Example config file fix for CERT Vulnerability VU#598349.

commit: 7cbf497da4100ea0d1c1974b59f9503e15a0cf80 [log] [tgz]
author: Simon Kelley <simon@thekelleys.org.uk> Wed Sep 26 18:03:10 2018 +0100
committer: Simon Kelley <simon@thekelleys.org.uk> Wed Sep 26 18:04:38 2018 +0100
tree: c5ca291099234ad14793c3e86fd41d59c1f2ec20
parent: 3a610a007fd80751330591c7e1a3a5d31e72727b [diff] [blame]
diff --git a/dnsmasq.conf.example b/dnsmasq.conf.example
index 008ddb7..bf19424 100644
--- a/dnsmasq.conf.example
+++ b/dnsmasq.conf.example

@@ -672,3 +672,8 @@
 
 # Include all files in a directory which end in .conf
 #conf-dir=/etc/dnsmasq.d/,*.conf
+
+# If a DHCP client claims that its name is "wpad", ignore that.
+# This fixes a security hole. see CERT Vulnerability VU#598349
+#dhcp-name-match=set:wpad-ignore,wpad
+#dhcp-ignore-names=tag:wpad-ignore
commit	7cbf497da4100ea0d1c1974b59f9503e15a0cf80	[log] [tgz]
author	Simon Kelley <simon@thekelleys.org.uk>	Wed Sep 26 18:03:10 2018 +0100
committer	Simon Kelley <simon@thekelleys.org.uk>	Wed Sep 26 18:04:38 2018 +0100
tree	c5ca291099234ad14793c3e86fd41d59c1f2ec20
parent	3a610a007fd80751330591c7e1a3a5d31e72727b [diff] [blame]