Commit Briefs


pjp

Remove root hints file which offers a great amplification for reflection

attacks. Whoever used my servers for this, go to hell, you know who you are. This section will be reinstated after recursing works, which may be never.


pjp

Log TCP bytes as well...



pjp

After talking about a DDOS attack that I saw in my logs with my friend, I

decided to log received bytes and sent bytes. Much useless typing for this but I got it.


pjp

Linux MINT needs to apt-get install build-essential, in order to build

libressl, other than that it works like the others


pjp

instead of setproctitle()'ing "wildcarddnsd master on port %u" just display

"wildcarddnsd master" as we don't know the port yet when it's defined in the later checked configfile. So DONT LIE if it differs.



pjp

* move todo for 0.9.0 away, I probably won't have the time to finish these

things. They are just more on my plate for 1.0.0



pjp

we now rely on libressl 2.0.5, one must download this if using linux and make

it (takes about an hour on the raspberry pi) this is better though than having to maintain a utility for arc4random which portably is hard to get right, just let libressl take care of that. We also fix the Mac OS X port with this. At least it compiles now.




pjp

* Makefile updates for including the manpage wildcarddns.conf(5) for

NetBSD (untested) and FreeBSD (tested)


pjp

* add a wildcarddns.conf(5) manpage, this is incomplete but a good start

perhaps someone wants to complete this?







pjp

* add whitelisting

* this mode is based on the filter which is a blacklist. * whitelist assumes everything as denied and opens access to listed ip ranges. * while there fix filtering for tcp6 which was broken


pjp

* make everything prettier (KNF)

* OpenSMTPD is taken as an example here for prototypes * grooming these was a lot of hard work...




pjp

* remove old Berkeley DB code, by now we're committed fully to Berkeley DB

versions 4.6 and higher (as long as it's below version 6 which has license changes I read).