Re: [Dnsmasq-discuss] EDNS passthrough

On 28/01/2025 19:28, Philip Rowlands wrote: Hello, Not a bug report so much as a query; why does dnsmasq not eagerly attempt to use EDNS when talking to upstream resolvers? Quoting https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg10449.html : EDNS (in this c

Re: [Dnsmasq-discuss] iface_enumerate does not compile with gcc 15

On 1/23/25 11:29, Petr Menšík wrote: Hello everyone! Fedora just changed to gcc 15 in upcoming Fedora 42. And it seems dnsmasq is not able to compile [1][2] with the new compiler, like it could before. Example error is: dhcp.c: In function ‘dhcp_packet’: dhcp.c:320:49: error: passing argum

Re: [Dnsmasq-discuss] trouble with conflicting DNS resolution on MacOS

On 1/21/25 22:30, Bernd Prager wrote: On 1/11/25 5:35 AM, wkitt...@gmail.com wrote: On 1/10/25 6:49 PM, Bernd Prager wrote: When I do the same from the MacBook I get no related log entries at all. could it be doing DNS-over-HTTPS? For anyone facing a similar issue, I found the hint for m

[Dnsmasq-discuss] Test releases.

I tagged and pushed 2.91test9. I'm hoping to go to a release candidate next, so now would be a really good time to download the latest code and give it a spin. Cheers, Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk

Re: [Dnsmasq-discuss] DNSSEC in dnsmasq's parent zone

On 1/20/25 10:32, Uwe Kleine-König wrote: It was ignored. The logic is somewhat tortuous, but it goes like this. The server=/kleine-koenig.org/192.168.128.3 is not available for queries which need DNSSEC validation; a DS query always needs DNSSEC validation, so it doesn't get sent to 192.168.1

Re: [Dnsmasq-discuss] DNSSEC in dnsmasq's parent zone

On 1/19/25 16:48, Uwe Kleine-König wrote: Hello Simon, On Sun, Jan 19, 2025 at 12:07:25AM +, Simon Kelley wrote: On 1/18/25 21:56, Uwe Kleine-König wrote: Anyhow, I'll investigate how to update dnsmasq on my OpenWrt machine with your patch and report back. Thanks. I did some

Re: [Dnsmasq-discuss] DNSSEC in dnsmasq's parent zone

On 1/18/25 21:56, Uwe Kleine-König wrote: Hello Simon, On 1/18/25 16:06, Simon Kelley wrote: I'm having a little difficulty understanding exactly what's going on in your description, but I think I understand the underlying problem, and I've demonstrated it and fixed it here

Re: [Dnsmasq-discuss] DNSSEC in dnsmasq's parent zone

I'm having a little difficulty understanding exactly what's going on in your description, but I think I understand the underlying problem, and I've demonstrated it and fixed it here, so I'm hoping it will fix your case too. What causes the problem is that when dnsmasq gets a query in forwarder

Re: [Dnsmasq-discuss] One Request to Flush Them All

On 08/01/2025 21:34, Gilad Moav wrote: another weird one: just did a quick `dig tcp3.sub.mov.lat +tcp` which only has 1 A RR. it successfully resolved and forwarded, but it doesn't show in the cache. What release are you testing? Releases before 2.81 didn't insert RRs from TCP queries into th

Re: [Dnsmasq-discuss] [PATCH] Improve "chown of PID file failed" message for missing CAP_CHOWN

Patch applied. Thanks. Also manpage typo fix. Cheers, Simon. On 06/01/2025 14:44, Andrew Sayers wrote: Print a specific INFO message instead of a generic WARNING message, so users aren't inconvenienced and maintainers know what to do. Debian currently runs this service as part of NetworkMa

Re: [Dnsmasq-discuss] One Request to Flush Them All

On 02/01/2025 11:50, Gilad Moav wrote: Hi, I wanted to share an observation regarding Dnsmasq's cache behavior that might warrant attention. It seems that if a DNS response exceeds the configured cache size, issuing a new DNS request causes Dnsmasq to flush its entire cache. This behavior is

Re: [Dnsmasq-discuss] v2.91test1 compile failure on FreeBSD

On 29/12/2024 23:04, Matthias Andree via Dnsmasq-discuss wrote: I think the previous RR_IMDATALEN expression is fine as long as you #include before its first use, and as along as you won't coin your own version of offsetof, of which I don't know a conforming/portable way. dnsmasq.h ~includ

Re: [Dnsmasq-discuss] v2.91test1 compile failure on FreeBSD

On 22/12/2024 10:44, Matthias Andree via Dnsmasq-discuss wrote: Am 20.12.24 um 22:16 schrieb Simon Kelley: On 12/20/24 12:27, Matthias Andree via Dnsmasq-discuss wrote: Simon, I cannot compile v2.91test1 on FreeBSD 14.2, errors below. (Neither tarball nor Git compile.) (2nd to last shown

Re: [Dnsmasq-discuss] Request for a new release

We're into the "test release" phase. I guess sometime in January would be likely for a stable release. Cheers, Simon. On 11/19/24 18:23, Jay Faulkner wrote: Hi, I was wondering if you would mind cutting a release that includes this patch: https://thekelleys.org.uk/gitweb/? p=dnsmasq.git;a=

Re: [Dnsmasq-discuss] [PATCH] dhcp-host option: error out on multiple host names

we can no longer specify hosts with extra arguments, e.g., the "infinite" in dhcp-host=AA:BB:CC:DD:EE:FF,192.168.1.5,server,infinite Best, Dominik On 02.12.24 00:53, Simon Kelley wrote: Patch applied. Thanks for your contribution! Cheers, Simon. On 11/27/24 12:40, Reynir Björn

Re: [Dnsmasq-discuss] [PATCH v1] Fix dependency in make install target

Applied. Sorry for the delay. Cheers, Simon. On 10/16/23 11:02, Olaf Hering wrote: The make target 'install-common' expects results from the target 'all'. A 'make -j install' may fail because both targets are brought up-to-todate in parallel. As a result the final binary will not exist at the

Re: [Dnsmasq-discuss] v2.91test1 compile failure on FreeBSD

On 12/20/24 12:27, Matthias Andree via Dnsmasq-discuss wrote: Simon, I cannot compile v2.91test1 on FreeBSD 14.2, errors below. (Neither tarball nor Git compile.) (2nd to last shown errors). Patch attached, should be fine with git-am. Patch applied, thanks. Adding multiple unions with va

Re: [Dnsmasq-discuss] Bug report

I don't think that this configuration makes sense. --bind-dynamic means listen on all the addresses associated with specified interfaces and all specified addresses 0.0.0.0 is the wildcard address: the kernel won't let you bind the wildcard address AND a specific address at the same port. I

Re: [Dnsmasq-discuss] relay packets black hole

You know when something keeps nagging in the back of your mind.. https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=5a1f2c577db58ea47727f1b6900c0be25e6db205 Cheers, Simon. On 12/3/24 21:00, Simon Kelley wrote: On 12/3/24 09:26, oss.gr...@omnilan.de wrote: On 2024-12-03

Re: [Dnsmasq-discuss] relay packets black hole

On 12/3/24 09:26, oss.gr...@omnilan.de wrote: On 2024-12-03 10:07, oss.gr...@omnilan.de wrote: ... As soon as I add/uncomment *my actual config, no client is able to acquire a lease*. dhcp-relay=172.17.146.10,172.17.128.253 dhcp-proxy=172.17.146.10     startuplog dnsmasq-dhcp[13148]: DHCP

Re: [Dnsmasq-discuss] [PATCH] GCC-15, C23 compatibility and -Wincompatible-pointer-types errors

This is a good fix. The new syntax makes my eyes cross, but I guess we can't hang on to C89 forever Patch applied. Cheers, Simon. On 12/1/24 05:48, gen2dev--- via Dnsmasq-discuss wrote: A bug in gentoo linux https://bugs.gentoo.org/945183 reported that dnsmasq 2.90 fails to compile

Re: [Dnsmasq-discuss] [PATCH] dhcp-host option: error out on multiple host names

Patch applied. Thanks for your contribution! Cheers, Simon. On 11/27/24 12:40, Reynir Björnsson wrote: Please find below a patch that will error out on multiple host names passed to --dhcp-host. Please also excuse me if I am making mistakes as this is the first time I try to contribute to dn

Re: [Dnsmasq-discuss] [PATCH] dhcp-host option: error out on multiple host names

On 11/27/24 14:11, Ercolino de Spiacico wrote: In my opinion, multiple hostnames should be accepted. The way to do this is with cnames: dhcp-host=CE:BA:38:E3:7B:DF,nas-2024 cname=nas,nas-2024 Cheers, Simon. ___ Dnsmasq-discuss mailing list Dns

[Dnsmasq-discuss] Code dump.

I just synced the public git to my personal git repo, and there are quite a few commits. Apologies for the dump. Most of the changes are fairly inconsequential or follow naturally from the big enhancement. The big change is the handling of truncation in the DNS system. In principle, this is

Re: [Dnsmasq-discuss] BUG Segfault when adding ethers entry via dBus and no dhcp-range is configured - debian version 2.89-1

I'd be curious about that too, but I think the fundamental problem here is probably that the Dbus interface code doesn't take into account that the DHCP subsystem may not have been initialised at all: If there's no --dhcp-range statement at all, then it won't have been initialised, and the dBu

Re: [Dnsmasq-discuss] [PATCH 1/1] forward.c: fix handling of truncated response

t.gov is (DNSSEC signed) dnsmasq: UDP 1 ::1/41670 reply ntp1.glb.nist.gov is 132.163.96.3 (DNSSEC signed) On 10/2/24 21:34, Simon Kelley wrote: On 02/10/2024 17:00, Dominik Derigs via Dnsmasq-discuss wrote: Hey all, having this configurable makes sense particularly thinking abou

Re: [Dnsmasq-discuss] [PATCH 1/1] forward.c: fix handling of truncated response

sq-discuss wrote: Hi Simon, So what do you think of my reasoning for this patch? Do you agree? Best regards, Rahul Thakur *From:* Rahul Thakur *Sent:* 25 September 2024 15:29 *To:* Simon Kelley ; dnsmasq- disc...@lists.th

Re: [Dnsmasq-discuss] Question on dnsmasq code, which may occur a bad-free

On 21/09/2024 12:08, 胡义臻 wrote: I'm renmingshuai's successor, a beginner with dnsmasq, and this e-mail is follow-up to https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q3/017664.html Question 1: Why do

Re: [Dnsmasq-discuss] [PATCH 1/1] forward.c: fix handling of truncated response

Dnsmasq-discuss wrote: Hi Simon, So what do you think of my reasoning for this patch? Do you agree? Best regards, Rahul Thakur *From:* Rahul Thakur *Sent:* 25 September 2024 15:29 *To:* Simon Kelley ; dnsmasq- disc...@lists.

Re: [Dnsmasq-discuss] Specific treatment of Class C addresses

On 25/09/2024 19:16, Jan Ceuleers wrote: On 25/09/2024 11:06, Simon Kelley wrote: Downsides to this proposed change. 1) Old versions of Windows might break. 2) Newer versions of windows might break - we've not done testing on which do and don't. 3) Other platforms which have mad

Re: [Dnsmasq-discuss] Specific treatment of Class C addresses

Downsides to this proposed change. 1) Old versions of Windows might break. 2) Newer versions of windows might break - we've not done testing on which do and don't. 3) Other platforms which have made the same mistake might break. 4) Dnsmasq installations which unkowningly rely on this behaviour

Re: [Dnsmasq-discuss] [PATCH 1/1] forward.c: fix handling of truncated response

I think that this is legitimate behaviour. RFC 2181 para 9 says Where TC is set, the partial RRSet that would not completely fit may be left in the response. When a DNS client receives a reply with TC set, it should ignore that response, and query again, using a mechanism, such as a

Re: [Dnsmasq-discuss] Forwarding UDP requests to TCP, some other concerns

On 19/08/2024 05:25, Corey Minyard wrote: I've been running with a setup with bind and the ISC DHCP server. It works, but there's one feature it cannot do that dnsmasq can, and I've been looking to simplify my configuration from all that complexity, anyway. I have dnsmasq mostly working, but

Re: [Dnsmasq-discuss] dnsmasq using 100% of cpu

Very suspicious of listen-address=127.0.0.9. Are you sure you've not created a loop where dnsmasq is send queries back to itself? Enabling logging, and/or --dns-loop-detect would be useful. Cheers, Simon. On 5/1/24 23:47, Kenneth Berland wrote: On March 2, 2020 (possibly causing the Pandemic?

Re: [Dnsmasq-discuss] Noisy DHCPv6 DHCPADVERTISE

The message can be important (think a mismatch between the address of the receiving interface and a dhcp-range, so I wouldn't like to suppress it. It might be sensible to detect the situation you have (static range in scope, no host configured) and suppress it then. It's slightly more complica

Re: [Dnsmasq-discuss] DHCPv6 Not Working on Linux 6.6.13

On 28/02/2024 10:29, Robert Sharp wrote: I have been using Dnsmasq for many years and I am now trying to include ipv6. Unfortunately, I cannot seem to get DHCPv6 to work, which I believe I need in order to be able to look up hosts using DNS. My ISP has allocated me with a /48 prefix and I a

Re: [Dnsmasq-discuss] dhcp-script and netboot pi

On 25/02/2024 23:24, Carl Karsten wrote: Either dhcp-script isn't doing what it is expected, or I'd like it to do more. I am netbooting raspberry pi. so some dhcp client in the pi firmware get's an IP and netboot params, then tftp client gets files. the dhcp traffic happens and is shown in

Re: [Dnsmasq-discuss] Fwd: no-ping

capability NET_ADMIN  - --no-ping + --dhcp-broadcast=mgmt: dnsmasq: process is missing required capability NET_ADMIN  - --no-ping + --dhcp-broadcast: works fine Best regards, Martin On Wed, Feb 21, 2024 at 1:07 AM Simon Kelley <mailto:si...@thekelleys.org.uk>> wrote: That woul

Re: [Dnsmasq-discuss] erroneously filtering A records after calling "SetFilterA false" over dbus

On 20/02/2024 19:06, Clayton Craft via Dnsmasq-discuss wrote: Using dnsmasq 2.90 + the patch to fix the infinite loop, it seems like filtering is applied when calling e.g., "SetFilterA false" over dbus. In the script below, the first lookup succeeds but subsequent lookups after the initial appl

Re: [Dnsmasq-discuss] Fwd: no-ping

et_raw = 1; -      need_cap_net_admin = 1; +      if (!option_bool(OPT_NO_PING) || daemon->force_broadcast == NULL || daemon->force_broadcast->list != NULL) +        need_cap_net_admin = 1;  #   endif      } Best regards, Martin On Tue, Feb 20, 2024 at 10:21 AM Simon Kelley <mailto:si...@thekelleys.or

Re: [Dnsmasq-discuss] Similar to bfefd6e38c6e, fix error introduced in 51471cafa5a4

Patch applied. Thanks. Simon. On 20/02/2024 08:32, renmingshuai via Dnsmasq-discuss wrote: From 81ed4df0eb1d70fc1ac5f94b5839f8cb45602ed0 Mon Sep 17 00:00:00 2001 From: renmingshuai Date: Tue, 20 Feb 2024 16:13:11 +0800 Subject: [PATCH] Fix error introduced in 51471cafa5a4fa44d6fe490885d9

Re: [Dnsmasq-discuss] Fwd: no-ping

    link/ether 52:54:00:00:02:01 brd ff:ff:ff:ff:ff:ff     inet10.0.2.1/24 <http://10.0.2.1/24> metric 1024 brd 10.0.2.255 scope global dynamic enp0s3        valid_lft 3525sec preferred_lft 3525sec Best regards, Martin On Tue, Feb 20, 2024 at 1:46 AM Simon Kelley <mailto:si..

Re: [Dnsmasq-discuss] Fwd: no-ping

If you're doing DHCP, even if you're not sending ICMP ping packets, you still need CAP_NET_ADMIN, because the DHCP server has to be able to manipulate the ARP table. I guess you're starting dnsmasq without CAP_NET_ADMIN, dnsmasq is determining that it needs CPA_NET_ADMIN to run the DHCP server

Re: [Dnsmasq-discuss] rr_on_list stuck in infinite loop, dnsmasq unresponsive

Wow, excellent bug report, thank you. Took me straight to the stupid error. src/dbus.c around line 834. The code block controlled by "if (!done)" should include the line "done = 1;" Same thing below for filter . I'll push the patch directly. Cheers, Simon. On 19/02/2024 21:29, Clayton

Re: [Dnsmasq-discuss] rr_on_list stuck in infinite loop, dnsmasq unresponsive

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=89aad014685161318318737dc0e350ee4dae982d should fix this. Simon. On 19/02/2024 23:16, Simon Kelley wrote: Wow, excellent bug report, thank you. Took me straight to the stupid error. src/dbus.c around line 834. The code block

Re: [Dnsmasq-discuss] dhcp-ignore with tags from ranges

On 16/02/2024 13:24, Matthias Lay via Dnsmasq-discuss wrote: Hi List, I am trying to set the *dhcp-ignore* option for a single dhcp-range only. after reading the manpage my setup is like this: dhcp-range=set:8,22.22.22.1,22.22.22.100 dhcp-ignore=tag:8,tag:!known this doesnt seem to work. t

[Dnsmasq-discuss] Announce: dnsmasq-2.90.

I've just released 2.90. The motivation for this a security announcement today of an attack known as keytrap, which is a generic attack on all DNSSEC validators - it's a failure of the specification rather than of the implementations. If DNSSEC validation is enabled, then an attacker who can f

Re: [Dnsmasq-discuss] New option --no-ANY

On 08/02/2024 12:01, Petr Menšík wrote: I do not think this is good approach. One thing is any queries need to be handled by upstream resolver somehow. Whatever it is, dnsmasq will reply whatever upstream resolvers chosen to do that. The only exception is local data, for example authoritative

Re: [Dnsmasq-discuss] DHCPv6 with multiple IA

On 06/02/2024 22:29, Bertrand Jacquin wrote: Hi, As per RFC8415 section 21.6, IA Address option 5 offered by the server specifying (temporary or not) address, may appear more than once so the client can be offered more than one address to use. This is supported by AWS EC2 (aws ec2 assign-ipv

Re: [Dnsmasq-discuss] [PATCH] Easier custom lua version

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=summary On 03/02/2024 08:56, Geert Stappers wrote: On Wed, Jan 24, 2024 at 11:41:57AM +0100, Petr Menšík wrote: Date: Wed, 24 Jan 2024 11:28:38 +0100 Subject: [PATCH] Make lua version more easy to customize If distribution making lua-enabled b

Re: [Dnsmasq-discuss] [PATCH] d/rules: Install D-Bus policy in /usr instead of /etc

On 23/01/2024 19:55, Sven Geuer wrote: On Mon, 2024-01-22 at 12:58 +0100, Gioele Barabucci wrote: On 22/01/24 00:09, Simon Kelley wrote: I've just committed a major overhaul to the Debian packaging which eliminates the very ancient and crusty scripts in favour of debhelper. Debh

Re: [Dnsmasq-discuss] [PATCH] d/rules: Install D-Bus policy in /usr instead of /etc

Thanks for the patch, and apologies for taking so long to reply. I've just committed a major overhaul to the Debian packaging which eliminates the very ancient and crusty scripts in favour of debhelper. Debhelper, predictably, gets this right, so the problem is moot. Cheers, Simon. On 23/

Re: [Dnsmasq-discuss] [PATCH] Minor typo fix in the man page

Patch applied. Thanks. Simon. On 19/10/2023 22:07, Geert Stappers wrote: The manual page had "list or RR-types", changed it into "list of RR-types". Reported-by: Justin --- man/dnsmasq.8 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 index

Re: [Dnsmasq-discuss] [PATCH] Introduce local-service=host specialization

Apologies for the delay. Patch applied. Simon. On 09/01/2024 14:45, Petr Menšík wrote: Kind reminder for this change. There seems to be no opposition for this change. Can it get merged then, please? Cheers, Petr On 12/3/23 19:29, Simon Kelley wrote: Looks sensible to me. Very much in the

Re: [Dnsmasq-discuss] Occasional "communications error", how to diagnose?

On 13/12/2023 15:25, Chris Green wrote: I run dnsmasq version 2.89 on my laptop which is running [x]ubuntu 23.04. I have systemd.resolvd disabled. I'm occasionally seeing the following error when getting a host's IP:- chris$ host homepi ;; communications error to 127.0.0.1#53: tim

Re: [Dnsmasq-discuss] Dnsmasq IPv6 NXDOMAIN issue when using synth-domain for IPv4

The problem is well known, and the solution (rewrite NXDOMAIN replies from upstream to NODATA) has been done for a long time. Unfortunately, an oversight missed out --synth-domain from the code which determines if a query for another rr-type is capable of eliciting an answer and triggers the re

Re: [Dnsmasq-discuss] [PATCH] Introduce local-service=host specialization

Looks sensible to me. Very much in the spirit of the original --local-service option flag. I'm minded to commit this unless anyone has an objection. Simon. On 30/11/2023 17:59, Petr Menšík wrote: Hello! I have sent similar proposal already in year 2021 [1]. But I have reworked that a bit

Re: [Dnsmasq-discuss] Domain not applied correctly when reading DHCP lease file

You're pretty much correct. the code that reads the leases file runs (for good reasons) before the code which looks at the addresses of the local interfaces, so domain configs which are predicated on the interface come out wrong. thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=f1beb79429338

Re: [Dnsmasq-discuss] [PATCH] Add number of forks for TCP to metrics and dump

Looks good. Patch applied. Cheers, Simon. On 24/11/2023 11:13, Damian Sawicki via Dnsmasq-discuss wrote: Hello dnsmasq experts, Following up on the recent addition of the flag --max-tcp-connections, I'd like to propose a patch with monitoring of the number of TCP connections. This way, a

Re: [Dnsmasq-discuss] Does the --interface option to dnsmasq also apply to incoming broadcast DHCP requests?

On 29/11/2023 23:09, Chris Friesen via Dnsmasq-discuss wrote: Hi, I was just wondering whether the --interface and --except-interface options to dnsmasq would also apply to messages like DHCPDISCOVER and DHCPREQUEST which are broadcast to 255.255.255.255. In my particular case I have an ex

Re: [Dnsmasq-discuss] [PATCH] Re: Issues with dnsmasq under NM and domain redirection: REFUSED

On 31/10/2023 16:39, Petr Menšík wrote: I am still not sure what exactly causes this problem, but I have hit it again. I am sure it happens sometimes, when I disconnect from my Lenovo docking station and then connect back to it. Interesting thing I have found is it gets unblocked by sending

Re: [Dnsmasq-discuss] [PATCH] Refuse to start with EADDRINUSE in --bind-dynamic mode

, the only error from bind() that should be ignored is EADDRNOTAVAIL. everything else should be a fatal error during startup or logged once the daemon is running. I've just pushed a patch to that effect. Cheers, Simon. More below... On 11/23/23 13:47, Simon Kelley wrote: That's a

Re: [Dnsmasq-discuss] [PATCH] Refuse to start with EADDRINUSE in --bind-dynamic mode

n dnsmasq is not stopped. In order to investigate you first have to know something unusual has happened. On 23. 11. 23 0:29, Simon Kelley wrote: Isn't this sufficient to fix the problem? Not calling die() when bind-dynamic is set is intended to handle the case that  bind returns EADDRNOTA

Re: [Dnsmasq-discuss] [PATCH] Refuse to start with EADDRINUSE in --bind-dynamic mode

Isn't this sufficient to fix the problem? Not calling die() when bind-dynamic is set is intended to handle the case that bind returns EADDRNOTAVAIL because you've configured --listen-address=1.2.3.4 but there's not a local interface with that address. dnsmasq runs anyway in the expectation th

Re: [Dnsmasq-discuss] runtime error: left shift of 128 by 24 places cannot be represented in type 'int'

Thanks for that. I don't think this bug has any practical effect. If the hash is calculated wrongly, it's only ever compared to another has calculated the same way, so the code will still work as designed. I think that this patch fixes things. Please could you test? https://thekelleys.org.uk/g

Re: [Dnsmasq-discuss] dnsmasq page fault

I just pushed a putative fix. Apologies for missing this. Simon. On 10/11/2023 19:46, e9hack wrote: Hi, I think tcp_init() must be execute outside of if (daemon->port != 0) {}. I've two instances running. The crashing instance acts as dhcp server only. Regards, Hartmut Am 10.11.2023 um 20

Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server

On 18/10/2023 08:58, Luigi Baldoni via Dnsmasq-discuss wrote: Hello, I'm having a hard time making dnsmasq run together with kea-dhcp4-server on the same machine. Even though they listen on different interfaces, the first one prevents the other from starting. With the old isc-dhcp-server,

Re: [Dnsmasq-discuss] DHCPv6 doesn't work on Linux interfaces enslaved to a VRF

On 10/10/2023 11:25, Luci Stanescu wrote: Hi Simon, On 10 Oct 2023, at 00:17, Simon Kelley wrote: I've implemented option 1 here and it's currently running and dogfood on my home network. There are no VRF interfaces there: this is a test mainly to check that nothing breaks. So fa

Re: [Dnsmasq-discuss] [PATCH] Fix DHCPv6 "NotOnlink" response which previously failed to set the message type correctly

Thanks for finding that. https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3868066085f4f73055d303ad2af59ad66245cf27 is basically the same fix, but does logging right. Cheers, Simon. On 10/10/2023 11:23, renmingshuai via Dnsmasq-discuss wrote: My dhclient process received a Confirm me

Re: [Dnsmasq-discuss] DHCPv6 doesn't work on Linux interfaces enslaved to a VRF

On 09/10/2023 11:40, Luci Stanescu wrote: Hi Simon, Thank you for your response and your openness to this issue! My thoughts below, inline (and apologies for the rather long email). On 9 Oct 2023, at 01:05, Simon Kelley wrote: 1) Even if this is a kernel bug, kernel bugs fixes take a long

Re: [Dnsmasq-discuss] [PATCH] Set pointers to NULL after memory is freed

On 08/10/2023 09:44, renmingshuai via Dnsmasq-discuss wrote: Set pointers to NULL after memory is freed to reduce dangling pointers, although they are later set to new values. From 5567d99099191f0cdb2922555e6ade2634f94f30 Mon Sep 17 00:00:00 2001 From: renmingshuai Date: Sun, 8 Oct 2023 16:

Re: [Dnsmasq-discuss] Memory leak for SRV records with TTL=0 in v2.88

On 05/10/2023 16:56, Damian Sawicki via Dnsmasq-discuss wrote: Hello dnsmasq experts, There seems to be a memory leak in v2.88. The reproduction steps are as follows: insert an SRV record with TTL=0 in an upstream DNS server and query dnsmasq for this record. I inserted a record with name "dns

Re: [Dnsmasq-discuss] DHCPv6 doesn't work on Linux interfaces enslaved to a VRF

On 07/10/2023 14:02, Luci Stanescu via Dnsmasq-discuss wrote: Hi, I've discovered that DHCPv6 doesn't work on Linux interfaces enslaved to a VRF. Now, I believe this to be a bug in the kernel and I've reported it, but in case you'd like to implement a workaround in dnsmasq, this is quite tr

Re: [Dnsmasq-discuss] IPv6 addresses are (almost) immediately deprecated

On 22/09/2023 21:48, Graham Leggett via Dnsmasq-discuss wrote: On 22 Sep 2023, at 20:27, Geert Stappers wrote: I have a dnsmasq config on a development machine that looks like this: dhcp-range=fd33:::1::, ra-only, 24h The intention is for this development machine to announce to any

Re: [Dnsmasq-discuss] [PATCH] Fix DHCPv6 options memory leaks

Patch applied. The problem is clear and the fix is good. https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=d16b995756dc079b1fdc2e63665793979f766a26 Thanks for your contribution. Cheers, Simon. On 28/09/2023 09:28, renmingshuai via Dnsmasq-discuss wrote: When I repeatedly reloaded th

Re: [Dnsmasq-discuss] [PATCH] Fix DHCPv6 options memory leaks

On 01/10/2023 18:55, Geert Stappers wrote: That looks good to me. However: |$ git am |Applying: Fix DHCPv6 options memory leaks |error: corrupt patch at line 11 |Patch failed at 0001 Fix DHCPv6 options memory leaks |hint: Use 'git am --show-current-patch=diff' to see the failed patch |When

Re: [Dnsmasq-discuss] Blockdata SIGSEGV on master

On 05/09/2023 06:46, Geert Stappers wrote: On Sun, Sep 03, 2023 at 08:38:00PM +0100, Simon Kelley wrote: On 01/09/2023 20:28, Dominik Derigs wrote: Dear Simon, CC mailing list, today I've received a report of latest dnsmasq embedded into Pi-hole crashing when www.facebook.com is vi

Re: [Dnsmasq-discuss] Blockdata SIGSEGV on master

Dear list, Offline, we've found this one. The patch is in git now. It needs arbitrary RR caching to be enabled, and some fairly bad luck in what actually gets cached, but Facebook obliges every once in a while. Cheers, Simon. On 01/09/2023 20:28, Dominik Derigs wrote: Dear Simon, CC mail

Re: [Dnsmasq-discuss] Corrupted query causing FORMERR?

On 17/08/2023 18:08, John Horne wrote: Hello, We have for some time had reports of intermittent DNS query failures. For the servers concerned, a client on the server causes a query to be sent (via resolv.conf) to 127.0.0.1 which is the dnsmasq process. If the query is not in the cache, then i

Re: [Dnsmasq-discuss] Do we have good way to register SLAAC clients?

Dnsmasq has a feature, enabled by "ra-names" which attempts to solve this problem for dual-stack hosts. It works like this. When a host gets a DHCPv4 address, dnsmasq calculates the address that the client would assign itself using SLAAC, and pings that address. If it gets a reply it adds the

Re: [Dnsmasq-discuss] [PATCH] TCP client timeout setting

On 26/05/2023 17:19, Simon Kelley wrote: The long delay awaiting a connection from a non-responsive server may be improved by reducing the value of the TCP_SYNCNT socket option, at least on Linux. Setting TCP_SYNCNT to 2 limits the delay for a non responsive address to about 8 seconds

Re: [Dnsmasq-discuss] [PATCH] TCP client timeout setting

On 25/05/2023 20:32, Petr Menšík wrote: This problem is best tested by an example, taken from [2] but a bit modified. Let's create hepothetical network issue with one forwarder, which worked fine a while ago. $ sudo iptables -I INPUT -i lo -d 127.0.0.255 -j DROP Now start dnsmasq and send

Re: [Dnsmasq-discuss] DNSMASQ DHCP Options for CAPPORT or RFC8908 [PATCH]

What I can't get from a quick reading of the RFCs it how the captive-portal URI is derived from the client characteristics. The RFCs imply that the final, encoded part of the URI is an opaque identifier that's returned by the DHCP part of the captive portal and then accepted by the http part. I

Re: [Dnsmasq-discuss] dhcp-lease-max is only for DHCPv4?

se entries are remaining at 512, and all after clients will not appear in the lease file. Thanks, Lin Geert Stappers mailto:stapp...@stappers.nl>> 於 2023年5月23日 週二 下午1:59寫道： On Tue, May 23, 2023 at 12:05:08AM +0100, Simon Kelley wrote: > On 22/05/2023 12:18, Linyih Teng

Re: [Dnsmasq-discuss] dhcp-lease-max is only for DHCPv4?

There's a possible difference between the number of clients and the number of DHCP leases, since leases can expire to be deleted by the client. Are you saying that the number of simultaneous DHCP leases increases without bound, or that the 513th client gets a lease? Have you checked the number

Re: [Dnsmasq-discuss] use-stale-cache may failed to refresh record from certain upstream

On 30/04/2023 20:42, Justin wrote: Hello devs in order to use DOH/DOT, a proxy upstream is configured, when dnsmasq enables use-stale-cache, some upstream may return error when dnsmasq tries to refresh the record from upstream after stale cache is sent to client. i reported the issue here

Re: [Dnsmasq-discuss] dnsmasq sending advertise packets for the packet containing server id

On 24/04/2023 05:41, shashikumar Shashi wrote: Hi, I am using dnsmasq-2.80, IN this I am observing dnsmasq sending the advertising packets for the packet containing the Server id. This is a violation of the RFC - https://www.rfc-editor.org/rfc/rfc3315#section-15.2

Re: [Dnsmasq-discuss] Confusion about "no address range available for DHCPv6 request via ..."

On 18/04/2023 09:40, Daniel Farina wrote: Hello everyone, I have been trying to set up an IPv6-only network for a virtual machine with route advertisements and DHCP configuration. I've had some success, but I have a question. I have a dnsmasq.conf that looks like this, to delegate a /80 ch

Re: [Dnsmasq-discuss] --server=/#/1.2.3.4 behavior

On 26/04/2023 12:26, Aleksey Vasenev wrote: I found some information in the changelog: "Of course --server=/#/1.2.3.4 is exactly equivalent to --server=1.2.3.4. Special request from Josh Howlett." But this is not true. --server=/#/1.2.3.4 takes precedence over --server=1.2.3.4. Moreover,

Re: [Dnsmasq-discuss] Behavior on DHCP denied

On 18/04/2023 16:35, 0zl wrote: Hello, This is an issue I've experienced with ESP8266 and proxy ARP on my WiFi network. I was able to work around it by assigning the devices an infinite lease, however I think dnsmasq's behavior is undesirable. In short, ESP8266 is on a network with proxy

Re: [Dnsmasq-discuss] [PATCH] DBus watchers change can trigger crash

Both patches applied. Cheers, Simon. On 17/04/2023 12:30, Petr Menšík wrote: Hi! Interesting crash in dnsmasq were reported to me. I can reproduce it reliably on RHEL9, but not anymore on the most recent Fedora. But the difference seems to be based on used dbus library, not depending on dn

Re: [Dnsmasq-discuss] Add more dhcp log about finding dhcp-config failed

I've committed an alternative patch which does the same thing, but only in the DHCPv6 code path. Cheers, Simon. On 17/04/2023 12:56, renmingshuai via Dnsmasq-discuss wrote: Hi ! When dnsmasq attempts to search for the configured DHCPv6 address based on the MAC address, it will send NS pac

Re: [Dnsmasq-discuss] proxy-dnssec, how does it work (with unbound as upstream)

st obvious case, and I can't think of others that need more explicit control. DO you have any? Cheers, Simon. On 4/13/23 23:15, Simon Kelley wrote: I'm not clear where the EDE in a reply fits in to this. I agree, it seems to be all about AD bit in reality. --proxy-dnssec does

Re: [Dnsmasq-discuss] proxy-dnssec, how does it work (with unbound as upstream)

I'm not clear where the EDE in a reply fits in to this. --proxy-dnssec does only one thing: it stops dnsmasq from zeroing the authenticated data (AD) bit in replies before returning them to clients. This means that clients can rely on the AD bit to tell if the answer is secure, with a couple o

Re: [Dnsmasq-discuss] proxy-dnssec, how does it work (with unbound as upstream)

On 13/04/2023 07:37, Peter Russel wrote: Hi Simon Unfortunately, it looks like I've been shouting victory a little soon. The results are perfect when using dig, however, when using a browser (firefox, edge) the results are unreliable / inconsistent. The assumption is that adding the setting

Re: [Dnsmasq-discuss] "no address range available for DHCP request via br0" when using for IPv6 RA

options. If there's more than one possible option, which one actually gets used is undefined. Simon. thanks! On Mon, Apr 10, 2023 at 4:29 PM Simon Kelley <mailto:si...@thekelleys.org.uk>> wrote: On 05/04/2023 19:04, Ben Hendin wrote: > Thanks Simon (apologies - my

Re: [Dnsmasq-discuss] proxy-dnssec, how does it work (with unbound as upstream)

On 09/04/2023 18:50, Peter Russel wrote: SOLVED The developers added code to pihole-FTL, which is the latest dnsmasq + features (to make pi-hole the better solution). full story (pi-hole forum) here: https://discourse.pi-hole.net/t/dnssec-discussion-support-for-proxy-dnssec/62217 That wa

Re: [Dnsmasq-discuss] Understand logging - don't find details

On 11/04/2023 17:21, web...@manfbraun.de wrote: Hello! I want to find out the response time from clients request up to dnsmasq's response (including the external answer!) to the client. But a look into the logfile - thought, easy to make a wrapper, because I am missing dnstap support - wond

Re: [Dnsmasq-discuss] "no address range available for DHCP request via br0" when using for IPv6 RA

urcated into DHCPv4 and DHCPv6 it looks like we need --no-dhcpv4-interface and --no-dhcpv6-interface. That would certainly solve your problem. Cheers, Simon. On Wed, Apr 5, 2023 at 12:33 PM Simon Kelley <mailto:si...@thekelleys.org.uk>> wrote: On 03/04/2023 16:54, Ben Hen

Re: [Dnsmasq-discuss] "no address range available for DHCP request via br0" when using for IPv6 RA

On 03/04/2023 16:54, Ben Hendin wrote: I'm running Dnsmasq version 2.85-openssl-5-g989ee98 on an embedded device (Entware installation) I am seeing log entries that state the following when clients come onto the network to request IP addresses via DHCP: "no address range available for DHCP

  1   2   3   4   5   6   7   8   9   10   >