projects / thirdparty / pdns.git / blame
| Commit | Line | Data |
|---|---|---|
| 20d81666 PL |
1 | Upgrade Guide |
| 2 | ============= | |
| 3 | ||
| 955de53b PD |
4 | 1.3.x to 1.4.0 |
| 5 | -------------- | |
| 6 | ||
| 7 | :func:`addLuaAction` and :func:`addLuaResponseAction` have been removed. Instead, use :func:`addAction` with a :func:`LuaAction`, or :func:`addResponseAction` with a :func:`LuaResponseAction`. | |
| 8 | ||
| 6da31e3a RG |
9 | :func:`newPacketCache` now takes an optional table as its second argument, instead of several optional parameters. |
| 10 | ||
| 11 | Lua's constants for DNS response codes and QTypes have been moved from the 'dnsdist' prefix to, respectively, the 'DNSQType' and 'DNSRCode' prefix. | |
| 12 | ||
| 13 | To improve security, all ambient capabilities are now dropped after the startup phase, which might prevent launching the webserver on a privileged port at run-time, or impact some custom Lua code. In addition, systemd's sandboxing features are now determined at compile-time, resulting in more restrictions on recent distributions. See pull requests 7138 and 6634 for more information. | |
| 14 | ||
| 15 | If you are compiling dnsdist, note that several ./configure options have been renamed to provide a more consistent experience. Features that depend on an external component have been prefixed with '--with-' while internal features use '--enable-'. This lead to the following changes: | |
| 16 | ||
| 17 | - ``--enable-fstrm`` to ``--enable-dnstap`` | |
| 18 | - ``--enable-gnutls`` to ``--with-gnutls`` | |
| 19 | - ``--enable-libsodium`` to ``--with-libsodium`` | |
| 20 | - ``--enable-libssl`` to ``--with-libssl`` | |
| 21 | - ``--enable-re2`` to ``--with-re2`` | |
| 22 | ||
| 70ee2bc3 PD |
23 | 1.3.2 to 1.3.3 |
| 24 | -------------- | |
| 25 | ||
| 26 | When upgrading from a package before 1.3.3, on CentOS 6 and RHEL 6, dnsdist will be stopped instead of restarted. | |
| 27 | ||
| e1e5ea46 PL |
28 | 1.2.x to 1.3.x |
| 29 | -------------- | |
| 30 | ||
| 31 | In version 1.3.0, these things have changed. | |
| 32 | ||
| 33 | The :ref:`Console` has an ACL now, which is set to ``{"127.0.0.0/8", "::1/128"}`` by default. | |
| 34 | Add the appropriate :func:`setConsoleACL` and :func:`addConsoleACL` statements to the configuration file. | |
| 35 | ||
| 36 | The ``--daemon`` option is removed from the :program:`dnsdist` binary, meaning that :program:`dnsdist` will not fork to the background anymore. | |
| 37 | Hence, it can only be run on the foreground or under a supervisor like systemd, supervisord and ``daemon(8)``. | |
| 38 | ||
| 9df79d52 PL |
39 | Due to changes in the architecture of :program:`dnsdist`, several of the shortcut rules have been removed after deprecating them in 1.2.0. |
| 40 | All removed functions have their equivalent :func:`addAction` listed. | |
| 41 | Please check the configuration for these statements (or use ``dnsdist --check-config``) and update where needed. | |
| 42 | This removal affects these functions: | |
| 43 | ||
| 44 | - :func:`addAnyTCRule` | |
| 45 | - :func:`addDelay` | |
| 46 | - :func:`addDisableValidationRule` | |
| 47 | - :func:`addDomainBlock` | |
| 48 | - :func:`addDomainCNAMESpoof` | |
| 49 | - :func:`addDomainSpoof` | |
| 50 | - :func:`addNoRecurseRule` | |
| 51 | - :func:`addPoolRule` | |
| 52 | - :func:`addQPSLimit` | |
| 53 | - :func:`addQPSPoolRule` | |
| 54 | ||
| 20d81666 PL |
55 | 1.1.0 to 1.2.0 |
| 56 | -------------- | |
| 57 | ||
| 58 | In 1.2.0, several configuration options have been changed: | |
| 59 | ||
| 60 | As the amount of possible settings for listen sockets is growing, all listen-related options must now be passed as a table as the second argument to both :func:`addLocal` and :func:`setLocal`. | |
| 61 | See the function's reference for more information. | |
| 62 | ||
| 63 | The ``BlockFilter`` function is removed, as :func:`addRule` combined with a :func:`DropAction` can do the same. |