On 14/02/13 18:50, Jason A. Donenfeld wrote:
Hi Simon Crew,
Services like YouTube and Netflix use tons of ranges of IP addresses
that fluctuate wildly and aren't predictable. However, they're always
from a given subdomain using DNS, like *.c.youtube.com. I'd like to
have firewall rules for
On 13/02/13 22:17, C V wrote:
Sent: Wed, February 13, 2013 12:19:51 PM
Subject: [Dnsmasq-discuss] SIGHUP issue
The only 1 time I have been able to reproduce by hand is by trying it on a
long-running (many days) process in a cloud that was not being used
actively.
OK this
On Fri, Feb 15, 2013 at 9:30 AM, Simon Kelley si...@thekelleys.org.ukwrote:
On 13/02/13 22:17, C V wrote:
Sent: Wed, February 13, 2013 12:19:51 PM
Subject: [Dnsmasq-discuss] SIGHUP issue
The only 1 time I have been able to reproduce by hand is by trying it
on a
long-running
On Fri, Feb 15, 2013 at 10:28 AM, sven falempin sven.falem...@gmail.comwrote:
On Fri, Feb 15, 2013 at 9:30 AM, Simon Kelley si...@thekelleys.org.ukwrote:
On 13/02/13 22:17, C V wrote:
Sent: Wed, February 13, 2013 12:19:51 PM
Subject: [Dnsmasq-discuss] SIGHUP issue
The only
Hi Simon,
On Fri, Feb 15, 2013 at 3:05 PM, Simon Kelley si...@thekelleys.org.uk wrote:
It looks like the extra code is quite small, so I'd certainly consider
it.
Wonderful! I've extracted heavy lifting code into a separate file
(attached as ipset.c), and licensed it under the same license as
On Fri, Feb 15, 2013 at 3:14 PM, Jason A. Donenfeld ja...@zx2c4.com wrote:
Hi Simon,
On Fri, Feb 15, 2013 at 3:05 PM, Simon Kelley si...@thekelleys.org.uk
wrote:
It looks like the extra code is quite small, so I'd certainly consider
it.
Wonderful! I've extracted heavy lifting code into
On Fri, Feb 15, 2013 at 10:42 PM, sven falempin sven.falem...@gmail.com wrote:
Previsouly i propose a patch to filter out some domain,
i understand filtering should be done by iptables, but only if you think
linux.
Is it possible to use a version of this code to filter some domain out
and/or
Jason,
I use ipsets and have written scripts for handling them dynamically.
I think this is a very interesting idea. I'd benefit from hearing some
elaboration on the use cases you have in mind. I think this might also
help Simon understand how best to integrate.
Simon,
The attached patch wires ipset into the dnsmasq build system. I'm
assuming the integration and config syntax is something you want to do
yourself rather than have me do it.
After applying the patch, you will be able to call:
int add_to_ipset(const char *setname, const void *ipaddr, int
On Fri, Feb 15, 2013 at 11:30 PM, John Brendler brendle...@gmail.com wrote:
I use ipsets and have written scripts for handling them dynamically.
I think this is a very interesting idea. I'd benefit from hearing some
elaboration on the use cases you have in mind. I think this might also
help
Hi Simon,
Another update to reduce the amount of work for you. This thread
should supersede the other one.
I made ipset.c a bit nicer for dnsmasq by using struct all_addr. New
patch to replace all old ones:
View:
On Fri, Feb 15, 2013 at 5:35 PM, Jason A. Donenfeld ja...@zx2c4.com wrote:
On Fri, Feb 15, 2013 at 11:30 PM, John Brendler brendle...@gmail.com
wrote:
I use ipsets and have written scripts for handling them dynamically.
I think this is a very interesting idea. I'd benefit from hearing some
Hah, forget that. I just wrote the entire thing, including configuration,
and it works great. I'll send full patches to the mailing list shortly.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
Services like YouTube and Netflix use tons of ranges of IP addresses
that fluctuate wildly and aren't predictable. However, they're always
from a given subdomain using DNS, like *.c.youtube.com. I'd like to
have firewall rules for these IP addresses -- route them over this
interface, that
The matching logic is the same as for --address. extract_address is
responsible for calling out to add_to_ipset.
---
src/dnsmasq.h | 12 ++-
src/forward.c | 20 ++-
src/option.c | 64 +++
src/rfc1035.c | 14
Old kernels use HAVE_OLD_IPSET while newer kernels use HAVE_IPSET.
---
Makefile | 5 +-
src/config.h | 6 +++
src/dnsmasq.h | 5 ++
src/ipset.c | 143 ++
4 files changed, 157 insertions(+), 2 deletions(-)
create mode 100644
---
dnsmasq.conf.example | 4
man/dnsmasq.8| 6 ++
2 files changed, 10 insertions(+)
diff --git a/dnsmasq.conf.example b/dnsmasq.conf.example
index 5215c2a..9a0dbd7 100644
--- a/dnsmasq.conf.example
+++ b/dnsmasq.conf.example
@@ -69,6 +69,10 @@
# --address (and --server) work
Hello,
I'd like to use dnsmasq only as a DHCP server, so I set port=0.
However, once I acquire an IP via DHCP, the address of the dnsmasq server
still ends up in /etc/resolv.conf, so DNS stops working.
My goal is to propagate the nameservers in /etc/resolv.conf on the dnsmasq
server to the other
18 matches
Mail list logo