6 :released: 6th of June 2019
13 DoH: Don't let 'self' dangling while parsing the request's qname
19 Fix minor issues reported by Coverity
22 :tags: New Features, DoT, DoH
26 Implement SNIRule for DoT and DoH
32 Remove second, incomplete copy of lua EDNSOptionCode table
35 :tags: Improvements, Prometheus
39 Support Prometheus latency histograms (Marlin Cremers)
42 :version: 1.4.0-alpha2
43 :released: 26th of April 2019
49 Ignore Path MTU discovery on UDP server socket
55 Alternative solution to the unaligned accesses.
61 Exit when setting ciphers fails (GnuTLS)
68 Add DNS over HTTPS support based on libh2o
71 :version: 1.4.0-alpha1
72 :released: 12th of April 2019
78 Make recursor & dnsdist communicate (ECS) 'variable' status
84 Fix compiler warning about returning garbage (Adam Majer)
90 Fix warnings, mostly unused parameters, reported by -wextra
97 Add namespace and instance variable to carbon key (Gibheer)
103 Add optional uuid column to showServers()
109 Allow NoRecurse for use in dynamic blocks or Lua rules (phonedph1)
116 Expose secpoll status
122 Configure --enable-pdns-option --with-third-party-module (Josh Soref)
128 Protect GnuTLS tickets key rotation with a read-write lock
134 Check that ``SO_ATTACH_BPF`` is defined before enabling eBPF
140 Drop remaining capabilities after startup
147 Add an optional 'checkTimeout' parameter to 'newServer()'
154 Add a 'rise' parameter to 'newServer()'
161 Add a 'keepStaleData' option to the packet cache
168 Expose trailing data (Richard Gibson)
174 More sandboxing using systemd's features
180 Fix off-by-one in mvRule counting
186 Reduce systemcall usage in Protobuf logging
192 Resync YaHTTP code to cmouse/yahttp@11be77a1fc4032 (Chris Hofstaedtler)
198 Add option to set interval between health checks (1848)
204 Add EDNS unknown version handling (Dmitry Alenichev)
210 Pass empty response (Dmitry Alenichev)
216 Change the way getRealMemusage() works on linux (using statm)
222 Don't convert nsec to usec if we need nsec
228 DNSNameSet and QNameSetRule (Andrey)
240 Handle EAGAIN in the GnuTLS DNS over TLS provider
247 Gracefully handle a null latency in the webserver's js
254 Prevent 0-ttl cache hits
261 Add addDynBlockSMT() support to dynBlockRulesGroup
267 Add frontend response statistics (Matti Hiljanen)
273 EDNSOptionView improvements
280 Add support for encrypting ip addresses #gdpr
286 Remove addLuaAction and addLuaResponseAction
293 Refactoring of the TCP stack
300 Honor libcrypto include path
307 Add 'setSyslogFacility()'
314 Prevent a conflict with BADSIG being clobbered
320 Switch to the new 'newPacketCache()' syntax for 1.4.0
326 Add 'reloadAllCertificates()'
332 Move constants to proper namespace
338 Unify the management of DNS/DNSCrypt/DoT frontends
342 :released: 8th of November 2018
349 Add consistent hash builtin policy
361 Add DSTPortRule (phonedph1)
367 Make getOutstanding usable from both lua and console (phonedph1)
373 Get rid of some allocs/copies in DNS parsing
379 Display dynblocks' default action, None, as the global one
386 Set a correct EDNS OPT RR for self-generated answers
392 Added :excludeRange and :includeRange methods to DynBPFFilter class (Reinier Schoof)
398 Fix a sign-comparison warning in isEDNSOptionInOPT()
402 :pullreq: 3935, 6343, 6901, 7007, 7089
405 Add Prometheus stats support (Pavel Odintsov, Kai S)
411 Fix compilation when SO_REUSEPORT is not defined
418 Add warning rates to DynBlockRulesGroup rules
425 Name threads in the programs
432 Add support for exporting a server id in protobuf
438 dnsdist did not set TCP_NODELAY, causing needless latency
444 Release memory on DNS over TLS handshake failure
450 Add a setting to control the number of stored sessions
457 Wrap GnuTLS and OpenSSL pointers in smart pointers
464 Support the NXDomain action with dynamic blocks
471 Add a 'creationOrder' field to rules
478 Fix return-type detection with boost 1.69's tribool
485 Fix format string issue on 32bits ARM
491 Wrap TCP connection objects in smart pointers
498 Add the setConsoleOutputMaxMsgSize function
511 Add the ability to update webserver credentials
517 Add a PoolAvailableRule to easily add backup pools (Robin Geuze)
524 Handle trailing data correctly when adding OPT or ECS info
528 :released: 10th of July 2018
534 Add missing include for PRId64, fix build on CentOS 6 / SLES 12
538 :released: 10th of July 2018
545 Remove `thelog` and `thel` and replace this with a global g_log
551 Fix two small nits on the documentation
558 Move the el6 dnsdist package to upstart
564 Initialize the done variable in the rings' unit tests
570 Reorder headers to fix OpenBSD build
577 CLI option improvements (Chris Hofstaedtler)
583 Split pdns_enable_unit_tests (Chris Hofstaedtler)
589 Restrict value range for weight parameter, avoid sum overflows dropping queries (Dan McCombs)
593 :pullreq: 6445, 6457, 6470
602 Docs: fix missing ref in the dnsdist docs
608 Be more permissive in wrandom tests, log values on failure
615 Tests: avoid failure on not-so-optimal distribution
622 Add support for more than one TLS certificate
628 Add syntax to dns.proto to silence compilation warning.
634 Fix warnings reported by gcc 8.1.0
641 Document setVerboseHealthchecks()
647 Update dq.rst (phonedph1)
659 Don't copy unitialized values of SuffixMatchTree
665 Expose toString of various objects to Lua (Chris Hofstaedtler)
671 Remove 'expired' states from MaxQPSIPRule
677 Fix reconnection handling
684 Mark the remote member of DownstreamState as const
690 Dynamic blocks were being created with the wrong duration (David Freedman)
697 Test the content of dynamic blocks using the API
704 Default set "connection: close" header for web requests
710 Update timedipsetrule.rst (phonedph1)
717 Don't access the TCP buffer vector past its size
723 Show droprate in API output
730 Limit qps and latency to two decimals in the web view
737 Refuse console connection without a proper key set
744 Add a negative ttl option to the packet cache
750 Check the flags to detect collisions in the packet cache
756 Add the ability to dump a summary of the cache content
762 Fix iterating over the results of exceed*() functions
768 Fix duration false positive in the dynblock regression tests
774 Add netmask-based {ex,in}clusions to DynblockRulesGroup
781 Add DNSAction.NoOp to debug dynamic blocks
788 Implement NoneAction()
795 Detect ECS collisions in the packet cache
801 Fix an outstanding counter race when reusing states
808 Add SetECSAction to set an arbitrary outgoing ecs value
814 Use LRU to clean the MaxQPSIPRule's store
820 Disable maybe uninitialized warnings with boost optional
826 Add support for rotating certificates and keys
833 Luawrapper: report caught std::exception as lua_error
839 Dnstap.rst: fix some editing errors (Chris Hofstaedtler)
846 Allow known exception types to be converted to string
851 :released: 30th of March 2018
854 :tags: Improvements, New Features
858 Add cache sharding, ``recvmmsg`` and CPU pinning support.
859 With these, the scalability of :program:`dnsdist` is drastically improved.
865 Add burst option to :func:`MaxQPSIPRule` (42wim).
872 Handle SNMP alarms so we can reconnect to the master.
878 Add an optional `status` parameter to :func:`Server:setAuto`.
885 Fix signed/unsigned comparison warnings on ARM.
891 Add Pools, cacheHitResponseRules to the API.
897 Add :func:`inClientStartup` function.
904 Add a class option to health checks.
910 Add tag-based routing of queries.
914 :pullreq: 6117, 6175, 6176, 6177, 6189
916 Add experimental :doc:`DNS-over-TLS <guides/dns-over-tls>` support.
922 Add UUIDs to rules, this allows tracking rules through modifications and moving them around.
928 Keep trying if the first connection to the remote logger failed
934 Add simple :doc:`dnstap <reference/dnstap>` support (Justin Valentini, Chris Hofstaedtler).
941 Apply ResponseRules to locally generated answers (Chris Hofstaedtler).
947 Report :func:`LuaAction` and :func:`LuaResponseAction` failures in the log and send SERVFAIL instead of not answering the query (Chris Hofstaedtler).
953 Unify global statistics accounting (Chris Hofstaedtler).
959 Speed up the processing of large ring buffers.
960 This change will make :program:`dnsdist` more scalable with a large number of different clients.
967 Make custom :func:`addLuaAction` and :func:`addLuaResponseAction` callback's second return value optional.
973 Add "server-up" metric count to Carbon Reporting (Lowell Mower).
979 Add xchacha20 support for :doc:`DNSCrypt <guides/dnscrypt>`.
985 Scalability improvement: Add an option to use several source ports towards a backend.
992 Add '?' and 'help' for providing help() output on ``dnsdist -c`` (Kirill Ponomarev, Chris Hofstaedtler).
998 Replace the Lua mutex with a rw lock to limit contention.
999 This improves the processing speed and parallelism of the policies.
1003 :pullreq: 6220, 5594
1004 :tickets: 5079, 5654
1006 Add experimental XPF support based on `draft-bellis-dnsop-xpf-04 <https://tools.ietf.org/html/draft-bellis-dnsop-xpf-04>`__.
1012 Add :func:`ERCodeRule` to match on extended RCodes (Chris Hofstaedtler).
1018 Fix escaping unusual DNS label octets in DNSName is off by one (Kees Monshouwer).
1024 Add :func:`TempFailureCacheTTLAction` (Chris Hofstaedtler).
1030 Ensure :program:`dnsdist` compiles on NetBSD (Tom Ivar Helbekkmo).
1037 Also log eBPF dynamic blocks, as regular dynamic block already are.
1040 :tags: New Features, Improvements
1043 Add :ref:`DynBlockRulesGroup` to improve processing speed of the :func:`maintenance` function by reducing memory usage and not walking the ringbuffers multiple times.
1050 Remove the ``--daemon`` option from :program:`dnsdist`.
1057 Add :func:`console ACL <addConsoleACL>` functions.
1064 Allow adding :meth:`EDNS Client Subnet information <ServerPool:setECS>` to a query before looking in the cache.
1065 This allows serving ECS enabled answers from the cache when all servers in a pool are down.
1072 Ensure large numbers are shown correctly in the API.
1079 Add option to :func:`showRules` to truncate the output length.
1085 Avoid assertion errors in :func:`NewServer` (Chris Hofstaedtler).
1091 Fix several warnings reported by clang's analyzer and cppcheck, should lead to small performance increases.
1096 :released: 16th of February 2018
1102 Add configuration option to disable IP_BIND_ADDRESS_NO_PORT (Dan McCombs).
1108 Handle bracketed IPv6 addresses without ports (Chris Hofstaedtler).
1114 Make dnsdist dynamic truncate do right thing on TCP/IP.
1120 Add missing QPSAction
1126 Don't create a Remote Logger in client mode.
1132 Use libsodium's CFLAGS, we might need them to find the includes.
1138 Keep the TCP connection open on cache hit, generated answers.
1144 Add the missing <sys/time.h> include to mplexer.hh for struct timeval.
1150 Sort the servers based on their 'order' after it has been set.
1156 Quiet unused variable warning on macOS (Chris Hofstaedtler).
1163 Fix the outstanding counter when an exception is raised.
1170 Do not connect the snmpAgent from a dnsdist client.
1174 :released: 21st of August 2017
1181 DNSName: Check that both first two bits are set in compressed labels.
1186 :tickets: 4131, 4155
1188 Handle unreachable servers at startup, reconnect stale sockets
1195 Gracefully handle invalid addresses in :func:`newServer`.
1202 Add an option to 'mute' UDP responses per bind.
1205 :tags: New Features, Performance
1208 Add TCP management options from :rfc:`RFC 7766 section 10 <7766#section-10>`.
1214 LuaWrapper: Use the correct index when storing a function.
1221 Save history to home-dir, only use CWD as a last resort.
1227 Add the :func:`setRingBuffersSize` directive to allows changing the ringbuffer size.
1230 :tags: Improvements, Security
1233 Merge the client and server nonces to prevent replay attacks.
1239 Use ``IP_BIND_ADDRESS_NO_PORT`` when available.
1246 Send a latency of 0 over carbon, null over API for down servers.
1251 :tickets: 4775, 4660
1253 Add an optional ``seconds`` parameter to :func:`statNodeRespRing`.
1259 Report a more specific lua version and report luajit in ``--version``.
1262 :tags: Improvements, DNSCrypt
1263 :pullreq: 4813, 4926
1265 Store the computed shared key and reuse it for the response for DNSCrypt messages.
1268 :tags: New Features, Protobuf
1272 Add an option to export CNAME records over protobuf.
1279 Allow TTL alteration via Lua.
1285 Add :func:`RDRule` to match queries with the ``RD`` flag set.
1291 Add :func:`setWHashedPertubation` for consistent ``whashed`` results.
1297 Add ``tcpConnectTimeout`` to :func:`newServer`.
1303 Fix negative port detection for IPv6 addresses on 32-bit.
1310 Fix crashed on SmartOS/Illumos (Roman Dayneko).
1314 :pullreq: 4788, 5036
1317 Add cache hit response rules.
1320 :tags: Improvements, Performance
1323 Add :func:`setTCPUseSinglePipe` to use a single TCP waiting queue.
1330 Change ``truncateTC`` to defaulting to off, having it enabled by default causes an compatibility with :rfc:`6891` (Robin Geuze).
1334 :pullreq: 4987, 5037
1337 Don't cache answers without any TTL (like SERVFAIL).
1340 :tags: Improvements, Performance
1341 :pullreq: 4985, 5501
1344 Add ``sendSizeAndMsgWithTimeout`` to send size and data in a single call and use it for TCP Fast Open towards backends.
1350 Prevent issues by unshadowing variables.
1353 :tags: New Features, SNMP
1354 :pullreq: 4989, 5123, 5204
1356 Add :doc:`SNMP support <advanced/snmp>`.
1359 :tags: Bug Fixes, Performance
1363 Refactor SuffixMatchNode using a SuffixMatchTree.
1369 Register DNSName::chopOff (@plzz).
1375 Allow passing :class:`DNSName`\ s as DNSRules.
1378 :tags: Bug Fixes, Webserver
1381 Send an HTTP 404 on unknown API paths.
1384 :tags: Improvements, Performance
1387 Tune systemd unit-file for medium-sized installations (Winfried Angele).
1393 Add support for setting the server selection policy on a per pool basis (Robin Geuze).
1397 :pullreq: 5150, 5171
1400 Make :func:`includeDirectory` work sorted (Robin Geuze).
1403 :tags: Improvements, LuaWrapper
1406 Allow embedded NULs in strings received from Lua.
1412 Add a ``suffixMatch`` parameter to :meth:`PacketCache:expungeByName` (Robin Geuze).
1418 Cleanup closed TCP downstream connections.
1424 Fix destination port reporting on "any" binds.
1431 Add an option so the packet cache entries don't age.
1434 :tags: Bug Fixes, Security
1437 Unified ``-k`` and :func:`setKey` behaviour for client and server mode now.
1443 Improve reporting of C++ exceptions that bubble up via Lua.
1446 :tags: Improvements, Performance
1449 Add the possiblity to fill a :class:`NetmaskGroup` (using :meth:`NetmaskGroup:addMask`) from `exceeds*` results.
1455 Add better logging on queries that get dropped, timed out or received.
1461 Add :func:`QNameRule`.
1467 Correctly truncate EDNS Client Subnetmasks.
1473 Print useful messages when query and response actions are mixed.
1479 Add an optional action to :func:`addDynBlocks`.
1485 Add an optional interface parameter to :func:`addLocal`/:func:`setLocal`.
1488 :tags: Bug Fixes, Performance
1491 Get rid of ``std::move()`` calls preventing copy elision.
1498 Fix :func:`RecordsTypeCountRule`\ 's handling of the # of records in a section.
1504 Make a ``truncate`` action available to DynBlock and Lua.
1511 Change stats functions to always return lowercase names (Robin Geuze).
1517 Implement a runtime changeable rule that matches IP address for a certain time called :func:`TimedIPSetRule`.
1521 :pullreq: 5449, 5454
1523 Only use TCP Fast Open when supported and prevent compiler warnings.
1529 Add ``DNSRule::toString()`` and add virtual destructors to DNSRule, DNSAction and DNSResponseAction so the destructors of derived classes are run even when deleted via the base type.
1535 Add support for returning several IPs to spoof from Lua.
1539 :pullreq: 5490, 5508
1540 :tickets: 5420, 5507
1542 Add Lua bindings to be able to rotate DNSCrypt keys, see :doc:`guides/dnscrypt`.
1545 :tags: Improvements, Performance
1548 Add labels count to StatNode, only set the name once.
1559 :pullreq: 5396, 5577
1561 Add the capability to set arbitrary tags in protobuf messages.
1568 Skip timeouts on the response latency graph.
1575 Deprecate syntactic sugar functions.
1582 Don't use square brackets for IPv6 in Carbon metrics.
1589 Copy the DNS header before encrypting it in place.
1596 Add setConsoleConnectionsLogging().
1602 Fix potential pointer wrap-around on 32 bits.
1608 Make the API available with an API key only.
1613 Released December 29th 2016
1615 Changes since 1.1.0-beta2:
1620 - `#4783 <https://github.com/PowerDNS/pdns/pull/4783>`__: Add -latomic
1622 - `#4812 <https://github.com/PowerDNS/pdns/pull/4812>`__: Handle
1623 header-only responses, handle Refused as Servfail in the cache
1628 - `#4762 <https://github.com/PowerDNS/pdns/pull/4762>`__:
1629 SuffixMatchNode: Fix an insertion issue for an existing node
1630 - `#4772 <https://github.com/PowerDNS/pdns/pull/4772>`__: Fix dnsdist
1631 initscript config check
1636 Released December 14th 2016
1638 Changes since 1.1.0-beta1:
1643 - `#4518 <https://github.com/PowerDNS/pdns/pull/4518>`__: Fix dynblocks
1644 over TCP, allow refusing dyn blocked queries
1645 - `#4519 <https://github.com/PowerDNS/pdns/pull/4519>`__: Allow
1646 altering the ECS behavior via rules and Lua
1647 - `#4535 <https://github.com/PowerDNS/pdns/pull/4535>`__: Add
1648 ``DNSQuestion:getDO()``
1649 - `#4653 <https://github.com/PowerDNS/pdns/pull/4653>`__:
1650 ``getStatisticsCounters()`` to access counters from Lua
1651 - `#4657 <https://github.com/PowerDNS/pdns/pull/4657>`__: Add
1652 ``includeDirectory(dir)``
1653 - `#4658 <https://github.com/PowerDNS/pdns/pull/4658>`__: Allow editing
1655 - `#4702 <https://github.com/PowerDNS/pdns/pull/4702>`__: Add
1656 ``setUDPTimeout(n)``
1657 - `#4726 <https://github.com/PowerDNS/pdns/pull/4726>`__: Add an option
1658 to return ServFail when no server is available
1659 - `#4748 <https://github.com/PowerDNS/pdns/pull/4748>`__: Add
1660 ``setCacheCleaningPercentage()``
1665 - `#4533 <https://github.com/PowerDNS/pdns/pull/4533>`__: Fix building
1666 with clang on OS X and FreeBSD
1667 - `#4537 <https://github.com/PowerDNS/pdns/pull/4537>`__: Replace
1668 luawrapper's std::forward/std::make\_tuple combo with
1669 std::forward\_as\_tuple (Sangwhan "fish" Moon)
1670 - `#4596 <https://github.com/PowerDNS/pdns/pull/4596>`__: Change the
1671 default max number of queued TCP conns to 1000
1672 - `#4632 <https://github.com/PowerDNS/pdns/pull/4632>`__: Improve
1673 dnsdist error message on a common typo/config mistake
1674 - `#4694 <https://github.com/PowerDNS/pdns/pull/4694>`__: Don't use a
1675 const\_iterator for erasing (fix compilation with some versions of
1677 - `#4715 <https://github.com/PowerDNS/pdns/pull/4715>`__: Specify that
1678 dnsmessage.proto uses protobuf version 2
1679 - `#4765 <https://github.com/PowerDNS/pdns/pull/4765>`__: Some service
1685 - `#4425 <https://github.com/PowerDNS/pdns/pull/4425>`__: Fix a
1686 protobuf regression (requestor/responder mix-up) caused by a94673e
1687 - `#4541 <https://github.com/PowerDNS/pdns/pull/4541>`__: Fix insertion
1688 issues in SuffixMatchTree, move it to dnsname.hh
1689 - `#4553 <https://github.com/PowerDNS/pdns/pull/4553>`__: Flush output
1690 in single command client mode
1691 - `#4578 <https://github.com/PowerDNS/pdns/pull/4578>`__: Fix
1692 destination address reporting
1693 - `#4640 <https://github.com/PowerDNS/pdns/pull/4640>`__: Don't exit
1694 dnsdist on an exception in maintenance
1695 - `#4721 <https://github.com/PowerDNS/pdns/pull/4721>`__: Handle
1696 exceptions in the UDP responder thread
1697 - `#4734 <https://github.com/PowerDNS/pdns/pull/4734>`__: Add the TCP
1698 socket to the map only if the connection succeeds. Closes #4733
1699 - `#4742 <https://github.com/PowerDNS/pdns/pull/4742>`__: Decrement the
1700 queued TCP conn count if writing to the pipe fails
1701 - `#4743 <https://github.com/PowerDNS/pdns/pull/4743>`__: Ignore
1702 newBPFFilter() and newDynBPFFilter() in client mode
1703 - `#4753 <https://github.com/PowerDNS/pdns/pull/4753>`__: Fix FD leak
1704 on TCP connection failure, handle TCP worker creation failure
1705 - `#4764 <https://github.com/PowerDNS/pdns/pull/4764>`__: Prevent race
1706 while creating new TCP worker threads
1711 Released September 1st 2016
1713 Changes since 1.0.0:
1718 - `#3762 <https://github.com/PowerDNS/pdns/pull/3762>`__ Teeaction:
1719 send copy of query to second nameserver, sponge responses
1720 - `#3876 <https://github.com/PowerDNS/pdns/pull/3876>`__ Add
1721 ``showResponseRules()``, ``{mv,rm,top}ResponseRule()``
1722 - `#3936 <https://github.com/PowerDNS/pdns/pull/3936>`__ Filter on
1723 opcode, records count/type, trailing data
1724 - `#3975 <https://github.com/PowerDNS/pdns/pull/3975>`__ Make dnsdist
1725 {A,I}XFR aware, document possible issues
1726 - `#4006 <https://github.com/PowerDNS/pdns/pull/4006>`__ Add eBPF
1727 source address and qname/qtype filtering
1728 - `#4008 <https://github.com/PowerDNS/pdns/pull/4008>`__ Node
1729 infrastructure for querying recent traffic
1730 - `#4042 <https://github.com/PowerDNS/pdns/pull/4042>`__ Add
1731 server-side TCP Fast Open support
1732 - `#4050 <https://github.com/PowerDNS/pdns/pull/4050>`__ Add
1733 ``clearRules()`` and ``setRules()``
1734 - `#4114 <https://github.com/PowerDNS/pdns/pull/4114>`__ Add
1735 ``QNameLabelsCountRule()`` and ``QNameWireLengthRule()``
1736 - `#4116 <https://github.com/PowerDNS/pdns/pull/4116>`__ Added src
1737 boolean to NetmaskGroupRule to match destination address (Reinier
1739 - `#4175 <https://github.com/PowerDNS/pdns/pull/4175>`__ Implemented
1740 query counting (Reinier Schoof)
1741 - `#4244 <https://github.com/PowerDNS/pdns/pull/4244>`__ Add a
1742 ``setCD`` parameter to set cd=1 on health check queries
1743 - `#4284 <https://github.com/PowerDNS/pdns/pull/4284>`__ Add
1744 RCodeRule(), Allow, Delay and Drop response actions
1745 - `#4305 <https://github.com/PowerDNS/pdns/pull/4305>`__ Add an
1746 optional Lua callback for altering a Protobuf message
1747 - `#4309 <https://github.com/PowerDNS/pdns/pull/4309>`__ Add
1748 showTCPStats function (RobinGeuze)
1749 - `#4329 <https://github.com/PowerDNS/pdns/pull/4329>`__ Add options to
1750 LogAction() so it can append (instead of truncate) (Duane Wessels)
1755 - `#3714 <https://github.com/PowerDNS/pdns/pull/3714>`__ Add
1756 documentation links to dnsdist.service (Ruben Kerkhof)
1757 - `#3754 <https://github.com/PowerDNS/pdns/pull/3754>`__ Allow the use
1758 of custom headers in the web server
1759 - `#3826 <https://github.com/PowerDNS/pdns/pull/3826>`__ Implement a
1760 'quiet' mode for SuffixMatchNodeRule()
1761 - `#3836 <https://github.com/PowerDNS/pdns/pull/3836>`__ Log the
1762 content of webserver's exceptions
1763 - `#3858 <https://github.com/PowerDNS/pdns/pull/3858>`__ Only log
1764 YaHTTP's parser exceptions in verbose mode
1765 - `#3877 <https://github.com/PowerDNS/pdns/pull/3877>`__ Increase max
1766 FDs in systemd unit, warn if clearly too low
1767 - `#4019 <https://github.com/PowerDNS/pdns/pull/4019>`__ Add an
1768 optional ``addECS`` option to ``TeeAction()``
1769 - `#4029 <https://github.com/PowerDNS/pdns/pull/4029>`__ Add version
1770 and feature information to version output
1771 - `#4079 <https://github.com/PowerDNS/pdns/pull/4079>`__ Return an
1772 error on RemoteLog{,Response}Action() w/o protobuf
1773 - `#4246 <https://github.com/PowerDNS/pdns/pull/4246>`__ API now sends
1774 pools as a JSON array instead of a string
1775 - `#4302 <https://github.com/PowerDNS/pdns/pull/4302>`__ Add ``help()``
1776 and ``showVersion()``
1777 - `#4286 <https://github.com/PowerDNS/pdns/pull/4286>`__ Add response
1778 rules to the API and Web status page
1779 - `#4068 <https://github.com/PowerDNS/pdns/pull/4068>`__ Display the
1780 dyn eBPF filters stats in the web interface
1785 - `#3755 <https://github.com/PowerDNS/pdns/pull/3755>`__ Fix RegexRule
1786 example in dnsdistconf.lua
1787 - `#3773 <https://github.com/PowerDNS/pdns/pull/3773>`__ Stop copying
1788 the HTTP request headers to the response
1789 - `#3837 <https://github.com/PowerDNS/pdns/pull/3837>`__ Remove dnsdist
1790 service file on trusty
1791 - `#3840 <https://github.com/PowerDNS/pdns/pull/3840>`__ Catch
1792 WrongTypeException in client mode
1793 - `#3906 <https://github.com/PowerDNS/pdns/pull/3906>`__ Keep the
1794 servers ordered inside pools
1795 - `#3988 <https://github.com/PowerDNS/pdns/pull/3988>`__ Fix
1796 ``grepq()`` output in the README
1797 - `#3992 <https://github.com/PowerDNS/pdns/pull/3992>`__ Fix some typos
1798 in the AXFR/IXFR documentation
1799 - `#3995 <https://github.com/PowerDNS/pdns/pull/3995>`__ Fix comparison
1800 between signed and unsigned integer
1801 - `#4049 <https://github.com/PowerDNS/pdns/pull/4049>`__ Fix dnsdist
1802 rpm building script #4048 (Daniel Stirnimann)
1803 - `#4065 <https://github.com/PowerDNS/pdns/pull/4065>`__ Include
1804 editline/readline.h instead of readline.h/history.h
1805 - `#4067 <https://github.com/PowerDNS/pdns/pull/4067>`__ Disable eBPF
1806 support when BPF\_FUNC\_tail\_call is not found
1807 - `#4069 <https://github.com/PowerDNS/pdns/pull/4069>`__ Fix a buffer
1808 overflow when displaying an OpcodeRule
1809 - `#4101 <https://github.com/PowerDNS/pdns/pull/4101>`__ Fix $
1810 expansion in build-dnsdist-rpm
1811 - `#4198 <https://github.com/PowerDNS/pdns/pull/4198>`__ newServer
1812 setting maxCheckFailures makes no sense (stutiredboy)
1813 - `#4205 <https://github.com/PowerDNS/pdns/pull/4205>`__ Prevent the
1814 use of "any" addresses for downstream server
1815 - `#4220 <https://github.com/PowerDNS/pdns/pull/4220>`__ Don't log an
1816 error when parsing an invalid UDP query
1817 - `#4348 <https://github.com/PowerDNS/pdns/pull/4348>`__ Fix invalid
1818 outstanding count for {A,I}XFR over TCP
1819 - `#4365 <https://github.com/PowerDNS/pdns/pull/4365>`__ Reset origFD
1820 asap to keep the outstanding count correct
1821 - `#4375 <https://github.com/PowerDNS/pdns/pull/4375>`__ Tuple requires
1822 make\_tuple to initialize
1823 - `#4380 <https://github.com/PowerDNS/pdns/pull/4380>`__ Fix
1824 compilation with clang when eBPF support is enabled
1829 Released April 21st 2016
1831 Changes since 1.0.0-beta1:
1836 - `#3700 <https://github.com/PowerDNS/pdns/pull/3700>`__ Create user
1837 from the RPM package to drop privs
1838 - `#3712 <https://github.com/PowerDNS/pdns/pull/3712>`__ Make check
1839 should run testrunner
1840 - `#3713 <https://github.com/PowerDNS/pdns/pull/3713>`__ Remove
1841 contrib/dnsdist.service (Ruben Kerkhof)
1842 - `#3722 <https://github.com/PowerDNS/pdns/pull/3722>`__ Use LT\_INIT
1843 and disable static objects (Ruben Kerkhof)
1844 - `#3724 <https://github.com/PowerDNS/pdns/pull/3724>`__ Include
1845 PDNS\_CHECK\_OS in configure (Christian Hofstaedtler)
1846 - `#3728 <https://github.com/PowerDNS/pdns/pull/3728>`__ Document
1847 libedit Ctrl-R workaround for CentOS 6
1848 - `#3730 <https://github.com/PowerDNS/pdns/pull/3730>`__ Make
1849 ``topBandwidth()`` behave like other top\* functions
1850 - `#3731 <https://github.com/PowerDNS/pdns/pull/3731>`__ Clarify a bit
1851 the documentation of load-balancing policies
1856 - `#3711 <https://github.com/PowerDNS/pdns/pull/3711>`__ Building rpm
1857 needs systemd headers (Ruben Kerkhof)
1858 - `#3736 <https://github.com/PowerDNS/pdns/pull/3736>`__ Add missing
1859 Lua binding for NetmaskGroupRule()
1860 - `#3739 <https://github.com/PowerDNS/pdns/pull/3739>`__ Drop
1861 privileges after daemonizing and writing our pid
1866 Released April 14th 2016
1868 Changes since 1.0.0-alpha2:
1873 - Per-pool packet cache
1874 - Some actions do not stop the processing anymore when they match,
1875 allowing more complex setups: Delay, Disable Validation, Log,
1876 MacAddr, No Recurse and of course None
1877 - The new RE2Rule() is available, using the RE2 regular expression
1878 library to match queries, in addition to the existing POSIX-based
1880 - SpoofAction() now supports multiple A and AAAA records
1881 - Remote logging of questions and answers via Protocol Buffer
1886 - `#3405 <https://github.com/PowerDNS/pdns/pull/3405>`__ Add health
1887 check logging, ``maxCheckFailures`` to backend
1888 - `#3412 <https://github.com/PowerDNS/pdns/pull/3412>`__ Check config
1889 - `#3440 <https://github.com/PowerDNS/pdns/pull/3440>`__ Client
1890 operation improvements
1891 - `#3466 <https://github.com/PowerDNS/pdns/pull/3466>`__ Add dq binding
1892 for skipping packet cache in LuaAction (Jan Broer)
1893 - `#3499 <https://github.com/PowerDNS/pdns/pull/3499>`__ Add support
1894 for multiple carbon servers
1895 - `#3504 <https://github.com/PowerDNS/pdns/pull/3504>`__ Allow
1896 accessing the API with an optional API key
1897 - `#3556 <https://github.com/PowerDNS/pdns/pull/3556>`__ Add an option
1898 to limit the number of queued TCP connections
1899 - `#3578 <https://github.com/PowerDNS/pdns/pull/3578>`__ Add a
1900 ``disable-syslog`` option
1901 - `#3608 <https://github.com/PowerDNS/pdns/pull/3608>`__ Export cache
1903 - `#3622 <https://github.com/PowerDNS/pdns/pull/3622>`__ Display the
1904 ACL content on startup
1905 - `#3627 <https://github.com/PowerDNS/pdns/pull/3627>`__ Remove ECS
1906 option from response's OPT RR when necessary
1907 - `#3633 <https://github.com/PowerDNS/pdns/pull/3633>`__ Count "TTL too
1909 - `#3677 <https://github.com/PowerDNS/pdns/pull/3677>`__ systemd-notify
1915 - `#3388 <https://github.com/PowerDNS/pdns/pull/3388>`__ Lock the Lua
1916 context before executing a LuaAction
1917 - `#3433 <https://github.com/PowerDNS/pdns/pull/3433>`__ Check that the
1918 answer matches the initial query
1919 - `#3461 <https://github.com/PowerDNS/pdns/pull/3461>`__ Fix crash when
1920 calling rmServer() with an invalid index
1921 - `#3550 <https://github.com/PowerDNS/pdns/pull/3550>`__,\ `#3551 <https://github.com/PowerDNS/pdns/pull/3551>`__
1922 Fix build failure on FreeBSD (Ruben Kerkhof)
1923 - `#3594 <https://github.com/PowerDNS/pdns/pull/3594>`__ Prevent EOF
1924 error for empty console response w/o sodium
1925 - `#3634 <https://github.com/PowerDNS/pdns/pull/3634>`__ Prevent
1926 dangling TCP fd in case setupTCPDownstream() fails
1927 - `#3641 <https://github.com/PowerDNS/pdns/pull/3641>`__ Under
1928 threshold, QPS action should return None, not Allow
1929 - `#3658 <https://github.com/PowerDNS/pdns/pull/3658>`__ Fix a race
1930 condition in MaxQPSIPRule
1935 Released February 5th 2016
1937 Changes since 1.0.0-alpha1:
1942 - Lua functions now receive a DNSQuestion ``dq`` object instead of
1943 several parameters. This adds a greater compatibility with PowerDNS
1944 and allows adding more parameters without breaking the API
1945 (`#3198 <https://github.com/PowerDNS/pdns/issues/3198>`__)
1946 - Added a ``source`` option to ``newServer()`` to specify the local
1947 address or interface used to contact a downstream server
1948 (`#3138 <https://github.com/PowerDNS/pdns/issues/3138>`__)
1949 - CNAME and IPv6-only support have been added to spoofed responses
1950 (`#3064 <https://github.com/PowerDNS/pdns/issues/3064>`__)
1951 - ``grepq()`` can be used to search for slow queries, along with
1953 - New Lua functions: ``addDomainCNAMESpoof()``, ``AllowAction()`` by
1954 @bearggg, ``exceedQRate()``, ``MacAddrAction()``, ``makeRule()``,
1955 ``NotRule()``, ``OrRule()``, ``QClassRule()``, ``RCodeAction()``,
1956 ``SpoofCNAMEAction()``, ``SuffixMatchNodeRule()``, ``TCPRule()``,
1958 - ``NetmaskGroup`` support have been added in Lua
1959 (`#3144 <https://github.com/PowerDNS/pdns/issues/3144>`__)
1960 - Added ``MacAddrAction()`` to add the source MAC address to the
1962 (`#3313 <https://github.com/PowerDNS/pdns/issues/3313>`__)
1967 - An issue in DelayPipe could make dnsdist crash at startup
1968 - ``downstream-timeouts`` metric was not always updated
1969 - ``truncateTC`` was unproperly updating the response length
1970 (`#3126 <https://github.com/PowerDNS/pdns/issues/3126>`__)
1971 - DNSCrypt responses larger than queries were unproperly truncated
1972 - An issue prevented info message from being displayed in non-verbose
1973 mode, fixed by Jan Broer
1974 - Reinstating an expired Dynamic Rule was not correctly logged
1975 (`#3323 <https://github.com/PowerDNS/pdns/issues/3323>`__)
1976 - Initialized counters in the TCP client thread might have cause FD and
1977 memory leak, reported by Martin Pels
1978 (`#3300 <https://github.com/PowerDNS/pdns/issues/3300>`__)
1979 - We now drop queries containing no question (qdcount == 0)
1980 (`#3290 <https://github.com/PowerDNS/pdns/issues/3290>`__)
1981 - Outstanding TCP queries count was not always correct
1982 (`#3288 <https://github.com/PowerDNS/pdns/issues/3288>`__)
1983 - A locking issue in exceedRespGen() might have caused crashs
1984 (`#3277 <https://github.com/PowerDNS/pdns/issues/3277>`__)
1985 - Useless sockets were created in client mode
1986 (`#3257 <https://github.com/PowerDNS/pdns/issues/3257>`__)
1987 - ``addAnyTCRule()`` was generating TC=1 responses even over TCP
1988 (`#3251 <https://github.com/PowerDNS/pdns/issues/3251>`__)
1993 - Cleanup of the HTML by Sander Hoentjen
1994 - Fixed an XSS reported by @janeczku
1995 (`#3217 <https://github.com/PowerDNS/pdns/issues/3217>`__)
1996 - Removed remote images
1997 - Set the charset to UTF-8, added some security-related and CORS HTTP
1999 - Added server latency by Jan Broer
2000 (`#3201 <https://github.com/PowerDNS/pdns/issues/3201>`__)
2001 - Switched to official minified versions of JS scripts, by Sander
2002 Hoentjen (`#3317 <https://github.com/PowerDNS/pdns/issues/3317>`__)
2003 - Don't log unauthenticated HTTP request as an authentication failure
2005 Various documentation updates and minor cleanups:
2006 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2008 - Added documentation for Advanced DNS Protection features (Dynamic
2009 rules, ``maintenance()``)
2010 - Make ``topBandwidth()`` default to the top 10 clients
2011 - Replaced readline with libedit
2012 - Added GPL2 License
2013 (`#3200 <https://github.com/PowerDNS/pdns/issues/3200>`__)
2014 - Added incbin License
2015 (`#3269 <https://github.com/PowerDNS/pdns/issues/3269>`__)
2016 - Updated completion rules
2017 - Removed wrong option ``--daemon-no`` by Stefan Schmidt
2022 Released December 24th 2015