On 10/09/18 00:19, klondike wrote:
> Hi Simon,
> El 08/09/18 a las 19:17, Simon Kelley escribió:
>> The question is, should the above configuration be "baked in" to the code?
> Yes. In general it is considered against good practice to provide insane
> defaults and in this case this entails software and not configuration
> defaults.
> Keep in mind that dnsmasq is used by a wide variety of users nowadays,
> not only home routers and embedded  but also as a simple DHCP/DNS server
> in NAT setups, for example by NetworkManager or libvirt. Getting all of
> these users to update the way in which they generate dnsmasq
> configurations may be impractical as oposed to the rare case of allowing
> the names in such a blacklist.
> Because of this it would be best to let dnsmasq to default to safe
> behaviour (filtering known bad names like wpad) and allowing users to
> disable this behaviour via a configuration/command line directive. That
> way the next update will fix the problem for the majority of users out
> of the box whilst still allowing the few with a legitimate interest in
> allowing overriding of entries like wpad to do so.
> If you need help writting such a patch I can try to get some time to do so.
> Sincerely,
> Klondike

So, if I read the replies so far correctly, we have votes both for
"ignore wpad by default, and give an option to switch that off" and
"don't ignore wpad by default, but add the code to do so to the example
config file."

The first is a bit of a problem, if you have


either in a global config file, or baked into the code.

there's no way to unset the wpad-ignore tag, or override the
dhcp-ignore-names directive.

The second is easier to achieve, but the example config file is a little
unloved these days. I kind of lost the habit of adding each new
configuration option in there.



Attachment: signature.asc
Description: OpenPGP digital signature

Dnsmasq-discuss mailing list

Reply via email to