return NULL;
}
worker->back = outside_network_create(worker->base,
- buffer_size, (size_t)cfg->outgoing_num_ports, NULL, 0,
- cfg->do_ip4, cfg->do_ip6, cfg->outgoing_base_port);
+ buffer_size, (size_t)cfg->outgoing_num_ports, cfg->ifs,
+ cfg->num_ifs, cfg->do_ip4, cfg->do_ip6,
+ cfg->outgoing_base_port);
if(!worker->back) {
log_err("could not create outgoing sockets");
worker_delete(worker);
except the listening ports. Then the config file is reread.
And everything is started again (and listening ports if needed).
- Ports for queries are shared.
+ - config file added interface:, chroot: and username:.
22 February 2007: Wouter
- Have a config file. Removed commandline options, moved to config.
# number of threads to create. 1 disables threading.
# num-threads: 1
+ # specify the interfaces to answer queries from by ip-address.
+ # If you give none the default (all) interface is used.
+ # interface: 127.0.0.1
+
# port to answer queries from
# port: 53
# The port number to send forwarded queries to.
# forward-to-port: 53
+ # if given, a chroot(2) is done to the given directory.
+ # chroot: "/some/directory"
+
+ # if given, user privileges are dropped (after binding port),
+ # and the given username is assumed. Default is nothing "".
+ # username: "unbound"
The number of threads to create to serve clients. Use 1 for no threading.
.It \fBport:\fR <port number>
The port number, default 53, on which the server responds to queries.
+.It \fBinterface:\fR <ip address>
+Interface to use to connect to the network. Can be given multiple times to
+work on several interfaces. If none are given the default (all) is used.
.It \fBoutgoing-port:\fR <port number>
The starting port number where the outgoing query port range is allocated.
Default is 1053.
.It \fBforward-to-port:\fR <port number>
The port on which the remote server is running that answers forwarded queries.
Default is 53.
+.It \fBchroot:\fR <directory>
+If given a chroot is done to the given directory. The default is none ("").
+.It \fBusername:\fR <name>
+If given, after binding the port the user privileges are dropped. Default is
+not to change user, username: "". If this user is not capable of binding the
+port, reloads (by signal HUP) will work, however, if you change the port
+number in the config file, and that port number requires privileges, then
+a reload will fail to bind to the new port number; a restart is needed.
.Sh FILES
.Bl -tag -width indent
/** calculate number of ip4 and ip6 interfaces, times multiplier. */
static void
-calc_num46(const char** ifs, int num_ifs, int do_ip4, int do_ip6,
+calc_num46(char** ifs, int num_ifs, int do_ip4, int do_ip6,
size_t multiplier, size_t* num_ip4, size_t* num_ip6)
{
int i;
struct outside_network*
outside_network_create(struct comm_base *base, size_t bufsize,
- size_t num_ports, const char** ifs, int num_ifs, int do_ip4,
+ size_t num_ports, char** ifs, int num_ifs, int do_ip4,
int do_ip6, int port_base)
{
struct outside_network* outnet = (struct outside_network*)
* @return: the new structure (with no pending answers) or NULL on error.
*/
struct outside_network* outside_network_create(struct comm_base* base,
- size_t bufsize, size_t num_ports, const char** ifs, int num_ifs,
+ size_t bufsize, size_t num_ports, char** ifs, int num_ifs,
int do_ip4, int do_ip6, int port_base);
/**
struct outside_network*
outside_network_create(struct comm_base* base, size_t bufsize,
- size_t ATTR_UNUSED(num_ports), const char** ATTR_UNUSED(ifs),
+ size_t ATTR_UNUSED(num_ports), char** ATTR_UNUSED(ifs),
int ATTR_UNUSED(num_ifs), int ATTR_UNUSED(do_ip4),
int ATTR_UNUSED(do_ip6), int ATTR_UNUSED(port_base))
{
free(cfg->fwd_address);
free(cfg->username);
free(cfg->chrootdir);
+ if(cfg->ifs) {
+ int i;
+ for(i=0; i<cfg->num_ifs; i++)
+ free(cfg->ifs[i]);
+ free(cfg->ifs);
+ }
free(cfg);
}
do-tcp{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_DO_TCP;}
forward-to{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_FORWARD_TO;}
forward-to-port{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_FORWARD_TO_PORT;}
+interface{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_INTERFACE;}
+chroot{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_CHROOT;}
+username{COLON} { LEXOUT(("v(%s) ", yytext)); return VAR_USERNAME;}
{NEWLINE} { LEXOUT(("NL\n")); cfg_parser->line++;}
/* Quoted strings. Strip leading and ending quotes */
BEGIN(INITIAL);
yytext[yyleng - 1] = '\0';
yylval.str = strdup(yytext);
+ if(!yylval.str)
+ yyerror("out of memory");
return STRING;
}
%token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
%token <str> STRING
%token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
-%token VAR_OUTGOING_PORT VAR_OUTGOING_RANGE
+%token VAR_OUTGOING_PORT VAR_OUTGOING_RANGE VAR_INTERFACE
%token VAR_DO_IP4 VAR_DO_IP6 VAR_DO_UDP VAR_DO_TCP
-%token VAR_FORWARD_TO VAR_FORWARD_TO_PORT
-
+%token VAR_FORWARD_TO VAR_FORWARD_TO_PORT VAR_CHROOT
+%token VAR_USERNAME
%%
toplevelvars: /* empty */ | toplevelvars toplevelvar ;
content_server: server_num_threads | server_verbosity | server_port |
server_outgoing_port | server_outgoing_range | server_do_ip4 |
server_do_ip6 | server_do_udp | server_do_tcp | server_forward_to |
- server_forward_to_port;
+ server_forward_to_port | server_interface | server_chroot |
+ server_username;
server_num_threads: VAR_NUM_THREADS STRING
{
OUTYY(("P(server_num_threads:%s)\n", $2));
free($2);
}
;
+server_interface: VAR_INTERFACE STRING
+ {
+ OUTYY(("P(server_interface:%s)\n", $2));
+ if(cfg_parser->cfg->num_ifs == 0)
+ cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
+ else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
+ (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
+ if(!cfg_parser->cfg->ifs)
+ yyerror("out of memory");
+ else
+ cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
+ }
+ ;
server_outgoing_port: VAR_OUTGOING_PORT STRING
{
OUTYY(("P(server_outgoing_port:%s)\n", $2));
free($2);
}
;
+server_chroot: VAR_CHROOT STRING
+ {
+ OUTYY(("P(server_chroot:%s)\n", $2));
+ free(cfg_parser->cfg->chrootdir);
+ cfg_parser->cfg->chrootdir = $2;
+ }
+ ;
+server_username: VAR_USERNAME STRING
+ {
+ OUTYY(("P(server_username:%s)\n", $2));
+ free(cfg_parser->cfg->username);
+ cfg_parser->cfg->username = $2;
+ }
+ ;
%%
/* parse helper routines could be here */
projects / thirdparty / unbound.git / commitdiff
