diff options
Diffstat (limited to 'package/pdnsd')
-rw-r--r-- | package/pdnsd/files/pdnsd.conf | 40 | ||||
-rw-r--r-- | package/pdnsd/files/pdnsd.init | 5 | ||||
-rw-r--r-- | package/pdnsd/patches/patch-src_dns_query_c | 12 |
3 files changed, 39 insertions, 18 deletions
diff --git a/package/pdnsd/files/pdnsd.conf b/package/pdnsd/files/pdnsd.conf index 00b548117..73690524a 100644 --- a/package/pdnsd/files/pdnsd.conf +++ b/package/pdnsd/files/pdnsd.conf @@ -1,7 +1,8 @@ global { - perm_cache=1024; - cache_dir="/var/cache/pdnsd"; # do not change this! - run_as="nobody"; + perm_cache = 1024; + cache_dir = "/var/cache/pdnsd"; # do not change this! + run_as = "nobody"; + strict_setuid = on; server_ip = 127.0.0.1; # Use eth0 here if you want to allow other # machines on your network to query pdnsd. status_ctl = on; @@ -11,20 +12,25 @@ global { min_ttl=15m; # Retain cached entries at least 15 minutes. max_ttl=1w; # One week. timeout=10; # Global timeout option (10 seconds). + proc_limit = 20; } -server { - label= "myisp"; - ip = 192.168.0.1; # Put your ISP's DNS-server address(es) here. -# proxy_only=on; # Do not query any name servers beside your ISP's. - # This may be necessary if you are behind some - # kind of firewall and cannot receive replies - # from outside name servers. - timeout=4; # Server timeout; this may be much shorter - # that the global timeout option. - uptest=if; # Test if the network interface is active. - interface=eth0; # The name of the interface to check. - interval=10m; # Check every 10 minutes. - purge_cache=off; # Keep stale cache entries in case the ISP's - # DNS servers go offline. +# serve local host definitions +source { + owner = "localhost"; + serve_aliases = off; # skip everything after the first host for an IP + file = "/etc/hosts"; } + +# for dns servers via dhcp +#server { +# label = "dhcp"; +# file = "/var/resolv.conf"; +# exclude = ".lan"; +# policy = fqdn_only; +# timeout = 4; +# uptest = if; +# interface = "eth0"; +# interval = 60; +#} + diff --git a/package/pdnsd/files/pdnsd.init b/package/pdnsd/files/pdnsd.init index 0da77186d..b67696469 100644 --- a/package/pdnsd/files/pdnsd.init +++ b/package/pdnsd/files/pdnsd.init @@ -13,7 +13,10 @@ autostart) start) [ -f /etc/pdnsd.conf ] || exit mkdir -p /var/cache/pdnsd - pdnsd -s -t -d + touch /var/cache/pdnsd/pdnsd.cache + # this allows for strict_setuid + chown -R nobody:nogroup /var/cache/pdnsd + pdnsd -d ;; stop) pkill pdnsd diff --git a/package/pdnsd/patches/patch-src_dns_query_c b/package/pdnsd/patches/patch-src_dns_query_c new file mode 100644 index 000000000..f16c3d497 --- /dev/null +++ b/package/pdnsd/patches/patch-src_dns_query_c @@ -0,0 +1,12 @@ +use the temporary port, not always the global one over and over again +--- pdnsd-1.2.7.orig/src/dns_query.c 2008-09-01 15:56:51.000000000 +0200 ++++ pdnsd-1.2.7/src/dns_query.c 2010-03-19 21:44:38.837858828 +0100 +@@ -650,7 +650,7 @@ static int bind_socket(int s) + ELSE_IPV6 { + memset(&sin.sin6,0,sizeof(struct sockaddr_in6)); + sin.sin6.sin6_family=AF_INET6; +- sin.sin6.sin6_port=htons(global.port); ++ sin.sin6.sin6_port=htons(prt); + sin.sin6.sin6_flowinfo=IPV6_FLOWINFO; + SET_SOCKA_LEN6(sin.sin6); + sinl=sizeof(struct sockaddr_in6); |