include $(TOPDIR)/rules.mk
PKG_NAME:=dnsmasq
-PKG_VERSION:=2.52
-PKG_RELEASE:=4
+PKG_VERSION:=2.55
+PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq
-PKG_MD5SUM:=1bb32fffdb4f977ead607802b5d701d0
+PKG_MD5SUM:=b093d7c6bc7f97ae6fd35d048529232a
include $(INCLUDE_DIR)/package.mk
config dnsmasq
option domainneeded 1
option boguspriv 1
- option filterwin2k '0' #enable for dial on demand
+ option filterwin2k 0 # enable for dial on demand
option localise_queries 1
+ option rebind_protection 1 # disable if upstream must serve RFC1918 addresses
+ option rebind_localhost 0 # enable for RBL checking and similar services
+ #list rebind_domain example.lan # whitelist RFC1918 responses for domains
option local '/lan/'
option domain 'lan'
option expandhosts 1
config_get hostsfile "$cfg" dhcphostsfile
[ -e "$hostsfile" ] && append args "--dhcp-hostsfile=$hostsfile"
+
+ local rebind
+ config_get_bool rebind "$cfg" rebind_protection 1
+ [ $rebind -gt 0 ] && {
+ logger -t dnsmasq \
+ "DNS rebinding protection is active," \
+ "will discard upstream RFC1918 responses!"
+ append args "--stop-dns-rebind"
+
+ local rebind_localhost
+ config_get_bool rebind_localhost "$cfg" rebind_localhost 0
+ [ $rebind_localhost -gt 0 ] && {
+ logger -t dnsmasq "Allowing 127.0.0.0/8 responses"
+ append args "--rebind-localhost-ok"
+ }
+
+ append_rebind_domain() {
+ logger -t dnsmasq "Allowing RFC1918 responses for domain $1"
+ append args "--rebind-domain-ok=$1"
+ }
+
+ config_list_foreach "$cfg" rebind_domain append_rebind_domain
+ }
}
dhcp_subscrid_add() {
projects / openwrt / svn-archive / archive.git / commitdiff