This may be a dumb question, but I'm no wiser after skimming the man
page and experimenting a little...
I have a development box I'm using to develop some virtual host stuff.
I'd like to set up a wildcard subdomain for it. Essentially
anything.dev.foo.bar would resolve to dev.foo.bar's IP
This is a bit off-the-wall, but I thought I'd ask...
I'd like to allocate hosts to a separate DHCP range if they request a
DHCP address, but don't supply a meaningful client ID (either missing,
or a MAC address as client ID).
The reason being that when our network monitoring shows a machine
Jorge Bastos wrote:
On Sat, Jun 13, 2009 at 10:11 AM, Jorge Bastosmysql.jo...@decimal.pt
wrote:
Howdy,
How can I override a public dns value?
Did you try just adding an entry in /etc/hosts ?
'course not, if DNSMasq is serving machines on the LAN... that doesn't work.
:P
Only tangentially related, but thought it was worth a mention:
http://www.team-cymru.org/Services/Bogons/
They maintain a 'bogon' list of IP ranges that are private (martians) or
unassigned by the IANA - i.e. IP addresses that are not valid/routable
on the pubic internet. I currently import
Simon Kelley wrote:
Paul Chambers wrote:
As part of a nightly script on my linux server, dnsmasq is restarted
(to pick up updates to a block list). However, for the last few days,
it's failed to restart.
snip
Are you using libvirt? The latest incarnations of libvirt use a
private
As part of a nightly script on my linux server, dnsmasq is restarted (to
pick up updates to a block list). However, for the last few days, it's
failed to restart.
The observed behavior is that the (newly rotated) log is empty, the last
line of the old log reports being terminated by sigterm,
Karl Goetz wrote:
I didnt notice this at first; any particular reason to keep all the
*google* domains?
kk
Personal preference. I don't find the google text ads obnoxious, and
occasionally their 'targeted' ads on search pages are useful to me.
Paul
Fedora RPMs have located dnsmasq.leases in /var/lib/dnsmasq/ in the
past. Don't know if they still are, more recently I've been building
from Simon's tarballs to help test the latest releases.
As to needing to write a script, don't most boxes have 'locate'
available? (apart from embedded devices)
Please excuse me if I've missed something obvious here...
I have some default DNS servers set up:
server=208.67.222.222 # OpenDNS
server=208.67.220.220 # OpenDNS
and then route my employer's domain to their internal DNS server, over a
VPN:
server=/acmecorp.com/10.22.33.44
Which
I'm a little more familiar with iptables, and Rune is right - there are
no rules in your INPUT table that accept the initial DHCP packets (which
don't have an IP address yet). Looks like eth0 is your external
interface, and eth1 is the internal one? then you want something like:
-A INPUT -i
.
And yes, I have my SPF records in place with my domain registrar via
their name servers.
Thanks,
Jason
Paul Chambers wrote:
Hmm... that's not how I understood it to work (not that I'm a DNS
expert...)
I thought reverse lookups worked their way down through the IP
netblock assignments
Hmm... that's not how I understood it to work (not that I'm a DNS expert...)
I thought reverse lookups worked their way down through the IP netblock
assignments, and it would be up to the entity that ;owns' your IP
address (i.e. your ISP) to resolve reverse lookups, or have some
mechanism to
I'm with Simon - dnsmasq isn't the right place to do this. dnsmasq
doesn't/shouldn't know what use the IP address it returns will be put
to. If you return 'success' and a bogus IP when it should fail, DNS
clients other than browsers may not behave correctly.
A better place to do this would be
I'd like to do something vaguely similar, though in my case it's sending
requests in a particular domain to a given pair of servers, only when a
vpn is up (e.g. tun0). If the VPN isn't up, those servers are not
reachable anyhow.
I noticed the 'server=/domain/ipaddr@interface' variant in the
Rune Kock wrote:
If you have the luxury of a level2 switch and
1-client per port, you could probably deny DHCPOFFER from any ports other
than your own DHCP (don't quote me on the actual DHCP message, just block
serve responses is the idea). Even if you have more than 1 client/port you
Rune Kock wrote:
On Fri, Aug 22, 2008 at 09:35, Paul Chambers b...@bod.org wrote:
Sadly the Dell Powerconnect 2716 does not support SNMP at all. The so-called
'RMON' support is limited to aggregated statistics for the entire switch,
and is only visible within the web interface
Rune Kock wrote:
-- Forwarded message --
From: Rune Kock rune.k...@gmail.com
Date: Thu, Aug 21, 2008 at 20:03
Subject: Re: [Dnsmasq-discuss] Request for brain-storm: Rogue
dhcp-servers on the lan
To: Paul Chambers b...@bod.org
So, you're saying
I'm likely showing my ignorance here, but would you be able to track
down the right port on a switch by using using the MAC address of the
DHCPDISCOVER response and the spanning tree protocol? (RSTP). I don't
know of any host-based software that does such a thing, though. How
complex is the
Brad Morgan wrote:
Three options come to mind; either
1) drop that threshold in syslog.conf,
2) add a line to syslog.conf to log all messages logged to the DAEMON
facility (or whatever you've set with log-facility) to another file. Be
aware that the default changes to LOCAL0 if you run dnsmasq
Added. Thanks for the warning. -- Paul
Simon Kelley wrote:
Paul Chambers wrote:
[root@home logrotate.d]# cat /etc/logrotate.d/dnsmasq
/var/log/dnsmasq.log {
daily
# missingok
rotate 7
compress
delaycompress
notifempty
postrotate
The .gz URL isn't working for me, either with wget or firefox. I'm
getting a '302 Object Moved' to 'http://dnsmasq/dnsmasq-2.44.tat.gz' (as
reported by wget)
http://www.thekellys.org.uk/dnsmasq redirects to http://dnsmasq.com
which is probably related ;)
Paul
Simon Kelley wrote:
I've
I find the DNS servers run by OpenDNS.org are pretty darn fast. They're
not much slower than the (fast) DNS servers provided by my (small local)
ISP. Perhaps you should give them a try?
This might be of interest:
http://home.bod.org/smokeping/?target=DNS
Obviously those are ping stats, not
As an aside, if you're using OpenDNS upstream, for lookups that fail
it'll respond with the IP address of an OpenDNS server (rather than
NXDOMAIN), which will redirect you to guide.opendns.com. You'll need to
use 'bogus-nxdomain=' lines in your dnsmasq configuration for the IP
addresses of
I agree with Simon. If your cache entries are disappearing after a few
minutes, something's up.
Are you aware that dnsmasq will dump information about its cache
contents and related stats into the log if you send SIGUSR1 to it?
(provided you have log_queries turned on). That should help
Does dnsmasq have a problem when the file it's logging to reaches two
gigabytes?
dnsmasq just stopped answering requests. After restarting dnsmasq, and
checking a few of the obvious things, I took a look at the log file, to
find it had grown to 2GB (exactly). When I stopped dnsmasq, truncated
Rune Kock wrote:
On Fri, Mar 28, 2008 at 1:34 AM, Paul Chambers b...@bod.org wrote:
Does dnsmasq have a problem when the file it's logging to reaches two
gigabytes?
Are you using FAT or some equally horrible file system?
n I'm not that big an idiot ;) it's an ext3
Is there some reason you can't use logrotate? -- Paul
http://linux.die.net/man/8/logrotate
http://www.linux.com/articles/48390
Philippe Faure wrote:
Hello,
I have found that I left logging enabled, and the dnsmasq.log file is over 500
Mb. I was wondering if in the next release there could be
(putting on my professional hat for a minute)
If you value the inclusion of dnsmasq in commercial products, as part of
'prising them open', then don't force GPL v3 as the only choice. The v3
license is seen as a step too far by many in the industry, upsetting the
equilibrium between community
Simon Kelley wrote:
Paul Chambers wrote:
I may be having a 'blond' day, so forgive me if this is a dumb
question...
I have dnsmasq set up with a fairly conventional config. I currently
have expand-hosts enabled, and 'domain' set up for my local domain.
I also have a VPN connection I use
I may be having a 'blond' day, so forgive me if this is a dumb question...
I have dnsmasq set up with a fairly conventional config. I currently
have expand-hosts enabled, and 'domain' set up for my local domain.
I also have a VPN connection I use some of the time, and have a few
strategic
One of the things I value about dnsmasq is that its simplicity,
performance and small footprint. While dnsmasq could be extended handle
the complex situation you've described, I worry that some of those
desirable qualities would be eroded in making it do so.
Have you already evaluateed and
Sure, I'm up for 'smoke testing'. But you'd probably guessed that already ;)
Paul
p.s. I'd want to build from source, too.
-Original Message-
From: dnsmasq-discuss-boun...@lists.thekelleys.org.uk
[mailto:dnsmasq-discuss-boun...@lists.thekelleys.org.uk] On
Behalf Of Simon Kelley
I have dnsmasq 2.38 installed on Fedora Core 5 from an RPM (official
'extras' repository). When initially started, dnsmasq works very well,
big improvement over my previous 'bind+dhcpd' setup. But it only lasts a
few hours. Eventually dnsmasq will cease answering queries or DHCP
requests. Or
33 matches
Mail list logo