663d86a4b5d8cd5c592cef39 Mon Sep 17 00:00:00 2001
+From: Stefan Tomanek <stefan.tomanek+dnsmasq@wertarbyte.de>
+Date: Wed, 1 Apr 2015 17:55:07 +0100
+Subject: [PATCH 69/98] Whitespace fixes.
+
+---
+ src/dnsmasq.c | 14 +++++++-------
+ src/tftp.c | 2 +-
+ 2 files changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/src/dnsmasq.c b/src/dnsmasq.c
+index 0d4d4558a2e2..a7c5da8fbd01 100644
+--- a/src/dnsmasq.c
++++ b/src/dnsmasq.c
+@@ -345,7 +345,7 @@ int main (int argc, char **argv)
+ #else
+ die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL, EC_BADCONF);
+ #endif
+-
++
+ if (daemon->port != 0)
+ pre_allocate_sfds();
+
+@@ -657,7 +657,7 @@ int main (int argc, char **argv)
+ }
+ closedir(dir);
+ }
+-
++
+ for (p = daemon->if_prefix; p; p = p->next)
+ {
+ p->missing = 0;
+@@ -669,12 +669,12 @@ int main (int argc, char **argv)
+ send_event(err_pipe[1], EVENT_TFTP_ERR, errno, p->prefix);
+ _exit(0);
+ }
+- }
++ }
+ closedir(dir);
+ }
+ }
+ #endif
+-
++
+ if (daemon->port == 0)
+ my_syslog(LOG_INFO, _("started, version %s DNS disabled"), VERSION);
+ else if (daemon->cachesize != 0)
+@@ -784,7 +784,7 @@ int main (int argc, char **argv)
+
+ #ifdef HAVE_TFTP
+ if (option_bool(OPT_TFTP))
+- {
++ {
+ struct tftp_prefix *p;
+ #ifdef FD_SETSIZE
+ if (FD_SETSIZE < (unsigned)max_fd)
+@@ -795,10 +795,10 @@ int main (int argc, char **argv)
+ daemon->tftp_prefix ? _("root is ") : _("enabled"),
+ daemon->tftp_prefix ? daemon->tftp_prefix: "",
+ option_bool(OPT_TFTP_SECURE) ? _("secure mode") : "");
+-
++
+ if (tftp_prefix_missing)
+ my_syslog(MS_TFTP | LOG_WARNING, _("warning: %s inaccessible"), daemon->tftp_prefix);
+-
++
+ for (p = daemon->if_prefix; p; p = p->next)
+ if (p->missing)
+ my_syslog(MS_TFTP | LOG_WARNING, _("warning: TFTP directory %s inaccessible"), p->prefix);
+diff --git a/src/tftp.c b/src/tftp.c
+index a57a31514f44..d3fb6d7492e4 100644
+--- a/src/tftp.c
++++ b/src/tftp.c
+@@ -236,7 +236,7 @@ void tftp_request(struct listener *listen, time_t now)
+ if (ioctl(listen->tftpfd, SIOCGIFMTU, &ifr) != -1)
+ mtu = ifr.ifr_mtu;
+ }
+-
++
+ if (name)
+ {
+ /* check for per-interface prefix */
+--
+2.1.0
+
--- /dev/null
+From fe3992f9fa69fa975ea31919c53933b5f6a63527 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 3 Apr 2015 21:25:05 +0100
+Subject: [PATCH 70/98] Return INSECURE, rather than BOGUS when DS proved not
+ to exist.
+
+Return INSECURE when validating DNS replies which have RRSIGs, but
+when a needed DS record in the trust chain is proved not to exist.
+It's allowed for a zone to set up DNSKEY and RRSIG records first, then
+add a DS later, completing the chain of trust.
+
+Also, since we don't have the infrastructure to track that these
+non-validated replies have RRSIGS, don't cache them, so we don't
+provide answers with missing RRSIGS from the cache.
+---
+ src/dnsmasq.h | 1 +
+ src/dnssec.c | 2 +-
+ src/forward.c | 87 +++++++++++++++++++++++++++++++++++++++++++++--------------
+ 3 files changed, 69 insertions(+), 21 deletions(-)
+
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index 42952fc76c7a..6fe4a4189188 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -583,6 +583,7 @@ struct hostsfile {
+ #define STAT_NO_NS 10
+ #define STAT_NEED_DS_NEG 11
+ #define STAT_CHASE_CNAME 12
++#define STAT_INSECURE_DS 13
+
+ #define FREC_NOREBIND 1
+ #define FREC_CHECKING_DISABLED 2
+diff --git a/src/dnssec.c b/src/dnssec.c
+index 14bae7e9bf75..05e0983cb251 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -981,7 +981,7 @@ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t plen, ch
+
+ /* If we've cached that DS provably doesn't exist, result must be INSECURE */
+ if (crecp->flags & F_NEG)
+- return STAT_INSECURE;
++ return STAT_INSECURE_DS;
+
+ /* NOTE, we need to find ONE DNSKEY which matches the DS */
+ for (valid = 0, j = ntohs(header->ancount); j != 0 && !valid; j--)
+diff --git a/src/forward.c b/src/forward.c
+index 985814c3aec5..e8cf615aa939 100644
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -521,7 +521,8 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
+ }
+
+ static size_t process_reply(struct dns_header *header, time_t now, struct server *server, size_t n, int check_rebind,
+- int no_cache, int cache_secure, int ad_reqd, int do_bit, int added_pheader, int check_subnet, union mysockaddr *query_source)
++ int no_cache, int cache_secure, int bogusanswer, int ad_reqd, int do_bit, int added_pheader,
++ int check_subnet, union mysockaddr *query_source)
+ {
+ unsigned char *pheader, *sizep;
+ char **sets = 0;
+@@ -634,7 +635,7 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
+ }
+
+ #ifdef HAVE_DNSSEC
+- if (no_cache && !(header->hb4 & HB4_CD))
++ if (bogusanswer && !(header->hb4 & HB4_CD))
+ {
+ if (!option_bool(OPT_DNSSEC_DEBUG))
+ {
+@@ -786,7 +787,7 @@ void reply_query(int fd, int family, time_t now)
+ everything is broken */
+ if (forward->forwardall == 0 || --forward->forwardall == 1 || RCODE(header) != SERVFAIL)
+ {
+- int check_rebind = 0, no_cache_dnssec = 0, cache_secure = 0;
++ int check_rebind = 0, no_cache_dnssec = 0, cache_secure = 0, bogusanswer = 0;
+
+ if (option_bool(OPT_NO_REBIND))
+ check_rebind = !(forward->flags & FREC_NOREBIND);
+@@ -819,7 +820,13 @@ void reply_query(int fd, int family, time_t now)
+ else if (forward->flags & FREC_DS_QUERY)
+ {
+ status = dnssec_validate_ds(now, header, n, daemon->namebuff, daemon->keyname, forward->class);
+- if (status == STAT_NO_DS || status == STAT_NO_NS)
++ /* Provably no DS, everything below is insecure, even if signatures are offered */
++ if (status == STAT_NO_DS)
++ /* We only cache sigs when we've validated a reply.
++ Avoid caching a reply with sigs if there's a vaildated break in the
++ DS chain, so we don't return replies from cache missing sigs. */
++ status = STAT_INSECURE_DS;
++ else if (status == STAT_NO_NS)
+ status = STAT_BOGUS;
+ }
+ else if (forward->flags & FREC_CHECK_NOSIGN)
+@@ -959,8 +966,14 @@ void reply_query(int fd, int family, time_t now)
+ else if (forward->flags & FREC_DS_QUERY)
+ {
+ status = dnssec_validate_ds(now, header, n, daemon->namebuff, daemon->keyname, forward->class);
+- if (status == STAT_NO_DS || status == STAT_NO_NS)
+- status = STAT_BOGUS;
++ /* Provably no DS, everything below is insecure, even if signatures are offered */
++ if (status == STAT_NO_DS)
++ /* We only cache sigs when we've validated a reply.
++ Avoid caching a reply with sigs if there's a vaildated break in the
++ DS chain, so we don't return replies from cache missing sigs. */
++ status = STAT_INSECURE_DS;
++ else if (status == STAT_NO_NS)
++ status = STAT_BOGUS;
+ }
+ else if (forward->flags & FREC_CHECK_NOSIGN)
+ {
+@@ -985,6 +998,17 @@ void reply_query(int fd, int family, time_t now)
+ }
+ }
+
++ no_cache_dnssec = 0;
++
++ if (status == STAT_INSECURE_DS)
++ {
++ /* We only cache sigs when we've validated a reply.
++ Avoid caching a reply with sigs if there's a vaildated break in the
++ DS chain, so we don't return replies from cache missing sigs. */
++ status = STAT_INSECURE;
++ no_cache_dnssec = 1;
++ }
++
+ if (status == STAT_TRUNCATED)
+ header->hb3 |= HB3_TC;
+ else
+@@ -1002,12 +1026,13 @@ void reply_query(int fd, int family, time_t now)
+ log_query(F_KEYTAG | F_SECSTAT, "result", NULL, result);
+ }
+
+- no_cache_dnssec = 0;
+-
+ if (status == STAT_SECURE)
+ cache_secure = 1;
+ else if (status == STAT_BOGUS)
+- no_cache_dnssec = 1;
++ {
++ no_cache_dnssec = 1;
++ bogusanswer = 1;
++ }
+ }
+ #endif
+
+@@ -1017,7 +1042,7 @@ void reply_query(int fd, int family, time_t now)
+ else
+ header->hb4 &= ~HB4_CD;
+
+- if ((nn = process_reply(header, now, server, (size_t)n, check_rebind, no_cache_dnssec, cache_secure,
++ if ((nn = process_reply(header, now, server, (size_t)n, check_rebind, no_cache_dnssec, cache_secure, bogusanswer,
+ forward->flags & FREC_AD_QUESTION, forward->flags & FREC_DO_QUESTION,
+ forward->flags & FREC_ADDED_PHEADER, forward->flags & FREC_HAS_SUBNET, &forward->source)))
+ {
+@@ -1420,7 +1445,7 @@ static int do_check_sign(struct frec *forward, int status, time_t now, char *nam
+ }
+ }
+
+-/* Move toward the root, until we find a signed non-existance of a DS, in which case
++/* Move down from the root, until we find a signed non-existance of a DS, in which case
+ an unsigned answer is OK, or we find a signed DS, in which case there should be
+ a signature, and the answer is BOGUS */
+ static int tcp_check_for_unsigned_zone(time_t now, struct dns_header *header, size_t plen, int class, char *name,
+@@ -1570,8 +1595,13 @@ static int tcp_key_recurse(time_t now, int status, struct dns_header *header, si
+ else if (status == STAT_NEED_DS || status == STAT_NEED_DS_NEG)
+ {
+ new_status = dnssec_validate_ds(now, header, n, name, keyname, class);
+- if (status == STAT_NEED_DS && (new_status == STAT_NO_DS || new_status == STAT_NO_NS))
+- new_status = STAT_BOGUS;
++ if (status == STAT_NEED_DS)
++ {
++ if (new_status == STAT_NO_DS)
++ new_status = STAT_INSECURE_DS;
++ else if (new_status == STAT_NO_NS)
++ new_status = STAT_BOGUS;
++ }
+ }
+ else if (status == STAT_CHASE_CNAME)
+ new_status = dnssec_chase_cname(now, header, n, name, keyname);
+@@ -1630,8 +1660,13 @@ static int tcp_key_recurse(time_t now, int status, struct dns_header *header, si
+ else if (status == STAT_NEED_DS || status == STAT_NEED_DS_NEG)
+ {
+ new_status = dnssec_validate_ds(now, header, n, name, keyname, class);
+- if (status == STAT_NEED_DS && (new_status == STAT_NO_DS || new_status == STAT_NO_NS))
+- new_status = STAT_BOGUS; /* Validated no DS */
++ if (status == STAT_NEED_DS)
++ {
++ if (new_status == STAT_NO_DS)
++ new_status = STAT_INSECURE_DS;
++ else if (new_status == STAT_NO_NS)
++ new_status = STAT_BOGUS; /* Validated no DS */
++ }
+ }
+ else if (status == STAT_CHASE_CNAME)
+ new_status = dnssec_chase_cname(now, header, n, name, keyname);
+@@ -1652,7 +1687,7 @@ static int tcp_key_recurse(time_t now, int status, struct dns_header *header, si
+ goto another_tcp_key;
+ }
+ }
+-
++
+ free(packet);
+ }
+ return new_status;
+@@ -1673,7 +1708,7 @@ unsigned char *tcp_request(int confd, time_t now,
+ int local_auth = 0;
+ #endif
+ int checking_disabled, ad_question, do_bit, added_pheader = 0;
+- int check_subnet, no_cache_dnssec = 0, cache_secure = 0;
++ int check_subnet, no_cache_dnssec = 0, cache_secure = 0, bogusanswer = 0;
+ size_t m;
+ unsigned short qtype;
+ unsigned int gotname;
+@@ -1941,6 +1976,15 @@ unsigned char *tcp_request(int confd, time_t now,
+ int status = tcp_key_recurse(now, STAT_TRUNCATED, header, m, 0, daemon->namebuff, daemon->keyname, last_server, &keycount);
+ char *result;
+
++ if (status == STAT_INSECURE_DS)
++ {
++ /* We only cache sigs when we've validated a reply.
++ Avoid caching a reply with sigs if there's a vaildated break in the
++ DS chain, so we don't return replies from cache missing sigs. */
++ status = STAT_INSECURE;
++ no_cache_dnssec = 1;
++ }
++
+ if (keycount == 0)
+ {
+ result = "ABANDONED";
+@@ -1952,8 +1996,11 @@ unsigned char *tcp_request(int confd, time_t now,
+ log_query(F_KEYTAG | F_SECSTAT, "result", NULL, result);
+
+ if (status == STAT_BOGUS)
+- no_cache_dnssec = 1;
+-
++ {
++ no_cache_dnssec = 1;
++ bogusanswer = 1;
++ }
++
+ if (status == STAT_SECURE)
+ cache_secure = 1;
+ }
+@@ -1987,7 +2034,7 @@ unsigned char *tcp_request(int confd, time_t now,
+ #endif
+
+ m = process_reply(header, now, last_server, (unsigned int)m,
+- option_bool(OPT_NO_REBIND) && !norebind, no_cache_dnssec,
++ option_bool(OPT_NO_REBIND) && !norebind, no_cache_dnssec, bogusanswer,
+ cache_secure, ad_question, do_bit, added_pheader, check_subnet, &peer_addr);
+
+ break;
+--
+2.1.0
+
--- /dev/null
+From 982faf402487e265ed11ac03524531d42b03c966 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 3 Apr 2015 21:42:30 +0100
+Subject: [PATCH 71/98] Fix compiler warning when not including DNSSEC.
+
+---
+ src/forward.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/forward.c b/src/forward.c
+index e8cf615aa939..3f6b9a23b6ab 100644
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -530,7 +530,8 @@ static size_t process_reply(struct dns_header *header, time_t now, struct server
+ size_t plen;
+
+ (void)ad_reqd;
+- (void) do_bit;
++ (void)do_bit;
++ (void)bogusanswer;
+
+ #ifdef HAVE_IPSET
+ if (daemon->ipsets && extract_request(header, n, daemon->namebuff, NULL))
+--
+2.1.0
+
--- /dev/null
+From 04b0ac05377936d121a36873bb63d492cde292c9 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Mon, 6 Apr 2015 17:19:13 +0100
+Subject: [PATCH 72/98] Fix crash caused by looking up servers.bind when many
+ servers defined.
+
+---
+ CHANGELOG | 7 ++++++-
+ src/cache.c | 4 ++--
+ 2 files changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 34432ae4807f..6aa3d851a297 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -75,7 +75,12 @@ version 2.73
+
+ Add --tftp-no-fail option. Thanks to Stefan Tomanek for
+ the patch.
+-
++
++ Fix crash caused by looking up servers.bind, CHAOS text record,
++ when more than about five --servers= lines are in the dnsmasq
++ config. This causes memory corruption which causes a crash later.
++ Thanks to Matt Coddington for sterling work chasing this down.
++
+
+ version 2.72
+ Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
+diff --git a/src/cache.c b/src/cache.c
+index d7bea574c0d8..178d654ca92e 100644
+--- a/src/cache.c
++++ b/src/cache.c
+@@ -1367,7 +1367,7 @@ int cache_make_stat(struct txt_record *t)
+ }
+ port = prettyprint_addr(&serv->addr, daemon->addrbuff);
+ lenp = p++; /* length */
+- bytes_avail = (p - buff) + bufflen;
++ bytes_avail = bufflen - (p - buff );
+ bytes_needed = snprintf(p, bytes_avail, "%s#%d %u %u", daemon->addrbuff, port, queries, failed_queries);
+ if (bytes_needed >= bytes_avail)
+ {
+@@ -1381,7 +1381,7 @@ int cache_make_stat(struct txt_record *t)
+ lenp = p - 1;
+ buff = new;
+ bufflen = newlen;
+- bytes_avail = (p - buff) + bufflen;
++ bytes_avail = bufflen - (p - buff );
+ bytes_needed = snprintf(p, bytes_avail, "%s#%d %u %u", daemon->addrbuff, port, queries, failed_queries);
+ }
+ *lenp = bytes_needed;
+--
+2.1.0
+
--- /dev/null
+From ad4a8ff7d9097008d7623df8543df435bfddeac8 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 9 Apr 2015 21:48:00 +0100
+Subject: [PATCH 73/98] Fix crash on receipt of certain malformed DNS requests.
+
+---
+ CHANGELOG | 3 +++
+ src/rfc1035.c | 9 ++++++---
+ 2 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 6aa3d851a297..9af617056f1f 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -125,6 +125,9 @@ version 2.72
+ Fix problem with --local-service option on big-endian platforms
+ Thanks to Richard Genoud for the patch.
+
++ Fix crash on receipt of certain malformed DNS requests. Thanks
++ to Nick Sampanis for spotting the problem.
++
+
+ version 2.71
+ Subtle change to error handling to help DNSSEC validation
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 7a07b0cee906..a995ab50d74a 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -1198,7 +1198,10 @@ unsigned int extract_request(struct dns_header *header, size_t qlen, char *name,
+ size_t setup_reply(struct dns_header *header, size_t qlen,
+ struct all_addr *addrp, unsigned int flags, unsigned long ttl)
+ {
+- unsigned char *p = skip_questions(header, qlen);
++ unsigned char *p;
++
++ if (!(p = skip_questions(header, qlen)))
++ return 0;
+
+ /* clear authoritative and truncated flags, set QR flag */
+ header->hb3 = (header->hb3 & ~(HB3_AA | HB3_TC)) | HB3_QR;
+@@ -1214,7 +1217,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
+ SET_RCODE(header, NOERROR); /* empty domain */
+ else if (flags == F_NXDOMAIN)
+ SET_RCODE(header, NXDOMAIN);
+- else if (p && flags == F_IPV4)
++ else if (flags == F_IPV4)
+ { /* we know the address */
+ SET_RCODE(header, NOERROR);
+ header->ancount = htons(1);
+@@ -1222,7 +1225,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
+ add_resource_record(header, NULL, NULL, sizeof(struct dns_header), &p, ttl, NULL, T_A, C_IN, "4", addrp);
+ }
+ #ifdef HAVE_IPV6
+- else if (p && flags == F_IPV6)
++ else if (flags == F_IPV6)
+ {
+ SET_RCODE(header, NOERROR);
+ header->ancount = htons(1);
+--
+2.1.0
+
--- /dev/null
+From 38440b204db65f9be16c4c3daa7e991e4356f6ed Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sun, 12 Apr 2015 21:52:47 +0100
+Subject: [PATCH 74/98] Fix crash in auth code with odd configuration.
+
+---
+ CHANGELOG | 32 +++++++++++++++++++++-----------
+ src/auth.c | 13 ++++++++-----
+ 2 files changed, 29 insertions(+), 16 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 9af617056f1f..f2142c71cbdc 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -68,18 +68,31 @@ version 2.73
+ Fix broken DNSSEC validation of ECDSA signatures.
+
+ Add --dnssec-timestamp option, which provides an automatic
+- way to detect when the system time becomes valid after boot
+- on systems without an RTC, whilst allowing DNS queries before the
+- clock is valid so that NTP can run. Thanks to
+- Kevin Darbyshire-Bryant for developing this idea.
++ way to detect when the system time becomes valid after
++ boot on systems without an RTC, whilst allowing DNS
++ queries before the clock is valid so that NTP can run.
++ Thanks to Kevin Darbyshire-Bryant for developing this idea.
+
+ Add --tftp-no-fail option. Thanks to Stefan Tomanek for
+ the patch.
+
+- Fix crash caused by looking up servers.bind, CHAOS text record,
+- when more than about five --servers= lines are in the dnsmasq
+- config. This causes memory corruption which causes a crash later.
+- Thanks to Matt Coddington for sterling work chasing this down.
++ Fix crash caused by looking up servers.bind, CHAOS text
++ record, when more than about five --servers= lines are
++ in the dnsmasq config. This causes memory corruption
++ which causes a crash later. Thanks to Matt Coddington for
++ sterling work chasing this down.
++
++ Fix crash on receipt of certain malformed DNS requests.
++ Thanks to Nick Sampanis for spotting the problem.
++
++ Fix crash in authoritative DNS code, if a .arpa zone
++ is declared as authoritative, and then a PTR query which
++ is not to be treated as authoritative arrived. Normally,
++ directly declaring .arpa zone as authoritative is not
++ done, so this crash wouldn't be seen. Instead the
++ relevant .arpa zone should be specified as a subnet
++ in the auth-zone declaration. Thanks to Johnny S. Lee
++ for the bugreport and initial patch.
+
+
+ version 2.72
+@@ -125,10 +138,7 @@ version 2.72
+ Fix problem with --local-service option on big-endian platforms
+ Thanks to Richard Genoud for the patch.
+
+- Fix crash on receipt of certain malformed DNS requests. Thanks
+- to Nick Sampanis for spotting the problem.
+
+-
+ version 2.71
+ Subtle change to error handling to help DNSSEC validation
+ when servers fail to provide NODATA answers for
+diff --git a/src/auth.c b/src/auth.c
+index 15721e52793f..4a5c39fc5c07 100644
+--- a/src/auth.c
++++ b/src/auth.c
+@@ -141,7 +141,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
+ for (zone = daemon->auth_zones; zone; zone = zone->next)
+ if ((subnet = find_subnet(zone, flag, &addr)))
+ break;
+-
++
+ if (!zone)
+ {
+ auth = 0;
+@@ -186,7 +186,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
+
+ if (intr)
+ {
+- if (in_zone(zone, intr->name, NULL))
++ if (local_query || in_zone(zone, intr->name, NULL))
+ {
+ found = 1;
+ log_query(flag | F_REVERSE | F_CONFIG, intr->name, &addr, NULL);
+@@ -208,8 +208,11 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
+ *p = 0; /* must be bare name */
+
+ /* add external domain */
+- strcat(name, ".");
+- strcat(name, zone->domain);
++ if (zone)
++ {
++ strcat(name, ".");
++ strcat(name, zone->domain);
++ }
+ log_query(flag | F_DHCP | F_REVERSE, name, &addr, record_source(crecp->uid));
+ found = 1;
+ if (add_resource_record(header, limit, &trunc, nameoffset, &ansp,
+@@ -217,7 +220,7 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
+ T_PTR, C_IN, "d", name))
+ anscount++;
+ }
+- else if (crecp->flags & (F_DHCP | F_HOSTS) && in_zone(zone, name, NULL))
++ else if (crecp->flags & (F_DHCP | F_HOSTS) && (local_query || in_zone(zone, name, NULL)))
+ {
+ log_query(crecp->flags & ~F_FORWARD, name, &addr, record_source(crecp->uid));
+ found = 1;
+--
+2.1.0
+
--- /dev/null
+From 78c6184752dce27849e36cce4360abc27b8d76d2 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 16 Apr 2015 15:05:30 +0100
+Subject: [PATCH 75/98] Auth: correct replies to NS and SOA in .arpa zones.
+
+---
+ CHANGELOG | 8 ++++++++
+ src/auth.c | 51 ++++++++++++++++++++++++++++++---------------------
+ 2 files changed, 38 insertions(+), 21 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index f2142c71cbdc..0619788e9cef 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -94,6 +94,14 @@ version 2.73
+ in the auth-zone declaration. Thanks to Johnny S. Lee
+ for the bugreport and initial patch.
+
++ Fix authoritative DNS code to correctly reply to NS
++ and SOA queries for .arpa zones for which we are
++ declared authoritative by means of a subnet in auth-zone.
++ Previously we provided correct answers to PTR queries
++ in such zones (including NS and SOA) but not direct
++ NS and SOA queries. Thanks to Johnny S. Lee for
++ pointing out the problem.
++
+
+ version 2.72
+ Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
+diff --git a/src/auth.c b/src/auth.c
+index 4a5c39fc5c07..2b0b7d6b052d 100644
+--- a/src/auth.c
++++ b/src/auth.c
+@@ -131,24 +131,27 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
+ continue;
+ }
+
+- if (qtype == T_PTR)
++ if ((qtype == T_PTR || qtype == T_SOA || qtype == T_NS) &&
++ (flag = in_arpa_name_2_addr(name, &addr)) &&
++ !local_query)
+ {
+- if (!(flag = in_arpa_name_2_addr(name, &addr)))
+- continue;
+-
+- if (!local_query)
++ for (zone = daemon->auth_zones; zone; zone = zone->next)
++ if ((subnet = find_subnet(zone, flag, &addr)))
++ break;
++
++ if (!zone)
+ {
+- for (zone = daemon->auth_zones; zone; zone = zone->next)
+- if ((subnet = find_subnet(zone, flag, &addr)))
+- break;
+-
+- if (!zone)
+- {
+- auth = 0;
+- continue;
+- }
++ auth = 0;
++ continue;
+ }
++ else if (qtype == T_SOA)
++ soa = 1, found = 1;
++ else if (qtype == T_NS)
++ ns = 1, found = 1;
++ }
+
++ if (qtype == T_PTR && flag)
++ {
+ intr = NULL;
+
+ if (flag == F_IPV4)
+@@ -243,14 +246,20 @@ size_t answer_auth(struct dns_header *header, char *limit, size_t qlen, time_t n
+ }
+
+ cname_restart:
+- for (zone = daemon->auth_zones; zone; zone = zone->next)
+- if (in_zone(zone, name, &cut))
+- break;
+-
+- if (!zone)
++ if (found)
++ /* NS and SOA .arpa requests have set found above. */
++ cut = NULL;
++ else
+ {
+- auth = 0;
+- continue;
++ for (zone = daemon->auth_zones; zone; zone = zone->next)
++ if (in_zone(zone, name, &cut))
++ break;
++
++ if (!zone)
++ {
++ auth = 0;
++ continue;
++ }
+ }
+
+ for (rec = daemon->mxnames; rec; rec = rec->next)
+--
+2.1.0
+
--- /dev/null
+From b4c0f092d8ce63ea4763c0ac17aa8d24318ad301 Mon Sep 17 00:00:00 2001
+From: Stefan Tomanek <stefan.tomanek+dnsmasq@wertarbyte.de>
+Date: Thu, 16 Apr 2015 15:20:59 +0100
+Subject: [PATCH 76/98] Fix (srk induced) crash in new tftp_no_fail code.
+
+---
+ src/dnsmasq.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/dnsmasq.c b/src/dnsmasq.c
+index a7c5da8fbd01..20b15c05103a 100644
+--- a/src/dnsmasq.c
++++ b/src/dnsmasq.c
+@@ -655,7 +655,8 @@ int main (int argc, char **argv)
+ _exit(0);
+ }
+ }
+- closedir(dir);
++ else
++ closedir(dir);
+ }
+
+ for (p = daemon->if_prefix; p; p = p->next)
+@@ -670,7 +671,8 @@ int main (int argc, char **argv)
+ _exit(0);
+ }
+ }
+- closedir(dir);
++ else
++ closedir(dir);
+ }
+ }
+ #endif
+--
+2.1.0
+
--- /dev/null
+From 0df29f5e23fd2f16181847db1fcf3a8b392d869a Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 16 Apr 2015 15:24:52 +0100
+Subject: [PATCH 77/98] Note CVE-2015-3294
+
+---
+ CHANGELOG | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 0619788e9cef..7f2b1e002e9e 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -84,6 +84,9 @@ version 2.73
+
+ Fix crash on receipt of certain malformed DNS requests.
+ Thanks to Nick Sampanis for spotting the problem.
++ Note that this is could allow the dnsmasq process's
++ memory to be read by an attacker under certain
++ circumstances, so it has a CVE, CVE-2015-3294
+
+ Fix crash in authoritative DNS code, if a .arpa zone
+ is declared as authoritative, and then a PTR query which
+--
+2.1.0
+
--- /dev/null
+From 554b580e970275d5a869cb4fbfb2716f92b2f664 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 17 Apr 2015 22:50:20 +0100
+Subject: [PATCH 78/98] Log domain when reporting DNSSEC validation failure.
+
+---
+ src/forward.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/src/forward.c b/src/forward.c
+index 3f6b9a23b6ab..1c7da3f5655c 100644
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -1014,7 +1014,7 @@ void reply_query(int fd, int family, time_t now)
+ header->hb3 |= HB3_TC;
+ else
+ {
+- char *result;
++ char *result, *domain = "result";
+
+ if (forward->work_counter == 0)
+ {
+@@ -1024,7 +1024,10 @@ void reply_query(int fd, int family, time_t now)
+ else
+ result = (status == STAT_SECURE ? "SECURE" : (status == STAT_INSECURE ? "INSECURE" : "BOGUS"));
+
+- log_query(F_KEYTAG | F_SECSTAT, "result", NULL, result);
++ if (status == STAT_BOGUS && extract_request(header, n, daemon->namebuff, NULL))
++ domain = daemon->namebuff;
++
++ log_query(F_KEYTAG | F_SECSTAT, domain, NULL, result);
+ }
+
+ if (status == STAT_SECURE)
+@@ -1975,7 +1978,7 @@ unsigned char *tcp_request(int confd, time_t now,
+ {
+ int keycount = DNSSEC_WORK; /* Limit to number of DNSSEC questions, to catch loops and avoid filling cache. */
+ int status = tcp_key_recurse(now, STAT_TRUNCATED, header, m, 0, daemon->namebuff, daemon->keyname, last_server, &keycount);
+- char *result;
++ char *result, *domain = "result";
+
+ if (status == STAT_INSECURE_DS)
+ {
+@@ -1993,8 +1996,10 @@ unsigned char *tcp_request(int confd, time_t now,
+ }
+ else
+ result = (status == STAT_SECURE ? "SECURE" : (status == STAT_INSECURE ? "INSECURE" : "BOGUS"));
+-
+- log_query(F_KEYTAG | F_SECSTAT, "result", NULL, result);
++ if (status == STAT_BOGUS && extract_request(header, m, daemon->namebuff, NULL))
++ domain = daemon->namebuff;
++
++ log_query(F_KEYTAG | F_SECSTAT, domain, NULL, result);
+
+ if (status == STAT_BOGUS)
+ {
+--
+2.1.0
+
--- /dev/null
+From a006eb7e1486023480ea40244720ef7aab51de71 Mon Sep 17 00:00:00 2001
+From: Moshe Levi <moshele@mellanox.com>
+Date: Sun, 19 Apr 2015 22:10:40 +0100
+Subject: [PATCH 79/98] Check IP address command line arg in dhcp_release.c
+
+---
+ contrib/wrt/dhcp_release.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/contrib/wrt/dhcp_release.c b/contrib/wrt/dhcp_release.c
+index 53f47dda3aec..a51f04b30cab 100644
+--- a/contrib/wrt/dhcp_release.c
++++ b/contrib/wrt/dhcp_release.c
+@@ -277,6 +277,11 @@ int main(int argc, char **argv)
+ exit(1);
+ }
+
++ if (inet_addr(argv[2]) == INADDR_NONE)
++ {
++ perror("invalid ip address");
++ exit(1);
++ }
+
+ lease.s_addr = inet_addr(argv[2]);
+ server = find_interface(lease, nl, if_nametoindex(argv[1]));
+--
+2.1.0
+
--- /dev/null
+From 338b340be9e7198f5c0f68133d070d6598a0814c Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Mon, 20 Apr 2015 21:34:05 +0100
+Subject: [PATCH 80/98] Revert 61b838dd574c51d96fef100285a0d225824534f9 and
+ just quieten log instead.
+
+---
+ src/rfc3315.c | 24 ++++++++++--------------
+ 1 file changed, 10 insertions(+), 14 deletions(-)
+
+diff --git a/src/rfc3315.c b/src/rfc3315.c
+index c1ddc805988d..c45116a40a09 100644
+--- a/src/rfc3315.c
++++ b/src/rfc3315.c
+@@ -824,25 +824,21 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ }
+ else
+ {
+- /* Windows 8 always requests an address even if the Managed bit
+- in RA is 0 and it keeps retrying if it receives a reply
+- stating that no addresses are available. We solve this
+- by not replying at all if we're not configured to give any
+- addresses by DHCPv6. RFC 3315 17.2.1. appears to allow this. */
+-
+- for (c = state->context; c; c = c->current)
+- if (!(c->flags & CONTEXT_RA_STATELESS))
+- break;
+-
+- if (!c)
+- return 0;
+-
+ /* no address, return error */
+ o1 = new_opt6(OPTION6_STATUS_CODE);
+ put_opt6_short(DHCP6NOADDRS);
+ put_opt6_string(_("no addresses available"));
+ end_opt6(o1);
+- log6_packet(state, state->lease_allocate ? "DHCPREPLY" : "DHCPADVERTISE", NULL, _("no addresses available"));
++
++ /* Some clients will ask repeatedly when we're not giving
++ out addresses because we're in stateless mode. Avoid spamming
++ the log in that case. */
++ for (c = state->context; c; c = c->current)
++ if (!(c->flags & CONTEXT_RA_STATELESS))
++ {
++ log6_packet(state, state->lease_allocate ? "DHCPREPLY" : "DHCPADVERTISE", NULL, _("no addresses available"));
++ break;
++ }
+ }
+
+ break;
+--
+2.1.0
+
--- /dev/null
+From cbe379ad6b52a538a4416a7cd992817e5637ccf9 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Tue, 21 Apr 2015 22:57:06 +0100
+Subject: [PATCH 81/98] Handle domain names with '.' or /000 within labels.
+
+Only in DNSSEC mode, where we might need to validate or store
+such names. In none-DNSSEC mode, simply don't cache these, as before.
+---
+ src/dns-protocol.h | 4 ++++
+ src/dnsmasq.c | 15 +++++++++++++--
+ src/dnssec.c | 40 +++++++++++++++++++++++++++++++---------
+ src/rfc1035.c | 16 +++++++++++++++-
+ src/util.c | 9 ++++++++-
+ 5 files changed, 71 insertions(+), 13 deletions(-)
+
+diff --git a/src/dns-protocol.h b/src/dns-protocol.h
+index 16fade33d98c..7f5d686bb150 100644
+--- a/src/dns-protocol.h
++++ b/src/dns-protocol.h
+@@ -142,3 +142,7 @@ struct dns_header {
+
+ #define ADD_RDLEN(header, pp, plen, len) \
+ (!CHECK_LEN(header, pp, plen, len) ? 0 : (((pp) += (len)), 1))
++
++/* Escape character in our presentation format for names.
++ Cannot be '.' or /000 and must be !isprint() */
++#define NAME_ESCAPE 1
+diff --git a/src/dnsmasq.c b/src/dnsmasq.c
+index 20b15c05103a..19a6428b09e8 100644
+--- a/src/dnsmasq.c
++++ b/src/dnsmasq.c
+@@ -102,8 +102,19 @@ int main (int argc, char **argv)
+ #ifdef HAVE_DNSSEC
+ if (option_bool(OPT_DNSSEC_VALID))
+ {
+- daemon->keyname = safe_malloc(MAXDNAME);
+- daemon->workspacename = safe_malloc(MAXDNAME);
++ /* Note that both /000 and '.' are allowed within labels. These get
++ represented in presentation format using NAME_ESCAPE as an escape
++ character when in DNSSEC mode.
++ In theory, if all the characters in a name were /000 or
++ '.' or NAME_ESCAPE then all would have to be escaped, so the
++ presentation format would be twice as long as the spec.
++
++ daemon->namebuff was previously allocated by the option-reading
++ code before we knew if we're in DNSSEC mode, so reallocate here. */
++ free(daemon->namebuff);
++ daemon->namebuff = safe_malloc(MAXDNAME * 2);
++ daemon->keyname = safe_malloc(MAXDNAME * 2);
++ daemon->workspacename = safe_malloc(MAXDNAME * 2);
+ }
+ #endif
+
+diff --git a/src/dnssec.c b/src/dnssec.c
+index 05e0983cb251..c116a7b5f6f4 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -321,10 +321,18 @@ static int verify(struct blockdata *key_data, unsigned int key_len, unsigned cha
+ thus generating names in canonical form.
+ Calling to_wire followed by from_wire is almost an identity,
+ except that the UC remains mapped to LC.
++
++ Note that both /000 and '.' are allowed within labels. These get
++ represented in presentation format using NAME_ESCAPE as an escape
++ character. In theory, if all the characters in a name were /000 or
++ '.' or NAME_ESCAPE then all would have to be escaped, so the
++ presentation format would be twice as long as the spec (1024).
++ The buffers are all delcared as 2049 (allowing for the trailing zero)
++ for this reason.
+ */
+ static int to_wire(char *name)
+ {
+- unsigned char *l, *p, term;
++ unsigned char *l, *p, *q, term;
+ int len;
+
+ for (l = (unsigned char*)name; *l != 0; l = p)
+@@ -332,7 +340,10 @@ static int to_wire(char *name)
+ for (p = l; *p != '.' && *p != 0; p++)
+ if (*p >= 'A' && *p <= 'Z')
+ *p = *p - 'A' + 'a';
+-
++ else if (*p == NAME_ESCAPE)
++ for (q = p; *q; q++)
++ *q = *(q+1);
++
+ term = *p;
+
+ if ((len = p - l) != 0)
+@@ -351,13 +362,23 @@ static int to_wire(char *name)
+ /* Note: no compression allowed in input. */
+ static void from_wire(char *name)
+ {
+- unsigned char *l;
++ unsigned char *l, *p, *last;
+ int len;
+-
++
++ for (last = (unsigned char *)name; *last != 0; last += *last+1);
++
+ for (l = (unsigned char *)name; *l != 0; l += len+1)
+ {
+ len = *l;
+ memmove(l, l+1, len);
++ for (p = l; p < l + len; p++)
++ if (*p == '.' || *p == 0 || *p == NAME_ESCAPE)
++ {
++ memmove(p+1, p, 1 + last - p);
++ len++;
++ *p++ = NAME_ESCAPE;
++ }
++
+ l[len] = '.';
+ }
+
+@@ -645,7 +666,7 @@ static void sort_rrset(struct dns_header *header, size_t plen, u16 *rr_desc, int
+ if (left1 != 0)
+ memmove(buff1, buff1 + len1 - left1, left1);
+
+- if ((len1 = get_rdata(header, plen, end1, buff1 + left1, MAXDNAME - left1, &p1, &dp1)) == 0)
++ if ((len1 = get_rdata(header, plen, end1, buff1 + left1, (MAXDNAME * 2) - left1, &p1, &dp1)) == 0)
+ {
+ quit = 1;
+ len1 = end1 - p1;
+@@ -656,7 +677,7 @@ static void sort_rrset(struct dns_header *header, size_t plen, u16 *rr_desc, int
+ if (left2 != 0)
+ memmove(buff2, buff2 + len2 - left2, left2);
+
+- if ((len2 = get_rdata(header, plen, end2, buff2 + left2, MAXDNAME - left2, &p2, &dp2)) == 0)
++ if ((len2 = get_rdata(header, plen, end2, buff2 + left2, (MAXDNAME *2) - left2, &p2, &dp2)) == 0)
+ {
+ quit = 1;
+ len2 = end2 - p2;
+@@ -902,10 +923,11 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
+
+ end = p + rdlen;
+
+- /* canonicalise rdata and calculate length of same, use name buffer as workspace */
++ /* canonicalise rdata and calculate length of same, use name buffer as workspace.
++ Note that name buffer is twice MAXDNAME long in DNSSEC mode. */
+ cp = p;
+ dp = rr_desc;
+- for (len = 0; (seg = get_rdata(header, plen, end, name, MAXDNAME, &cp, &dp)) != 0; len += seg);
++ for (len = 0; (seg = get_rdata(header, plen, end, name, MAXDNAME * 2, &cp, &dp)) != 0; len += seg);
+ len += end - cp;
+ len = htons(len);
+ hash->update(ctx, 2, (unsigned char *)&len);
+@@ -913,7 +935,7 @@ static int validate_rrset(time_t now, struct dns_header *header, size_t plen, in
+ /* Now canonicalise again and digest. */
+ cp = p;
+ dp = rr_desc;
+- while ((seg = get_rdata(header, plen, end, name, MAXDNAME, &cp, &dp)))
++ while ((seg = get_rdata(header, plen, end, name, MAXDNAME * 2, &cp, &dp)))
+ hash->update(ctx, seg, (unsigned char *)name);
+ if (cp != end)
+ hash->update(ctx, end - cp, cp);
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index a995ab50d74a..19fecc818c06 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -128,6 +128,15 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ if (isExtract)
+ {
+ unsigned char c = *p;
++#ifdef HAVE_DNSSEC
++ if (option_bool(OPT_DNSSEC_VALID))
++ {
++ if (c == 0 || c == '.' || c == NAME_ESCAPE)
++ *cp++ = NAME_ESCAPE;
++ *cp++ = c;
++ }
++ else
++#endif
+ if (c != 0 && c != '.')
+ *cp++ = c;
+ else
+@@ -144,9 +153,14 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ cp++;
+ if (c1 >= 'A' && c1 <= 'Z')
+ c1 += 'a' - 'A';
++#ifdef HAVE_DNSSEC
++ if (option_bool(OPT_DNSSEC_VALID) && c1 == NAME_ESCAPE)
++ c1 = *cp++;
++#endif
++
+ if (c2 >= 'A' && c2 <= 'Z')
+ c2 += 'a' - 'A';
+-
++
+ if (c1 != c2)
+ retvalue = 2;
+ }
+diff --git a/src/util.c b/src/util.c
+index 648bc4d4b428..0c1a48b4700a 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -226,7 +226,14 @@ unsigned char *do_rfc1035_name(unsigned char *p, char *sval)
+ {
+ unsigned char *cp = p++;
+ for (j = 0; *sval && (*sval != '.'); sval++, j++)
+- *p++ = *sval;
++ {
++#ifdef HAVE_DNSSEC
++ if (option_bool(OPT_DNSSEC_VALID) && *sval == NAME_ESCAPE)
++ *p++ = *(++sval);
++ else
++#endif
++ *p++ = *sval;
++ }
+ *cp = j;
+ if (*sval)
+ sval++;
+--
+2.1.0
+
--- /dev/null
+From b8f16556d36924cd8dc7663cb4129d7b1f3fc2be Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Wed, 22 Apr 2015 21:14:31 +0100
+Subject: [PATCH 82/98] Tweaks to previous, DNS label charset commit.
+
+---
+ src/dns-protocol.h | 6 +++++-
+ src/dnssec.c | 9 ++++++---
+ src/rfc1035.c | 25 ++++++++++++++++++-------
+ src/util.c | 2 +-
+ 4 files changed, 30 insertions(+), 12 deletions(-)
+
+diff --git a/src/dns-protocol.h b/src/dns-protocol.h
+index 7f5d686bb150..4b71746f8d26 100644
+--- a/src/dns-protocol.h
++++ b/src/dns-protocol.h
+@@ -144,5 +144,9 @@ struct dns_header {
+ (!CHECK_LEN(header, pp, plen, len) ? 0 : (((pp) += (len)), 1))
+
+ /* Escape character in our presentation format for names.
+- Cannot be '.' or /000 and must be !isprint() */
++ Cannot be '.' or /000 and must be !isprint().
++ Note that escaped chars are stored as
++ <NAME_ESCAPE> <orig-char+1>
++ to ensure that the escaped form of /000 doesn't include /000
++*/
+ #define NAME_ESCAPE 1
+diff --git a/src/dnssec.c b/src/dnssec.c
+index c116a7b5f6f4..a9e12153ccf2 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -341,9 +341,11 @@ static int to_wire(char *name)
+ if (*p >= 'A' && *p <= 'Z')
+ *p = *p - 'A' + 'a';
+ else if (*p == NAME_ESCAPE)
+- for (q = p; *q; q++)
++ {
++ for (q = p; *q; q++)
+ *q = *(q+1);
+-
++ (*p)--;
++ }
+ term = *p;
+
+ if ((len = p - l) != 0)
+@@ -376,7 +378,8 @@ static void from_wire(char *name)
+ {
+ memmove(p+1, p, 1 + last - p);
+ len++;
+- *p++ = NAME_ESCAPE;
++ *p++ = NAME_ESCAPE;
++ (*p)++;
+ }
+
+ l[len] = '.';
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 19fecc818c06..32df31ad603c 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -20,7 +20,7 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ char *name, int isExtract, int extrabytes)
+ {
+ unsigned char *cp = (unsigned char *)name, *p = *pp, *p1 = NULL;
+- unsigned int j, l, hops = 0;
++ unsigned int j, l, namelen = 0, hops = 0;
+ int retvalue = 1;
+
+ if (isExtract)
+@@ -94,9 +94,15 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ count = 256;
+ digs = ((count-1)>>2)+1;
+
+- /* output is \[x<hex>/siz]. which is digs+9 chars */
+- if (cp - (unsigned char *)name + digs + 9 >= MAXDNAME)
++ /* output is \[x<hex>/siz]. which is digs+6/7/8 chars */
++ namelen += digs+6;
++ if (count > 9)
++ namelen++;
++ if (count > 99)
++ namelen++;
++ if (namelen+1 >= MAXDNAME)
+ return 0;
++
+ if (!CHECK_LEN(header, p, plen, (count-1)>>3))
+ return 0;
+
+@@ -119,7 +125,8 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ }
+ else
+ { /* label_type = 0 -> label. */
+- if (cp - (unsigned char *)name + l + 1 >= MAXDNAME)
++ namelen += l;
++ if (namelen+1 >= MAXDNAME)
+ return 0;
+ if (!CHECK_LEN(header, p, plen, l))
+ return 0;
+@@ -132,8 +139,12 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ if (option_bool(OPT_DNSSEC_VALID))
+ {
+ if (c == 0 || c == '.' || c == NAME_ESCAPE)
+- *cp++ = NAME_ESCAPE;
+- *cp++ = c;
++ {
++ *cp++ = NAME_ESCAPE;
++ *cp++ = c+1;
++ }
++ else
++ *cp++ = c;
+ }
+ else
+ #endif
+@@ -155,7 +166,7 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ c1 += 'a' - 'A';
+ #ifdef HAVE_DNSSEC
+ if (option_bool(OPT_DNSSEC_VALID) && c1 == NAME_ESCAPE)
+- c1 = *cp++;
++ c1 = (*cp++)-1;
+ #endif
+
+ if (c2 >= 'A' && c2 <= 'Z')
+diff --git a/src/util.c b/src/util.c
+index 0c1a48b4700a..9299703c6d30 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -229,7 +229,7 @@ unsigned char *do_rfc1035_name(unsigned char *p, char *sval)
+ {
+ #ifdef HAVE_DNSSEC
+ if (option_bool(OPT_DNSSEC_VALID) && *sval == NAME_ESCAPE)
+- *p++ = *(++sval);
++ *p++ = (*(++sval))-1;
+ else
+ #endif
+ *p++ = *sval;
+--
+2.1.0
+
--- /dev/null
+From a5ae1f85873829efe473075ad77806cc02792622 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sat, 25 Apr 2015 21:46:10 +0100
+Subject: [PATCH 83/98] Logs in DHCPv6 not suppressed by dhcp6-quiet.
+
+---
+ CHANGELOG | 6 +++++-
+ src/rfc3315.c | 4 ++--
+ 2 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 7f2b1e002e9e..af2b22cf8f73 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -103,7 +103,11 @@ version 2.73
+ Previously we provided correct answers to PTR queries
+ in such zones (including NS and SOA) but not direct
+ NS and SOA queries. Thanks to Johnny S. Lee for
+- pointing out the problem.
++ pointing out the problem.
++
++ Fix logging of DHCPREPLY which should be suppressed
++ by quiet-dhcp6. Thanks to J. Pablo Abonia for
++ spotting the problem.
+
+
+ version 2.72
+diff --git a/src/rfc3315.c b/src/rfc3315.c
+index c45116a40a09..b4f5dd2db61f 100644
+--- a/src/rfc3315.c
++++ b/src/rfc3315.c
+@@ -1047,9 +1047,9 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_
+ {
+ preferred_time = valid_time = 0;
+ message = _("address invalid");
+- }
++ }
+
+- if (message)
++ if (message && (message != state->hostname))
+ log6_packet(state, "DHCPREPLY", req_addr, message);
+ else
+ log6_quiet(state, "DHCPREPLY", req_addr, message);
+--
+2.1.0
+
--- /dev/null
+From 8efd731cc4ed2baa42aa69d0a9d336392e9987cb Mon Sep 17 00:00:00 2001
+From: "Johnny S. Lee" <_@jsl.io>
+Date: Sun, 26 Apr 2015 22:23:57 +0100
+Subject: [PATCH 84/98] Make get-version work when repo is a git submodule.
+
+---
+ bld/get-version | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/bld/get-version b/bld/get-version
+index 7ab75db729ac..5372869c0852 100755
+--- a/bld/get-version
++++ b/bld/get-version
+@@ -11,8 +11,9 @@
+ # If there is more than one v[0-9].* tag, sort them and use the
+ # first. This favours, eg v2.63 over 2.63rc6.
+
+-if which git >/dev/null 2>&1 && [ -d $1/.git ]; then
+- cd $1; git describe | sed 's/^v//'
++if which git >/dev/null 2>&1 && \
++ ([ -d $1/.git ] || grep '^gitdir:' $1/.git >/dev/null 2>&1); then
++ cd $1; git describe | sed 's/^v//'
+ elif grep '\$Format:%d\$' $1/VERSION >/dev/null 2>&1; then
+ # unsubstituted VERSION, but no git available.
+ echo UNKNOWN
+--
+2.1.0
+
--- /dev/null
+From e66b4dff3c562c7836d5be4c26972d665ad783f1 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Tue, 28 Apr 2015 20:45:57 +0100
+Subject: [PATCH 85/98] Fix argument-order botch which broke DNSSEC for TCP
+ queries.
+
+---
+ src/forward.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/src/forward.c b/src/forward.c
+index 1c7da3f5655c..a8e403c4b25e 100644
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -1996,8 +1996,9 @@ unsigned char *tcp_request(int confd, time_t now,
+ }
+ else
+ result = (status == STAT_SECURE ? "SECURE" : (status == STAT_INSECURE ? "INSECURE" : "BOGUS"));
+- if (status == STAT_BOGUS && extract_request(header, m, daemon->namebuff, NULL))
+- domain = daemon->namebuff;
++
++ if (status == STAT_BOGUS && extract_request(header, m, daemon->namebuff, NULL))
++ domain = daemon->namebuff;
+
+ log_query(F_KEYTAG | F_SECSTAT, domain, NULL, result);
+
+@@ -2040,8 +2041,8 @@ unsigned char *tcp_request(int confd, time_t now,
+ #endif
+
+ m = process_reply(header, now, last_server, (unsigned int)m,
+- option_bool(OPT_NO_REBIND) && !norebind, no_cache_dnssec, bogusanswer,
+- cache_secure, ad_question, do_bit, added_pheader, check_subnet, &peer_addr);
++ option_bool(OPT_NO_REBIND) && !norebind, no_cache_dnssec, cache_secure, bogusanswer,
++ ad_question, do_bit, added_pheader, check_subnet, &peer_addr);
+
+ break;
+ }
+--
+2.1.0
+
--- /dev/null
+From 2ed162ac204f3609fe4d9f9a0430baeaa352d88f Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Tue, 28 Apr 2015 21:26:35 +0100
+Subject: [PATCH 86/98] Don't remove RRSIG RR from answers to ANY queries when
+ the do bit is not set.
+
+---
+ src/rfc1035.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 32df31ad603c..5828055caa5d 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -1608,6 +1608,11 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
+ GETSHORT(qtype, p);
+ GETSHORT(qclass, p);
+
++ /* Don't filter RRSIGS from answers to ANY queries, even if do-bit
++ not set. */
++ if (qtype == T_ANY)
++ *do_bit = 1;
++
+ ans = 0; /* have we answered this question */
+
+ if (qtype == T_TXT || qtype == T_ANY)
+--
+2.1.0
+
--- /dev/null
+From 64bcff1c7c72eecda8750bc2dca8b4c5dc38a837 Mon Sep 17 00:00:00 2001
+From: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
+Date: Tue, 28 Apr 2015 21:55:18 +0100
+Subject: [PATCH 87/98] Constify some DHCP lease management functions.
+
+---
+ src/dnsmasq.h | 7 ++++---
+ src/lease.c | 8 ++++----
+ 2 files changed, 8 insertions(+), 7 deletions(-)
+
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index 6fe4a4189188..824a86009439 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -1304,9 +1304,10 @@ void lease_update_slaac(time_t now);
+ void lease_set_iaid(struct dhcp_lease *lease, int iaid);
+ void lease_make_duid(time_t now);
+ #endif
+-void lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr,
+- unsigned char *clid, int hw_len, int hw_type, int clid_len, time_t now, int force);
+-void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth, char *domain, char *config_domain);
++void lease_set_hwaddr(struct dhcp_lease *lease, const unsigned char *hwaddr,
++ const unsigned char *clid, int hw_len, int hw_type,
++ int clid_len, time_t now, int force);
++void lease_set_hostname(struct dhcp_lease *lease, const char *name, int auth, char *domain, char *config_domain);
+ void lease_set_expires(struct dhcp_lease *lease, unsigned int len, time_t now);
+ void lease_set_interface(struct dhcp_lease *lease, int interface, time_t now);
+ struct dhcp_lease *lease_find_by_client(unsigned char *hwaddr, int hw_len, int hw_type,
+diff --git a/src/lease.c b/src/lease.c
+index 545bbb7fd09c..8adb60588671 100644
+--- a/src/lease.c
++++ b/src/lease.c
+@@ -813,9 +813,9 @@ void lease_set_iaid(struct dhcp_lease *lease, int iaid)
+ }
+ #endif
+
+-void lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr,
+- unsigned char *clid, int hw_len, int hw_type, int clid_len,
+- time_t now, int force)
++void lease_set_hwaddr(struct dhcp_lease *lease, const unsigned char *hwaddr,
++ const unsigned char *clid, int hw_len, int hw_type,
++ int clid_len, time_t now, int force)
+ {
+ #ifdef HAVE_DHCP6
+ int change = force;
+@@ -897,7 +897,7 @@ static void kill_name(struct dhcp_lease *lease)
+ lease->hostname = lease->fqdn = NULL;
+ }
+
+-void lease_set_hostname(struct dhcp_lease *lease, char *name, int auth, char *domain, char *config_domain)
++void lease_set_hostname(struct dhcp_lease *lease, const char *name, int auth, char *domain, char *config_domain)
+ {
+ struct dhcp_lease *lease_tmp;
+ char *new_name = NULL, *new_fqdn = NULL;
+--
+2.1.0
+
--- /dev/null
+From a77cec8d58231d71cbc26615f0c0f0292c09ef54 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 8 May 2015 16:25:38 +0100
+Subject: [PATCH 88/98] Handle UDP packet loss when fragmentation of large
+ packets is broken.
+
+---
+ CHANGELOG | 6 ++++++
+ src/config.h | 1 +
+ src/dnsmasq.h | 5 +++--
+ src/dnssec.c | 11 +++++++++--
+ src/forward.c | 37 +++++++++++++++++++++++++++++--------
+ src/network.c | 1 +
+ src/option.c | 18 +++++++++++-------
+ src/rfc1035.c | 22 ++++++----------------
+ 8 files changed, 66 insertions(+), 35 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index af2b22cf8f73..d8fc57a418bb 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -109,6 +109,12 @@ version 2.73
+ by quiet-dhcp6. Thanks to J. Pablo Abonia for
+ spotting the problem.
+
++ Try and handle net connections with broken fragmentation
++ that lose large UDP packets. If a server times out,
++ reduce the maximum UDP packet size field in the EDNS0
++ header to 1280 bytes. If it then answers, make that
++ change permanent.
++
+
+ version 2.72
+ Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
+diff --git a/src/config.h b/src/config.h
+index 8def6f200461..f75fe9db7081 100644
+--- a/src/config.h
++++ b/src/config.h
+@@ -19,6 +19,7 @@
+ #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */
+ #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */
+ #define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */
++#define SAFE_PKTSZ 1280 /* "go anywhere" UDP packet size */
+ #define KEYBLOCK_LEN 40 /* choose to mininise fragmentation when storing DNSSEC keys */
+ #define DNSSEC_WORK 50 /* Max number of queries to validate one question */
+ #define TIMEOUT 10 /* drop UDP queries after TIMEOUT seconds */
+diff --git a/src/dnsmasq.h b/src/dnsmasq.h
+index 824a86009439..ab16f79b3ec9 100644
+--- a/src/dnsmasq.h
++++ b/src/dnsmasq.h
+@@ -504,7 +504,7 @@ struct server {
+ char interface[IF_NAMESIZE+1];
+ struct serverfd *sfd;
+ char *domain; /* set if this server only handles a domain. */
+- int flags, tcpfd;
++ int flags, tcpfd, edns_pktsz;
+ unsigned int queries, failed_queries;
+ #ifdef HAVE_LOOP
+ u32 uid;
+@@ -594,6 +594,7 @@ struct hostsfile {
+ #define FREC_DO_QUESTION 64
+ #define FREC_ADDED_PHEADER 128
+ #define FREC_CHECK_NOSIGN 256
++#define FREC_TEST_PKTSZ 512
+
+ #ifdef HAVE_DNSSEC
+ #define HASH_SIZE 20 /* SHA-1 digest size */
+@@ -1148,7 +1149,7 @@ int in_zone(struct auth_zone *zone, char *name, char **cut);
+ #endif
+
+ /* dnssec.c */
+-size_t dnssec_generate_query(struct dns_header *header, char *end, char *name, int class, int type, union mysockaddr *addr);
++size_t dnssec_generate_query(struct dns_header *header, char *end, char *name, int class, int type, union mysockaddr *addr, int edns_pktsz);
+ int dnssec_validate_by_ds(time_t now, struct dns_header *header, size_t n, char *name, char *keyname, int class);
+ int dnssec_validate_ds(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int class);
+ int dnssec_validate_reply(time_t now, struct dns_header *header, size_t plen, char *name, char *keyname, int *class, int *neganswer, int *nons);
+diff --git a/src/dnssec.c b/src/dnssec.c
+index a9e12153ccf2..e91d7c2cf040 100644
+--- a/src/dnssec.c
++++ b/src/dnssec.c
+@@ -2162,10 +2162,12 @@ int dnskey_keytag(int alg, int flags, unsigned char *key, int keylen)
+ }
+ }
+
+-size_t dnssec_generate_query(struct dns_header *header, char *end, char *name, int class, int type, union mysockaddr *addr)
++size_t dnssec_generate_query(struct dns_header *header, char *end, char *name, int class,
++ int type, union mysockaddr *addr, int edns_pktsz)
+ {
+ unsigned char *p;
+ char *types = querystr("dnssec-query", type);
++ size_t ret;
+
+ if (addr->sa.sa_family == AF_INET)
+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, name, (struct all_addr *)&addr->in.sin_addr, types);
+@@ -2194,7 +2196,12 @@ size_t dnssec_generate_query(struct dns_header *header, char *end, char *name, i
+ PUTSHORT(type, p);
+ PUTSHORT(class, p);
+
+- return add_do_bit(header, p - (unsigned char *)header, end);
++ ret = add_do_bit(header, p - (unsigned char *)header, end);
++
++ if (find_pseudoheader(header, ret, NULL, &p, NULL))
++ PUTSHORT(edns_pktsz, p);
++
++ return ret;
+ }
+
+ /* Go through a domain name, find "pointers" and fix them up based on how many bytes
+diff --git a/src/forward.c b/src/forward.c
+index a8e403c4b25e..592243fd4d35 100644
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -253,6 +253,7 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
+ void *hash = &crc;
+ #endif
+ unsigned int gotname = extract_request(header, plen, daemon->namebuff, NULL);
++ unsigned char *pheader;
+
+ (void)do_bit;
+
+@@ -261,19 +262,32 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
+ forward = NULL;
+ else if (forward || (hash && (forward = lookup_frec_by_sender(ntohs(header->id), udpaddr, hash))))
+ {
++ /* If we didn't get an answer advertising a maximal packet in EDNS,
++ fall back to 1280, which should work everywhere on IPv6.
++ If that generates an answer, it will become the new default
++ for this server */
++ forward->flags |= FREC_TEST_PKTSZ;
++
+ #ifdef HAVE_DNSSEC
+ /* If we've already got an answer to this query, but we're awaiting keys for validation,
+ there's no point retrying the query, retry the key query instead...... */
+ if (forward->blocking_query)
+ {
+ int fd;
+-
++
++ forward->flags &= ~FREC_TEST_PKTSZ;
++
+ while (forward->blocking_query)
+ forward = forward->blocking_query;
++
++ forward->flags |= FREC_TEST_PKTSZ;
+
+ blockdata_retrieve(forward->stash, forward->stash_len, (void *)header);
+ plen = forward->stash_len;
+
++ if (find_pseudoheader(header, plen, NULL, &pheader, NULL))
++ PUTSHORT((forward->flags & FREC_TEST_PKTSZ) ? SAFE_PKTSZ : forward->sentto->edns_pktsz, pheader);
++
+ if (forward->sentto->addr.sa.sa_family == AF_INET)
+ log_query(F_NOEXTRA | F_DNSSEC | F_IPV4, "retry", (struct all_addr *)&forward->sentto->addr.in.sin_addr, "dnssec");
+ #ifdef HAVE_IPV6
+@@ -417,7 +431,7 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
+ plen = new_plen;
+ }
+ #endif
+-
++
+ while (1)
+ {
+ /* only send to servers dealing with our domain.
+@@ -464,6 +478,9 @@ static int forward_query(int udpfd, union mysockaddr *udpaddr,
+ }
+ #endif
+ }
++
++ if (find_pseudoheader(header, plen, NULL, &pheader, NULL))
++ PUTSHORT((forward->flags & FREC_TEST_PKTSZ) ? SAFE_PKTSZ : start->edns_pktsz, pheader);
+
+ if (retry_send(sendto(fd, (char *)header, plen, 0,
+ &start->addr.sa,
+@@ -760,7 +777,6 @@ void reply_query(int fd, int family, time_t now)
+ }
+
+ server = forward->sentto;
+-
+ if ((forward->sentto->flags & SERV_TYPE) == 0)
+ {
+ if (RCODE(header) == REFUSED)
+@@ -781,7 +797,12 @@ void reply_query(int fd, int family, time_t now)
+ if (!option_bool(OPT_ALL_SERVERS))
+ daemon->last_server = server;
+ }
+-
++
++ /* We tried resending to this server with a smaller maximum size and got an answer.
++ Make that permanent. */
++ if (server && (forward->flags & FREC_TEST_PKTSZ))
++ server->edns_pktsz = SAFE_PKTSZ;
++
+ /* If the answer is an error, keep the forward record in place in case
+ we get a good reply from another server. Kill it when we've
+ had replies from all to avoid filling the forwarding table when
+@@ -890,7 +911,7 @@ void reply_query(int fd, int family, time_t now)
+ {
+ new->flags |= FREC_DNSKEY_QUERY;
+ nn = dnssec_generate_query(header, ((char *) header) + daemon->packet_buff_sz,
+- daemon->keyname, forward->class, T_DNSKEY, &server->addr);
++ daemon->keyname, forward->class, T_DNSKEY, &server->addr, server->edns_pktsz);
+ }
+ else
+ {
+@@ -899,7 +920,7 @@ void reply_query(int fd, int family, time_t now)
+ else
+ new->flags |= FREC_DS_QUERY;
+ nn = dnssec_generate_query(header,((char *) header) + daemon->packet_buff_sz,
+- daemon->keyname, forward->class, T_DS, &server->addr);
++ daemon->keyname, forward->class, T_DS, &server->addr, server->edns_pktsz);
+ }
+ if ((hash = hash_questions(header, nn, daemon->namebuff)))
+ memcpy(new->hash, hash, HASH_SIZE);
+@@ -1526,7 +1547,7 @@ static int tcp_check_for_unsigned_zone(time_t now, struct dns_header *header, s
+
+ /* Can't find it in the cache, have to send a query */
+
+- m = dnssec_generate_query(header, ((char *) header) + 65536, name_start, class, T_DS, &server->addr);
++ m = dnssec_generate_query(header, ((char *) header) + 65536, name_start, class, T_DS, &server->addr, server->edns_pktsz);
+
+ *length = htons(m);
+
+@@ -1638,7 +1659,7 @@ static int tcp_key_recurse(time_t now, int status, struct dns_header *header, si
+
+ another_tcp_key:
+ m = dnssec_generate_query(new_header, ((char *) new_header) + 65536, keyname, class,
+- new_status == STAT_NEED_KEY ? T_DNSKEY : T_DS, &server->addr);
++ new_status == STAT_NEED_KEY ? T_DNSKEY : T_DS, &server->addr, server->edns_pktsz);
+
+ *length = htons(m);
+
+diff --git a/src/network.c b/src/network.c
+index 992f023c31de..a1d90c876fc1 100644
+--- a/src/network.c
++++ b/src/network.c
+@@ -1396,6 +1396,7 @@ void add_update_server(int flags,
+ serv->domain = domain_str;
+ serv->next = next;
+ serv->queries = serv->failed_queries = 0;
++ serv->edns_pktsz = daemon->edns_pktsz;
+ #ifdef HAVE_LOOP
+ serv->uid = rand32();
+ #endif
+diff --git a/src/option.c b/src/option.c
+index f91cfbb1aa54..c7add88de7ac 100644
+--- a/src/option.c
++++ b/src/option.c
+@@ -4498,15 +4498,19 @@ void read_opts(int argc, char **argv, char *compile_opts)
+ {
+ struct server *tmp;
+ for (tmp = daemon->servers; tmp; tmp = tmp->next)
+- if (!(tmp->flags & SERV_HAS_SOURCE))
+- {
+- if (tmp->source_addr.sa.sa_family == AF_INET)
+- tmp->source_addr.in.sin_port = htons(daemon->query_port);
++ {
++ tmp->edns_pktsz = daemon->edns_pktsz;
++
++ if (!(tmp->flags & SERV_HAS_SOURCE))
++ {
++ if (tmp->source_addr.sa.sa_family == AF_INET)
++ tmp->source_addr.in.sin_port = htons(daemon->query_port);
+ #ifdef HAVE_IPV6
+- else if (tmp->source_addr.sa.sa_family == AF_INET6)
+- tmp->source_addr.in6.sin6_port = htons(daemon->query_port);
++ else if (tmp->source_addr.sa.sa_family == AF_INET6)
++ tmp->source_addr.in6.sin6_port = htons(daemon->query_port);
+ #endif
+- }
++ }
++ }
+ }
+
+ if (daemon->if_addrs)
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 5828055caa5d..8b1709dd3495 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -552,7 +552,7 @@ static size_t add_pseudoheader(struct dns_header *header, size_t plen, unsigned
+ return plen;
+ *p++ = 0; /* empty name */
+ PUTSHORT(T_OPT, p);
+- PUTSHORT(daemon->edns_pktsz, p); /* max packet length */
++ PUTSHORT(SAFE_PKTSZ, p); /* max packet length, this will be overwritten */
+ PUTSHORT(0, p); /* extended RCODE and version */
+ PUTSHORT(set_do ? 0x8000 : 0, p); /* DO flag */
+ lenp = p;
+@@ -1537,7 +1537,6 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
+ unsigned short flag;
+ int q, ans, anscount = 0, addncount = 0;
+ int dryrun = 0, sec_reqd = 0, have_pseudoheader = 0;
+- int is_sign;
+ struct crec *crecp;
+ int nxdomain = 0, auth = 1, trunc = 0, sec_data = 1;
+ struct mx_srv_record *rec;
+@@ -1557,28 +1556,19 @@ size_t answer_request(struct dns_header *header, char *limit, size_t qlen,
+ forward rather than answering from the cache, which doesn't include
+ security information, unless we're in DNSSEC validation mode. */
+
+- if (find_pseudoheader(header, qlen, NULL, &pheader, &is_sign))
++ if (find_pseudoheader(header, qlen, NULL, &pheader, NULL))
+ {
+- unsigned short udpsz, flags;
+- unsigned char *psave = pheader;
+-
++ unsigned short flags;
++
+ have_pseudoheader = 1;
+
+- GETSHORT(udpsz, pheader);
+- pheader += 2; /* ext_rcode */
++ pheader += 4; /* udp size, ext_rcode */
+ GETSHORT(flags, pheader);
+
+ if ((sec_reqd = flags & 0x8000))
+ *do_bit = 1;/* do bit */
+- *ad_reqd = 1;
+-
+- /* If our client is advertising a larger UDP packet size
+- than we allow, trim it so that we don't get an overlarge
+- response from upstream */
+-
+- if (!is_sign && (udpsz > daemon->edns_pktsz))
+- PUTSHORT(daemon->edns_pktsz, psave);
+
++ *ad_reqd = 1;
+ dryrun = 1;
+ }
+
+--
+2.1.0
+
--- /dev/null
+From b059c96dc69dfe3055c5b32b078a05c53b11ebb3 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 8 May 2015 20:25:51 +0100
+Subject: [PATCH 89/98] Check IPv4-mapped IPv6 addresses with --stop-rebind.
+
+---
+ CHANGELOG | 3 +++
+ src/rfc1035.c | 21 +++++++++++++++++----
+ 2 files changed, 20 insertions(+), 4 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index d8fc57a418bb..94a521f996e2 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -115,6 +115,9 @@ version 2.73
+ header to 1280 bytes. If it then answers, make that
+ change permanent.
+
++ Check IPv4-mapped IPv6 addresses when --stop-rebind
++ is active. Thanks to Jordan Milne for spotting this.
++
+
+ version 2.72
+ Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 8b1709dd3495..5e3f566fdbc5 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -1117,10 +1117,23 @@ int extract_addresses(struct dns_header *header, size_t qlen, char *name, time_t
+ memcpy(&addr, p1, addrlen);
+
+ /* check for returned address in private space */
+- if (check_rebind &&
+- (flags & F_IPV4) &&
+- private_net(addr.addr.addr4, !option_bool(OPT_LOCAL_REBIND)))
+- return 1;
++ if (check_rebind)
++ {
++ if ((flags & F_IPV4) &&
++ private_net(addr.addr.addr4, !option_bool(OPT_LOCAL_REBIND)))
++ return 1;
++
++#ifdef HAVE_IPV6
++ if ((flags & F_IPV6) &&
++ IN6_IS_ADDR_V4MAPPED(&addr.addr.addr6))
++ {
++ struct in_addr v4;
++ v4.s_addr = ((const uint32_t *) (&addr.addr.addr6))[3];
++ if (private_net(v4, !option_bool(OPT_LOCAL_REBIND)))
++ return 1;
++ }
++#endif
++ }
+
+ #ifdef HAVE_IPSET
+ if (ipsets && (flags & (F_IPV4 | F_IPV6)))
+--
+2.1.0
+
--- /dev/null
+From 86fa1046920dedc8134136a6244ca96e8a37e9d8 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Sun, 10 May 2015 13:50:59 +0100
+Subject: [PATCH 90/98] Tweak EDNS timeout code.
+
+---
+ src/forward.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/forward.c b/src/forward.c
+index 592243fd4d35..74e5ab66c423 100644
+--- a/src/forward.c
++++ b/src/forward.c
+@@ -799,8 +799,10 @@ void reply_query(int fd, int family, time_t now)
+ }
+
+ /* We tried resending to this server with a smaller maximum size and got an answer.
+- Make that permanent. */
+- if (server && (forward->flags & FREC_TEST_PKTSZ))
++ Make that permanent. To avoid reduxing the packet size for an single dropped packet,
++ only do this when we get a truncated answer, or one larger than the safe size. */
++ if (server && (forward->flags & FREC_TEST_PKTSZ) &&
++ ((header->hb3 & HB3_TC) || n >= SAFE_PKTSZ))
+ server->edns_pktsz = SAFE_PKTSZ;
+
+ /* If the answer is an error, keep the forward record in place in case
+--
+2.1.0
+
--- /dev/null
+From 585840b03365372679907f175b07a01c9d621ae0 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Wed, 13 May 2015 12:35:57 +0100
+Subject: [PATCH 91/98] Pointer to mail-archive mailing list mirror in
+ doc.html.
+
+---
+ doc.html | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/doc.html b/doc.html
+index 92c9d0d6f34c..54f59bbbd4d0 100644
+--- a/doc.html
++++ b/doc.html
+@@ -74,7 +74,9 @@ for details.
+ There is a dnsmasq mailing list at <A
+ HREF="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss">
+ http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</A> which should be the
+-first location for queries, bugreports, suggestions etc.
++first location for queries, bugreports, suggestions etc. The list is mirrored, with a
++search facility, at <A HREF="https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/">
++https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/</A>.
+ You can contact me at <A
+ HREF="mailto:simon@thekelleys.org.uk">simon@thekelleys.org.uk</A>.
+
+--
+2.1.0
+
--- /dev/null
+From ca85a28241ef87919d68d52c843b6964b7070e11 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Wed, 13 May 2015 22:33:04 +0100
+Subject: [PATCH 92/98] Allow T1 and T2 DHCPv4 options to be set.
+
+---
+ CHANGELOG | 3 +++
+ dnsmasq.conf.example | 8 ++++++
+ src/dhcp-common.c | 4 +--
+ src/rfc2131.c | 71 ++++++++++++++++++++++++++++++++++++----------------
+ 4 files changed, 63 insertions(+), 23 deletions(-)
+
+diff --git a/CHANGELOG b/CHANGELOG
+index 94a521f996e2..ef39a415788b 100644
+--- a/CHANGELOG
++++ b/CHANGELOG
+@@ -118,6 +118,9 @@ version 2.73
+ Check IPv4-mapped IPv6 addresses when --stop-rebind
+ is active. Thanks to Jordan Milne for spotting this.
+
++ Allow DHCPv4 options T1 and T2 to be set using --dhcp-option.
++ Thanks to Kevin Benton for patches and work on this.
++
+
+ version 2.72
+ Add ra-advrouter mode, for RFC-3775 mobile IPv6 support.
+diff --git a/dnsmasq.conf.example b/dnsmasq.conf.example
+index 67be99acb028..1ae11dfb5358 100644
+--- a/dnsmasq.conf.example
++++ b/dnsmasq.conf.example
+@@ -345,6 +345,14 @@
+ # Ask client to poll for option changes every six hours. (RFC4242)
+ #dhcp-option=option6:information-refresh-time,6h
+
++# Set option 58 client renewal time (T1). Defaults to half of the
++# lease time if not specified. (RFC2132)
++#dhcp-option=option:T1:1m
++
++# Set option 59 rebinding time (T2). Defaults to 7/8 of the
++# lease time if not specified. (RFC2132)
++#dhcp-option=option:T2:2m
++
+ # Set the NTP time server address to be the same machine as
+ # is running dnsmasq
+ #dhcp-option=42,0.0.0.0
+diff --git a/src/dhcp-common.c b/src/dhcp-common.c
+index ce115202a646..bc48f41a14d7 100644
+--- a/src/dhcp-common.c
++++ b/src/dhcp-common.c
+@@ -545,8 +545,8 @@ static const struct opttab_t {
+ { "parameter-request", 55, OT_INTERNAL },
+ { "message", 56, OT_INTERNAL },
+ { "max-message-size", 57, OT_INTERNAL },
+- { "T1", 58, OT_INTERNAL | OT_TIME},
+- { "T2", 59, OT_INTERNAL | OT_TIME},
++ { "T1", 58, OT_TIME},
++ { "T2", 59, OT_TIME},
+ { "vendor-class", 60, 0 },
+ { "client-id", 61, OT_INTERNAL },
+ { "nis+-domain", 64, OT_NAME },
+diff --git a/src/rfc2131.c b/src/rfc2131.c
+index 55526443dc84..a10e499ef768 100644
+--- a/src/rfc2131.c
++++ b/src/rfc2131.c
+@@ -52,7 +52,9 @@ static void do_options(struct dhcp_context *context,
+ int null_term, int pxearch,
+ unsigned char *uuid,
+ int vendor_class_len,
+- time_t now);
++ time_t now,
++ unsigned int lease_time,
++ unsigned short fuzz);
+
+
+ static void match_vendor_opts(unsigned char *opt, struct dhcp_opt *dopt);
+@@ -610,7 +612,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
+
+ clear_packet(mess, end);
+ do_options(context, mess, end, NULL, hostname, get_domain(mess->yiaddr),
+- netid, subnet_addr, 0, 0, -1, NULL, vendor_class_len, now);
++ netid, subnet_addr, 0, 0, -1, NULL, vendor_class_len, now, 0xffffffff, 0);
+ }
+ }
+
+@@ -1042,13 +1044,8 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
+ option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, ntohl(server_id(context, override, fallback).s_addr));
+ option_put(mess, end, OPTION_LEASE_TIME, 4, time);
+ /* T1 and T2 are required in DHCPOFFER by HP's wacky Jetdirect client. */
+- if (time != 0xffffffff)
+- {
+- option_put(mess, end, OPTION_T1, 4, (time/2));
+- option_put(mess, end, OPTION_T2, 4, (time*7)/8);
+- }
+ do_options(context, mess, end, req_options, offer_hostname, get_domain(mess->yiaddr),
+- netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
++ netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now, time, fuzz);
+
+ return dhcp_packet_size(mess, agent_id, real_end);
+
+@@ -1367,15 +1364,8 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
+ option_put(mess, end, OPTION_MESSAGE_TYPE, 1, DHCPACK);
+ option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, ntohl(server_id(context, override, fallback).s_addr));
+ option_put(mess, end, OPTION_LEASE_TIME, 4, time);
+- if (time != 0xffffffff)
+- {
+- while (fuzz > (time/16))
+- fuzz = fuzz/2;
+- option_put(mess, end, OPTION_T1, 4, (time/2) - fuzz);
+- option_put(mess, end, OPTION_T2, 4, ((time/8)*7) - fuzz);
+- }
+ do_options(context, mess, end, req_options, hostname, get_domain(mess->yiaddr),
+- netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
++ netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now, time, fuzz);
+ }
+
+ return dhcp_packet_size(mess, agent_id, real_end);
+@@ -1440,7 +1430,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
+ }
+
+ do_options(context, mess, end, req_options, hostname, get_domain(mess->ciaddr),
+- netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now);
++ netid, subnet_addr, fqdn_flags, borken_opt, pxearch, uuid, vendor_class_len, now, 0xffffffff, 0);
+
+ *is_inform = 1; /* handle reply differently */
+ return dhcp_packet_size(mess, agent_id, real_end);
+@@ -2137,7 +2127,9 @@ static void do_options(struct dhcp_context *context,
+ int null_term, int pxe_arch,
+ unsigned char *uuid,
+ int vendor_class_len,
+- time_t now)
++ time_t now,
++ unsigned int lease_time,
++ unsigned short fuzz)
+ {
+ struct dhcp_opt *opt, *config_opts = daemon->dhcp_opts;
+ struct dhcp_boot *boot;
+@@ -2261,7 +2253,42 @@ static void do_options(struct dhcp_context *context,
+ /* rfc3011 says this doesn't need to be in the requested options list. */
+ if (subnet_addr.s_addr)
+ option_put(mess, end, OPTION_SUBNET_SELECT, INADDRSZ, ntohl(subnet_addr.s_addr));
+-
++
++ if (lease_time != 0xffffffff)
++ {
++ unsigned int t1val = lease_time/2;
++ unsigned int t2val = (lease_time*7)/8;
++ unsigned int hval;
++
++ /* If set by user, sanity check, so not longer than lease. */
++ if ((opt = option_find2(OPTION_T1)))
++ {
++ hval = ntohl(*((unsigned int *)opt->val));
++ if (hval < lease_time && hval > 2)
++ t1val = hval;
++ }
++
++ if ((opt = option_find2(OPTION_T2)))
++ {
++ hval = ntohl(*((unsigned int *)opt->val));
++ if (hval < lease_time && hval > 2)
++ t2val = hval;
++ }
++
++ while (fuzz > (t1val/8))
++ fuzz = fuzz/2;
++
++ t1val -= fuzz;
++ t2val -= fuzz;
++
++ /* ensure T1 is still < T2 */
++ if (t2val <= t1val)
++ t1val = t2val - 1;
++
++ option_put(mess, end, OPTION_T1, 4, t1val);
++ option_put(mess, end, OPTION_T2, 4, t2val);
++ }
++
+ /* replies to DHCPINFORM may not have a valid context */
+ if (context)
+ {
+@@ -2356,12 +2383,14 @@ static void do_options(struct dhcp_context *context,
+ if (!(opt->flags & DHOPT_FORCE) && !in_list(req_options, optno))
+ continue;
+
+- /* prohibit some used-internally options */
++ /* prohibit some used-internally options. T1 and T2 already handled. */
+ if (optno == OPTION_CLIENT_FQDN ||
+ optno == OPTION_MAXMESSAGE ||
+ optno == OPTION_OVERLOAD ||
+ optno == OPTION_PAD ||
+- optno == OPTION_END)
++ optno == OPTION_END ||
++ optno == OPTION_T1 ||
++ optno == OPTION_T2)
+ continue;
+
+ if (optno == OPTION_SNAME && done_server)
+--
+2.1.0
+
--- /dev/null
+From 7c0f2543a7e761d1ec82738374556beeb8a35bef Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 14 May 2015 21:16:18 +0100
+Subject: [PATCH 93/98] Tweak last commit.
+
+---
+ src/rfc2131.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/rfc2131.c b/src/rfc2131.c
+index a10e499ef768..b95f9beadf59 100644
+--- a/src/rfc2131.c
++++ b/src/rfc2131.c
+@@ -2275,16 +2275,16 @@ static void do_options(struct dhcp_context *context,
+ t2val = hval;
+ }
+
++ /* ensure T1 is still < T2 */
++ if (t2val <= t1val)
++ t1val = t2val - 1;
++
+ while (fuzz > (t1val/8))
+ fuzz = fuzz/2;
+
+ t1val -= fuzz;
+ t2val -= fuzz;
+
+- /* ensure T1 is still < T2 */
+- if (t2val <= t1val)
+- t1val = t2val - 1;
+-
+ option_put(mess, end, OPTION_T1, 4, t1val);
+ option_put(mess, end, OPTION_T2, 4, t2val);
+ }
+--
+2.1.0
+
--- /dev/null
+From 62018e1f720fa11e83879111a4b1b3753b5c25bb Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Thu, 14 May 2015 21:30:00 +0100
+Subject: [PATCH 94/98] Use correct DHCP context for PXE-proxy server-id.
+
+---
+ src/rfc2131.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/rfc2131.c b/src/rfc2131.c
+index b95f9beadf59..70d1e59530ad 100644
+--- a/src/rfc2131.c
++++ b/src/rfc2131.c
+@@ -888,10 +888,10 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
+
+ option_put(mess, end, OPTION_MESSAGE_TYPE, 1,
+ mess_type == DHCPDISCOVER ? DHCPOFFER : DHCPACK);
+- option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, htonl(context->local.s_addr));
++ option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, htonl(tmp->local.s_addr));
+ pxe_misc(mess, end, uuid);
+ prune_vendor_opts(tagif_netid);
+- do_encap_opts(pxe_opts(pxearch, tagif_netid, context->local, now), OPTION_VENDOR_CLASS_OPT, DHOPT_VENDOR_MATCH, mess, end, 0);
++ do_encap_opts(pxe_opts(pxearch, tagif_netid, tmp->local, now), OPTION_VENDOR_CLASS_OPT, DHOPT_VENDOR_MATCH, mess, end, 0);
+
+ log_packet("PXE", NULL, emac, emac_len, iface_name, ignore ? "proxy-ignored" : "proxy", NULL, mess->xid);
+ log_tags(tagif_netid, ntohl(mess->xid));
+--
+2.1.0
+
--- /dev/null
+From 5d07d77e75e0f02bc0a8f6029ffbc8b371fa804e Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 15 May 2015 18:13:06 +0100
+Subject: [PATCH 95/98] Fix buffer overflow introduced in 2.73rc6.
+
+Fix off-by-one in code which checks for over-long domain names
+in received DNS packets. This enables buffer overflow attacks
+which can certainly crash dnsmasq and may allow for arbitrary
+code execution. The problem was introduced in commit b8f16556d,
+release 2.73rc6, so has not escaped into any stable release.
+Note that the off-by-one was in the label length determination,
+so the buffer can be overflowed by as many bytes as there are
+labels in the name - ie, many.
+
+Thanks to Ron Bowes, who used lcmatuf's afl-fuzz tool to find
+the problem.
+---
+ src/rfc1035.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 5e3f566fdbc5..a95241f83523 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -94,8 +94,8 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ count = 256;
+ digs = ((count-1)>>2)+1;
+
+- /* output is \[x<hex>/siz]. which is digs+6/7/8 chars */
+- namelen += digs+6;
++ /* output is \[x<hex>/siz]. which is digs+7/8/9 chars */
++ namelen += digs+7;
+ if (count > 9)
+ namelen++;
+ if (count > 99)
+@@ -125,8 +125,8 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ }
+ else
+ { /* label_type = 0 -> label. */
+- namelen += l;
+- if (namelen+1 >= MAXDNAME)
++ namelen += l + 1; /* include period */
++ if (namelen >= MAXDNAME)
+ return 0;
+ if (!CHECK_LEN(header, p, plen, l))
+ return 0;
+--
+2.1.0
+
--- /dev/null
+From 06568c663643b9ed1577d95efee69d734f427cf5 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Fri, 15 May 2015 20:43:48 +0100
+Subject: [PATCH 96/98] Remove support for DNS Extended Label Types.
+
+The support was only partial, and the whole concept is
+now deprecated in the standards.
+---
+ src/rfc1035.c | 52 ++++------------------------------------------------
+ 1 file changed, 4 insertions(+), 48 deletions(-)
+
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index a95241f83523..56647b02ab4d 100644
+--- a/src/rfc1035.c
++++ b/src/rfc1035.c
+@@ -77,53 +77,7 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+
+ p = l + (unsigned char *)header;
+ }
+- else if (label_type == 0x80)
+- return 0; /* reserved */
+- else if (label_type == 0x40)
+- { /* ELT */
+- unsigned int count, digs;
+-
+- if ((l & 0x3f) != 1)
+- return 0; /* we only understand bitstrings */
+-
+- if (!isExtract)
+- return 0; /* Cannot compare bitsrings */
+-
+- count = *p++;
+- if (count == 0)
+- count = 256;
+- digs = ((count-1)>>2)+1;
+-
+- /* output is \[x<hex>/siz]. which is digs+7/8/9 chars */
+- namelen += digs+7;
+- if (count > 9)
+- namelen++;
+- if (count > 99)
+- namelen++;
+- if (namelen+1 >= MAXDNAME)
+- return 0;
+-
+- if (!CHECK_LEN(header, p, plen, (count-1)>>3))
+- return 0;
+-
+- *cp++ = '\\';
+- *cp++ = '[';
+- *cp++ = 'x';
+- for (j=0; j<digs; j++)
+- {
+- unsigned int dig;
+- if (j%2 == 0)
+- dig = *p >> 4;
+- else
+- dig = *p++ & 0x0f;
+-
+- *cp++ = dig < 10 ? dig + '0' : dig + 'A' - 10;
+- }
+- cp += sprintf((char *)cp, "/%d]", count);
+- /* do this here to overwrite the zero char from sprintf */
+- *cp++ = '.';
+- }
+- else
++ else if (label_type == 0x00)
+ { /* label_type = 0 -> label. */
+ namelen += l + 1; /* include period */
+ if (namelen >= MAXDNAME)
+@@ -176,12 +130,14 @@ int extract_name(struct dns_header *header, size_t plen, unsigned char **pp,
+ retvalue = 2;
+ }
+ }
+-
++
+ if (isExtract)
+ *cp++ = '.';
+ else if (*cp != 0 && *cp++ != '.')
+ retvalue = 2;
+ }
++ else
++ return 0; /* label types 0x40 and 0x80 not supported */
+ }
+ }
+
+--
+2.1.0
+
--- /dev/null
+From 7f8565b94ca52dde31f7688a9f9a0cc611d9dae3 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Tue, 19 May 2015 23:01:27 +0100
+Subject: [PATCH 97/98] Select correct DHCP context when in PXE bootserver
+ mode.
+
+---
+ src/rfc2131.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/rfc2131.c b/src/rfc2131.c
+index 70d1e59530ad..e602a21585c9 100644
+--- a/src/rfc2131.c
++++ b/src/rfc2131.c
+@@ -805,7 +805,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
+ if (service->type == type)
+ break;
+
+- if (!service || !service->basename)
++ if (!service || !service->basename || !(context = narrow_context(context, mess->ciaddr, tagif_netid)))
+ return 0;
+
+ clear_packet(mess, end);
+--
+2.1.0
+
--- /dev/null
+From 549b1a478c5eee9dbd3a0709913a26ec29d30f2c Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon@thekelleys.org.uk>
+Date: Wed, 20 May 2015 20:20:24 +0100
+Subject: [PATCH 98/98] Tweak immediately previous patch.
+
+---
+ src/rfc2131.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/rfc2131.c b/src/rfc2131.c
+index e602a21585c9..9f69ed595903 100644
+--- a/src/rfc2131.c
++++ b/src/rfc2131.c
+@@ -805,9 +805,14 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
+ if (service->type == type)
+ break;
+
+- if (!service || !service->basename || !(context = narrow_context(context, mess->ciaddr, tagif_netid)))
+- return 0;
++ for (; context; context = context->current)
++ if (match_netid(context->filter, tagif_netid, 1) &&
++ is_same_net(mess->ciaddr, context->start, context->netmask))
++ break;
+
++ if (!service || !service->basename || !context)
++ return 0;
++
+ clear_packet(mess, end);
+
+ mess->yiaddr = mess->ciaddr;
+--
+2.1.0
+
--- /dev/null
+diff -Naur dracut-038.org/modules.d/90kernel-modules/module-setup.sh dracut-038/modules.d/90kernel-modules/module-setup.sh
+--- dracut-038.org/modules.d/90kernel-modules/module-setup.sh 2014-06-30 12:03:12.000000000 +0200
++++ dracut-038/modules.d/90kernel-modules/module-setup.sh 2015-05-05 14:58:56.820197839 +0200
+@@ -47,7 +47,7 @@
+ atkbd i8042 usbhid hid-apple hid-sunplus hid-cherry hid-logitech \
+ hid-logitech-dj hid-microsoft firewire-ohci \
+ pcmcia usb_storage nvme hid-hyperv hv-vmbus \
+- sdhci_acpi
++ sdhci_acpi sdhci_pci
+
+ if [[ "$(uname -p)" == arm* ]]; then
+ # arm specific modules
--- /dev/null
+From c667589410912ca980a78f417e86dd6585d58f9a Mon Sep 17 00:00:00 2001
+From: Michael Tremer <michael.tremer@ipfire.org>
+Date: Mon, 4 May 2015 16:00:31 +0200
+Subject: [PATCH] Skip search for hypervisor name when the CPU string is empty
+
+---
+ src/_fireinfo/fireinfo.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/src/_fireinfo/fireinfo.c b/src/_fireinfo/fireinfo.c
+index fc639d9d4cd9..6601c21a733f 100644
+--- a/src/_fireinfo/fireinfo.c
++++ b/src/_fireinfo/fireinfo.c
+@@ -156,11 +156,12 @@ int detect_hypervisor(int *hypervisor) {
+
+ *hypervisor = HYPER_OTHER;
+
+- int id;
+- for (id = HYPER_NONE + 1; id < HYPER_LAST; id++) {
+- if (strcmp(hypervisor_ids[id], sig.text) == 0) {
+- *hypervisor = id;
+- break;
++ if (*sig.text) {
++ for (int id = HYPER_NONE + 1; id < HYPER_LAST; id++) {
++ if (strcmp(hypervisor_ids[id], sig.text) == 0) {
++ *hypervisor = id;
++ break;
++ }
+ }
+ }
+
+--
+2.1.0
+
--- /dev/null
+#
+# Based on the following commit:
+#
+# commit f9d2d03254a58d92635a311a42253eeed5a40a47
+# Author: Andreas Schwab <schwab@suse.de>
+# Date: Mon May 26 18:01:31 2014 +0200
+#
+# Fix invalid file descriptor reuse while sending DNS query (BZ #15946)
+#
+# 2014-06-03 Andreas Schwab <schwab@suse.de>
+#
+# [BZ #15946]
+# * resolv/res_send.c (send_dg): Reload file descriptor after
+# calling reopen.
+#
+diff --git a/resolv/res_send.c b/resolv/res_send.c
+index 3273d55..af42b8a 100644
+--- a/resolv/res_send.c
++++ b/resolv/res_send.c
+@@ -1410,6 +1410,7 @@ send_dg(res_state statp,
+ retval = reopen (statp, terrno, ns);
+ if (retval <= 0)
+ return retval;
++ pfd[0].fd = EXT(statp).nssocks[ns];
+ }
+ }
+ goto wait;
--- /dev/null
+@@ -, +, @@
+ resolv/nss_dns/dns-host.c:getanswer_r.
+---
+ resolv/nss_dns/dns-host.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+--- a/resolv/nss_dns/dns-host.c
++++ a/resolv/nss_dns/dns-host.c
+@@ -615,7 +615,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
+ int have_to_map = 0;
+ uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data);
+ buffer += pad;
+- if (__builtin_expect (buflen < sizeof (struct host_data) + pad, 0))
++ buflen = buflen > pad ? buflen - pad : 0;
++ if (__builtin_expect (buflen < sizeof (struct host_data), 0))
+ {
+ /* The buffer is too small. */
+ too_small:
+--
--- /dev/null
+diff -Naur hostapd-2.3.org/src/ap/wpa_auth.c hostapd-2.3/src/ap/wpa_auth.c
+--- hostapd-2.3.org/src/ap/wpa_auth.c 2014-10-09 16:41:31.000000000 +0200
++++ hostapd-2.3/src/ap/wpa_auth.c 2015-04-07 16:32:10.671422975 +0200
+@@ -45,9 +45,9 @@
+
+ static const u32 dot11RSNAConfigGroupUpdateCount = 4;
+ static const u32 dot11RSNAConfigPairwiseUpdateCount = 4;
+-static const u32 eapol_key_timeout_first = 100; /* ms */
+-static const u32 eapol_key_timeout_subseq = 1000; /* ms */
+-static const u32 eapol_key_timeout_first_group = 500; /* ms */
++static const u32 eapol_key_timeout_first = 300; /* ms */
++static const u32 eapol_key_timeout_subseq = 3000; /* ms */
++static const u32 eapol_key_timeout_first_group = 1500; /* ms */
+
+ /* TODO: make these configurable */
+ static const int dot11RSNAConfigPMKLifetime = 43200;
--- /dev/null
+From 99d3016de4f2a29635f5382b0e9bd0e5f2151487 Mon Sep 17 00:00:00 2001
+From: Haiyang Zhang <haiyangz@microsoft.com>
+Date: Sun, 9 Mar 2014 16:10:59 -0700
+Subject: hyperv: Change the receive buffer size for legacy hosts
+
+Due to a bug in the Hyper-V host verion 2008R2, we need to use a slightly smaller
+receive buffer size, otherwise the buffer will not be accepted by the legacy hosts.
+
+Signed-off-by: Haiyang Zhang <haiyangz@microsoft.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+
+diff --git a/drivers/net/hyperv/hyperv_net.h b/drivers/net/hyperv/hyperv_net.h
+index 7d06b49..13010b4 100644
+--- a/drivers/net/hyperv/hyperv_net.h
++++ b/drivers/net/hyperv/hyperv_net.h
+@@ -513,6 +513,7 @@ struct nvsp_message {
+ #define NETVSC_MTU 65536
+
+ #define NETVSC_RECEIVE_BUFFER_SIZE (1024*1024*16) /* 16MB */
++#define NETVSC_RECEIVE_BUFFER_SIZE_LEGACY (1024*1024*15) /* 15MB */
+
+ #define NETVSC_RECEIVE_BUFFER_ID 0xcafe
+
+diff --git a/drivers/net/hyperv/netvsc.c b/drivers/net/hyperv/netvsc.c
+index 1a0280d..daddea2 100644
+--- a/drivers/net/hyperv/netvsc.c
++++ b/drivers/net/hyperv/netvsc.c
+@@ -365,6 +365,11 @@ static int netvsc_connect_vsp(struct hv_device *device)
+ goto cleanup;
+
+ /* Post the big receive buffer to NetVSP */
++ if (net_device->nvsp_version <= NVSP_PROTOCOL_VERSION_2)
++ net_device->recv_buf_size = NETVSC_RECEIVE_BUFFER_SIZE_LEGACY;
++ else
++ net_device->recv_buf_size = NETVSC_RECEIVE_BUFFER_SIZE;
++
+ ret = netvsc_init_recv_buf(device);
+
+ cleanup:
+@@ -898,7 +903,6 @@ int netvsc_device_add(struct hv_device *device, void *additional_info)
+ ndev = net_device->ndev;
+
+ /* Initialize the NetVSC channel extension */
+- net_device->recv_buf_size = NETVSC_RECEIVE_BUFFER_SIZE;
+ spin_lock_init(&net_device->recv_pkt_list_lock);
+
+ INIT_LIST_HEAD(&net_device->recv_pkt_list);
+--
+cgit v0.10.2
+
+++ /dev/null
-From 7f558e6e8abee42cc966e2cb64be0de875797e07 Mon Sep 17 00:00:00 2001
-From: Arne Fitzenreiter <arne_f@ipfire.org>
-Date: Fri, 20 Feb 2015 10:01:26 +0100
-Subject: [PATCH] sun7i: dts: lamobo-r1: fix sata pwr regulator pin.
-
-Lamobo-R1 use PB3 instead of PB8 for controlling the SATA power regulator.
----
- arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts | 18 ++++++++++++++++++
- 1 file changed, 18 insertions(+)
-
-diff --git a/arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts b/arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts
-index 1eb6c9b..d634d2f 100644
---- a/arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts
-+++ b/arch/arm/boot/dts/sun7i-a20-lamobo-r1.dts
-@@ -166,6 +166,16 @@
- reg = <1>;
- };
- };
-+
-+ pio: pinctrl@01c20800 {
-+ ahci_pwr_pin_a: ahci_pwr_pin@0 {
-+ allwinner,pins = "PB3";
-+ allwinner,function = "gpio_out";
-+ allwinner,drive = <0>;
-+ allwinner,pull = <0>;
-+ };
-+ };
-+
- };
-
- leds {
-@@ -181,6 +191,14 @@
- };
-
- reg_ahci_5v: ahci-5v {
-+ compatible = "regulator-fixed";
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&ahci_pwr_pin_a>;
-+ regulator-name = "ahci-5v";
-+ regulator-min-microvolt = <5000000>;
-+ regulator-max-microvolt = <5000000>;
-+ enable-active-high;
-+ gpio = <&pio 1 3 0>;
- status = "okay";
- };
-
---
-1.8.5.2
-
--- /dev/null
+Submitted By: Armin K. <krejzi at email dot com>
+Date: 2015-01-23
+Initial Package Version: 1.0.1e
+Upstream Status: Unknown
+Origin: https://github.com/Alexpux/Qt-builds/tree/master/patches/openssl
+Description: Fixes build when using more than one make job to build the package.
+
+--- a/crypto/Makefile 2015-01-22 17:12:09.000000000 +0100
++++ b/crypto/Makefile 2015-01-23 16:42:13.460175569 +0100
+@@ -85,11 +85,11 @@
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+ subdirs:
+- @target=all; $(RECURSIVE_MAKE)
++ +@target=all; $(RECURSIVE_MAKE)
+
+ files:
+ $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
+- @target=files; $(RECURSIVE_MAKE)
++ +@target=files; $(RECURSIVE_MAKE)
+
+ links:
+ @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+@@ -100,7 +100,7 @@
+ # lib: $(LIB): are splitted to avoid end-less loop
+ lib: $(LIB)
+ @touch lib
+-$(LIB): $(LIBOBJ)
++$(LIB): $(LIBOBJ) | subdirs
+ $(AR) $(LIB) $(LIBOBJ)
+ test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
+ $(RANLIB) $(LIB) || echo Never mind.
+@@ -111,7 +111,7 @@
+ fi
+
+ libs:
+- @target=lib; $(RECURSIVE_MAKE)
++ +@target=lib; $(RECURSIVE_MAKE)
+
+ install:
+ @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+@@ -120,7 +120,7 @@
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+- @target=install; $(RECURSIVE_MAKE)
++ +@target=install; $(RECURSIVE_MAKE)
+
+ lint:
+ @target=lint; $(RECURSIVE_MAKE)
+--- a/engines/Makefile 2015-01-22 17:12:24.000000000 +0100
++++ b/engines/Makefile 2015-01-23 16:42:13.461175596 +0100
+@@ -72,7 +72,7 @@
+
+ all: lib subdirs
+
+-lib: $(LIBOBJ)
++lib: $(LIBOBJ) | subdirs
+ @if [ -n "$(SHARED_LIBS)" ]; then \
+ set -e; \
+ for l in $(LIBNAMES); do \
+@@ -89,7 +89,7 @@
+
+ subdirs:
+ echo $(EDIRS)
+- @target=all; $(RECURSIVE_MAKE)
++ +@target=all; $(RECURSIVE_MAKE)
+
+ files:
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+@@ -128,7 +128,7 @@
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
+ done; \
+ fi
+- @target=install; $(RECURSIVE_MAKE)
++ +@target=install; $(RECURSIVE_MAKE)
+
+ tags:
+ ctags $(SRC)
+--- a/Makefile.org 2015-01-22 15:58:06.000000000 +0100
++++ b/Makefile.org 2015-01-23 16:42:13.461175596 +0100
+@@ -274,17 +274,17 @@
+ build_libs: build_crypto build_ssl build_engines
+
+ build_crypto:
+- @dir=crypto; target=all; $(BUILD_ONE_CMD)
+-build_ssl:
+- @dir=ssl; target=all; $(BUILD_ONE_CMD)
+-build_engines:
+- @dir=engines; target=all; $(BUILD_ONE_CMD)
+-build_apps:
+- @dir=apps; target=all; $(BUILD_ONE_CMD)
+-build_tests:
+- @dir=test; target=all; $(BUILD_ONE_CMD)
+-build_tools:
+- @dir=tools; target=all; $(BUILD_ONE_CMD)
++ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
++build_ssl: build_crypto
++ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
++build_engines: build_crypto
++ +@dir=engines; target=all; $(BUILD_ONE_CMD)
++build_apps: build_libs
++ +@dir=apps; target=all; $(BUILD_ONE_CMD)
++build_tests: build_libs
++ +@dir=test; target=all; $(BUILD_ONE_CMD)
++build_tools: build_libs
++ +@dir=tools; target=all; $(BUILD_ONE_CMD)
+
+ all_testapps: build_libs build_testapps
+ build_testapps:
+@@ -536,9 +536,9 @@
+ dist_pem_h:
+ (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
+
+-install: all install_docs install_sw
++install: install_docs install_sw
+
+-install_sw:
++install_dirs:
+ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
+@@ -547,12 +547,19 @@
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
+ $(INSTALL_PREFIX)$(OPENSSLDIR)/private
++ @$(PERL) $(TOP)/util/mkdir-p.pl \
++ $(INSTALL_PREFIX)$(MANDIR)/man1 \
++ $(INSTALL_PREFIX)$(MANDIR)/man3 \
++ $(INSTALL_PREFIX)$(MANDIR)/man5 \
++ $(INSTALL_PREFIX)$(MANDIR)/man7
++
++install_sw: install_dirs
+ @set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+ do \
+ if [ -f "$$i" ]; then \
+@@ -636,12 +643,7 @@
+ done; \
+ done
+
+-install_docs:
+- @$(PERL) $(TOP)/util/mkdir-p.pl \
+- $(INSTALL_PREFIX)$(MANDIR)/man1 \
+- $(INSTALL_PREFIX)$(MANDIR)/man3 \
+- $(INSTALL_PREFIX)$(MANDIR)/man5 \
+- $(INSTALL_PREFIX)$(MANDIR)/man7
++install_docs: install_dirs
+ @pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
+ here="`pwd`"; \
+ filecase=; \
+--- a/Makefile.shared 2015-01-20 13:33:36.000000000 +0100
++++ b/Makefile.shared 2015-01-23 16:42:13.461175596 +0100
+@@ -105,6 +105,7 @@
+ SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
+ LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
+ LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
++ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
+ LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
+ $${SHAREDCMD} $${SHAREDFLAGS} \
+ -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
+@@ -122,6 +123,7 @@
+ done; \
+ fi; \
+ if [ -n "$$SHLIB_SOVER" ]; then \
++ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
+ ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
+ ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
+ fi; \
+--- a/test/Makefile 2015-01-22 17:12:26.000000000 +0100
++++ b/test/Makefile 2015-01-23 16:42:13.461175596 +0100
+@@ -132,7 +132,7 @@
+ tags:
+ ctags $(SRC)
+
+-tests: exe apps $(TESTS)
++tests: exe $(TESTS)
+
+ apps:
+ @(cd ..; $(MAKE) DIRS=apps all)
+@@ -398,109 +398,109 @@
+ link_app.$${shlib_target}
+
+ $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
+- @target=$(RSATEST); $(BUILD_CMD)
++ +@target=$(RSATEST); $(BUILD_CMD)
+
+ $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
+- @target=$(BNTEST); $(BUILD_CMD)
++ +@target=$(BNTEST); $(BUILD_CMD)
+
+ $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
+- @target=$(ECTEST); $(BUILD_CMD)
++ +@target=$(ECTEST); $(BUILD_CMD)
+
+ $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
+- @target=$(EXPTEST); $(BUILD_CMD)
++ +@target=$(EXPTEST); $(BUILD_CMD)
+
+ $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
+- @target=$(IDEATEST); $(BUILD_CMD)
++ +@target=$(IDEATEST); $(BUILD_CMD)
+
+ $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
+- @target=$(MD2TEST); $(BUILD_CMD)
++ +@target=$(MD2TEST); $(BUILD_CMD)
+
+ $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
+- @target=$(SHATEST); $(BUILD_CMD)
++ +@target=$(SHATEST); $(BUILD_CMD)
+
+ $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
+- @target=$(SHA1TEST); $(BUILD_CMD)
++ +@target=$(SHA1TEST); $(BUILD_CMD)
+
+ $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
+- @target=$(SHA256TEST); $(BUILD_CMD)
++ +@target=$(SHA256TEST); $(BUILD_CMD)
+
+ $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
+- @target=$(SHA512TEST); $(BUILD_CMD)
++ +@target=$(SHA512TEST); $(BUILD_CMD)
+
+ $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
+- @target=$(RMDTEST); $(BUILD_CMD)
++ +@target=$(RMDTEST); $(BUILD_CMD)
+
+ $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
+- @target=$(MDC2TEST); $(BUILD_CMD)
++ +@target=$(MDC2TEST); $(BUILD_CMD)
+
+ $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
+- @target=$(MD4TEST); $(BUILD_CMD)
++ +@target=$(MD4TEST); $(BUILD_CMD)
+
+ $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
+- @target=$(MD5TEST); $(BUILD_CMD)
++ +@target=$(MD5TEST); $(BUILD_CMD)
+
+ $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
+- @target=$(HMACTEST); $(BUILD_CMD)
++ +@target=$(HMACTEST); $(BUILD_CMD)
+
+ $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
+- @target=$(WPTEST); $(BUILD_CMD)
++ +@target=$(WPTEST); $(BUILD_CMD)
+
+ $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
+- @target=$(RC2TEST); $(BUILD_CMD)
++ +@target=$(RC2TEST); $(BUILD_CMD)
+
+ $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
+- @target=$(BFTEST); $(BUILD_CMD)
++ +@target=$(BFTEST); $(BUILD_CMD)
+
+ $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
+- @target=$(CASTTEST); $(BUILD_CMD)
++ +@target=$(CASTTEST); $(BUILD_CMD)
+
+ $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
+- @target=$(RC4TEST); $(BUILD_CMD)
++ +@target=$(RC4TEST); $(BUILD_CMD)
+
+ $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
+- @target=$(RC5TEST); $(BUILD_CMD)
++ +@target=$(RC5TEST); $(BUILD_CMD)
+
+ $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
+- @target=$(DESTEST); $(BUILD_CMD)
++ +@target=$(DESTEST); $(BUILD_CMD)
+
+ $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
+- @target=$(RANDTEST); $(BUILD_CMD)
++ +@target=$(RANDTEST); $(BUILD_CMD)
+
+ $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
+- @target=$(DHTEST); $(BUILD_CMD)
++ +@target=$(DHTEST); $(BUILD_CMD)
+
+ $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
+- @target=$(DSATEST); $(BUILD_CMD)
++ +@target=$(DSATEST); $(BUILD_CMD)
+
+ $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
+- @target=$(METHTEST); $(BUILD_CMD)
++ +@target=$(METHTEST); $(BUILD_CMD)
+
+ $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
++ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
+
+ $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
+- @target=$(ENGINETEST); $(BUILD_CMD)
++ +@target=$(ENGINETEST); $(BUILD_CMD)
+
+ $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
+- @target=$(EVPTEST); $(BUILD_CMD)
++ +@target=$(EVPTEST); $(BUILD_CMD)
+
+ $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
+- @target=$(ECDSATEST); $(BUILD_CMD)
++ +@target=$(ECDSATEST); $(BUILD_CMD)
+
+ $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
+- @target=$(ECDHTEST); $(BUILD_CMD)
++ +@target=$(ECDHTEST); $(BUILD_CMD)
+
+ $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
+- @target=$(IGETEST); $(BUILD_CMD)
++ +@target=$(IGETEST); $(BUILD_CMD)
+
+ $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
+- @target=$(JPAKETEST); $(BUILD_CMD)
++ +@target=$(JPAKETEST); $(BUILD_CMD)
+
+ $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
+- @target=$(ASN1TEST); $(BUILD_CMD)
++ +@target=$(ASN1TEST); $(BUILD_CMD)
+
+ $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+- @target=$(SRPTEST); $(BUILD_CMD)
++ +@target=$(SRPTEST); $(BUILD_CMD)
+
+ $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
+ @target=$(V3NAMETEST); $(BUILD_CMD)
+@@ -522,7 +522,7 @@
+ # fi
+
+ dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
+- @target=dummytest; $(BUILD_CMD)
++ +@target=dummytest; $(BUILD_CMD)
+
+ # DO NOT DELETE THIS LINE -- make depend depends on it.
+
-diff -up openssl-1.0.1e/Configure.rpmbuild openssl-1.0.1e/Configure
---- openssl-1.0.1e/Configure.rpmbuild 2014-08-13 19:19:53.211005598 +0200
-+++ openssl-1.0.1e/Configure 2014-08-13 19:29:21.704099285 +0200
-@@ -1675,7 +1676,7 @@ while (<IN>)
+diff -Nur openssl-1.0.2a-vanilla/Configure openssl-1.0.2a/Configure
+--- openssl-1.0.2a-vanilla/Configure 2015-03-19 13:30:36.000000000 +0000
++++ openssl-1.0.2a/Configure 2015-04-23 10:31:41.336569854 +0000
+@@ -348,7 +348,7 @@
+ ####
+ # *-generic* is endian-neutral target, but ./config is free to
+ # throw in -D[BL]_ENDIAN, whichever appropriate...
+-"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-generic32","gcc:\$(CFLAGS) -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC:\$(CFLAGS):.so.\$(SHLIB_SONAMEVER)",
+ "linux-ppc", "gcc:-DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ #######################################################################
+@@ -389,7 +389,7 @@
+ "linux64-mips64", "gcc:-mabi=64 -O3 -Wall -DBN_DIV3W::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips64_asm}:64:dlfcn:linux-shared:-fPIC:-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+ #### IA-32 targets...
+ "linux-ia32-icc", "icc:-DL_ENDIAN -O2::-D_REENTRANT::-ldl -no_cpprt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+-"linux-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-elf", "gcc:-DL_ENDIAN \$(CFLAGS) -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_SONAMEVER)",
+ "linux-aout", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
+ ####
+ "linux-generic64","gcc:-O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+@@ -1737,7 +1737,7 @@
elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
{
my $sotmp = $1;
}
elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
{
-diff -up openssl-1.0.1e/Makefile.org.rpmbuild openssl-1.0.1e/Makefile.org
---- openssl-1.0.1e/Makefile.org.rpmbuild 2013-02-11 16:26:04.000000000 +0100
-+++ openssl-1.0.1e/Makefile.org 2014-08-13 19:19:53.218005759 +0200
-@@ -10,6 +10,7 @@ SHLIB_VERSION_HISTORY=
+diff -Nur openssl-1.0.2a-vanilla/Makefile.org openssl-1.0.2a/Makefile.org
+--- openssl-1.0.2a-vanilla/Makefile.org 2015-03-19 13:30:36.000000000 +0000
++++ openssl-1.0.2a/Makefile.org 2015-04-23 10:30:03.184371933 +0000
+@@ -10,6 +10,7 @@
SHLIB_MAJOR=
SHLIB_MINOR=
SHLIB_EXT=
PLATFORM=dist
OPTIONS=
CONFIGURE_ARGS=
-@@ -333,10 +334,9 @@ clean-shared:
+@@ -335,10 +336,9 @@
link-shared:
@ set -e; for i in $(SHLIBDIRS); do \
$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
done
build-shared: do_$(SHLIB_TARGET) link-shared
-@@ -347,7 +347,7 @@ do_$(SHLIB_TARGET):
+@@ -349,7 +349,7 @@
libs="$(LIBKRB5) $$libs"; \
fi; \
$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
LIBDEPS="$$libs $(EX_LIBS)" \
link_a.$(SHLIB_TARGET); \
---- a/Configure.old 2015-03-19 18:10:45.101201021 +0000
-+++ b/Configure 2015-03-19 18:11:19.324547495 +0000
-@@ -345,14 +345,14 @@
- ####
- # *-generic* is endian-neutral target, but ./config is free to
- # throw in -D[BL]_ENDIAN, whichever appropriate...
--"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_SONAMEVER)",
- "linux-ppc", "gcc:-DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- # It's believed that majority of ARM toolchains predefine appropriate -march.
- # If you compiler does not, do complement config command line with one!
- "linux-armv4", "gcc:-O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
- #### IA-32 targets...
- "linux-ia32-icc", "icc:-DL_ENDIAN -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--"linux-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"linux-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_SONAMEVER)",
- "linux-aout", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
- ####
- "linux-generic64","gcc:-O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
--- /dev/null
+diff -Naur openssl-1.0.2a.org/crypto/engine/eng_all.c openssl-1.0.2a/crypto/engine/eng_all.c
+--- openssl-1.0.2a.org/crypto/engine/eng_all.c 2015-03-19 14:30:36.000000000 +0100
++++ openssl-1.0.2a/crypto/engine/eng_all.c 2015-04-27 12:27:05.063569969 +0200
+@@ -120,6 +120,14 @@
+ ENGINE_load_capi();
+ # endif
+ #endif
++#ifdef OPENSSL_NO_STATIC_ENGINE
++ ENGINE *e;
++ e = ENGINE_by_id("padlock");
++ if (e != NULL) {
++ ENGINE_add(e);
++ ENGINE_free(e);
++ }
++#endif
+ ENGINE_register_all_complete();
+ }
+
+diff -Naur openssl-1.0.2a.org/ssl/ssl_algs.c openssl-1.0.2a/ssl/ssl_algs.c
+--- openssl-1.0.2a.org/ssl/ssl_algs.c 2015-03-19 14:30:36.000000000 +0100
++++ openssl-1.0.2a/ssl/ssl_algs.c 2015-04-27 11:04:27.893399695 +0200
+@@ -151,5 +151,12 @@
+ #endif
+ /* initialize cipher/digest methods table */
+ ssl_load_ciphers();
++
++ /* Init available hardware crypto engines */
++ ENGINE_load_builtin_engines();
++ ENGINE_register_all_complete();
++ ENGINE * padlock = ENGINE_by_id("padlock");
++ if (padlock) ENGINE_set_default_ciphers(padlock);
++
+ return (1);
+ }
--- /dev/null
+diff -Naur openssl-1.0.2a.org/crypto/x86cpuid.pl openssl-1.0.2a/crypto/x86cpuid.pl
+--- openssl-1.0.2a.org/crypto/x86cpuid.pl 2015-03-19 14:30:36.000000000 +0100
++++ openssl-1.0.2a/crypto/x86cpuid.pl 2015-04-28 13:47:57.853521020 +0200
+@@ -71,6 +71,7 @@
+ &mov ("eax",1);
+ &xor ("ecx","ecx");
+ &cpuid ();
++ &and ("ecx",0xfffffdff); # clear SSSE3 because it is incredible slow on AMD's
+ &bt ("edx",28);
+ &jnc (&label("generic"));
+ &shr ("ebx",16);
+++ /dev/null
-diff -Naur qemu-kvm-0.15.0.org/hw/9pfs/virtio-9p-local.c qemu-kvm-0.15.0/hw/9pfs/virtio-9p-local.c
---- qemu-kvm-0.15.0.org/hw/9pfs/virtio-9p-local.c 2011-08-09 14:40:29.000000000 +0200
-+++ qemu-kvm-0.15.0/hw/9pfs/virtio-9p-local.c 2011-08-14 10:31:22.711480316 +0200
-@@ -21,6 +21,16 @@
- #include <sys/un.h>
- #include <attr/xattr.h>
-
-+#ifndef AT_FDCWD
-+/* Copied from linux/include/linux/fcntl.h * because direct include fails */
-+#define AT_FDCWD -100 /* Special value used to indicate
-+ openat should use the current
-+ working directory. */
-+#define AT_SYMLINK_NOFOLLOW 0x100 /* Do not follow symbolic links. */
-+#define AT_REMOVEDIR 0x200 /* Remove directory instead of
-+ unlinking file. */
-+#define AT_SYMLINK_FOLLOW 0x400 /* Follow symbolic links. */
-+#endif
-
- static int local_lstat(FsContext *fs_ctx, const char *path, struct stat *stbuf)
- {
-diff -Naur qemu-kvm-0.15.0.org/linux-user/syscall.c qemu-kvm-0.15.0/linux-user/syscall.c
---- qemu-kvm-0.15.0.org/linux-user/syscall.c 2011-08-09 14:40:29.000000000 +0200
-+++ qemu-kvm-0.15.0/linux-user/syscall.c 2011-08-14 12:43:43.190231600 +0200
-@@ -971,6 +971,16 @@
- return result;
- }
-
-+/* Copied from linux/include/asm/resource.h * because direct include fails */
-+
-+#ifndef RLIMIT_NICE
-+#define RLIMIT_NICE 13 /* max nice prio allowed to raise to
-+ 0-39 for nice level 19 .. -20 */
-+#endif
-+#ifndef RLIMIT_RTPRIO
-+#define RLIMIT_RTPRIO 14 /* maximum realtime priority */
-+#endif
-+
- static inline int target_to_host_resource(int code)
- {
- switch (code) {
+++ /dev/null
-commit 650a3ad5151958b99a95836fb8b84b8aa18da1be
-Author: Tobias Brunner <tobias@strongswan.org>
-Date: Wed Feb 25 08:09:11 2015 +0100
-
- ike-sa-manager: Make sure the message ID of initial messages is 0
-
- It is mandated by the RFCs and it is expected by the task managers.
-
- Initial messages with invalid MID will be treated like regular messages,
- so no IKE_SA will be created for them. Instead, if the responder SPI is 0
- no SA will be found and the message is rejected with ALERT_INVALID_IKE_SPI.
- If an SPI is set and we do find an SA, then we either ignore the message
- because the MID is unexpected, or because we don't allow initial messages
- on established connections.
-
- There is one exception, though, if an attacker can slip in an IKE_SA_INIT
- with both SPIs set before the client's IKE_AUTH is handled by the server,
- it does get processed (see next commit).
-
- References #816.
-
-diff --git a/src/libcharon/sa/ike_sa_manager.c b/src/libcharon/sa/ike_sa_manager.c
-index d0cbd47..5e2b925 100644
---- a/src/libcharon/sa/ike_sa_manager.c
-+++ b/src/libcharon/sa/ike_sa_manager.c
-@@ -1184,7 +1184,8 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
-
- DBG2(DBG_MGR, "checkout IKE_SA by message");
-
-- if (id->get_responder_spi(id) == 0)
-+ if (id->get_responder_spi(id) == 0 &&
-+ message->get_message_id(message) == 0)
- {
- if (message->get_major_version(message) == IKEV2_MAJOR_VERSION)
- {
+++ /dev/null
-commit dd0ebb54837298c869389d36a0b42eefdb893dd6
-Author: Tobias Brunner <tobias@strongswan.org>
-Date: Wed Feb 25 08:30:33 2015 +0100
-
- ikev2: Only accept initial messages in specific states
-
- The previous code allowed an attacker to slip in an IKE_SA_INIT with
- both SPIs and MID 1 set when an IKE_AUTH would be expected instead.
-
- References #816.
-
-diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
-index be84e71..540d4dc 100644
---- a/src/libcharon/sa/ikev2/task_manager_v2.c
-+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
-@@ -1304,17 +1304,16 @@ METHOD(task_manager_t, process_message, status_t,
- {
- if (mid == this->responding.mid)
- {
-- /* reject initial messages once established */
-- if (msg->get_exchange_type(msg) == IKE_SA_INIT ||
-- msg->get_exchange_type(msg) == IKE_AUTH)
-+ /* reject initial messages if not received in specific states */
-+ if ((msg->get_exchange_type(msg) == IKE_SA_INIT &&
-+ this->ike_sa->get_state(this->ike_sa) != IKE_CREATED) ||
-+ (msg->get_exchange_type(msg) == IKE_AUTH &&
-+ this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING))
- {
-- if (this->ike_sa->get_state(this->ike_sa) != IKE_CREATED &&
-- this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING)
-- {
-- DBG1(DBG_IKE, "ignoring %N in established IKE_SA state",
-- exchange_type_names, msg->get_exchange_type(msg));
-- return FAILED;
-- }
-+ DBG1(DBG_IKE, "ignoring %N in IKE_SA state %N",
-+ exchange_type_names, msg->get_exchange_type(msg),
-+ ike_sa_state_names, this->ike_sa->get_state(this->ike_sa));
-+ return FAILED;
- }
- if (!this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE))
- { /* with MOBIKE, we do no implicit updates */
+++ /dev/null
-commit eb251906298b529fa53b8a99746a9a7a9f318dd5
-Author: Tobias Brunner <tobias@strongswan.org>
-Date: Wed Feb 25 08:18:58 2015 +0100
-
- ikev2: Don't destroy the SA if an IKE_SA_INIT with unexpected MID is received
-
- This reverts 8f727d800751 ("Clean up IKE_SA state if IKE_SA_INIT request
- does not have message ID 0") because it allowed to close any IKE_SA by
- sending an IKE_SA_INIT with an unexpected MID and both SPIs set to those
- of that SA.
-
- The next commit will prevent SAs from getting created for IKE_SA_INIT messages
- with invalid MID.
-
- Fixes #816.
-
-diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
-index 48266aa..be84e71 100644
---- a/src/libcharon/sa/ikev2/task_manager_v2.c
-+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
-@@ -1355,10 +1355,6 @@ METHOD(task_manager_t, process_message, status_t,
- {
- DBG1(DBG_IKE, "received message ID %d, expected %d. Ignored",
- mid, this->responding.mid);
-- if (msg->get_exchange_type(msg) == IKE_SA_INIT)
-- { /* clean up IKE_SA state if IKE_SA_INIT has invalid msg ID */
-- return DESTROY_ME;
-- }
- }
- }
- else
+++ /dev/null
-From cd2c30a56ec9bdab8b3923851509f27a4fd6f537 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias@strongswan.org>
-Date: Tue, 10 Feb 2015 19:03:44 +0100
-Subject: [PATCH] ikev1: Set protocol ID and SPIs in INITIAL-CONTACT
- notification payloads
-
-The payload we sent before is not compliant with RFC 2407 and thus some
-peers might abort negotiation (e.g. with an INVALID-PROTOCOL-ID error).
-
- #819
----
- src/libcharon/sa/ikev1/tasks/main_mode.c | 15 +++++++++++++--
- 1 file changed, 13 insertions(+), 2 deletions(-)
-
-diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c
-index 5065e70..3ea4a2a 100644
---- a/src/libcharon/sa/ikev1/tasks/main_mode.c
-+++ b/src/libcharon/sa/ikev1/tasks/main_mode.c
-@@ -213,6 +213,10 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
- {
- identification_t *idr;
- host_t *host;
-+ notify_payload_t *notify;
-+ ike_sa_id_t *ike_sa_id;
-+ u_int64_t spi_i, spi_r;
-+ chunk_t spi;
-
- idr = this->ph1->get_id(this->ph1, this->peer_cfg, FALSE);
- if (idr && !idr->contains_wildcards(idr))
-@@ -224,8 +228,15 @@ static void add_initial_contact(private_main_mode_t *this, message_t *message,
- if (!charon->ike_sa_manager->has_contact(charon->ike_sa_manager,
- idi, idr, host->get_family(host)))
- {
-- message->add_notify(message, FALSE, INITIAL_CONTACT_IKEV1,
-- chunk_empty);
-+ notify = notify_payload_create_from_protocol_and_type(
-+ PLV1_NOTIFY, PROTO_IKE, INITIAL_CONTACT_IKEV1);
-+ ike_sa_id = this->ike_sa->get_id(this->ike_sa);
-+ spi_i = ike_sa_id->get_initiator_spi(ike_sa_id);
-+ spi_r = ike_sa_id->get_responder_spi(ike_sa_id);
-+ spi = chunk_cata("cc", chunk_from_thing(spi_i),
-+ chunk_from_thing(spi_r));
-+ notify->set_spi_data(notify, spi);
-+ message->add_payload(message, (payload_t*)notify);
- }
- }
- }
---
-1.7.9.5
-
--- /dev/null
+--- strongswan-5.3.1/scripts/Makefile.am.old 2015-06-04 17:20:43.539244145 +0000
++++ strongswan-5.3.1/scripts/Makefile.am 2015-06-04 17:20:51.760510631 +0000
+@@ -42,7 +42,7 @@
+ dnssec_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
+ aes_test_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
+ settings_test_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
+-timeattack_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
++timeattack_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la $(RTLIB)
+
+ key2keyid.o : $(top_builddir)/config.status
+
---- a/src/_updown/_updown.in
-+++ b/src/_updown/_updown.in
-@@ -178,6 +178,29 @@
- ;;
- esac
+--- strongswan-5.3.0/src/_updown/_updown.in.old 2015-03-17 18:17:43.000000000 +0000
++++ strongswan-5.3.0/src/_updown/_updown.in 2015-03-30 22:48:27.084030719 +0000
+@@ -122,6 +122,29 @@
+ # address family.
+ #
+function ip_encode() {
+ local IFS=.
+ [ $vlsm -eq 0 ] && echo 0 || echo $(( -1 << $(( 32 - $vlsm )) ))
+}
+
- # utility functions for route manipulation
- # Meddling with this stuff should not be necessary and requires great care.
- uproute() {
-@@ -407,12 +430,12 @@
+ # define a minimum PATH environment in case it is not set
+ PATH="/sbin:/bin:/usr/sbin:/usr/bin:@sbindir@"
+ export PATH
+@@ -232,12 +255,12 @@
# connection to me, with (left/right)firewall=yes, coming up
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
- iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ iptables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ iptables --wait -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
- iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ iptables -I IPSECOUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ iptables --wait -I IPSECOUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \
- -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
+ -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j MARK --set-mark 50
#
# allow IPIP traffic because of the implicit SA created by the kernel if
# IPComp is used (for small inbound packets that are not compressed)
-@@ -428,10 +451,10 @@
+@@ -253,10 +276,10 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
fi
fi
;;
-@@ -439,12 +462,12 @@
+@@ -264,12 +287,12 @@
# connection to me, with (left/right)firewall=yes, going down
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
- iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ iptables -D IPSECINPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ iptables --wait -D IPSECINPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
- iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ iptables -D IPSECOUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ iptables --wait -D IPSECOUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \
- -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
+ -d $PLUTO_PEER_CLIENT $D_PEER_PORT -j MARK --set-mark 50
#
# IPIP exception teardown
if [ -n "$PLUTO_IPCOMP" ]
-@@ -459,10 +482,10 @@
+@@ -284,10 +307,10 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
fi
fi
;;
-@@ -472,24 +495,24 @@
+@@ -297,24 +320,24 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ]
then
- iptables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ iptables -I IPSECFORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ iptables --wait -I IPSECFORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
- -d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j ACCEPT
- iptables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
+ -d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j MARK --set-mark 50
-+ iptables -I IPSECFORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ iptables --wait -I IPSECFORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
- -d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
+ -d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j RETURN
if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ]
then
- iptables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ iptables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ iptables --wait -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
- -d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
- iptables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
+ -d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j RETURN
-+ iptables -I IPSECOUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ iptables --wait -I IPSECOUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
- -d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j ACCEPT
+ -d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j MARK --set-mark 50
fi
#
# allow IPIP traffic because of the implicit SA created by the kernel if
-@@ -497,7 +520,7 @@
+@@ -322,7 +345,7 @@
# INPUT is correct here even for forwarded traffic.
if [ -n "$PLUTO_IPCOMP" ]
then
- iptables -I INPUT 1 -i $PLUTO_INTERFACE -p 4 \
-+ iptables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p 4 \
++ iptables --wait -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p 4 \
-s $PLUTO_PEER -d $PLUTO_ME $IPSEC_POLICY_IN -j ACCEPT
fi
#
-@@ -507,12 +530,51 @@
+@@ -332,12 +355,51 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO \
+
+ #
+ # Open Firewall for IPinIP + AH + ESP Traffic
-+ iptables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p IP \
++ iptables --wait -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p IP \
+ -s $PLUTO_PEER $S_PEER_PORT \
+ -d $PLUTO_ME $D_MY_PORT -j ACCEPT
-+ iptables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p AH \
++ iptables --wait -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p AH \
+ -s $PLUTO_PEER $S_PEER_PORT \
+ -d $PLUTO_ME $D_MY_PORT -j ACCEPT
-+ iptables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p ESP \
++ iptables --wait -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p ESP \
+ -s $PLUTO_PEER $S_PEER_PORT \
+ -d $PLUTO_ME $D_MY_PORT -j ACCEPT
+ if [ $VPN_LOGGING ]
+ done
+
+ if [ -n "${src}" ]; then
-+ iptables -t nat -A IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src
++ iptables --wait -t nat -A IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src
+ logger -t $TAG -p $FAC_PRIO \
+ "snat+ $PLUTO_INTERFACE-$PLUTO_ME : $PLUTO_PEER_CLIENT - $src"
+ else
;;
down-client:iptables)
# connection to client subnet, with (left/right)firewall=yes, going down
-@@ -520,34 +582,34 @@
+@@ -345,34 +407,34 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/32" ]
then
- iptables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ iptables -D IPSECFORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ iptables --wait -D IPSECFORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT \
- $IPSEC_POLICY_OUT -j ACCEPT
- iptables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
+ $IPSEC_POLICY_OUT -j MARK --set-mark 50
-+ iptables -D IPSECFORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ iptables --wait -D IPSECFORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT \
- $IPSEC_POLICY_IN -j ACCEPT
if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ]
then
- iptables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ iptables -D IPSECINPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ iptables --wait -D IPSECINPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT \
- $IPSEC_POLICY_IN -j ACCEPT
- iptables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
+ $IPSEC_POLICY_IN -j RETURN
-+ iptables -D IPSECOUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ iptables --wait -D IPSECOUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT \
- $IPSEC_POLICY_OUT -j ACCEPT
if [ -n "$PLUTO_IPCOMP" ]
then
- iptables -D INPUT -i $PLUTO_INTERFACE -p 4 \
-+ iptables -D IPSECINPUT -i $PLUTO_INTERFACE -p 4 \
++ iptables --wait -D IPSECINPUT -i $PLUTO_INTERFACE -p 4 \
-s $PLUTO_PEER -d $PLUTO_ME $IPSEC_POLICY_IN -j ACCEPT
fi
#
-@@ -557,12 +619,51 @@
+@@ -382,12 +444,51 @@
if [ "$PLUTO_PEER_CLIENT" = "$PLUTO_PEER/32" ]
then
logger -t $TAG -p $FAC_PRIO -- \
+
+ #
+ # Close Firewall for IPinIP + AH + ESP Traffic
-+ iptables -D IPSECINPUT -i $PLUTO_INTERFACE -p IP \
++ iptables --wait -D IPSECINPUT -i $PLUTO_INTERFACE -p IP \
+ -s $PLUTO_PEER $S_PEER_PORT \
+ -d $PLUTO_ME $D_MY_PORT -j ACCEPT
-+ iptables -D IPSECINPUT -i $PLUTO_INTERFACE -p AH \
++ iptables --wait -D IPSECINPUT -i $PLUTO_INTERFACE -p AH \
+ -s $PLUTO_PEER $S_PEER_PORT \
+ -d $PLUTO_ME $D_MY_PORT -j ACCEPT
-+ iptables -D IPSECINPUT -i $PLUTO_INTERFACE -p ESP \
++ iptables --wait -D IPSECINPUT -i $PLUTO_INTERFACE -p ESP \
+ -s $PLUTO_PEER $S_PEER_PORT \
+ -d $PLUTO_ME $D_MY_PORT -j ACCEPT
+ if [ $VPN_LOGGING ]
+ done
+
+ if [ -n "${src}" ]; then
-+ iptables -t nat -D IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src
++ iptables --wait -t nat -D IPSECNAT -o $PLUTO_INTERFACE -s $PLUTO_ME -d $PLUTO_PEER_CLIENT -j SNAT --to $src
+ logger -t $TAG -p $FAC_PRIO \
+ "snat- $PLUTO_INTERFACE-$PLUTO_ME : $PLUTO_PEER_CLIENT - $src"
+ else
;;
#
# IPv6
-@@ -597,10 +698,10 @@
+@@ -412,10 +513,10 @@
# connection to me, with (left/right)firewall=yes, coming up
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
- ip6tables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ ip6tables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ ip6tables --wait -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
- ip6tables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ ip6tables -I IPSECOUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ ip6tables --wait -I IPSECOUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
#
-@@ -621,10 +722,10 @@
+@@ -436,10 +537,10 @@
# connection to me, with (left/right)firewall=yes, going down
# This is used only by the default updown script, not by your custom
# ones, so do not mess with it; see CAUTION comment up at top.
- ip6tables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ ip6tables -D IPSECINPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ ip6tables --wait -D IPSECINPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_ME $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
- ip6tables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ ip6tables -D IPSECOUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ ip6tables --wait -D IPSECOUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_ME $S_MY_PORT $IPSEC_POLICY_OUT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT -j ACCEPT
#
-@@ -647,10 +748,10 @@
+@@ -462,10 +563,10 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/128" ]
then
- ip6tables -I FORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ ip6tables -I IPSECFORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ ip6tables --wait -I IPSECFORWARD 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j ACCEPT
- ip6tables -I FORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ ip6tables -I IPSECFORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ ip6tables --wait -I IPSECFORWARD 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
fi
-@@ -659,10 +760,10 @@
+@@ -474,10 +575,10 @@
# or sometimes host access via the internal IP is needed
if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ]
then
- ip6tables -I INPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ ip6tables -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ ip6tables --wait -I IPSECINPUT 1 -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT $IPSEC_POLICY_IN -j ACCEPT
- ip6tables -I OUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ ip6tables -I IPSECOUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ ip6tables --wait -I IPSECOUTPUT 1 -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT $IPSEC_POLICY_OUT -j ACCEPT
fi
-@@ -686,11 +787,11 @@
+@@ -501,11 +602,11 @@
# ones, so do not mess with it; see CAUTION comment up at top.
if [ "$PLUTO_PEER_CLIENT" != "$PLUTO_MY_SOURCEIP/128" ]
then
- ip6tables -D FORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ ip6tables -D IPSECFORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ ip6tables --wait -D IPSECFORWARD -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT \
$IPSEC_POLICY_OUT -j ACCEPT
- ip6tables -D FORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ ip6tables -D IPSECFORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ ip6tables --wait -D IPSECFORWARD -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT \
$IPSEC_POLICY_IN -j ACCEPT
-@@ -700,11 +801,11 @@
+@@ -515,11 +616,11 @@
# or sometimes host access via the internal IP is needed
if [ -n "$PLUTO_MY_SOURCEIP" -o -n "$PLUTO_HOST_ACCESS" ]
then
- ip6tables -D INPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-+ ip6tables -D IPSECINPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
++ ip6tables --wait -D IPSECINPUT -i $PLUTO_INTERFACE -p $PLUTO_MY_PROTOCOL \
-s $PLUTO_PEER_CLIENT $S_PEER_PORT \
-d $PLUTO_MY_CLIENT $D_MY_PORT \
$IPSEC_POLICY_IN -j ACCEPT
- ip6tables -D OUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-+ ip6tables -D IPSECOUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
++ ip6tables --wait -D IPSECOUTPUT -o $PLUTO_INTERFACE -p $PLUTO_PEER_PROTOCOL \
-s $PLUTO_MY_CLIENT $S_MY_PORT \
-d $PLUTO_PEER_CLIENT $D_PEER_PORT \
$IPSEC_POLICY_OUT -j ACCEPT
}else{
print "Client $ovpnconfig{$key}[2] NOT converted!\n";
}
- $ovpnconfig{$key}[32] = 'dynamic';
+ $ovpnconfig{$key}[32] = 'dynamic' if ($ovpnconfig{$key}[32] eq '');
}
&General::writehasharray("/var/ipfire/ovpn/ovpnconfig", \%ovpnconfig);
if ($running eq 'on')
--- /dev/null
+#!/usr/bin/perl
+# Converter script for adding existing OpenVPN N2N connections to collectd
+# Used for core update 89
+
+my %ovpnconfig=();
+
+require '/var/ipfire/general-functions.pl';
+
+open(COLLECTDVPN, ">${General::swroot}/ovpn/collectd.vpn") or die "Unable to open collectd.vpn: $!";
+print COLLECTDVPN "Loadplugin openvpn\n";
+print COLLECTDVPN "\n";
+print COLLECTDVPN "<Plugin openvpn>\n";
+print COLLECTDVPN "Statusfile \"/var/run/ovpnserver.log\"\n";
+
+&General::readhasharray("/var/ipfire/ovpn/ovpnconfig", \%ovpnconfig);
+foreach my $key (keys %ovpnconfig) {
+ if ($ovpnconfig{$key}[0] eq 'on' && $ovpnconfig{$key}[3] eq 'net') {
+ print COLLECTDVPN "Statusfile \"/var/run/openvpn/$ovpnconfig{$key}[1]-n2n\"\n";
+ }
+}
+
+print COLLECTDVPN "</Plugin>\n";
+close(COLLECTDVPN);
+
+# Reload collectd afterwards
+system("/usr/local/bin/collectdctrl restart &>/dev/null");
--- /dev/null
+#!/usr/bin/perl
+#
+# Converter for MaxMind CSV database to binary, for xt_geoip
+# Copyright © Jan Engelhardt, 2008-2011
+#
+use Getopt::Long;
+use IO::Handle;
+use Text::CSV_XS; # or trade for Text::CSV
+use strict;
+
+my $csv = Text::CSV_XS->new({
+ allow_whitespace => 1,
+ binary => 1,
+ eol => $/,
+}); # or Text::CSV
+my $target_dir = ".";
+
+&Getopt::Long::Configure(qw(bundling));
+&GetOptions(
+ "D=s" => \$target_dir,
+);
+
+if (!-d $target_dir) {
+ print STDERR "Target directory $target_dir does not exist.\n";
+ exit 1;
+}
+
+my $dir = "$target_dir/LE";
+if (!-e $dir && !mkdir($dir)) {
+ print STDERR "Could not mkdir $dir: $!\n";
+ exit 1;
+}
+
+&dump(&collect());
+
+sub collect
+{
+ my %country;
+
+ while (my $row = $csv->getline(*ARGV)) {
+ if (!defined($country{$row->[4]})) {
+ $country{$row->[4]} = {
+ name => $row->[5],
+ pool_v4 => [],
+ pool_v6 => [],
+ };
+ }
+ my $c = $country{$row->[4]};
+
+ push(@{$c->{pool_v4}}, [$row->[2], $row->[3]]);
+
+ if ($. % 4096 == 0) {
+ print STDERR "\r\e[2K$. entries";
+ }
+ }
+
+ print STDERR "\r\e[2K$. entries total\n";
+ return \%country;
+}
+
+sub dump
+{
+ my $country = shift @_;
+
+ foreach my $iso_code (sort keys %$country) {
+ &dump_one($iso_code, $country->{$iso_code});
+ }
+}
+
+sub dump_one
+{
+ my($iso_code, $country) = @_;
+ my($file, $fh_le, $fh_be);
+
+ printf "%5u IPv4 ranges for %s %s\n",
+ scalar(@{$country->{pool_v4}}),
+ $iso_code, $country->{name};
+
+ $file = "$target_dir/LE/".uc($iso_code).".iv4";
+ if (!open($fh_le, "> $file")) {
+ print STDERR "Error opening $file: $!\n";
+ exit 1;
+ }
+ foreach my $range (@{$country->{pool_v4}}) {
+ print $fh_le pack("VV", $range->[0], $range->[1]);
+ #print $fh_be pack("NN", $range->[0], $range->[1]);
+ }
+ close $fh_le;
+}
--- /dev/null
+#!/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2014 IPFire Development Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+TMP_PATH=$(mktemp -d)
+TMP_FILE=$(mktemp -p $TMP_PATH)
+
+SCRIPT_PATH=/usr/local/bin
+DEST_PATH=/usr/share/xt_geoip
+
+DL_URL=http://geolite.maxmind.com/download/geoip/database
+DL_FILE=GeoIPCountryCSV.zip
+
+CSV_FILE=GeoIPCountryWhois.csv
+
+ARCH=LE
+
+eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
+
+function download() {
+ echo "Downloading latest GeoIP ruleset..."
+
+ # Create temporary directory.
+ mkdir -pv $TMP_PATH
+
+ # Proxy settings.
+ # Check if a proxy should be used.
+ if [[ $UPSTREAM_PROXY ]]; then
+ PROXYSETTINGS="-e http_proxy=http://"
+
+ # Check if authentication against the proxy is configured.
+ if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then
+ PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_USER:$UPSTREAM_PASSWORD@"
+ fi
+
+ # Add proxy server.
+ PROXYSETTINGS="$PROXYSETTINGS$UPSTREAM_PROXY"
+ fi
+
+ # Get the latest GeoIP database from server.
+ wget $DL_URL/$DL_FILE $PROXYSETTINGS -O $TMP_FILE
+
+ # Extract files.
+ unzip $TMP_FILE -d $TMP_PATH
+
+ return 0
+}
+
+function build() {
+ echo "Convert database..."
+
+ # Check if the csv file exists.
+ if [ ! -e $TMP_PATH/$CSV_FILE ]; then
+ echo "$TMP_PATH/$CSV_FILE not found. Exiting."
+ return 1
+ fi
+
+ # Run script to convert the CSV file into several xtables
+ # compatible binary files.
+ if ! $SCRIPT_PATH/xt_geoip_build $TMP_PATH/$CSV_FILE -D $TMP_PATH; then
+ echo "Could not convert ruleset. Aborting." >&2
+ return 1
+ fi
+
+ return 0
+}
+
+function install() {
+ echo "Install databases..."
+
+ # Check if our destination exist.
+ if [ ! -e "$DEST_PATH" ]; then
+ mkdir -p $DEST_PATH &>/dev/null
+ fi
+
+ # Install databases.
+ if ! cp -af $TMP_PATH/$ARCH $DEST_PATH &>/dev/null; then
+ echo "Could not copy files. Aborting." >&2
+ return 1
+ fi
+
+ return 0
+}
+
+function cleanup() {
+ echo "Cleaning up temporary files..."
+ if ! rm -rf $TMP_PATH &>/dev/null; then
+ echo "Could not remove files. Aborting." >&2
+ return 1
+ fi
+
+ return 0
+}
+
+function main() {
+ # Download ruleset.
+ download || exit $?
+
+ # Convert the ruleset.
+ if ! build; then
+ # Do cleanup.
+ cleanup || exit $?
+ exit 1
+ fi
+
+ # Install the converted ruleset.
+ if ! install; then
+ # Do cleanup.
+ cleanup || exit $?
+ exit 1
+ fi
+
+ # Finaly remove temporary files.
+ cleanup || exit $?
+
+ return 0
+}
+
+# Run the main function.
+main
}
}
-int create_udev(void)
-{
- #define UDEV_NET_CONF "/etc/udev/rules.d/30-persistent-network.rules"
- FILE *fp;
- int i;
-
- if ( (fp = fopen(UDEV_NET_CONF, "w")) == NULL ) {
- fprintf(stderr,"Couldn't open" UDEV_NET_CONF);
- return 1;
- }
-
- for (i = 0 ; i < 4 ; i++)
- {
- if (strcmp(knics[i].macaddr, "")) {
- fprintf(fp,"\n# %s\nACTION==\"add\", SUBSYSTEM==\"net\", ATTR{type}==\"1\", ATTR{address}==\"%s\", NAME=\"%s0\"\n", knics[i].description, knics[i].macaddr, lcolourcard[i]);
- }
- }
- fclose(fp);
- return 0;
-}
-
int write_configs_netudev(int card , int colour)
{
char commandstring[STRING_SIZE];
} else {
rename_nics();
}
- create_udev();
return 1;
}
# Translators:
# douglasdiasn <douglasdiasn@gmail.com>, 2015
# Evertton de Lima <e.everttonlima@gmail.com>, 2015
+# Moisés Bites Borges de Castro <moisesbites@gmail.com>, 2015
# Rafael Tavares <rafael@ibinetwork.com.br>, 2015
msgid ""
msgstr ""
"Project-Id-Version: IPFire Project\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2014-08-21 15:12+0000\n"
-"PO-Revision-Date: 2015-02-16 23:15+0000\n"
-"Last-Translator: Evertton de Lima <e.everttonlima@gmail.com>\n"
+"PO-Revision-Date: 2015-03-24 21:31+0000\n"
+"Last-Translator: Moisés Bites Borges de Castro <moisesbites@gmail.com>\n"
"Language-Team: Portuguese (Brazil) (http://www.transifex.com/projects/p/ipfire/language/pt_BR/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
#: dhcp.c:50
msgid "Start address:"
-msgstr "Endereço de Inicial:"
+msgstr "Endereço inicial:"
#: dhcp.c:51
msgid "End address:"
#: dhcp.c:54
msgid "Default lease (mins):"
-msgstr "Tempo padrão (mins):"
+msgstr "Concessão padrão (min):"
#: dhcp.c:55
msgid "Max lease (mins):"
-msgstr "Tempo máximo (mins)"
+msgstr "Concessão máxima (min)"
#: dhcp.c:56
msgid "Domain name suffix:"
-msgstr ""
+msgstr "Sufixo do nome de Domínio:"
#: dhcp.c:86 dhcp.c:93 dhcp.c:101 domainname.c:34 hostname.c:37 keymap.c:70
#: misc.c:40 misc.c:52 netstuff.c:377 netstuff.c:566 netstuff.c:704
#: dhcp.c:111
msgid "DHCP server configuration"
-msgstr "Configurar servidor DHCP"
+msgstr "Configuração do servidor DHCP"
#: dhcp.c:116
msgid "Configure the DHCP server by entering the settings information."
msgid ""
"The following fields are invalid:\n"
"\n"
-msgstr "Os campos a seguir são inválidos: \n"
+msgstr "Os campos a seguir são inválidos: \n\n"
#: dhcp.c:159
msgid "Start address"
-msgstr "Endereço de Inicial"
+msgstr "Endereço inicial"
#: dhcp.c:165
msgid "End address"
#: dhcp.c:189
msgid "Default lease time"
-msgstr "Tempo padrão"
+msgstr "Tempo de concessão padrão"
#: dhcp.c:195
msgid "Max. lease time"
-msgstr "Tempo máximo padrão"
+msgstr "Tempo de concessão máximo"
#: domainname.c:42 main.c:70
msgid "Domain name"
-msgstr "Domínio "
+msgstr "Nome de Domínio "
#: domainname.c:42
msgid "Enter Domain name"
-msgstr "Entre com o nome do Domínio"
+msgstr "Digite o nome do Domínio"
#: domainname.c:48
msgid "Domain name cannot be empty."
#: hostname.c:46 main.c:69
msgid "Hostname"
-msgstr "Hostname"
+msgstr "Nome do Host"
#: hostname.c:46
msgid "Enter the machine's hostname."
-msgstr "Entre com o nome do host."
+msgstr "Entre com o nome de Host da máquina."
#: hostname.c:53
msgid "Hostname cannot be empty."
#: netstuff.c:104
msgid "DHCP"
-msgstr "Automático "
+msgstr "DHCP"
#: netstuff.c:105
msgid "PPP DIALUP (PPPoE, modem, ATM ...)"
#: netstuff.c:396 netstuff.c:709
msgid "Unset"
-msgstr ""
+msgstr "Desativado"
#: netstuff.c:669
#, c-format
#: netstuff.c:755
msgid "Select network driver"
-msgstr "Selecionar driver de rede"
+msgstr "Selecionar o driver de rede"
#: netstuff.c:755
msgid "Set additional module parameters"
-msgstr ""
+msgstr "Especifique os parâmetros adicionais"
#: netstuff.c:762
msgid "Loading module..."
#: netstuff.c:777
msgid "Unable to load driver module."
-msgstr ""
+msgstr "Não foi possível carregar o driver."
#: netstuff.c:780
msgid "Module name cannot be blank."
-msgstr ""
+msgstr "O nome do módulo não pode ficar vazio."
#: networking.c:110
msgid "Stopping network..."
"list those interfaces which have ethernet attached. If you change this "
"setting, a network restart will be required, and you will have to "
"reconfigure the network driver assignments."
-msgstr ""
+msgstr "Selecione a configuração de rede para %s. Os tipos de configuração seguintes lista as interfaces cabo Ethernet. Se você alterar estas configurações, uma reinicialização de rede será exigida, e você terá que reconfigurar os drivers de rede especificados."
#: networking.c:307
#, c-format
"Not enough netcards for your choice.\n"
"\n"
"Needed: %d - Available: %d\n"
-msgstr ""
+msgstr "Não há dispositivos de rede suficientes para sua escolha.\n\nNecessárias: %d - Disponíveis: %d\n"
#: networking.c:359
msgid ""
"Configure network drivers, and which interface each card is assigned to. The current configuration is as follows:\n"
"\n"
-msgstr ""
+msgstr "Configure os drivers de rede, e a placa de rede que a interface está relacionada. A configuração atual é a seguinte:\n\n"
#: networking.c:408
msgid "Do you wish to change these settings?"
msgid ""
"Please choose the interface you wish to change.\n"
"\n"
-msgstr ""
+msgstr "Por favor, escolha a interface de rede que quer alterar.\n\n"
#: networking.c:519
msgid "Assigned Cards"
"connection to the %s machine will be broken, and you will have to reconnect "
"on the new IP. This is a risky operation, and should only be attempted if "
"you have physical access to the machine, should something go wrong."
-msgstr ""
+msgstr "Se você alterar o endereço IP, e você estiver logado remotamente, sua conexão com a máquina %s cairá, e você terá que reconectar através do novo IP. Esta é uma operação arriscada, e somente deve ser feita se você tem acesso físico à máquina, caso algo errado aconteça."
#: networking.c:641
msgid "Select the interface you wish to reconfigure."
-msgstr ""
+msgstr "Selecione a interface que deseja reconfigurar."
#: networking.c:729
msgid "Default gateway:"
msgid ""
"Enter the DNS and gateway information. These settings are used only with "
"Static IP (and DHCP if DNS set) on the RED interface."
-msgstr ""
+msgstr "Digite as informações de DNS e roteador. Estas configurações são usada somente com IP estático (e DHCP se o DNS está habilitado) para a inerface VERMELHA."
#: networking.c:773
msgid "Default gateway"
#: passwords.c:33
msgid ""
"Enter the 'root' user password. Login as this user for commandline access."
-msgstr ""
+msgstr "Digite a senha do usuário 'root'. Autentique com este usuário para acesso à linha de comando."
#: passwords.c:38 passwords.c:61
msgid "Setting password"
msgid ""
"Enter %s 'admin' user password. This is the user to use for logging into the"
" %s web administration pages."
-msgstr ""
+msgstr "Digite a senha do usuário 'admin' do %s. Este é o usuário para autenticação na interface web de administração do %s."
#: passwords.c:60
#, c-format
msgid "Setting %s 'admin' user password..."
-msgstr ""
+msgstr "Especificando a senha do usuário 'admin' do %s..."
#: passwords.c:62
#, c-format
msgid "Problem setting %s 'admin' user password."
-msgstr ""
+msgstr "Tem um problema ao gravar senha do usuário 'admin' do %s."
#: passwords.c:76
msgid "Password:"
"Project-Id-Version: IPFire Project\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2014-08-21 15:12+0000\n"
-"PO-Revision-Date: 2015-02-28 22:59+0000\n"
+"PO-Revision-Date: 2015-03-20 15:05+0000\n"
"Last-Translator: Ersan YILDIRIM <ersan73@gmail.com>\n"
"Language-Team: Turkish (http://www.transifex.com/projects/p/ipfire/language/tr/)\n"
"MIME-Version: 1.0\n"
"connection to the %s machine will be broken, and you will have to reconnect "
"on the new IP. This is a risky operation, and should only be attempted if "
"you have physical access to the machine, should something go wrong."
-msgstr "Eğer bu IP adresini değiştirirseniz, ve uzaktan oturum açmışsanız, %s makinesine olan bağlantınız kopacaktır ve yeni IP adresine tekrar bağlanmanız gerekecektir. Bu riskli bir işlemdir ve bir şeylerin ters gitmesi durumunda makineye fiziksel erişiminiz varsa kullanmalısınız."
+msgstr "Uzaktan oturum açtığınızda bu IP adresini değiştirirseniz %s makinesine olan bağlantınız kopacaktır ve yeni IP adresine tekrar bağlanmanız gerekecektir. Bu riskli bir işlemdir ve bir şeylerin ters gitmesi durumunda makineye fiziksel erişiminiz varsa kullanmalısınız."
#: networking.c:641
msgid "Select the interface you wish to reconfigure."
int interfacecheck(struct keyvalue *kv, char *colour);
int rename_nics(void);
int init_knics(void);
-int create_udev(void);
int scan_network_cards(void);
int nicmenu(int colour);
int clear_card_entry(int cards);
my $sth;
my $cnt=0;
#If we want to show Data from within last 2 months, get DATA from ACCT
- if ( ! $grmon < ($mon+1) && $gryear == ($year+1900)){
+ if ( $grmon == ($mon)+1 && $gryear == ($year+1900)){
$sth=&ACCT::getmonthgraphdata("ACCT",$from,$till,$grhost);
}else{
#If we want to show data from a date older than last two months, use ACCT_HIST
sub viewtablehosts{
$dbh=&ACCT::connectdb;
&Header::openbox('100%', 'left', $Lang::tr{'acct hosts'});
- my $mon=$_[0];
- my $year=$_[1];
- my ($from,$till)=&ACCT::getmonth($mon,$year);
+ my $mon1=$_[0];
+ my $year1=$_[1];
+ my ($from,$till)=&ACCT::getmonth($mon1,$year1);
$count=0;
#Menu to display another month
print<<END;
</select></td>
<td style='text-align: center;'><select name='year'>
END
- for (my $j=2014;$j<=($year);$j++){
+ for (my $j=2014;$j<=($year1);$j++){
if(($_[1]) eq $j){
print"<option selected>$j</option>";
}else{
<th></th>
</tr>
END
- my $res = $dbh->selectall_arrayref("SELECT SUM(BYTES),min(TIME_RUN),max(TIME_RUN),NAME from ACCT where TIME_RUN between ".$from." and ".$till." group by NAME;");
+ my $res;
+ if (($mon)+1 == $mon1 && ($year)+1900 == $year1){
+ $res = $dbh->selectall_arrayref("SELECT SUM(BYTES),min(TIME_RUN),max(TIME_RUN),NAME from ACCT where TIME_RUN between ".$from." and ".$till." group by NAME;");
+ }else{
+ $res = $dbh->selectall_arrayref("SELECT SUM(BYTES),min(strftime('%s',TIME_RUN)),max(strftime('%s',TIME_RUN)),NAME from ACCT_HIST where date(TIME_RUN) > date($from,'unixepoch') and date(TIME_RUN) < date($till,'unixepoch') group by NAME;");
+ }
my $sumbytes;
my $type;
my $lineval;
<input type='image' src='/images/utilities-system-monitor.png' alt="$Lang::tr{'status'}" title="$Lang::tr{'status'}" />
<input type='hidden' name='ACTION' value='viewgraph'>
<input type='hidden' name='host' value='$name'>
- <input type='hidden' name='month' value='$mon'>
- <input type='hidden' name='year' value='$year'>
+ <input type='hidden' name='month' value='$mon1'>
+ <input type='hidden' name='year' value='$year1'>
<input type='hidden' name='traffic' value="$Lang::tr{'acct sum'} $Lang::tr{'acct traffic'} $lineval $type">
</form>
}
sub movedbdata {
- $dbh->do("insert into ACCT_HIST select datetime(TIME_RUN,'unixepoch'),NAME,SUM(BYTES) from ACCT where date(TIME_RUN,'unixepoch') < date('now','-2 months') group by NAME,date(TIME_RUN,'unixepoch');");
- $dbh->do("DELETE FROM ACCT WHERE datetime(TIME_RUN,'unixepoch') < date('now','-2 months');");
+ &connectdb;
+ $dbh->do("insert into ACCT_HIST select datetime(TIME_RUN,'unixepoch'),NAME,SUM(BYTES) from ACCT where datetime(TIME_RUN,'unixepoch') < datetime('now','start of month') group by NAME,datetime(TIME_RUN,'unixepoch');");
+ $dbh->do("DELETE FROM ACCT WHERE datetime(TIME_RUN,'unixepoch') < date('now','start of month');");
+ &closedb;
}
sub gethourgraphdata {
my $name=$_[3];
my $res;
$dbh=connectdb;
- if ($table eq 'ACCT'){
- $res = $dbh->selectall_arrayref( "SELECT strftime('%d.%m.%Y',xx.tag),(SELECT SUM(BYTES)/1024/1024 FROM ACCT WHERE date(TIME_RUN,'unixepoch') <= xx.tag and NAME = '".$name."') kum_bytes FROM (SELECT date(TIME_RUN,'unixepoch') tag,SUM(BYTES)/1024/1024 sbytes FROM ACCT WHERE NAME='".$name."' and TIME_RUN between ".$from." and ".$till." GROUP by date(TIME_RUN,'unixepoch')) xx;");
+ if ($table eq 'ACCT_HIST'){
+ $res = $dbh->selectall_arrayref( "SELECT strftime('%d.%m.%Y',TIME_RUN),(SELECT SUM(BYTES)/1024/1024 FROM ACCT_HIST WHERE TIME_RUN <= ah.TIME_RUN and TIME_RUN > date($from,'unixepoch') and NAME = '".$name."') kum_bytes FROM ACCT_HIST ah WHERE date(TIME_RUN) > date(".$from.",'unixepoch') AND date(TIME_RUN) < date(".$till.",'unixepoch') AND NAME = '".$name."' group by date(TIME_RUN);");
}else{
- $res = $dbh->selectall_arrayref( "SELECT TIME_RUN, (SELECT SUM(BYTES)/1024/1024 FROM ACCT_HIST WHERE TIME_RUN <= ah.TIME_RUN and NAME = '".$name."') kum_bytes FROM ACCT_HIST ah WHERE TIME_RUN BETWEEN date(".$from.",'unixepoch') AND date(".$till.",'unixepoch') AND NAME = '".$name."' group by TIME_RUN;");
+ $res = $dbh->selectall_arrayref( "SELECT strftime('%d.%m.%Y',xx.tag),(SELECT SUM(BYTES)/1024/1024 FROM ACCT WHERE date(TIME_RUN,'unixepoch') <= xx.tag and TIME_RUN > ".$from." and NAME = '".$name."') kum_bytes FROM (SELECT NAME,date(TIME_RUN,'unixepoch') tag,SUM(BYTES)/1024/1024 sbytes FROM ACCT WHERE NAME='".$name."' and TIME_RUN between ".$from." and ".$till." GROUP by NAME,date(TIME_RUN,'unixepoch')) xx;");
}
$dbh=closedb;
return $res;
open (FH,">/var/log/accounting.log");
close (FH);
chmod 0755, "/var/log/accounting.log";
- #move all db entries older than 2 months to second table and cumulate them hourly
+ #move all db entries older than this month to second table and cumulate them daily
&ACCT::movedbdata;
&ACCT::logger($settings{'LOG'},"New Month. Old trafficvalues moved to ACCT_HIST Table\n");
if ($settings{'USEMAIL'} eq 'on'){
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2013 IPFire Team info@ipfire.org #
+# Copyright (C) 2007-2015 IPFire Team info@ipfire.org #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
grep -r "^var/run//*" ./config/rootfiles/
echo "Comment this and create it at initskript if needed !"
fi
+
+grep -r "/i586" ./config/rootfiles/ --exclude gcc --exclude-dir oldcore >/dev/null 2>&1
+if [ "${?}" == "0" ]; then
+ echo "Error! '/i586' in rootfiles files found!"
+ grep -r "/i586" ./config/rootfiles/ --exclude gcc --exclude-dir oldcore
+ echo "Replace by MACHINE !"
+fi
+
+grep -r "/armv5tel" ./config/rootfiles/ --exclude gcc --exclude-dir oldcore >/dev/null 2>&1
+if [ "${?}" == "0" ]; then
+ echo "Error! '/armv5tel' in rootfiles files found!"
+ grep -r "/armv5tel" ./config/rootfiles/ --exclude gcc --exclude-dir oldcore
+ echo "Replace by MACHINE !"
+fi