blob: b230603da50e8009a7c2707124feab2b58485ca2 [file] [log] [blame]
Simon Kelley9e4abcb2004-01-22 19:47:41 +00001release 0.4 - initial public release
2
3release 0.5 - added caching, removed compiler warning on linux PPC
4
5release 0.6 - TCP handling: close socket and return to connect state if we
6 can't read the first byte. This corrects a problem seen very
7 occasionally where dnsmasq would loop using all available CPU.
8
9 Added a patch from Cris Bailiff <c.bailiff@e-secure.com.au>
10 to set SO_REUSEADDR on the tcp socket which stops problems when
11 dnsmasq is restarted and old connections still exist.
12
13 Stopped claiming in doc.html that smail is the default Debian
14 mailer, since it isn't any longer. (Pointed out by
15 David Karlin <dkarlin@coloradomtn.edu>)
16
17release 0.7 Create a pidfile at /var/run/dnsmasq.pid
18
19 Extensive armouring against "poison packets" courtesy of
20 Thomas Moestl <tmoestl@gmx.net>
21
22 Set sockaddr.sa_family on outgoing address, patch from
23 David Symonds <xoxus@usa.net>
24
25 Patch to clear cache on SIGHUP
26 from Jason L. Wagner <nialscorva@yahoo.com>
27
28 Fix bad bug resulting from not initialising value-result
29 address-length parameter to recvfrom() and accept() - it
30 worked by luck before!
31
32release 0.95 Major rewrite: remove calls to gethostbyname() and talk
33 directly to the upstream server(s) instead.
34 This has many advantages.
35 (1) Dnsmasq no longer blocks during long lookups.
36 (2) All query types are handled now, (eg MX) not just internet
37 address queries. Addresses are cached, all other
38 queries are forwarded directly.
39 (3) Time-to-live data from upstream server is read and
40 used by dnsmasq to purge entries from the cache.
41 (4) /etc/hosts is still read and its contents served (unless
42 the -h option is given).
43 (5) Dnsmasq can get its upstream servers from
44 a file other than /etc/resolv.conf (-r option) this allows
45 dnsmasq to serve names to the machine it is running
46 on (put nameserver 127.0.0.1 in /etc/resolv.conf and
47 give dnsmasq the option -r /etc/resolv.dnsmasq)
48 (6) Dnsmasq will re-read it's servers if the
49 modification time of resolv.conf changes. Along with
50 4 above this allows nameservers to be set
51 automatically by ppp or dhcp.
52
53 A really clever NAT-like technique allows the daemon to have lots
54 of queries in progress, but still remain very lightweight.
55 Dnsmasq has a small footprint and normally doesn't allocate
56 any more memory after start-up. The NAT-like forwarding was
57 inspired by a suggestion from Eli Chen <eli@routefree.com>
58
59release 0.96 Fixed embarrasing thinko in cache linked-list code.
60
61release 0.98 Some enhancements and bug-fixes.
62 Thanks to "Denis Carre" <denis.carre@laposte.net> and Martin
63 Otte <otte@essc.psu.edu>
64
65 (1) Dnsmasq now always sets the IP source address
66 of its replies correctly. Older versions would not always
67 do this on multi-homed and IP aliased hosts, which violates
68 the RFC.
69 (2) Dnsmasq no longer crashes if a server loop is created
70 (ie dnsmasq is told to use itself as an upstream server.)
71 Now it just logs the problem and doesn't use the bad
72 server address.
73 (3) Dnsmasq should now forward (but not cache) inverse queries
74 and server status queries; this feature has not been tested.
75 (4) Don't write the pid file when in non-daemon mode.
76 (5) Create the pid file mode 644, rather then 666 (!).
77 (6) Generate queries to upstream nameservers with unpredictable
78 ids, to thwart DNS spoofers.
79 (7) Dnsmasq no longer forwards queries when the
80 "recursion desired" bit is not set in the header.
81 (8) Fixed getopt code to work on compliers with unsigned char.
82
83release 0.991 Added -b flag: when set causes dnsmasq to always answer
84 reverse queries on the RFC 1918 private IP space itself and
85 never forward them to an upstream server. If the name is not in
86 /etc/hosts, dnsmasq replies with the dotted-quad address.
87
88 Fixed a bug which stopped dnsmasq working on a box with
89 two or more interfaces with the same IP address.
90
91 Fixed cacheing of CNAMEs. Previously, a CNAME which pointed
92 to a name with many A records would not have all the addresses
93 returned when being answered from the cache.
94
95 Thanks to "Steve Hardy" <s.a.hardy@connectux.com> for his input
96 on these fixes.
97
98 Fixed race which could cause dnsmasq to miss the second of
99 two closely-spaced updates of resolv.conf (Thanks to Eli Chen
100 for pointing this out.)
101
102 Fixed a bug which could cause dnsmasq to fail to cache some
103 dns names.
104
105release 0.992 Small change to memory allocation so that names in /etc/hosts
106 don't use cache slots. Also make "-c 0" flag meaningfully
107 disable caching completely.
108
109release 0.993 Return only the first (canonical) name from an entry in
110 /etc/hosts as reply to reverse query.
111
112 Handle wildcard queries for names/addresses in /etc/hosts
113 this is mainly to allow reverse lookups by dig to succeed.
114 (Bug reported by Simon J. Rowe" <srowe@mose.org.uk>)
115
116 Subtle change to the logic which selects which of multiple
117 upstream servers we send queries to. This fixes a problem
118 where dnsmasq continuously sends queries to a server which
119 is returning error codes and ignores one which is working.
120
121release 0.994 Fixed bug which broke lookup of names in /etc/hosts
122 which have upper-case letters in them. Thanks for Joao Clemente
123 for spotting that one.
124
125 Output cache statistics on receipt of SIGUSR1. These go
126 to syslog except in debug (-d) mode, when a complete cache
127 dump goes to stdout. Suggestion from Joao Clemente, code
128 based in John Volpe's.
129
130 Accept GNU long options on the command line. Code from
131 John Volpe for this.
132
133 Split source code into multiple files and produced
134 a proper makefile.
135
136 Included code from John Volpe to parse dhcp.leases file
137 written by ISC dhcpd. The hostnames in the leases file are
138 added to the cache and updated as dhcpd updates the
139 leases file. The code has been heavily re-worked by me,
140 so any bugs are probably mine.
141
142release 0.995 Small tidy-ups to signal handling and cache code.
143
144release 0.996 Added negative caching: If dnsmasq gets a "no such domain" reply
145 from an upstream nameserver, it will cache that information
146 for a time specified by the SOA RR in the reply. See RFC 2308
147 for details. This is useful with resolver libraries
148 which append assorted suffices to non-FQDN in an attempt to
149 resolve them, causing useless cache misses.
150
151 Added -i flag, which restricts dnsmasq to offering name service
152 only on specified interfaces.
153
154release 0.997 Deleted INSTALL script and added "install" target to makefile.
155
156 Stopped distributing binaries in the tarball to avoid
157 libc version clashes.
158
159 Fixed interface detection code to
160 remove spurious startup errors in rare circumstances.
161
162 Dnsmasq now changes its uid, irrevocably, to nobody after
163 startup for security reasons. Thanks to Peter Bailey for
164 this patch.
165
166 Cope with infinite DHCP leases. Patch thanks to
167 Yaacov Akiba Slama.
168
169 Added rpm control files to .tar.gz distribution. Thanks to
170 Peter Baldwin at ClarkConnect for those.
171
172 Improved startup script for rpms. Thanks to Yaacov Akiba Slama.
173
174release 1.0 Stable release: dnsmasq is now considered feature-complete
175 and stable.
176
177release 1.1 Added --user argument to allow user to change to
178 a different userid.
179
180 Added --mx-target argument to allow mail to be delivered
181 away from the gateway machine running dnsmasq.
182
183 Fixed highly obscure bug with wildcard queries for
184 DHCP lease derived names.
185
186 Moved manpage from section 1 to section 8.
187
188 Added --no-poll option.
189 Added Suse-rpm support.
190 Thanks to Joerg Mayer for the last two.
191
192release 1.2 Added IPv6 DNS record support. AAAA records are cached
193 and read from /etc/hosts. Reverse-lookups in the
194 ip6.int and ip6.arpa domains are suppored. Dnsmasq can
195 talk to upstream servers via IPv6 if it finds IP6 addresses
196 in /etc/resolv.conf and it offers DNS service automatically
197 if IPv6 support is present in the kernel.
198
199 Extended negative caching to NODATA replies.
200
201 Re-vamped CNAME processing to cope with RFC 2317's use of
202 CNAMES to PTR RRs in CIDR.
203
204 Added config.h and a couple of symbols to aid
205 compilation on non-linux systems.
206
207release 1.3 Some versions of the Linux kernel return EINVAL rather
208 then ENPROTONOSUPPORT when IPv6 is not available,
209 causing dnsmasq to bomb out. This release fixes that.
210 Thanks to Steve Davis for pointing this one out.
211
212 Trivial change to startup logic so that dnsmasq logs
213 its stuff and reads config files straight away on
214 starting, rather than after the first query - principle
215 of least surprise applies here.
216
217release 1.4 Fix a bug with DHPC lease parsing which broke in
218 non-UTC timezones. Thanks to Mark Wormgoor for
219 spotting and diagnosing this. Fixed versions in
220 the .spec files this time. Fixed bug in Suse startup
221 script. Thanks to Didi Niklaus for pointing this out.
222
223release 1.5 Added --filterwin2k option which stops dnsmasq from forwarding
224 "spam" queries from win2k boxes. This is useful to stop spurious
225 connections over dial-on-demand links. Thanks to Steve Hardy
226 for this code.
227
228 Clear "truncated" bit in replies we return from upstream. This
229 stops resolvers from switching to TCP, which is pointless since
230 dnsmasq doesn't support TCP. This should solve problems
231 in resolving hotmail.com domains.
232
233 Don't include getopt.h when Gnu-long-options are disabled -
234 hopefully this will allow compilation on FreeBSD.
235
236 Added the --listen-address and --pid-file flags.
237
238 Fixed a bug which caused old entries in the DHCP leases file
239 to be used in preference to current ones under certain
240 circumstances.
241
242release 1.6 If a machine gets named via DHCP and the DHCP name doesn't have
243 a domain part and domain suffix is set using the -s flag, then
244 that machine has two names with the same address, with and
245 without the domain suffix. When doing a _reverse_ lookup to
246 get the name, the "without suffix" name used to be returned,
247 now the "with suffix" one gets returned instead. This change
248 suggested by Arnold Schulz.
249
250 Fixed assorted typos in the documentation. Thanks
251 to David Kimdon.
252
253 Subtle rearrangement to the downloadable tarball, and stopped
254 distributing .debs, since dnsmasq is now an official Debian
255 package.
256
257release 1.7 Fix a problem with cache not clearing properly
258 on receipt of SIGHUP. Bug spotted by Sat Deshpande.
259
260 In group-id changing code:
261 1) Drop supplimentary groups.
262 2) Change gid before dropping root (patch from Soewono Effendi.)
263 3) Change group to "dip" if it exists, to allow access
264 to /etc/ppp/resolv.conf (suggestion from Jorg Sommer.)
265 Update docs to reflect above changes.
266
267 Other documentation changes from David Miller.
268 Added suggested script fragment for dhcpcd.exe.
269
270release 1.8 Fix unsafe use of tolower() macro - allows linking against
271 ulibc. (Patches from Soewono Effendi and Bjorn Andersson.)
272
273 Fix typo in usage string.
274
275 Added advice about RedHat PPP configuration to
276 documentation. (Thanks to C. Lee Taylor.)
277
278 Patches to fix problems on BSD systems from Marc Huber
279 and Can Erkin Acar. These add the options
280 HAVE_ARC4RANDOM and HAVE_SOCKADDR_SA_LEN to config.h.
281 Elaborated config.h - should really use autoconf.
282
283 Fix time-to-live calculation when chasing CNAMEs.
284
285 Fix use-after-free and missing initialisation bugs in
286 the cache code. (Thanks to Marc Huber.)
287
288 Builds on Solaris 9. (Thanks to Marc Huber.)
289
290release 1.9 Fixes to rpm .spec files.
291
292 Don't put expired DHCP entries into the cache only to
293 throw them away again.
294
295 Put dnsmasq on a severe memory diet: this reduces both
296 the amount of heap space used and the stack size
297 required. The difference is not really visible with
298 bloated libcs like glibc, but should dramatically reduce
299 memory requirements when linked against ulibc for use on
300 embeded routers, and that's the point really. Thanks to
301 Matthew Natalier for prompting this.
302
303 Changed debug mode (-d) so that all logging appears on
304 stderr as well as going to syslogd.
305
306 Added HAVE_IPV6 config symbol to allow compilation
307 against a libc which doesn't have IPv6 support.
308
309 Added a facility to log all queries, enabled with -q flag.
310
311 Fixed packet size checking bug in address extraction code.
312
313 Halved default cache size - 300 was way OTT in typical use.
314
315 Added self-MX function, enabled by -e flag. Thanks to
316 Lyonel Vincent for the patch.
317
318 Added HAVE_FORK config symbol and stuff to support
319 uClinux. Thanks to Matthew Natalier for uClinux stuff.
320
321release 1.10 Log warnings if resolv.conf or dhcp.leases are not
322 accessable for any reason, as suggested by Hinrich Eilts.
323
324 Fixed wrong address printing in error message about
325 no interface with address.
326
327 Updated docs and split installation instuctions into setup.html.
328
329 Fix bug in CNAME chasing code: One CNAME pointing
330 to many A records would lose A records after the
331 first. This bug was introduced in version 1.9.
332
333 Log startup failures at level Critical as well as
334 printing them to standard error.
335 Exit with return code 1 when given bad options.
336
337 Cleaned up code for no-cache operation.
338
339 Added -o option which forces dnsmasq to use to
340 upstream servers in the order they appear in /etc/resolv.conf.
341
342 Added upstream server use logging.
343
344 Log full cache dump on receipt of SIGUSR1 when query
345 logging is enabled (-q switch).
346
347 Added -S option to directly specify upstream servers and
348 added ability to direct queries for specific domains to
349 specfic servers. Suggested by Jens Vonderheide.
350
351 Upgraded random ID generation - patch from Rob Funk.
352
353 Fixed reading of domains in arguments with capital
354 letters or trailing periods.
355
356 Fixed potential SEGV when given bad options.
357
358 Read options from /etc/dnsmasq.conf if it exists.
359 Do sensible things with missing parameters, eg
360 "--resolv-file=" turns off reading /etc/resolv.conf.
361
362release 1.11 Actually implement the -R flag promised in the 1.10 man page.
363
364 Improve and rationalise the return codes in answers to
365 queries. In the case that there are no available
366 upstream servers to forward a query to, return REFUSED.
367 This makes sendmail work better on modem connected
368 systems when the modem link is down (Thanks to Roger Plant).
369 Cache and return the NXDOMAIN status of failed queries:
370 this makes the `host` command work when traversing search
371 paths (Thanks to Peter Bailey). Set the "authoritative"
372 bit in replies containing names from /etc/hosts or DHCP.
373
374 Tolerate MS-DOS style line ending codes in /etc/hosts
375 and /etc/resolv.conf, for people who copy from winsock
376 installations.
377
378 Allow specification of more than one resolv.conf file. This is
379 intended for laptops which connect via DHCP or
380 PPP. Whichever resolv.conf was updated last is used.
381
382 Allow -S flags which specify a domain but no server
383 address. This gives local domains which are never forwarded.
384
385 Add -E flag to automatically add the domain suffix to
386 names in /etc/hosts -suggestion from Phil Harman.
387
388 Always return a zero time-to-live for names derived from
389 DHCP which stops anthing else caching these
390 names. Previously the TTL was derived from the lease
391 time but that is incorrect since a lease can be given
392 up early: dnsmasq would know this but anything with the
393 name cached with long TTL would not be updated.
394
395 Extended HAVE_IPV6 config flag to allow compliation on
396 old systems which don't have modern library routines
397 like inet_ntop(). Thanks to Phil Harman for the patch.
398
399release 1.12 Allow more than one domain in server config lines and
400 make "local" a synonym for "server". This makes things
401 like "local=/localnet/thekelleys.org.uk/" legal. Allow
402 port to specified as part of server address.
403
404 Allow whole domains to have an IP address specified
405 in /etc/dnsmasq.conf. (/etc/hosts doesn't work domains).
406 address=/doubleclick.net/127.0.0.1 should catch all
407 those nasty banner ads. Inspired by a patch
408 from Daniel Gryniewicz
409
410 Log the source of each query when logging switched on.
411
412 Fix bug in script fragment for dhcpcd - thanks to Barry Stewart.
413
414 Fix bug which meant that strict-order and self-mx were
415 always enabled.
416
417 Builds with Linux libc5 now - for the Freesco project.
418
419 Fixed Makefile installation script (patch from Silvan
420 Minghetti) and added CC and CFLAGS variables.
421
422 Improve resource allocation to reduce vulnerability to
423 DOS attacks - the old version could have all queries
424 blocked by a continuous high-speed stream of
425 queries. Now some queries will succeed, and the excess
426 will be rejected with a server fail error. This change also
427 protects against server-loops; setting up a resolving
428 loop between two instances of dnsmasq is no longer
429 catastrophic. The servers will continue to run, looped
430 queries fail and a warning is logged. Thanks to C. Lee
431 Taylor for help with this.
432
433release 1.13 Added support for building rpms suitable for modern Suse
434 systems. (patch from Andi <cambeis@netplace.de>)
435
436 Added options --group, --localmx, --local-ttl,
437 --no-negcache, --addn-host.
438
439 Moved all the various rpm-building bits into /rpm.
440
441 Fix builds with glibc 2.1 (thanks to Cristian
442 Ionescu-Idbohrn)
443
444 Preserve case in domain names, as per RFC1035.
445
446 Fixed ANY queries to domains with --address specification.
447
448 Fixed FreeBSD build. (thanks to Steven Honson)
449
450 Added -Q option which allows a specified port to be used
451 to talk to upstream servers. Useful for people who want
452 very paranoid firewalls which open individual UDP port.
453 (thanks to David Coe for the patch)
454
455release 1.14 Fixed man page description of -b option which confused
456 /etc/hosts with /etc/resolv.conf. (thanks to Christopher
457 Weimann)
458
459 Fixed config.h to allow building under MACOS X and glibc
460 2.0.x. (thanks to Matthew Gregan and Serge Caron)
461
462 Added --except-interface option. (Suggested by Serge Caron)
463
464 Added SIGUSR2 facility to re-scan for new
465 interfaces. (Suggested by Serge Caron)
466
467 Fixed SEGV in option-reading code for invalid options.
468 (Thanks to Klaas Teschauer)
469
470 Fixed man page to clarify effect of SIGUSR1 on
471 /etc/resolv.conf.
472 (Thanks to Klaas Teschauer)
473
474 Check that recieved queries have only rfc1035-legal characters
475 in them. This check is mainly to avoid bad strings being
476 sent to syslog.
477
478 Fixed &&/& confusion in option.c and added DESTDIR
479 variable for "make install" (Thanks to Osvaldo
480 Marques for the patch.)
481
482 Fixed /etc/hosts parsing code to cope with MS-DOS
483 line-ends in the file. This was supposed to be done in
484 version 1.11, but something got missed. (Thanks to Doug
485 Copestake for helping to find this.)
486
487 Squash repeated name/address pairs read from hosts
488 files.
489
490 Tidied up resource handling in util.c (Thanks to
491 Cristian Ionescu-Idbohrn).
492
493 Added hashed searching of domain names. People are starting
494 to use dnsmasq with larger loads now, and bigger caches,
495 and large lists of ad-block addresses. This means doing
496 linear searches can start to use lots of CPU so I added hashed
497 searching and seriously optimised the cache code for
498 algorithmic efficiency. Also upped the limit on cache
499 size to 10000.
500
501 Fixed logging of the source of names from the additional
502 hosts file and from the "bogus private address" option.
503
504 Fixed spurious re-reading of empty lease files. (Thanks
505 to Lewis Baughman for spotting this.)
506
507 Fixed building under uclibc (patch from Cristian Ionescu-Idbohrn)
508
509 Do some socket tweaking to allow dnsmasq to co-exist
510 with BIND. Thanks to Stefan 'Sec' Zehl for the patch.
511
512release 1.15 Added --bogus-nxdomain option.
513
514 Restrict checking of resolv.conf and DHCP leases files
515 to once per second. This is intended to improve
516 performance under heavy loads. Also make a system call
517 to get the current time once per query, rather than four
518 times.
519
520 Increased number of outstanding queries to 150 in
521 config.h
522
523release 1.16 Allow "/" characters in domain names - this fixes
524 caching of RFC 2317 CNAME-PTR records.
525
526 Fixed brain-fart in -B option when GETOPT_LONG not
527 enabled - thanks to Steven Young and Jason Miller
528 for pointing this out.
529
530 Generalised bogus-nxdomain code: allow more than one
531 address to check, and deal with replies with multiple
532 answer records. (Based on contribution from Humberto
533 Massa.)
534
535 Updated the documentation to include information about
536 bogus-nxdomain and the Verisign tragedy.
537
538 Added libraries needed on Solaris to Makefile.
539
540 Added facility to set source address in queries to
541 upstream nameservers. This is useful with multihomed
542 hosts, especially when using VPNs. Thanks to Tom Fanning
543 for suggesting this feature.
544
545 Tweaked logging: log to facility LOCAL0 when in
546 debug/no-daemon mode and changed level of query logging
547 from INFO to DEBUG. Make log options controllable in
548 config.h
549
550release 1.17 Fixed crash with DHCP hostnames > 40 characters.
551
552 Fixed name-comparision routines to not depend on Locale,
553 in theory this versions since 1.15 could lock up or give
554 wrong results when run with locale != 'C'.
555
556 Fix potential lockup in cache code. (thanks to Henning
557 Glawe for help chasing this down.)
558
559 Made lease-file reader bullet-proof.
560
561 Added -D option, suggested by Peter Fichtner.
562
563release 1.18 Added round-robin DNS for names which have more than one
564 address. In this case all the addresses will be
565 returned, as before, but the order will change on each
566 query.
567
568 Remove stray tolower() and isalnum() calls missed in
569 last release to complete LOCALE independence.
570
571 Allow port numbers in source-address specifications.
572
573 For hostnames without a domain part which don't get
574 forwarded because -D is in effect, return NXDOMAIN not
575 an empty reply.
576
577 Add code to return the software version in repsonse to the
578 correct magic query in the same way as BIND. Use
579 "dig version.bind chaos txt" to make the query.
580
581 Added negative caching for PTR (address to name) records.
582
583 Ensure that names of the form typically used in PTR queries
584 (ie w.x.yz.in-addr.arpa and IPv6 equivalents) get
585 correct answers when queried as other types. It's
586 unlikely that anyone would do this, but the change makes
587 things pedantically correct.
588
589 Taught dnsmasq to understand "bitstring" names, as these
590 are used for PTR lookups of IPv6 addresses by some
591 resolvers and lookup tools. Dnsmasq now understands both
592 the ip6.int domain and the ip6.arpa domain and both
593 nibble and bitstring formats so it should work with any
594 client code. Standards for this stuff have flip-flopped
595 over the last few years, leaving many different clients
596 in their wake. See RFC2673 for details of bitstrings.
597
598 Allow '_' characters in domain names: Legal characters
599 are now [a-z][A-Z].-_ Check names read from hosts files
600 and leases files and reject illegal ones with a message
601 in syslog.
602
603 Make empty domain names in server and address options
604 have the special meaning "unqualified
605 names". (unqualified names are names without any dots in
606 them). It's now possible to do server=//1.2.3.4 and have
607 unqualified names sent to a special nameserver.
608
609release 2.0rc1
610 Moved source code into src/ directory.
611
612 Fixes to cure compilation breakage when HAVE_IPV6 not
613 set, thanks to Claas Hilbrecht.
614
615 BIG CHANGE: added an integrated DHCP server and removed
616 the code to read ISC dhcp.leases. This wins in terms
617 of ease of setup and configuration flexibility and
618 total machine resources consumed.
619
620 Re-jiged the signal handling code to remove a race
621 condition and to be more portable.
622
623release 2.0
624 Thanks to David Ashworth for feedback which informed many
625 of the fixes below.
626
627 Allow hosts to be specified by client ID in dhcp-hosts
628 options. These are now one of
629 dhcp-host=<hardware addr>,....
630 dhcp-host=id:<hex client id>,.....
631 dhcp-host=id:<ascii client id>,.....
632
633 Allow dhcp-host options to specify any IP address on the
634 DHCP-served network, not just the range available for
635 dynamic allocation.
636
637 Allow dhcp-host options for the same host with different
638 IP adresses where the correct one will be selected for
639 the network the host appears on.
640
641 Fix parsing of --dhcp-option to allow more than one
642 IP address and to allow text-type options.
643
644 Inhibit use of --dhcp-option to send hostname DHCP options.
645
646 Update the DNS with DHCP information after re-reading
647 /etc/hosts so that any DHCP derived names which have been
648 shadowed by now-deleted hosts entries become visible.
649
650 Fix typos in dnsmasq.conf.example
651
652 Fixes to Makefile(s) to help pkgsrc packaging - patch
653 from "pancake".
654
655 Add dhcp-boot option to support network boot.
656
657 Check for duplicate IP addresses in dhcp-hosts lines
658 and refuse to run if found. If allowed to remain these
659 can provoke an infinite loop in the DHCP protocol.
660
661 Attempted to rationalise the .spec files for rpm
662 building. There are now files for Redhat, Suse and
663 Mandrake. I hope they work OK.
664
665 Fixed hard-to-reproduce crash involving use of local
666 domains and IPv6 queries. Thanks to Roy Marples for
667 helping to track that one down.
668
Simon Kelley1ab84e22004-01-29 16:48:35 +0000669release 2.1
Simon Kelley44a2a312004-03-10 20:04:35 +0000670 Thanks to Matt Swift and Dag Wieers for many suggestions
671 which went into this release.
672
Simon Kelley1ab84e22004-01-29 16:48:35 +0000673 Tweak include files to allow compilation on FreeBSD 5
674
675 Fix unaligned access warnings on BSD/Alpha.
676
677 Allow empty DHCP options, like so: dhpc-option=44
678
679 Allow single-byte DHCP options like so: dhcp-option=20,1
680
681 Allow comments on the same line as options in
682 /etc/dnsmasq.conf
683
684 Don't complain when the same name and address is
685 allocated to a host using DHCP and /etc/hosts.
686
687 Added to the example configuration the dnsmasq equivalent
688 of the ISC dhcpd settings given in
689 http://www.samba.org/samba/ftp/docs/textdocs/DHCP-Server-Configuration.txt
690
691 Fixed long-existing strangeness in Linux IPv6 interface
692 discovery code. The flags field in /proc/net/if_inet6 is
Simon Kelley44a2a312004-03-10 20:04:35 +0000693 _not_ the interface flags.
Simon Kelley1ab84e22004-01-29 16:48:35 +0000694
695 Fail gracefully when getting an ENODEV error when trying
Simon Kelley44a2a312004-03-10 20:04:35 +0000696 to bind an IPv6 socket, rather than bailing out. Thanks
697 to Jan Ischebeck for feedback on that.
Simon Kelley1ab84e22004-01-29 16:48:35 +0000698
699 Allow the name->address mapping for static DHCP leases to
700 be set by /etc/hosts. It's now possible to have
701 dhcp-host=<mac addr>,wibble
702 or even
703 dhcp-host=wibble
704 and in /etc/hosts have
705 wibble 1.2.3.4
706 and for the correct thing to happen. Note that some sort
707 of dhcp-host line is still needed, it's not possible for
708 random host to claim an address in /etc/hosts without
709 some explicit configuration.
710
711 Make 0.0.0.0 in a dhcp-option to mean "the machine
712 running dnsmasq".
713
714 Fix lease time spec when specified in dhcp-range and not
715 in dhcp-host, previously this was always one hour.
716
Simon Kelley44a2a312004-03-10 20:04:35 +0000717 Fix problem with setting domains as "local only". -
718 thanks to Chris Schank.
Simon Kelley1ab84e22004-01-29 16:48:35 +0000719
720 Added support for max message size DHCP option.
Simon Kelleyb49644f2004-01-30 21:36:24 +0000721
722release 2.2
723 Fix total lack for DHCP functionality on
Simon Kelley44a2a312004-03-10 20:04:35 +0000724 Linux systems with IPv6 enabled. - thanks to
725 Jonathon Hudson for spotting that.
Simon Kelleyb49644f2004-01-30 21:36:24 +0000726
Simon Kelley44a2a312004-03-10 20:04:35 +0000727 Move default config file under FreeBSD - patch from
728 Steven Honson
729
730release 2.3
731 Fix "install" makefile target. (reported by Rob Stevens)
732
733 Ensure that "local=/domain/" flag is obeyed for all
734 queries on a domain, not just A and AAAA. (Reported by
735 Peter Fichtner.)
736
737 Handle DHCPDECLINE messages and provide an error message
738 in DHCPNAK messages.
739
740 Add "domain" setting example to
741 dnsmasq.conf.example. Thanks to K P Kirchdorfer for
742 spotting that it was missing.
743
744 Subtle change to the DHCPREQUEST handling code to work
745 around a bug in the DHCP client in HP Jetdirect printers.
746 Thanks to Marko Stolle for finding this problem.
747
748 Return DHCP T1 and T2 times, with "fuzz" to desychronise lease
749 renewals, as specified in the RFC.
750
751 Ensure that the END option is always present in DHCP
752 packets , even if the packet is too small to fit all
753 the requested options.
754
755 Handle larger-than-default DHCP packets if required, up
756 to the ethernet MTU.
757
758 Fix a couple of places where the return code from
759 malloc() was not checked.
760
761 Cope with a machine taking a DHCP lease and then moving
762 network so that the lease address is no longer valid.
763
764 The DHCP server will now work via a BOOTP relay - remote
765 networks are configured with the dhcp-range option the
766 same as directly connected ones, but they need an
767 additional netmask parameter. Eg
768 --dhcp-range=192.168.4.10,192.168.4.50,255.255,255.0
769 will enable DHCP service via a BOOTP relay on the
770 192.168.4.0 network.
771
772 Add a limit on the number of available DHCP leases,
773 otherwise the daemon could be DOSed by a malicious
774 host. The default is 150, but it can be changed by the
775 dhcp-lease-max option.
776
777 Fixed compilation on OpenBSD (thanks to Frederic Brodbeck
778 for help with that.)
779
780 Reworked the DHCP network handling code for two good
781 effects: (1) The limit of one network only for DHCP on
782 FreeBSD is now gone, (2) The DHCP server copes with
783 dynamically created interfaces. The one-interface
784 limitation remains for OpenBSD, which is missing
785 extensions to the socket API which have been in Linux
786 since version 2.2 and FreeBSD since version 4.8.
787
788 Reworked the DNS network code to also cope with
789 dynamically created interfaces. dnsmasq will now listen
790 to the wildcard address and port 53 by default, so if no
791 --interface or --address options are given it will handle
792 dynamically created interfaces. The old behaviour can be
793 restored with --bind-interfaces for people running BIND
794 on one interface and dnsmasq on another. Note that
795 --interface and --address options still work, but the
796 filtering is done by dnsmasq, rather then the kernel.
797 This works on Linux, and FreeBSD>=5.0. On systems which
798 don't support the required API extensions, the old
799 behaviour is used, just as if --bind-interfaces had been set.
800
801 Allow IPv6 support to be disabled at compile time. To do
802 that, add -DNO_IPV6 to the CFLAGS. Thanks to Oleg
803 I. Vdovikin for the suggestion to do that.
804
805 Add ability to set DHCP options per network. This is done
806 by giving a network an identifier like this:
807 dhcp-range=red-net,192.168.0.10,192.168.0.50
808 and then labeling options intended for that network only
809 like this:
810 dhcp-option=red-net,6,1.1.1.1
811 Thanks to Oleg Vdovikin for arguing that one through.
812
813 Made errors in the configuration file non-fatal: dnsmasq
814 will now complain bitterly, but continue.
815
816 Added --read-ethers option, to allow dnsmasq to pull
817 static DHCP information from that file.
818 Thanks to Andi Cambeis for that suggestion.
819
820 Added HAVE_BROKEN_RTC compilation option to support
821 embedded systems without a stable RTC. Oleg Vdovikin
822 helped work out how to make that work.
823
Simon Kelley1cff1662004-03-12 08:12:58 +0000824release 2.4
825 Fixed inability to start when the lease file doesn't
826 already exist. Thanks to Dag Wieers for reporting that.
827
828 Fixed problem were dhcp-host configuration options did
829 not play well with entries in /etc/ethers for the same
830 host. Thanks again to Dag Wieers.
831
832 Tweaked DHCP code to favour moving to a newly-configured
833 static IP address rather than an old lease when doing
834 DHCP allocation.
835
836 Added --alias configuration option. This provides IPv4
837 rewrite facilities like Cisco "DNS doctoring". Suggested
838 by Chad Skeeters.
839
840 Fixed bug in /etc/ethers parsing code triggered by tab
841 characters. Qudos to Dag Wieers for hepling to nail that
842 one.
843
844 Added "bind-interfaces" option correctly.
Simon Kelley44a2a312004-03-10 20:04:35 +0000845
Simon Kelley8a911cc2004-03-16 18:35:52 +0000846release 2.5
847 Made "where are we allocating addresses?" code in DHCP
848 server cope with requests via a relay which is on a
849 directly connected network for which there is not a
850 configured netmask. This strange state of affairs occurs
851 with win4lin. Thanks to Alex Melt and Jim Horner for bug
852 reports and testing with this.
853
854 Fixed trivial-but-irritating missing #include which broke
855 compilation on *BSD.
856
857 Force --bind-interfaces if IP-aliased interface
858 specifications are used, since the sockets API provides
859 no other sane way to determine which alias of an
860 interface a packet was sent to. Thanks to Javier Kohen
861 for the bug report.
Simon Kelley44a2a312004-03-10 20:04:35 +0000862
Simon Kelley33820b72004-04-03 21:10:00 +0100863release 2.6
864 Support Token Ring DHCP. Thanks to Dag Wieers for help
865 testing. Note that Token ring support only works on Linux
866 currently.
867
868 Fix compilation on MacOS X. Thanks to Bernhard Ehlers for
869 the patch.
870
871 Added new "ignore" keyword for
872 dhcp-host. "dhcp-host=11:22:33:44:55:66,ignore" will
873 cause the DHCP server to ignore any host with the given
874 MAC address, leaving it to other servers on the
875 network. This also works with client-id and hostnames.
876 Suggestion by Alex Melt.
877
878 Fixed parsing of hex client IDs. Problem spotted by Peter
879 Fichtner.
880
881 Allow conf-file options in configuration file, to
882 provide an include function.
883
884 Re-read /etc/ethers on receipt of SIGHUP.
885
886 Added back the ability to read ISC dhcpd lease files, by
887 popular demand. Note that this is deprecated and for
888 backwards compatibility only. You can get back the 4K of
889 memory that the code occupies by undefining
890 "HAVE_ISC_READER" in src/config.h
891
892 Added ability to disable "pool" DHCP address allocation
893 whilst leaving static leases working. The syntax is
894 "dhcp-range=192.168.0.0,static"
895 Thanks to Grzegorz Nosek for the suggestion.
896
897 Generalized dnsmasq-rh.spec file to work on Mandrake too,
898 and removed dnsmasq-mdk.spec. Thanks to Doug Keller.
899
900 Allow DHCP options which are tied to specific static
901 leases in the same way as to specific networks.
902
903 Generalised the dhcp-option parser a bit to allow hex
904 strings as parameters. This is now legal:
905 dhcp-option=128,e4:45:74:68:00:00
906 Inspired by a patch from Joel Nordell.
907
908 Changed the semantics of argument-less dhcp-options for
909 the default-setting ones, ie 1, 3, 6 and 28. Now, doing
910 eg, dhcp-option=3 stops dnsmasq from sending a default
911 router option at all. Thanks to Scott Emmons for pointing
912 out that this is useful.
913
914 Fixed dnsmasq.conf parsing bug which interpreted port
915 numbers in server= lines as a comment. To start a
916 comment, a '#' character must now be a the start of a
917 line or preceded by whitespace. Thanks to Christian
918 Haggstrom for the bug report.
Simon Kelleya84fa1d2004-04-23 22:21:21 +0100919
920release 2.7
921 Allow the dhcp-host specification of id:* which makes
922 dnsmasq ignore any client-id. This is useful to ensure
923 that a dual-boot machine sees the same lease when one OS
924 gives a client-id and the other doesn't. It's also useful
925 when PXE boot DHCP does not use client IDs but the OS it boots
926 does. Thanks to Grzegorz Nosek for suggesting this enhancement.
927
928 No longer assume that ciaddr is zero in received DHCPDISCOVER
929 messages, just for security against broken clients.
930
931 Set default of siaddr field to the address of the machine running
932 dnsmasq when not explicitly set using dhcp-boot
933 option. This is the ISC dhcpd behaviour.
934
935 Send T1 and T2 options in DHCPOFFER packets. This is required
936 by the DHCP client in some JetDirect printers. Thanks
937 to Paul Mattal for work on this.
938
939 Fixed bug with DHCP on OpenBSD reported by Dominique Jacquel.
940 The code which added loopback interfaces to the list
941 was confusing the DHCP code, which expected one interface only.
942 Solved by adding loopback interfaces to address list instead.
943
944 Add dhcp-vendorclass option to allow options to be sent only
945 to certain classes of clients.
946
947 Tweaked option search code so that if a netid-qualified
948 option is used, any unqualified option is ignored.
949
950 Changed the method of picking new dynamic IP
951 addresses. This used to use the next consecutive
952 address as long it was free, now it uses a hash
953 from the client hardware address. This reduces the amount
954 of address movement for clients which let their lease
955 expire and allows consecutive DHCPOFFERS to the same host
956 to (almost always) be for the same address, without
957 storing state before a lease is granted.
Simon Kelley33820b72004-04-03 21:10:00 +0100958
Simon Kelleya84fa1d2004-04-23 22:21:21 +0100959 Tweaked option handling code to return all possible
960 options rather than none when DHCP "requested options"
961 field is missing. This fixes interoperability with
962 ancient IBM LANMAN DHCP clients. Thanks to Jim Louvau for
963 help with this.
Simon Kelley33820b72004-04-03 21:10:00 +0100964
Simon Kelleya2226412004-05-13 20:27:08 +0100965release 2.8
966 Pad DHCP packets to a minimum size of 300 bytes. This
967 fixes interoperability problems with the Linux in-kernel
968 DHCP/BOOTP client. Thanks to Richard Musil for
969 diagnosing this and supplying a patch.
970
971 Fixed option-parsing bug and potential memory leak. Patch
972 from Richard Musil.
973
974 Improved vendor class configuration and added user class
975 configuration. Specifically: (1) options are matched on
976 the netids from dhcp-range, dhcp-host, vendor class and
977 user class(es). Multiple net-ids are allowed and options
978 are searched on them all. (2) matches agains vendor class
979 and user class are now on a substring, if the given
980 string is a substring of the vendor/user class, then a
981 match occurs. Thanks again to Richard Musil for prompting
982 this.
983
984 Make "#" match any domain on --address and --server
985 flags. --address=/#/1.2.3.4 will return 1.2.3.4 for _any_
986 domain not otherwise matched. Of course
987 --server=/#/1.2.3.4 is exactly equivalent to
988 --server=1.2.3.4. Special request from Josh Howlett.
989
990 Fixed a nasty bug which would cause dnsmasq to lose track
991 of leases for hosts which had a --dhcp-host flag without
992 a name specification. The mechanism for this was that
993 the hostname could get erroneously set as a zero-length
994 string and then written to the leases file as a
995 mal-formed line. Restarting dnsmasq would then lose the lease.
996 Alex Hermann's work helped chase down this problem.
997
998 Add checks against DHCP clients which return zero-length
999 hostnames. This avoids the potential lease-loss problems
1000 reffered to above. Also, if a client sends a hostname when
1001 it creates a lease but subsequently sends no or a
1002 zero-length hostname whilst renewing, continue to use the
1003 existing hostname, don't wipe it out.
1004
1005 Tweaked option parsing to flag some parameter errors.
Simon Kelleyde379512004-06-22 20:23:33 +01001006
1007release 2.9
1008 Fixed interface filter code for two effects: 1) Fixed bug
1009 where queries sent via loopback interface
1010 but to the address of another interface were ignored
1011 unless the loopback interface was explicitly configured.
1012 2) on OpenBSD failure to configure one interface now
1013 causes a fatal error on startup rather than an huge
1014 stream of log messages. Thanks to Erik Jan Tromp for
1015 finding that bug.
1016
1017 Changed server selection strategy to improve performance
1018 when there are many available servers and some are
1019 broken. The new algorithm is to pick as before for the
1020 first try, but if a query is retried, to send to all
1021 available servers in parallel. The first one to reply
1022 then becomes prefered for the next query. This should
1023 improve reliability without generating significant extra
1024 upstream load.
1025
1026 Fixed breakage of special servers/addresses for
1027 unqualified domains introduced in version 2.8
1028
1029 Allow fallback to "bind-interfaces" at runtime: Some
1030 verions of *BSD seem to have enough stuff in the header
1031 files to build but no kernel support. Also now log if
1032 "bind-interfaces" is forced on.
1033
1034 Log replies from upstream servers which refuse to do
1035 recursion - dnsmasq is not a recursive nameserver and
1036 relies on upstream servers to do the recursion, this
1037 flags a configuration error.
1038
1039 Disable client-id matching for hosts whose MAC address is
1040 read from /etc/ethers. Patch from Oleg I. Vdovikin.
1041
1042 Extended --mx-host flag to allow arbitrary targets for MX
1043 records, suggested by Moritz Bunkus.
1044
1045 Fixed build under NetBSD 2.0 - thanks to Felix Deichmann
1046 for the patch.
1047
1048 Deal correctly with repeated addresses in /etc/hosts. The
1049 first name found is now returned for reverse lookups,
1050 rather than all of them.
1051
1052 Add back fatal errors when nonexistant
1053 interfaces or interface addresses are given but only in
1054 "bind-interfaces" mode. Principle of least surprise applies.
1055
1056 Allow # as the argument to --domain, meaning "read the
1057 domain from the first search directive in
1058 /etc.resolv.conf". Feature suggested by Evan Jones.
Simon Kelleyfeba5c12004-07-27 20:28:58 +01001059
1060release 2.10
1061 Allow --query-port to be set to a low port by creating and
1062 binding the socket before dropping root. (Suggestion from
1063 Jamie Lokier)
1064
1065 Support TCP queries. It turned out to be possible to do
1066 this with a couple of hundred lines of code, once I knew
1067 how. The executable size went up by a few K on i386.
1068 There are a few limitations: data obtained via TCP is not
1069 cached, and dynamically-created interfaces may break under
1070 certain circumstances. Source-address or query-port
1071 specifications are ignored for TCP.
1072
1073 NAK attempts to renew a DHCP lease where the DHCP range
1074 has changed and the lease is no longer in the allowed
1075 range. Jamie Lokier pointed out this bug.
1076
1077 NAK attempts to renew a pool DHCP lease when a statically
1078 allocated address has become available, forcing a host to
1079 move to it's allocated address. Lots of people have
1080 suggested this change and been rebuffed (they know who
1081 they are) the straws that broke the camel's back were Tim
1082 Cutts and Jamie Lokier.
1083
1084 Remove any nameserver records from answers which are
1085 modified by --alias flags. If the answer is modified, it
1086 cannot any longer be authoritative.
1087
1088 Change behaviour of "bogus-priv" option to return NXDOMAIN
1089 rather than a PTR record with the dotted-quad address as
1090 name. The new behaviour doesn't provoke tcpwrappers like
1091 the old behavior did.
1092
1093 Added a patch for the Suse rpm. That changes the default
1094 group to one suitable for Suse and disables inclusion of
1095 the ISC lease-file reader code. Thanks to Andy Cambeis for
1096 his ongoing work on Suse packaging.
1097
1098 Support forwarding of EDNS.0 The maximum UDP packet size
1099 defaults to 1280, but may be changed with the
1100 --edns-packet-max option. Detect queries with the do bit
1101 set and always forward them, since DNSSEC records are
1102 not cached. This behaviour is required to make
1103 DNSSECbis work properly though dnsmasq. Thanks to Simon
1104 Josefsson for help with this.
1105
1106 Move default config file location under OpenBSD from
1107 /usr/local/etc/dnsmasq.conf to /etc/dnsmasq.conf. Bug
1108 report from Jonathan Weiss.
1109
1110 Use a lease with matching MAC address for a host which
1111 doesn't present a client-id, even if there was a client ID
1112 at some point in the past. This reduces surprises when
1113 changing DHCP clients, adding id:* to a host, and from the
1114 semantics change of /etc/ethers in 2.9. Thanks to Bernard
1115 Sammer for finding that.
1116
1117 Added a "contrib" directory and in it the dnslist utility,
1118 from Thomas Tuttle.
1119
1120 Fixed "fail to start up" problems under Linux with IPv6
1121 enabled. It's not clear that these were an issue in
1122 released versions, but they manifested themselves when TCP
1123 support was added. Thanks to Michael Hamilton for
1124 assistance with this.
1125
Simon Kelleydfa666f2004-08-02 18:27:27 +01001126version 2.11
1127 Fixed DHCP problem which could result in two leases in the
1128 database with the same address. This looked much more
1129 alarming then it was, since it could only happen when a
1130 machine changes MAC address but kept the same name. The
1131 old lease would persist until it timed out but things
1132 would still work OK.
1133
1134 Check that IP addresses in all dhcp-host directives are
1135 unique and die horribly if they are not, since otherwise
1136 endless protocol loops can occur.
1137
1138 Use IPV6_RECVPKTINFO as socket option rather than
1139 IPV6_PKTINFO where available. This keeps late-model FreeBSD
1140 happy.
1141
1142 Set source interface when replying to IPv6 UDP
1143 queries. This is needed to cope with link-local addresses.
1144
Simon Kelleyc1bb8502004-08-11 18:40:17 +01001145version 2.12
1146 Added extra checks to ensure that DHCP created DNS entries
1147 cannot generate multiple DNS address->name entries. Thanks to
1148 Stefan Monnier for finding the exact set of configuration
1149 options which could create this.
1150
1151 Don't set the the filterwin2k option in the example config
1152 file and add warnings that is breaks Kerberos. Thanks to
1153 Simon Josefsson and Timothy Folks for pointing that out.
1154
1155 Log types of incoming queries as well as source and domain.
1156
1157 Log NODATA replies generated as a result of the
Simon Kelley9c74ec02004-08-13 21:13:03 +01001158 filterwin2k option.
Simon Kelleyc1bb8502004-08-11 18:40:17 +01001159
Simon Kelley9c74ec02004-08-13 21:13:03 +01001160version 2.13
1161 Fixed crash with un-named DHCP hosts introduced in 2.12.
1162 Thanks to Nicolo Wojewoda and Gregory Gathy for bug reports.
Simon Kelley3be34542004-09-11 19:12:13 +01001163
1164version 2.14
1165 Fix DHCP network detection for hosts which talk via a
1166 relay. This makes lease renewal for such hosts work
1167 correctly.
1168
1169 Support RFC3011 subnet selectors in the DHCP server.
1170
1171 Fix DHCP code to generate RFC-compliant responses
1172 to hosts in the INIT-REBOOT state.
1173
1174 In the DHCP server, set the receive buffer size on
1175 the transmit-only packet socket to zero, to avoid
1176 waste of kernel buffers.
1177
1178 Fix DHCP address allocation code to use the whole of
1179 the DHCP range, including the start and end addresses.
1180
1181 Attempt an ICMP "ping" on new addresses before allocating
1182 them to leases, to avoid allocating addresses which are in use.
1183
1184 Handle rfc951 BOOTP as well as DHCP for hosts which have
1185 MAC address to IP address mapping defined.
1186
1187 Fix compilation under MacOS X. Thanks to Chris Tomlinson.
1188
1189 Fix compilation under NetBSD. Thanks to Felix Deichmann.
1190
1191 Added "keep-in-foreground" option. Thanks to Sean
1192 MacLennan for the patch.
Simon Kelley36717ee2004-09-20 19:20:58 +01001193
1194version 2.15
1195 Fixed NXDOMAIN/NODATA confusion for locally known
1196 names. We now return a NODATA reponse for names which are
1197 locally known. Now a query for (eg AAAA or MX) for a name
1198 with an IPv4 address in /etc/hosts which fails upstream
1199 will generate a NODATA response. Note that the query
1200 is still tried upstream, but a NXDOMAIN reply gets
1201 converted to NODATA. Thanks to Eric de Thouars, Eric
1202 Spakman and Mike Mestnik for bug reports/testing.
1203
1204 Allow multiple dhcp-ranges within the same network. The
1205 original intention was that there would be a dhcp-range
1206 option for each network served, but there's no real reason
1207 not to allow discontinuous ranges within a network so this
1208 release adds support for that.
1209
1210 Check for dhcp-ranges which are inconsistent with their
1211 netmask, and generate errors or warnings.
1212
1213 Improve error messages when there are problems with
1214 configuration.
1215
Simon Kelleyfd9fa482004-10-21 20:24:00 +01001216version 2.16
1217 Fixed typo in OpenBSD-only code which stopped compilation
1218 under that OS. Chris Weinhaupl gets credit for reporting
1219 this.
1220
1221 Added dhcp-authoritative option which restores non-RFC
1222 compliant but desirable behaviour of pre-2.14 versions and
1223 avoids long timeouts while DHCP clients try to renew leases
1224 which are unknown to dnsmasq. Thanks to John Mastwijk for
1225 help with this.
1226
1227 Added support to the DHCP option code to allow RFC-3397
1228 domain search DHCP option (119) to be sent.
1229
1230 Set NONBLOCK on all listening sockets to workaround non-POSIX
1231 compliance in Linux 2.4 and 2.6. This fixes rare hangs which
1232 occured when corrupted packets were received. Thanks to
1233 Joris van Rantwijk for chasing that down.
Simon Kelley36717ee2004-09-20 19:20:58 +01001234
Simon Kelleyfd9fa482004-10-21 20:24:00 +01001235 Updated config.h for NetBSD. Thanks to Martin Lambers.
1236
1237 Do a better job of distinguishing between retransmissions
1238 and new queries when forwarding. This fixes a bug
1239 triggered by the polipo web cache which sends A and AAAA
1240 queries both with the same transaction-ID. Thanks to
1241 Joachim Berdal Haga and Juliusz Chroboczek for help with this.
1242
1243 Rewrote cache code to store CNAMES, rather then chasing
1244 them before storage. This eliminates bad situations when
1245 clients get inconsistent views depending on if data comes
1246 from the cache.
1247
1248 Allow for more than one --addn-hosts flag.
1249
1250 Clarify logged message when a DHCP lease clashes with an
1251 /etc/hosts entry. Thanks to Mat Swift for the suggestion.
1252
1253 Added dynamic-dnsmasq from Peter Willis to the contrib
1254 section.
1255
Simon Kelley26128d22004-11-14 16:43:54 +00001256version 2.17
1257 Correctly deduce the size of numeric dhcp-options, rather
1258 than making wild guesses. Also cope with negative values.
1259
1260 Fixed use of C library reserved symbol "index" which broke
1261 under certain combinations of library and compiler.
1262
1263 Make bind-interfaces work for IPv6 interfaces too.
1264
1265 Warn if an interface is given for listening which doesn't
1266 currently exist when not in bind-interfaces mode. (This is
1267 already a fatal error when bind-interfaces is set.)
1268
1269 Allow the --interface and --except-interface options to
Simon Kelleyf6b7dc42005-01-23 12:06:08 +00001270 take a comma-separated list of interfaces.
Simon Kelley26128d22004-11-14 16:43:54 +00001271
1272 Tweak --dhcp-userclass matching code to work with the
1273 ISC dhclient which violates RFC3004 unless its
1274 configuration is very warped. Thanks to Cedric Duval for
1275 the bug report.
1276
1277 Allow more than one network-id tag in a dhcp-option. All
1278 the tags must match to enable the option.
1279
1280 Added dhcp-ignore option to disable classes of hosts based
1281 on network-id tags. Also allow BOOTP options to be
1282 controlled by network tags.
1283
1284 Fill in sname, file and siaddr fields in replies to
1285 DHCPINFORM messages.
1286
1287 Don't send NAK replies to DHCPREQUEST packets for disabled
1288 clients. Credit to Cedric Duval for spotting this.
1289
1290 Fix rare crash associated with long DNS names and CNAME
Simon Kelley59353a62004-11-21 19:34:28 +00001291 records. Thanks to Holger Hoffstatte and especially Steve
Simon Kelley26128d22004-11-14 16:43:54 +00001292 Grecni for help chasing that one down.
1293
Simon Kelley59353a62004-11-21 19:34:28 +00001294version 2.18
1295 Reworked the Linux interface discovery code (again) to
1296 cope with interfaces which have only IPv6 addresses and
1297 interfaces with more than one IPv6 address. Thanks to
1298 Martin Pels for help with that.
1299
1300 Fix problems which occured when more than one dhcp-range
1301 was specified in the same subnet: sometimes parameters
1302 (lease time, network-id tag) from the wrong one would be
1303 used. Thanks to Rory Campbell-Lange for the bug report.
1304
1305 Reset cache statistics when clearing the cache.
1306
1307 Enable long command line options on FreeBSD when the
1308 C library supports them.
1309
Simon Kelleybb01cb92004-12-13 20:56:23 +00001310version 2.19
1311 Tweaked the Linux-only interface discovery code to cope
1312 with interface-indexes larger than 8 bits in
1313 /proc/net/if_inet6. This only affects Linux, obviously.
1314 Thanks to Richard Atterer for the bug report.
Simon Kelley59353a62004-11-21 19:34:28 +00001315
Simon Kelleybb01cb92004-12-13 20:56:23 +00001316 Check for under-length option fields in DHCP packets, a
1317 zero length client-id, in particluar, could seriously
1318 confuse dnsmasq 'till now. Thanks to Will Murname for help
1319 with that.
Simon Kelley59353a62004-11-21 19:34:28 +00001320
Simon Kelleybb01cb92004-12-13 20:56:23 +00001321 If a DHCP-allocated address has an associated name in
1322 /etc/hosts, and the client does not provide a hostname
1323 parameter and there is no hostname in a matching dhcp-host
1324 option, send the /etc/hosts name as the hostname in
1325 the DHCP lease. Thanks to Will Murname for the suggestion.
Simon Kelley59353a62004-11-21 19:34:28 +00001326
Simon Kelleyf6b7dc42005-01-23 12:06:08 +00001327version 2.20
1328 Allow more than one instance of dnsmasq to run on a
1329 machine, each providing DHCP service on a different
1330 interface, provided that --bind-interfaces is set. This
1331 configuration used to work, but regressed in version 2.14
Simon Kelley26128d22004-11-14 16:43:54 +00001332
Simon Kelleyf6b7dc42005-01-23 12:06:08 +00001333 Fix compilation on Mac OS X. Thanks to Kevin Bullock.
1334
1335 Protect against overlong names and overlong
1336 labels in configuration and from DHCP.
1337
1338 Fix interesting corner case in CNAME handling. This occurs
1339 when a CNAME has a target which "shadowed" by a name in
1340 /etc/hosts or from DHCP. Resolving the CNAME would sneak
1341 the upstream value of the CNAME's target into the cache,
1342 alongside the local value. Now that doesn't happen, though
1343 resolving the CNAME still gives the unshadowed value. This
1344 is arguably wrong but rather difficult to fix. The main
1345 thing is to avoid getting strange results for the target
1346 due to the cache pollution when resolving the
1347 CNAME. Thanks to Pierre Habouzit for exploring the corner
1348 and submitting a very clear bug report.
1349
1350 Fix subtle bug in the DNS packet parsing code. It's almost
1351 impossible to describe this succinctly, but the one known
1352 manifestation is the inability to cache the A record for
1353 www.apple.com. Thanks to Bob Alexander for spotting that.
1354
1355 Support SRV records. Thanks to Robert Kean for the patches
1356 for this.
1357
1358 Fixed sign confusion in the vendor-id matching code which
1359 could cause crashes sometimes. (Credit to Mark Wiater for
1360 help finding this.)
1361
1362 Added the ability to match the netid tag in a
1363 dhcp-range. Combined with the ability to have multiple
1364 ranges in a single subnet, this provides a means to
1365 segregate hosts on different address ranges based on
1366 vendorclass or userclass. Thanks to Mark Wiater for
1367 prompting this enhancement.
1368
1369 Added preference values for MX records.
1370
1371 Added the --localise-queries option.
Simon Kelley0a852542005-03-23 20:28:59 +00001372
1373version 2.21
1374 Improve handling of SERVFAIL and REFUSED errors. Receiving
1375 these now initiates search for a new good server, and a
1376 server which returns them is not a candidate as a good
1377 server. Thanks to Istvan Varadi for pointing out the
1378 problem.
1379
1380 Tweak the time code in BROKEN_RTC mode.
1381
1382 Sanity check lease times in dhcp-range and dhcp-host
1383 configurations and force them to be at least two minutes
1384 (120s) leases shorter than a minute confuse some clients,
1385 notably Apple MacOS X. Rory Campbell-Lange found this
1386 problem.
1387
1388 Only warn once about an upstream server which is refusing to do
1389 recursive queries.
1390
1391 Fix DHCP address allocation problem when netid tags are in
1392 use. Thanks to Will Murnane for the bug report and
1393 subsequent testing.
1394
1395 Add an additional data section to the reply for MX and SRV
1396 queries. Add support for DNS TXT records. Thanks to Robert
1397 Kean and John Hampton for prompts and testing of these.
1398
1399 Apply address rewriting to records in the additional data section
1400 of DNS packets. This makes things like MX records work
1401 with the alias function. Thanks to Chad Skeeters for
1402 pointing out the need for this.
1403
1404 Added support for quoted strings in config file.
1405
1406 Detect and defeat cache-poisoning attacks which attempt to
1407 send (malicious) answers to questions we didn't
1408 send. These are ignored now even if the attacker manages
1409 to guess a random query-id.
1410
1411 Provide DHCP support for interfaces with multiple IP
1412 addresses or aliases. This in only enabled under Linux.
1413 See the FAQ entry for details.
1414
1415 Revisit the MAC-address and client-id matching code to
1416 provide saner behaviour with PXE boots, where some
1417 requests have a client-id and some don't.
1418
1419 Fixed off-by-one buffer overflow in lease file reading
1420 code. Thanks to Rob Holland for the bug report.
1421
1422 Added wildcard matching for MAC addresses in dhcp-host
1423 options. A sensible suggestion by Nathaniel McCallum.
1424
Simon Kelley91dccd02005-03-31 17:48:32 +01001425version 2.22
1426 Fixed build problems on (many) systems with older libc
1427 headers where <linux/types.h> is required before
1428 <linux/netlink.h>. Enabled HAVE_RTNETLINK under uclibc now
1429 that this fix is in place.
1430
1431 Added support for encapsulated vendor-class-specific DHCP
1432 options. Thanks to Eric Shattow for help with this.
1433
1434 Fix regression in 2.21 which broke commas in filenames and
1435 corrupted argv. Thanks to Eric Scott for the bugreport.
1436
1437 Fixed stupid thinko which caused dnsmasq to wedge during
1438 startup with certain MX-record options. Another 2.21 regression.
1439
1440 Fixed broken-ness when reading /etc/ethers. 2.21 broke
1441 this too.
1442
1443 Fixed wedge with certain DHCP options. Yet another 2.21
1444 regression. Rob Holland and Roy Marples chased this one
1445 down.
1446
Simon Kelley3d8df262005-08-29 12:19:27 +01001447version 2.23
1448 Added a check to ensure that there cannot be more than one
1449 dhcp-host option for any one IP address, even if the
1450 addresses are assigned indirectly via a hostname and
1451 /etc/hosts.
1452
1453 Include a "server identifier" in DHCPNAK replies, as
1454 required by RFC2131.
1455
1456 Added method support for DBus
1457 (http://www.freedesktop.org/Software/dbus)
1458 This is a superior way to re-configure dnsmasq on-the-fly
1459 with different upstream nameservers, as the host moves
1460 between networks. DBus support must be enabled in
1461 src/config.h and should be considered experimental at this
1462 point. See DBus-interface for the specification of the
1463 DBus method calls supported.
1464
1465 Added information to the FAQ about setting the DNS domain
1466 in windows XP and Mac OS X, thanks to Rick Hull.
1467
1468 Added sanity check to resolv.conf polling code to cope
1469 with backwards-moving clocks. Thanks to Leonardo Canducci
1470 for help with this.
1471
1472 Handle so-called "A-for-A" queries, which are queries for
1473 the address associated with a name which is already a
1474 dotted-quad address. These should be handled by the
1475 resolver code, but sometimes aren't and there's no point
1476 in forwarding them.
1477
1478 Added "no-dhcp-interface" option to disable DHCP service
1479 on an interface, whilst still providing DNS.
1480
1481 Fix format-string problem - config file names get passed
1482 to fprintf as a format string, so % characters could cause
1483 crashes. Thanks to Rob Holland for sleuthing that one.
1484
1485 Fixed multiple compiler warnings from gcc 4. Thanks to
1486 Tim Cutts for the report.
1487
1488 Send the hostname option on DHCP offer messages as well as
1489 DHCP ack messages. This is required by the Rio Digital
1490 Audio Receiver. Thanks to Ron Frederick for the patch.
1491
1492 Add 'd' (for day) as a possible time multiplier in lease
1493 time specifications. Thanks to Michael Deegan.
1494
1495 Make quoting suppress recognition of IP addresses, so
1496 dhcp-option=66,1.2.3.4 now means something different to
1497 dhcp-option=66,"1.2.3.4", which sets the option to a
1498 string value. Thanks to Brian Macauley for the bug report.
1499
1500 Fixed the option parsing code to avoid segfaults from some
1501 invalid configurations. Thanks to Wookey for spotting that one.
1502
1503 Provide information about which compile-time options were
1504 selected, both in the log at startup and as part of the output
1505 from dnsmasq --version. Thanks to Dirk Schenkewitz for
1506 the suggestion.
1507
1508 Fix pathalogical behaviour when a broken client keeps sending
1509 DHCPDISCOVER messages repeatedly and fast. Because dealing with
1510 each of these takes a few seconds, (because of the ping) then a
1511 queue of DHCP packets could build up. Now, the results of a ping
1512 test are assumed to be valid for 30 seconds, so repeated waits are
1513 not required. Thanks to Luca Landi for finding this.
1514
1515 Allow DHCPINFORM requests without hardware address
1516 information. These are generated by some browsers, looking
1517 for proxy information. Thanks to Stanley Jaddoe for the
1518 bug report on that.
1519
1520 Add support of the "client FQDN" DHCP option. If present,
1521 this is used to allow the client to tell dnsmasq its name,
1522 in preference to (mis)using the hostname option. See
1523 http://tools.ietf.org/wg/dhc/draft-ietf-dhc-fqdn-option/\
1524 draft-ietf-dhc-fqdn-option-10.txt
1525 for details of the draft spec.
1526
1527 Added startup scripts for MacOS X Tiger/Panther to the
1528 contrib collection. Thanks to Tim Cutts.
1529
1530 Tweak DHCP network selection so that clients which turn up
1531 on our network in REBINDING state and with a lease for a
1532 foreign network will get a NAK response. Thanks to Dan
1533 Shechter for work on this and an initial patch and thanks
1534 to Gyorgy Farkas for further testing.
1535
1536 Fix DNS query forwarding for empty queries and forward
1537 queries even when the recursion-desired bit is clear. This
1538 allows "dig +trace" to work. Problem report from Uwe
1539 Gansert.
1540
1541 Added "const" declarations where appropriate, thanks to
1542 Andreas Mohr for the patch.
1543
1544 Added --bootp-dynamic option and associated
1545 functionality. Thanks to Josef Wolf for the suggestion.
1546
Simon Kelleyb8187c82005-11-26 21:46:27 +00001547version 2.24
1548 Updated contrib/openvpn/dnsmasq.patch from Joseph Tate.
1549
1550 Tweaked DHCP NAK code, a DHCP NAK is now unicast as a
1551 fallback in cases where a broadcast is futile: namely in
1552 response to a unicast REQUEST from a non-local network
1553 which was not sent via a relay.
1554
1555 Slightly changed the semantics of domain matching in
1556 --server and --address configs. --server=/domain.com/ still
1557 matches domain.com and sub.domain.com but does not
1558 now match newdomain.com The semantics of
1559 --server=/.domain.com/ are unchanged.
1560 Thanks to Chris Blaise for the patch.
1561
1562 Added backwards-compatible internationalisation support.
1563 The existing make targets, (all, dnsmasq, install) work as
1564 before. New ones (all-i18n, and install-i18n) add gettext.
1565 The translations live in po/ There are not too many
1566 strings, so if anybody can provide translations (and for
1567 the manpage....) please send them in.
1568
1569 Tweak behaviour on receipt of REFUSED or SERVFAIL rcodes,
1570 now the query gets retried on all servers before returning
1571 the error to the source of the query. Thanks to Javier
1572 Kohen for the report.
1573
1574 Added Polish translation - thanks to Tomasz Sochanski.
1575
1576 Changed default manpage install location from /usr/man
1577 to /usr/share/man
1578
1579 Added Spanish translation - thanks to Christopher Chatham.
1580
1581 Log a warning when a DHCP packet is truncated due to lack
1582 of space. (Thanks to Michael Welle for the prompt to do
1583 this.)
1584
1585 Added French translation - thanks to Lionel Tricon.
1586
1587 Added Indonesian translation - thanks to Salman AS.
1588
1589 Tweaked the netlink code to cope with interface broadcast
1590 address not set, or set to 0.0.0.0.
1591
1592 Fixed problem assigning fixed addresses to hosts when more
1593 than one dhcp-range is available. Thanks to Sorin Panca
1594 for help chasing this down.
1595
1596 Added more explict error mesages to the hosts file and
1597 ethers file reading code. Markus Kaiserswerth suffered to
1598 make this happen.
1599
1600 Ensure that a hostname supplied by a DHCP client can never
1601 override one configured on the server. Previously, any
1602 host claiming a name would be given it, even if that
1603 over-rode a dhcp-host declaration, leading to potentially
1604 confusing situations.
1605
1606 Added Slackware package-build stuff into contrib/ The i18n
1607 effort broke the current scripts, and working ones were
1608 needed for testing, so they ended up here rather than make
1609 Pat re-invent the wheel.
1610
1611 Added Romanian translation, thanks to Sorin Panca for
1612 that.
Simon Kelleye17fb622006-01-14 20:33:46 +00001613
1614version 2.25
1615 Fixed RedHat spec file for FC4 - thanks to Werner Hoelzl
1616 and Andrew Bird.
1617
1618 Fixed Suse spec file - thanks to Steven Springl.
1619
1620 Fixed DHCP bug when two distict subnets are on the same
1621 physical interface. Thanks to Pawel Zawora for finding
1622 this and suggesting the fix.
1623
1624 Added logging to make it explicit when dnsmasq falls back
1625 from using RT-netlink sockets to the old ioctl API for
1626 getting information about interfaces. Doing this
1627 completely silently made remote debugging hard.
1628
1629 Merged uclibc build fixes from the OpenWRT package into
1630 src/config.h
1631
1632 Added Norwegian translation - thanks to Jan Erik Askildt.
1633
Simon Kelleyaedef832006-01-22 14:02:31 +00001634version 2.26
1635 Fixed SuSe rpm patch problem - thanks to Steven Springl.
1636
1637 Fixed crash when attempting to send a DHCP NAK to a host
1638 which believes it has a lease on an unknown
1639 network. Thanks to Lutz Pressler for the bug report and
1640 patch.
1641
Simon Kelleycdeda282006-03-16 20:16:06 +00001642version 2.27
1643 Tweaked DHCP behaviour when a client attempts to renew a lease
1644 which dnsmasq doesn't know about. Previously that would always
1645 result in a DHCPNAK. Now, in dhcp-authoritative mode, the
1646 lease will be created, if it's legal. This makes dnsmasq work
1647 better if the lease database is lost, for example on an OpenWRT
1648 system which reboots. Thanks to Stephen Rose for work on
1649 this.
1650
1651 Added the ability to support RFC-3442 style destination
1652 descriptors in dhcp-options. This makes classless static
1653 routes easy to do, eg dhcp-option=121,192.168.1.0/24,1.2.3.4
1654
1655 Added error-checking to the code which writes the lease
1656 file. If this fails for any reason, an error is logged,
1657 and a retry occurs after one minute. This should improve
1658 things eg when a filesystem is full. Thanks to Jens Holze
1659 for the bug report.
1660
1661 Fixed breakage of the "/#/ matches any domain" facility
1662 which happened in 2.24. Thanks to Peter Surda for the bug
1663 report.
1664
1665 Use "size_t" and "ssize_t" types where appropriate in the
1666 code.
1667
1668 Fix buggy CNAME handling in mixed IPv4 and IPv6
1669 queries. Thanks to Andreas Pelme for help finding that.
1670
1671 Added some code to attempt to re-transmit DNS queries when
1672 a network interface comes up. This helps on DoD links,
1673 where frequently the packet which triggers dialling is
1674 a DNS query, which then gets lost. By re-sending, we can
1675 avoid the lookup failing. This function is only active
1676 when netlink support is compiled in, and therefore only
1677 under Linux. Thanks to Jean Wolter for help with this.
1678
1679 Tweaked the DHCP tag-matching code to work correctly with
1680 NOT-tag conditions. Thanks to Lutz Pressler for finding
1681 the bug.
1682
1683 Generalised netid-tag matching in dhcp-range statements to
1684 allow more than one tag.
1685
1686 Added --dhcp-mac to do MAC address matching in the same
1687 way as vendorclass and userclass matching. A good
1688 suggestion from Lutz Pressler.
1689
1690 Add workaround for buggy early Microsoft DHCP clients
1691 which need zero-termination in string options.
1692 Thanks to Fabiano Pires for help with this.
1693
1694 Generalised the DHCP code to cope with any hardware
1695 address type, at least on Linux. *BSD is still limited to
1696 ethernet only.
Simon Kelley5e9e0ef2006-04-17 14:24:29 +01001697
1698version 2.28
1699 Eliminated all raw network access when running on
1700 Linux. All DHCP network activity now goes through the IP
1701 stack. Packet sockets are no longer required. Apart from
1702 being a neat hack, this should also allow DHCP over IPsec
1703 to work better. On *BSD and OS X, the old method of raw net
1704 access through BPF is retained.
1705
1706 Simplified build options. Networking is now slimmed down
1707 to a choice of "linux" or "other". Netlink is always used
1708 under Linux. Since netlink has been available since 2.2
1709 and non-optional in an IPv4-configured kernel since 2.4,
1710 and the dnsmasq netlink code is now well tested, this
1711 should work out fine.
1712
1713 Removed decayed build support for libc5 and Solaris.
1714
1715 Removed pselect code: use a pipe for race-free signal
1716 handling instead, as this works everywhere.
1717
1718 No longer enable the ISC leasefile reading code in the
1719 distributed sources. I doubt there are many people left
1720 using this 1.x compatibility code. Those that are will
1721 have to explicitly enable it in src/config.h.
1722
1723 Don't send the "DHCP maximum message size" option, even if
1724 requested. RFC2131 says this is a "MUST NOT".
1725
1726 Support larger-than-minimum DHCP message. Dnsmasq is now
1727 happy to get larger than 576-byte DHCP messages, and will
1728 return large messages, if permitted by the "maximum
1729 message size" option of the message to which it is
1730 replying. There's now an arbitrary sanity limit of 16384
1731 bytes.
1732
1733 Added --no-ping option. This fixes an RFC2131 "SHOULD".
1734
1735 Building on the 2.27 MAC-address changes, allow clients to
1736 provide no MAC address at all, relying on the client-id as
1737 a unique identifier. This should make things like DHCP for
1738 USB come easier.
1739
1740 Fixed regression in netlink code under 2.2.x kernels which
1741 occurred in 2.27. Erik Jan Tromp is the vintage kernel fan
1742 who found this. P.S. It looks like this "netlink bind:
1743 permission denied" problem occured in kernels at least as
1744 late a 2.4.18. Good information from Alain Richoux.
1745
1746 Added a warning when it's impossible to give a host its
1747 configured address because the address is leased
1748 elsewhere. A sensible suggestion from Mircea Bardac.
1749
1750 Added minimal support for RFC 3046 DHCP relay agent-id
1751 options. The DHCP server now echoes these back to the
1752 relay, as required by the RFC. Also, RFC 3527 link selection
1753 sub-options are honoured.
1754
1755 Set the process "dumpable" flag when running in debug
1756 mode: this makes getting core dumps from root processes
1757 much easier.
1758
1759 Fixed one-byte buffer overflow which seems to only cause
1760 problems when dnsmasq is linked with uclibc. Thanks to
1761 Eric House and Eric Spakman for help in chasing this down.
1762
1763 Tolerate configuration screwups which lead to the DHCP
1764 server attemping to allocate its own address to a
1765 client; eg setting the whole subnet range as a DHCP
1766 range. Addresses in use by the server are now excluded
1767 from use by clients.
1768
1769 Did some thinking about HAVE_BROKEN_RTC mode, and made it
1770 much simpler and better. The key is to just keep lease
1771 lengths in the lease file. Since these normally never
1772 change, even as the lease is renewed, the lease file never
1773 needs to change except when machines arrive on the network
1774 or leave. This eliminates the code for timed writes, and
1775 reduces the amount of wear on a flash filesystem to the
1776 absolute minimum. Also re-did the basic time function in
1777 this mode to use the portable times(), rather than parsing
1778 /proc/uptime.
1779
1780 Believe the source port number when replying to unicast
1781 DHCP requests and DHCP requests via a relay, instead of always
1782 using the standard ports. This will allow relays on
1783 non-standard ports and DHCPINFORM from unprivileged ports
1784 to work. The source port sent by unconfigured clients is still
1785 ignored, since this may be unreliable. This means that a DHCP
1786 client must use the standard port to do full configuration.
1787
Simon Kelley309331f2006-04-22 15:05:01 +01001788version 2.29
1789 Fixed compilation on OpenBSD (thanks to Tom Hensel for the
1790 report).
1791
1792 Fixed false "no interface" errors when --bind-interfaces is
1793 set along with --interface=lo or --listen-address. Thanks
1794 to Paul Wise for the report.
1795
1796 Updated patch for SuSE rpm. Thanks to Steven Springl.
1797
1798 It turns out that there are some Linux kernel
1799 configurations which make using the capability system
1800 impossible. If this situation occurs then continue, running
1801 as root, and log a warning. Thanks to Scott Wehrenberg
1802 for help tracking this down.
1803
Simon Kelley26d0dba2006-04-23 20:00:42 +01001804version 2.30
1805 Fixed crash when a DHCP client requested a broadcast
Simon Kelley7cebd202006-05-06 14:13:33 +01001806 reply. This problem was introduced in version 2.28.
Simon Kelley26d0dba2006-04-23 20:00:42 +01001807 Thanks to Sandra Dekkers for the bug report.
1808
Simon Kelley7cebd202006-05-06 14:13:33 +01001809version 2.31
1810 Added --dhcp-script option. There have been calls for this
1811 for a long time from many good people. Fabio Muzzi gets
1812 the prize for finally convincing me.
1813
1814 Added example dbus config file and moved dbus stuff into
1815 its own directory.
1816
1817 Removed horribly outdated Redhat RPM build files. These
1818 are obsolete now that dnsmasq in in Fedora extras. Thanks
1819 to Patrick "Jima" Laughton, the Fedora package
1820 maintainer.
1821
1822 Added workaround for Linux kernel bug. This manifests
1823 itself as failure of DHCP on kernels with "support for
1824 classical IP over ATM" configured. That includes most
1825 Debian kernel packages. Many thanks to A. Costa and
1826 Benjamin Kudria for their huge efforts in chasing this
1827 down.
1828
1829 Force-kill child processes when dnsmasq is sent a sigterm,
1830 otherwise an unclosed TCP connection could keep dnsmasq
1831 hanging round for a few minutes.
1832
1833 Tweaked config.h logic for uclibc build. It will now pick
1834 up MMU and IPV6 status correctly on every system I tested.
Simon Kelley309331f2006-04-22 15:05:01 +01001835
Simon Kelley849a8352006-06-09 21:02:31 +01001836version 2.32
1837 Attempt a better job of replacing previous configuration
1838 when re-reading /etc/hosts and /etc/ethers. SIGHUP is
1839 still not identical to a restart under all circumstances,
1840 but it is for the common case of name->MAC address in
1841 /etc/ethers and name->IP address in /etc/hosts.
1842
1843 Fall back to broadcast for DHCP to an unconfigured client
1844 when the MAC address size is greater than 14 bytes.
1845
1846 Fix problem in 2.28-onwards releases which breaks DNS on
1847 Mac OS X. Thanks to Doug Fields for the bug report and
1848 testing.
1849
1850 Added fix to allow compilation on c89-only compilers.
1851 Thanks to John Mastwijk for the patch.
1852
1853 Tweak resolv file polling code to work better if there is
1854 a race between updating the mtime and file contents. This
1855 is not normally a problem, but it can be on systems which
1856 replace nameservers whilst active. The code now continues
1857 to read resolv.conf until it gets at least one usable
1858 server. Thanks to Holger Mauermann for help with this.
1859
1860 If a client DECLINEs an address which is allocated to it
1861 via dhcp-host or /etc/hosts, lock that address out of use
1862 for ten minutes, instead of forever, and log when it's not
1863 being used because of the lock-out. This should provide
1864 less surprising behaviour when a configured address can't be
1865 used. Thanks to Peter Surda and Heinz Deinhart for input
1866 on this.
1867
1868 Fixed *BSD DHCP breakage with only some
1869 arches/compilers, depending on structure padding rules.
1870 Thanks to Jeb Campbell and Tom Hensel for help with this.
1871
1872 Added --conf-dir option. Suggestion from Aaron Tygart.
1873
1874 Applied patch from Brent Cook which allows netids in
1875 dhcp-option configuration lines to be prefixed by
1876 "net:". This is not required by the syntax, but it is
1877 consistent with other configuration items.
1878
1879 Added --log-facility option. Suggestion from Fabio Muzzi.
1880
1881 Major update to Spanish translation. Many thanks to Chris
1882 Chatham.
1883
1884 Fixed gcc-4.1 strict-alias compilation warning.
Simon Kelley309331f2006-04-22 15:05:01 +01001885
Simon Kelley208b65c2006-08-05 21:41:37 +01001886version 2.33
1887 Remove bash-specific shellcode from the Makefile.
Simon Kelley309331f2006-04-22 15:05:01 +01001888
Simon Kelley208b65c2006-08-05 21:41:37 +01001889 Fix breakage with some DHCP relay implementations which
1890 was introduced in 2.28. Believing the source port in
1891 DHCP requests and sending the reply there is sometimes a
1892 bad thing to do, so I've reverted to always sending to
1893 the relay on port 68. Thanks to Daniel Hamlin and Alex
1894 (alde) for bug reports on this.
Simon Kelley309331f2006-04-22 15:05:01 +01001895
Simon Kelley208b65c2006-08-05 21:41:37 +01001896 Moved the SuSe packaging files to contrib. I will no
1897 longer attempt to maintain this in the source tarball. It
1898 will be done externally, in the same way as packaging for
1899 other distros. Suse packages are available from
1900 ftp://ftp.suse.com/pub/people/ug/
1901
1902 Merged patch from Gentoo to honour $LDFLAGS environment.
Simon Kelley849a8352006-06-09 21:02:31 +01001903
Simon Kelley208b65c2006-08-05 21:41:37 +01001904 Fix bug in resolv.conf processing when more than one file
1905 is being checked.
1906
1907 Add --dns-forward-max option.
1908
1909 Warn if --resolv-file flags are ignored because of
1910 --no-resolv. Thanks to Martin F Krafft for spotting this
1911 one.
1912
1913 Add --leasefile-ro option which allows the use of an
1914 external lease database. Many thanks to Steve Horbachuk
1915 for assistance developing this feature.
1916
1917 Provide extra information to lease-change script via its
1918 environment. If the host has a client-id, then
1919 DNSMASQ_CLIENT_ID will be set. Either the lease length (in
1920 DNSMASQ_LEASE_LENGTH) or lease expiry time (in
1921 DNSMASQ_LEASE_EXPIRES) will be set, depending on the
1922 HAVE_BROKEN_RTC compile-time option. This extra
1923 information should make it possible to maintain the lease
1924 database in external storage such as LDAP or a relational
1925 database. Note that while leasefile-ro is set, the script
1926 will be called with "old" events more often, since
1927 changes to the client-id and lease length
1928 (HAVE_BROKEN_RTC) or lease expiry time (otherwise)
1929 are now flagged.
1930
1931 Add contrib/wrt/* which is an example implementation of an
1932 external persistent lease database for *WRT distros with
1933 the nvram command.
1934
1935 Add contrib/wrt/dhcp_release.c which is a small utility
1936 which removes DHCP leases using DHCPRELEASE operation in
1937 the DHCP protocol.
Simon Kelley16972692006-10-16 20:04:18 +01001938
1939version 2.34
1940 Tweak network-determination code for another corner case:
1941 in this case a host forced to move between dhcp-ranges on
1942 the same physical interface. Thanks to Matthias Andree.
1943
1944 Improve handling of high DNS loads by throttling acceptance of
1945 new queries when resources are tight. This should be a
1946 better response than the "forwarding table full..."
1947 message which was logged before.
1948
1949 Fixed intermittent infinite loop when re-reading
1950 /etc/ethers after SIGHUP. Thanks to Eldon Ziegler for the
1951 bug report.
1952
1953 Provide extra information to the lease-change script: when
1954 a lease loses its hostname (because a new lease comes
1955 along and claims the same new), the "old" action is called
1956 with the current state of the lease, ie no name. The
1957 change is to provide the former name which the lease had
1958 in the environment variable DNSMASQ_OLD_HOSTNAME. This
1959 helps scripts which do stuff based on hostname, rather
1960 than IP address. Also provide vendor-class and user-class
1961 information to the lease-change script when a new lease is
1962 created in the DNSMASQ_VENDOR_CLASS and
1963 DNSMASQ_USER_CLASS<n> environment variables. Suggestion
1964 from Francois-Xavier Le Bail.
1965
1966 Run the lease change script as root, even when dnsmasq is
1967 configured to change UID to an unprivileged user. Since
1968 most uses of the lease change script need root, this
1969 allows its use whilst keeping the security advantages of
1970 running the daemon without privs. The script is invoked
1971 via a small helper process which keeps root UID, and
1972 validates all data received from the main process. To get
1973 root, an attacker would have to break dnsmasq and then
1974 break the helper through the restricted comms channel
1975 linking the two.
1976
1977 Add contrib/port-forward/* which is a script to set up
1978 port-forwards using the DHCP lease-change script. It's
1979 possible to add a host to a config file by name, and when
1980 that host gets a DHCP lease, the script will use iptables
1981 to set up port-forwards to configured ports at the address
1982 which the host is allocated. The script also handles
1983 setting up the port-forward iptables entries after reboot,
1984 using the persistent lease database, and removing them
1985 when a host leaves and its DHCP lease expires.
1986
1987 Fix unaligned access problem which caused wrong log
1988 messages with some clients on some architectures. Thanks
1989 to Francois-Xavier Le Bail for the bugreport.
1990
1991 Fixed problem with DHCPRELEASE and multi-address
1992 interfaces. Enhanced contrib/wrt/dhcp_release to cope
1993 under these circumstances too. Thanks to Eldon Ziegler for
1994 input on this.
1995
1996 Updated French translation: thanks to Gildas Le Nadan.
1997
1998 Upgraded the name hash function in the DNS cache. Thanks
1999 to Oleg Khovayko for good work on this.
2000
2001 Added --clear-on-reload flag. Suggestion from Johannes
2002 Stezenbach.
2003
2004 Treat a nameserver address of 0.0.0.0 as "nothing". Erwin
2005 Cabrera spotted that specifying a nameserver as 0.0.0.0
2006 breaks things badly; this is because the network stack
2007 treats is as "this host" and an endless loop ensues.
2008
2009 Added Webmin module in contrib/webmin. Thanks to Neil
2010 Fisher for that.
2011
Simon Kelley4011c4e2006-10-28 16:26:19 +01002012version 2.35
2013 Generate an "old" script event when a client does a DHCPREQUEST
2014 in INIT-REBOOT or SELECTING state and the lease already
2015 exists. Supply vendor and user class information to these
2016 script calls.
2017
2018 Added support for Dragonfly BSD to src/config.h
2019
2020 Removed "Upgrading to 2.0" document, which is ancient
2021 history now.
2022
2023 Tweak DHCP networking code for BSD, esp OpenBSD. Added a
2024 workaround for a bug in OpenBSD 4.0: there should finally
2025 be support for multiple interfaces under OpenBSD now.
2026 Note that no version of dnsmasq before 2.35 will work for
2027 DHCP under OpenBSD 4.0 because of a kernel bug.
2028 Thanks to Claudio Jeker, Jeb Campbell and Cristobal
2029 Palmer for help with this.
2030
2031 Optimised the cache code for the case of large
2032 /etc/hosts. This is mainly to remove the O(n-squared)
2033 algorithm which made reading large (50000 lines) files
2034 slow, but it also takes into account the size of
2035 /etc/hosts when building hash tables, so overall
2036 performance should be better. Thanks to "koko" for
2037 pointing out the problem.
Simon Kelley16972692006-10-16 20:04:18 +01002038
Simon Kelley832af0b2007-01-21 20:01:28 +00002039version 2.36
2040 Added --dhcp-ignore-names flag which tells dnsmasq not to
2041 use names provided by DHCP clients. Suggestion from
2042 Thomas M Steenholdt.
Simon Kelley16972692006-10-16 20:04:18 +01002043
Simon Kelley832af0b2007-01-21 20:01:28 +00002044 Send netmask and broadcast address DHCP options always,
2045 even if the client doesn't request them. This makes a few
2046 odd clients work better.
2047
2048 Added simple TFTP function, optimised for net-boot. It is
2049 now possible to net boot hosts using only dnsmasq. The
2050 TFTP server is read-only, binary-mode only, and designed to be
2051 secure; it adds about 4K to the dnsmasq binary.
Simon Kelley16972692006-10-16 20:04:18 +01002052
Simon Kelley832af0b2007-01-21 20:01:28 +00002053 Support DHCP option 120, SIP servers, (RFC 3361). Both
2054 encodings are supported, so both --dhcp-option=120,192.168.2.3
2055 and --dhcp-option=120,sip.example.net will work. Brian
2056 Candler pointed out the need for this.
2057
2058 Allow spaces in domain names, to support DNS-SD.
2059
2060 Add --ptr-record flag, again for DNS-SD. Thanks to Stephan
2061 Sokolow for the suggestion.
2062
2063 Tolerate leading space on lines in the config file. Thanks
2064 to Luigi Rizzo for pointing this out.
2065
2066 Fixed netlink.c to cope with headers from the Linux 2.6.19
2067 kernel. Thanks to Philip Wall for the bug report.
2068
2069 Added --dhcp-bridge option, but only to the FreeBSD
2070 build. This fixes an oddity with a a particular bridged
2071 network configuration on FreeBSD. Thanks to Luigi Rizzo
2072 for the patch.
2073
2074 Added FAQ entry about running dnsmasq in a Linux
2075 vserver. Thanks to Gildas le Nadan for the information.
2076
2077 Fixed problem with option parsing which interpreted "/" as
2078 an address and not a string. Thanks to Luigi Rizzo
2079 for the patch.
2080
2081 Ignore the --domain-needed flag when forwarding NS
2082 and SOA queries, since NS queries of TLDs are always legit.
2083 Marcus Better pointed out this problem.
2084
2085 Take care to forward signed DNS requests bit-perfect, so
2086 as not to affect the validity of the signature. This
2087 should allow DDNS updates to be forwarded.
2088
Simon Kelley1b7ecd12007-02-05 14:57:57 +00002089version 2.37
2090 Add better support for RFC-2855 DHCP-over-firewire and RFC
2091 -4390 DHCP-over-InfiniBand. A good suggestion from Karl Svec.
2092
2093 Some efficiency tweaks to the cache code for very large
2094 /etc/hosts files. Should improve reverse (address->name)
2095 lookups and garbage collection. Thanks to Jan 'RedBully'
2096 Seiffert for input on this.
2097
2098 Fix regression in 2.36 which made bogus-nxdomain
2099 and DNS caching unreliable. Thanks to Dennis DeDonatis
2100 and Jan Seiffert for bug reports.
2101
2102 Make DHCP encapsulated vendor-class options sane. Be
2103 warned that some conceivable existing configurations
2104 using these may break, but they work in a much
2105 simpler and more logical way now. Prepending
2106 "vendor:<client-id>" to an option encapsulates it
2107 in option 43, and the option is sent only if the
2108 client-supplied vendor-class substring-matches with
2109 the given client-id. Thanks to Dennis DeDonatis for
2110 help with this.
2111
2112 Apply patch from Jan Seiffert to tidy up tftp.c
2113
2114 Add support for overloading the filename and servername
2115 fields in DHCP packet. This gives extra option-space when
2116 these fields are not being used or with a modern client
2117 which supports moving them into options.
2118
2119 Added a LIMITS section to the man-page, with guidance on
2120 maximum numbers of clients, file sizes and tuning.
2121
2122
2123
2124
Simon Kelley832af0b2007-01-21 20:01:28 +00002125