Commits


* make wildcarddnsd compile on Mac OS X with default privileges of "nobody" * indicate install instructions for Mac OS X Yosemite (10.10)


we now rely on libressl 2.0.5, one must download this if using linux and make it (takes about an hour on the raspberry pi) this is better though than having to maintain a utility for arc4random which portably is hard to get right, just let libressl take care of that. We also fix the Mac OS X port with this. At least it compiles now.


* add whitelisting * this mode is based on the filter which is a blacklist. * whitelist assumes everything as denied and opens access to listed ip ranges. * while there fix filtering for tcp6 which was broken


* add a defineable ratelimit between 1 and 127 packets per second per a 16 bit hash of IP (IPv4 and IPv6). * example configuration is in example8.conf where it's 6 packets per second. * this will add memory to the order of 65536 * (((pps * 2) * 8) + 1) so 12 pps would be 12648448 bytes of shared memory added... * also there is a race that I know about in the adding of a packet to the backlog, but I don't use the -n flag in production so it's limited compiles and tested on OpenBSD 5.5


* fix linux and macosx Makefile * fix use of SLIST_FOREACH macros on BSD with SLIST_FOREACH_SAFE, many many thank yous to Otto Moerbeek of OpenBSD in helping hint that there is a use after free involved and offering hints on how to fix. This fixes W on OpenBSD-current (5.5-current). Tested on OpenBSD-current, FreeBSD 10 Compiles on Linux Raspbian


* add filtering capability, this is like recurse and will traverse a singly linked list everytime a connect or received packet is made. I'm hoping on revisiting this some day. Thanks to the guys that were abusing/scanning my dns server. * rename some variables around the queue(3) macros that I used for singly linked lists. They should have less confusing reuse of names. I did this in search for a bug that is possibly caused by OpenBSD-current which I currently use as my main developing workstation. * add a sample filter entry in example8.conf Tested to work on OpenBSD 5.5-stable


* we don't have parse.c anymore, replace it with a yacc file (parse.y) * also update examples to version 6


* Mac OS X support from Mecca on Efnet. I tweaked this a little so that it compiles against MacPorts Berkeley DB 4.8. Also I reflected the change in the README. compiles on Mac OS X does not run but could be due to sandboxing/ACL's? I could really need someone good with Mac OS X to look over this and fix it and send patches to me. -pjp


* add logging support, a syslog like service that allows one daemon to contact another wildcarddnsd daemon and send it its log, I like this because it aggregates all logs to a dns system. I had this running in production for a day now and it seems to be stable. Here is a sample log entry: logging "these hosts" { logbind yes; loghost ::1; logport 19999; logpasswd peter; } This particular one binds and is a listener, to be a logger leave the logbind out. * Also cleaned up mainloop() somewhat, using recvfrom() with a struct sockaddr caused some corruption in the buf array and recvmsg() would complain and nothing worked anymore. That is ironed out and I have also added a struct cfg to be passing to mainloop() since arguments to mainloop are growing with new ideas and functionality, this keeps the argument rather compacted. Also cfg is calloc'ed and resides on the heap. * adjust Makefiles, but not tested on any other than OpenBSD and FreeBSD 7.3


* compiles and runs on Mac OS X 10.3.9


* macosx makefile, this hasn't been tested though