Re: [Dnsmasq-discuss] Pushing DNS server for a specific client on EdgeRouter

2020-10-22 Thread Geert Stappers
On Wed, Oct 21, 2020 at 01:26:27AM +0200, Daniele Riccucci wrote:
> Il 20/10/20 22:24, Geert Stappers ha scritto:
> > On Tue, Oct 20, 2020 at 09:25:01PM +0200, Daniele Riccucci wrote:
> > > Hello,
> > > I'm trying to push a different DNS server via DHCP to a specific client (a
> > > VoIP thingie from Grandstream, model HT802) from an EdgeRouter; the 
> > > current
> > > firmware is running Dnsmasq version 2.79-1-2-geff17ee.
> > > 
> > > Some options are already generated by the OS unfortunately, namely:
> > > 
> > >  dhcp-range=set:home,10.0.0.20,10.0.0.254,255.255.255.0,86400
> > >  domain=home.domain.com,10.0.0.0/24,local
> > >  dhcp-option=tag:home,option:domain-name,home.domain.com
> > >  dhcp-option=tag:home,option:router,10.0.0.1
> > >  dhcp-option=tag:home,option:dns-server,10.0.0.1
> > >  dhcp-host=c0:74:ad:0c:0c:b7,set:home,10.0.0.5
> > >  host-record=voipgw.home.domain.com,10.0.0.5,86400
> > > 
> > > which are contained in /etc/dnsmasq.d/dnsmasq-dhcp-config.conf.
> > > I can only set options above this point (/etc/dnsmasq.conf), and I tried
> > > with:
> > > 
> > >  dhcp-option=tag:home,option:dns-server,10.0.0.1
> > > options dhcp-option=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1
> > > options 
> > > dhcp-option-force=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1
> > > 
> > > because from tcpdump I saw that the client was sending a Vendor-Class 
> > > string:
> > > 
> > > c0:74:ad:0c:0c:b7 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 
> > > 590:
> > > (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 
> > > 576)
> > >  0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from
> > > c0:74:ad:0c:0c:b7, length 548, xid 0xbed7bb5e, Flags [none]
> > >Client-Ethernet-Address c0:74:ad:0c:0c:b7
> > >Vendor-rfc1048 Extensions
> > >  Magic Cookie 0x63825363
> > >  DHCP-Message Option 53, length 1: Discover
> > >  Client-ID Option 61, length 7: ether c0:74:ad:0c:0c:b7
> > >  Hostname Option 12, length 6: "voipgw"
> > >  Vendor-Class Option 60, length 18: "HT8XX dslforum.org"
> > >  Parameter-Request Option 55, length 17:
> > >Subnet-Mask, Time-Zone, Default-Gateway, Domain-Name-Server
> > >Hostname, Domain-Name, TTL, BR
> > >Static-Route, NTP, Vendor-Option, Lease-Time
> > >Server-ID, TFTP, Classless-Static-Route, Option 125
> > >Option 160
> > > 
> > > However, the reply from dnsmasq is sending 10.0.0.1 as DNS server:
> > > 
> > > 20:19:01.081957 24:a4:3c:b3:c2:8d > c0:74:ad:0c:0c:b7, ethertype IPv4
> > > (0x0800), length 390: (tos 0xc0, ttl 64, id 53937, offset 0, flags [none],
> > > proto UDP (17), length 376)
> > >  10.0.0.1.67 > 10.0.0.5.68: BOOTP/DHCP, Reply, length 348, xid
> > > 0xbed7bb5e, Flags [none]
> > >Client-IP 10.0.0.5
> > >Server-IP 10.0.0.1
> > >Client-Ethernet-Address c0:74:ad:0c:0c:b7
> > >Vendor-rfc1048 Extensions
> > >  Magic Cookie 0x63825363
> > >  DHCP-Message Option 53, length 1: ACK
> > >  Server-ID Option 54, length 4: 10.0.0.1
> > >  Lease-Time Option 51, length 4: 86358
> > >  Subnet-Mask Option 1, length 4: 255.255.255.0
> > >  BR Option 28, length 4: 10.0.0.255
> > >  Hostname Option 12, length 6: "voipgw"
> > >  Domain-Name-Server Option 6, length 4: 10.0.0.1
> > 
> > Option 6
> > 
> > >  Default-Gateway Option 3, length 4: 10.0.0.1
> > >  Domain-Name Option 15, length 15: "home.domain.com"
> > >  Vendor-Option Option 43, length 21:
> > > 6.8.85.38.28.0.85.38.28.1.
> > 
> > Option 6, eight bytes, dns.ser.ver.0, dns.ser.ver.1
> > 
> > > \ 6.8.85.38.28.0.85.38.28.1.255
> > Option 6, eight bytes, dns.ser.ver.0, dns.ser.ver.1, end
> > 


I should have referenced the

> > > options dhcp-option=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1
> > > options 
> > > dhcp-option-force=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1

in my previous email as reason for seeing
 
}}}   Vendor-Option Option 43, length 21: 
6.8.85.38.28.0.85.38.28.1.6.8.85.38.28.0.85.38.28.1.255


>

Re: [Dnsmasq-discuss] Pushing DNS server for a specific client on EdgeRouter

2020-10-20 Thread Geert Stappers
On Tue, Oct 20, 2020 at 09:25:01PM +0200, Daniele Riccucci wrote:
> Hello,
> I'm trying to push a different DNS server via DHCP to a specific client (a
> VoIP thingie from Grandstream, model HT802) from an EdgeRouter; the current
> firmware is running Dnsmasq version 2.79-1-2-geff17ee.
> 
> Some options are already generated by the OS unfortunately, namely:
> 
> dhcp-range=set:home,10.0.0.20,10.0.0.254,255.255.255.0,86400
> domain=home.domain.com,10.0.0.0/24,local
> dhcp-option=tag:home,option:domain-name,home.domain.com
> dhcp-option=tag:home,option:router,10.0.0.1
> dhcp-option=tag:home,option:dns-server,10.0.0.1
> dhcp-host=c0:74:ad:0c:0c:b7,set:home,10.0.0.5
> host-record=voipgw.home.domain.com,10.0.0.5,86400
> 
> which are contained in /etc/dnsmasq.d/dnsmasq-dhcp-config.conf.
> I can only set options above this point (/etc/dnsmasq.conf), and I tried
> with:
> 
> dhcp-option=tag:home,option:dns-server,10.0.0.1
> options dhcp-option=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1
> options
> dhcp-option-force=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1
> 
> because from tcpdump I saw that the client was sending a Vendor-Class
> string:
> 
> c0:74:ad:0c:0c:b7 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 590:
> (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 576)
> 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from
> c0:74:ad:0c:0c:b7, length 548, xid 0xbed7bb5e, Flags [none]
>   Client-Ethernet-Address c0:74:ad:0c:0c:b7
>   Vendor-rfc1048 Extensions
> Magic Cookie 0x63825363
> DHCP-Message Option 53, length 1: Discover
> Client-ID Option 61, length 7: ether c0:74:ad:0c:0c:b7
> Hostname Option 12, length 6: "voipgw"
> Vendor-Class Option 60, length 18: "HT8XX dslforum.org"
> Parameter-Request Option 55, length 17:
>   Subnet-Mask, Time-Zone, Default-Gateway, Domain-Name-Server
>   Hostname, Domain-Name, TTL, BR
>   Static-Route, NTP, Vendor-Option, Lease-Time
>   Server-ID, TFTP, Classless-Static-Route, Option 125
>   Option 160
> 
> However, the reply from dnsmasq is sending 10.0.0.1 as DNS server:
> 
> 20:19:01.081957 24:a4:3c:b3:c2:8d > c0:74:ad:0c:0c:b7, ethertype IPv4
> (0x0800), length 390: (tos 0xc0, ttl 64, id 53937, offset 0, flags [none],
> proto UDP (17), length 376)
> 10.0.0.1.67 > 10.0.0.5.68: BOOTP/DHCP, Reply, length 348, xid
> 0xbed7bb5e, Flags [none]
>   Client-IP 10.0.0.5
>   Server-IP 10.0.0.1
>   Client-Ethernet-Address c0:74:ad:0c:0c:b7
>   Vendor-rfc1048 Extensions
> Magic Cookie 0x63825363
> DHCP-Message Option 53, length 1: ACK
> Server-ID Option 54, length 4: 10.0.0.1
> Lease-Time Option 51, length 4: 86358
> Subnet-Mask Option 1, length 4: 255.255.255.0
> BR Option 28, length 4: 10.0.0.255
> Hostname Option 12, length 6: "voipgw"
> Domain-Name-Server Option 6, length 4: 10.0.0.1

Option 6

> Default-Gateway Option 3, length 4: 10.0.0.1
> Domain-Name Option 15, length 15: "home.domain.com"
> Vendor-Option Option 43, length 21:
> 6.8.85.38.28.0.85.38.28.1.

Option 6, eight bytes, dns.ser.ver.0, dns.ser.ver.1

>\ 6.8.85.38.28.0.85.38.28.1.255
Option 6, eight bytes, dns.ser.ver.0, dns.ser.ver.1, end



> Vendor-Class Option 60, length 18: "HT8XX dslforum.org"
> 
> Also shown from the device:
> 
> Product Model: HT802
> MAC Address: c0:74:ad:0c:0c:b7
> Network:
> IPv4 Address -- 10.0.0.5
> IPv6 Address --
> Netmask-- 255.255.255.0
> Gateway-- 10.0.0.1
> DNS Server -- 10.0.0.1
> 
> How could I solve this? Is there a way to override the dns-server option for
> this device?

Something like changing the
| dhcp-host=c0:74:ad:0c:0c:b7,set:home,10.0.0.5
| host-record=voipgw.home.domain.com,10.0.0.5,86400
in
| dhcp-host=c0:74:ad:0c:0c:b7,set:myvoiptag,10.0.0.5,voipgw
| dhcp-option=tag:myvoiptag,option:dns-server,85.38.28.1


> I can send further tcpdumps if required.
> Thank you.

Please provide feedback.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Block dhcp from serving to specific device

2020-10-16 Thread Geert Stappers
> Greetings -
> 
>     I am having an issue on my home network with Apple devices getting
> assigned addresses to vlans that are not desired.  Not sure of if dnsmasq
> will be helpful in resolving the issue, but thought I would inquire here as
> I am exploring many options.
>   
>     So I am wondering if there is a configuration setting that I can add to
> my dhcp server that would refuse a specific device from connecting to a
> specific vlan.

IIRC  was the solution to use 'tag' and '!' meaning "not".


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

2020-10-15 Thread Geert Stappers
On Thu, Oct 15, 2020 at 11:47:44PM +, WU, CHRIS wrote:
> Hello. We've been using Dnsmasq version 2.78 for quite a while but
> upgraded to 2.81 because of CVE-2019-14834. Upon inspecting the output
> of lsof we realized that Dnsmasq is using almost 200 file descriptors
> upon boot and after an hour later the number remains unchanged. Since
> I knew this did not happen with 2.78 I also tried Dnsmasq versions
> 2.79 and 2.80 and this does not happen. It looks like it started with
> 2.81 and also happens with 2.82.
> My operating environment is armv7l GNU/Linux.
> 

Looking forward to what  `git bisect` says.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Overriding server-identifier in DHCP response

2020-10-09 Thread Geert Stappers
On Sat, Oct 03, 2020 at 04:50:38PM +, Ryan Govostes wrote:
> When I run with log-dhcp enabled,
> I notice the following option in dnsmasq's DHCP response:
> 
> dnsmasq-dhcp: 756190107 sent size:  4 option: 54 server-identifier  172.17.0.2
> 
> This is the local IP address of the network interface that dnsmasq
> is using. But dnsmasq is running inside a virtual machine with NAT,
> and this IP address is not the network-facing address.

Acknowledge

 
> Is there a way to change the response?

Yes


> I've tried setting dhcp-option=option:server-identifier(or 54),... but
> dnsmasq doesn't accept it. I've also tried using 11 which I believe
> is some kind of server-identifier override. That also did not work.
> 
> I'm using dnsmasq to do DHCP proxying for PXE.

And O.P. learnt that NATting for the VM introduces new problems.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Rather basic question - how do you tell dnsmasq what upstream DNS servers to use?

2020-10-03 Thread Geert Stappers
On Sat, Oct 03, 2020 at 07:19:10PM +0100, Chris Green wrote:
> On Sat, Oct 03, 2020 at 06:06:56PM +0200, Geert Stappers wrote:
> > On Sat, Oct 03, 2020 at 03:59:46PM +0100, Chris Green wrote:
> > > I'm feeling really silly, I've been using dnsmasq for several years
> > > running it on a dedicated Raspberry Pi on the LAN to provide local DNS.
> > > 
> > > It's been working perfectly OK but just a very short while ago the
> > > Google DNS server at 8.8.8.8 went down for a while and it's what I
> > > (appear to) use as the upstream DNS.
> > > 
> > > How and where does one set dnsmasq's upstream DNS? Is it the following
> > > line in /etc/dhcpcd.conf :-
> > > 
> > > /etc/dhcpcd.conf:static domain_name_servers=192.168.1.4 8.8.8.8 
> > > fd51:42f8:caae:d92e::1
> > > 
> > > The file /run/dnsmasq/resolv.conf appears to be derived directly from
> > > the above:-
> > > 
> > > chris@newdns$ more resolv.conf
> > > # Generated by resolvconf
> > > nameserver 192.168.1.4
> > > nameserver 8.8.4.4
> > > nameserver fd51:42f8:caae:d92e::1
> > > 
> > > The Raspberry Pi running dnsmasq is 192.168.1.4 on the LAN here, I'm
> > > running dnsmasq version 2.76.
> > 
> > Snippet from the dnsmasq manual page:
> > 
> >-S, --local,
> >
> > --server=[/[]/[domain/]][[#][@|[#]]
> >  Specify  IP  address  of  upstream  servers
> >  directly. Setting this flag does not suppress
> >  reading of /etc/resolv.conf, use --no-resolv to do that.
> >  
> Yes, but do I want it to ignore /etc/resolv.conf (well, actually,
> /var/run/dnsmasq/resolv.conf) ?  Do I want resolvconf to handle which
> DNS servers are used or am I better turning resolvconf off altogether?
 
When possible: Yes.
Or even better: Make turning of resolvconf possible and do it.


Underlying idea:
Dnsmasq is a server thing, resolvconf is a client thing.


Roughly the defintion of those two:
Server: configurated by administrator knowing what should be done.
Client: configurated by stuff on network, tends to break outside the default.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Rather basic question - how do you tell dnsmasq what upstream DNS servers to use?

2020-10-03 Thread Geert Stappers
On Sat, Oct 03, 2020 at 03:59:46PM +0100, Chris Green wrote:
> I'm feeling really silly, I've been using dnsmasq for several years
> running it on a dedicated Raspberry Pi on the LAN to provide local DNS.
> 
> It's been working perfectly OK but just a very short while ago the
> Google DNS server at 8.8.8.8 went down for a while and it's what I
> (appear to) use as the upstream DNS.
> 
> How and where does one set dnsmasq's upstream DNS? Is it the following
> line in /etc/dhcpcd.conf :-
> 
> /etc/dhcpcd.conf:static domain_name_servers=192.168.1.4 8.8.8.8 
> fd51:42f8:caae:d92e::1
> 
> The file /run/dnsmasq/resolv.conf appears to be derived directly from
> the above:-
> 
> chris@newdns$ more resolv.conf
> # Generated by resolvconf
> nameserver 192.168.1.4
> nameserver 8.8.4.4
> nameserver fd51:42f8:caae:d92e::1
> 
> The Raspberry Pi running dnsmasq is 192.168.1.4 on the LAN here, I'm
> running dnsmasq version 2.76.

Snippet from the dnsmasq manual page:

   -S, --local,
   
--server=[/[]/[domain/]][[#][@|[#]]
 Specify  IP  address  of  upstream  servers
 directly. Setting this flag does not suppress
 reading of /etc/resolv.conf, use --no-resolv to do that.
 

> Would I be better with two unrelated DNS servers in the above
> configuration, e.g. a Google one and one from my ISP?
> 
>


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] dnsmasq on an IPv4 /32 interface

2020-09-21 Thread Geert Stappers
On Tue, Sep 22, 2020 at 05:32:56AM +1000, Paul Gear wrote:
> Hi all,
> 
> I've been trying to solve the same problem described in this blog post:
> https://blog.fhrnet.eu/2020/03/07/dhcp-server-on-a-32-subnet/

Interesting read, however I not sure how interesting the "problem" was.


> In a nutshell, the situation is a VM host which performs routing and
> firewalling for all its guests, providing an isolated IPv4 /32 (and in
> my case an IPv6 /64 or /128 as well) to each VM guest, and using
> interface routes on the host to direct traffic to each guest, without
> wasting IPv4 addresses on /31 or /30 point-to-point links.
> 
> The post claims that the configuration noted (a single /32 allocated to
> the host which is configured on every client-facing interface) is only
> possible at present with ISC DHCP.  I've tested a number of different
> configurations of dnsmasq, and this seems to be correct.  I'm hoping
> someone experienced in the dnsmasq code base can confirm or deny this.
> 
> Assuming this is currently a limitation, I'd like to work on adding
> support to dnsmasq for this scenario.  I'm not experienced with the code
> base (although I've read some of the relevant portions and believe it
> should be possible), so I'm hoping also for some guidance on whether
> this functionality would be accepted into the code base, and if so, how
> it might appear in the configuration.
> 
> My initial thought was that there wouldn't need to be any explicit
> configuration; rather, if a DHCP request is received on an interface
> with a /32 mask (or perhaps on an interface with a non-unique address on
> the host), the usual restrictions around interface matching would be
> relaxed, and an address would be given out either from the
> statically-defined hosts, or from a pool which doesn't match any
> interface on the host.  When giving out IPv6 addresses, my thought was
> that things would mostly work the same if a DHCPv6 request was received
> on an interface with only link-local addressing configured.
> 
> Thanks in advance - I hope all this makes sense and look forward to
> discussing it further with you.

I think that discussion will go quickly silent
when only one person can reproduce the challenge.


 
> Regards,
> Paul

Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Avoid conflicts between dnsmasq and systemd-resolved.

2020-09-18 Thread Geert Stappers
On Fri, Sep 18, 2020 at 08:08:07AM +0800, Hongyi Zhao wrote:
> On Thu, Sep 17, 2020 at 07:25:43AM +0800, Hongyi Zhao wrote:
> >
> > But I still can't figure out what's the wrong configuration or
> > **bug** (may or may not exist, I'm not sure.) in dnsmasq itself
> > triggered this problem.
> 
> I can confirm this problem is caused by the response to type=ANY
> request of dnsmasq. And when I substitute the corresponding job done
> by dnsmasq with dnsproxy, the problem will be solved.

I fail to see the dnsmasq problem.


> See following for more information:

I did


> 
> werner@X10DAi-01:~$ pgrep -ax dnsproxy
> 50211 ./dnsproxy -l 127.0.0.1 -p 6053 --all-servers --fastest-addr -u

port 6053


> tls://8.8.4.4 -u tls://8.8.8.8 -u tls://1.0.0.1 -u tls://1.1.1.1 -u
> tls://9.9.9.9 -u tls://9.9.9.10 -u tls://149.112.112.10
> 50212 ./dnsproxy -u 114.114.114.114 -u 114.114.115.115 -u
> 114.114.114.119 -u 114.114.115.119 -u 114.114.114.110 -u
> 114.114.115.110 -u 223.5.5.5 -u 223.6.6.6 -u 180.76.76.76 -u
> 112.124.47.27 -u 114.215.126.16 --fastest-addr --all-servers -l
> 127.0.0.1 -p 6054
> werner@X10DAi-01:~$ pgrep -ax dnsmasq
> 50243 /usr/local/sbin/dnsmasq --port=53 -c10240 --localise-queries

port 53


> --server=127.0.0.1#6053

port 6053


> --conf-dir=/home/werner/Public/anti-gfw/dns/dnsmasq/conf/conf-dir,*.conf
> -C /home/werner/Public/anti-gfw/dns/dnsmasq/conf/dnsmasq.conf
> werner@X10DAi-01:~$ dig www.baidu.com ANY @127.0.0.1

Probably port 53

 
> ; <<>> DiG 9.16.1-Ubuntu <<>> www.baidu.com ANY @127.0.0.1
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51448
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;www.baidu.com.INANY
> 
> ;; ANSWER SECTION:
> www.baidu.com.1133INCNAMEwww.a.shifen.com.
> 
> ;; Query time: 36 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)

Yes indeed port 53


> ;; WHEN: Fri Sep 18 08:03:37 CST 2020
> ;; MSG SIZE  rcvd: 69
> 
> Regards,
> HY


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Incorrect response for DNAME'd records in dnsmasq 2.80+

2020-09-17 Thread Geert Stappers
On Mon, Sep 14, 2020 at 10:41:32PM +0200, Geert Stappers wrote:
> On Mon, Sep 14, 2020 at 11:23:44AM -0700, James Brown wrote:
> > That is fantastic, Dominick!
> > 
> > I'm testing now, but in preliminary testing, this patch appears to fix the
> > DNAME issue for me.
> 
> OK.
> Acknowledge.
> 
> Thursday night (CEST, UTC+2)  I'll retransmit the patch + "Tested-by"

Done, Message-Id: 
1600372552-8489-1-git-send-email-stapp...@alpaca.gpm.stappers.nl

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


[Dnsmasq-discuss] [PATCH] Fix bug where cached NXDOMAIN CNAMEs return NODATA

2020-09-17 Thread Geert Stappers
From: "Dominick C. Pastore" 

Non-terminal code from 2.80 was overzealously converting NXDOMAIN 
replies from upstream to NODATA when an NXDOMAIN A response was cached
(and vice-versa). Commit 162e5e0 fixed this for most cases, but not when
the NXDOMAIN response contained a CNAME. This fixes that case.

Tested-By: James Brown 
---
 src/cache.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/cache.c b/src/cache.c
index 2f2c519..1102609 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -812,6 +812,7 @@ int cache_find_non_terminal(char *name, time_t now)
 if (!is_outdated_cname_pointer(crecp) &&
!is_expired(now, crecp) &&
(crecp->flags & F_FORWARD) &&
+   (crecp->flags & (F_HOSTS | F_DHCP | F_CONFIG)) &&
!(crecp->flags & F_NXDOMAIN) && 
hostname_isequal(name, cache_get_name(crecp)))
   return 1;
-- 
2.1.4


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] DNS TTL && IPSET TIMEOUT

2020-09-17 Thread Geert Stappers
On Thu, Sep 17, 2020 at 07:06:22AM +, Roderick Groesbeek wrote:
> Hi List,
> 
> Ipset supports a concept of 'aging' entries, like:
> ~~
> Examples from ipset(8):
> ipset create test hash:ip timeout 300
> ipset add test 192.168.0.1 timeout 60
> ipset -exist add test 192.168.0.1 timeout 600
> ~~
> 
> Dnsmasq supports a concept of adding entries to ipset
> ~~
> ipset=/.wearetriple.com/p1_afkl_http_https_test
> ~~
> 
> 
> However the timeout functionality is not implemented in the current DNSMASQ 
> implementation.
> Using the DNS TTL as an IPSET TIMEOUT would seem natural...
> 
> 
> 
> Would this be right construct, to support that behavior?

Transform it into a unified patch, to make testing possible.


> ATTR_DATA followed by the IP or TIMEOUT value in the nested construct?
> 
> ~~
>   proto = IPSET_PROTOCOL;
>   add_attr(nlh, IPSET_ATTR_PROTOCOL, sizeof(proto), );
>   add_attr(nlh, IPSET_ATTR_SETNAME, strlen(setname) + 1, setname);
> 
>   nested[0] = (struct my_nlattr *)(buffer + NL_ALIGN(nlh->nlmsg_len));
>   nlh->nlmsg_len += NL_ALIGN(sizeof(struct my_nlattr));
>   nested[0]->nla_type = NLA_F_NESTED | IPSET_ATTR_DATA;
> 
>   nested[1] = (struct my_nlattr *)(buffer + NL_ALIGN(nlh->nlmsg_len));
>   nlh->nlmsg_len += NL_ALIGN(sizeof(struct my_nlattr));
>   nested[1]->nla_type = NLA_F_NESTED | IPSET_ATTR_IP;
>   add_attr(nlh,
>(af == AF_INET ? IPSET_ATTR_IPADDR_IPV4 : IPSET_ATTR_IPADDR_IPV6) 
> | NLA_F_NET_BYTEORDER,
>addrsz, ipaddr);
> 
>   nested[2] = (struct my_nlattr *)(buffer + NL_ALIGN(nlh->nlmsg_len));
>   nlh->nlmsg_len += NL_ALIGN(sizeof(struct my_nlattr));
>   nested[2]->nla_type = NLA_F_NESTED | IPSET_ATTR_DATA;
> 
>   nested[3] = (struct my_nlattr *)(buffer + NL_ALIGN(nlh->nlmsg_len));
>   nlh->nlmsg_len += NL_ALIGN(sizeof(struct my_nlattr));
>   nested[3]->nla_type = NLA_F_NESTED | IPSET_ATTR_TIMEOUT;
>   add_attr(nlh, IPSET_ATTR_TIMEOUT | NLA_F_NET_BYTEORDER,  sizeof(attl), 
> );
> 
>   nested[3]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void 
> *)nested[3];
>   nested[2]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void 
> *)nested[2];
>   nested[1]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void 
> *)nested[1];
>   nested[0]->nla_len = (void *)buffer + NL_ALIGN(nlh->nlmsg_len) - (void 
> *)nested[0];
> 
>   while (retry_send(sendto(ipset_sock, buffer, nlh->nlmsg_len, 0,
>(struct sockaddr *), sizeof(snl;
> ~~
> 
> sendto(3, {{len=88, type=NFNL_SUBSYS_IPSET<<8|IPSET_CMD_ADD, 
> flags=NLM_F_REQUEST, seq=0, pid=0}, {nfgen_family=AF_INET, 
> version=NFNETLINK_V0, res_id=htons(0), [{{nla_len=5, nla_type=NFNETLINK_V1}, 
> "\x06"}, {{nla_len=28, nla_type=0x2}, 
> "\x70\x31\x5f\x61\x66\x6b\x6c\x5f\x68\x74\x74\x70\x5f\x68\x74\x74\x70\x73\x5f\x74\x65\x73\x74\x00"},
>  {{nla_len=32, nla_type=NLA_F_NESTED|0x7}, 
> "\x1c\x00\x01\x80\x08\x00\x01\x40\x5d\xbb\x0d\xc8\x10\x00\x06\x80\x0c\x00\x06\x40\x0e\x00\x00\x00\x00\x00\x00\x00"}]},
>  88, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=}, 12) = 88
> 
> 
> Met vriendelijke groet / Best regards,
> 
> Roderick Groesbeek


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Avoid conflicts between dnsmasq and systemd-resolved. DNS list

2020-09-17 Thread Geert Stappers
On Wed, Sep 16, 2020 at 04:16:40PM +0800, Hongyi Zhao wrote:
> On Wed, Sep 16, 2020 at 3:06 PM Dominick C. Pastore wrote:
> > On Wed, Sep 16, 2020, at 1:36 AM, Geert Stappers wrote:
> > > > > I was a little surprised this one worked since the previous one
> > > > > didn't, but I suspect systemd-resolved is falling back to the
> > > > > FallbackDNS servers (which are hardcoded in if not set explicitly).
> > >
> > > > What's the FallbackDNS servers and how can I find/list them?
> > >
> > > Good question.  The "hardcoded" suggest it is in source code.
> >
> > Yes, that is indeed the case. I'm not aware of what those
> > defaults are, but they can be overridden or unset. See
> > the description of the "FallbackDNS" option here:
> >  http://manpages.ubuntu.com/manpages/bionic/man5/resolved.conf.5.html
> 
> I found some public DNS servers in the source code here:
> 
> https://github.com/systemd/systemd/blob/e66d2b4332ca94aeb62e95ec76f1f17ee9b7/meson_options.txt#L252

At https://github.com/systemd/systemd/blob/master/meson_options.txt#L252

  option('dns-servers', type : 'string',
   description : 'space-separated list of default DNS servers',
   value : '1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4 2606:4700:4700:: 
2001:4860:4860:: 2606:4700:4700::1001 2001:4860:4860::8844')
 

> But I'm not sure whether they are the default/FallbackDNS for systemd-resolvd.
> 
> >
> > (Anyway, I'm not meaning to pull the discussion too far from Dnsmasq.)

I did enjoy the by-catch


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] syntax for cname= unclear

2020-09-17 Thread Geert Stappers
On Thu, Sep 17, 2020 at 03:19:20PM +0200, Olaf Hering wrote:
> The dnsmasq man page has no specific example for cname=, it is unclear
> what target really has to be. A more specific example exists for
> host-record=.
> 
> With the config snippet below the cnames are not known.
> Commands like 'host cname1 $ip_of_dnsmasq_host' work,

Please elaborate.


> but 'host cname1.dnsdomain $ip_of_dnsmasq_host' returns NXDOMAIN.

What should have been the outcome?


> Is the used syntax for "cname=" correct?
> 
> This happens with dnsmasq 2.78, which can not be easily upgraded.
> 
> Thanks,
> Olaf
> 
> log-facility=/var/log/dnsmasq.log
> interface=LAN
> cache-size=150
> domain=dnsdomain,172.16.0.0/16,local
> resolv-file=/etc/resolv.conf.dhclient-UPLINK
> conf-file=/path-to/host-records.conf
> 
> host-record=hostname,hostname.dnsdomain,172.16.0.2,fd00:172:16::0323:45ff:feab:cdef
> dhcp-host=01:23:45:ab:cd:ef,set:hostname,hostname,216000
?

> cname=cname1,hostname
> cname=cname1.dnsdomain,hostname.dnsdomain
> cname=cname2,hostname
> cname=cname2.dnsdomain,hostname.dnsdomain


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Avoid conflicts between dnsmasq and systemd-resolved.

2020-09-17 Thread Geert Stappers
On Thu, Sep 17, 2020 at 07:25:43AM +0800, Hongyi Zhao wrote:
> 
> But I still can't figure out what's the wrong configuration or
> **bug** (may or may not exist, I'm not sure.) in dnsmasq itself
> triggered this problem.


Acknowledge

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Avoid conflicts between dnsmasq and systemd-resolved.

2020-09-16 Thread Geert Stappers
On Wed, Sep 16, 2020 at 01:19:27PM +0800, Hongyi Zhao wrote:
> On Wed, Sep 16, 2020 at 11:18 AM Dominick C. Pastore wrote:
  ...
> >
> > This does indeed seem strange. Unfortunately, I'm not sure either. The
> > best I can suggest is to check the syslog for any clues, if you
> > haven't yet.
> 
> If I’ve time later this afternoon, I will check it and feedback.
 
Please do


   ...
> > I was a little surprised this one worked since the previous one
> > didn't, but I suspect systemd-resolved is falling back to the
> > FallbackDNS servers (which are hardcoded in if not set explicitly).
 
> What's the FallbackDNS servers and how can I find/list them?

Good question.  The "hardcoded" suggest it is in source code.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Incorrect response for DNAME'd records in dnsmasq 2.80+

2020-09-14 Thread Geert Stappers
On Mon, Sep 14, 2020 at 11:23:44AM -0700, James Brown wrote:
> That is fantastic, Dominick!
> 
> I'm testing now, but in preliminary testing, this patch appears to fix the
> DNAME issue for me.

OK.
Acknowledge.

Thursday night (CEST, UTC+2)  I'll retransmit the patch + "Tested-by"

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Avoid conflicts between dnsmasq and systemd-resolved.

2020-09-13 Thread Geert Stappers
On Sun, Sep 13, 2020 at 03:36:42PM +0800, Hongyi Zhao wrote:
> Hi,
> 
> On Ubuntu 20.04, I let dnsmasq listen on 127.0.0.1:53, at the same
> time, I also noted that systemd-resolved has a default stub dns
> resolver which is listening on 127.0.0.53:53.
> 
> And for my case, the /etc/resolv.conf is a symlink as following:
> 
> $ realpath -e /etc/resolv.conf
> /run/systemd/resolve/stub-resolv.conf
> 
> The content of this file is shown as follows:
> 
> $ cat /etc/resolv.conf
> # This file is managed by man:systemd-resolved(8). Do not edit.
> #
> # This is a dynamic resolv.conf file for connecting local clients to the
> # internal DNS stub resolver of systemd-resolved. This file lists all
> # configured search domains.
> #
> # Run "resolvectl status" to see details about the uplink DNS servers
> # currently in use.
> #
> # Third party programs must not access this file directly, but only through 
> the
> # symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different 
> way,
> # replace this symlink by a static file or a different symlink.
> #
> # See man:systemd-resolved.service(8) for details about the supported modes of
> # operation for /etc/resolv.conf.
> 
> nameserver 127.0.0.53
> options edns0
> 
> 
> I use the netplan to set 127.0.0.1 as the dns for all interfaces. But
> it seems there are some conflicts on my above configuration. Say, when
> I do the following testing:
> 
> $ dig www.baidu.com
> 
> I always noticed that there will have multiple dnsmasq instances be
> triggered automatically and the resolution will fail.
> 
> So I want to know how to solve the confliction problem between dnsmasq
> and systemd-resolved.

The trick is deciding which DNS is "upstream"



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Possible lease matching/reuse bug

2020-09-11 Thread Geert Stappers
On Fri, Sep 11, 2020 at 03:12:34AM +0100, Jerome Vuarand wrote:
> On Wed, 9 Sep 2020 at 17:36, Geert Stappers  wrote:

  context,   meanwhile lost


> > > The client sends its hostname "target" which seems to be enough to
> > > identify it and give it the associated ipaddr (either from
> > > dnsmasq.conf or from /etc/hosts).
> >
> > So it seems you either want
> >   dhcp-host=id:target,192.168.4.2
> > or
> >   dhcp-host=id:target,target
> 
> These don't work at all, it gives the following log on first connection:
> 
> dnsmasq-dhcp[583]: DHCPDISCOVER(ap0) b8:27:eb:a6:d4:d6
> dnsmasq-dhcp[583]: DHCPOFFER(ap0) 192.168.4.200 b8:27:eb:a6:d4:d6
> dnsmasq-dhcp[583]: DHCPREQUEST(ap0) 192.168.4.200 b8:27:eb:a6:d4:d6
> dnsmasq-dhcp[583]: DHCPACK(ap0) 192.168.4.200 b8:27:eb:a6:d4:d6 target

I think "existing leases"
but that doesn't match the reported "on first connection"
 
> And unless I remove the entry from /etc/hosts (which is necessary in
> the second case), I get this just after:
> 
> dnsmasq-dhcp[583]: not giving name target.chepstowrifleclub.org.uk to the 
> DHCP lease of 192.168.4.200 because the name exists in /etc/hosts with 
> address 192.168.4.2
> dnsmasq-dhcp[583]: not giving name target to the DHCP lease of 192.168.4.200 
> because the name exists in /etc/hosts with address 192.168.4.2


OK, sounds good.



Regards
Geert Stappers
Having trooble to read "These don't work at all" as "I still don't understand 
it"


P.S.
I'm on the mailinglist
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Possible lease matching/reuse bug

2020-09-09 Thread Geert Stappers
On Wed, Sep 09, 2020 at 12:32:37PM +0100, Jerome Vuarand wrote:
> On Tue, 8 Sep 2020 at 12:59, Geert Stappers  wrote:
> >>>> dhcp-host=target
> >
> >>> 'dhcp-host=target,192.168.4.2'
> >
> > ???
> >
> > Manual page snippet from 
> > http://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
> >
> >  
> > --dhcp-host=[][,id:|*][,set:][tag:][,][,][,][,ignore]
> >text ... allocated the same hostname, IP address ... more text ...
> 
> All sections are optional in that line.

Yes, for a valid syntax.
('valid syntax' meaning "no syntax error")


> I provided the hostname and hostname+ipaddr in the two examples above.
>
> > It says provide server side with information how to identify client side
> > so it can do the wanted assignment
> 
> The client sends its hostname "target" which seems to be enough to
> identify it and give it the associated ipaddr (either from
> dnsmasq.conf or from /etc/hosts).

So it seems you either want
  dhcp-host=id:target,192.168.4.2
or
  dhcp-host=id:target,target


> The problem happens when that same client connects a second time.

The reason we have this email thread.

Please pursuit the problem further
and pretty please report back how it is going.


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Possible lease matching/reuse bug

2020-09-08 Thread Geert Stappers
On Tue, Sep 08, 2020 at 11:31:27AM +0100, Jerome Vuarand wrote:
> On Tue, 8 Sep 2020 at 09:36, john doe  wrote:
> >On 9/8/2020 9:19 AM, Jerome Vuarand wrote:
> >> I believe I'm triggering a bug where a static dhcp-host config does't
> >> seem to match the existing lease the second time that client connects.
> >>
> >> I'm running dnsmasq from a Raspberry Pi acting as a WiFi access point.
> >> I have a mixture of IoT devices connecting to it. I'd like most
> >> clients to get a dynamic IP address, but some to get a static one
> >> based on their name, so I use a combination of dhcp-range and
> >> dhcp-host. I have the following config:
> >>
> >> interface=ap0
> >> dhcp-range=192.168.4.100,192.168.4.250,255.255.255.0,24h
> >> domain=example.com
> >> dhcp-script=/home/pi/my_web_ui/dnsmasq_script
> >> dhcp-leasefile=/var/run/dnsmasq.leases
> >> dhcp-host=target

?


> >>
> >> And I have an entry in /etc/hosts that associate target to
> >> 192.168.4.2, the dnsmasq server itself is 192.168.4.1.
> >>
> >
> > Are you seeing the same thing if you do:
> >
> > 'dhcp-host=target,192.168.4.2'

???


> 
> The problem happens too, yes.
> 
> > The above assumes that the hosts file does not contain the Ip in question.
> 
> I tested both cases, and all 4 combinations are problematic. Obviously
> with no hosts entry and no ip in dhcp-host dnsmaq has no way to know
> what IP I want to assign, but all three other combinations have the
> intermittent problem.

Manual page snippet from http://thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html

 
--dhcp-host=[][,id:|*][,set:][tag:][,][,][,][,ignore]
   text ... allocated the same hostname, IP address ... more text ...


It says provide server side with information how to identify client side
so it can do the wanted assignment



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [PATCH] Re: RA-acquired address not marked as 'dynamic' with 2.82

2020-09-07 Thread Geert Stappers
On Mon, Sep 07, 2020 at 12:22:24PM +0100, Iain Lane wrote:
> > 
> > The only related difference I can see between v2.81 and v2.82 seem to be
> > this one:
> > http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4d85e409cd2f4b0935d6ac5e8c72f6a151735d52
> > 
> > It's not clear to me when the kernel marks an address as "dynamic".
> > Changing the flooring of the lease time may or not have an effect here.
> > Would you be able to compile dnsmasq from source and check if this
> > behavior you observed can be triggered by going to 4d85e40 and then back
> > to its parent (2bd02d2)?
> 
> Yeah, thanks, I bisected just now and it is this change:
> laney@groovy-vm:~/temp/dnsmasq$ git bisect log
> git bisect start
..
> # first bad commit: [4d85e409cd2f4b0935d6ac5e8c72f6a151735d52] Change default 
> lease time for DHCPv6 to one day.
> 
> Good to know. Actually, I suppose that means in my pasted output I left 
> out the real bug, which is:
> 
> inet6 fd42:d287:488a:d7e8:216:3eff:fecb:d41b/64 scope global mngtmpaddr 
> noprefixroute
>valid_lft forever preferred_lft forever
> 
> The lifetimes are *forever* now, but the intention of that commit is 
> that they were supposed to be one day (86400 seconds). I think maybe the 
> intention of the commit was this (attached)?
> 
> Cheers,
> Iain Lane  [ i...@orangesquash.org.uk ]

> From c1183528816f5d9d61a12c05ceeda5975f422b32 Mon Sep 17 00:00:00 2001
> From: Iain Lane 
> Date: Mon, 7 Sep 2020 10:20:02 +0100
> Subject: [PATCH] Make sure valid and preferred lifetimes always get set
> 
> In 4d85e409cd2f4b0935d6ac5e8c72f6a151735d52 we skipped setting the floor
> time if we were using the default RA interval. The commit was a bit too
> broad; it also caused the valid and preferred lifetimes to be skipped
> too, meaning that they were set to infinite.
> 
> Adjust the check, so that we only apply the "are we using the default?"
> check when calculating the floor; but still set up the `time` variable
> because that is used later on as a ceiling for valid_lft and
> preferred_lft.
> ---
>  src/radv.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/src/radv.c b/src/radv.c
> index 41df852..78edaab 100644
> --- a/src/radv.c
> +++ b/src/radv.c
> @@ -629,11 +629,11 @@ static int add_prefixes(struct in6_addr *local,  int 
> prefix,
>   /* find floor time, don't reduce below 3 * RA interval.
>  If the lease time has been left as default, don't
>  use that as a floor. */
> - if ((context->flags & CONTEXT_SETLEASE) &&
> - time > context->lease_time)
> + if (time > context->lease_time)
> {
>   time = context->lease_time;
> - if (time < ((unsigned int)(3 * param->adv_interval)))
   ^
   three

> + if ((context->flags & CONTEXT_SETLEASE) &&
> + time < ((unsigned int)(2 * param->adv_interval)))
   ^
   two

> time = 3 * param->adv_interval;
 ^
 three

> }
>  

I might understand the re-location of  CONTEXT_SETLEASE

I don't understand  the change from '3 * param->adv_interval'
to '2 * param->adv_interval'.


And my actual message:   the patch has been seen ...



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Using dhcp-hosts for static entries

2020-08-22 Thread Geert Stappers


New attempt


On Sat, Aug 22, 2020 at 03:42:37PM +0200, Geert Stappers wrote:
> On Sat, Aug 22, 2020 at 02:38:40PM +0200, Olivier wrote:
> > Hello,
> > 
> > I've discovered dhcp-hostsfile option.
> > 
> > Is it possible to use this file as an alternative way to define static DNS
> > entries as you would with an /etc/hosts file (and as updating with a simple
> > SIGUP seems be convenient to me) ?
> > 
> > If I'm correctly understanding man page (see [1]), it should be possible
> > with a line like
> > "--dhcp-host=lap,192.168.0.199" which "allocate the machine lap the IP 
> > address 192.168.0.199".
> 
> See [2]
> 
>  "--dhcp-host=192.168.0.199,lap" which "allocate the machine lap the IP 
> address 192.168.0.199".

   "--dhcp-host=identification,192.168.0.199,lap"

When identified, assign address 192.168.0.199 to it,  add 'lap' as
hostname into DNS part of dnsmasq. Device should take 'lap' as hostname.


> > In this exact contact, what does "lap" stands for given dhcp-host syntax
> > (see [2]) ? Is it an hostname ? An id ? A tag ?
> 
> Hostname.  id is prefix with "id:",  tag is prefix with "tag:"
> 
>  
> > May I add that with Debian Buster's 2.80, both lines bellow failed:
> > foo,1.2.3.4
> > 1.2.3.4,bar
> 
> More likely that "failed" means this time 
>   what is configured was not the complete configuration
> 
>  
> 
> 
> Groeten
> Geert Stappers
> 
> [1] http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
> [2] -G, 
> --dhcp-host=[][,id:|*][,set:][tag:][,][,][,][,ignore]


Choose "identification" from "" or "id:"




Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Using dhcp-hosts for static entries

2020-08-22 Thread Geert Stappers
On Sat, Aug 22, 2020 at 02:38:40PM +0200, Olivier wrote:
> Hello,
> 
> I've discovered dhcp-hostsfile option.
> 
> Is it possible to use this file as an alternative way to define static DNS
> entries as you would with an /etc/hosts file (and as updating with a simple
> SIGUP seems be convenient to me) ?
> 
> If I'm correctly understanding man page (see [1]), it should be possible
> with a line like
> "--dhcp-host=lap,192.168.0.199" which "allocate the machine lap the IP 
> address 192.168.0.199".

See [2]

 "--dhcp-host=192.168.0.199,lap" which "allocate the machine lap the IP address 
192.168.0.199".



> In this exact contact, what does "lap" stands for given dhcp-host syntax
> (see [2]) ? Is it an hostname ? An id ? A tag ?

Hostname.  id is prefix with "id:",  tag is prefix with "tag:"

 
> May I add that with Debian Buster's 2.80, both lines bellow failed:
> foo,1.2.3.4
> 1.2.3.4,bar

More likely that "failed" means this time 
  what is configured was not the complete configuration

 


Groeten
Geert Stappers

[1] http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
[2] -G, 
--dhcp-host=[][,id:|*][,set:][tag:][,][,][,][,ignore]
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] How to return a DHCP Option value which repeats DHCP Client MAC address ?

2020-08-19 Thread Geert Stappers
On Wed, Aug 19, 2020 at 12:22:37PM +0200, Olivier wrote:
> Hello,
> 
> For some class of devices, I would like to return a DHCP Option value which
> repeats requester's MAC address (with case sensitivity control options).
> 
> dhcp-vendorclass=foo,"Foo"
> dhcp-option=vendor:foo,43,"http://1.2.3.4/foo_.cfg"
> 
> dhcp-vendorclass=bar,"Bar"
> dhcp-option=vendor:foo,43,"http://5.6.7.8/bar_.cfg"
> 
> For instance, if device of Foo class has 0123456789ab MAC, I would like to
> get an option 43 set with "http://1.2.3.4/foo_0123456789AB.cfg;.
> If this device if of Bar class, I would like it to get 
> "http://5.6.7.8/bar_0123456789ab.cfg;.
> 
> Please, note that:
> - the MAC address must not include any separator,
> - as such, striping leading 0 must be avoided (returning bar_123456789ab 
> instead of bar_0123456789ab).
> 
} What it possible with dnsmasq 2.80 ?

AIUI is the question if there is something that does expanding '${MAC_ADDRESS}'


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] how to configure two dnsmasq machines with only one for tftp

2020-08-13 Thread Geert Stappers
On Wed, Aug 12, 2020 at 10:37:39PM +0200, Jelle de Jong wrote:
> Hello everybody,

   :-)

 
> I got an setup and want to keep this clean and automatically configurable.

Check

 
> I have a firewall with dnsmasq that runs dns and dhcp.

Check

 
> I have a pxelinux server that I want to run dnsmasq on for tftp only.

There you lost me.  To me is "pxelinux server" that listens on port 67 (bootps)
port 4011 (proxydhcp) and 69 (tftp). Dnsmasq can listen on port 67 and
69, but I not sure about port 4011  and it might that PXE client these days
don't need an answer for port 4011.  In other words "more that only TFTP"


> I want the firewall to proxy the tftp to the pxelinux server...
> 
> Can somebody give me an example:
> 
> this is an section from my all in one test machine that I want to split into
> two dnsmasq machines:
> 
> dhcp-authoritative
> dhcp-match=set:efi-x86_64,option:client-arch,7
> dhcp-match=set:efi-x86_64,option:client-arch,9
> dhcp-match=set:efi-x86,option:client-arch,6
> dhcp-match=set:bios,option:client-arch,0
> dhcp-boot=tag:efi-x86_64,"efi64/syslinux.efi"
> dhcp-boot=tag:efi-x86,"efi32/syslinux.efi"
> dhcp-boot=tag:bios,"bios/lpxelinux.0"
> enable-tftp
> tftp-root=/srv/tftp/
> tftp-secure
> tftp-mtu=1332
 

To me too many possiblities to split.
My advice: Just go for it
(most likely you alread did  ;-)



Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] No more random source port if "--enable-dbus" is used and NM plugin

2020-08-08 Thread Geert Stappers
On Fri, Aug 07, 2020 at 08:51:07PM +0200, Geert Stappers wrote:
> On Fri, Aug 07, 2020 at 07:09:52PM +0300, Michael Aramanovich wrote:
> > (continuation of
> > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q1/011315.html
> > )
> > 
> > Hello
> > back in 2017 there was already an attempt to solve this , but it led to
> > nothing, unfortunately.
> > 
> > However, the problem is still easily reproducible on Centos 7, Centos 8,
> > with dnsmasq 2.76 / 2.79  (and the most recent ones as well).
> 
> Acknowlegde on the "and the most recent ones as well"
> 
> 
> > How to reproduce:
> > - configure NetworkManager and enable dnsmasq plugin: in
> > /etc/NetworkManager/NetworkManager.conf, add:
> > 
> > # This enabled the dnsmasq plugin.
> > [main]
> > dns=dnsmasq
> > 
> > - restart NetworkManager. After that, the dnsmasq process will appear with
> > the following options:
> > 
> > /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts
> > --bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid
> > --listen-address=127.0.0.1 --cache-size=400 --clear-on-reload
> > --conf-file=/dev/null --proxy-dnssec
> > --enable-dbus=org.freedesktop.NetworkManager.dnsmasq
> > --conf-dir=/etc/NetworkManager/dnsmasq.d
> > 
> > Since then, every request to the upstream DNS server will be sent by
> > dnsmasq with the SAME local source port.  Moreover, setting or changing any
> > of the options - --query-port, --min-port, --max-port does not make any
> > sense and these options are definitely ignored by dnsmasq if it runs with
> > the "--enable-dbus" option.
> > 
> > As a result, all the DNS requests are coming with the same udp source port
> > , which violates RFC 5452 p.4.5 ;at some point this "session" is
> > blocked by Juniper with DNS algo enabled.
> 
> Oops

Now the URLs

 https://tools.ietf.org/html/rfc5452#section-4.5

 
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-dns-algs.html


> > Please advise if this is a dnsmasq bug, or there are any other
> > configuration options (either in dnsmasq or NetworkManager) to avoid this
> > and force dnsmasq to use a random UDP source port for upstream queries.
> 
> IIUC is is it the combo of Juniper with "DNS algo", Network Manager
> and dnsmasq. 
> 
> Reproducing the issue without NM will help to fingerpoint to dnsmasq ...
> 
>  
> > Regards
> > Michael

Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] No more random source port if "--enable-dbus" is used and NM plugin

2020-08-07 Thread Geert Stappers
On Fri, Aug 07, 2020 at 07:09:52PM +0300, Michael Aramanovich wrote:
> (continuation of
> http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q1/011315.html
> )
> 
> Hello
> back in 2017 there was already an attempt to solve this , but it led to
> nothing, unfortunately.
> 
> However, the problem is still easily reproducible on Centos 7, Centos 8,
> with dnsmasq 2.76 / 2.79  (and the most recent ones as well).

Acknowlegde on the "and the most recent ones as well"


> How to reproduce:
> - configure NetworkManager and enable dnsmasq plugin: in
> /etc/NetworkManager/NetworkManager.conf, add:
> 
> # This enabled the dnsmasq plugin.
> [main]
> dns=dnsmasq
> 
> - restart NetworkManager. After that, the dnsmasq process will appear with
> the following options:
> 
> /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts
> --bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid
> --listen-address=127.0.0.1 --cache-size=400 --clear-on-reload
> --conf-file=/dev/null --proxy-dnssec
> --enable-dbus=org.freedesktop.NetworkManager.dnsmasq
> --conf-dir=/etc/NetworkManager/dnsmasq.d
> 
> Since then, every request to the upstream DNS server will be sent by
> dnsmasq with the SAME local source port.  Moreover, setting or changing any
> of the options - --query-port, --min-port, --max-port does not make any
> sense and these options are definitely ignored by dnsmasq if it runs with
> the "--enable-dbus" option.
> 
> As a result, all the DNS requests are coming with the same udp source port
> , which violates RFC 5452 p.4.5 ;at some point this "session" is
> blocked by Juniper with DNS algo enabled.

Oops
 
> Please advise if this is a dnsmasq bug, or there are any other
> configuration options (either in dnsmasq or NetworkManager) to avoid this
> and force dnsmasq to use a random UDP source port for upstream queries.

IIUC is is it the combo of Juniper with "DNS algo", Network Manager
and dnsmasq. 

Reproducing the issue without NM will help to fingerpoint to dnsmasq ...

 
> Regards
> Michael

Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Setting multiple tags configuration syntax

2020-08-04 Thread Geert Stappers
On Tue, Aug 04, 2020 at 04:09:48PM +0200, kvaps wrote:
> On Tue, Aug 4, 2020 at 1:36 PM Geert Stappers  wrote:
> > On Tue, Aug 04, 2020, kvaps wrote:
> } } I'm trying to start dnsmasq with the following option
> } }   
> --dhcp-host="02:00:ac:10:00:0a,id:*,set:foo,set:bar,set:baz,172.16.0.10,node1,infinite
> > manual page says
> >   
> > --dhcp-host=[][,id:|*][,set:][tag:][,][,][,][,ignore]
> > 
> > Please try
> > } 
> > --dhcp-host="02:00:ac:10:00:0a,id:*,set:foo:bar:baz,172.16.0.10,node1,infinite
> > and report back.
> >
> 
> No, this format is not working,

Acknowledge


> I also found:
> 
> | The set: construct sets the tag whenever this --dhcp-host
> | directive is in use. This can be used to selectively send DHCP options
> | just for this host. More than one tag can be set in a --dhcp-host
> | directive (but not in other places where "set:" is allowed).
> 
> Unfortunately this is not working for me :-/

Thing I can do for you now, have I done:  Subject line "improved"


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Setting multiple tags, syntax & limit

2020-08-04 Thread Geert Stappers
On Tue, Aug 04, 2020 at 04:41:45PM +0200, kvaps wrote:
> On Tue, Aug 4, 2020 at 4:09 PM kvaps  wrote:
> > On Tue, Aug 4, 2020 at 1:36 PM Geert Stappers  wrote:
> > > Please try
> > > } 
> > > --dhcp-host="02:00:ac:10:00:0a,id:*,set:foo:bar:baz,172.16.0.10,node1,infinite
> > > and report back.
> > >
> >
> > No, this format is not working, I also found:
> >
> > | The set: construct sets the tag whenever this --dhcp-host
> > | directive is in use. This can be used to selectively send DHCP
> > | options just for this host. More than one tag can be set in a
> > | --dhcp-host directive (but not in other places where "set:"
> > | is allowed).
> >
> > Unfortunately this is not working for me :-/
> >
> 
> Ok I found out that only 5 options are allowed before hostname
> specified (no more), it can be any option: hwaddr, id:client_id,
> set:tag or ipaddr but only the total amount of options should not
> exceed 5 (or 6 if hostname non-specified)
> 
> examples:
> 
> 5 options
> -
> no hostname (works):
> --dhcp-host=02:00:ac:10:00:11,set:foo,set:bar,set:baz,172.16.0.10,infinite
> 
> with hostname (works):
> 
> --dhcp-host=02:00:ac:10:00:11,set:foo,set:bar,set:baz,172.16.0.10,node1,infinite
> 
> 
> 6 options
> -
> no hostname (works)
> 
> --dhcp-host=02:00:ac:10:00:11,set:foo,set:bar,set:baz,set:poo,172.16.0.10,infinite
> 
> with hostname (error: bad DHCP host name)
> 
> --dhcp-host=02:00:ac:10:00:11,set:foo,set:bar,set:baz,set:poo,172.16.0.10,node1,infinite
> 
> 7 options
> -
> no hostname (option ignored)
> 
> --dhcp-host=02:00:ac:10:00:11,set:foo,set:bar,set:baz,set:poo,set:mee,172.16.0.10,infinite
> 
> with hostname (option ignored)
> 
> --dhcp-host=02:00:ac:10:00:11,set:foo,set:bar,set:baz,set:poo,set:mee,172.16.0.10,node1,infinite
> 

Thanks for the feedback.



Regards
Geert Stappers
CC to myself as reminder on patch of manual page
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Setting multiple tags

2020-08-04 Thread Geert Stappers
On Tue, Aug 04, 2020 at 08:55:34AM -0400, wkitt...@gmail.com wrote:
> On 8/4/20 7:15 AM, Geert Stappers wrote:
> > Please try
> > } 
> > --dhcp-host="02:00:ac:10:00:0a,id:*,set:foo:bar:baz,172.16.0.10,node1,infinite
> > and report back.
> 
> if this is the correct format, shouldn't the related example command line 
> example be
> 
>   [,set:[::]]
> 
> or similar?
> 

Indeed.



Geert Stappers
Looking forward to the feedback report
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Setting multiple tags

2020-08-04 Thread Geert Stappers
On Tue, Aug 04, 2020 at 12:12:10PM +0200, kvaps wrote:
> Hi!
> Does dnsmasq support setting multiple tags for the dhcp clients?
> 
> I'm trying to start dnsmasq with the following option
> 
> 
> --dhcp-host="02:00:ac:10:00:0a,id:*,set:foo,set:bar,set:baz,172.16.0.10,node1,infinite
> 
> but it responds:
> 
> dnsmasq: bad command line options: bad DHCP host name
> 

The manaul page says

  
--dhcp-host=[][,id:|*][,set:][tag:][,][,][,][,ignore]


and the interesting part
   [,set:]

not
   [,set:[,set:]]


Please try
} 
--dhcp-host="02:00:ac:10:00:0a,id:*,set:foo:bar:baz,172.16.0.10,node1,infinite
and report back.



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Mac Darwin confusion

2020-08-04 Thread Geert Stappers
On Tue, Aug 04, 2020 at 08:18:24AM +0700, Bernd Prager wrote:
> On 8/4/20 3:36 AM, Andrew Miskell wrote:
> > On Aug 3, 2020, at 3:06 PM, Geert Stappers  wrote:
> > > On Mon, Aug 03, 2020 at 07:04:47PM +0200, No Yes No Questions wrote:
> > > > On Mon, Aug 03, 2020 at 10:44:07PM +0700, Bernd Prager wrote:
> > > > > Hi all,
> > > > > 
> > > > > I got something I can't wrap my head around. I have a QNAP NAS that I
> > > > > thought would be nice for hosting a DNSMASQ service for DNS and DHCP. 
> > > > > Setup
> > > > > went smooth and all my Linux clients behave wonderfully, except my Mac
> > > > > client:
> > > > > 
> > > > > Querying a host from Linux goes perfect:
> > > > > 
> > > > > -=[22:29:35][bernd@hoenir ~]=- dig @qnap freyja
> > > > > 
> > > > > ;; QUESTION SECTION:
> > > > > ;freyja.IN  A
> > > > > 
> > > > > ;; ANSWER SECTION:
> > > > > freyja. 0   IN  A 192.168.1.7
> > > > > 
> > > > > ;; Query time: 0 msec
> > > > > ;; SERVER: 192.168.1.5#53(192.168.1.5)
> > > > .5
> > > > 
> > > > 
> > > > > -=[22:29:37][bernd@hoenir ~]=-
> > > > >   ping -c 1 freyja
> > > > > PING freyja.prager.homeip.net (192.168.1.7) 56(84) bytes of data.
> > > > > 64 bytes from freyja.prager.homeip.net (192.168.1.7): icmp_seq=1 
> > > > > ttl=64
> > > > > time=131 ms
> > > > > 
> > > > > --- freyja.prager.homeip.net ping statistics ---
> > > > > 1 packets transmitted, 1 received, 0% packet loss, time 0ms
> > > > > rtt min/avg/max/mdev = 131.374/131.374/131.374/0.000 ms
> > > > > 
> > > > > Now the same query from my Mac sees the host but still can't connect 
> > > > > to it:
> > > > > 
> > > > > [bernd@loki ~$ dig @qnap freyja
> > > > > 
> > > > > ;; QUESTION SECTION:
> > > > > ;freyja.INA
> > > > > 
> > > > > ;; ANSWER SECTION:
> > > > > freyja.0INA192.168.1.7
> > > > > 
> > > > > ;; Query time: 7 msec
> > > > > ;; SERVER: 192.168.1.5#53(192.168.1.5)
> > > > The same .5
> > > > 
> > > > > [bernd@loki ~$ ping -c 1 freyja
> > > > > ping: cannot resolve freyja: Unknown host
> > > > > 
> > > > > Does anybody have an idea what I am missing?
> > > > Yes
> > > > 
> > > DNS query tool `dig` at the Linux system does add domain name to the 
> > > request.
> > > 
> > > `dig` at the MacOS system doesn't add a domain name, which is correct 
> > > behaviour.
> > > 
> > > 
> > > For `ping` is it OK to add a domainname. It seems the Mac is not aware
> > > of domain name.
> > > 
> > > Find a way to tell the Mac about the .prager.homeip.net domain name.
> > > 
> > macOS will know about the domain if it’s told by the DNS server via DHCP.
> > 
> > However, macOS will cache information and sometimes will need a
> > forced reset to pick things up. Using "dscacheutil -flushcache;sudo
> > killall -HUP mDNSResponder” should reset the DNS cache on macOS.
> > 
> > 
> 
> 
> Thank you all for your kind help. I wanted to give the list a quick update:
> 
> While I have not resolved the issue yet, despite trying all the suggestions
> above (except Geert's ".5" comment which I need to do some research on what
> that actually means),

> > > > > ;; SERVER: 192.168.1.5#53(192.168.1.5)
> > > > .5

> > > > > ;; SERVER: 192.168.1.5#53(192.168.1.5)
> > > > The same .5

The last octet of the IPv4 address.


> I have nailed the likely culprit to the NordVPN I have
> running with my particular user. Pinging my other Intranet-Hosts from any
> other user on my Mac without the VPN running actually works. It seems that
> the VPN does something to my network configuration that its not telling me.
> The Mac DNS utility still claims to point to my DNSMASQ instance.
> 
> By the way, pinging my internal host with a full domain name
> freyja.prager.homeip.net resolves to my DynDNS external network IP address.


Nice, please explore it further, you learn a lot from it.



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Mac Darwin confusion

2020-08-03 Thread Geert Stappers
On Mon, Aug 03, 2020 at 07:04:47PM +0200, No Yes No Questions wrote:
> On Mon, Aug 03, 2020 at 10:44:07PM +0700, Bernd Prager wrote:
> > Hi all,
> > 
> > I got something I can't wrap my head around. I have a QNAP NAS that I
> > thought would be nice for hosting a DNSMASQ service for DNS and DHCP. Setup
> > went smooth and all my Linux clients behave wonderfully, except my Mac
> > client:
> > 
> > Querying a host from Linux goes perfect:
> > 
> > -=[22:29:35][bernd@hoenir ~]=-
> >  dig @qnap freyja
> > 
> > ; <<>> DiG 9.11.3-1ubuntu1.12-Ubuntu <<>> @qnap freyja
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24213
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> > 
> > ;; QUESTION SECTION:
> > ;freyja.    IN  A
> > 
> > ;; ANSWER SECTION:
> > freyja. 0   IN  A 192.168.1.7
> > 
> > ;; Query time: 0 msec
> > ;; SERVER: 192.168.1.5#53(192.168.1.5)
> 
> .5
> 
> 
> > ;; WHEN: Mon Aug 03 22:29:37 +07 2020
> > ;; MSG SIZE  rcvd: 51
> > 
> > -=[22:29:37][bernd@hoenir ~]=-
> >  ping -c 1 freyja
> > PING freyja.prager.homeip.net (192.168.1.7) 56(84) bytes of data.
> > 64 bytes from freyja.prager.homeip.net (192.168.1.7): icmp_seq=1 ttl=64
> > time=131 ms
> > 
> > --- freyja.prager.homeip.net ping statistics ---
> > 1 packets transmitted, 1 received, 0% packet loss, time 0ms
> > rtt min/avg/max/mdev = 131.374/131.374/131.374/0.000 ms
> > 
> > Now the same query from my Mac sees the host but still can't connect to it:
> > 
> > [bernd@loki ~$ dig @qnap freyja
> > 
> > ; <<>> DiG 9.10.6 <<>> @qnap freyja
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54217
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> > 
> > ;; QUESTION SECTION:
> > ;freyja.                IN    A
> > 
> > ;; ANSWER SECTION:
> > freyja.            0    IN    A    192.168.1.7
> > 
> > ;; Query time: 7 msec
> > ;; SERVER: 192.168.1.5#53(192.168.1.5)
> 
> The same .5
> 
> 
> > ;; WHEN: Mon Aug 03 22:29:25 +07 2020
> > ;; MSG SIZE  rcvd: 51
> > 
> > [bernd@loki ~$ ping -c 1 freyja
> > ping: cannot resolve freyja: Unknown host
> > 
> > Does anybody have an idea what I am missing?
> 
> Yes
> 

DNS query tool `dig` at the Linux system does add domain name to the request.

`dig` at the MacOS system doesn't add a domain name, which is correct behaviour.


For `ping` is it OK to add a domainname. It seems the Mac is not aware
of domain name.

Find a way to tell the Mac about the .prager.homeip.net domain name.


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] multiple upstream servers

2020-07-30 Thread Geert Stappers
On Thu, Jul 30, 2020 at 02:20:42PM +, Horn Bucking wrote:
> 
> On 7/30/20, wkitt...@gmail.com wrote:
> 
> > On 7/29/20 7:59 PM, Dan Schaper wrote:
> > > You've told dnsmasq to send a lease with option 6 (DNS) set to
> > > 10.88.13.3. Where dnsmasq forwards the queries to is not relevant to
> > > your issue, you only have one upstream server configured.
> > 
> > are you saying that this
> > 
> > > > dhcp-option=tag:red,option:dns-server,10.88.13.3
> > > > dhcp-option=tag:green,option:dns-server,10.88.13.4
> > 
> > is not defining two upstream servers?
> If you'd expect dnsmasq's DNS server to switch its upstream DNS based on
> those options, that expectation would be entirely unjustified:
> Those lines configure DHCP, not DNS.
> 
> That first line instructs the DHCP server to hand out 10.88.13.3 as DNS
> server when a red DHCP client is requesting that DHCP information, e.g.
> during initial DHCP lease negotiation - likewise the second with 10.88.13.4
> for green clients.
> A client will then send its DNS queries to that respective DNS server.
> 
> S Irlapati, you did force your client to request a new DHCP lease to put
> those options into effect, didn't you?


Original Poster:  How can we, this mailinglist, make you less shy?


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Incorrect response for DNAME'd records in dnsmasq 2.80+

2020-07-29 Thread Geert Stappers
On Wed, Jul 29, 2020 at 11:23:17AM -0700, James Brown wrote:
> I'm upgrading some test nodes in my employer's cluster from 2.78 to 2.82
> and handling of DNAMEs in the new version seems different (and wrong).
> 
> The setup:
> 
> local.mycompany.net is a DNAME to local-.mycompany.net, with
> authoritative resolvers in each datacenter serving a different DNAME record
> prod.mycompany.net is an unrelated domain
> 
> /etc/resolv.conf contains the line
> 
> search local.mycompany.net prod.mycompany.net
> 
> Imagine searching for the bare-word "foo", which is defined in
> prod.mycompany.net but nowhere else.
> 
> Under dnsmasq 2.78, querying for the bare name "foo" using the system
> resolver will correctly first attempt to query for "foo.local.mycompany.net",
> get back a DNAME to foo.local-dcname.mycompany.net, then get an empty
> response with the NXDOMAIN code; that will fail, and glibc will then query "
> foo.prod.mycompany.net", which is the correct record.
> 
> Under dnsmasq 2.82, querying for the bare name "foo" using the system
> resolver will correctly first attempt to query for "foo.local.mycompany.net",
> get back a DNAME to foo.local-dcname.mycompany.net, gets back an empty
> response with the NOERROR code. This causes the system resolver to stop
> trying new search domains. This behavior seems to be dependent on caching;
> the first request correctly returns NXDOMAIN but subsequent requests return
> NOERROR. There's actually something more confusing to it than this; if the
> first request is for A, then subsequent  requests return NOERROR but
> subsequent A requests return NXDOMAIN. Some kind of weird cache poisoning
> between record types?
> 
> I bisected this in git and this behavioral change was introduced in
> commit b6f926fbefcd2471699599e44f32b8d25b87b471.

$ git log b6f926fbe...b6f926fbe^1
commit b6f926fbefcd2471699599e44f32b8d25b87b471
Author: Simon Kelley 
Date:   Tue Aug 21 17:46:52 2018 +0100

Don't return NXDOMAIN to empty non-terminals.

When a record is defined locally, eg an A record for one.two.example then
we already know that if we forward, eg an  query for one.two.example,
and get back NXDOMAIN, then we need to alter that to NODATA. This is handled
by  check_for_local_domain(). But, if we forward two.example, because
one.two.example exists, then the answer to two.example should also be
a NODATA.

For most local records this is easy, just to substring matching.
for A,  and CNAME records that are in the cache, it's more difficult.
The cache has no efficient way to find such records. The fix is to
insert empty (none of F_IPV4, F_IPV6 F_CNAME set) records for each
non-terminal.

The same considerations apply in auth mode, and the same basic mechanism
is used there too.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Tag requests for a DHCP address from devices using a Locally Administered MAC address

2020-07-26 Thread Geert Stappers
On Sun, Jul 26, 2020 at 12:37:32PM -0700, d...@lutean.com wrote:
> From: Vladislav Grishenko Sent: July 26, 2020 8:04 AM
> > From: Pali Rohar Sent: Sunday, July 26, 2020 7:20 PM
> > On Sunday 26 July 2020 15:35:24 Geert Stappers wrote:
> > > On Sun, Jul 26, 2020 at 06:07:52AM -0700, d...@lutean.com wrote:
> > > > On Sunday 26 July 2020 Geert Stappers wrote:
> > > > > On Sun, Jul 26, 2020, d...@lutean.com wrote:
> > > > > > 
> > > > > > > In my testing these devices use a MAC address with the LAA bit 
> > > > > > > set (2nd least significant bit of the first byte of the MAC). It 
> > > > > > > restricts this to host addresses (least significant bit is set to 
> > > > > > > 0).
> > > > > > 
> > > > > > Speaks about two bits
> > > > > > 
> > > > > > 
> > > > > > > This patch detects MAC addresses with this bit set and tags the 
> > > > > > > request with the tag "laa-address". This would allow other rules 
> > > > > > > to decide what to do with these requests (such as ignoring them).
> > > > > > 
> > > > > > Speaks about one bit
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > Speaking about bits, see 
> > > > > > https://en.wikipedia.org/wiki/MAC_address#/media/File:MAC-48_Address.svg
> > > > > > for the "exploded view"
> > > > > > 
> > > > > 
> > > > > https://en.wikipedia.org/wiki/MAC_address#Unicast_vs._multicast
> > > > > 
> > > > > The reason two bits are tested is because:
> > > > > - one bit is the UAA / LAA bit
> > > > > - one bit is the unicast / multicast bit
> > > > > 
> > > > > so this patch wouldn't tag LAA multicast MAC addresses should those 
> > > > > happen to be in use somewhere.
> > > > > 
> > > > > So specifically a device with an LAA unicast MAC address would get a 
> > > > > tag. This requires testing two bits.
> > > > > 
> > > > 
> > > > OK, thanks for elaborating
> > > 
> > > I think that big misunderstanding comes from commit message which says
> > > that one bit (LAA) is tested, but in patch itself are tested two bits.
> > > 
> > > I guess that fixing commit message to properly describe that testing
> > > both bits (and which) are needed should be enough.
> > > 
> > > Anyway, I'm not sure if 'laa-address' is correct name if it is not
> > > set for every laa-address, but only for unicast laa-address.
> > > 
> > 
> > LAA stands for locally-administrated address itself, so from my opinion 
> > "laa-address" is a bit tautologic.
> > Let's use just "laa", also it ~fits already used one word tags:
> > "bootp"
> > "cpewan-id"
> > "dhcpv6"
> > "known"
> > "known-othernet"
> > 
> > 
> How about this. A device showing up with an LAA gets tagged
> twice. Always with an "laa" tag, but also with one of "laa-unicast"
> or "laa-multicast".
> 
> If someone wanted to block devices, it would be easy with
> 
> # Block all LAA-presenting devices
> dhcp-ignore=tag:laa
> 
> # Block unicast LAA-presenting devices
> dhcp-ignore=tag:laa-unicast
> 
> diff --git a/src/rfc2131.c b/src/rfc2131.c
> index fc54aab..b9da511 100644
> --- a/src/rfc2131.c
> +++ b/src/rfc2131.c
> @@ -93,7 +93,7 @@ size_t dhcp_reply(struct dhcp_context *context, char 
> *iface_name, int int_index,
>unsigned char *agent_id = NULL, *uuid = NULL;
>unsigned char *emac = NULL;
>int vendor_class_len = 0, emac_len = 0;
> -  struct dhcp_netid known_id, iface_id, cpewan_id;
> +  struct dhcp_netid known_id, iface_id, cpewan_id, laa_id, laa_cast_id;
>struct dhcp_opt *o;
>unsigned char pxe_uuid[17];
>unsigned char *oui = NULL, *serial = NULL;
> @@ -114,6 +114,32 @@ size_t dhcp_reply(struct dhcp_context *context, char 
> *iface_name, int int_index,
>if (mess->htype == 0 && mess->hlen != 0)
>  return 0;
>  
> +  /* Check if sender has a Locally-Administered ethernet Address and set a 
> tag if so. */
> +  if (mess->htype == ARPHRD_ETHER)
> +  {
> +/* Locally Administered Addresses (LAA) have the 2nd LSb of the first 
> address by

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-26 Thread Geert Stappers
On Sun, Jul 26, 2020 at 04:05:07PM +0200, Pali Rohár wrote:
> On Thursday 23 July 2020 13:11:36 Move On wrote:
> > On Thu, Jul 23, 2020 at 10:35:45AM +0200, Pali Rohár wrote:
> > >  ... retransmit ...
> > 
> > Provide PATCH v3  and see what happens
> 
> So, this is the only thing which needs to be fixed and after patch would be 
> merged?
> 

Which part of 'and see what happens' may I explain?  And for which consultancy 
fee?


Regards
Geert Stappers
Retransmitting "a blunt 'patch rejected' is way better than ignoring a patch"
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Tag requests for a DHCP address from devices using a Locally Administered MAC address

2020-07-26 Thread Geert Stappers
On Sun, Jul 26, 2020 at 06:07:52AM -0700, d...@lutean.com wrote:
> > > iOS 14  
> > 
> > CISCO provides an IOS, https://en.wikipedia.org/wiki/Cisco_IOS
> > My second guess on IOS is an Apple Computer Inc product.
> > 
> > 
> > > will by default use randomized, private MAC addresses.
> > 
> > Yeah right, let's sell a depleted MAC address pool
> > as a privacy improvement ... 
> > 
> 
> It is an upcoming feature of Apple products that will be on
> by default: https://support.apple.com/en-ca/HT211227
> 
> It is already available through the public beta.
> 
> So Apple devices as of October or sooner will be
> changing their MAC addresses by default
> 
> > 
> > > In my testing these devices use a MAC address with the LAA bit set 
> > > (2nd least significant bit of the first byte of the MAC). It restricts
> > > this to host addresses (least significant bit is set to 0). 
> > 
> > Speaks about two bits
> > 
> > 
> > > This patch detects MAC addresses with this bit set and tags the request 
> > > with
> > > the tag "laa-address". This would allow other rules to decide what to do
> > > with these requests (such as ignoring them).
> > 
> > Speaks about one bit 
> > 
> > 
> > 
> > Speaking about bits, see
> https://en.wikipedia.org/wiki/MAC_address#/media/File:MAC-48_Address.svg
> > for the "exploded view"
> > 
> 
> https://en.wikipedia.org/wiki/MAC_address#Unicast_vs._multicast
> 
> The reason two bits are tested is because:
> - one bit is the UAA / LAA bit
> - one bit is the unicast / multicast bit
> 
> so this patch wouldn't tag LAA multicast MAC addresses should
> those happen to be in use somewhere.
> 
> So specifically a device with an LAA unicast MAC address
> would get a tag. This requires testing two bits.
> 

OK, thanks for elaborating


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Tag requests for a DHCP address from devices using a Locally Administered MAC address

2020-07-26 Thread Geert Stappers
On Sat, Jul 25, 2020 at 09:01:51AM -0700, d...@lutean.com wrote:
> iOS 14 

CISCO provides an IOS, https://en.wikipedia.org/wiki/Cisco_IOS
My second guess on IOS is an Apple Computer Inc product.


> will by default use randomized, private MAC addresses.

Yeah right, let's sell a depleted MAC address pool
as a privacy improvement ...


> In my testing these devices use a MAC address with the LAA bit set
> (2nd least significant bit of the first byte of the MAC). It restricts
> this to host addresses (least significant bit is set to 0).

Speaks about two bits


> This patch detects MAC addresses with this bit set and tags the request with
> the tag "laa-address". This would allow other rules to decide what to do
> with these requests (such as ignoring them).

Speaks about one bit



Speaking about bits, see 
https://en.wikipedia.org/wiki/MAC_address#/media/File:MAC-48_Address.svg
for the "exploded view"

 
> --- a/src/rfc2131.c
> +++ b/src/rfc2131.c
> @@ -93,7 +93,7 @@ size_t dhcp_reply(struct dhcp_context *context, char
> *iface_name, int int_index,
>unsigned char *agent_id = NULL, *uuid = NULL;
>unsigned char *emac = NULL;
>int vendor_class_len = 0, emac_len = 0;
> -  struct dhcp_netid known_id, iface_id, cpewan_id;
> +  struct dhcp_netid known_id, iface_id, cpewan_id, laa_id;
>struct dhcp_opt *o;
>unsigned char pxe_uuid[17];
>unsigned char *oui = NULL, *serial = NULL;
> @@ -114,6 +114,18 @@ size_t dhcp_reply(struct dhcp_context *context, char
> *iface_name, int int_index,
>if (mess->htype == 0 && mess->hlen != 0)
>  return 0;
>  
> +  /* Check if sender has a locally-administered ethernet address and set a 
> tag if so. */
> +  if (mess->htype == ARPHRD_ETHER)
> +  {
> +/* LAA host addresses have the the LSbs of the first address byte set to 
> b'10' */
> +if ((mess->chaddr[0] & 3) == 2)
> +{
> +  laa_id.net = "laa-address";
> +  laa_id.next = netid;
> +  netid = _id;
> +}
> +  }
> +
>/* check for DHCP rather than BOOTP */
>if ((opt = option_find(mess, sz, OPTION_MESSAGE_TYPE, 1)))
>  {
> 

Main problem I have with the patch is that it checks on two bits
and uses the name of one bit.


Patch reviewed and rejected by me.


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] AA bit on auth-zone

2020-07-23 Thread Geert Stappers
On Thu, Jul 23, 2020 at 11:17:00AM -0600, Bryce Larson wrote:
> On Thu, Jul 23, 2020 at 10:59 AM Geert Stappers wrote:
> > On Thu, Jul 23, 2020 at 10:06:31AM -0600, Bryce Larson wrote:
> > > I've been using dnsmasq as an authoritative server for my lan under a
> > > subdomain of my regular domain.  So something like lan.example.com is the
> > > internal only zone, where lan.example.com is delegated from example.com
> > > which is available to the public internet.  I have dnssec on example.com ,
> > > but obviously not on lan.example.com since dnsmasq doesn't automatically
> > > create dnssec records.
> > >
> > > When resolving those with systemd-resolved, It shows servfail.
> > >
> > > I used https://dnsviz.net to check what was up and it said the problem was
> > > that the AA bit wasn't getting set in the responses.
> > >
> > > my relevant config is something like
> > >
> > > domain=lan.example.com
> > > auth-server=int-ns1.example.com # this is the dnsmasq server
> > > auth-zone=lan.example.com
> > >
> > > Am I doing something wrong?  It seems like a bug to not have dnsmasq add
> > > the AA bit to responses that are part of an auth-zone.
> >
> > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q3/014200.html
> > isn't yet confirmed.
> >
> 
> How do I get it confirmed?

> Is there a bug tracker I can vote on or something like that?
> What's the process to getting this noticed/fixed/confirmed?

https://grafana.com/blog/2020/04/16/community-series-on-asking-good-questions/


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] AA bit on auth-zone

2020-07-23 Thread Geert Stappers
On Thu, Jul 23, 2020 at 10:06:31AM -0600, Bryce Larson wrote:
> I've been using dnsmasq as an authoritative server for my lan under a
> subdomain of my regular domain.  So something like lan.example.com is the
> internal only zone, where lan.example.com is delegated from example.com
> which is available to the public internet.  I have dnssec on example.com,
> but obviously not on lan.example.com since dnsmasq doesn't automatically
> create dnssec records.
> 
> When resolving those with systemd-resolved, It shows servfail.
> 
> I used https://dnsviz.net to check what was up and it said the problem was
> that the AA bit wasn't getting set in the responses.
> 
> my relevant config is something like
> 
> domain=lan.example.com
> auth-server=int-ns1.example.com # this is the dnsmasq server
> auth-zone=lan.example.com
> 
> Am I doing something wrong?  It seems like a bug to not have dnsmasq add
> the AA bit to responses that are part of an auth-zone.

http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q3/014200.html
isn't yet confirmed.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Geert Stappers
On Thu, Jul 23, 2020 at 03:11:59PM +0200, Pali Rohár wrote:
> On Thursday 23 July 2020 12:43:03 Kevin 'ldir' Darbyshire-Bryant wrote:
> > On 23 Jul 2020, at 09:35, Pali Rohár  wrote:
> > > On Wednesday 22 July 2020 23:48:19 Petr Menšík wrote:
> > >> On 7/22/20 3:44 PM, Pali Rohár wrote:
> > >>> I do not see any benefit why to complicate things just because "IPv6
> > >>> addresses are many". I do not see nothing wrong on simple setup where
> > >>> device has one IPv6 address assigned by DHCPv6 server.
> > >> I think you are requesting breaking of DHCP definition RFCs. I see
> > >> nothing wrong with IPv6 assigned to MAC address. I think it is wrong, if
> > >> there are existing leases for the same address with different IAID.
> > > 
> > > The whole point of this patch is to make MAC --> IPv6 address assigning
> > > working. It means that IPv6 address must be leased to MAC address if
> > > assigning is based on MAC address and not on DUID/IAID.
> > > 
> > > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> > > must be assigned IPv6 address FD::1 then user would expect that host
> > > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.
> > 
> > 
> > If I may proffer this real life use case/scenario as found in my
> > very own home:
> > 
> > I have a couple of Qnap NAS boxes.  They speak legacy IP and IPv6.
> > These boxes sometimes offer services such as bittorrent to the
> > Internet. They live behind an Openwrt router/firewall, the very device
> > that runs dnsmasq offering DHCPv4/v6 leases.  For purposes of my own
> > sanity I lock the IPv4 address to the qnap devices MAC addresses,
> > thus I can enter unchanging and consistent entries in the firewall
> > for relevant hosts/ports.  I have an identical requirement for IPv6.
> > I need to be sure that these Qnap devices will land at a known,
> > consistent, effectively static IPv4/v6 address.
> > 
> > The IPv4 case is easily solved and supported.  The IPv6 case
> > (until recently..qnap changed something..and I don’t reboot as
> > much) was more challenging in that dnsmasq ignores the MAC address.
> > The DUID/IAID would change at different stages of the boot, leading
> > to dnsmasq thinking the address requested was being requested for
> > a new client as opposed to the same client simply rebooting.
> > 
> > There is a use case for locking/mapping IPv6 to MAC address whether
> > it violates RFCs or not.  For reasons of firewall pinholes I need
> > certain machines to land at certain addresses.  For ‘fun’ we
> > can discuss if this is a problem with/for upnp/natpnp
> 
> Hello Kevin! So you basically have similar/same feature request.
> 
> Could you test this dnsmasq patch if it helps with your setup?

That is does mean doing things you might never have done before.
Feel welcome to come with questions about it.


Regards
Geert Stappers
Who loves to see:  Yes, patch "foo" works for me.
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] TCP DNS requests fail with "communications error" / "end of file"

2020-07-20 Thread Geert Stappers
On Mon, Jul 20, 2020 at 02:11:17PM +0100, Jinn Ko wrote:
> Hi,
> 
> While using dnsmasq as embedded in the pi-hole project I came across an issue 
> with how TCP
> DNS requests are handled over Wireguard interfaces.
> 
> A ticket was raised in the FTL project 
> (https://github.com/pi-hole/FTL/issues/824) and the
> conclusion was that the issue is in dnsmasq.  It seems the logic of 
> determining the incoming
> interface fails and the connection is closed and reset before FTL can handle 
> it, which seems
> to put the issue in the dnsmasq codebase.
> 
> A key detail is that the Wireguard interface is configured with the same IP 
> as the default
> interface, but with a more specific subnet mask.  For example where eth0 has 
> the default
> route it may be configured with 10.3.2.1/24, while the Wireguard interface 
> would have the
> address 10.3.2.1/32.  Having a different IP on the two interfaces does not 
> cause any issues.
> 
> See the above linked FTL ticket for how we came to the conclusion, along with 
> PCAPs and
> custom logging output that was put in place to determine what is going wrong.
> 
> How can I help get this resolved?

I can't tell.
Thing I can tell is that is does help 
to reproduce the TCP DNS request issues outside the pi-hole project.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] OpenWrt - dnsmasq - debugging delayed responses

2020-07-16 Thread Geert Stappers
On Thu, Jul 16, 2020 at 08:53:50AM -0400, Daryl Richards wrote:
> On 2020-07-15 9:13 p.m., Arseny Vakhrushev wrote:
> > Hello all,
> > 
> > I'm trying to debug delayed DHCP responses in OpenWrt 19.07.3. The
> > machine is connected to the router via Ethernet to eliminate possible
> > network latency and packet loss.
> > 
> > I tried playing with the debugging options of dnsmasq as well as
> > with all the DHCP related options including dhcp-reply-delay with
> > no apparent success.
> 
> You might have tried this, but you didn't explicitly mention it:
> 
> -5, --no-ping
> (IPv4 only) By default, the DHCP server will attempt to ensure that an
> address is not in use before allocating it to a host. It does this by
> sending an ICMP echo request (aka "ping") to the address in question. If 
> it
> gets a reply, then the address must already be in use, and another is 
> tried.
> This flag disables this check. Use with caution.
> 

A network sniff  (tcpdump, tshark, wireshark) will provide information
about it.



Regards
Geert Stappers
Who liked the data in the original email
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Fwd: [PATCH] Makefile: make variables overridable

2020-07-12 Thread Geert Stappers
On Sun, Jul 12, 2020 at 09:05:17PM +0200, Pali Rohár wrote:
> On Sunday 12 July 2020 13:53:11 John Ericson wrote:
> > Hi, I am another NixOS maintainer.
> > 
> > Yes, it is true that ?= in makefiles is somewhat rare, and that we
> > can work around this other ways. But it was I who proposed the ?=
> > change on our side, so let say why I think it's the right choice:
> > 
> > Most C packages don't use "?=" and do
> >  FOO ?= foo
> > but instead do have a configure script, so they do
> >  FOO = @FOO@
> > with regular "=". However that configure script *does* silently
> > consume environment variables, so the effect is the same.
> 
> "FOO ?= foo" syntax is not supported by POSIX make:
> https://pubs.opengroup.org/onlinepubs/9699919799/utilities/make.html
> 
> And requires some GNU Make extension.
> 
> I guess because dnsmasq is supported also on non-GNU Make systems, it
> cannot take some patch which adds dependency on Linux or GNU specific
> feature.

I rather hope that dnsmasq is considered usefull in worlds outside
the Linux and GNU world.

 
> > I wouldn't request upstream add a configure script is nothing
> > is needed, and I don't even like the implicitness of environment
> > variables myself. But the fact is it is the standard for distros
> > to communicate information to all the myriad build systems,
> > so I advocate this change so distros can remove extra packaging hacks.
> > 
> > The variable we need to override is PKG_CONFIG.
> 
> Basically I do not understand whole point of this patch. If you for
> compilation need to override some Makefile variable, why do you not
> set correct value of that variable?
> 
> It is lot of easier to set correct value during compilation as patching
> sources or sending patch to upstream and waiting if it would be released
> in new version.

I have prepared a patch which only changes the PKG_CONFIG
and does have explaination[1] in the commit message.


Groeten
Geert Stappers

[1] as I see it ...
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


[Dnsmasq-discuss] [PATCH] Accept PKG_CONFIG from environment

2020-07-12 Thread Geert Stappers
From: Geert Stappers 

Dnsmasq has not yet a portable build system.
Famous is GNU autoconf which generates Makefiles.
To avoid such large change this simple change.

It allows that PKG_CONFIG can be overriden.
That PKG_CONFIG is set by the build environment,
so no need to modify the Makefile in that env.

Reported by the NixOS project.
---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 78e25f0..55bccbe 100644
--- a/Makefile
+++ b/Makefile
@@ -34,7 +34,7 @@ LIBS  =
 
 # Variables you might want to override.
 
-PKG_CONFIG = pkg-config
+PKG_CONFIG ?= pkg-config
 INSTALL= install
 MSGMERGE   = msgmerge
 MSGFMT = msgfmt
-- 
2.1.4


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Fwd: [PATCH] Makefile: make variables overridable

2020-07-11 Thread Geert Stappers
On Sat, Jul 11, 2020 at 07:33:07PM +0200, john doe wrote:
> On 7/11/2020 4:17 PM, Geert Stappers wrote:
> > On Sat, Jul 11, 2020 at 02:33:36PM +0200, betaboon wrote:
> > > Hello Simon, hello everyone.
> > > 
> > > when cross-compiling dnsmasq for armv7 in nixos we ran into the
> > > Makefile not picking up the variables properly.
> > > 
> > > for now we are maintaining the attached patch in our package-tree to
> > > get around this issue, but would love to upstream this to you.
> > > 
> > > The issue in question can be found here:
> > > https://github.com/NixOS/nixpkgs/pull/91422
> > 
> > That "pull request" says the reason
> > is https://github.com/NixOS/nixpkgs/pull/91418
> > 
> > The "#91418" mentions
> > 
> > dbus.c:21:10: fatal error: dbus/dbus.h: No such file or directory
> > 21 | #include 
> >|  ^
> > 
> > 
> > > 
> > > >From 41d49b07a32625839f267a45379297066a7879ca Mon Sep 17 00:00:00 2001
> > > From: betaboon 
> > > Date: Tue, 30 Jun 2020 12:13:41 +0200
> > > Subject: [PATCH] Makefile: make variables overridable
> > > 
> > > ---
> > >   Makefile | 38 +++---
> > >   1 file changed, 19 insertions(+), 19 deletions(-)
> > > 
> > > diff --git a/Makefile b/Makefile
> > > index 78e25f0..8e44354 100644
> > > --- a/Makefile
> > > +++ b/Makefile
> > > 
> > >   # Variables you may well want to override.
> > > 
> > > -PREFIX= /usr/local
  ...
> > > +PREFIX?= /usr/local
  ...
> > > -SRC = src
> > > -PO  = po
> > > -MAN = man
> > > +SRC ?= src
> > > +PO  ?= po
> > > +MAN ?= man
  ...
> > > 
> > 
> > So a single 'dbus.c:21:10: fatal error: dbus/dbus.h: No such file or 
> > directory'
> > in the NixOS world, shows up here as request for, example given,
> > 
> > > -MANDIR= $(PREFIX)/share/man
> > > +MANDIR?= $(PREFIX)/share/man
> > 
> > 
> > With whole commit message 'Makefile: make variables overridable'.
> > 
> > 
> > 
> > Patch reviewed and rejected.
> > 
> 
> Reviewed is one thing, but rejected by a non-maintainer of the project
> is out of line.
> 
> 'Geert Stappers' is not in anyway a maintainer of the Dnsmasq project
> nor am I.
> While the patch might not be addressing the core of this issue, being
> able to overwrite variable is worth considering in anycase.

All true.


Regards
Geert Stappers
Looking forward to a revisited patch.
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Fwd: [PATCH] Makefile: make variables overridable

2020-07-11 Thread Geert Stappers
On Sat, Jul 11, 2020 at 02:33:36PM +0200, betaboon wrote:
> Hello Simon, hello everyone.
> 
> when cross-compiling dnsmasq for armv7 in nixos we ran into the
> Makefile not picking up the variables properly.
> 
> for now we are maintaining the attached patch in our package-tree to
> get around this issue, but would love to upstream this to you.
> 
> The issue in question can be found here:
> https://github.com/NixOS/nixpkgs/pull/91422

That "pull request" says the reason
is https://github.com/NixOS/nixpkgs/pull/91418

The "#91418" mentions

dbus.c:21:10: fatal error: dbus/dbus.h: No such file or directory
   21 | #include 
  |  ^


> 
> >From 41d49b07a32625839f267a45379297066a7879ca Mon Sep 17 00:00:00 2001
> From: betaboon 
> Date: Tue, 30 Jun 2020 12:13:41 +0200
> Subject: [PATCH] Makefile: make variables overridable
> 
> ---
>  Makefile | 38 +++---
>  1 file changed, 19 insertions(+), 19 deletions(-)
> 
> diff --git a/Makefile b/Makefile
> index 78e25f0..8e44354 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -18,31 +18,31 @@
> 
>  # Variables you may well want to override.
> 
> -PREFIX= /usr/local
> -BINDIR= $(PREFIX)/sbin
> -MANDIR= $(PREFIX)/share/man
> -LOCALEDIR = $(PREFIX)/share/locale
> -BUILDDIR  = $(SRC)
> -DESTDIR   =
> -CFLAGS= -Wall -W -O2
> -LDFLAGS   =
> -COPTS =
> -RPM_OPT_FLAGS =
> -LIBS  =
> +PREFIX?= /usr/local
> +BINDIR?= $(PREFIX)/sbin
> +MANDIR?= $(PREFIX)/share/man
> +LOCALEDIR ?= $(PREFIX)/share/locale
> +BUILDDIR  ?= $(SRC)
> +DESTDIR   ?=
> +CFLAGS?= -Wall -W -O2
> +LDFLAGS   ?=
> +COPTS ?=
> +RPM_OPT_FLAGS ?=
> +LIBS  ?=
> 
>  #
> 
>  # Variables you might want to override.
> 
> -PKG_CONFIG = pkg-config
> -INSTALL= install
> -MSGMERGE   = msgmerge
> -MSGFMT = msgfmt
> -XGETTEXT   = xgettext
> +PKG_CONFIG ?= pkg-config
> +INSTALL?= install
> +MSGMERGE   ?= msgmerge
> +MSGFMT ?= msgfmt
> +XGETTEXT   ?= xgettext
> 
> -SRC = src
> -PO  = po
> -MAN = man
> +SRC ?= src
> +PO  ?= po
> +MAN ?= man
> 
>  #
> 
> --
> 2.27.0
> 

So a single 'dbus.c:21:10: fatal error: dbus/dbus.h: No such file or directory'
in the NixOS world, shows up here as request for, example given,

> -MANDIR= $(PREFIX)/share/man
> +MANDIR?= $(PREFIX)/share/man


With whole commit message 'Makefile: make variables overridable'.



Patch reviewed and rejected.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Run multiple processes (with diff port #'s, interface bindings) concurrently?

2020-07-08 Thread Geert Stappers
On Tue, Jul 07, 2020 at 06:29:33PM -0500, Johnny Utahh wrote:
> Can dnsmasq run 2 or more different processes (with diff port numbers and
> interface bindings) concurrently within the same OS/machine?

Yes, it can. That is the reason there is debian/systemd@.service
-8<---8<--8<
[Unit]
Description=dnsmasq (%i) - A lightweight DHCP and caching DNS server
Requires=network.target
Wants=nss-lookup.target
Before=nss-lookup.target
After=network.target

[Service]
Type=forking
PIDFile=/run/dnsmasq/dnsmasq.%i.pid

# Test the config file and refuse starting if it is not valid.
ExecStartPre=/etc/init.d/dnsmasq checkconfig "%i"

# We run dnsmasq via the /etc/init.d/dnsmasq script which acts as a
# wrapper picking up extra configuration files and then execs dnsmasq
# itself, when called with the "systemd-exec" function.
ExecStart=/etc/init.d/dnsmasq systemd-exec "%i"

# The systemd-*-resolvconf functions configure (and deconfigure)
# resolvconf to work with the dnsmasq DNS server. They're called like
# this to get correct error handling (ie don't start-resolvconf if the
# dnsmasq daemon fails to start).
ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf "%i"
ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf "%i"


ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target
-8<---8<--8<


> Any known problems with this?
> 
> The following post claims multiple instances can run, but does not mention
> multiple port #'s (which is my use-case's key issue):
> https://stackoverflow.com/a/13296605/605356

Not visited   (not left my email  environment)

 
> I'll be testing this later by running multiple 'dnsmasq --conf-file='
> commands.
> 
> environment:
> Ubuntu 20.04
> dnsmasq 2.80
> 
> Thanks,

Feel free to report your milage here.
As in: It is up you to prevent "but does not mention multiple port #'s"


> ~J


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Ability to not bind :: for DNS when binding wildcard

2020-07-06 Thread Geert Stappers
On Mon, Jul 06, 2020 at 03:05:28PM +0200, Matthias May wrote:
> On 06/07/2020 14:54, Dominik wrote:
> > On 06.07.20 14:09, Matthias May wrote:
> >> Hi List
> >>
> >> I have run into the situation, that a customer wants to only bind the DNS 
> >> service to 0.0.0.0 but not to ::
> >>
> >> I'm not sure this is possible.
> >> While i was able to make a config which binds only to 0.0.0.0 through a 
> >> combination of
> >> --use-interfaces and --except-interface this results in a dnsmasq instance 
> >> which does not handle DHCP anymore.
> >> I'm think i understand why this does not work.
> >>
> >> However i want to check with the list, if this is a reasonable need, and 
> >> if i should send a patch
> >> which adds support for something like:
> >> --disable-ipv6-on-wildcard and --disable-ipv4-on-wildcard
> >> which would change the behaviour of
> >> void create_wildcard_listeners(void)
> >> so it doesn't unconditionally bind ipv4 and ipv6.
> >>
> >
> > more out of curiosity than anything else: What is a proper reason to
> > bind only to IPv4 but not IPv6 (or vice versa)?
> > Just checking here that your customer doesn't maybe want something silly
> > and you should rather explain to them why they actually don't want this.
> >
> 
> Well the system in question has
> net.ipv6.conf.all.disable_ipv6 = 1
> thus the expected output would be that no IPv6 bindings exist at all.
> I kind of understand that when IPv6 is disabled, that one would not expect to 
> see :::53 in netstat -nlp

Me too ...


> On the other hand i also see that if no IPv6 address exist on the
> system, there is not much that can be done with :::53.  In the end
> probably more a cosmetic issue.

I do call it plain  ugly   :-)


> I was thinking into the direction that create_wildcard_listeners
> checks by itself if the system has IPv6 enabled/disabled, and also
> expose this as a manual know for an user to set.

Eat your heart out. Do feel free to share the patches with the mailing.

Wouldn't is be easier to compile with  IPv6 disabled?


Regards
Geert Stappers


P.S.
Thanks for making it possible to read in the discussion order
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] How to store CNAME, MX, and other non-A/AAAA records in /etc/hosts?

2020-07-03 Thread Geert Stappers
On Fri, Jul 03, 2020 at 01:16:45PM -0500, Johnny Utahh wrote:
> How can dnsmasq store CNAME, MX, and other non-A/ records in /etc/hosts?

Not.


> I can thus far only see how to store A and  records in /etc/hosts (or
> alternative 'addn-hosts' file).
> 
> If not in 'addn-hosts' or /etc/hosts, where else?

> I'm guessing /etc/dnsmasq.d (?),

OK, then try it ...



Regards
Geert Stappers
In an attempt to encourage explorers to discover the world.
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Minimal config: small # of A records, no upstream server

2020-07-03 Thread Geert Stappers
On Thu, Jul 02, 2020 at 08:44:02PM -0700, Frank wrote:
> On Jul 2, 2020, at 7:18 PM, Johnny Utahh 
>  wrote:
> > On 2020-07-02 12:57 PM, Geert Stappers wrote:
> >> On Thu, Jul 02, 2020 at 06:16:49AM -0500, Johnny Utahh wrote:
> >>> On 2020-07-02 2:18 AM, Geert Stappers wrote:
> >>>> On Wed, Jul 01, 2020 at 10:06:36PM -0500, Johnny Utahh wrote:
> >>>>> Hello,
> >>>>> 
> >>>>> Do I need to make any edits/additions to the dnsmasq.conf below to 
> >>>>> support
> >>>>> the following scenario?
> >>>>> 
> >>>>> Ubuntu 20.04
> >>>>> dnsmasq 2.80
> >>>>> 
> >>>>> Details:
> >>>>> 
> >>>>> I want to provide a _minimal_ DNS server. It *only* serves a few A 
> >>>>> records
> >>>>> (from /etc/hosts).
> >>>>> 
> >>>>> A key point: I want to make sure it does NOTHING else. No
> >>>>> upstream-DNS-server/service connection. Any DNS requests sent to said 
> >>>>> server
> >>>>> outside of the /etc/hosts A-record list will fail. Further: no DHCP, 
> >>>>> tftp,
> >>>>> or any others. All of the other bells and whistles I do not know about: 
> >>>>> I
> >>>>> want them disabled, too. Just plain old proper DNS records serving and
> >>>>> associated error-condition handling.
> >>>>> 
> >>>>> Additionally, the dnsmasq-based DNS server will 
> >>>>> bind/interface/respond-to
> >>>>> only `eth8`.
> >>>>> 
> >>>>> 
> >>>>> /etc/dnsmasq.conf:
> >>>>> interface=eth8
> >>>>> no-dhcp-interface=eth8
> >>>>> 
> >>>> That is indeed not enough for the desired use case.
> >>>> 
> >>> Thanks, quite good to know. What edits or additions (to the following
> >>> `/etc/dnsmasq.conf` or any other file) are needed to serve this use case?
> >> Something that tells Dnsmasq to do non default things.
> >> 
> >>   server=127.0.0.1#13131
> >> 
> >> The idea is that dnsmasq does go searching for an upstream DNS. That it
> >> uses localhost  port 13131.  With nothing at 13131 should result in
> >> a "nothing here" and thus ending the DNS resolve attempt. If that truely
> >> gets back to the DNS client as "hostname not found" is unknown to me.
> >> 
> >> In other words: Default behaviour of dnsmasq is to use the DNS available
> >> to the host.  Original Poster doesn't want that, so should do something
> >> extra to prevent.  But be aware that I never have travelled that road.
> >> Euh yes, I would like to hear how it went.
> > 
> > I'm presuming the only issue here is preventing searches and potential
> > "uplinks" with upstream DNS nameservers and that "disabling all
> > other features" is addressed by the following settings:
> > 
> > /etc/dnsmasq.conf:
> > port=[myport]
> > no-resolv
> > no-poll
> > interface=eth8
> > no-dhcp-interface=eth8
> > no-hosts
> > addn-hosts=/etc/dnsmasq_a_records
> > domain=[mydomain.tld]
> > 
> >> The idea is that dnsmasq does go searching for an upstream DNS.
> > 
> > Okay, copy that, very helpful. It seems dnsmasq is currently
> > determined to hunt for upstream namesevers and there's no elegant
> > way to disable this... but I explore this point more-exhaustively
> > with these points/comments:
> > 
> > 1. I'm surprised there's no directive/setting to specifically prevent
> > dnsmasq from searching for an upstream DNS. If so: why is my scenario
> > (seemingly?) rare enough that such a feature (presumably?) was
> > not needed?  While this use case is not predominate, this does not
> > seem like an uncommon use case, namely for "isolated VPNs."
> > 
> > 2. Does `no-resolv` + `no-poll` effectively implement the feature
> > described in #1?
> > 
> > 3. I'm happy to implement `server=127.0.0.1#[unused_port_number]`
> > to effectively provide the feature described in #1. However, I'm
> > concerned about a couple, potential, derivative behaviors:
> > 
> > 3.a.  How certain are we that this "workaround" completely disables
> > the upstream searching/connections?
> > 

Re: [Dnsmasq-discuss] Minimal config: small # of A records, no upstream server

2020-07-02 Thread Geert Stappers
On Thu, Jul 02, 2020 at 06:16:49AM -0500, Johnny Utahh wrote:
> On 2020-07-02 2:18 AM, Geert Stappers wrote:
> > On Wed, Jul 01, 2020 at 10:06:36PM -0500, Johnny Utahh wrote:
> > > Hello,
> > > 
> > > Do I need to make any edits/additions to the dnsmasq.conf below to support
> > > the following scenario?
> > > 
> > > Ubuntu 20.04
> > > dnsmasq 2.80
> > > 
> > > Details:
> > > 
> > > I want to provide a _minimal_ DNS server. It *only* serves a few A records
> > > (from /etc/hosts).
> > > 
> > > A key point: I want to make sure it does NOTHING else. No
> > > upstream-DNS-server/service connection. Any DNS requests sent to said 
> > > server
> > > outside of the /etc/hosts A-record list will fail. Further: no DHCP, tftp,
> > > or any others. All of the other bells and whistles I do not know about: I
> > > want them disabled, too. Just plain old proper DNS records serving and
> > > associated error-condition handling.
> > > 
> > > Additionally, the dnsmasq-based DNS server will bind/interface/respond-to
> > > only `eth8`.
> > > 
> > > 
> > > /etc/dnsmasq.conf:
> > > interface=eth8
> > > no-dhcp-interface=eth8
> > > 
> > That is indeed not enough for the desired use case.
> > 
> 
> Thanks, quite good to know. What edits or additions (to the following
> `/etc/dnsmasq.conf` or any other file) are needed to serve this use case?

Something that tells Dnsmasq to do non default things.

  server=127.0.0.1#13131

The idea is that dnsmasq does go searching for an upstream DNS. That it
uses localhost  port 13131.  With nothing at 13131 should result in
a "nothing here" and thus ending the DNS resolve attempt. If that truely
gets back to the DNS client as "hostname not found" is unknown to me.

In other words: Default behaviour of dnsmasq is to use the DNS available
to the host.  Original Poster doesn't want that, so should do something
extra to prevent.  But be aware that I never have travelled that road.
Euh yes, I would like to hear how it went.


> > Regards
> > Geert Stappers
> > While testing a new community member.

New members are welcome.
It is a duty of the whole community to let them blend in.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Minimal config: small # of A records, no upstream server

2020-07-02 Thread Geert Stappers
On Wed, Jul 01, 2020 at 10:06:36PM -0500, Johnny Utahh wrote:
> Hello,
> 
> Do I need to make any edits/additions to the dnsmasq.conf below to support
> the following scenario?
> 
> Ubuntu 20.04
> dnsmasq 2.80
> 
> Details:
> 
> I want to provide a _minimal_ DNS server. It *only* serves a few A records
> (from /etc/hosts).
> 
> A key point: I want to make sure it does NOTHING else. No
> upstream-DNS-server/service connection. Any DNS requests sent to said server
> outside of the /etc/hosts A-record list will fail. Further: no DHCP, tftp,
> or any others. All of the other bells and whistles I do not know about: I
> want them disabled, too. Just plain old proper DNS records serving and
> associated error-condition handling.
> 
> Additionally, the dnsmasq-based DNS server will bind/interface/respond-to
> only `eth8`.
> 
> 
>/etc/dnsmasq.conf:
>interface=eth8
>no-dhcp-interface=eth8
> 
 
That is indeed not enough for the desired use case.



Regards
Geert Stappers
While testing a new community member.
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [Bugreport] => man page => key '-S, --local, --server' => typo

2020-06-26 Thread Geert Stappers
On Fri, Jun 26, 2020 at 01:42:42PM +, a...@protonmail.com wrote:
> Hello, world!
> 
> See: 
> http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=man/dnsmasq.8;h=a2a60d5e2b3d4d8a3a944d8f451afd97b4ca1033;hb=HEAD
> See line 431
> 
> Sentence about key '-S' contains odd count square brackets: 7 left and 6 
> right.
> 
> 7 left: [ [ [ [ [ [ [
> 6 right: ] ]] ] ]]
> -S, --local, 
> --server=[/[]/[domain/]][[#][@|[#]]
[   ]
   [[   ]
   [[#]
  -S, --local, 
--server=[/[]/[domain/]][[#]][@|[#]]
[   ]
   [[   ]]
 ^
 
> Expected behavior: the number of left brackets is equal to the number of 
> right brackets.



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Static leases issues

2020-06-09 Thread Geert Stappers
On Tue, Jun 09, 2020 at 11:22:27PM +0200, Bruno BEAUFILS wrote:
> On Tue, Jun 09, 2020 at 07:51:53PM +0200, john doe wrote:
> > Assuming that you have cleared your lease file and that more than 24
> > hours have passed, your client should have picked up the new lease.
> 
> If the lease file has been cleared and the client asked for a new
> specific IP, why does the server have to wait 24 hours to refuse the
> asked IP and send the configuration chosen one?
> 
> > That is why I suggested looking at the misbehaving DHCP client.
> 
> Isn't it the responsability of the server to distribute IP adresses it
> decide whatever IP the client ask?

Yes.

And the DHCP client is supposed to behave nicely.


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Static leases issues

2020-06-09 Thread Geert Stappers
On 6/9/2020 7:51 PM, john doe wrote:
> On 6/9/2020 5:25 PM, Bruno BEAUFILS wrote:
> > On Tue, Jun 09, 2020 at 11:13:19AM +0200, john doe wrote:
> > > > Do we agree that to clean the leases the removal of the leases file
> > > > when dnsmasq is stopped is sufficient?
> > > 
> > > Correct, rereading your first e-mail, try to clear the lease on your
> > > dhcp client.
> > 
> > OK I will try and I hope it will certainly work, but one should not
> > have to modify the client so that the server behave correctly on this
> > side. Am I right?
> > 
> 
> Assuming that you have cleared your lease file and that more than 24
> hours have passed, your client should have picked up the new lease.
> 
> That is why I suggested looking at the misbehaving DHCP client.
> 

Yes, also check the DHCP client.

And know that tcpdump is your "microscoop"


Feel free to share your experience with this mailinglist.


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] broadcast address equals siaddr

2020-06-09 Thread Geert Stappers
On Tue, Jun 09, 2020 at 09:10:11AM +0200, kvaps wrote:
> Hi,
> 
> I'm using Dnsmasq version 2.80 from on Alpine Linux 3.11.5 and I faced
> with the strange issue:
> 
> When I change the SIADDR option for my pxe-clients, the Broadcast
> address (option 28) is also changed to the same value.
> 
> my configuration:
> 
> # cat /etc/dnsmasq.d/dhcp-opts/ltsp1
> tag:ltsp1,option:server-ip-address,10.28.36.188
> tag:ltsp1,option:tftp-server,ltsp1
> tag:ltsp1,tag:X86PC,option:bootfile-name,ltsp/grub/i386-pc/core.0
> tag:ltsp1,tag:X86-64_EFI,option:bootfile-name,ltsp/grub/x86_64-efi/core.efi
> 
> # cat /etc/dnsmasq.d/dhcp-hosts/m1c12
> 94:57:a5:d3:ae:ce,94:57:a5:d3:ae:cf,id:*,set:ltsp1,10.28.36.172,m1c12,infinite
> 
> # cat /etc/dnsmasq.d/global-dhcp.conf
> dhcp-match=set:iPXE,17,39
> dhcp-match=set:X86PC,option:client-arch,0
> dhcp-match=set:X86-64_EFI,option:client-arch,7
> dhcp-match=set:X86-64_EFI,option:client-arch,9
> 
> 
> Best Regards,
> Andrei Kvapil


Here at this side of the Internet arrived only parts of the message.

Please retransmitted the whole message.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] dnsmasq-dhcp: DHCP, proxy on subnet 192.0.2.0

2020-06-07 Thread Geert Stappers
On Sat, Jun 06, 2020 at 09:06:44PM +0200, Geert Stappers wrote:
> On Sat, Jun 06, 2020 at 07:06:05PM +0200, Geert Stappers wrote:
> > Hi,
> > 
> > The plan is that dnsmasq DHCP server hands bootfile information
> > in conjunction with an existing DHCP, a.k.a. proxy-DHCP
> > 
> > With dnsmasq fresh compiled from up-to-date git repository
> > works this configuration file:
> > 
> > port=0
> > interface=br0
> > bind-interfaces
> > dhcp-range=192.0.2.220,192.0.2.223
> > dhcp-boot=ipxe.pxe
> > enable-tftp
> > tftp-root=/home/stappers/src/ipxe/src/bin
> > log-dhcp
> > 
> > 
> > Changing 'dhcp-range=' for the wanted  proxy-DHCP
> > 
> > port=0
> > interface=br0
> > bind-interfaces
> > dhcp-range=192.0.2.0,proxy
> > dhcp-boot=ipxe.pxe
> > enable-tftp
> > tftp-root=/home/stappers/src/ipxe/src/bin
> > log-dhcp
> > 
> > 
> > Silences the dnsmasq DHCP server.  The change closer
> > dhcp-range=192.0.2.220,192.0.2.223
> > dhcp-range=192.0.2.0,proxy
> > 
> > With
> > dhcp-range=192.0.2.18,proxy
> > the same effect ...
> > 
> > 
> > Running dnsmasq  --no-daemon   shows
> > dnsmasq: started, version 2.81-12-g619000a DNS disabled
> > dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n
> > no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC
> > loop-detect inotify dumpfile
> > dnsmasq-dhcp: DHCP, proxy on subnet 192.0.2.0
> > dnsmasq-dhcp: DHCP, sockets bound exclusively to interface br0
> > dnsmasq-tftp: TFTP root is /home/stappers/src/ipxe/src/bin  
> > dnsmasq-dhcp: 4014338184 available DHCP subnet: 192.0.2.0/255.255.255.0
> > dnsmasq-dhcp: 4014338184 vendor class: PXEClient:Arch:0:UNDI:002001
> > dnsmasq-dhcp: 4014338184 available DHCP subnet: 192.0.2.0/255.255.255.0
> > dnsmasq-dhcp: 4014338184 vendor class: PXEClient:Arch:0:UNDI:002001
> > 
> > 
> > Network sniff with `tcpdump  -i br0 port bootpc or bootps` on the
> > server, on the destinated proxy-DHCP server,  shows the incoming
> > DHCP Discover request and DHCP Offer from existing DHCP server.
> > Not show a reply from the dnsmasq server.
> > 
> > The "boot client machine" complains "PXE-53: No boot filename received"
> > 
> > 
> > What is your  proxy-DHCP
> > dhcp-range=192.0.2.0,proxy
> > succes story?
> 
> port=0
> interface=br0
> bind-interfaces
> dhcp-range=192.168.0.2.0,proxy
> pxe-service=x86PC, "iPXE", ipxe.pxe
> enable-tftp
> tftp-root=/home/stappers/src/ipxe/src/bin
> log-dhcp
> 
> 
> Yes indeed,  not `dhcp-boot=` but `pxe-service=`
>  
> With that knowledge is it possible the read it
> in dnsmasq manual page  ...
> 

But why to  tight relation with  PXE?



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


[Dnsmasq-discuss] [PATCH 2/3] via TFTP, minor typo fix

2020-06-06 Thread Geert Stappers
The "FTP" looked awark after reading all those "_T_FTP".

Also more readable comment / better documenting what is going on.
---
 dnsmasq.conf.example | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dnsmasq.conf.example b/dnsmasq.conf.example
index 4dbec7b..e58c812 100644
--- a/dnsmasq.conf.example
+++ b/dnsmasq.conf.example
@@ -498,7 +498,7 @@
 # Enable dnsmasq's built-in TFTP server
 #enable-tftp
 
-# Set the root directory for files available via FTP.
+# Set the root directory for files we make available via TFTP.
 #tftp-root=/var/ftpd
 
 # Do not abort if the tftp-root is unavailable
-- 
2.1.4


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


[Dnsmasq-discuss] [PATCH 1/3] Found by minor typo fix

2020-06-06 Thread Geert Stappers
From: Geert Stappers 

---
 dnsmasq.conf.example | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dnsmasq.conf.example b/dnsmasq.conf.example
index bf19424..4dbec7b 100644
--- a/dnsmasq.conf.example
+++ b/dnsmasq.conf.example
@@ -483,7 +483,7 @@
 # Beware this fails on old PXE ROMS.
 #pxe-service=x86PC, "Install Linux", pxelinux, 1.2.3.4
 
-# Use bootserver on network, found my multicast or broadcast.
+# Use bootserver on network, found by multicast or broadcast.
 #pxe-service=x86PC, "Install windows from RIS server", 1
 
 # Use bootserver at a known IP address.
-- 
2.1.4


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] dnsmasq-dhcp: DHCP, proxy on subnet 192.0.2.0

2020-06-06 Thread Geert Stappers
On Sat, Jun 06, 2020 at 07:06:05PM +0200, Geert Stappers wrote:
> Hi,
> 
> The plan is that dnsmasq DHCP server hands bootfile information
> in conjunction with an existing DHCP, a.k.a. proxy-DHCP
> 
> With dnsmasq fresh compiled from up-to-date git repository
> works this configuration file:
> 
> port=0
> interface=br0
> bind-interfaces
> dhcp-range=192.0.2.220,192.0.2.223
> dhcp-boot=ipxe.pxe
> enable-tftp
> tftp-root=/home/stappers/src/ipxe/src/bin
> log-dhcp
> 
> 
> Changing 'dhcp-range=' for the wanted  proxy-DHCP
> 
> port=0
> interface=br0
> bind-interfaces
> dhcp-range=192.0.2.0,proxy
> dhcp-boot=ipxe.pxe
> enable-tftp
> tftp-root=/home/stappers/src/ipxe/src/bin
> log-dhcp
> 
> 
> Silences the dnsmasq DHCP server.  The change closer
> dhcp-range=192.0.2.220,192.0.2.223
> dhcp-range=192.0.2.0,proxy
> 
> With
> dhcp-range=192.0.2.18,proxy
> the same effect ...
> 
> 
> Running dnsmasq  --no-daemon   shows
> dnsmasq: started, version 2.81-12-g619000a DNS disabled
> dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n
> no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC
> loop-detect inotify dumpfile
> dnsmasq-dhcp: DHCP, proxy on subnet 192.0.2.0
> dnsmasq-dhcp: DHCP, sockets bound exclusively to interface br0
> dnsmasq-tftp: TFTP root is /home/stappers/src/ipxe/src/bin  
> dnsmasq-dhcp: 4014338184 available DHCP subnet: 192.0.2.0/255.255.255.0
> dnsmasq-dhcp: 4014338184 vendor class: PXEClient:Arch:0:UNDI:002001
> dnsmasq-dhcp: 4014338184 available DHCP subnet: 192.0.2.0/255.255.255.0
> dnsmasq-dhcp: 4014338184 vendor class: PXEClient:Arch:0:UNDI:002001
> 
> 
> Network sniff with `tcpdump  -i br0 port bootpc or bootps` on the
> server, on the destinated proxy-DHCP server,  shows the incoming
> DHCP Discover request and DHCP Offer from existing DHCP server.
> Not show a reply from the dnsmasq server.
> 
> The "boot client machine" complains "PXE-53: No boot filename received"
> 
> 
> What is your  proxy-DHCP
> dhcp-range=192.0.2.0,proxy
> succes story?

port=0
interface=br0
bind-interfaces
dhcp-range=192.168.0.2.0,proxy
pxe-service=x86PC, "iPXE", ipxe.pxe
enable-tftp
tftp-root=/home/stappers/src/ipxe/src/bin
log-dhcp


Yes indeed,  not `dhcp-boot=` but `pxe-service=`
 
With that knowledge is it possible the read it
in dnsmasq manual page  ...

 
Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


[Dnsmasq-discuss] [PATCH 3/3] Stripped trailing white spaces from config example

2020-06-06 Thread Geert Stappers
---
 dnsmasq.conf.example | 22 +++---
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/dnsmasq.conf.example b/dnsmasq.conf.example
index e58c812..e523209 100644
--- a/dnsmasq.conf.example
+++ b/dnsmasq.conf.example
@@ -27,8 +27,8 @@
 
 # Replies which are not DNSSEC signed may be legitimate, because the domain
 # is unsigned, or may be forgeries. Setting this option tells dnsmasq to
-# check that an unsigned reply is OK, by finding a secure proof that a DS 
-# record somewhere between the root and the domain does not exist. 
+# check that an unsigned reply is OK, by finding a secure proof that a DS
+# record somewhere between the root and the domain does not exist.
 # The cost of setting this is that even queries in unsigned domains will need
 # one or more extra DNS queries to verify.
 #dnssec-check-unsigned
@@ -183,11 +183,11 @@
 #dhcp-range=1234::2, 1234::500, 64, 12h
 
 # Do Router Advertisements, BUT NOT DHCP for this subnet.
-#dhcp-range=1234::, ra-only 
+#dhcp-range=1234::, ra-only
 
 # Do Router Advertisements, BUT NOT DHCP for this subnet, also try and
-# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack 
-# hosts. Use the DHCPv4 lease to derive the name, network segment and 
+# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
+# hosts. Use the DHCPv4 lease to derive the name, network segment and
 # MAC address and assume that the host will also have an
 # IPv6 address calculated using the SLAAC algorithm.
 #dhcp-range=1234::, ra-names
@@ -210,9 +210,9 @@
 #dhcp-range=1234::, ra-stateless, ra-names
 
 # Do router advertisements for all subnets where we're doing DHCPv6
-# Unless overridden by ra-stateless, ra-names, et al, the router 
+# Unless overridden by ra-stateless, ra-names, et al, the router
 # advertisements will have the M and O bits set, so that the clients
-# get addresses and configuration from DHCPv6, and the A bit reset, so the 
+# get addresses and configuration from DHCPv6, and the A bit reset, so the
 # clients don't use SLAAC addresses.
 #enable-ra
 
@@ -285,11 +285,11 @@
 # any machine with Ethernet address starting 11:22:33:
 #dhcp-host=11:22:33:*:*:*,set:red
 
-# Give a fixed IPv6 address and name to client with 
+# Give a fixed IPv6 address and name to client with
 # DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
 # Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
 # Note also that the [] around the IPv6 address are obligatory.
-#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5] 
+#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
 
 # Ignore any clients which are not specified in dhcp-host lines
 # or /etc/ethers. Equivalent to ISC "deny unknown-clients".
@@ -345,7 +345,7 @@
 # Send DHCPv6 option. Note [] around IPv6 addresses.
 #dhcp-option=option6:dns-server,[1234::77],[1234::88]
 
-# Send DHCPv6 option for namservers as the machine running 
+# Send DHCPv6 option for namservers as the machine running
 # dnsmasq and another.
 #dhcp-option=option6:dns-server,[::],[1234::88]
 
@@ -550,7 +550,7 @@
 # Set the DHCP server to enable DHCPv4 Rapid Commit Option per RFC 4039.
 # In this mode it will respond to a DHCPDISCOVER message including a Rapid 
Commit
 # option with a DHCPACK including a Rapid Commit option and fully committed 
address
-# and configuration information. This must only be enabled if either the 
server is 
+# and configuration information. This must only be enabled if either the 
server is
 # the only server for the subnet, or multiple servers are present and they each
 # commit a binding for all clients.
 #dhcp-rapid-commit
-- 
2.1.4


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


[Dnsmasq-discuss] dnsmasq-dhcp: DHCP, proxy on subnet 192.0.2.0

2020-06-06 Thread Geert Stappers
Hi,

The plan is that dnsmasq DHCP server hands bootfile information
in conjunction with an existing DHCP, a.k.a. proxy-DHCP

With dnsmasq fresh compiled from up-to-date git repository
works this configuration file:

port=0
interface=br0
bind-interfaces
dhcp-range=192.0.2.220,192.0.2.223
dhcp-boot=ipxe.pxe
enable-tftp
tftp-root=/home/stappers/src/ipxe/src/bin
log-dhcp


Changing 'dhcp-range=' for the wanted  proxy-DHCP

port=0
interface=br0
bind-interfaces
dhcp-range=192.0.2.0,proxy
dhcp-boot=ipxe.pxe
enable-tftp
tftp-root=/home/stappers/src/ipxe/src/bin
log-dhcp


Silences the dnsmasq DHCP server.  The change closer
dhcp-range=192.0.2.220,192.0.2.223
dhcp-range=192.0.2.0,proxy

With
dhcp-range=192.0.2.18,proxy
the same effect ...


Running dnsmasq  --no-daemon   shows
dnsmasq: started, version 2.81-12-g619000a DNS disabled
dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n
no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC
loop-detect inotify dumpfile
dnsmasq-dhcp: DHCP, proxy on subnet 192.0.2.0
dnsmasq-dhcp: DHCP, sockets bound exclusively to interface br0
dnsmasq-tftp: TFTP root is /home/stappers/src/ipxe/src/bin  
dnsmasq-dhcp: 4014338184 available DHCP subnet: 192.0.2.0/255.255.255.0
dnsmasq-dhcp: 4014338184 vendor class: PXEClient:Arch:0:UNDI:002001
dnsmasq-dhcp: 4014338184 available DHCP subnet: 192.0.2.0/255.255.255.0
dnsmasq-dhcp: 4014338184 vendor class: PXEClient:Arch:0:UNDI:002001


Network sniff with `tcpdump  -i br0 port bootpc or bootps` on the
server, on the destinated proxy-DHCP server,  shows the incoming
DHCP Discover request and DHCP Offer from existing DHCP server.
Not show a reply from the dnsmasq server.

The "boot client machine" complains "PXE-53: No boot filename received"


What is your  proxy-DHCP
dhcp-range=192.0.2.0,proxy
succes story?


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] read /etc/hosts if DNS disabled

2020-06-06 Thread Geert Stappers
On Thu, May 21, 2020 at 08:42:07PM +0200, Matus UHLAR - fantomas wrote:
> > On Thu, May 21, 2020 at 03:35:24PM +0200, Matus UHLAR - fantomas wrote:
> > > > On Fri, May 15, 2020 at 07:53:50PM +0200, Matus UHLAR - fantomas wrote:
> > > > > I have problems configuring static DHCP using /etc/hosts and 
> > > > > /etc/ethers.
> > > > > It seems that dnsmasq is ignoring /etc/hosts when dns server is 
> > > > > disabled
> > > > > via "-p 0" option.
> > > > >
> > > > > Can anyone confirm?
> > > > > If I'm right, is this bug or a feature?
> > > 
> > > On 21.05.20 15:03, Geert Stappers wrote:
> > > > Advice: Describe "the problem" better.
> > > 
> > > OK.
> > > 
> > > the problem is that DHCP clients listed in /etc/ethers will not be given 
> > > IP
> > > addreses specified in /etc/hosts when dnsmasq does not run DNS service
> > > (-p 0), because /etc/hosts is not read in that case.
> > > 
> > > the workaround is to run DNS at different port (e.g.  -p 54), so dnsmasq
> > > reads /etc/hosts and provides IPS configured there do clients from
> > > /etc/ethers, but I believe /etc/hosts should be read even without DNS,
> > > unless explicitly disabled.
> 
> On 21.05.20 18:33, Geert Stappers wrote:
> > Acknowledge on version 2 of "problem description".
> > 
> > I partially understand what the expectations are.
> 
> 
> a litle background:
> 
> I used dnsmasq on openwrt router using /etc/ethers for machine<>ethernet
> address conversion and /etc/hosts for host to IP conversion (for both DHCP
> and DNS).
> 
> I bought new router with turris (openwrt clone) which uses knot-resolver
> (which uses /etc/hosts for local DNS) and runs dnsmasq only as DHCP server
> 
> The problem is that while in this scenario dnsmasq does use the ethers table
> (I can see that in reservations info), but it does not use hosts table to
> assign proper IP addresses for those hosts.
> 
> as a workaround I set dnsmasq to run DNS on another port (I'm thinking on
> disabling knot-resolvet) so while the DNS is not used, correct IP addresses
> are assigned.
> 
> I'd like dnsmasq to read /etc/hosts table for DHCP reservations even when
> DNS is not used.
> 
> ... I know I can work around reservations, but I find /etc/ethers and
> /etc/hosts good standards to use
> 

For what it worth, dnsmasq.conf.example has

# If this line is uncommented, dnsmasq will read /etc/ethers and act
# on the ethernet-address/IP pairs found there just as if they had
# been given as --dhcp-host options. Useful if you keep
# MAC-address/host mappings there for other purposes.
#read-ethers


I suggest to play with a dnsmasq.conf that has

# dnsmasq should read /etc/ethers and act on the ethernet-address/IP pairs
# found there just as if they had been given as --dhcp-host options.
# Used for keeping MAC-address/host mappings there for other purposes.
read-ethers



Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] dnsmasq doesn't pick up search domains

2020-06-04 Thread Geert Stappers
On Thu, Jun 04, 2020 at 12:52:13PM +, Benzler, Andreas (INE) wrote:
> Am Donnerstag, den 04.06.2020, 12:44 +0200 schrieb Matus UHLAR - fantomas:
> > On 04.06.20 08:17, Benzler, Andreas (INE) wrote:
> > > The installation is just simple:
> > > 
> > > port=53
> > > domain-needed (doesn't matter with or without)
> > > bogus-priv
> > > resolv-file=/etc/dnsmasq-resolv.conf
> > > strict-order
> > > server=8.8.8.8
> > > server=8.8.4.4
> > > address=/somedomain.net/192.168.0.1
> > > interface=enp4s0f0
> > > except-interface=lo
> > > expand-hosts
> > > 
> > > /etc/dnsmasq-resolv.conf
> > > search intranet.somedomain.edu. somedomain.edu.
> > > 
> > > ping mybox (mybox.intranet.somedomain.edu.)
> > > 
> > > nslookup mybox
> > > Server:   xx.xx.xx.xx
> > > Address:  xx.xx.xx.xx#53
> > > 
> > > Non-authoritative answer:
> > > *** Can't find mybox: No answer
> > > 
> > > but fqn works mybox.intranet.somedomain.edu.
> > > 
> > > 
> > > 
> > > please explain.
> > 
> > try the --domain option.
> > note that usually adding .domain is not a job of DNS server, but a
> > job of
> > system resolver.
> > 
> > 
> To clarify the question:
> 
> In principial the search part of resolv.conf is a client side solution,
> but in the other hand why we can not picked it up? 
> 
> I saw many questions about:  Why dnsmasq do take no use of "search".
> 
> Simple users do think this way.
> 
> The domain option doesn't take the effect, because it isn't that kind
> of option.
> 
> Greetings
> Andreas Benzler
> 
> Karlsruher Institut für Technologie (KIT)
> Abteilung
> Institut für Nukleare Entsorgung (INE)
> 
> Informatik/Systemadministration
> 
> Hermann-von-Helmholtz-Platz 1
> Gebäude 712
> 76344 Eggenstein-Leopoldshafen
> 
> Telefon: +49 721 608 - 22082
> E-Mail: andreas.benz...@kit.edu
> Web: http://www.kit.edu/
> 
> KIT – Universität des Landes Baden-Württemberg und 
> nationales Forschungszentrum in der Helmholtz-Gemeinschaft
> 

Hey, that looks good.

I'm looking forward to the real description of the "problem".


Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Listening on VLAN and parent interface for DHCP

2020-06-01 Thread Geert Stappers
On Mon, Jun 01, 2020 at 12:55:23AM -0400, Matt Winter wrote:
> Hello,
> 
> I'm trying to debug some DHCP behavior on my UniFi home network.
> 
> The Unifi Security Gateway is a router responsible for handing out IPs for
> all of my VLANs. On the USG:
> - eth1 has 192.168.1.1/24
> - eth1.10 has 192.168.10.1/24
> 
> Both subnets are configured for DHCP, and it mostly works as desired...
> however:
> Sometimes, for clients connecting on VLAN 10, I'll see activity in the
> dnsmasq logs indicating that dnsmasq is acting on the DHCP traffic twice:
> once for eth1.10, and once for eth1. I'll include a dump of such activity
> at the end.
> 
> As far as I can tell, this is due to the way Linux handles 802.1Q traffic.
> A bug was addressed in the ISC DHCP server, with following note describing
> the issue:
> 
> >   /*  Use auxiliary packet data to:
> >*
> >*  a. Weed out extraneous VLAN-tagged packets - If the NIC driver is
> >*  handling VLAN encapsulation (i.e. stripping/adding VLAN tags),
> >*  then an inbound VLAN packet will be seen twice: Once by
> >*  the parent interface (e.g. eth0) with a VLAN tag != 0; and once
> >*  by the vlan interface (e.g. eth0.n) with a VLAN tag of 0 (i.e none).
> >*  We want to discard the packet sent to the parent and thus respond
> >*  only over the vlan interface.  (Drivers for Intel PRO/1000 series
> >*  NICs perform VLAN encapsulation, while drivers for PCnet series
> >*  do not, for example. The linux kernel makes stripped vlan info
> >*  visible to user space via CMSG/auxdata, this appears to not be
> >*  true for BSD OSs.).  NOTE: this is only supported on linux flavors
> >*  which define the tpacket_auxdata.tp_vlan_tci.
> 
> -- https://github.com/isc-projects/dhcp/commit/acbecb2e
> 
> Am I on the right track? If so, would a patch that does a similar
> discarding of packets be desirable?
> 
> Here's my log showing eth1 and eth1.10 fighting over who should respond:
> 
> May 30 15:32:43 dnsmasq-dhcp[19767]: DHCPREQUEST(eth1) 192.168.1.104 
> a4:fc:77:xx:yy:zz
> May 30 15:32:43 dnsmasq-dhcp[19767]: DHCPACK(eth1) 192.168.1.104 
> a4:fc:77:xx:yy:zz DESKTOP-HOSTNAME
> May 30 15:33:29 dnsmasq-dhcp[19767]: DHCPREQUEST(eth1.10) 192.168.1.104 
> a4:fc:77:xx:yy:zz
> May 30 15:33:29 dnsmasq-dhcp[19767]: DHCPNAK(eth1.10) 192.168.1.104 
> a4:fc:77:xx:yy:zz wrong network
> May 30 15:33:29 dnsmasq-dhcp[19767]: DHCPDISCOVER(eth1.10) a4:fc:77:xx:yy:zz
> May 30 15:33:29 dnsmasq-dhcp[19767]: DHCPOFFER(eth1.10) 192.168.10.23 
> a4:fc:77:xx:yy:zz
> May 30 15:33:29 dnsmasq-dhcp[19767]: DHCPREQUEST(eth1.10) 192.168.10.23 
> a4:fc:77:xx:yy:zz
> May 30 15:33:29 dnsmasq-dhcp[19767]: DHCPACK(eth1.10) 192.168.10.23 
> a4:fc:77:xx:yy:zz DESKTOP-HOSTNAME
> May 30 15:33:31 dnsmasq-dhcp[19767]: DHCPREQUEST(eth1) 192.168.10.23 
> a4:fc:77:xx:yy:zz
> May 30 15:33:31 dnsmasq-dhcp[19767]: DHCPNAK(eth1) 192.168.10.23 
> a4:fc:77:xx:yy:zz wrong network
> May 30 15:33:33 dnsmasq-dhcp[19767]: DHCPREQUEST(eth1) 192.168.10.23 
> a4:fc:77:xx:yy:zz
> May 30 15:33:33 dnsmasq-dhcp[19767]: DHCPNAK(eth1) 192.168.10.23 
> a4:fc:77:xx:yy:zz wrong network
> May 30 15:33:36 dnsmasq-dhcp[19767]: DHCPDISCOVER(eth1) a4:fc:77:xx:yy:zz
> May 30 15:33:36 dnsmasq-dhcp[19767]: DHCPOFFER(eth1) 192.168.1.104 
> a4:fc:77:xx:yy:zz
> May 30 15:33:36 dnsmasq-dhcp[19767]: DHCPREQUEST(eth1) 192.168.1.104 
> a4:fc:77:xx:yy:zz
> May 30 15:33:36 dnsmasq-dhcp[19767]: DHCPACK(eth1) 192.168.1.104 
> a4:fc:77:xx:yy:zz DESKTOP-HOSTNAME
> May 30 16:47:56 dnsmasq-dhcp[19767]: DHCPREQUEST(eth1.10) 192.168.1.104 
> a4:fc:77:xx:yy:zz
> May 30 16:47:56 dnsmasq-dhcp[19767]: DHCPNAK(eth1.10) 192.168.1.104 
> a4:fc:77:xx:yy:zz wrong network
> May 30 16:47:56 dnsmasq-dhcp[19767]: DHCPDISCOVER(eth1.10) a4:fc:77:xx:yy:zz
> May 30 16:47:56 dnsmasq-dhcp[19767]: DHCPOFFER(eth1.10) 192.168.10.23 
> a4:fc:77:xx:yy:zz
> May 30 16:47:56 dnsmasq-dhcp[19767]: DHCPREQUEST(eth1.10) 192.168.10.23 
> a4:fc:77:xx:yy:zz
> May 30 16:47:56 dnsmasq-dhcp[19767]: DHCPACK(eth1.10) 192.168.10.23 
> a4:fc:77:xx:yy:zz DESKTOP-HOSTNAME

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] read /etc/hosts if DNS disabled

2020-05-21 Thread Geert Stappers
On Thu, May 21, 2020 at 03:35:24PM +0200, Matus UHLAR - fantomas wrote:
> > On Fri, May 15, 2020 at 07:53:50PM +0200, Matus UHLAR - fantomas wrote:
> > > I have problems configuring static DHCP using /etc/hosts and /etc/ethers.
> > > It seems that dnsmasq is ignoring /etc/hosts when dns server is disabled
> > > via "-p 0" option.
> > > 
> > > Can anyone confirm?
> > > If I'm right, is this bug or a feature?
> 
> On 21.05.20 15:03, Geert Stappers wrote:
> > Advice: Describe "the problem" better.
> 
> OK.
> 
> the problem is that DHCP clients listed in /etc/ethers will not be given IP
> addreses specified in /etc/hosts when dnsmasq does not run DNS service
> (-p 0), because /etc/hosts is not read in that case.
> 
> the workaround is to run DNS at different port (e.g.  -p 54), so dnsmasq
> reads /etc/hosts and provides IPS configured there do clients from
> /etc/ethers, but I believe /etc/hosts should be read even without DNS,
> unless explicitly disabled.


Acknowledge on version 2 of "problem description".

I partially understand what the expectations are.



Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] dnsmasq unit tests! [fun vs serious]

2020-05-21 Thread Geert Stappers
On Thu, May 14, 2020 at 04:19:55PM +0200, Petr Menšík wrote:
> On 5/12/20 10:51 PM, Geert Stappers wrote:
> > On Mon, May 04, 2020 at 05:02:38PM +0200, Petr Menšík wrote:
> >> Hello everyone,
> >>
  ...
> >>
> >> I would love if you could try it and tell me what you think about it.
> > 
> > I think it is great to have unittests.

And I'm serious about it.


> >> I am attaching squished patch,
  ...
> >> Any opinions would be appreciated too.
> > 
> > 
> I do not know Harry Callahan. What would he say?

"Opinions are like assholes: Everybody has one"

See it yourself in 16 seconds at https://www.youtube.com/watch?v=hVlYMctb7Y4
(Harry Callahan's opinion on opinions)


Regards
Geert Stappers
Who may have revealed himself from being before the UNIX epoch  :-)
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [PATCH] dnsmasq unit tests!

2020-05-21 Thread Geert Stappers
On Thu, May 14, 2020 at 09:08:09PM +0200, Petr Menšík wrote:
> My previous message is waiting for moderation, since my patch is a big one.
> 
> On 5/12/20 10:51 PM, Geert Stappers wrote:
> > On Mon, May 04, 2020 at 05:02:38PM +0200, Petr Menšík wrote:
> ...
> > 
> > I think it is great to have unittests.
> > 
> >   
> > 
> > To be continued ...
> OK, patch cleaned up, should apply without any warning now.
> 

Yes, works fine.  Fixes the parameter count mismatch that was seen
earlier. One unittest failed as warned before. And yes indeed
the Harald Jensas's patch 'Fix regression in s_config_in_context()
method' does solve it.


Cheers
Geert Stappers
(Curious who also
 says: "Unittests? Yes, have it in the dnsmasq source tree!" )

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-05-21 Thread Geert Stappers
On Sun, May 03, 2020 at 01:23:15PM +0200, Pali Rohár wrote:
> Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system
> changes IAID/DUID then old assigned IPv6 address cannot be reused, even
> when in config file was DHCPv6 assignment based on MAC address (and not on
> DUID).
> 
> IAID/DUID is changed when rebooting from one operating system to another;
> or after reinstalling system. In reality it is normal that DUID of some
> machine is changed, so people rather assign also IPv6 addresses based on
> MAC address.
> 
> So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken.

How to reproduce that  semi-brokenness?

 
> This patch tries to fix it and honors IPv6 config rules with MAC address,
> to always assign particular IPv6 address to specific MAC address (when
> configured). And ignores the fact if IAID/DUID was changed.
> 
> Normally IPv6 address should be assigned by IAID/DUID (which also state
> DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6
> address based on MAC address, when users configured in config file.
> 
> So this patch just tries to fix above problem for user configuration with
> MAC addresses. It does not change assignment based on DUID.
> ---
> 
> This is my original patch rebased on top of current git master branch.

Acknowledge


> Previous email with this patch probably dropped into spambox
> and was not processed.

 (unspoken words +
  http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/014018.html )


> So please let me know if now this email was correctly received.
 
Recieved the patch and was able to  `git am` it.
It did compile and passed the unittests.

No further check was done.  Mostly because not facing the problem that
patch submitter has.  Probably some day I will, hence the above 'How to
reproduce that  semi-brokenness?'


>  src/rfc3315.c | 55 +++
>  1 file changed, 47 insertions(+), 8 deletions(-)
> 
> diff --git a/src/rfc3315.c b/src/rfc3315.c
> index b3f0a0a..e588b13 100644
> --- a/src/rfc3315.c
> +++ b/src/rfc3315.c
 ... 142 lines of actual patch ...


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] lease time affects ipv6 prefix life time

2020-05-21 Thread Geert Stappers
On Mon, May 04, 2020 at 03:51:58PM +0200, Olaf Hering wrote:
> I have this in dnsmas.conf to advertise the current ipv6 prefix:
> 
> dhcp-range=::,constructor:${interface},slaac,ra-names,64,${lease_time}
> enable-ra
> 
> If the prefix gets changed, dnsmasq starts to announce the new prefix,
> but it keeps announcing the old one (as deprecated) as well for a while.
> 
> I wonder why the value of ${lease_time} is not used verbatim?

I don't understand that question.


> It is forced to be at least 120, which might be fine for real DHCP. In
> practice this means a stale and unusable prefix is announced as "valid
> = 120, preferred = 0" for about two minutes. It seems clients can
> cope with it. Still, I would like to zap the old prefix "instantly"
> with lease_time=1.
> 
> Olaf




Regards
Geert Stappers
In an attempt to get some attention to a good?? question.
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] read /etc/hosts if DNS disabled

2020-05-21 Thread Geert Stappers
On Fri, May 15, 2020 at 07:53:50PM +0200, Matus UHLAR - fantomas wrote:
> Hello,
> 
> I have problems configuring static DHCP using /etc/hosts and /etc/ethers.
> It seems that dnsmasq is ignoring /etc/hosts when dns server is disabled
> via "-p 0" option.
> 
> Can anyone confirm?
> If I'm right, is this bug or a feature?
> 
> Thanks

Advice: Describe "the problem" better.



Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] dnsmasq and NXNSAttack

2020-05-21 Thread Geert Stappers
On Wed, May 20, 2020 at 07:26:22PM -0400, Neal P. Murphy wrote:
> Is dnsmasq vulnerable to NXNSAttack?
 
Text from http://www.nxnsattack.com/

  The NXNSAttack is more effective than the NXDomain attack: i) It
  reaches an amplification factor of more than 1620x on the number of
  packets exchanged by the recursive resolver. ii) Besides the negative
  cache, the attack also saturates the ’NS’ resolver caches.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] No forgetting logic when using hostsdir

2020-05-17 Thread Geert Stappers
On Sun, May 17, 2020 at 12:08:36PM +0100, an0nym wrote:
> On Sun, May 17, 2020 at 10:28:11AM +, Kevin 'ldir' Darbyshire-Bryant 
> wrote:
> > The man page sayeth: 
> > (http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html)
> > 
> > --hostsdir=
> > Read all the hosts files contained in the directory. New or changed
> > files are read automatically. See --dhcp-hostsdir for details.
> > 
> > --dhcp-hostsdir=
> > This is equivalent to --dhcp-hostsfile, except for the following. The
> > path MUST be a directory, and not an individual file. Changed or
> > new files within the directory are read automatically, without the
> > need to send SIGHUP. If a file is deleted or changed after it has
> > been read by dnsmasq, then the host record it contained will remain
> > until dnsmasq receives a SIGHUP, or is restarted; ie host records
> > are only added dynamically.
> > 
> > 
> > To re-iterate:
> > 
> > Host entries from dynamically read files will remain in dnsmasq’s
> > memory if removed from those file/s unless dnsmasq is persuaded to
> > forget them, either by SIGHUP or a complete restart.
> > 
> > Personally I would find it a welcome option if dnsmasq could also
> > dynamically forget entries.  I suspect it is not as simple as it
> > sounds otherwise it would have been implemented.
> 
> Thank you, Kevin.
> 
> Regrettably, I have missed this documented statement.
> Now everything makes sense.

Challenge:  Play with it and report back.


Regards
Geert Stappers

P.S.
SIGHUP can be send with the tool c.q. utility `kill`.
Even the default signal that `kill` sends is SIGHUP, Signal HangUP.

Use `kill -L` for getting a list of signals.

See also  `pidof` and `killall`.

Have fun  and thanks for being a good dnsmasq community member.
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] No forgetting logic when using hostsdir

2020-05-17 Thread Geert Stappers
On Sat, May 16, 2020 at 05:07:59PM +0100, an0nym wrote:
> Hello,
> 
> I hope you are safe and well.
> 
> When dnsmasq is configured to monitor hostsdir, I believe there is no
> forgetting logic when you delete and then create or simply overwrite one of
> the files there with different filter and the same allocated IP.
> 
> E. g.
> 
> # grep -F dhcp-hostsdir /etc/dnsmasq.conf
> dhcp-hostsdir=/etc/dnsmasq.d/hosts.d
> # echo "id:test,192.168.0.156" >/etc/dnsmasq.d/hosts.d/test.conf

test   .156


> # systemctl status dnsmasq
> ...
> dnsmasq[21376]: inotify, new or changed file
> /etc/dnsmasq.d/hosts.d/test.conf
> dnsmasq-dhcp[21376]: read /etc/dnsmasq.d/hosts.d/test.conf
> # echo "id:test2,192.168.0.156" >/etc/dnsmasq.d/hosts.d/test.conf

test2.156


> # systemctl status dnsmasq
> ...
> dnsmasq[21376]: inotify, new or changed file
> /etc/dnsmasq.d/hosts.d/test.conf
> dnsmasq-dhcp[21376]: read /etc/dnsmasq.d/hosts.d/test.conf
> dnsmasq[21376]: duplicate dhcp-host IP address 192.168.0.156 at line 1 of 
> /etc/dnsmasq.d/hosts.d/test.conf

duplicate  of .156


> Dnsmasq 2.80. Apologies if this has been fixed in 2.81,
> I did not succeed in compiling from sources to check.
> 
> I hope this helps.

Helpfull is reporting back how helpfull this message was.


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Regression in 2.81 related to support for multiple IPv6 addresses - [PATCH 1/1] Fix regression in s_config_in_context() method

2020-05-12 Thread Geert Stappers
On Tue, May 12, 2020 at 10:19:46PM +0200, Geert Stappers wrote:
> On Thu, May 07, 2020 at 04:14:03PM +0200, Petr Menšík wrote:
> > Please skip my previous patches in this thread and original Harald's
> > patch. This one is one is correct.
> 
> I'm forging something that is plain the git commit.


OK. Log says:
Sendmail: /usr/sbin/sendmail -i dnsmasq-discuss@lists.thekelleys.org.uk 
hjen...@redhat.com
Form: Geert Stappers 
To: dnsmasq-discuss@lists.thekelleys.org.uk
Cc: =?UTF-8?q?Harald=20Jens=C3=A5s?= 
Subject: [PATCH] Fix regression in s_config_in_context() method
Date: Tue, 12 May 2020 22:22:15 +0200
Message-Id: <1589314935-6258-1-git-send-email-stapp...@alpaca.gpm.stappers.nl>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <20200512201945.6kaok5lrfpvis...@gpm.stappers.nl>
References: <20200512201945.6kaok5lrfpvis...@gpm.stappers.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Result: OK


>  The idea is that it allows Simon to do `|  git am`.

HTH

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


[Dnsmasq-discuss] [PATCH] Fix regression in s_config_in_context() method

2020-05-12 Thread Geert Stappers
From: Harald Jensås 

Prior to commit 137286e9baecf6a3ba97722ef1b49c851b531810
a config would not be considered in context if:
a) it has no address family flags set
b) it has the address family flag of current context set

Since above commit config is considered in context if the
address family is the opposite of current context.

The result is that a config with two dhcp-host records,
one for IPv6 and another for IPv4 no longer works, for
example with the below config the config with the IPv6
address would be considered in context for a DHCP(v4)
request.
 dhcp-host=52:54:00:bc:c3:fd,172.20.0.11,host2
 dhcp-host=52:54:00:bc:c3:fd,[fd12:3456:789a:1::aadd],host2

This commit restores the previous behavior.
---
 src/dhcp-common.c | 10 +++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/dhcp-common.c b/src/dhcp-common.c
index eae9886..ffc78ca 100644
--- a/src/dhcp-common.c
+++ b/src/dhcp-common.c
@@ -280,14 +280,18 @@ static int is_config_in_context(struct dhcp_context 
*context, struct dhcp_config
 {
   if (!context) /* called via find_config() from lease_update_from_configs() */
 return 1; 
-  
+
+  /* No address present in config == in context */
+  if (!(config->flags & (CONFIG_ADDR | CONFIG_ADDR6)))
+return 1;
+
 #ifdef HAVE_DHCP6
   if (context->flags & CONTEXT_V6)
 {
struct addrlist *addr_list;
 
if (!(config->flags & CONFIG_ADDR6))
-return 1;
+return 0;

 for (; context; context = context->current)
  for (addr_list = config->addr6; addr_list; addr_list = 
addr_list->next)
@@ -303,7 +307,7 @@ static int is_config_in_context(struct dhcp_context 
*context, struct dhcp_config
 #endif
 {
   if (!(config->flags & CONFIG_ADDR))
-   return 1;
+   return 0;
   
   for (; context; context = context->current)
if ((config->flags & CONFIG_ADDR) && is_same_net(config->addr, 
context->start, context->netmask))
-- 
2.1.4


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Regression in 2.81 related to support for multiple IPv6 addresses - [PATCH 1/1] Fix regression in s_config_in_context() method

2020-05-12 Thread Geert Stappers
On Thu, May 07, 2020 at 04:14:03PM +0200, Petr Menšík wrote:
> Checked this fix with help of my new unit test, it indeed fixes the
> issue correctly. With significantly lower CPU usage than previous fixes.

   \o/   woot   woot   \o/


Yes twice.  One for "unit test"  the other for "lower CPU usage"


 
> Please skip my previous patches in this thread and original Harald's
> patch. This one is one is correct.

I'm forging something that is plain the git commit.  The idea
is that it allows Simon to do `|  git am`.



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [PATCH] dnsmasq unit tests!

2020-05-12 Thread Geert Stappers
On Mon, May 04, 2020 at 05:02:38PM +0200, Petr Menšík wrote:
> Hello everyone,
> 
> we have merged support for multiple IPv6 addresses to our release in
> RHEL. We tried to ensure it does not break anything and we failed.
> 
> I made already some dnsmasq tests in separate repository [1], running in
> network namespaces. There are two kinds of tests. Simple shell backed
> bats tests in bash. bats and bash packages are required to run them.
> Second kind are few tests in beakerlib [2], which is test framework used
> in Fedora and RHEL testing. They exist and can test few things.
> 
> But now, I have accomplished creating few unit tests [3] for dnsmasq.
> They are kind of hack, but they should allow basic testing of options
> working. I used cmocka library. Dnsmasq is not very well prepared for
> unit testing, but some parts can be tested. It is much easier to test
> just code, without providing fake network configuration. I want to use
> it to ensure no change in DHCP breaks expected behaviour. It is much
> easier to prepare code changes than full fledged functional test,
> emulating real request over network.
> 
> I would love if you could try it and tell me what you think about it.

I think it is great to have unittests.


> I am attaching squished patch, separate commits are at our github [3].
> If someone would like to add some test, please create a pull request!
> 
> If you would like to try it:
> git clone -b unittests https://github.com/InfrastructureServices/dnsmasq.git
> cd dnsmasq
> make
> cd tests
> make
> ./option_test
> ./dhcp_test
> 
> Since these are related to dnsmasq internals, I think merge to master
> would be nice eventually. Some parts of dnsmasq should be adjusted for
> easier testing, I have to prepare some changes. It might be starting
> block to ensure new releases do not break existing functionality.
> 
> Any opinions would be appreciated too.





 
> Cheers,
> Petr
> 
> 1. https://github.com/InfrastructureServices/dnsmasq-tests
> 2. https://github.com/beakerlib/beakerlib
> 3. https://github.com/InfrastructureServices/dnsmasq/tree/unittests/tests
> 
> Petr Menšík
> Software Engineer

Be aware that I'm a "sysadmin",  not a programmer ...


> >From 9395cc84f93c63573ba28e4e349c44adb5dbb34d Mon Sep 17 00:00:00 2001
> From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= 
> Date: Mon, 4 May 2020 16:26:17 +0200
> Subject: [PATCH] Create unittests with dhcp and option tests
> MIME-Version: 1.0
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 8bit
> 
> diff --git a/Makefile b/Makefile
> index 78e25f0..e390745 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -24,7 +24,7 @@ MANDIR= $(PREFIX)/share/man
>  LOCALEDIR = $(PREFIX)/share/locale
>  BUILDDIR  = $(SRC)
>  DESTDIR   = 
> -CFLAGS= -Wall -W -O2
> +CFLAGS= -Wall -W -O2 -ggdb

How does that effect the regular builds?



>  LDFLAGS   = 
>  COPTS = 
>  RPM_OPT_FLAGS = 

  



stappers@alpaca:~/src/dnsmasq
$ git am unittests.patch 
Patch format detection failed.
stappers@alpaca:~/src/dnsmasq
$ git am < unittests.patch 
Applying: Create unittests with dhcp and option tests
/home/stappers/src/dnsmasq/.git/rebase-apply/patch:469: trailing
whitespace.
  
/home/stappers/src/dnsmasq/.git/rebase-apply/patch:535: trailing
whitespace.
  /* Min buffer size: we check after adding each record, so there must
 * be 
/home/stappers/src/dnsmasq/.git/rebase-apply/patch:538: trailing
whitespace.
 This might be increased is EDNS packet size if greater than the
minimum. */ 
/home/stappers/src/dnsmasq/.git/rebase-apply/patch:541: trailing
whitespace.
  
/home/stappers/src/dnsmasq/.git/rebase-apply/patch:610: trailing
whitespace.
size_t answer_auth(struct dns_header *header, char *limit, size_t qlen,
time_t now, union mysockaddr *peer_addr, 
warning: squelched 1 whitespace error
warning: 6 lines add whitespace errors.
stappers@alpaca:~/src/dnsmasq
$ 


To be continued ...

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [PATCH] Regression in 2.81 related to support for multiple IPv6 addresses

2020-04-30 Thread Geert Stappers
hostname && context)
> @@ -358,7 +374,8 @@ static struct dhcp_config *find_config_match(struct 
> dhcp_config *configs,
>if ((config->flags & CONFIG_NAME) && 
> hostname_isequal(config->hostname, hostname) &&
> is_config_in_context(context, config) &&
> -   match_netid(config->filter, tags, tag_not_needed))
> +   match_netid(config->filter, tags, tag_not_needed) &&
> +match_flag(config->flags, flag, flag_not_needed))

:-)

>   return config;
>  
>
> @@ -368,7 +385,8 @@ static struct dhcp_config *find_config_match(struct 
> dhcp_config *configs,
>/* use match with fewest wildcard octets */
>for (candidate = NULL, count = 0, config = configs; config; config = 
> config->next)
>  if (is_config_in_context(context, config) &&
> - match_netid(config->filter, tags, tag_not_needed))
> + match_netid(config->filter, tags, tag_not_needed) &&
> +  match_flag(config->flags, flag, flag_not_needed))

(-:


>for (conf_addr = config->hwaddr; conf_addr; conf_addr = 
> conf_addr->next)
>   if (conf_addr->wildcard_mask != 0 &&
>   conf_addr->hwaddr_len == hw_len &&  
> @@ -382,17 +400,27 @@ static struct dhcp_config *find_config_match(struct 
> dhcp_config *configs,
>return candidate;
>  }
>  
> -/* Find tagged configs first. */
> +/* Find tagged configs with flags first. */
>  struct dhcp_config *find_config(struct dhcp_config *configs,
>   struct dhcp_context *context,
>   unsigned char *clid, int clid_len,
>   unsigned char *hwaddr, int hw_len, 
> - int hw_type, char *hostname, struct dhcp_netid 
> *tags)
> + int hw_type, char *hostname, struct dhcp_netid 
> *tags, unsigned int flag)

Yeah

>  {
> -  struct dhcp_config *ret = find_config_match(configs, context, clid, 
> clid_len, hwaddr, hw_len, hw_type, hostname, tags, 0);
> +  /* Find tagged config with flags */
> +  struct dhcp_config *ret = find_config_match(configs, context, clid, 
> clid_len, hwaddr, hw_len, hw_type, hostname, tags, 0, flag, 0);
> +
> +  /* Find tagged config without flags */
> +  if (!ret)
> +ret = find_config_match(configs, context, clid, clid_len, hwaddr, 
> hw_len, hw_type, hostname, tags, 0, flag, 1);
> +
> +  /* Find untagged config with flags */
> +  if (!ret)
> +ret = find_config_match(configs, context, clid, clid_len, hwaddr, 
> hw_len, hw_type, hostname, tags, 1, flag, 0);
>  
> +  /* Find untagged config without flags */
>if (!ret)
> -ret = find_config_match(configs, context, clid, clid_len, hwaddr, 
> hw_len, hw_type, hostname, tags, 1);
> +ret = find_config_match(configs, context, clid, clid_len, hwaddr, 
> hw_len, hw_type, hostname, tags, 1, flag, 1);

Yeah

>  
>return ret;
>  }
> diff --git a/src/dnsmasq.h b/src/dnsmasq.h
> index 18c381e..bdb085b 100644
> --- a/src/dnsmasq.h
> +++ b/src/dnsmasq.h
> @@ -1571,7 +1571,8 @@ struct dhcp_config *find_config(struct dhcp_config 
> *configs,
>   unsigned char *clid, int clid_len,
>   unsigned char *hwaddr, int hw_len, 
>   int hw_type, char *hostname,
> - struct dhcp_netid *filter);
> + struct dhcp_netid *filter,
> +unsigned int flag);
>  int config_has_mac(struct dhcp_config *config, unsigned char *hwaddr, int 
> len, int type);
>  #ifdef HAVE_LINUX_NETWORK
>  char *whichdevice(void);
> diff --git a/src/lease.c b/src/lease.c
> index 23e6fe0..917f7f3 100644
> --- a/src/lease.c
> +++ b/src/lease.c
> @@ -230,7 +230,7 @@ void lease_update_from_configs(void)
>  if (lease->flags & (LEASE_TA | LEASE_NA))
>continue;
>  else if ((config = find_config(daemon->dhcp_conf, NULL, lease->clid, 
> lease->clid_len, 
> -lease->hwaddr, lease->hwaddr_len, 
> lease->hwaddr_type, NULL, NULL)) && 
> +lease->hwaddr, lease->hwaddr_len, 
> lease->hwaddr_type, NULL, NULL, 0)) && 

Missing a chance of trailing white space removal  ;-)


>(config->flags & CONFIG_NAME) &&
>(!(config->flags & CONFIG_ADDR) || config->addr.s_addr == 
> lease->addr.s_addr))
>lease_set_hostname(lease, config->hostname, 1, 
> get_domain(lease->addr), NULL);
> diff --git a/src/rfc2131.c b/src/rfc2131.c
> index fc54aab..22c2d63 100644
> --- a/src/rfc2131.c
> +++ b/src/rfc2131.c
   ...



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [PATCH] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-04-21 Thread Geert Stappers
On Tue, Apr 21, 2020 at 04:16:43PM +0200, Pali Rohár wrote:
> On Friday 07 February 2020 23:08:32 Pali Rohár wrote:
> > On Monday 17 December 2018 18:41:09 Pali Rohár wrote:

   

> Hello!
> 
> I have not got any reply about this patch for years.
> 
> So I would like to know, is some spam filter eating my emails and
> therefore patch was not delivered?
> 
> Can somebody confirm if Simon got my patch or should I probably resent
> it from different email address, to prevent spam filter problems?


Here NOT the project lead.


In the 17 months since the original post on assigning IPv6 address based
on MAC address has dnsmasq seen many code changes.  Including IPv6
address assignment, even through patches.

I do have seen the reminders on "please review my patch".

Please accept this posting as "your patch from 2018-12-17 is rejected".
In case of a "Why?", be prepared for being ignored. Try to understand
that explaining why patch is not good enough does cost human energy.


Now we can go on.


Make a new start.  Install the latest version of dnsmasq.
Use it in your scenario. Find out if you can use it in your scenario.
Report your use case. Make some effort to explain that more
people can benefit from your use case, create awareness.

Let's assume dnsmasq doesn't fit YOUR use case. And you modify
it so it does fit your case. Then you have a fresh patch.
Sending that patch to this mailinglist is no garantee for acceptance.

I agree that being ignored does cost human energy. Sad, but true.

What I'm now trying is to break the loop of repeated "review my patch".

Send UPDATED versions for patches (stop retransmitting patches that
are most likely outdated.)


Regards
Geert Stappers


P.S.

Simon, I think it is a good thing to have a canned reply like:

  Patch as been recieved, reviewed and rejected.
  Please understand that explaining "why the reject"
  will drain resources from the project we both care about.
  No hardfeelings, feel free to retry.

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] IPv6 host-id

2020-04-21 Thread Geert Stappers
On Tue, Apr 21, 2020 at 09:47:35AM -0400, Jiawen Chen wrote:
> On Tue, Apr 21, 2020 at 3:01 AM Geert Stappers  wrote:
> > On Mon, Apr 20, 2020 at 10:27:11PM -0400, Jiawen Chen wrote:
> > >
> > > I'd like to use DHCPv6 and IPv6, using the host-id-only option.
> > >
> > > ```
> > > # Enable IPv6 Router Advertisement.
> > > enable-ra
> > >
> > > # Enable DHCPv6. Serve a range for each VLAN.
> > > dhcp-range=::0:2,::0:500,constructor:br0,slaac
> >
> > note the interface
> >
> >
> > >
> > > # Assign 192.168.0.150 and [::0:1000] to my living room pc
> > >
> > dhcp-host=,192.168.0.150,[::0:1000],livingroom.internal,12h
> > >
> > > # Assign 192.168.0.151 and [::0:1001] to my file server
> > >
> > dhcp-host=,192.168.0.151,[::0:1001],fileserver.internal,12h
> > > ```
> > >
> > > Sadly, the host-id-only notation ([::0:1000]) does not appear permitted
> > > when dnsmasq parses /etc/hosts.
> > >
> > > Any suggestions would be greatly appreciated!
> >
> > FWIW  I  suggest configuration syntax that allows
> >
> >
> >  
> > dhcp-host=,192.168.0.150,[interface(br0)::0:1000],livingroom.internal,12h
> >
> >
> Thanks for the suggestion - I will try it tonight. Is your suggested
> notation  of \[interface()\] documented anywhere?

Nope  ...

> I can't seem to find it on the man page after looking carefully. In
> particular, the string "interface(" does not appear.
 
 ... because it is only a suggestion.   Sorry for not writing

} FWIW  I  suggest implementation of configuration syntax that allows
}
} 
dhcp-host=,192.168.0.150,[interface(br0)::0:1000],livingroom.internal,12h



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] DNS set using dhcp-host expires?

2020-04-21 Thread Geert Stappers
On Tue, Apr 21, 2020 at 09:57:34AM -0400, Jiawen Chen wrote:
> On Tue, Apr 21, 2020 at 3:06 AM Geert Stappers wrote:
> > On Mon, Apr 20, 2020 at 10:27:11PM -0400, Jiawen Chen wrote:
> > >
> > > I'm using dnsmasq for DHCP + DNS on my home LAN and use dhcp-host to
> > > statically assign an IP address and hostname. However, I'm discovering 
> > > that
> > > while it works most of the time, sometimes, ssh for example, can't find 
> > > the
> > > host by name, only IP. One instance is a Linux VM. Initially I can ssh 
> > > into
> > > the VM. But if I power down the VM for say a few days, and start it back
> > > up, the name is missing (even though it is somehow assigned the same IP 
> > > (it
> > > keeps its MAC)).
> > >
> > > dnsmasq.conf:
> > > ```
> > > # other irrelevant stuff
> > >  ...
> > > # Assign 192.168.0.150 to my living room pc
> > > dhcp-host=,192.168.0.150,livingroom.internal,infinite
> > >
> > > # Assign 192.168.0.151 to my file server
> > > dhcp-host=,192.168.0.151,fileserver.internal,infinite
> > > ```
> >
> > I suggest to change  the   ',infinite'   into something like  ',12h' for
> > the servers that are be powered-off of for several days.
> >
> > What I think is that the DNS cache  entry expires
> > ( and I think that it is valid behaviour.)
> >
> >
> > Expriment that can be done:
> >
> >  * Restart dnsmasq,  so it forgets about dhcp-hosts in DNS cache
> >  * Check cache dump with  SIGUSR1
> >  * Power-on an infinite DHCP client e.g. the Linux VM
> >  * Check cache dump with SIGUSR1
> >  * Regular work with the example Linux VM
> >  * Power-off the infinite DHCP client
> >  * Sample several days the cache dump
> >  * Report when the DNS entry of the powered-off server is gone
> >
> 
> Thanks! That makes sense. I will give that a shot.


Cool.  I look forward on feedback.



Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] IPv6 host-id

2020-04-21 Thread Geert Stappers
On Mon, Apr 20, 2020 at 10:27:11PM -0400, Jiawen Chen wrote:
> Hi,
> 
 ...
> 
> 
> Finally, I'd like to use DHCPv6 and IPv6, using the host-id-only option.
> 
> ```
> # Enable IPv6 Router Advertisement.
> enable-ra
> 
> # Enable DHCPv6. Serve a range for each VLAN.
> dhcp-range=::0:2,::0:500,constructor:br0,slaac

note the interface


> 
> # Assign 192.168.0.150 and [::0:1000] to my living room pc
> dhcp-host=,192.168.0.150,[::0:1000],livingroom.internal,12h
> 
> # Assign 192.168.0.151 and [::0:1001] to my file server
> dhcp-host=,192.168.0.151,[::0:1001],fileserver.internal,12h
> ```
> 
> Sadly, the host-id-only notation ([::0:1000]) does not appear permitted
> when dnsmasq parses /etc/hosts.
> 
> Any suggestions would be greatly appreciated!

FWIW  I  suggest configuration syntax that allows

 
dhcp-host=,192.168.0.150,[interface(br0)::0:1000],livingroom.internal,12h

 

Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] DNS set using dhcp-host expires?

2020-04-21 Thread Geert Stappers
On Mon, Apr 20, 2020 at 10:27:11PM -0400, Jiawen Chen wrote:
> Hi,
> 
...
> 
> I'm using dnsmasq for DHCP + DNS on my home LAN and use dhcp-host to
> statically assign an IP address and hostname. However, I'm discovering that
> while it works most of the time, sometimes, ssh for example, can't find the
> host by name, only IP. One instance is a Linux VM. Initially I can ssh into
> the VM. But if I power down the VM for say a few days, and start it back
> up, the name is missing (even though it is somehow assigned the same IP (it
> keeps its MAC)).
> 
> dnsmasq.conf:
> ```
> # other irrelevant stuff
> 
> no-resolv
> server=8.8.8.8
> server=8.8.4.4
> server=1.1.1.1
> 
> expand-hosts
> domain-needed
> bogus-priv
> local=/internal/
> 
> # Assign 192.168.0.150 to my living room pc
> dhcp-host=,192.168.0.150,livingroom.internal,infinite
> 
> # Assign 192.168.0.151 to my file server
> dhcp-host=,192.168.0.151,fileserver.internal,infinite
> ```

I suggest to change  the   ',infinite'   into something like  ',12h' for
the servers that are be powered-off of for several days.

What I think is that the DNS cache  entry expires ( and I think that it
is valid behaviour.)

Expriment that can be done:

 * Restart dnsmasq,  so it forgets about dhcp-hosts in DNS cache
 * Check cache dump with  SIGUSR1
 * Power-on an infinite DHCP client e.g. the Linux VM
 * Check cache dump with SIGUSR1
 * Regular work with the example Linux VM
 * Power-off the infinite DHCP client
 * Sample several days the cache dump
 * Report when the DNS entry of the powered-off server is gone


Recipe to sabotage the expriment:
  while true
  do
 nslookup  linuxVM  >   output
 process_output
 if  hostname_not_found
 then
exit
 fi
 sleep 2 hour
  done

because it keeps the DNS entry in cache.


> 
> For these static DHCP leases, is the best practice to set them in
> /etc/hosts instead?
> 
> I also discovered --host-record, which does something very similar. Is
> there an advantage in using one option vs the other?
> 


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] DNS set using dhcp-host doesn't exist until it connects?

2020-04-21 Thread Geert Stappers
On Mon, Apr 20, 2020 at 10:27:11PM -0400, Jiawen Chen wrote:
> Hi,
> 
> I recently started exploring the more advanced features of dnsmasq and have
> been very impressed.

   :-)

> 
 ... good  reports ...

> 
> Any suggestions would be greatly appreciated!

Separate issues should have seperate mail threads.
(now work in progress)
 

Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Failure of dnsmasq v2.81 in docker (qemu emulated armhf hardware)

2020-04-19 Thread Geert Stappers
On Sun, Apr 19, 2020 at 07:19:10AM +0200, Dominik wrote:
> On Wed, 2020-04-15 at 21:34 +0200, Dominik wrote:
> > A possible solution seems to be what Petr Gotthard suggested
> > (dnsmasq-discuss /Thu Mar 19 13:16:11 GMT 2020/):
> > 
> > > +#ifdef NETLINK_NO_ENOBUFS
> > >setsockopt(daemon->netlinkfd, SOL_NETLINK,
> > > NETLINK_NO_ENOBUFS, , sizeof(opt)) == -1 ||
> > > +#endif
> 
> Patch attached which restored dnsmasq operation for us.
> 
> Have a nice weekend!

;-)


> Best regards,
> Dominik

> From 59e38c1e81e3ec479866a47cadb92d53b9f86022 Mon Sep 17 00:00:00 2001
> From: Dominik Derigs 
> Date: Sun, 19 Apr 2020 07:15:00 +0200
> Subject: [PATCH] Don't try setsockopt of non-existing NETLINK_NO_ENOBUFS 
> option to prevent dnsmasq from failing in docker qemu emulation.

FWIW  git commit summary is supposed to be less then 53 characters

> ---
>  src/netlink.c | 6 ++
>  1 file changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/src/netlink.c b/src/netlink.c
> index 3af54c4..21e84ef 100644
> --- a/src/netlink.c
> +++ b/src/netlink.c
> @@ -27,10 +27,6 @@
>  #define SOL_NETLINK 270
>  #endif
>  
> -#ifndef NETLINK_NO_ENOBUFS

Tests on"not defined"


> -#define NETLINK_NO_ENOBUFS 5

Pushes (very (rude)) the value to 5


> -#endif
> -
>  /* linux 2.6.19 buggers up the headers, patch it up here. */ 
>  #ifndef IFA_RTA
>  #  define IFA_RTA(r)  \
> @@ -83,7 +79,9 @@ void netlink_init(void)
>
>if (daemon->netlinkfd == -1 || 
>(daemon->kernel_version >= KERNEL_VERSION(2,6,30) &&
> +#ifdef NETLINK_NO_ENOBUFS

in case it is defined


> setsockopt(daemon->netlinkfd, SOL_NETLINK, NETLINK_NO_ENOBUFS, , 
> sizeof(opt)) == -1) ||

use it with value as set in proper place


> +#endif
>getsockname(daemon->netlinkfd, (struct sockaddr *), ) == -1)
>  die(_("cannot create netlink socket: %s"), NULL, EC_MISC);
>


My apologies for not tested on "Yes, with that patch it still works for me"


Groeten
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] No DHCPOffer back but DHCPDiscover is being received by UML machine

2020-04-16 Thread Geert Stappers
On Wed, Apr 15, 2020 at 07:27:02PM +0100, Josh H wrote:
> On Wed, 15 Apr 2020 at 19:17, Geert Stappers  wrote:
> > Josh H  wrote in another message:
> > (
> > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/013988.html
> > )
> >
> > > I'm running a very odd environment in that I'm using 2 usermodelinux
> > > virtual machines connected via a virtual hub.
> >
> > Seems to me something that should work.
> >
> > However I have no exprience with UML
> >
> >
> >
> > > I've got such a simple
> > > setup because originally I had a much larger configuration and wanted
> > > to test it wasn't something messed up in routing and such.
> >
> > Oops. The simple setup doesn't work.
> >
> > In case there are two UML VMs that "see each other" through
> > the vHub, feel free to share that config with us.
> >
> >
> > > Just wanted to add that dnsmasq 2.62 with a much older Linux kernel
> > > (3.2 from memory?) worked on this sort of setup perfectly fine, so
> > > it seems thats either the kernel update or a newer version of dnsmasq
> > > has broken something along the way.
> >
> > I don't understand, but yes indeed
> >  Kernel, libc and dnsmasq  should be alined.
> >
> >
> 
> 
> It's difficult for me to share the config outright as I'm using a modified
> version of netkit that I've updated to a much newer kernel -
> http://netkit-ng.github.io/. The netkit version that is available on that
> link is the one that worked with dnsmasq just fine, and that version was
> 2.62 and kernel 3.2. However I've updated it and am running 2.80 and kernel
> 5.6.
> 
> Anything else I can provide you with that might help? It's a very unique
> setup so I appreciate  it's probably not the easiest thing to try and
> debug.


Choose: Something that is unique or something that can be shared



Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] No DHCPOffer back but DHCPDiscover is being received by UML machine

2020-04-15 Thread Geert Stappers
On Wed, Apr 15, 2020 at 06:03:13PM +0100, Josh H wrote:
> On Wed, 15 Apr 2020 at 16:56,  wrote:
> >
> > what about nftables if you are using a recent version of linux? many seem
> > to be moving to nftables from iptables...
> > https://linuxhandbook.com/iptables-vs-nftables/
>
>
> Running the command "nft list ruleset" gives me no output,
> so I assume no rules have been setup.

Yes, that makes sense.


Josh H  wrote in another message:
( http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2020q2/013988.html)

> I'm running a very odd environment in that I'm using 2 usermodelinux
> virtual machines connected via a virtual hub.

Seems to me something that should work.

However I have no exprience with UML



> I've got such a simple
> setup because originally I had a much larger configuration and wanted
> to test it wasn't something messed up in routing and such.
 
Oops. The simple setup doesn't work.

In case there are two UML VMs that "see each other" through
the vHub, feel free to share that config with us.


> Just wanted to add that dnsmasq 2.62 with a much older Linux kernel
> (3.2 from memory?) worked on this sort of setup perfectly fine, so
> it seems thats either the kernel update or a newer version of dnsmasq
> has broken something along the way.

I don't understand, but yes indeed
 Kernel, libc and dnsmasq  should be alined.



I hope this helps, otherwise read the message as "posting is been seen"


Regards
Geert Stappers
--
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] ignore mac address for one of the dhcp

2020-04-14 Thread Geert Stappers
On Tue, Apr 14, 2020 at 03:05:38AM -0400, John Siu wrote:
> On Mon, Apr 13, 2020 at 12:15 PM Geert Stappers wrote:
> > On Mon, Apr 13, 2020 at 10:18:31AM -0400, John Siu wrote:
> > > On Mon, Apr 13, 2020 at 4:54 AM Geert Stappers wrote:
> > > > On Sun, Apr 12, 2020 at 03:14:33PM -0400, John Siu wrote:
> > > > > I am running dnsmasq on a multiple port box. Following are dhcp config
> > > > > for the lan and dmz ports:
> > > > >
> > > > > ---
...  complete version follows ...
> > > > > ---
> > > > >
> > > > > They work correctly for network connected to those ports.
> > > >
> > > > I wonder how.
> > > >
> > > > I mean: The provided information looks incomplete to me.
> > > > Might be due an attempt to make the config more generic.
> > > >
> > > >
> > > >
> > > Following is the complete 92-dhcp.conf file I am using. It is not generic.
> > > I have interface name "lan" and "dmz" setup in network config.
> >
> > Ah
> >
> > > ---
> > > log-dhcp
> > > quiet-dhcp
> > > quiet-dhcp6
> > > quiet-ra
> > >
> > > enable-ra
> > >
> > > ## LAN
> > > dhcp-range=tag:lan,::1,constructor:lan,ra-names,72h # IPv6
> > > dhcp-range=tag:lan,172.16.168.130,172.16.168.250,72h # IPv4
> > > dhcp-option=tag:lan,option:router,172.16.168.1 # option 3 default gw
> > > dhcp-option=tag:lan,option:dns-server,172.16.168.1 # option 6 dns
> > > #dhcp-option=tag:lan,option:ntp-server,172.16.168.1
> > >
> > > ## DMZ
> > > dhcp-range=tag:dmz,::1,constructor:dmz,ra-names,72h # IPv6
> > > dhcp-range=tag:dmz,10.10.10.100,10.10.10.120,72h # IPv4
> > > dhcp-option=tag:dmz,option:router,10.10.10.1 # option 3 default gw
> > > dhcp-option=tag:dmz,option:dns-server,10.10.10.1 # option 6 dns
> > > #dhcp-option=tag:dmz,option:ntp-server,10.10.10.1
> > >
> > > ## Lease
> > > dhcp-hostsfile=/etc/dnsmasq.d/extra/dhcp.hosts
> > > dhcp-leasefile=/etc/dnsmasq.d/extra/dhcp.lease
> > > ---
> > >
> > > > > However, I am having issue with the switch which connect to both dmz
> > > > > and lan ports with different VLANs. As those VLAN ports share the same
> > > > > mac address, sometimes the switch will pick up IP from the lan side,
> > > > > and sometimes from the dmz side.
> > > > >
> > > > > How can I make dnsmasq only serve IP on the lan side for this 
> > > > > specific mac
> > > > > address?
> > > >
> > > > Tell more about what you have.
> > > >
> > > The switch is a Netgear GS908E. It has 8 ports. I setup 2 vlan, one for
> > > dmz, one for lan. So there is one cable from my server dmz port to the dmz
> > > vlan, same for lan.
> >
> > Thanks.  I'm not used to interface names like 'lan' or 'dmz'.
> > I'm used to interface names like 'eth0' and 'enp181s0f2'
> >
> >
> > > The switch is configure to use dhcp for its ip.
> >
> > OK, Acknowledge.  (As in "I respect your design decission" )
> >
> >
> > > However, it requests dhcp from all ports. As a result, sometime it pick up
> > > 172.x.x.x, and sometimes it pickup 10.x.x.x address.
> >
> > (and that is the challenge we are facing)
> >
> >
> > I have been reading the dnsmasq manual page  (again ;-) But I could not
> > find a clear solution for coping with duplicate MAC-addresses.
> >
> > The is `--dhcp-ignore=tag:...` no use in this case.
> >
> >
> > Idea  (wild idea?)
> >
> >   dhcp-host:01:00:18:4D:C0:3F:0E,172.16.168.251,12h
> >
> > In other words: Make a "static reserveration" for the swith in LAN
> >
> 
> I tried , also with tag:lan, and set:lan,
> the switch will still pick up 10.x.x.x address.
> 

Acknowledge.And thanks for reporting back.


I see no solution to the problem at dnsmasq end.

My advice is to re-consider why the switch must get all of it's IP
addresses through DHCP.



Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] No DHCPOffer back but DHCPDiscover is being received by machine

2020-04-14 Thread Geert Stappers
On Tue, Apr 14, 2020 at 06:51:25PM +0100, Josh H wrote:
> Hi there,
> 
> I'm receiving no DHCPOffer back from my DHCPDiscover. However, I can
> tcpdump the machine running dnsmasq and it is receiving the DHCPOffer
> packets.
 
Acknowledge


> Here's my very very simple dnsmasq.conf
> # To disable dnsmasq's DNS server functionality.
> port=0
> 
> # To enable dnsmasq's DHCP server functionality.
> dhcp-range=192.168.1.3,192.168.1.8,255.255.255.240,12h
> 
> # Set gateway as Router. Following two lines are identical.
> #dhcp-option=option:router,192.168.0.1
> dhcp-option=3,192.168.0.1
> 
> # Set DNS server as Router.
> dhcp-option=6,192.168.0.1
> 
> # Logging.
> log-facility=/var/log/dnsmasq.log   # logfile path.
> log-async
> log-queries # log queries.
> log-dhcp# log dhcp related messages.

Acknowledge on `log DHCP`


> 
> Here's the contents of /var/log/dnsmasq.log after running dhclient on a
> machine connected to the subnet:
> Apr 14 18:36:57 dnsmasq[1702]: started, version 2.80 DNS disabled
> Apr 14 18:36:57 dnsmasq[1702]: compile time options: IPv6 GNU-getopt DBus 
> i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect 
> inotify dumpfile
> Apr 14 18:36:57 dnsmasq-dhcp[1702]: DHCP, IP range 192.168.1.3 -- 
> 192.168.1.8, lease time 12h
 
Missing DHCP related entries ...


> I can see the service running with netstat -anp4:
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local AddressForeign Address   State PID/Program name
> udp0  0 0.0.0.0:67   0.0.0.0:* 1702/dnsmasq
> udp0  0 0.0.0.0:1701 0.0.0.0:* 1607/xl2tpd
> 
> There are no firewalls setup anywhere on my network for the moment. I have
> been able to get isc-dhcp-server to successfully allocate DHCP requests
> just fine however, so I don't think it's anything broken with DHCP in
> general. I'm running Linux kernel 5.6.2 and using dnsmasq from Debian
> Bullseye.
> 
> Hopefully someone can work out my issue!

You already have met the best someone   ;-)

Tell more about the set up  in use.

My hope is that it provides some clue why `tcpdump` can see DHCP network
traffic that `dnsmasq` should seen also.


> Thank you very much!

Thank you for reporting in an interresting problem.



Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] ignore mac address for one of the dhcp

2020-04-13 Thread Geert Stappers
On Mon, Apr 13, 2020 at 10:18:31AM -0400, John Siu wrote:
> On Mon, Apr 13, 2020 at 4:54 AM Geert Stappers wrote:
> > On Sun, Apr 12, 2020 at 03:14:33PM -0400, John Siu wrote:
> > > I am running dnsmasq on a multiple port box. Following are dhcp config
> > > for the lan and dmz ports:
> > >
> > > ---
> > >
> > > ## LAN
> > > dhcp-range=tag:lan,::1,constructor:lan,ra-names,72h # IPv6
> > > dhcp-range=tag:lan,172.16.168.130,172.16.168.250,72h # IPv4
> > > dhcp-option=tag:lan,option:router,172.16.168.1 # option 3 default gw
> > > dhcp-option=tag:lan,option:dns-server,172.16.168.1
> > >
> > > ## DMZ
> > > dhcp-range=tag:dmz,::1,constructor:dmz,ra-names,72h # IPv6
> > > dhcp-range=tag:dmz,10.10.10.100,10.10.10.120,72h # IPv4
> > > dhcp-option=tag:dmz,option:router,10.10.10.1 # option 3 default gw
> > > dhcp-option=tag:dmz,option:dns-server,10.10.10.1
> > >
> > > ---
> > >
> > > They work correctly for network connected to those ports.
> >
> > I wonder how.
> >
> > I mean: The provided information looks incomplete to me.
> > Might be due an attempt to make the config more generic.
> >
> >
> >
> Following is the complete 92-dhcp.conf file I am using. It is not generic.
> I have interface name "lan" and "dmz" setup in network config.

Ah

> ---
> log-dhcp
> quiet-dhcp
> quiet-dhcp6
> quiet-ra
> 
> enable-ra
> 
> ## LAN
> dhcp-range=tag:lan,::1,constructor:lan,ra-names,72h # IPv6
> dhcp-range=tag:lan,172.16.168.130,172.16.168.250,72h # IPv4
> dhcp-option=tag:lan,option:router,172.16.168.1 # option 3 default gw
> dhcp-option=tag:lan,option:dns-server,172.16.168.1 # option 6 dns
> #dhcp-option=tag:lan,option:ntp-server,172.16.168.1
> 
> ## DMZ
> dhcp-range=tag:dmz,::1,constructor:dmz,ra-names,72h # IPv6
> dhcp-range=tag:dmz,10.10.10.100,10.10.10.120,72h # IPv4
> dhcp-option=tag:dmz,option:router,10.10.10.1 # option 3 default gw
> dhcp-option=tag:dmz,option:dns-server,10.10.10.1 # option 6 dns
> #dhcp-option=tag:dmz,option:ntp-server,10.10.10.1
> 
> ## Lease
> dhcp-hostsfile=/etc/dnsmasq.d/extra/dhcp.hosts
> dhcp-leasefile=/etc/dnsmasq.d/extra/dhcp.lease
> ---
> 
> > > However, I am having issue with the switch which connect to both dmz
> > > and lan ports with different VLANs. As those VLAN ports share the same
> > > mac address, sometimes the switch will pick up IP from the lan side,
> > > and sometimes from the dmz side.
> > >
> > > How can I make dnsmasq only serve IP on the lan side for this specific mac
> > > address?
> >
> > Tell more about what you have.
> >
> The switch is a Netgear GS908E. It has 8 ports. I setup 2 vlan, one for
> dmz, one for lan. So there is one cable from my server dmz port to the dmz
> vlan, same for lan.

Thanks.  I'm not used to interface names like 'lan' or 'dmz'.
I'm used to interface names like 'eth0' and 'enp181s0f2'


> The switch is configure to use dhcp for its ip.

OK, Acknowledge.  (As in "I respect your design decission" )


> However, it requests dhcp from all ports. As a result, sometime it pick up
> 172.x.x.x, and sometimes it pickup 10.x.x.x address.

(and that is the challenge we are facing)


I have been reading the dnsmasq manual page  (again ;-) But I could not
find a clear solution for coping with duplicate MAC-addresses.

The is `--dhcp-ignore=tag:...` no use in this case.


Idea  (wild idea?)

  dhcp-host:01:00:18:4D:C0:3F:0E,172.16.168.251,12h



In other words: Make a "static reserveration" for the swith in LAN




Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] ignore mac address for one of the dhcp

2020-04-13 Thread Geert Stappers
On Sun, Apr 12, 2020 at 03:14:33PM -0400, John Siu wrote:
> I am running dnsmasq on a multiple port box. Following are dhcp config for
> the lan and dmz ports:
> 
> ---
> 
> ## LAN
> dhcp-range=tag:lan,::1,constructor:lan,ra-names,72h # IPv6
> dhcp-range=tag:lan,172.16.168.130,172.16.168.250,72h # IPv4
> dhcp-option=tag:lan,option:router,172.16.168.1 # option 3 default gw
> dhcp-option=tag:lan,option:dns-server,172.16.168.1
> 
> ## DMZ
> dhcp-range=tag:dmz,::1,constructor:dmz,ra-names,72h # IPv6
> dhcp-range=tag:dmz,10.10.10.100,10.10.10.120,72h # IPv4
> dhcp-option=tag:dmz,option:router,10.10.10.1 # option 3 default gw
> dhcp-option=tag:dmz,option:dns-server,10.10.10.1
> 
> ---
> 
> They work correctly for network connected to those ports.

I wonder how.

I mean: The provided information looks incomplete to me.
Might be due an attempt to make the config more generic.


> However, I am having issue with the switch which connect to both dmz
> and lan ports with different VLANs. As those VLAN ports share the same
> mac address, sometimes the switch will pick up IP from the lan side,
> and sometimes from the dmz side.
> 
> How can I make dnsmasq only serve IP on the lan side for this specific mac
> address?

Tell more about what you have.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Announce: dnsmasq-2.81

2020-04-12 Thread Geert Stappers
On Sat, Apr 11, 2020 at 11:28:25PM +0100, Simon Kelley wrote:
> After 18 long months, tonight I released dnsmasq 2.81.
> 
> The next release should happen to a shorter timescale.
> 
> http://thekelleys.org.uk/dnsmasq/dnsmasq-2.81.tar.gz
> 
> 
> Enjoy.
> Simon.
> 

Thanks



Is the release date hinting https://eeggs.com/tree/153.html ?




Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] Question

2020-04-10 Thread Geert Stappers
On Fri, Apr 10, 2020 at 05:46:50PM -0400, Dave Harrison wrote:
> ... website ...
>  ... unable to access the website from the public side.  I
> was able to view the website from within my local network.
> 
> I am asking this question to determine if the dnsmasq
> application may help me solve this problem.

Ah, I see

> ... however I am looking for a solution that will
> allow visitors to type in the public WWW url address and view the website.
> It is important that public visitors can access the website from the
> "normal" URL address.


Answer: No



Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [PATCH] src/dnsmasq.c: Labeled a lonely #endif

2020-04-08 Thread Geert Stappers
On Mon, Apr 06, 2020 at 09:17:49PM +0200, Geert Stappers wrote:
> On Mon, Apr 06, 2020 at 03:45:04PM +0100, Simon Kelley wrote:
> > On 05/04/2020 17:07, Geert Stappers wrote:
> > > diff --git a/src/dnsmasq.c b/src/dnsmasq.c
> > > index 0f73782..878167c 100644
> > > --- a/src/dnsmasq.c
> > > +++ b/src/dnsmasq.c
> > > @@ -2112,6 +2112,4 @@ int delay_dhcp(time_t start, int sec, int fd, 
> > > uint32_t addr, unsigned short id)
> > >  
> > >return 0;
> > >  }
> > > -#endif
> > > -
> > > - 
> > > +#endif /* HAVE_DHCP */
> > 
> > Patch applied. Thanks.
> > 
> 
> OK,  acknowledge.
> 
> 
> When will it reach the published  git repository?
> 
> I'm asking because the commit isn't yet visible.
> 

Meanwhile it is, thanks.

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] [PATCH] src/dnsmasq.c: Labeled a lonely #endif

2020-04-06 Thread Geert Stappers
On Mon, Apr 06, 2020 at 03:45:04PM +0100, Simon Kelley wrote:
> On 05/04/2020 17:07, Geert Stappers wrote:
> > diff --git a/src/dnsmasq.c b/src/dnsmasq.c
> > index 0f73782..878167c 100644
> > --- a/src/dnsmasq.c
> > +++ b/src/dnsmasq.c
> > @@ -2112,6 +2112,4 @@ int delay_dhcp(time_t start, int sec, int fd, 
> > uint32_t addr, unsigned short id)
> >  
> >return 0;
> >  }
> > -#endif
> > -
> > - 
> > +#endif /* HAVE_DHCP */
> 
> Patch applied. Thanks.
> 

OK,  acknowledge.


When will it reach the published  git repository?

I'm asking because the commit isn't yet visible.


Cheers
Geert Stappers
-- 
stappers@trancilo:~/src/mailinglists/dnsmasq
$ git pull
Already up to date.
stappers@trancilo:~/src/mailinglists/dnsmasq
$ git log | head -n 3
commit 532246fc9e9b82ffa9fd8d4d02f3744abda9
Author: Simon Kelley 
Date:   Sat Apr 4 18:50:56 2020 +0100
stappers@trancilo:~/src/mailinglists/dnsmasq
$

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


[Dnsmasq-discuss] [PATCH] src/dnsmasq.c: Labeled a lonely #endif

2020-04-05 Thread Geert Stappers
From: Geert Stappers 

Because the opening `#ifdef` is faraway.

Also removed empty lines at the end of file.
---
 src/dnsmasq.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index 0f73782..878167c 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -2112,6 +2112,4 @@ int delay_dhcp(time_t start, int sec, int fd, uint32_t 
addr, unsigned short id)
 
   return 0;
 }
-#endif
-
- 
+#endif /* HAVE_DHCP */
-- 
2.25.1


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


  1   2   3   4   >