Commits


we now rely on libressl 2.0.5, one must download this if using linux and make it (takes about an hour on the raspberry pi) this is better though than having to maintain a utility for arc4random which portably is hard to get right, just let libressl take care of that. We also fix the Mac OS X port with this. At least it compiles now.


* Makefile updates for including the manpage wildcarddns.conf(5) for NetBSD (untested) and FreeBSD (tested)


* add whitelisting * this mode is based on the filter which is a blacklist. * whitelist assumes everything as denied and opens access to listed ip ranges. * while there fix filtering for tcp6 which was broken


* add a defineable ratelimit between 1 and 127 packets per second per a 16 bit hash of IP (IPv4 and IPv6). * example configuration is in example8.conf where it's 6 packets per second. * this will add memory to the order of 65536 * (((pps * 2) * 8) + 1) so 12 pps would be 12648448 bytes of shared memory added... * also there is a race that I know about in the adding of a packet to the backlog, but I don't use the -n flag in production so it's limited compiles and tested on OpenBSD 5.5


* add filtering capability, this is like recurse and will traverse a singly linked list everytime a connect or received packet is made. I'm hoping on revisiting this some day. Thanks to the guys that were abusing/scanning my dns server. * rename some variables around the queue(3) macros that I used for singly linked lists. They should have less confusing reuse of names. I did this in search for a bug that is possibly caused by OpenBSD-current which I currently use as my main developing workstation. * add a sample filter entry in example8.conf Tested to work on OpenBSD 5.5-stable


* move FreeBSD to Berkeley DB version 5 * my plan is to standardize around this version for all the platforms (linux port already had this version), we'll have to see what OpenBSD 5.5 comes with


* Anyone still using FreeBSD 7 in 2014 should get their head examined * remove freebsd7 and freebsd8 makefiles and add a Makefile.freebsd Not tested, it should just work.