After talking about a DDOS attack that I saw in my logs with my friend, I decided to log received bytes and sent bytes. Much useless typing for this but I got it.

* make everything prettier (KNF) * OpenSMTPD is taken as an example here for prototypes * grooming these was a lot of hard work...

* remove old Berkeley DB code, by now we're committed fully to Berkeley DB versions 4.6 and higher (as long as it's below version 6 which has license changes I read).

* NAPTR (RFC 2915) support * while there I did some checking against replysize for large packets in reply_* instead of UDP_MAXSIZE * the NAPTR pointers take up 20KB more per record, so if you got 200 records your database will grow by roughly 4 MB

* Fix up some previous made mistakes regarding EDNS0 * This should _hopefully_ complete EDNS0 support (receive and send) * relevant RFC's are RFC 6891 and RFC3225

* add filtering capability, this is like recurse and will traverse a singly linked list everytime a connect or received packet is made. I'm hoping on revisiting this some day. Thanks to the guys that were abusing/scanning my dns server. * rename some variables around the queue(3) macros that I used for singly linked lists. They should have less confusing reuse of names. I did this in search for a bug that is possibly caused by OpenBSD-current which I currently use as my main developing workstation. * add a sample filter entry in example8.conf Tested to work on OpenBSD 5.5-stable

* This fixes a bug with ANY and AXFR SSHFP, thanks copy and paste!

* SSHFP support (RR# 44) RFC 4255 This supports SHA1 and SHA256 fingerprints * instead of replying from an area on the stack, move it to the heap This fixes truncation between udp and tcp queries. Tested on OpenBSD

* fix any and axfr's for SPF records tested on OpenBSD

* SPF (RR 99) rfc 4408 support tested on OpenBSD

* reflect the year 2014 in the Copyright

* add a debug and verbose flag (-d and -v) * document these along with -r which is recursive mode, which is still broken * add a dolog() function which replaces syslog and printf. In debug mode messages will be printed in the foreground and with verbose option show the parsing logic of the configfile. * replace all syslog() with dolog() tested in debug mode on OpenBSD/amd64

* update my copyright to include the year 2013

* SRV RR support The srv configfile sample would look like this: ; srv record test,srv,3600,0,0,0,. The first three values after the TTL are in order, priority, weight and port followed by a domain name. Much of this code is based on reply_mx() so any bugs carried over would be carried over. Tested and compiled on OpenBSD/amd64

Change to berkeley db 4.6+, this allows us to use shared sysv memory needed to have multiple server instances that do recursing. The database is now on disk with this change, with a 260KB (default) SYSV shared memory cache. The cache size can be tweaked with the newly added -c flag. The OS has upper limits for SYSV shared memory though and the -c value must account for 25% more for internal purposes. Revert db.h struct domain to static arrays instead of pointers, this is necessary because we want to use shared memory between the database. This reverts revision 1.13 of db.h which was commited on Sun Mar 28 20:18:26 2010 UTC. So far wildcarddnsd has been extremely stable with the pointers, I'm hoping we'll get this much stability back. Added passive AXFR code. The axfr server does NOT bind to port 53 but rather another port, luckily that is configurable with other nameservers like BIND9. BIND nameservers wanting to make use of a wildcarddnsd master should turn IXFR queries off. Fix a small error that would bring wildcarddnsd to a SIGSEGV due to doing an FD_ISSET() on a non-descriptor. This only happens when one doesn't have the logging system turned on so it took a while for me to find it. Added the -n flag which allows multiple forked copies of wdnsd to be started. This is similar to how apache 1.3 web server does it.

* when a slave dies it will signal to the master that it died which then will bring all the other slaves down. It polls every second for this via shared memory (anonymous mmap).

* bump copyright date to include 2011

* any RR support to the fullest compiles on OpenBSD and responds on OpenBSD with conf file example1.conf

* more Any replies, NS this time, additional records aren't going to be copied over on these... compiles on OpenBSD and tested (example1.conf & example7.conf)

* more ANY RR support (SOA this time) * fix for making wildcards work and bailout before a buffer gets overflowed (will return a truncated dns reply) tested on OpenBSD

* do AAAA records for any query compiles and replies on OpenBSD

* The ANY type support per request by Alexander Dzuba. * this type only supports A RR's for now and needs testing, first commit in a series. compiles on OpenBSD, replies to any requests

* make linux compile with the new IPv6 code compiles on OpenSuse 10.3

* make IPv6 queries work tested on OpenBSD

* IPv6 recurse code, broken at the moment compiles on OpenBSD Wildcarddnsd has surpassed 10,000 lines of C code with this commit.