import of dnsmasq-2.0.tar.gz

FAQ

+Q: Why does dnsmasq open UDP ports >1024 as well as port 53.
+   Is this a security problem/trojan/backdoor?
+
+A: The high ports that dnsmasq opens is for replies from the upstream
+   nameserver(s). Queries from dnsmasq to upstream nameservers are sent
+   from these ports and replies received to them. The reason for doing this is
+   that most firewall setups block incoming packets _to_ port 53, in order
+   to stop DNS queries from the outside world. If dnsmasq sent its queries
+   from port 53 the replies would be _to_ port 53 and get blocked.
+
+   This is not a security hole since dnsmasq will only accept replies to that
+   port: queries are  dropped. The replies must be to oustanding queries
+   which dnsmasq has forwarded, otherwise they are dropped too.
+ 
+   Addendum: dnsmasq now has the option "query-port" (-Q), which allows
+   you to specify the UDP port to be used for this purpose.  If not
+   specified, the operating system will select an available port number
+   just as it did before.
+ 
+Q: Why doesn't dnsmasq support DNS queries over TCP? Don't the RFC's specify
+   that?
+
+A: Yes, they do, so technically dnsmasq is not RFC-compliant. In practice, the
+   sorts of queries which dnsmasq is used for are always sent via UDP. Adding 
+   TCP support would make dnsmasq much more heavyweight for no practical 
+   benefit. If you really want to do zone transfers, forward port 53 TCP 
+   using in-kernel port-forwarding or a port-fowarder like rinetd.
+
+
+Q: When I send SIGUSR1 to dump the contents of the cache, some entries have
+   no IP address and are for names like mymachine.mydomain.com.mydomain.com.
+   What are these?
+
+A: They are negative entries: that's what the N flag means. Dnsmasq asked 
+   an upstream nameserver to resolve that address and it replied "doesn't 
+   exist, and won't exist for <n> hours" so dnsmasq saved that information so
+   that if _it_ gets asked the same question it can answer directly without
+   having to go back to the upstream server again. The strange repeated domains
+   result from the way resolvers search short names. See "man resolv.conf" for
+   details.
+
+
+Q: Will dnsmasq compile/run on non-Linux systems?
+
+A: Yes, there is explicit support for *BSD and Solaris.
+   For other systems, try altering the settings in config.h.
+
+A: Update for V2. Doing DHCP is rather non-portable, so there may be
+   a few teething troubles. The initial 2.0 release is known to work
+   on Linux 2.2.x, Linux 2.4.x and Linux 2.6.x with uclibc and glibc
+   2.3. It also works on FreeBSD 4.8. The crucial problem is sending
+   raw packets, bypassing the IP stack. Dnsmasq contains code to do
+   using PF_PACKET sockets (which is for Linux) and the Berkeley packet
+   filter (which works with BSD). If you are trying to port to another
+   Un*x, bpf is the most likeley candidate. See config.h 
+
+Q: My companies' nameserver knows about some names which aren't in the
+   public DNS. Even though I put it first in /etc/resolv.conf, it
+   dosen't work: dnsmasq seems not to use the nameservers in the order
+   given. What am I doing wrong?
+
+A: By default, dnsmasq treats all the nameservers it knows about as
+   equal: it picks the one to use using an algorithm designed to avoid 
+   nameservers which aren't responding. To make dnsmasq use the
+   servers in order, give it the -o flag. If you want some queries
+   sent to a special server, think about using the -S flag to give the
+   IP address of that server, and telling dnsmasq exactly which
+   domains to use the server for.
+
+Q: OK, I've got queries to a private nameserver working, now how about 
+   reverse queries for a range of IP addresses?
+
+A: Use the standard DNS convention of <reversed address>.in-addr.arpa.
+   For instance to send reverse queries on the range 192.168.0.0 to 
+   192.168.0.255 to a nameserver at 10.0.0.1 do
+   server=/0.168.192.in-addr.arpa/10.0.0.1
+
+Q: Dnsmasq fails to start with an error like this: "dnsmasq: bind
+   failed: Cannot assign requested address". What's the problem?
+
+A: This has been seen when a system is bringing up a PPP interface at
+   boot time: by the time dnsmasq start the interface has been
+   created, but not brought up and assigned an address. The easiest
+   solution is to use --interface flags to specify which interfaces
+   dnsmasq should listen on. Since you are unlikely to want dnsmasq to
+   listen on a PPP interface and offer DNS service to the world, the
+   problem is solved.
+
+Q: I'm running on BSD and dnsmasq won't accept long options on the
+   command line. 
+
+A: Dnsmasq when built on BSD systems doesn't use GNU getopt by
+   default. You can either just use the single-letter options or
+   change config.h and the Makefile to use getopt-long. Note that
+   options in /etc/dnsmasq.conf must always be the long form,
+   on all platforms.
+
+Q: Names on the internet are working fine, but looking up local names 
+   from /etc/hosts or DHCP doesn't seem to work.
+
+A: Resolver code sometime does strange things when given names without
+   any dots in. Win2k and WinXP may not use the DNS at all and just
+   try and look up the name using WINS. On unix look at "options ndots:"
+   in "man resolv.conf" for details on this topic. Testing lookups
+   using "nslookup" or "dig" will work, but then attempting to run
+   "ping" will get a lookup failure, appending a dot to the end of the
+   hostname  will fix things. (ie "ping myhost" fails, but "ping
+   myhost." works. The solution is to make sure that all your hosts
+   have a domain set ("domain" in resolv.conf, the network applet in
+   windows, or set a domain in your DHCP server). Any domain  will do,
+   but "localnet" is traditional. Now when you resolve "myhost" the
+   resolver will attempt to look up "myhost.localnet" so you need to
+   have dnsmasq reply to that name. The way to do that is to include
+   the domain in each name on /etc/hosts and/or to use the
+   --expand-hosts and --domain-suffix options.
+
+Q: Can I get dnsmasq to save the contents of its cache to disk when
+   I shut my machine down and re-load when it starts again.
+
+A: No, that facility is not provided. Very few names in the DNS have
+   their time-to-live set for longer than a few hours so most of the
+   cache entries would have expired after a shutdown. For longer-lived
+   names it's much cheaper to just reload them from the upstream
+   server. Note that dnsmasq is not shut down between PPP sessions so
+   go off-line and then on-line again will not lose the contents of
+   the cache.
+
+Q: Who are Verisign, what do they have to do with the bogus-nxdomain
+   option in dnsmasq and why should I wory about it?
+
+A: [note: this was written in September 2003, things may well change.]
+   Versign run the .com and .net top-level-domains. They have just
+   changed the configuration of their servers so that unknown .com and
+   .net domains, instead of returning an error code NXDOMAIN, (no such
+   domain) return the address of a host at Versign which runs a web
+   server showing a search page. Most right-thinking people regard
+   this new behaviour as broken :-).  You can test to see if you are
+   suffering Versign brokeness by run a command like 
+   
+   host jlsdajkdalld.com
+
+   If you get "jlsdajkdalld.com" does not exist, then all is fine, if
+   host returns an IP address, then the DNS is broken. (Try a few
+   different unlikely domains, just in case you picked a wierd one
+   which really _is_ registered.)
+
+   Assuming that your DNS is broken, and you want to fix it, simply
+   note the IP address being returned and pass it to dnsmasq using the
+   --bogus-nxdomain flag. Dnsmasq will check for results returning
+   that address and substitute an NXDOMAIN instead. 
+
+   As of writing, the IP address in question for the .com and .net
+   domains is is 64.94.110.11. Various other, less prominent,
+   registries pull the same stunt; there is a list of them all, and
+   the addresses to block, at http://winware.org/bogus-domains.txt
+
+
+
+
+
+

Makefile

+PREFIX?=/usr/local
+BINDIR = ${PREFIX}/sbin
+MANDIR = ${PREFIX}/man
+
+SRC = src
+
+CFLAGS?= -O2
+
+all : 
+	@cd $(SRC); $(MAKE) dnsmasq 
+
+clean :
+	rm -f *~ */*~ $(SRC)/*.o $(SRC)/dnsmasq core build
+
+install : $(SRC)/dnsmasq
+	install -d $(DESTDIR)$(BINDIR) -d $(DESTDIR)$(MANDIR)/man8
+	install -m 644 dnsmasq.8 $(DESTDIR)$(MANDIR)/man8 
+	install -m 755 $(SRC)/dnsmasq $(DESTDIR)$(BINDIR)
+
+
+
+

UPGRADING_to_2.0

+
+
+	Upgrading to dnsmasq V2
+        -----------------------
+
+Version 1.x of dnsmasq includes a facility for reading the dhcp.leases
+file written by ISC dhcpd. This allows the names of machines which
+have addresses allocated by DHCP to be included in the DNS.
+
+Version 2.x of dnsmasq removes the ISC dhcpd integration and replaces
+it with a DHCP server integrated into dnsmasq. This is an incompatible
+change in dnsmasq but it has the following advantages:
+
+* Small. ISC dhcpd is a large and comprehensive DHCP solution. The
+  dnsmasq DHCP server adds about 15k to DNS-only dnsmasq and provides
+  all the facilities likely to be needed in the sort of networks
+  which are targeted by dnsmasq.
+
+* Easy to configure. All configuration is in one file and there are
+  sensible defaults for common settings. Many applications will need
+  just one extra line in /etc/dnsmasq.conf which tells it the range of
+  addresses to allocate to DHCP.
+
+* Support for static leases. When static leases are used with ISC DHCP
+  they don't appear in the dhcp.leases file (since that file is used
+  for storage of dynamic leases which aren't pre-configured.) Hence
+  static leases cannot be used with dnsmasq unless each machine with a
+  static lease is also inserted into /etc/hosts. This is not required
+  with the dnsmasq DHCP server.
+
+
+
+       DHCP configuration
+       ------------------
+
+To convert an installation which is currently using ISC dhcpd, remove
+the ISC DHCP daemon. Unless you want dnsmasq to use the same file
+to store its leases it is necessary to remove the configuration line in
+/etc/dnsmasq.conf which specifies the dhcp.leases file.
+
+To enable DHCP, simply add a line like this to /etc/dnsmasq.conf
+
+dhcp-range=192.168.0.100,192,168.0.200,12h
+
+which tells dnsmasq to us the addresses 192.168.0.100 to 192.168.0.200
+for dynamic IP addresses, and to issue twelve hour leases.
+
+Each host will have its default route and DNS server set to be the
+address of the host running dnsmasq, and its netmask and broadcast 
+address set correctly, so nothing else at all is required for a
+minimal system. Hosts which include a hostname in their DHCP request 
+will have that name and their allocated address inserted into the DNS,
+in the same way as before.
+
+Having started dnsmasq, tell any hosts on the network to renew their
+DHCP lease, so that dnsmasq's  DHCP server becomes aware of them. For
+Linux, this is best done by killing-and-restarting the DHCP client
+daemon or taking the network interface down and then back up. For
+Windows use winipcfg.exe
+
+
+For more complex DHCP configuration, refer to the doc/setup.html, the
+dnsmasq manpage and the annotated example configuration file.
+
+

dnsmasq-mdk.spec

+###############################################################################
+#
+# General mumbojumbo
+#
+###############################################################################
+
+Name: dnsmasq
+Version: 2.0
+Release: 1
+Copyright: GPL
+Group: System Environment/Daemons
+Vendor: Simon Kelley
+Packager: Simon Kelley
+Distribution: Mandrake Linux
+URL: http://www.thekelleys.org.uk/dnsmasq
+Source0: %{name}-%{version}.tar.gz
+Requires: chkconfig
+BuildRoot: /var/tmp/%{name}-%{version}
+Summary: A lightweight caching nameserver
+
+%description
+Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It 
+is designed to provide DNS and, optionally, DHCP, to a small network. It can
+serve the names of local machines which are not in the global DNS. The DHCP 
+server integrates with the DNS server and allows machines with DHCP-allocated
+addresses to appear in the DNS with names configured either in each host or 
+in a central configuration file. Dnsmasq supports static and dynamic DHCP 
+leases and BOOTP for network booting of diskless machines.
+
+
+###############################################################################
+#
+# Build
+#
+###############################################################################
+
+%prep
+%setup -q
+%build
+make
+
+
+###############################################################################
+#
+# Install
+#
+###############################################################################
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+mkdir -p -m 755 $RPM_BUILD_ROOT/usr/sbin
+mkdir -p -m 755 $RPM_BUILD_ROOT/etc/rc.d/init.d
+mkdir -p -m 755 $RPM_BUILD_ROOT/usr/share/man/man8
+
+cp rpm/dnsmasq.rh $RPM_BUILD_ROOT/etc/rc.d/init.d/dnsmasq
+strip src/dnsmasq
+cp src/dnsmasq $RPM_BUILD_ROOT/usr/sbin
+cp dnsmasq.8 $RPM_BUILD_ROOT/usr/share/man/man8
+cp dnsmasq.conf.example $RPM_BUILD_ROOT/etc/dnsmasq.conf
+###############################################################################
+#
+# Clean up
+#
+###############################################################################
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+
+###############################################################################
+#
+# Post-install scriptlet
+#
+###############################################################################
+
+%post
+/sbin/chkconfig --add dnsmasq
+
+
+###############################################################################
+#
+# Pre-uninstall scriptlet
+#
+# If there's a time when your package needs to have one last look around before
+# the user erases it, the place to do it is in the %preun script. Anything that
+# a package needs to do immediately prior to RPM taking any action to erase the
+# package, can be done here.
+#
+###############################################################################
+
+%preun
+if [ $1 = 0 ]; then     # execute this only if we are NOT doing an upgrade
+    service dnsmasq stop >/dev/null 2>&1
+    /sbin/chkconfig --del dnsmasq
+fi
+
+
+###############################################################################
+#
+# Post-uninstall scriptlet
+#
+# The %postun script executes after the package has been removed. It is the
+# last chance for a package to clean up after itself.
+#
+###############################################################################
+
+%postun
+if [ "$1" -ge "1" ]; then
+    service dnsmasq restart >/dev/null 2>&1
+fi
+
+
+###############################################################################
+#
+# File list
+#
+###############################################################################
+
+%files
+%defattr(-,root,root)
+%doc CHANGELOG COPYING FAQ doc.html setup.html UPGRADING_to_2.0
+%attr(0755,root,root) /etc/rc.d/init.d/dnsmasq
+%attr(0664,root,root) /etc/dnsmasq.conf
+%config /etc/rc.d/init.d/dnsmasq
+%config /etc/dnsmasq.conf
+%attr(0755,root,root) /usr/sbin/dnsmasq
+%attr(0644,root,root) /usr/share/man/man8/dnsmasq.8.bz2
+
+

dnsmasq-rh.spec

+###############################################################################
+#
+# General mumbojumbo
+#
+###############################################################################
+
+Name: dnsmasq
+Version: 2.0
+Release: 1
+Copyright: GPL
+Group: System Environment/Daemons
+Vendor: Simon Kelley
+Packager: Simon Kelley
+Distribution: Red Hat Linux
+URL: http://www.thekelleys.org.uk/dnsmasq
+Source0: %{name}-%{version}.tar.gz
+Requires: chkconfig
+BuildRoot: /var/tmp/%{name}-%{version}
+Summary: A lightweight caching nameserver
+
+%description
+Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It 
+is designed to provide DNS and, optionally, DHCP, to a small network. It can
+serve the names of local machines which are not in the global DNS. The DHCP 
+server integrates with the DNS server and allows machines with DHCP-allocated
+addresses to appear in the DNS with names configured either in each host or 
+in a central configuration file. Dnsmasq supports static and dynamic DHCP 
+leases and BOOTP for network booting of diskless machines.
+
+
+
+###############################################################################
+#
+# Build
+#
+###############################################################################
+
+%prep
+%setup -q
+%build
+make
+
+
+###############################################################################
+#
+# Install
+#
+###############################################################################
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+mkdir -p -m 755 $RPM_BUILD_ROOT/usr/sbin
+mkdir -p -m 755 $RPM_BUILD_ROOT/etc/rc.d/init.d
+mkdir -p -m 755 $RPM_BUILD_ROOT/usr/share/man/man8
+
+cp rpm/dnsmasq.rh $RPM_BUILD_ROOT/etc/rc.d/init.d/dnsmasq
+strip src/dnsmasq
+cp src/dnsmasq $RPM_BUILD_ROOT/usr/sbin
+cp dnsmasq.8 $RPM_BUILD_ROOT/usr/share/man/man8
+gzip $RPM_BUILD_ROOT/usr/share/man/man8/dnsmasq.8
+cp dnsmasq.conf.example $RPM_BUILD_ROOT/etc/dnsmasq.conf
+
+###############################################################################
+#
+# Clean up
+#
+###############################################################################
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+
+###############################################################################
+#
+# Post-install scriptlet
+#
+###############################################################################
+
+%post
+/sbin/chkconfig --add dnsmasq
+
+
+###############################################################################
+#
+# Pre-uninstall scriptlet
+#
+# If there's a time when your package needs to have one last look around before
+# the user erases it, the place to do it is in the %preun script. Anything that
+# a package needs to do immediately prior to RPM taking any action to erase the
+# package, can be done here.
+#
+###############################################################################
+
+%preun
+if [ $1 = 0 ]; then     # execute this only if we are NOT doing an upgrade
+    service dnsmasq stop >/dev/null 2>&1
+    /sbin/chkconfig --del dnsmasq
+fi
+
+
+###############################################################################
+#
+# Post-uninstall scriptlet
+#
+# The %postun script executes after the package has been removed. It is the
+# last chance for a package to clean up after itself.
+#
+###############################################################################
+
+%postun
+if [ "$1" -ge "1" ]; then
+    service dnsmasq restart >/dev/null 2>&1
+fi
+
+
+###############################################################################
+#
+# File list
+#
+###############################################################################
+
+%files
+%defattr(-,root,root)
+%doc CHANGELOG COPYING FAQ doc.html setup.html UPGRADING_to_2.0
+%config /etc/rc.d/init.d/dnsmasq 
+%config /etc/dnsmasq.conf
+%attr(0755,root,root) /etc/rc.d/init.d/dnsmasq
+%attr(0664,root,root) /etc/dnsmasq.conf
+%attr(0755,root,root) /usr/sbin/dnsmasq
+%attr(0644,root,root) /usr/share/man/man8/dnsmasq.8.gz
+
+

dnsmasq-suse.spec

+###############################################################################
+#
+# General
+#
+###############################################################################
+
+Name: dnsmasq
+Version: 2.0
+Release: 1
+Copyright: GPL
+Group: Productivity/Networking/DNS/Servers
+Vendor: Simon Kelley
+Packager: Simon Kelley
+URL: http://www.thekelleys.org.uk/dnsmasq
+Provides: dns_daemon
+Conflicts: bind bind8 bind9
+PreReq: %fillup_prereq %insserv_prereq
+Autoreqprov: on
+Source0: %{name}-%{version}.tar.gz
+BuildRoot: /var/tmp/%{name}-%{version}
+Summary: A lightweight caching nameserver
+
+%description
+Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It 
+is designed to provide DNS and, optionally, DHCP, to a small network. It can
+serve the names of local machines which are not in the global DNS. The DHCP 
+server integrates with the DNS server and allows machines with DHCP-allocated
+addresses to appear in the DNS with names configured either in each host or 
+in a central configuration file. Dnsmasq supports static and dynamic DHCP 
+leases and BOOTP for network booting of diskless machines.
+
+
+
+###############################################################################
+#
+# Build
+#
+###############################################################################
+
+%prep
+%setup -q
+%build
+%{?suse_update_config:%{suse_update_config -f}}
+make
+
+###############################################################################
+#
+# Install
+#
+###############################################################################
+
+%install
+rm -rf $RPM_BUILD_ROOT
+mkdir -p ${RPM_BUILD_ROOT}/etc/init.d
+mkdir -p ${RPM_BUILD_ROOT}/usr/sbin
+mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man8
+install -o root -g root -m 755 rpm/rc.dnsmasq-suse $RPM_BUILD_ROOT/etc/init.d/dnsmasq
+install -o root -g root -m 644 dnsmasq.conf.example $RPM_BUILD_ROOT/etc/dnsmasq.conf
+strip src/dnsmasq
+install -o root -g root -m 755 src/dnsmasq $RPM_BUILD_ROOT/usr/sbin
+ln -sf ../../etc/init.d/dnsmasq $RPM_BUILD_ROOT/usr/sbin/rcdnsmasq
+gzip -9 dnsmasq.8
+install -o root -g root -m 644 dnsmasq.8.gz $RPM_BUILD_ROOT%{_mandir}/man8
+
+###############################################################################
+#
+# Clean up
+#
+###############################################################################
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+###############################################################################
+#
+# Post-install scriptlet
+#
+###############################################################################
+
+%post
+%{fillup_and_insserv dnsmasq}
+
+###############################################################################
+#
+# Post-uninstall scriptlet
+#
+# The %postun script executes after the package has been removed. It is the
+# last chance for a package to clean up after itself.
+#
+###############################################################################
+
+%postun
+%{insserv_cleanup}
+
+###############################################################################
+#
+# File list
+#
+###############################################################################
+
+%files
+%defattr(-,root,root)
+%doc CHANGELOG COPYING FAQ doc.html setup.html UPGRADING_to_2.0
+%config /etc/init.d/dnsmasq
+%config /etc/dnsmasq.conf
+/usr/sbin/rcdnsmasq
+/usr/sbin/dnsmasq
+%doc %{_mandir}/man8/dnsmasq.8.gz
+
+
+

dnsmasq.conf.example

+# Configuration file for dnsmasq.
+#
+# Format is one option per line, legal options are the same
+# as the long options legal on the command line. See
+# "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details.
+
+# Change these lines if you want dnsmasq to serve MX records.
+# Only one of mx-host and mx-target need be set, the other defaults
+# to the name of the host  running dnsmasq.
+#mx-host=
+#mx-target=
+#selfmx
+#localmx
+
+# The following three options make you a better netizen, since they 
+# tell dnsmasq to filter out queries which the public DNS cannot
+# answer, and which load the servers (especially the root servers) 
+# uneccessarily. If you have a dial-on-demand link they also stop
+# these requests from bringing up the link uneccessarily.
+
+# Never forward plain names (with a dot or domain part)
+domain-needed
+# Reply to reverse queries for addresses in the non-routed address
+# space with the dotted.quad address
+bogus-priv
+# Filter useless windows-originated DNS requests
+filterwin2k
+
+
+# Change this line if you want dns to get its upstream servers from
+# somewhere other that /etc/resolv.conf 
+#resolv-file=
+
+# If you don't want dnsmasq to read /etc/resolv.conf or any other
+# file, getting its servers for this file instead (see below), then
+# uncomment this
+#no-resolv
+
+# If you don't want dnsmasq to poll /etc/resolv.conf or other resolv
+# files for changes and re-read them then uncomment this.
+#no-poll
+
+# Add other name servers here, with domain specs if they are for 
+# non-public domains.
+#server=/localnet/192.168.0.1
+
+# Add local-only domains here, queries in these domains are answered
+# from /etc/hosts or DHCP only.
+#local=/localnet/
+
+# Add domains which you want to force to an IP address here.
+# The example below send any host in doubleclick.net to a local
+# webserver.
+#address=/doubleclick.net/127.0.0.1
+
+# You no longer (as of version 1.7) need to set these to enable 
+# dnsmasq to read /etc/ppp/resolv.conf since dnsmasq now uses the
+# "dip" group to achieve this.
+#user=
+#group=
+
+# If you want dnsmasq to listen for requests only on specified interfaces
+# (and the loopback) give the name of the interface (eg eth0) here. 
+# Repeat the line for more than one interface.
+#interface=
+# Or you can specify which interface _not_ to listen on
+#except-interface=
+# Or which to listen on by address (remember to include 127.0.0.1 if
+# you use this.)
+#listen-address=
+
+# If you don't want dnsmasq to read /etc/hosts, uncomment the
+# following line.
+#no-hosts
+# or if you want it to read another file, as well as /etc/hosts, use
+# this.
+#addn-hosts=/etc/banner_add_hosts
+
+# Set this (and domain: see below) if you want to have a domain
+# automatically added to simple names in a hosts-file.
+#expand-hosts
+
+# Uncomment this to enable the integrated DHCP server, you need
+# to supply the range of addresses available for lease and optionally 
+# a lease time. If you have more than one interface, you will need to
+# repeat this for each interface on which you want to supply DHCP
+# service.
+#dhcp-range=192.168.0.50,192.168.0.150,12h
+
+# Supply parameters for specified hosts using DHCP. There are lots
+# of valid alternatives, do we will give examples of each. Note that
+# IP addresses DO NOT have to be in the range given above, they just
+# need to be on the same network. 
+
+# Always allocate the host with ethernet address 11:22:33:44:55:66 
+# The IP address 192.168.0.60
+#dhcp-host=11:22:33:44:55:66,192.168.0.60
+
+# Always set the name of the host with hardware address
+# 11:22:33:44:55:66 to be "fred"
+#dhcp-host=11:22:33:44:55:66,fred
+
+# Always give the host with ethernet address 11:22:33:44:55:66
+# the name fred and IP address 192.168.0.60 and lease time 45 minutes
+#dhcp-host=11:22:33:44:55:66,fred,192.168.0.60,45m
+
+# Give the machine which says it's name is "bert" IP address
+# 192.168.0.70 and an infinite lease
+#dhcp-host=bert,192.168.0.70,infinite
+
+# Always give the host with client identifier 01:02:02:04 
+# the IP address 192.168.0.60
+#dhcp-host=id:01:02:02:04,192.168.0.60
+
+# Always give the host with client identifier "marjorie"
+# the IP address 192.168.0.60
+#dhcp-host=id:marjorie,192.168.0.60
+
+# Send options to hosts which ask for a DHCP lease.
+# See RFC 2132 for details of available options.
+
+# Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5
+#dhcp-option=42,192.168.0.4,10.10.0.5
+
+# Set the NIS domain name to "welly"
+#dhcp-option=40,welly
+
+# Set the boot filename and tftpd server name and address
+# for BOOTP. You will only need this is you want to
+# boot machines over the network.
+#dhcp-boot=/var/ftpd/pxelinux.0,boothost,192.168.0.3
+
+# The DHCP server needs somewhere on disk to keep its lease database.
+# This defaults to a sane location, but if you want to change it, use
+# the line below.
+#dhcp-leasefile=/var/lib/dnsmasq/leases
+
+# Override the default route (which is normally automagically set
+# to be the machine running dnsmasq
+#dhcp-option=2,192,168.4.4
+
+# Set the cachesize here.
+#cache-size=600
+
+# If you want to disable negative caching, uncomment this.
+#no-negcache
+
+# Normally responses which come form /etc/hosts and the DHCP lease
+# file have Time-To-Live set as zero, which conventionally means
+# do not cache further. If you are happy to trade lower load on the 
+# server for potentially stale date, you can set a time-to-live (in 
+# seconds) here.
+#local-ttl=
+
+# If you want dnsmasq to detect attempts by Verisign to send queries
+# to unregistered .com and .net hosts to its sitefinder service and
+# have dnsmasq instead return the correct NXDOMAIN response, uncomment
+# this line. You can add similar lines to do the same for other
+# registries which have implemented wildcard A records.
+#bogus-nxdomain=64.94.110.11
+
+# For debugging purposes, log each DNS query as it passes through
+# dnsmasq.
+#log-queries
+
+
+ 
+
+
+

doc.html

+<HTML>
+<HEAD>
+<TITLE> Dnsmasq - a DNS forwarder for NAT firewalls.</TITLE>
+</HEAD>
+<BODY BGCOLOR="WHITE"> 
+<H1 ALIGN=center>Dnsmasq</H1> 
+Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP
+ server. It is designed to provide DNS and, optionally, DHCP, to a 
+ small network. It can serve the names of local machines which are 
+ not in the global DNS. The DHCP server integrates with the DNS 
+ server and allows machines with DHCP-allocated addresses
+ to appear in the DNS with names configured either in each host or
+ in a central configuration file. Dnsmasq supports static and dynamic 
+ DHCP leases and BOOTP for network booting of diskless machines.
+<P>
+ Dnsmasq is targeted at home networks using NAT and 
+connected to the internet via a modem, cable-modem or ADSL
+connection but would be a good choice for any small network where low
+resource use and ease of configuration are important. 
+<P>
+Dnsmasq is included in at least the following Linux distributions: Gentoo, Debian,
+Smoothwall, IP-Cop, floppyfw, Firebox, Freesco and
+Clarkconnect. It is also available as a FreeBSD port and is used in Linksys wireless routers.
+<P>
+Dnsmasq provides the following features:
+<DIR>
+
+<LI> 
+The DNS configuration of machines behind the firewall is simple and
+doesn't depend on the details of the ISP's dns servers
+<LI>
+Clients which try to do DNS lookups while  a modem link to the
+internet is down will time out immediately.
+</LI>
+<LI>
+Dnsmasq will serve names from the /etc/hosts file on the firewall
+machine: If the names of local machines are there, then they can all
+be addressed without having to maintain /etc/hosts on each machine.
+</LI>
+<LI>
+Dnsmasq will serve names from the DHCP leases file on the firewall machine:
+If machines specify a hostname when they take out a DHCP lease, then they are
+addressable in the local DNS. <B>UPDATE</B> Dnsmasq version 2 now offers an integrated DHCP server
+instead of the lease file reader. This gives better control of the
+interaction with new functions (for example fixed IP leasess and
+attaching names to ethernet addresses centrally) it's also much
+smaller than dnsmasq and ISC dhcpd which is important for router distros.
+</LI>
+<LI>
+Dnsmasq caches internet addresses (A records and AAAA records) and address-to-name
+mappings (PTR records), reducing the load on upstream servers and
+improving performance (especially on modem connections). From version
+0.95 the cache honours time-to-live information and removes old
+records as they expire. From version 0.996 dnsmasq does negative
+caching. From version 1.2 dnsmasq supports IPv6 addresses, both
+in its cache and in /etc/hosts.
+</LI>
+<LI>
+Dnsmasq can be configured to automatically pick up the addresses of
+it's upstream nameservers from ppp or dhcp configuration. It will
+automatically reload this information if it changes. This facility
+will be of particular interest to maintainers of Linux firewall
+distributions since it allows dns configuration to be made automatic.
+</LI>
+<LI>
+On IPv6-enabled boxes, dnsmasq can both talk to upstream servers via IPv6 
+and offer DNS service via IPv6. On dual-stack (IPv4 and IPv6) boxes it talks
+both protocols and can even act as IPv6-to-IPv4 or IPv4-to-IPv6 forwarder.
+</LI>
+<LI>
+Dnsmasq can be configured to send queries for certain domains to
+upstream servers handling only those domains. This makes integration
+with private DNS systems easy.
+</LI>
+<LI>
+Dnsmasq can be configured to return an MX record 
+for the firewall host. This makes it easy to configure the mailer on the local 
+machines to forward all mail to the central mailer on the firewall host. Never 
+lose root messages from your machines again!
+</LI>
+<LI>
+For version 1.15 dnsmasq has a facility to work around Verisign's infamous wildcard A record
+in the .com and .net TLDs
+</LI>
+</DIR>
+
+<H2>Download.</H2>
+
+Download dnsmasq <A HREF="http://www.thekelleys.org.uk/dnsmasq/"> here</A>. 
+The tarball includes this documentation, source, manpage and control files for building .rpms.
+There are also pre-built i386 .rpms, and a 
+<A HREF="CHANGELOG"> CHANGELOG</A>.
+Dnsmasq is part of the Debian distribution, it can be downloaded from 
+<A HREF="http://ftp.debian.org/debian/pool/main/d/dnsmasq/"> here</A> or installed using <TT>apt</TT>.
+
+
+<H2>Building rpms.</H2>
+Assuming you have the relevant tools installed, you can rebuild .rpms simply by running (as root)
+
+<PRE>
+rpmbuild -ta dnsmasq-xxx.tar.gz
+</PRE>
+
+Note for Suse users: you will need to re-compress the tar file as
+bzip2 before building using the commands
+<PRE>
+gunzip dnsmasq-xxx.tar.gz
+bzip2 dnsmasq-zzz.tar
+</PRE>
+
+<H2>Links.</H2>
+Ulrich Ivens has a nice HOWTO in German on installing dnsmasq at <A HREF="http://howto.linux-hardware-shop.de/dnsmasq.html">http://howto.linux-hardware-shop.de/dnsmasq.html</A>
+
+<H2>License.</H2>
+Dnsmasq is distributed under the GPL. See the file COPYING in the distribution 
+for details.
+
+<H2>Contact.</H2>
+Dnsmasq was written by Simon Kelley. You can contact me at <A HREF="mailto:simon@thekelleys.org.uk">simon@thekelleys.org.uk</A>. Bugreports, patches, and suggestions for improvements gratefully accepted.
+</BODY>
+

rpm/dnsmasq.rh

+#!/bin/sh
+#
+# Startup script for the DNS caching server
+#
+# chkconfig: 2345 99 01
+# description: This script starts your DNS caching server
+# processname: dnsmasq
+# pidfile: /var/run/dnsmasq.pid
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+# Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 0
+
+dnsmasq=/usr/sbin/dnsmasq
+[ -f $dnsmasq ] || exit 0
+
+# change this line if you want dnsmasq to serve an MX record for 
+# the host it is running on. 
+MAILHOSTNAME=""
+# change this line if you want dns to get its upstream servers from
+# somewhere other that /etc/resolv.conf 
+RESOLV_CONF=""
+# change this if you want dnsmasq to cache any "hostname" or "client-hostname" from
+# a dhcpd's lease file
+DHCP_LEASE="/var/lib/dhcp/dhcpd.leases"
+DOMAIN_SUFFIX=`dnsdomainname`
+
+OPTIONS=""
+
+if [ ! -z "${MAILHOSTNAME}" ]; then
+  OPTIONS="$OPTIONS -m $MAILHOSTNAME"
+fi
+
+if [ ! -z "${RESOLV_CONF}" ]; then
+  OPTIONS="$OPTIONS -r $RESOLV_CONF"
+fi
+
+if [ ! -z "${DHCP_LEASE}" ]; then
+  OPTIONS="$OPTIONS -l $DHCP_LEASE"
+fi
+
+if [ ! -z "${DOMAIN_SUFFIX}" ]; then
+  OPTIONS="$OPTIONS -s $DOMAIN_SUFFIX"
+fi
+
+RETVAL=0
+
+# See how we were called.
+case "$1" in
+  start)
+        echo -n "Starting dnsmasq: "
+        daemon $dnsmasq $OPTIONS
+	RETVAL=$?
+        echo
+        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/dnsmasq
+        ;;
+  stop)
+        if test "x`pidof dnsmasq`" != x; then
+            echo -n "Shutting down dnsmasq: "
+            killproc dnsmasq
+        fi
+	RETVAL=$?
+        echo
+        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/dnsmasq /var/run/dnsmasq.pid
+        ;;
+  status)
+	status dnsmasq
+	RETVAL=$?
+	;;
+  restart|reload)
+	$0 stop
+	$0 start
+	RETVAL=$?
+	;;
+  condrestart)
+	    if test "x`/sbin/pidof dnsmasq`" != x; then
+		$0 stop
+		$0 start
+		RETVAL=$?
+	    fi
+	    ;;
+  *)
+        echo "Usage: $0 {start|stop|restart|reload|condrestart|status}"
+        exit 1
+esac
+
+exit $RETVAL
+

rpm/rc.dnsmasq-suse

+#! /bin/sh
+#
+# init.d/dnsmasq
+#
+### BEGIN INIT INFO
+# Provides:       dnsmasq
+# Required-Start: $network $remote_fs $syslog
+# Required-Stop:
+# Default-Start:  3 5
+# Default-Stop:
+# Description:    Starts internet name service masq caching server (DNS)
+### END INIT INFO
+
+NAMED_BIN=/usr/sbin/dnsmasq
+NAMED_PID=/var/run/dnsmasq.pid
+NAMED_CONF=/etc/dnsmasq.conf
+
+if [ ! -x $NAMED_BIN ] ; then
+	echo -n "dnsmasq not installed ! "
+	exit 5
+fi
+
+. /etc/rc.status
+rc_reset
+
+case "$1" in
+    start)
+	echo -n "Starting name service masq caching server "
+        checkproc -p $NAMED_PID $NAMED_BIN
+        if [ $? -eq 0 ] ; then
+           echo -n "- Warning: dnsmasq already running ! "
+        else
+           [ -e $NAMED_PID ] && echo -n "- Warning: $NAMED_PID exists ! "
+	fi
+	startproc -p $NAMED_PID $NAMED_BIN -u nobody
+	rc_status -v
+	;;
+    stop)
+	echo -n "Shutting name service masq caching server "
+	checkproc -p $NAMED_PID $NAMED_BIN
+	[ $? -ne 0 ] && echo -n "- Warning: dnsmasq not running ! "
+	killproc -p $NAMED_PID -TERM $NAMED_BIN
+	rc_status -v
+	;;
+    try-restart)
+	$0 stop  &&  $0 start
+	rc_status
+	;;
+    restart)
+	$0 stop
+	$0 start
+	rc_status
+	;;
+    force-reload)
+	$0 reload
+	rc_status
+	;;
+    reload)
+	echo -n "Reloading name service masq caching server "
+	checkproc -p $NAMED_PID $NAMED_BIN
+	[ $? -ne 0 ] && echo -n "- Warning: dnsmasq not running ! "
+	killproc -p $NAMED_PID -HUP $NAMED_BIN
+	rc_status -v
+	;;
+    status)
+	echo -n "Checking for name service masq caching server "
+	checkproc -p $NAMED_PID $NAMED_BIN
+	rc_status -v
+	;;
+    probe)
+	test $NAMED_CONF -nt $NAMED_PID && echo reload
+	;;
+    *)
+	echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
+	exit 1
+	;;
+esac
+rc_exit
+

src/Makefile

+# Uncomment this on Solaris.
+#LIBS = -lsocket -lnsl
+
+CFLAGS?= -O2
+
+OBJS = cache.o rfc1035.o util.o option.o forward.o \
+       network.o dnsmasq.o dhcp.o lease.o rfc2131.o
+
+.c.o: dnsmasq.h config.h 
+	$(CC) $(CFLAGS) $(RPM_OPT_FLAGS) -Wall -W -c $*.c 
+
+dnsmasq : $(OBJS) dnsmasq.h config.h
+	$(CC) -o $@  $(OBJS) $(LIBS)
+
+
+

src/config.h

+/* dnsmasq is Copyright (c) 2000 Simon Kelley
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+*/
+
+/* Author's email: simon@thekelleys.org.uk */
+
+#define VERSION "2.0"
+
+#define FTABSIZ 150 /* max number of outstanding requests */
+#define TIMEOUT 40 /* drop queries after TIMEOUT seconds */
+#define LOGRATE 120 /* log table overflows every LOGRATE seconds */
+#define CACHESIZ 150 /* default cache size */
+#define SMALLDNAME 40 /* most domain names are smaller than this */
+#define CONFFILE "/etc/dnsmasq.conf"
+#define HOSTSFILE "/etc/hosts"
+#ifdef __uClinux__
+#  define RESOLVFILE "/etc/config/resolv.conf"
+#else
+#  define RESOLVFILE "/etc/resolv.conf"
+#endif
+#define RUNFILE "/var/run/dnsmasq.pid"
+#ifdef __FreeBSD__
+#   define LEASEFILE "/var/db/dnsmasq.leases"
+#else
+#   define LEASEFILE "/var/lib/misc/dnsmasq.leases"
+#endif
+#define DEFLEASE 3600 /* default lease time, 1 hour */
+#define CHUSER "nobody"
+#define CHGRP "dip"
+#define IP6INTERFACES "/proc/net/if_inet6"
+#define DHCP_SERVER_PORT 67
+#define DHCP_CLIENT_PORT 68
+
+/* Logfile stuff - change this to change the options and facility */
+/* debug is true if the --no-daemon flag is given */
+#ifdef LOG_PERROR
+#  define DNSMASQ_LOG_OPT(debug)  (debug) ? LOG_PERROR : LOG_PID
+#else
+#  define DNSMASQ_LOG_OPT(debug)  (debug) ? 0 : LOG_PID
+#endif
+
+#ifdef LOG_LOCAL0
+#  define DNSMASQ_LOG_FAC(debug)  (debug) ? LOG_LOCAL0 : LOG_DAEMON
+#else
+#  define DNSMASQ_LOG_FAC(debug)  LOG_DAEMON
+#endif
+
+
+/* Decide if we're going to support IPv6 */
+/* We assume that systems which don't have IPv6
+   headers don't have ntop and pton either */
+
+#if defined(INET6_ADDRSTRLEN)
+#  define HAVE_IPV6
+#  define ADDRSTRLEN INET6_ADDRSTRLEN
+#elif defined(INET_ADDRSTRLEN)
+#  undef HAVE_IPV6
+#  define ADDRSTRLEN INET_ADDRSTRLEN
+#else
+#  undef HAVE_IPV6
+#  define ADDRSTRLEN 16 /* 4*3 + 3 dots + NULL */
+#endif
+
+/* Get linux C library versions. */
+#if defined(__linux__) && !defined(__UCLIBC__) && !defined(__uClinux__)
+#  include <libio.h> 
+#endif
+
+
+/* Follows system specific switches. If you run on a 
+   new system, you may want to edit these. 
+   May replace this with Autoconf one day. 
+
+
+HAVE_LINUX_IPV6_PROC
+   define this to do IPv6 interface discovery using
+   proc/net/if_inet6 ala LINUX. 
+
+HAVE_GETOPT_LONG
+   define this if you have GNU libc or GNU getopt. 
+
+HAVE_ARC4RANDOM
+   define this if you have arc4random() to get better security from DNS spoofs
+   by using really random ids (OpenBSD) 
+
+HAVE_RANDOM
+   define this if you have the 4.2BSD random() function (and its
+   associated srandom() function), which is at least as good as (if not
+   better than) the rand() function.
+
+HAVE_DEV_RANDOM
+   define this if you have the /dev/random device, which gives truly
+   random numbers but may run out of random numbers.
+
+HAVE_DEV_URANDOM
+   define this if you have the /dev/urandom device, which gives
+   semi-random numbers when it runs out of truly random numbers.
+
+HAVE_SOCKADDR_SA_LEN
+   define this if struct sockaddr has sa_len field (*BSD) 
+
+HAVE_PSELECT
+   If your C library implements pselect, define this.
+
+HAVE_PF_PACKET
+   If your OS implements packet sockets, define this. 
+
+HAVE_BPF
+   If your OS implements Berkeley PAcket filter, define this.
+
+NOTES:
+   For Linux you should define 
+      HAVE_LINUX_IPV6_PROC 
+      HAVE_GETOPT_LONG
+      HAVE_RANDOM
+      HAVE_DEV_RANDOM
+      HAVE_DEV_URANDOM
+      HAVE_PF_PACKET
+   you should NOT define 
+      HAVE_ARC4RANDOM
+      HAVE_SOCKADDR_SA_LEN
+
+   For *BSD systems you should define 
+     HAVE_SOCKADDR_SA_LEN
+     HAVE_RANDOM
+     HAVE_BPF
+   you should NOT define  
+     HAVE_LINUX_IPV6_PROC 
+   and you MAY define  
+     HAVE_ARC4RANDOM - OpenBSD and FreeBSD 
+     HAVE_DEV_URANDOM - OpenBSD and FreeBSD
+     HAVE_DEV_RANDOM - FreeBSD (OpenBSD with hardware random number generator)
+     HAVE_GETOPT_LONG - only if you link GNU getopt. 
+
+*/
+
+/* Must preceed __linux__ since uClinux defines __linux__ too. */
+#if defined(__uClinux__) || defined(__UCLIBC__)
+#undef HAVE_LINUX_IPV6_PROC
+#define HAVE_GETOPT_LONG
+#undef HAVE_ARC4RANDOM
+#define HAVE_RANDOM
+#define HAVE_DEV_URANDOM
+#define HAVE_DEV_RANDOM
+#define HAVE_PF_PACKET
+#undef HAVE_SOCKADDR_SA_LEN
+#undef HAVE_PSELECT
+/* Don't fork into background on uClinux */
+#if defined(__uClinux__)
+#  define NO_FORK
+#endif
+
+/* libc5 - must precede __linux__ too */
+/* Note to build a libc5 binary on a modern Debian system:
+   install the packages altgcc libc5 and libc5-altdev 
+   then run "make CC=i486-linuxlibc1-gcc" */
+/* Note that compling dnsmasq 2.x under libc5 and kernel 2.0.x
+   is probably doomed - no packet socket for starters. */
+#elif defined(__linux__) && \
+      defined(_LINUX_C_LIB_VERSION_MAJOR) && \
+      (_LINUX_C_LIB_VERSION_MAJOR == 5 )
+#undef HAVE_IPV6
+#undef HAVE_LINUX_IPV6_PROC
+#define HAVE_GETOPT_LONG
+#undef HAVE_ARC4RANDOM
+#define HAVE_RANDOM
+#define HAVE_DEV_URANDOM
+#define HAVE_DEV_RANDOM
+#undef HAVE_PF_PACKET
+#undef HAVE_SOCKADDR_SA_LEN
+#undef HAVE_PSELECT
+/* Fix various misfeatures of libc5 headers */
+#define T_SRV 33 
+typedef unsigned long in_addr_t; 
+typedef size_t socklen_t;
+
+/* This is for glibc 2.x */
+#elif defined(__linux__)
+#define HAVE_LINUX_IPV6_PROC
+#define HAVE_GETOPT_LONG
+#undef HAVE_ARC4RANDOM
+#define HAVE_RANDOM
+#define HAVE_DEV_URANDOM
+#define HAVE_DEV_RANDOM
+#undef HAVE_SOCKADDR_SA_LEN
+#define HAVE_PSELECT
+#define HAVE_PF_PACKET
+/* glibc < 2.2  has broken Sockaddr_in6 so we have to use our own. */
+/* glibc < 2.2 doesn't define in_addr_t */
+#if defined(__GLIBC__) && (__GLIBC__ == 2) && \
+    defined(__GLIBC_MINOR__) && (__GLIBC_MINOR__ < 2)
+typedef unsigned long in_addr_t; 
+#if defined(HAVE_IPV6)
+#   define HAVE_BROKEN_SOCKADDR_IN6
+#endif
+#endif
+
+#elif defined(__FreeBSD__) || defined(__OpenBSD__)
+#undef HAVE_LINUX_IPV6_PROC
+#undef HAVE_GETOPT_LONG
+#define HAVE_ARC4RANDOM
+#define HAVE_RANDOM
+#define HAVE_DEV_URANDOM
+#define HAVE_SOCKADDR_SA_LEN
+#undef HAVE_PSELECT
+#define HAVE_BPF
+
+#elif defined(__APPLE__)
+#undef HAVE_LINUX_IPV6_PROC
+#undef HAVE_GETOPT_LONG
+#define HAVE_ARC4RANDOM
+#define HAVE_RANDOM
+#define HAVE_DEV_URANDOM
+#define HAVE_SOCKADDR_SA_LEN
+#undef HAVE_PSELECT
+#define HAVE_BPF
+/* Define before sys/socket.h is included so we get socklen_t */
+#define _BSD_SOCKLEN_T_
+/* The two below are not defined in Mac OS X arpa/nameserv.h */
+#define IN6ADDRSZ 16
+#define T_SRV 33
+ 
+#elif defined(__NetBSD__)
+#undef HAVE_LINUX_IPV6_PROC
+#undef HAVE_GETOPT_LONG
+#undef HAVE_ARC4RANDOM
+#define HAVE_RANDOM
+#undef HAVE_DEV_URANDOM
+#undef HAVE_DEV_RANDOM
+#define HAVE_SOCKADDR_SA_LEN
+#undef HAVE_PSELECT
+#define HAVE_BPF
+ 
+/* env "LIBS=-lsocket -lnsl" make */
+#elif defined(__sun) || defined(__sun__)
+#undef HAVE_LINUX_IPV6_PROC
+#undef HAVE_GETOPT_LONG
+#undef HAVE_ARC4RANDOM
+#define HAVE_RANDOM
+#undef HAVE_DEV_URANDOM
+#undef HAVE_DEV_RANDOM
+#undef HAVE_SOCKADDR_SA_LEN
+#undef HAVE_PSELECT
+#define HAVE_BPF
+#endif
+
+
+

src/dhcp.c

+/* dnsmasq is Copyright (c) 2000-2003 Simon Kelley
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+*/
+
+/* Author's email: simon@thekelleys.org.uk */
+
+#include "dnsmasq.h"
+
+void dhcp_packet(struct dhcp_context *context, char *packet, 
+		 struct dhcp_opt *dhcp_opts, struct dhcp_config *dhcp_configs, 
+		 time_t now, char *namebuff, char *domain_suffix,
+		 char *dhcp_file, char *dhcp_sname, 
+		 struct in_addr dhcp_next_server)
+{
+  struct udp_dhcp_packet *rawpacket = (struct udp_dhcp_packet *) packet;
+  struct dhcp_packet *mess = (struct dhcp_packet *)&rawpacket->data;
+  int sz, newlen;
+
+  sz = recvfrom(context->fd, &rawpacket->data, 
+		PACKETSZ - (sizeof(struct ip) + sizeof(struct udphdr)),
+		0, NULL, 0);
+  if ((unsigned int)sz > (sizeof(*mess) - sizeof(mess->options)))
+    {
+      lease_prune(NULL, now); /* lose any expired leases */
+      newlen = dhcp_reply(context, mess, sz, now, namebuff, dhcp_opts, 
+			  dhcp_configs, domain_suffix, dhcp_file,
+			  dhcp_sname, dhcp_next_server );
+      lease_update_dns(0);
+	  
+      if (newlen != 0)
+	{
+	  int broadcast = ntohs(mess->flags) & 0x8000;
+	  
+	  /* newlen -ve forces broadcast */
+	  if (newlen < 0)
+	    {
+	      broadcast = 1;
+	      newlen = -newlen;
+	    }
+	  
+	  if (mess->giaddr.s_addr || mess->ciaddr.s_addr)
+	    {
+	      /* To send to BOOTP relay or configured client, use 
+		 the IP packet */
+	      
+	      struct sockaddr_in dest;
+	      dest.sin_family = AF_INET;
+	      
+	      if (mess->giaddr.s_addr)
+		{
+		  dest.sin_port = htons(DHCP_SERVER_PORT);
+		  dest.sin_addr = mess->giaddr; 
+		}
+	      else
+		{
+		  dest.sin_port = htons(DHCP_CLIENT_PORT);
+		  dest.sin_addr = mess->ciaddr;
+		}
+	      
+	      sendto(context->fd, mess, newlen, 0, (struct sockaddr *)&dest, sizeof(dest));
+	    }
+	  else
+	    {
+	      /* Hairy stuff, packet either has to go to the
+		 net broadcast or the destination can't reply to ARP yet,
+		 but we do know the physical address. 
+		 Build the packet by steam, and send directly, bypassing
+		 the kernel IP stack */
+	      
+	      u32 i, sum;
+#ifdef HAVE_PF_PACKET
+	      struct sockaddr_ll dest;
+	      
+	      dest.sll_family = AF_PACKET;
+	      dest.sll_halen =  ETHER_ADDR_LEN;
+	      dest.sll_ifindex = context->ifindex;
+	      dest.sll_protocol = htons(ETHERTYPE_IP);
+	      
+	      if (broadcast)
+		{
+		  memset(dest.sll_addr, 255,  ETHER_ADDR_LEN);
+		  rawpacket->ip.ip_dst.s_addr = INADDR_BROADCAST;
+		}
+	      else
+		{
+		  memcpy(dest.sll_addr, mess->chaddr, ETHER_ADDR_LEN); 
+		  rawpacket->ip.ip_dst.s_addr = mess->yiaddr.s_addr;
+		}
+#endif
+
+#ifdef HAVE_BPF	      
+	      struct ether_header header;
+	      struct iovec iov [2];
+
+	      header.ether_type = htons(ETHERTYPE_IP);
+	      memcpy(header.ether_shost, context->hwaddr, ETHER_ADDR_LEN);
+	      
+	      if (broadcast)
+		{
+		  memset(header.ether_dhost, 255, ETHER_ADDR_LEN);
+		  rawpacket->ip.ip_dst.s_addr = INADDR_BROADCAST;
+		}
+	      else
+		{
+		  memcpy(header.ether_dhost, mess->chaddr, ETHER_ADDR_LEN); 
+		  rawpacket->ip.ip_dst.s_addr = mess->yiaddr.s_addr;
+		}
+#endif
+
+	      rawpacket->ip.ip_p = IPPROTO_UDP;
+	      rawpacket->ip.ip_src.s_addr = context->serv_addr.s_addr;
+	      rawpacket->ip.ip_len = htons(sizeof(struct ip) + 
+					    sizeof(struct udphdr) +
+					    newlen) ;
+	      rawpacket->ip.ip_hl = sizeof(struct ip) / 4;
+	      rawpacket->ip.ip_v = IPVERSION;
+	      rawpacket->ip.ip_tos = 0;
+	      rawpacket->ip.ip_id = htons(0);
+	      rawpacket->ip.ip_off = htons(0x4000); /* don't fragment */
+	      rawpacket->ip.ip_ttl = IPDEFTTL;
+	      rawpacket->ip.ip_sum = 0;
+	      for (sum = 0, i = 0; i < sizeof(struct ip) / 2; i++)
+		sum += ((u16 *)&rawpacket->ip)[i];
+	      while (sum>>16)
+		sum = (sum & 0xffff) + (sum >> 16);  
+	      rawpacket->ip.ip_sum = (sum == 0xffff) ? sum : ~sum;
+	      
+	      rawpacket->udp.uh_sport = htons(DHCP_SERVER_PORT);
+	      rawpacket->udp.uh_dport = htons(DHCP_CLIENT_PORT);
+	      ((u8 *)&rawpacket->data)[newlen] = 0; /* for checksum, in case length is odd. */
+	      rawpacket->udp.uh_sum = 0;
+	      rawpacket->udp.uh_ulen = sum = htons(sizeof(struct udphdr) + newlen);
+	      sum += htons(IPPROTO_UDP);
+	      for (i = 0; i < 4; i++)
+		sum += ((u16 *)&rawpacket->ip.ip_src)[i];
+	      for (i = 0; i < (sizeof(struct udphdr) + newlen + 1) / 2; i++)
+		sum += ((u16 *)&rawpacket->udp)[i];
+	      while (sum>>16)
+		sum = (sum & 0xffff) + (sum >> 16);
+	      rawpacket->udp.uh_sum = (sum == 0xffff) ? sum : ~sum;
+
+#ifdef HAVE_PF_PACKET	      
+	      sendto(context->rawfd, rawpacket, ntohs(rawpacket->ip.ip_len), 
+		     0, (struct sockaddr *)&dest, sizeof(dest));
+#endif
+
+#ifdef HAVE_BPF
+	      iov[0].iov_base = (char *)&header;
+	      iov[0].iov_len = sizeof(struct ether_header);
+	      iov[1].iov_base = (char *)rawpacket;
+	      iov[1].iov_len = ntohs(rawpacket->ip.ip_len);
+	      writev(context->rawfd, iov, 2);
+#endif	      
+	    }
+	}
+    }
+}
+
+int address_available(struct dhcp_context *context, struct in_addr taddr)
+{
+  /* Check is an address is OK for this network, ie
+     within allowable range and not in an existing lease */
+  
+  unsigned int addr, start, end;
+  
+  addr = ntohl(taddr.s_addr);
+  start = ntohl(context->start.s_addr);
+  end = ntohl(context->end.s_addr);
+
+  if (addr < start)
+    return 0;
+
+  if (addr > end)
+    return 0;
+
+  if (lease_find_by_addr(taddr))
+    return 0;
+  
+  return 1;
+}
+
+int address_allocate(struct dhcp_context *context, struct dhcp_config *configs,
+		     struct in_addr *addrp)   
+{
+  /* Find a free address: exlude anything in use and anything allocated to
+     a particular hwaddr/clientid/hostname in our configuration */
+
+  struct dhcp_config *config;
+  struct in_addr start = context->last;
+  
+  do {
+    if (context->last.s_addr == context->end.s_addr)
+      context->last = context->start;
+    else
+      context->last.s_addr = htonl(ntohl(context->last.s_addr) + 1);
+
+    
+    if (!lease_find_by_addr(context->last))
+      {
+	for (config = configs; config; config = config->next)
+	  if (config->addr.s_addr == context->last.s_addr)
+	    break;
+	
+	if (!config)
+	  {
+	    *addrp = context->last;
+	    return 1;
+	  }
+      }
+  } while (context->last.s_addr != start.s_addr);
+  
+  return 0;
+}
+
+static int is_addr_in_context(struct dhcp_context *context, struct dhcp_config *config)
+{
+  if (!context)
+    return 1;
+  if (config->addr.s_addr == 0)
+    return 1;
+  if ((config->addr.s_addr & context->netmask.s_addr) == (context->start.s_addr & context->netmask.s_addr))
+    return 1;
+  
+  return 0;
+}
+
+struct dhcp_config *find_config(struct dhcp_config *configs,
+				struct dhcp_context *context,
+				unsigned char *clid, int clid_len,
+				unsigned char *hwaddr, char *hostname)
+{
+  struct dhcp_config *config; 
+  
+  if (clid_len)
+    for (config = configs; config; config = config->next)
+      {
+	if (config->clid_len == clid_len && 
+	    memcmp(config->clid, clid, clid_len) == 0 &&
+	    is_addr_in_context(context, config))
+	  return config;
+	
+	/* dhcpcd prefixes ASCII client IDs by zero which is wrong, but we try and
+	   cope with that here */
+	if (*clid == 0 && config->clid_len == clid_len-1  &&
+	    memcmp(config->clid, clid+1, clid_len-1) == 0 &&
+	    is_addr_in_context(context, config))
+	  return config;
+      }
+    
+  for (config = configs; config; config = config->next)
+    if (memcmp(config->hwaddr, hwaddr, ETHER_ADDR_LEN) == 0 &&
+	is_addr_in_context(context, config))
+      return config;
+  
+  if (hostname)
+    for (config = configs; config; config = config->next)
+      if (config->hostname && strcmp(config->hostname, hostname) == 0 &&
+	  is_addr_in_context(context, config))
+	return config;
+  
+  return NULL;
+}
+
+      
+