along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-#include "common_startup.hh"\r
-\r
-typedef Distributor<DNSPacket,DNSPacket,PacketHandler> DNSDistributor;\r
-\r
-\r
-ArgvMap theArg;\r
-StatBag S; //!< Statistics are gathered accross PDNS via the StatBag class S\r
-PacketCache PC; //!< This is the main PacketCache, shared accross all threads\r
-DNSProxy *DP;\r
-DynListener *dl;\r
-CommunicatorClass Communicator;\r
-UDPNameserver *N;\r
-int avg_latency;\r
-TCPNameserver *TN;\r
-\r
-ArgvMap &arg()\r
-{\r
- return theArg;\r
-}\r
-\r
-\r
-void declareArguments()\r
-{\r
- arg().set("local-port","The port on which we listen")="53";\r
- arg().setSwitch("log-failed-updates","If PDNS should log failed update requests")="";\r
- arg().setSwitch("log-dns-details","If PDNS should log failed update requests")="";\r
- arg().set("urlredirector","Where we send hosts to that need to be url redirected")="127.0.0.1";\r
- arg().set("smtpredirector","Our smtpredir MX host")="a.misconfigured.powerdns.smtp.server";\r
- arg().set("local-address","Local IP address to which we bind")="0.0.0.0";\r
- arg().set("local-ipv6","Local IP address to which we bind")="";\r
- arg().set("max-queue-length","Maximum queuelength before considering situation lost")="5000";\r
- arg().set("soa-serial-offset","Make sure that no SOA serial is less than this number")="0";\r
- arg().set("only-soa","Make sure that no SOA serial is less than this number")="org";\r
- arg().setCmd("help","Provide a helpful message");\r
- arg().setCmd("config","Provide a helpful message");\r
- arg().setCmd("list-modules","Lists all modules available");\r
- arg().setCmd("no-config","Don't parse configuration file");\r
- \r
- arg().set("control-console","Debugging switch - don't use")="no"; // but I know you will!\r
- arg().set("fancy-records","Process URL and MBOXFW records")="no";\r
- arg().set("wildcard-url","Process URL and MBOXFW records")="no";\r
- arg().set("wildcards","Honor wildcards in the database")="";\r
- arg().set("loglevel","Amount of logging. Higher is more. Do not set below 3")="4";\r
- arg().set("default-soa-name","name to insert in the SOA record if none set in the backend")="a.misconfigured.powerdns.server";\r
- arg().set("distributor-threads","Default number of Distributor (backend) threads to start")="3";\r
- arg().set("queue-limit","Maximum number of milliseconds to queue a query")="1500"; \r
- arg().set("recursor","If recursion is desired, IP address of a recursing nameserver")="no"; \r
- arg().set("lazy-recursion","Only recurse if question cannot be answered locally")="yes";\r
- arg().set("allow-recursion","List of netmasks that are allowed to recurse")=""; \r
- \r
- arg().set("disable-tcp","Do not listen to TCP queries")="no";\r
- arg().set("disable-axfr","Do not allow zone transfers")="no";\r
- \r
- arg().set("config-name","Name of this virtual configuration - will rename the binary image")="";\r
-\r
- arg().set("load-modules","Load this module - supply absolute or relative path")="";\r
- arg().set("launch","Which backends to launch and order to query them in")="";\r
- arg().setSwitch("disable-axfr","Disable zonetransfers but do allow TCP queries")="no";\r
- arg().set("allow-axfr-ips","If disabled, DO allow zonetransfers from these IP addresses")="";\r
- arg().set("slave-cycle-interval","Reschedule failed SOA serial checks once every .. seconds")="60";\r
- \r
- arg().setSwitch("slave","Act as a slave")="no";\r
- arg().setSwitch("master","Act as a master")="no";\r
- arg().setSwitch("guardian","Run within a guardian process")="no";\r
- arg().setSwitch("skip-cname","Do not perform CNAME indirection for each query")="no";\r
- arg().setSwitch("strict-rfc-axfrs","Perform strictly rfc compliant axfrs (very slow)")="no";\r
- \r
- arg().setSwitch("webserver","Start a webserver for monitoring")="no"; \r
- arg().setSwitch("webserver-print-arguments","If the webserver should print arguments")="no"; \r
- arg().set("webserver-address","IP Address of webserver to listen on")="127.0.0.1";\r
- arg().set("webserver-port","Port of webserver to listen on")="8081";\r
- arg().set("webserver-password","Password required for accessing the webserver")="";\r
-\r
- arg().set("receiver-threads","Number of receiver threads to launch")="1";\r
- \r
- arg().setSwitch("out-of-zone-additional-processing","Do out of zone additional processing")="no";\r
- arg().setSwitch("query-logging","Hint backends that queries should be logged")="no";\r
- \r
- arg().set("cache-ttl","Seconds to store packets in the PacketCache")="20";\r
- arg().set("recursive-cache-ttl","Seconds to store packets in the PacketCache")="10";\r
- arg().set("negquery-cache-ttl","Seconds to store packets in the PacketCache")="60";\r
- arg().set("query-cache-ttl","Seconds to store packets in the PacketCache")="20";\r
- arg().set("soa-minimum-ttl","Default SOA mininum ttl")="3600";\r
- arg().set("max-tcp-connections","Maximum number of TCP connections")="10";\r
-\r
- arg().setSwitch( "use-logfile", "Use a log file" )= "no";\r
- arg().set( "logfile", "Logfile to use" )= "pdns.log";\r
-\r
-}\r
-\r
-\r
-\r
-void declareStats(void)\r
-{\r
- S.declare("udp-queries","Number of UDP queries received");\r
- S.declare("udp-answers","Number of answers sent out over UDP");\r
- S.declare("recursing-answers","Number of recursive answers sent out");\r
- S.declare("recursing-questions","Number of questions sent to recursor");\r
- S.declare("corrupt-packets","Number of corrupt packets received");\r
-\r
- S.declare("tcp-queries","Number of TCP queries received");\r
- S.declare("tcp-answers","Number of answers sent out over TCP");\r
-\r
- S.declare("qsize-q","Number of questions waiting for database attention");\r
-\r
- S.declare("deferred-cache-inserts","Amount of cache inserts that were deferred because of maintenance");\r
- S.declare("deferred-cache-lookup","Amount of cache lookups that were deferred because of maintenance");\r
-\r
- S.declare("query-cache-hit","Number of hits on the query cache");\r
- S.declare("query-cache-miss","Number of misses on the query cache");\r
-\r
-\r
- S.declare("servfail-packets","Number of times a server-failed packet was sent out");\r
- S.declare("latency","Average number of microseconds needed to answer a question");\r
- S.declare("timedout-packets","Number of packets which weren't answered within timeout set");\r
-\r
- S.declareRing("queries","UDP Queries Received");\r
- S.declareRing("nxdomain-queries","Queries for non-existent records within existent domains");\r
- S.declareRing("noerror-queries","Queries for existing records, but for type we don't have");\r
- S.declareRing("servfail-queries","Queries that could not be answered due to backend errors");\r
- S.declareRing("unauth-queries","Queries for domains that we are not authoritative for");\r
- S.declareRing("logmessages","Log Messages");\r
- S.declareRing("remotes","Remote server IP addresses");\r
- S.declareRing("remotes-unauth","Remote hosts querying domains for which we are not auth");\r
- S.declareRing("remotes-corrupt","Remote hosts sending corrupt packets");\r
-\r
-}\r
-\r
-\r
-int isGuarded(char **argv)\r
-{\r
- char *p=strstr(argv[0],"-instance");\r
-\r
- return !!p;\r
-}\r
-\r
-\r
-void sendout(const DNSDistributor::AnswerData &AD)\r
-{\r
- static int &numanswered=*S.getPointer("udp-answers");\r
- if(!AD.A)\r
- return;\r
- \r
- N->send(AD.A);\r
- numanswered++;\r
- int diff=AD.A->d_dt.udiff();\r
- avg_latency=(int)(0.999*avg_latency+0.001*diff);\r
-\r
- delete AD.A; \r
-\r
-\r
-}\r
-\r
-\r
-//! The qthread receives questions over the internet via the Nameserver class, and hands them to the Distributor for futher processing\r
-void *qthread(void *p)\r
-{\r
- DNSDistributor *D=static_cast<DNSDistributor *>(p);\r
-\r
- DNSPacket *P;\r
-\r
- DNSPacket question;\r
- DNSPacket cached;\r
-\r
- int &numreceived=*S.getPointer("udp-queries");\r
- int &numanswered=*S.getPointer("udp-answers");\r
- numreceived=-1;\r
- int diff;\r
-\r
- for(;;) {\r
- if(!((numreceived++)%50)) { // maintenance tasks\r
- S.set("latency",(int)avg_latency);\r
- int qcount, acount;\r
- D->getQueueSizes(qcount, acount);\r
- S.set("qsize-q",qcount);\r
- }\r
- \r
- if(!(P=N->receive(&question))) { // receive a packet inline\r
- continue; // packet was broken, try again\r
- }\r
-\r
-\r
- S.ringAccount("queries", P->qdomain+"/"+P->qtype.getName());\r
- S.ringAccount("remotes",P->getRemote());\r
-\r
- if(PC.get(P,&cached)) { // short circuit - does the PacketCache recognize this question?\r
- cached.setRemote((struct sockaddr *)(P->remote),P->d_socklen); // inlined\r
- cached.setSocket(P->getSocket()); // inlined\r
- cached.spoofID(P->d.id); // inlined \r
- cached.d.rd=P->d.rd; // copy in recursion desired bit \r
- cached.commitD(); // commit d to the packet inlined\r
-\r
- N->send(&cached); // answer it then inlined\r
- diff=P->d_dt.udiff(); \r
- avg_latency=(int)(0.999*avg_latency+0.001*diff); // 'EWMA'\r
- \r
- numanswered++;\r
- continue;\r
- }\r
-\r
- D->question(P, &sendout); // otherwise, give to the distributor\r
- }\r
- return 0;\r
-}\r
-\r
-\r
-void mainthread()\r
-{\r
- Utility::srandom(time(0));\r
-\r
- int newgid=0; \r
- if(!arg()["setgid"].empty()) \r
- newgid=Utility::makeGidNumeric(arg()["setgid"]); \r
- int newuid=0; \r
- if(!arg()["setuid"].empty()) \r
- newuid=Utility::makeUidNumeric(arg()["setuid"]); \r
- if(!arg()["chroot"].empty()) { \r
- if(chroot(arg()["chroot"].c_str())<0) {\r
- L<<Logger::Error<<"Unable to chroot: "<<strerror(errno)<<", exiting"<<endl; \r
- exit(1);\r
- } \r
- else\r
- L<<Logger::Error<<"Chrooted to '"<<arg()["chroot"]<<"'"<<endl; \r
- } \r
- Utility::dropPrivs(newuid, newgid);\r
-\r
- if(arg().mustDo("recursor")){\r
- DP=new DNSProxy(arg()["recursor"]);\r
- DP->onlyFrom(arg()["allow-recursion"]);\r
- DP->go();\r
- }\r
- // NOW SAFE TO CREATE THREADS!\r
- dl->go();\r
-\r
-\r
-\r
-\r
- pthread_t qtid;\r
- StatWebServer sws;\r
-\r
- if(arg()["webserver"]!="no") \r
- sws.go();\r
- \r
- if(arg().mustDo("slave") || arg().mustDo("master"))\r
- Communicator.go(); \r
-\r
- if(TN)\r
- TN->go(); // tcp nameserver launch\r
- \r
- // fork(); (this worked :-))\r
- for(int n=0;n<arg().asNum("receiver-threads");++n) {\r
- DNSDistributor *D= new DNSDistributor(arg().asNum("distributor-threads")); // the big dispatcher!\r
- pthread_create(&qtid,0,qthread,static_cast<void *>(D)); // receives packets\r
- }\r
-\r
- void *p;\r
- pthread_join(qtid, &p);\r
- \r
- L<<Logger::Error<<"Mainthread exiting - should never happen"<<endl;\r
-}\r
-\r
-\r
-\r
-\r
+#include "common_startup.hh"
+
+typedef Distributor<DNSPacket,DNSPacket,PacketHandler> DNSDistributor;
+
+
+ArgvMap theArg;
+StatBag S; //!< Statistics are gathered accross PDNS via the StatBag class S
+PacketCache PC; //!< This is the main PacketCache, shared accross all threads
+DNSProxy *DP;
+DynListener *dl;
+CommunicatorClass Communicator;
+UDPNameserver *N;
+int avg_latency;
+TCPNameserver *TN;
+
+ArgvMap &arg()
+{
+ return theArg;
+}
+
+
+void declareArguments()
+{
+ arg().set("local-port","The port on which we listen")="53";
+ arg().setSwitch("log-failed-updates","If PDNS should log failed update requests")="";
+ arg().setSwitch("log-dns-details","If PDNS should log failed update requests")="";
+ arg().set("urlredirector","Where we send hosts to that need to be url redirected")="127.0.0.1";
+ arg().set("smtpredirector","Our smtpredir MX host")="a.misconfigured.powerdns.smtp.server";
+ arg().set("local-address","Local IP address to which we bind")="0.0.0.0";
+ arg().set("local-ipv6","Local IP address to which we bind")="";
+ arg().set("max-queue-length","Maximum queuelength before considering situation lost")="5000";
+ arg().set("soa-serial-offset","Make sure that no SOA serial is less than this number")="0";
+ arg().set("only-soa","Make sure that no SOA serial is less than this number")="org";
+ arg().setCmd("help","Provide a helpful message");
+ arg().setCmd("config","Provide a helpful message");
+ arg().setCmd("list-modules","Lists all modules available");
+ arg().setCmd("no-config","Don't parse configuration file");
+
+ arg().set("control-console","Debugging switch - don't use")="no"; // but I know you will!
+ arg().set("fancy-records","Process URL and MBOXFW records")="no";
+ arg().set("wildcard-url","Process URL and MBOXFW records")="no";
+ arg().set("wildcards","Honor wildcards in the database")="";
+ arg().set("loglevel","Amount of logging. Higher is more. Do not set below 3")="4";
+ arg().set("default-soa-name","name to insert in the SOA record if none set in the backend")="a.misconfigured.powerdns.server";
+ arg().set("distributor-threads","Default number of Distributor (backend) threads to start")="3";
+ arg().set("queue-limit","Maximum number of milliseconds to queue a query")="1500";
+ arg().set("recursor","If recursion is desired, IP address of a recursing nameserver")="no";
+ arg().set("lazy-recursion","Only recurse if question cannot be answered locally")="yes";
+ arg().set("allow-recursion","List of netmasks that are allowed to recurse")="";
+
+ arg().set("disable-tcp","Do not listen to TCP queries")="no";
+ arg().set("disable-axfr","Do not allow zone transfers")="no";
+
+ arg().set("config-name","Name of this virtual configuration - will rename the binary image")="";
+
+ arg().set("load-modules","Load this module - supply absolute or relative path")="";
+ arg().set("launch","Which backends to launch and order to query them in")="";
+ arg().setSwitch("disable-axfr","Disable zonetransfers but do allow TCP queries")="no";
+ arg().set("allow-axfr-ips","If disabled, DO allow zonetransfers from these IP addresses")="";
+ arg().set("slave-cycle-interval","Reschedule failed SOA serial checks once every .. seconds")="60";
+
+ arg().setSwitch("slave","Act as a slave")="no";
+ arg().setSwitch("master","Act as a master")="no";
+ arg().setSwitch("guardian","Run within a guardian process")="no";
+ arg().setSwitch("skip-cname","Do not perform CNAME indirection for each query")="no";
+ arg().setSwitch("strict-rfc-axfrs","Perform strictly rfc compliant axfrs (very slow)")="no";
+
+ arg().setSwitch("webserver","Start a webserver for monitoring")="no";
+ arg().setSwitch("webserver-print-arguments","If the webserver should print arguments")="no";
+ arg().set("webserver-address","IP Address of webserver to listen on")="127.0.0.1";
+ arg().set("webserver-port","Port of webserver to listen on")="8081";
+ arg().set("webserver-password","Password required for accessing the webserver")="";
+
+ arg().set("receiver-threads","Number of receiver threads to launch")="1";
+
+ arg().setSwitch("out-of-zone-additional-processing","Do out of zone additional processing")="no";
+ arg().setSwitch("query-logging","Hint backends that queries should be logged")="no";
+
+ arg().set("cache-ttl","Seconds to store packets in the PacketCache")="20";
+ arg().set("recursive-cache-ttl","Seconds to store packets in the PacketCache")="10";
+ arg().set("negquery-cache-ttl","Seconds to store packets in the PacketCache")="60";
+ arg().set("query-cache-ttl","Seconds to store packets in the PacketCache")="20";
+ arg().set("soa-minimum-ttl","Default SOA mininum ttl")="3600";
+ arg().set("max-tcp-connections","Maximum number of TCP connections")="10";
+
+ arg().setSwitch( "use-logfile", "Use a log file" )= "no";
+ arg().set( "logfile", "Logfile to use" )= "pdns.log";
+
+}
+
+
+
+void declareStats(void)
+{
+ S.declare("udp-queries","Number of UDP queries received");
+ S.declare("udp-answers","Number of answers sent out over UDP");
+ S.declare("recursing-answers","Number of recursive answers sent out");
+ S.declare("recursing-questions","Number of questions sent to recursor");
+ S.declare("corrupt-packets","Number of corrupt packets received");
+
+ S.declare("tcp-queries","Number of TCP queries received");
+ S.declare("tcp-answers","Number of answers sent out over TCP");
+
+ S.declare("qsize-q","Number of questions waiting for database attention");
+
+ S.declare("deferred-cache-inserts","Amount of cache inserts that were deferred because of maintenance");
+ S.declare("deferred-cache-lookup","Amount of cache lookups that were deferred because of maintenance");
+
+ S.declare("query-cache-hit","Number of hits on the query cache");
+ S.declare("query-cache-miss","Number of misses on the query cache");
+
+
+ S.declare("servfail-packets","Number of times a server-failed packet was sent out");
+ S.declare("latency","Average number of microseconds needed to answer a question");
+ S.declare("timedout-packets","Number of packets which weren't answered within timeout set");
+
+ S.declareRing("queries","UDP Queries Received");
+ S.declareRing("nxdomain-queries","Queries for non-existent records within existent domains");
+ S.declareRing("noerror-queries","Queries for existing records, but for type we don't have");
+ S.declareRing("servfail-queries","Queries that could not be answered due to backend errors");
+ S.declareRing("unauth-queries","Queries for domains that we are not authoritative for");
+ S.declareRing("logmessages","Log Messages");
+ S.declareRing("remotes","Remote server IP addresses");
+ S.declareRing("remotes-unauth","Remote hosts querying domains for which we are not auth");
+ S.declareRing("remotes-corrupt","Remote hosts sending corrupt packets");
+
+}
+
+
+int isGuarded(char **argv)
+{
+ char *p=strstr(argv[0],"-instance");
+
+ return !!p;
+}
+
+
+void sendout(const DNSDistributor::AnswerData &AD)
+{
+ static int &numanswered=*S.getPointer("udp-answers");
+ if(!AD.A)
+ return;
+
+ N->send(AD.A);
+ numanswered++;
+ int diff=AD.A->d_dt.udiff();
+ avg_latency=(int)(0.999*avg_latency+0.001*diff);
+
+ delete AD.A;
+
+
+}
+
+
+//! The qthread receives questions over the internet via the Nameserver class, and hands them to the Distributor for futher processing
+void *qthread(void *p)
+{
+ DNSDistributor *D=static_cast<DNSDistributor *>(p);
+
+ DNSPacket *P;
+
+ DNSPacket question;
+ DNSPacket cached;
+
+ int &numreceived=*S.getPointer("udp-queries");
+ int &numanswered=*S.getPointer("udp-answers");
+ numreceived=-1;
+ int diff;
+
+ for(;;) {
+ if(!((numreceived++)%50)) { // maintenance tasks
+ S.set("latency",(int)avg_latency);
+ int qcount, acount;
+ D->getQueueSizes(qcount, acount);
+ S.set("qsize-q",qcount);
+ }
+
+ if(!(P=N->receive(&question))) { // receive a packet inline
+ continue; // packet was broken, try again
+ }
+
+
+ S.ringAccount("queries", P->qdomain+"/"+P->qtype.getName());
+ S.ringAccount("remotes",P->getRemote());
+
+ if(PC.get(P,&cached)) { // short circuit - does the PacketCache recognize this question?
+ cached.setRemote((struct sockaddr *)(P->remote),P->d_socklen); // inlined
+ cached.setSocket(P->getSocket()); // inlined
+ cached.spoofID(P->d.id); // inlined
+ cached.d.rd=P->d.rd; // copy in recursion desired bit
+ cached.commitD(); // commit d to the packet inlined
+
+ N->send(&cached); // answer it then inlined
+ diff=P->d_dt.udiff();
+ avg_latency=(int)(0.999*avg_latency+0.001*diff); // 'EWMA'
+
+ numanswered++;
+ continue;
+ }
+
+ D->question(P, &sendout); // otherwise, give to the distributor
+ }
+ return 0;
+}
+
+
+void mainthread()
+{
+ Utility::srandom(time(0));
+
+ int newgid=0;
+ if(!arg()["setgid"].empty())
+ newgid=Utility::makeGidNumeric(arg()["setgid"]);
+ int newuid=0;
+ if(!arg()["setuid"].empty())
+ newuid=Utility::makeUidNumeric(arg()["setuid"]);
+ if(!arg()["chroot"].empty()) {
+ if(chroot(arg()["chroot"].c_str())<0) {
+ L<<Logger::Error<<"Unable to chroot: "<<strerror(errno)<<", exiting"<<endl;
+ exit(1);
+ }
+ else
+ L<<Logger::Error<<"Chrooted to '"<<arg()["chroot"]<<"'"<<endl;
+ }
+ Utility::dropPrivs(newuid, newgid);
+
+ if(arg().mustDo("recursor")){
+ DP=new DNSProxy(arg()["recursor"]);
+ DP->onlyFrom(arg()["allow-recursion"]);
+ DP->go();
+ }
+ // NOW SAFE TO CREATE THREADS!
+ dl->go();
+
+
+
+
+ pthread_t qtid;
+ StatWebServer sws;
+
+ if(arg()["webserver"]!="no")
+ sws.go();
+
+ if(arg().mustDo("slave") || arg().mustDo("master"))
+ Communicator.go();
+
+ if(TN)
+ TN->go(); // tcp nameserver launch
+
+ // fork(); (this worked :-))
+ for(int n=0;n<arg().asNum("receiver-threads");++n) {
+ DNSDistributor *D= new DNSDistributor(arg().asNum("distributor-threads")); // the big dispatcher!
+ pthread_create(&qtid,0,qthread,static_cast<void *>(D)); // receives packets
+ }
+
+ void *p;
+ pthread_join(qtid, &p);
+
+ L<<Logger::Error<<"Mainthread exiting - should never happen"<<endl;
+}
+
+
+
+