import of dnsmasq-2.29.tar.gz

CHANGELOG

@@ -1610,3 +1610,198 @@ version 2.24
 	    
 	    Added Romanian translation, thanks to Sorin Panca for
 	    that.
+
+version 2.25
+            Fixed RedHat spec file for FC4 - thanks to Werner Hoelzl
+            and Andrew Bird.
+
+            Fixed Suse spec file - thanks to Steven Springl.
+
+	    Fixed DHCP bug when two distict subnets are on the same
+	    physical interface. Thanks to Pawel Zawora for finding
+	    this and suggesting the fix.
+
+	    Added logging to make it explicit when dnsmasq falls back
+	    from using RT-netlink sockets to the old ioctl API for
+	    getting information about interfaces. Doing this
+	    completely silently made remote debugging hard.
+
+	    Merged uclibc build fixes from the OpenWRT package into
+	    src/config.h 
+
+	    Added Norwegian translation - thanks to Jan Erik Askildt.
+
+version 2.26
+	    Fixed SuSe rpm patch problem - thanks to Steven Springl.
+
+	    Fixed crash when attempting to send a DHCP NAK to a host
+	    which believes it has a lease on an unknown
+	    network. Thanks to Lutz Pressler for the bug report and
+	    patch.
+
+version 2.27
+	    Tweaked DHCP behaviour when a client attempts to renew a lease
+            which dnsmasq doesn't know about. Previously that would always
+            result in a DHCPNAK. Now, in dhcp-authoritative mode, the
+            lease will be created, if it's legal. This makes dnsmasq work
+            better if the lease database is lost, for example on an OpenWRT
+	    system which reboots. Thanks to Stephen Rose for work on
+	    this.
+
+	    Added the ability to support RFC-3442 style destination
+	    descriptors in dhcp-options. This makes classless static
+	    routes easy to do, eg dhcp-option=121,192.168.1.0/24,1.2.3.4
+
+	    Added error-checking to the code which writes the lease
+	    file. If this fails for any reason, an error is logged,
+	    and a retry occurs after one minute. This should improve
+	    things eg when a filesystem is full. Thanks to Jens Holze
+	    for the bug report.
+
+	    Fixed breakage of the "/#/ matches any domain" facility
+	    which happened in 2.24. Thanks to Peter Surda for the bug
+	    report.
+
+	    Use "size_t" and "ssize_t" types where appropriate in the
+	    code.
+
+	    Fix buggy CNAME handling in mixed IPv4 and IPv6
+	    queries. Thanks to Andreas Pelme for help finding that.
+
+	    Added some code to attempt to re-transmit DNS queries when 
+	    a network interface comes up.  This helps on DoD links, 
+	    where frequently the packet which triggers dialling is
+            a DNS query, which then gets lost. By re-sending, we can 
+	    avoid the lookup failing. This function is only active
+	    when netlink support is compiled in, and therefore only
+	    under Linux. Thanks to Jean Wolter for help with this.
+
+	    Tweaked the DHCP tag-matching code to work correctly with
+	    NOT-tag conditions. Thanks to Lutz Pressler for finding
+	    the bug.
+
+	    Generalised netid-tag matching in dhcp-range statements to
+	    allow more than one tag.
+
+	    Added --dhcp-mac to do MAC address matching in the same
+	    way as vendorclass and userclass matching. A good
+	    suggestion from Lutz Pressler.
+
+	    Add workaround for buggy early Microsoft DHCP clients
+	    which need zero-termination in string options.
+	    Thanks to Fabiano Pires for help with this.
+
+	    Generalised the DHCP code to cope with any hardware
+	    address type, at least on Linux. *BSD is still limited to
+	    ethernet only.
+
+version 2.28
+            Eliminated all raw network access when running on
+            Linux. All DHCP network activity now goes through the IP
+            stack. Packet sockets are no longer required. Apart from
+            being a neat hack, this should also allow DHCP over IPsec
+            to work better. On *BSD and OS X, the old method of raw net
+            access through BPF is retained.
+
+	    Simplified build options. Networking is now slimmed down
+	    to a choice of "linux" or "other". Netlink is always used
+	    under Linux. Since netlink has been available since 2.2
+	    and non-optional in an IPv4-configured  kernel since 2.4,
+	    and the dnsmasq netlink code is now well tested, this 
+	    should work out fine. 
+
+	    Removed decayed build support for libc5 and Solaris.
+	    
+	    Removed pselect code: use a pipe for race-free signal
+	    handling instead, as this works everywhere.
+
+	    No longer enable the ISC leasefile reading code in the
+	    distributed sources. I doubt there are many people left
+	    using this 1.x compatibility code. Those that are will
+	    have to explicitly enable it in src/config.h.
+
+	    Don't send the "DHCP maximum message size" option, even if 
+	    requested. RFC2131 says this is a "MUST NOT".
+
+	    Support larger-than-minimum DHCP message. Dnsmasq is now
+	    happy to get larger than 576-byte DHCP messages, and will
+	    return large messages, if permitted by the "maximum
+	    message size" option of the message to which it is
+	    replying. There's now an arbitrary sanity limit of 16384
+	    bytes.
+
+	    Added --no-ping option. This fixes an RFC2131 "SHOULD".
+
+	    Building on the 2.27 MAC-address changes, allow clients to 
+	    provide no MAC address at all, relying on the client-id as
+	    a unique identifier. This should make things like DHCP for
+	    USB come easier.
+
+	    Fixed regression in netlink code under 2.2.x kernels which 
+	    occurred in 2.27. Erik Jan Tromp is the vintage kernel fan 
+	    who found this. P.S. It looks like this "netlink bind:
+	    permission denied" problem occured in kernels at least as
+	    late a 2.4.18. Good information from Alain Richoux.
+
+	    Added a warning when it's impossible to give a host its
+	    configured address because the address is leased
+	    elsewhere.  A sensible suggestion from Mircea Bardac.
+
+	    Added minimal support for RFC 3046 DHCP relay agent-id
+	    options. The DHCP server now echoes these back to the
+	    relay, as required by the RFC. Also, RFC 3527 link selection 
+	    sub-options are honoured.
+
+	    Set the process "dumpable" flag when running in debug
+	    mode: this makes getting core dumps from root processes
+	    much easier.
+	    
+	    Fixed one-byte buffer overflow which seems to only cause
+	    problems when dnsmasq is linked with uclibc. Thanks to
+	    Eric House and Eric Spakman for help in chasing this down.
+
+	    Tolerate configuration screwups which lead to the DHCP
+	    server attemping to allocate its own address to a
+	    client; eg setting the whole subnet range as a DHCP
+	    range. Addresses in use by the server are now excluded
+	    from use by clients.
+
+	    Did some thinking about HAVE_BROKEN_RTC mode, and made it
+	    much simpler and better. The key is to just keep lease
+	    lengths in the lease file. Since these normally never
+	    change, even as the lease is renewed, the lease file never
+	    needs to change except when machines arrive on the network
+	    or leave. This eliminates the code for timed writes, and
+	    reduces the amount of wear on a flash filesystem to the
+	    absolute minimum. Also re-did the basic time function in
+	    this mode to use the portable times(), rather than parsing
+	    /proc/uptime.
+
+	    Believe the source port number when replying to unicast 
+	    DHCP requests and DHCP requests via a relay, instead of always 
+            using the standard ports.  This will allow relays on 
+            non-standard ports and DHCPINFORM from unprivileged ports
+            to work. The source port sent by unconfigured clients is still 
+            ignored, since this may be unreliable. This means that a DHCP 
+            client must use the standard port to do full configuration.
+ 
+version 2.29
+	    Fixed compilation on OpenBSD (thanks to Tom Hensel for the
+	    report). 
+
+	    Fixed false "no interface" errors when --bind-interfaces is
+	    set along with --interface=lo or --listen-address. Thanks
+	    to Paul Wise for the report.
+
+	    Updated patch for SuSE rpm. Thanks to Steven Springl.
+
+	    It turns out that there are some Linux kernel
+	    configurations which make using the capability system
+	    impossible. If this situation occurs then continue, running
+	    as root, and log a warning. Thanks to Scott Wehrenberg
+	    for help tracking this down.
+
+
+
+
+

FAQ

@@ -357,7 +357,33 @@ A: Probably the nameserver is an authoritative nameserver for a
    may work for sometime with a broken upstream nameserver
    configuration.
 
-  
+
+Q: Does the dnsmasq DHCP server probe addresses before allocating
+   them, as recommended in RFC2131?
+
+A: Yes, dynmaically allocated IP addresses are checked by sending an
+   ICMP echo request (ping). If a reply is received, then dnsmasq
+   assumes that the address is in use, and attempts to allocate an
+   different address. The wait for a reply is between two and three
+   seconds. Because the DHCP server is not re-entrant, it cannot serve
+   other DHCP requests during this time. To avoid dropping requests,
+   the address probe may be skipped when dnsmasq is under heavy load.
+
+
+Q: I'm using dnsmasq on a machine with the Firestarter firewall, and
+   DHCP doesn't work. What's the problem?
+
+A: This a variant on the iptables problem. Explicit details on how to
+   proceed can be found at 
+   http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2005q3/000431.html
+ 
+
+Q: Dnsmasq logs "running as root because setting capabilities failed"
+   when it starts up. Why did that happen and what can do to fix it?
+
+A: Change your kernel configuration: either deselect CONFIG_SECURITY
+   _or_ select CONFIG_SECURITY_CAPABILITIES.
+ 
 
 
 

bld/Makefile

@@ -1,12 +1,9 @@
-# Uncomment this on Solaris.
-#LIBS = -lsocket -lnsl
-
 CFLAGS ?= -O2
 PKG_CONFIG ?= pkg-config
 
 
 OBJS = cache.o rfc1035.o util.o option.o forward.o isc.o network.o \
-       dnsmasq.o dhcp.o lease.o rfc2131.o netlink.o dbus.o
+       dnsmasq.o dhcp.o lease.o rfc2131.o netlink.o dbus.o bpf.o
 
 .c.o:
 	$(CC) $(CFLAGS) $(I18N) `../bld/pkg-wrapper $(PKG_CONFIG) --cflags dbus-1` $(RPM_OPT_FLAGS) -Wall -W -c $<

dnsmasq-rh.spec

@@ -5,9 +5,9 @@
 ###############################################################################
 
 Name: dnsmasq
-Version: 2.24
+Version: 2.29
 Release: 1
-Copyright: GPL
+License: GPL
 Group: System Environment/Daemons
 Vendor: Simon Kelley
 Packager: Simon Kelley
@@ -127,7 +127,7 @@ fi
 %attr(0755,root,root) /etc/rc.d/init.d/dnsmasq
 %attr(0664,root,root) /etc/dnsmasq.conf
 %attr(0755,root,root) /usr/sbin/dnsmasq
-%attr(0644,root,root) /usr/share/man/*/man8/dnsmasq*
+#%attr(0644,root,root) /usr/share/man/*/man8/dnsmasq*
 %attr(0644,root,root) /usr/share/man/man8/dnsmasq*
 %attr(0644,root,root) /usr/share/locale/*/LC_MESSAGES/*
 

dnsmasq-suse.spec

@@ -5,7 +5,7 @@
 ###############################################################################
 
 Name: dnsmasq
-Version: 2.24
+Version: 2.29
 Release: 1
 Copyright: GPL
 Group: Productivity/Networking/DNS/Servers
@@ -104,6 +104,7 @@ rm -rf $RPM_BUILD_ROOT
 %config /etc/dnsmasq.conf
 /usr/sbin/rcdnsmasq
 /usr/sbin/dnsmasq
+/usr/share/locale/*/LC_MESSAGES/*
 %doc %{_mandir}/man8/dnsmasq.8.gz
 
 

dnsmasq.conf.example

@@ -184,6 +184,10 @@ bogus-priv
 # of whose DHCP userclass strings includes the substring "accounts"
 #dhcp-userclass=red,accounts
 
+# Send extra options which are tagged as "red" to any machine whose
+# MAC address matches the pattern.
+#dhcp-mac=red,00:60:8C:*:*:*
+
 # If this line is uncommented, dnsmasq will read /etc/ethers and act
 # on the ethernet-address/IP pairs found there just as if they had
 # been given as --dhcp-host options. Useful if you keep
@@ -204,6 +208,10 @@ bogus-priv
 # DNS server - 6
 # broadcast address - 28
 
+# Override the default route supplied by dnsmasq, which assumes the
+# router is the same machine as the one running dnsmasq.
+#dhcp-option=3,1.2.3.4
+
 # Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5
 #dhcp-option=42,192.168.0.4,10.10.0.5
 
@@ -244,6 +252,9 @@ bogus-priv
 # probably doesn't support this......
 #dhcp-option=119,eng.apple.com,marketing.apple.com
 
+# Send RFC-3442 classless static routes (note the netmask encoding)
+#dhcp-option=121,192.168.1.0/24,1.2.3.4,10.0.0.0/8,5.6.7.8
+
 # Send encapsulated vendor-class specific options. The vendor-class
 # is sent as DHCP option 60, and all the options marked with the
 # vendor class are send encapsulated in DHCP option 43. The meaning of

man/dnsmasq.8

@@ -102,14 +102,11 @@ or
 options are given dnsmasq listens on all available interfaces except any
 given in
 .B \--except-interface
-options. If IP alias interfaces (eg "eth1:0") are used with
+options. IP alias interfaces (eg "eth1:0") cannot be used with
 .B --interface
 or
 .B --except-interface
-options, then the 
-.B --bind-interfaces 
-option will be automatically set. This is required for deeply boring
-sockets-API reasons. 
+options, use --listen-address instead. 
 .TP
 .B \-I, --except-interface=<interface name>
 Do not listen on the specified interface. Note that the order of
@@ -148,9 +145,7 @@ working even when interfaces come and go and change address. This
 option forces dnsmasq to really bind only the interfaces it is
 listening on. About the only time when this is useful is when 
 running another nameserver (or another instance of dnsmasq) on the
-same machine or when using IP
-alias. Specifying interfaces with IP alias automatically turns this
-option on. Setting this option also enables multiple instances of
+same machine. Setting this option also enables multiple instances of
 dnsmasq which provide DHCP service to run in the same machine.
 .TP
 .B \-y, --localise-queries
@@ -349,7 +344,7 @@ allowed to have more than one dhcp-range in a single subnet. The optional
 network-id is a alphanumeric label which marks this network so that
 dhcp options may be specified on a per-network basis. 
 When it is prefixed with 'net:' then its meaning changes from setting
-a tag to matching it.
+a tag to matching it. Only one tag may be set, but more than one tag may be matched.
 The end address may be replaced by the keyword 
 .B static
 which tells dnsmasq to enable DHCP for the network specified, but not
@@ -368,7 +363,7 @@ which case the IP address and lease times will apply to any machine
 claiming that name. For example 
 .B --dhcp-host=00:20:e0:3b:13:af,wap,infinite 
 tells dnsmasq to give
-the machine with ethernet address 00:20:e0:3b:13:af the name wap, and
+the machine with hardware address 00:20:e0:3b:13:af the name wap, and
 an infinite DHCP lease. 
 .B --dhcp-host=lap,192.168.0.199 
 tells
@@ -401,9 +396,15 @@ for this host.
 Ethernet addresses (but not client-ids) may have
 wildcard bytes, so for example 
 .B --dhcp-host=00:20:e0:3b:13:*,ignore 
-will cause dnsmasq to ignore a range of ethernet addresses. Note that
+will cause dnsmasq to ignore a range of hardware addresses. Note that
 the "*" will need to be escaped or quoted on a command line, but not
-in the configuration file.
+in the configuration file. Hardware addresses normally match any
+network (ARP) type, but it is possible to restrict them to a single
+ARP type by preceding them with the ARP-type (in HEX) and "-". so 
+.B --dhcp-host=06-00:20:e0:3b:13:af,1.2.3.4 
+will only match a
+Token-Ring hardware address, since the ARP-address type for token ring
+is 6.
 .TP 
 .B \-Z, --read-ethers
 Read /etc/ethers for information about hosts for the DHCP server. The
@@ -432,6 +433,11 @@ dotted-quad IP addresses, a decimal number, colon-separated hex digits
 and a text string. If the optional network-ids are given then
 this option is only sent when all the network-ids are matched.
 
+Special processing is done on a text argument for option 119, to
+conform with RFC 3397, and dotted-quad IP addresses which are followed
+by a slash and then a netmask size are encoded as described in RFC
+3442.
+
 Be careful: no checking is done that the correct type of data for the
 option number is sent, it is quite possible to
 persuade dnsmasq to generate illegal DHCP packets with injudicious use
@@ -476,7 +482,13 @@ to different classes of hosts. It is possible, for instance to use
 this to set a different printer server for hosts in the class
 "accounts" than for hosts in the class "engineering".
 .TP
-.B \ -J, --dhcp-ignore=<network-id>[,<network-id>]
+.B \-4, --dhcp-mac=<network-id>,<MAC address>
+Map from a MAC address to a network-id. The MAC address may include
+wildcards. For example
+.B --dhcp-mac=3com,01:34:23:*:*:*
+will set the tag "3com" for any host whose MAC address matches the pattern.
+.TP
+.B \-J, --dhcp-ignore=<network-id>[,<network-id>]
 When all the given network-ids match the set of network-ids derived
 from the net, host, vendor and user classes, ignore the host and do
 not allocate it a DHCP lease.
@@ -498,7 +510,9 @@ process.
 Should be set when dnsmasq is definately the only DHCP server on a network.
 It changes the behaviour from strict RFC compliance so that DHCP requests on
 unknown leases from unknown hosts are not ignored. This allows new hosts
-to get a lease without a tedious timeout under all circumstances.
+to get a lease without a tedious timeout under all circumstances. It also 
+allows dnsmasq to rebuild its lease database without each client needing to 
+reaquire a lease, if the database is lost.
 .TP
 .B \-3, --bootp-dynamic
 Enable dynamic allocation of IP addresses to BOOTP clients. Use this
@@ -506,6 +520,13 @@ with care, since each address allocated to a BOOTP client is leased
 forever, and therefore becomes permanently unavailable for re-use by
 other hosts.
 .TP
+.B \-5, --no-ping
+By default, the DHCP server will attempt to ensure that an address in
+not in use before allocating it to a host. It does this by sending an
+ICMP echo request (aka "ping") to the address in question. If it gets
+a reply, then the address must already be in use, and another is
+tried. This flag disables this check. Use with caution.
+.TP
 .B \-l, --dhcp-leasefile=<path>
 Use the specified file to store DHCP lease information. If this option
 is given but no dhcp-range option is given then dnsmasq version 1

po/fi.po

@@ -0,0 +1,878 @@
+# Finnish translations for dnsmasq package.
+# This file is put in the public domain.
+# Simon Kelley <simon@thekelleys.org.uk>, 2005.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: dnsmasq 2.24\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2006-04-21 19:59+0100\n"
+"PO-Revision-Date: 2005-11-28 22:05+0000\n"
+"Last-Translator: Simon Kelley <simon@thekelleys.org.uk>\n"
+"Language-Team: Finnish <translation-team-fi@lists.sourceforge.net>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ASCII\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: cache.c:570
+#, c-format
+msgid "failed to load names from %s: %m"
+msgstr ""
+
+#: cache.c:606 dhcp.c:654
+#, c-format
+msgid "bad address at %s line %d"
+msgstr ""
+
+#: cache.c:633 dhcp.c:668
+#, c-format
+msgid "bad name at %s line %d"
+msgstr ""
+
+#: cache.c:639 dhcp.c:722
+#, c-format
+msgid "read %s - %d addresses"
+msgstr ""
+
+#: cache.c:675
+msgid "cleared cache"
+msgstr ""
+
+#: cache.c:728
+#, c-format
+msgid ""
+"not giving name %s to the DHCP lease of %s because the name exists in %s "
+"with address %s"
+msgstr ""
+
+#: cache.c:772
+#, c-format
+msgid ""
+"time %lu, cache size %d, %d/%d cache insertions re-used unexpired cache "
+"entries."
+msgstr ""
+
+#: util.c:153 option.c:1294
+msgid "could not get memory"
+msgstr ""
+
+#: util.c:176
+#, c-format
+msgid "%s at line %d of %%s"
+msgstr ""
+
+#: util.c:183
+msgid "FAILED to start up"
+msgstr ""
+
+#: util.c:304
+#, c-format
+msgid "infinite"
+msgstr ""
+
+#: option.c:125
+msgid "Specify local address(es) to listen on."
+msgstr ""
+
+#: option.c:126
+msgid "Return ipaddr for all hosts in specified domains."
+msgstr ""
+
+#: option.c:127
+msgid "Fake reverse lookups for RFC1918 private address ranges."
+msgstr ""
+
+#: option.c:128
+msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+msgstr ""
+
+#: option.c:129
+#, c-format
+msgid "Specify the size of the cache in entries (defaults to %s)."
+msgstr ""
+
+#: option.c:130
+#, c-format
+msgid "Specify configuration file (defaults to %s)."
+msgstr ""
+
+#: option.c:131
+msgid "Do NOT fork into the background: run in debug mode."
+msgstr ""
+
+#: option.c:132
+msgid "Do NOT forward queries with no domain part."
+msgstr ""
+
+#: option.c:133
+msgid "Return self-pointing MX records for local hosts."
+msgstr ""
+
+#: option.c:134
+msgid "Expand simple names in /etc/hosts with domain-suffix."
+msgstr ""
+
+#: option.c:135
+msgid "Don't forward spurious DNS requests from Windows hosts."
+msgstr ""
+
+#: option.c:136
+msgid "Enable DHCP in the range given with lease duration."
+msgstr ""
+
+#: option.c:137
+#, c-format
+msgid "Change to this group after startup (defaults to %s)."
+msgstr ""
+
+#: option.c:138
+msgid "Set address or hostname for a specified machine."
+msgstr ""
+
+#: option.c:139
+#, c-format
+msgid "Do NOT load %s file."
+msgstr ""
+
+#: option.c:140
+#, c-format
+msgid "Specify a hosts file to be read in addition to %s."
+msgstr ""
+
+#: option.c:141
+msgid "Specify interface(s) to listen on."
+msgstr ""
+
+#: option.c:142
+msgid "Specify interface(s) NOT to listen on."
+msgstr ""
+
+#: option.c:143
+msgid "Map DHCP user class to option set."
+msgstr ""
+
+#: option.c:144
+msgid "Don't do DHCP for hosts in option set."
+msgstr ""
+
+#: option.c:145
+msgid "Do NOT fork into the background, do NOT run in debug mode."
+msgstr ""
+
+#: option.c:146
+msgid "Assume we are the only DHCP server on the local network."
+msgstr ""
+
+#: option.c:147
+#, c-format
+msgid "Specify where to store DHCP leases (defaults to %s)."
+msgstr ""
+
+#: option.c:148
+msgid "Return MX records for local hosts."
+msgstr ""
+
+#: option.c:149
+msgid "Specify an MX record."
+msgstr ""
+
+#: option.c:150
+msgid "Specify BOOTP options to DHCP server."
+msgstr ""
+
+#: option.c:151
+#, c-format
+msgid "Do NOT poll %s file, reload only on SIGHUP."
+msgstr ""
+
+#: option.c:152
+msgid "Do NOT cache failed search results."
+msgstr ""
+
+#: option.c:153
+#, c-format
+msgid "Use nameservers strictly in the order given in %s."
+msgstr ""
+
+#: option.c:154
+msgid "Set extra options to be set to DHCP clients."
+msgstr ""
+
+#: option.c:155
+msgid "Specify port to listen for DNS requests on (defaults to 53)."
+msgstr ""
+
+#: option.c:156
+#, c-format
+msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+msgstr ""
+
+#: option.c:157
+msgid "Log queries."
+msgstr ""
+
+#: option.c:158
+msgid "Force the originating port for upstream queries."
+msgstr ""
+
+#: option.c:159
+msgid "Do NOT read resolv.conf."
+msgstr ""
+
+#: option.c:160
+#, c-format
+msgid "Specify path to resolv.conf (defaults to %s)."
+msgstr ""
+
+#: option.c:161
+msgid "Specify address(es) of upstream servers with optional domains."
+msgstr ""
+
+#: option.c:162
+msgid "Never forward queries to specified domains."
+msgstr ""
+
+#: option.c:163
+msgid "Specify the domain to be assigned in DHCP leases."
+msgstr ""
+
+#: option.c:164
+msgid "Specify default target in an MX record."
+msgstr ""
+
+#: option.c:165
+msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+msgstr ""
+
+#: option.c:166
+#, c-format
+msgid "Change to this user after startup. (defaults to %s)."
+msgstr ""
+
+#: option.c:167
+msgid "Map DHCP vendor class to option set."
+msgstr ""
+
+#: option.c:168
+msgid "Display dnsmasq version and copyright information."
+msgstr ""
+
+#: option.c:169
+msgid "Translate IPv4 addresses from upstream servers."
+msgstr ""
+
+#: option.c:170
+msgid "Specify a SRV record."
+msgstr ""
+
+#: option.c:171
+msgid "Display this message."
+msgstr ""
+
+#: option.c:172
+#, c-format
+msgid "Specify path of PID file. (defaults to %s)."
+msgstr ""
+
+#: option.c:173
+#, c-format
+msgid "Specify maximum number of DHCP leases (defaults to %s)."
+msgstr ""
+
+#: option.c:174
+msgid "Answer DNS queries based on the interface a query was sent to."
+msgstr ""
+
+#: option.c:175
+msgid "Specify TXT DNS record."
+msgstr ""
+
+#: option.c:176
+msgid "Bind only to interfaces in use."
+msgstr ""
+
+#: option.c:177
+#, c-format
+msgid "Read DHCP static host information from %s."
+msgstr ""
+
+#: option.c:178
+msgid "Enable the DBus interface for setting upstream servers, etc."
+msgstr ""
+
+#: option.c:179
+msgid "Do not provide DHCP on this interface, only provide DNS."
+msgstr ""
+
+#: option.c:180
+msgid "Enable dynamic address allocation for bootp."
+msgstr ""
+
+#: option.c:181
+msgid "Map MAC address (with wildcards) to option set."
+msgstr ""
+
+#: option.c:182
+msgid "Disable ICMP echo address checking in the DHCP server."
+msgstr ""
+
+#: option.c:396
+msgid "missing \""
+msgstr ""
+
+#: option.c:425
+msgid "bad option"
+msgstr ""
+
+#: option.c:442
+#, c-format
+msgid "cannot read %s: %s"
+msgstr ""
+
+#: option.c:448
+#, c-format
+msgid ""
+"Usage: dnsmasq [options]\n"
+"\n"
+msgstr ""
+
+#: option.c:450
+#, c-format
+msgid "Use short options only on the command line.\n"
+msgstr ""
+
+#: option.c:452
+#, c-format
+msgid "Valid options are :\n"
+msgstr ""
+
+#: option.c:477
+#, c-format
+msgid "Dnsmasq version %s  %s\n"
+msgstr ""
+
+#: option.c:478
+#, c-format
+msgid ""
+"Compile time options %s\n"
+"\n"
+msgstr ""
+
+#: option.c:479
+#, c-format
+msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+msgstr ""
+
+#: option.c:480
+#, c-format
+msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+msgstr ""
+
+#: option.c:481
+#, c-format
+msgid "under the terms of the GNU General Public License, version 2.\n"
+msgstr ""
+
+#: option.c:491
+msgid "extraneous parameter"
+msgstr ""
+
+#: option.c:499
+msgid "missing parameter"
+msgstr ""
+
+#: option.c:516
+msgid "nested includes not allowed"
+msgstr ""
+
+#: option.c:576
+msgid "bad MX preference"
+msgstr ""
+
+#: option.c:585
+msgid "bad MX name"
+msgstr ""
+
+#: option.c:603
+msgid "bad MX target"
+msgstr ""
+
+#: option.c:802 option.c:813
+msgid "bad port"
+msgstr ""
+
+#: option.c:955
+msgid "bad dhcp-range"
+msgstr ""
+
+#: option.c:984
+msgid "only one netid tag allowed"
+msgstr ""
+
+#: option.c:1029
+msgid "inconsistent DHCP range"
+msgstr ""
+
+#: option.c:1214
+msgid "bad dhcp-host"
+msgstr ""
+
+#: option.c:1271
+msgid "bad dhcp-option"
+msgstr ""
+
+#: option.c:1289
+msgid "bad domain in dhcp-option"
+msgstr ""
+
+#: option.c:1459
+msgid "dhcp-option too long"
+msgstr ""
+
+#: option.c:1656
+msgid "bad TXT record"
+msgstr ""
+
+#: option.c:1688
+msgid "TXT record string too long"
+msgstr ""
+
+#: option.c:1727
+msgid "bad SRV record"
+msgstr ""
+
+#: option.c:1740
+msgid "bad SRV target"
+msgstr ""
+
+#: option.c:1752
+msgid "invalid port number"
+msgstr ""
+
+#: option.c:1763
+msgid "invalid priority"
+msgstr ""
+
+#: option.c:1774
+msgid "invalid weight"
+msgstr ""
+
+#: option.c:1799
+msgid "error"
+msgstr ""
+
+#: option.c:1801
+#, c-format
+msgid "bad command line options: %s."
+msgstr ""
+
+#: option.c:1803
+msgid "try --help"
+msgstr ""
+
+#: option.c:1805
+msgid "try -w"
+msgstr ""
+
+#: option.c:1845
+#, c-format
+msgid "cannot get host-name: %s"
+msgstr ""
+
+#: option.c:1874
+msgid "only one resolv.conf file allowed in no-poll mode."
+msgstr ""
+
+#: option.c:1881
+msgid "must have exactly one resolv.conf to read domain from."
+msgstr ""
+
+#: option.c:1884 network.c:501
+#, c-format
+msgid "failed to read %s: %m"
+msgstr ""
+
+#: option.c:1902
+#, c-format
+msgid "no search directive found in %s"
+msgstr ""
+
+#: forward.c:381
+#, c-format
+msgid "nameserver %s refused to do a recursive query"
+msgstr ""
+
+#: forward.c:888
+msgid "forwarding table overflow: check for server loops."
+msgstr ""
+
+#: isc.c:73 dnsmasq.c:460
+#, c-format
+msgid "failed to access %s: %m"
+msgstr ""
+
+#: isc.c:89
+#, c-format
+msgid "failed to load %s: %m"
+msgstr ""
+
+#: isc.c:93 network.c:505
+#, c-format
+msgid "reading %s"
+msgstr ""
+
+#: isc.c:115
+#, c-format
+msgid "bad name in %s"
+msgstr ""
+
+#: isc.c:177
+#, c-format
+msgid "Ignoring DHCP lease for %s because it has an illegal domain part"
+msgstr ""
+
+#: network.c:328 dnsmasq.c:129
+#, c-format
+msgid "failed to create listening socket: %s"
+msgstr ""
+
+#: network.c:335
+#, c-format
+msgid "failed to set IPV6 options on listening socket: %s"
+msgstr ""
+
+#: network.c:353
+#, c-format
+msgid "failed to bind listening socket for %s: %s"
+msgstr ""
+
+#: network.c:361
+#, c-format
+msgid "failed to listen on socket: %s"
+msgstr ""
+
+#: network.c:431
+#, c-format
+msgid "ignoring nameserver %s - local interface"
+msgstr ""
+
+#: network.c:440
+#, c-format
+msgid "ignoring nameserver %s - cannot make/bind socket: %m"
+msgstr ""
+
+#: network.c:454
+msgid "domain"
+msgstr ""
+
+#: network.c:456
+msgid "unqualified"
+msgstr ""
+
+#: network.c:456
+msgid "domains"
+msgstr ""
+
+#: network.c:459
+#, c-format
+msgid "using local addresses only for %s %s"
+msgstr ""
+
+#: network.c:461
+#, c-format
+msgid "using nameserver %s#%d for %s %s"
+msgstr ""
+
+#: network.c:464
+#, c-format
+msgid "using nameserver %s#%d"
+msgstr ""
+
+#: dnsmasq.c:94
+msgid ""
+"ISC dhcpd integration not available: set HAVE_ISC_READER in src/config.h"
+msgstr ""
+
+#: dnsmasq.c:111
+#, c-format
+msgid "failed to find list of interfaces: %s"
+msgstr ""
+
+#: dnsmasq.c:119
+#, c-format
+msgid "unknown interface %s"
+msgstr ""
+
+#: dnsmasq.c:125
+#, c-format
+msgid "no interface with address %s"
+msgstr ""
+
+#: dnsmasq.c:145
+msgid "must set exactly one interface on broken systems without IP_RECVIF"
+msgstr ""
+
+#: dnsmasq.c:158 dnsmasq.c:536
+#, c-format
+msgid "DBus error: %s"
+msgstr ""
+
+#: dnsmasq.c:161
+msgid "DBus not available: set HAVE_DBUS in src/config.h"
+msgstr ""
+
+#: dnsmasq.c:196
+#, c-format
+msgid "cannot create pipe: %s"
+msgstr ""
+
+#: dnsmasq.c:331
+#, c-format
+msgid "started, version %s cachesize %d"
+msgstr ""
+
+#: dnsmasq.c:333
+#, c-format
+msgid "started, version %s cache disabled"
+msgstr ""
+
+#: dnsmasq.c:335
+#, c-format
+msgid "compile time options: %s"
+msgstr ""
+
+#: dnsmasq.c:341
+msgid "DBus support enabled: connected to system bus"
+msgstr ""
+
+#: dnsmasq.c:343
+msgid "DBus support enabled: bus connection pending"
+msgstr ""
+
+#: dnsmasq.c:348
+msgid "setting --bind-interfaces option because of OS limitations"
+msgstr ""
+
+#: dnsmasq.c:353
+#, c-format
+msgid "warning: interface %s does not currently exist"
+msgstr ""
+
+#: dnsmasq.c:365
+#, c-format
+msgid "DHCP, static leases only on %.0s%s, lease time %s"
+msgstr ""
+
+#: dnsmasq.c:366
+#, c-format
+msgid "DHCP, IP range %s -- %s, lease time %s"
+msgstr ""
+
+#: dnsmasq.c:376
+#, c-format
+msgid "warning: setting capabilities failed: %m"
+msgstr ""
+
+#: dnsmasq.c:378
+msgid "running as root"
+msgstr ""
+
+#: dnsmasq.c:511
+msgid "exiting on receipt of SIGTERM"
+msgstr ""
+
+#: dnsmasq.c:538
+msgid "connected to system DBus"
+msgstr ""
+
+#: dhcp.c:32
+#, c-format
+msgid "cannot create DHCP socket : %s"
+msgstr ""
+
+#: dhcp.c:42
+#, c-format
+msgid "failed to set options on DHCP socket: %s"
+msgstr ""
+
+#: dhcp.c:49
+#, c-format
+msgid "failed to set SO_REUSEADDR on DHCP socket: %s"
+msgstr ""
+
+#: dhcp.c:59
+#, c-format
+msgid "failed to bind DHCP server socket: %s"
+msgstr ""
+
+#: dhcp.c:72
+#, c-format
+msgid "cannot create ICMP raw socket: %s."
+msgstr ""
+
+#: dhcp.c:84
+#, c-format
+msgid "duplicate IP address %s in dhcp-config directive."
+msgstr ""
+
+#: dhcp.c:306
+#, c-format
+msgid "DHCP range %s -- %s is not consistent with netmask %s"
+msgstr ""
+
+#: dhcp.c:622
+#, c-format
+msgid "failed to read %s:%m"
+msgstr ""
+
+#: dhcp.c:641
+#, c-format
+msgid "bad line at %s line %d"
+msgstr ""
+
+#: dhcp.c:745
+#, c-format
+msgid "duplicate IP address %s (%s) in dhcp-config directive"
+msgstr ""
+
+#: dhcp.c:781
+#, c-format
+msgid "Ignoring DHCP host name %s because it has an illegal domain part"
+msgstr ""
+
+#: lease.c:34
+#, c-format
+msgid "cannot open or create leases file: %s"
+msgstr ""
+
+#: lease.c:71
+msgid "too many stored leases"
+msgstr ""
+
+#: lease.c:118
+#, c-format
+msgid "failed to write %s: %m (retry in %ds)"
+msgstr ""
+
+#: rfc2131.c:247
+#, c-format
+msgid "no address range available for DHCP request %s %s"
+msgstr ""
+
+#: rfc2131.c:248
+msgid "with subnet selector"
+msgstr ""
+
+#: rfc2131.c:248
+msgid "via"
+msgstr ""
+
+#: rfc2131.c:274 rfc2131.c:298
+msgid "disabled"
+msgstr ""
+
+#: rfc2131.c:310 rfc2131.c:731
+msgid "address in use"
+msgstr ""
+
+#: rfc2131.c:313
+msgid "no address configured"
+msgstr ""
+
+#: rfc2131.c:326 rfc2131.c:605
+msgid "no address available"
+msgstr ""
+
+#: rfc2131.c:333 rfc2131.c:734
+msgid "no leases left"
+msgstr ""
+
+#: rfc2131.c:336 rfc2131.c:707
+msgid "wrong network"
+msgstr ""
+
+#: rfc2131.c:540
+#, c-format
+msgid "disabling DHCP static address %s"
+msgstr ""
+
+#: rfc2131.c:558
+msgid "unknown lease"
+msgstr ""
+
+#: rfc2131.c:567 rfc2131.c:799
+msgid "ignored"
+msgstr ""
+
+#: rfc2131.c:581
+#, c-format
+msgid "not using configured address %s because it is leased to %s"
+msgstr ""
+
+#: rfc2131.c:590
+#, c-format
+msgid "not using configured address %s because it is in use by the server"
+msgstr ""
+
+#: rfc2131.c:670
+msgid "wrong address"
+msgstr ""
+
+#: rfc2131.c:683
+msgid "lease not found"
+msgstr ""
+
+#: rfc2131.c:715
+msgid "address not available"
+msgstr ""
+
+#: rfc2131.c:724
+msgid "static lease available"
+msgstr ""
+
+#: rfc2131.c:728
+msgid "address reserved"
+msgstr ""
+
+#: rfc2131.c:946
+#, c-format
+msgid "cannot send DHCP option %d: no space left in packet"
+msgstr ""
+
+#: rfc2131.c:1247
+#, c-format
+msgid "More than one vendor class matches, using %s"
+msgstr ""
+
+#: netlink.c:51
+#, c-format
+msgid "cannot create RTnetlink socket: %s"
+msgstr ""
+
+#: netlink.c:218
+#, c-format
+msgid "RTnetlink returns error: %s"
+msgstr ""
+
+#: dbus.c:112
+msgid "attempt to set an IPv6 server address via DBus - no IPv6 support"
+msgstr ""
+
+#: dbus.c:238
+msgid "setting upstream servers from DBus"
+msgstr ""
+
+#: dbus.c:274
+msgid "could not register a DBus message handler"
+msgstr ""
+
+#: bpf.c:54
+#, c-format
+msgid "cannot create DHCP BPF socket: %s"
+msgstr ""
+
+#: bpf.c:74
+#, c-format
+msgid "DHCP request for unsupported hardware type (%d) received on %s"
+msgstr ""

po/no.po

@@ -0,0 +1,906 @@
+# Norwegian translations for dnsmasq package.
+# This file is put in the public domain.
+# Simon Kelley <simon@thekelleys.org.uk>, 2006.
+#
+# Current translator: Jan Erik Askildt <jeaskildt@gmail.com>, 2006
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: dnsmasq 2.25\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2006-04-21 19:59+0100\n"
+"PO-Revision-Date: 2006-01-11 17:39+0000\n"
+"Last-Translator: Jan Erik Askildt <jeaskildt@gmail.com>\n"
+"Language-Team: Norwegian <i18n-nb@lister.ping.uio.no>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ISO-8859-1\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: cache.c:570
+#, c-format
+msgid "failed to load names from %s: %m"
+msgstr "feilet å laste navn fra %s: %m"
+
+#: cache.c:606 dhcp.c:654
+#, c-format
+msgid "bad address at %s line %d"
+msgstr "dårlig adresse ved %s linje %d"
+
+#: cache.c:633 dhcp.c:668
+#, c-format
+msgid "bad name at %s line %d"
+msgstr "dårlig navn ved %s linje %d"
+
+#: cache.c:639 dhcp.c:722
+#, c-format
+msgid "read %s - %d addresses"
+msgstr "les %s - %d adresser"
+
+#: cache.c:675
+msgid "cleared cache"
+msgstr "mellomlager tømt"
+
+#: cache.c:728
+#, c-format
+msgid ""
+"not giving name %s to the DHCP lease of %s because the name exists in %s "
+"with address %s"
+msgstr ""
+"gir ikke navnet %s til DHCP leien for %s fordi navnet eksisterer i %s med "
+"adressen %s"
+
+#: cache.c:772
+#, fuzzy, c-format
+msgid ""
+"time %lu, cache size %d, %d/%d cache insertions re-used unexpired cache "
+"entries."
+msgstr ""
+"mellomlager størrelse %d, %d/%d mellomlager innsettinger re-bruker "
+"mellomlager plasser som ikke er utløpt"
+
+#: util.c:153 option.c:1294
+msgid "could not get memory"
+msgstr "kunne ikke få minne"
+
+#: util.c:176
+#, c-format
+msgid "%s at line %d of %%s"
+msgstr "%s på linje %d av %%s"
+
+#: util.c:183
+msgid "FAILED to start up"
+msgstr "FEILET å starte opp"
+
+#: util.c:304
+#, c-format
+msgid "infinite"
+msgstr "uendelig"
+
+#: option.c:125
+msgid "Specify local address(es) to listen on."
+msgstr "Spesifiser lokal(e) adresse(r) å lytte på."
+
+#: option.c:126
+msgid "Return ipaddr for all hosts in specified domains."
+msgstr "Returner ipaddr for alle verter i det spesifiserte domenet."
+
+#: option.c:127
+msgid "Fake reverse lookups for RFC1918 private address ranges."
+msgstr "Forfalsk revers oppslag for RFC1918 private adresse områder."
+
+#: option.c:128
+msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+msgstr "Behandle ipaddr som NXDOMAIN (omgår Verisign wildcard)."
+
+#: option.c:129
+#, c-format
+msgid "Specify the size of the cache in entries (defaults to %s)."
+msgstr "Spesifiser størrelsen på mellomlager plassene (standard er %s)."
+
+#: option.c:130
+#, c-format
+msgid "Specify configuration file (defaults to %s)."
+msgstr "Spesifiser konfigurasjonsfil (standard er %s)."
+
+#: option.c:131
+msgid "Do NOT fork into the background: run in debug mode."
+msgstr "IKKE legg (fork) som bakgrunnsprosess: kjør i debug modus."
+
+#: option.c:132
+msgid "Do NOT forward queries with no domain part."
+msgstr "IKKE videresend oppslag som mangler domene del."
+
+#: option.c:133
+msgid "Return self-pointing MX records for local hosts."
+msgstr "Returner selv-pekende MX post for lokale verter."
+
+#: option.c:134
+msgid "Expand simple names in /etc/hosts with domain-suffix."
+msgstr "Utvid enkle navn i /etc/hosts med domene-suffiks."
+
+#: option.c:135
+msgid "Don't forward spurious DNS requests from Windows hosts."
+msgstr "Ikke videresend falske/uekte DNS forespørsler fra Windows verter."
+
+#: option.c:136
+msgid "Enable DHCP in the range given with lease duration."
+msgstr "Aktiver DHCP i det gitte området med leie varighet"
+
+#: option.c:137
+#, c-format
+msgid "Change to this group after startup (defaults to %s)."
+msgstr "Skift til denne gruppen etter oppstart (standard er %s)."
+
+#: option.c:138
+msgid "Set address or hostname for a specified machine."
+msgstr "Sett adresse eller vertsnavn for en spesifikk maskin."
+
+#: option.c:139
+#, c-format
+msgid "Do NOT load %s file."
+msgstr "IKKE last %s filen."
+
+#: option.c:140
+#, c-format
+msgid "Specify a hosts file to be read in addition to %s."
+msgstr "Spesifiser en verts (hosts) fil som skal leses i tilleg til %s."
+
+#: option.c:141
+msgid "Specify interface(s) to listen on."
+msgstr "Spesifiser nettverkskort det skal lyttes på."
+
+#: option.c:142
+msgid "Specify interface(s) NOT to listen on."
+msgstr "Spesifiser nettverkskort det IKKE skal lyttes på."
+
+#: option.c:143
+msgid "Map DHCP user class to option set."
+msgstr "Map DHCP bruker klasse til opsjon sett."
+
+#: option.c:144
+msgid "Don't do DHCP for hosts in option set."
+msgstr "Ikke utfør DHCP for klienter i opsjon sett."
+
+#: option.c:145
+msgid "Do NOT fork into the background, do NOT run in debug mode."
+msgstr "IKKE last (fork) som bakgrunnsprosess, IKKE kjør i debug modus."
+
+#: option.c:146
+msgid "Assume we are the only DHCP server on the local network."
+msgstr "Anta at vi er den eneste DHCP tjeneren på det lokale nettverket."
+
+#: option.c:147
+#, c-format
+msgid "Specify where to store DHCP leases (defaults to %s)."
+msgstr "Spesifiser hvor DHCP leiene skal lagres (standard er %s)."
+
+#: option.c:148
+msgid "Return MX records for local hosts."
+msgstr "Returner MX records for lokale verter."
+
+#: option.c:149
+msgid "Specify an MX record."
+msgstr "Spesifiser en MX post."
+
+#: option.c:150
+msgid "Specify BOOTP options to DHCP server."
+msgstr "Spesifiser BOOTP opsjoner til DHCP tjener."
+
+#: option.c:151
+#, c-format
+msgid "Do NOT poll %s file, reload only on SIGHUP."
+msgstr "IKKE spør (poll) %s fil, les på nytt kun ved SIGHUP"
+
+#: option.c:152
+msgid "Do NOT cache failed search results."
+msgstr "IKKE mellomlagre søkeresultater som feiler."
+
+#: option.c:153
+#, c-format
+msgid "Use nameservers strictly in the order given in %s."
+msgstr "Bruk navnetjenere kun som bestemt i rekkefølgen gitt i %s."
+
+#: option.c:154
+msgid "Set extra options to be set to DHCP clients."
+msgstr "Sett ekstra opsjoner som skal fordeles til DHCP klientene."
+
+#: option.c:155
+msgid "Specify port to listen for DNS requests on (defaults to 53)."
+msgstr "Spesifiser lytteport for DNS oppslag (standard er 53)."
+
+#: option.c:156
+#, c-format
+msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+msgstr "Maksimal støttet UDP pakkestørrelse for EDNS.0 (standard er %s)."
+
+#: option.c:157
+msgid "Log queries."
+msgstr "Logg oppslag."
+
+#: option.c:158
+msgid "Force the originating port for upstream queries."
+msgstr "Tving bruk av opprinnelig port for oppstrøms oppslag."
+
+#: option.c:159
+msgid "Do NOT read resolv.conf."
+msgstr "IKKE les resolv.conf."
+
+#: option.c:160
+#, c-format
+msgid "Specify path to resolv.conf (defaults to %s)."
+msgstr "Spesifiser stien til resolv.conf (standard er %s)."
+
+#: option.c:161
+msgid "Specify address(es) of upstream servers with optional domains."
+msgstr "Spesifiser adressen(e) til oppstrøms tjenere med valgfrie domener."
+
+#: option.c:162
+msgid "Never forward queries to specified domains."
+msgstr "Aldri videresend oppslag til spesifiserte domener."
+
+#: option.c:163
+msgid "Specify the domain to be assigned in DHCP leases."
+msgstr "Spesifiser domenet som skal tildeles i DHCP leien."
+
+#: option.c:164
+msgid "Specify default target in an MX record."
+msgstr "Spesifiser default mål i en MX post."
+
+#: option.c:165
+msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+msgstr "Spesifiser time-to-live i sekunder for svar fra /etc/hosts."
+
+#: option.c:166
+#, c-format
+msgid "Change to this user after startup. (defaults to %s)."
+msgstr "Skift til denne bruker etter oppstart (standard er %s)."
+
+#: option.c:167
+msgid "Map DHCP vendor class to option set."
+msgstr "Map DHCP produsent klasse til opsjon sett."
+
+#: option.c:168
+msgid "Display dnsmasq version and copyright information."
+msgstr "Vis dnsmasq versjon og copyright informasjon."
+
+#: option.c:169
+msgid "Translate IPv4 addresses from upstream servers."
+msgstr "Oversett IPv4 adresser fra oppstrøms tjenere."
+
+#: option.c:170
+msgid "Specify a SRV record."
+msgstr "Spesifiser en SRV post."
+
+#: option.c:171
+msgid "Display this message."
+msgstr "Vis denne meldingen."
+
+#: option.c:172
+#, c-format
+msgid "Specify path of PID file. (defaults to %s)."
+msgstr "Spesifiser stien til PID fil. (standard er %s)."
+
+#: option.c:173
+#, c-format
+msgid "Specify maximum number of DHCP leases (defaults to %s)."
+msgstr "Spesifiser maksimum antall DHCP leier (standard er %s)"
+
+#: option.c:174
+msgid "Answer DNS queries based on the interface a query was sent to."
+msgstr "Svar DNS oppslag basert på nettverkskortet oppslaget ble sendt til."
+
+#: option.c:175
+msgid "Specify TXT DNS record."
+msgstr "Spesifiser TXT DNS post."
+
+#: option.c:176
+msgid "Bind only to interfaces in use."
+msgstr "Bind kun til nettverkskort som er i bruk."
+
+#: option.c:177
+#, c-format
+msgid "Read DHCP static host information from %s."
+msgstr "Les DHCP statisk vert informasjon fra %s."
+
+#: option.c:178
+msgid "Enable the DBus interface for setting upstream servers, etc."
+msgstr "Aktiver DBus interface for å sette oppstrøms tjenere, osv."
+
+#: option.c:179
+msgid "Do not provide DHCP on this interface, only provide DNS."
+msgstr "Ikke lever DHCP på dette nettverkskortet, kun lever DNS."
+
+#: option.c:180
+msgid "Enable dynamic address allocation for bootp."
+msgstr "Aktiver dynamisk adresse allokering for bootp."
+
+#: option.c:181
+#, fuzzy
+msgid "Map MAC address (with wildcards) to option set."
+msgstr "Map DHCP produsent klasse til opsjon sett."
+
+#: option.c:182
+msgid "Disable ICMP echo address checking in the DHCP server."
+msgstr ""
+
+#: option.c:396
+msgid "missing \""
+msgstr "mangler \""
+
+#: option.c:425
+msgid "bad option"
+msgstr "dårlig opsjon"
+
+#: option.c:442
+#, c-format
+msgid "cannot read %s: %s"
+msgstr "kan ikke lese %s: %s"
+
+#: option.c:448
+#, c-format
+msgid ""
+"Usage: dnsmasq [options]\n"
+"\n"
+msgstr ""
+"Bruk: dnsmasq [opsjoner]\n"
+"\n"
+
+#: option.c:450
+#, c-format
+msgid "Use short options only on the command line.\n"
+msgstr "Bruk korte opsjoner kun på kommandolinjen.\n"
+
+#: option.c:452
+#, c-format
+msgid "Valid options are :\n"
+msgstr "Gyldige opsjoner er :\n"
+
+#: option.c:477
+#, c-format
+msgid "Dnsmasq version %s  %s\n"
+msgstr "Dnsmasq versjon %s %s\n"
+
+#: option.c:478
+#, c-format
+msgid ""
+"Compile time options %s\n"
+"\n"
+msgstr ""
+"Kompileringsopsjoner %s\n"
+"\n"
+
+#: option.c:479
+#, c-format
+msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+msgstr "Denne programvaren kommer med ABSOLUTT INGEN GARANTI.\n"
+
+#: option.c:480
+#, c-format
+msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+msgstr "DNsmasq er fri programvare, du er velkommen til å redistribuere den\n"
+
+#: option.c:481
+#, c-format
+msgid "under the terms of the GNU General Public License, version 2.\n"
+msgstr "under vilkårene gitt i GNU General Public License, versjon 2.\n"
+
+#: option.c:491
+msgid "extraneous parameter"
+msgstr "overflødig parameter"
+
+#: option.c:499
+msgid "missing parameter"
+msgstr "mangler parameter"
+
+#: option.c:516
+msgid "nested includes not allowed"
+msgstr "nøstede inkluderinger er ikke tillatt"
+
+#: option.c:576
+msgid "bad MX preference"
+msgstr "dårlig MX preferanse"
+
+#: option.c:585
+msgid "bad MX name"
+msgstr "dårlig MX navn"
+
+#: option.c:603
+msgid "bad MX target"
+msgstr "dårlig MX mål"
+
+#: option.c:802 option.c:813
+msgid "bad port"
+msgstr "dårlig port"
+
+#: option.c:955
+msgid "bad dhcp-range"
+msgstr "dårlig dhcp-område"
+
+#: option.c:984
+msgid "only one netid tag allowed"
+msgstr ""
+
+#: option.c:1029
+msgid "inconsistent DHCP range"
+msgstr "ikke konsistent DHCP område"
+
+#: option.c:1214
+msgid "bad dhcp-host"
+msgstr "dårlig dhcp-vert"
+
+#: option.c:1271
+msgid "bad dhcp-option"
+msgstr "dårlig dhcp-opsjon"
+
+#: option.c:1289
+msgid "bad domain in dhcp-option"
+msgstr "dårlig domene i dhcp-opsjon"
+
+#: option.c:1459
+msgid "dhcp-option too long"
+msgstr "dhcp-opsjon for lang"
+
+#: option.c:1656
+msgid "bad TXT record"
+msgstr "dårlig TXT post"
+
+#: option.c:1688
+msgid "TXT record string too long"
+msgstr "TXT post streng for lang"
+
+#: option.c:1727
+msgid "bad SRV record"
+msgstr "dårlig SRV post"
+
+#: option.c:1740
+msgid "bad SRV target"
+msgstr "dårlig SRV mål"
+
+#: option.c:1752
+msgid "invalid port number"
+msgstr "ugyldig portnummer"
+
+#: option.c:1763
+msgid "invalid priority"
+msgstr "ugyldig prioritet"
+
+#: option.c:1774
+msgid "invalid weight"
+msgstr "ugyldig vekt"
+
+#: option.c:1799
+msgid "error"
+msgstr "feil"
+
+#: option.c:1801
+#, c-format
+msgid "bad command line options: %s."
+msgstr "dårlige kommandlinje opsjoner: %s."
+
+#: option.c:1803
+msgid "try --help"
+msgstr ""
+
+#: option.c:1805
+msgid "try -w"
+msgstr ""
+
+#: option.c:1845
+#, c-format
+msgid "cannot get host-name: %s"
+msgstr "klarer ikke å få vertsnavn: %s"
+
+#: option.c:1874
+msgid "only one resolv.conf file allowed in no-poll mode."
+msgstr "kun en resolv.conf fil tillat i no-poll modus."
+
+#: option.c:1881
+msgid "must have exactly one resolv.conf to read domain from."
+msgstr "må ha nøyaktig en resolv.conf å lese domene fra."
+
+#: option.c:1884 network.c:501
+#, c-format
+msgid "failed to read %s: %m"
+msgstr "feilet å lese %s: %m"
+
+#: option.c:1902
+#, c-format
+msgid "no search directive found in %s"
+msgstr "intet søke direktiv funnet i %s"
+
+#: forward.c:381
+#, c-format
+msgid "nameserver %s refused to do a recursive query"
+msgstr "navnetjener %s nektet å gjøre et rekursivt oppslag"
+
+#: forward.c:888
+msgid "forwarding table overflow: check for server loops."
+msgstr "fremsendelse (forwarding) tabell overflyt: sjekk etter tjener løkker."
+
+#: isc.c:73 dnsmasq.c:460
+#, c-format
+msgid "failed to access %s: %m"
+msgstr "feilet å få tilgang til %s: %m"
+
+#: isc.c:89
+#, c-format
+msgid "failed to load %s: %m"
+msgstr "feilet å laste %s: %m"
+
+#: isc.c:93 network.c:505
+#, c-format
+msgid "reading %s"
+msgstr "leser %s"
+
+#: isc.c:115
+#, c-format
+msgid "bad name in %s"
+msgstr "dårlig navn i %s"
+
+#: isc.c:177
+#, c-format
+msgid "Ignoring DHCP lease for %s because it has an illegal domain part"
+msgstr "Ignorerer DHCP leie for %s siden den har en ulovlig domene del"
+
+#: network.c:328 dnsmasq.c:129
+#, c-format
+msgid "failed to create listening socket: %s"
+msgstr "feilet å lage lytte socket: %s"
+
+#: network.c:335
+#, c-format
+msgid "failed to set IPV6 options on listening socket: %s"
+msgstr "feilet å sette IPv6 opsjoner på lytte socket: %s"
+
+#: network.c:353
+#, c-format
+msgid "failed to bind listening socket for %s: %s"
+msgstr "feilet å binde lytte socket for %s: %s"
+
+#: network.c:361
+#, c-format
+msgid "failed to listen on socket: %s"
+msgstr "feilet å lytte på socket: %s"
+
+#: network.c:431
+#, c-format
+msgid "ignoring nameserver %s - local interface"
+msgstr "ignorerer navnetjener %s - lokal tilknytning"
+
+#: network.c:440
+#, c-format
+msgid "ignoring nameserver %s - cannot make/bind socket: %m"
+msgstr "ignorerer navnetjener %s - kan ikke lage/dinde socket: %m"
+
+#: network.c:454
+msgid "domain"
+msgstr "domene"
+
+#: network.c:456
+msgid "unqualified"
+msgstr "ikke kvalifisert"
+
+#: network.c:456
+msgid "domains"
+msgstr "domener"
+
+#: network.c:459
+#, c-format
+msgid "using local addresses only for %s %s"
+msgstr "benytter lokale adresser kun for %s %s"
+
+#: network.c:461
+#, c-format
+msgid "using nameserver %s#%d for %s %s"
+msgstr "benytter navnetjener %s#%d for %s %s"
+
+#: network.c:464
+#, c-format
+msgid "using nameserver %s#%d"
+msgstr "benytter navnetjener %s#%d"
+
+#: dnsmasq.c:94
+msgid ""
+"ISC dhcpd integration not available: set HAVE_ISC_READER in src/config.h"
+msgstr ""
+"ISC dhcpf integrasjon ikke tilgjengelig: sett HAVE_ISC_READER i src/config.h"
+
+#: dnsmasq.c:111
+#, c-format
+msgid "failed to find list of interfaces: %s"
+msgstr "feilet å finne liste av tilknytninger (interfaces): %s"
+
+#: dnsmasq.c:119
+#, c-format
+msgid "unknown interface %s"
+msgstr "ukjent tilknytning (interface) %s"
+
+#: dnsmasq.c:125
+#, c-format
+msgid "no interface with address %s"
+msgstr "ingen tilknytning (interface) med adresse %s"
+
+#: dnsmasq.c:145
+msgid "must set exactly one interface on broken systems without IP_RECVIF"
+msgstr "må sette nøyaktig et interface på ødelagte systemer uten IP_RECVIF"
+
+#: dnsmasq.c:158 dnsmasq.c:536
+#, c-format
+msgid "DBus error: %s"
+msgstr "DBus feil: %s"
+
+#: dnsmasq.c:161
+msgid "DBus not available: set HAVE_DBUS in src/config.h"
+msgstr "DBus ikke tilgjengelig: sett HAVE_DBUS i src/config.h"
+
+#: dnsmasq.c:196
+#, fuzzy, c-format
+msgid "cannot create pipe: %s"
+msgstr "kan ikke lese %s: %s"
+
+#: dnsmasq.c:331
+#, c-format
+msgid "started, version %s cachesize %d"
+msgstr "startet, versjon %s mellomlager størrelse %d"
+
+#: dnsmasq.c:333
+#, c-format
+msgid "started, version %s cache disabled"
+msgstr "startet, versjon %s mellomlager deaktivert"
+
+#: dnsmasq.c:335
+#, c-format
+msgid "compile time options: %s"
+msgstr "kompilerings opsjoner: %s"
+
+#: dnsmasq.c:341
+msgid "DBus support enabled: connected to system bus"
+msgstr "DBus støtte aktivert: koblet til system buss"
+
+#: dnsmasq.c:343
+msgid "DBus support enabled: bus connection pending"
+msgstr "DBus støtte aktivert: avventer buss tilkobling"
+
+#: dnsmasq.c:348
+msgid "setting --bind-interfaces option because of OS limitations"
+msgstr "setter --bind-interfaces opsjon på grunn av OS begrensninger"
+
+#: dnsmasq.c:353
+#, c-format
+msgid "warning: interface %s does not currently exist"
+msgstr "advarsel: nettverkskort %s eksisterer ikke for tiden"
+
+#: dnsmasq.c:365
+#, c-format
+msgid "DHCP, static leases only on %.0s%s, lease time %s"
+msgstr "DHCP, statisk leie kun på %.0s%s, leie tid %s"
+
+#: dnsmasq.c:366
+#, c-format
+msgid "DHCP, IP range %s -- %s, lease time %s"
+msgstr "DHCP, IP område %s -- %s, leie tid %s"
+
+#: dnsmasq.c:376
+#, c-format
+msgid "warning: setting capabilities failed: %m"
+msgstr ""
+
+#: dnsmasq.c:378
+msgid "running as root"
+msgstr "kjører som rot (root)"
+
+#: dnsmasq.c:511
+msgid "exiting on receipt of SIGTERM"
+msgstr "avslutter etter mottak av SIGTERM"
+
+#: dnsmasq.c:538
+msgid "connected to system DBus"
+msgstr "tilkoblet til system DBus"
+
+#: dhcp.c:32
+#, c-format
+msgid "cannot create DHCP socket : %s"
+msgstr "kan ikke lage DHCP socket : %s"
+
+#: dhcp.c:42
+#, c-format
+msgid "failed to set options on DHCP socket: %s"
+msgstr "feilet å sette opsjoner på DHCP socket: %s"
+
+#: dhcp.c:49
+#, c-format
+msgid "failed to set SO_REUSEADDR on DHCP socket: %s"
+msgstr "feilet å sette SO_REUSEADDR på DHCP socket: %s"
+
+#: dhcp.c:59
+#, c-format
+msgid "failed to bind DHCP server socket: %s"
+msgstr "feilet å binde DHCP tjener socket: %s"
+
+#: dhcp.c:72
+#, c-format
+msgid "cannot create ICMP raw socket: %s."
+msgstr "kan ikke lage ICMP raw socket: %s"
+
+#: dhcp.c:84
+#, c-format
+msgid "duplicate IP address %s in dhcp-config directive."
+msgstr "dubliserte IP adresser i %s dhcp-config direktiv."
+
+#: dhcp.c:306
+#, c-format
+msgid "DHCP range %s -- %s is not consistent with netmask %s"
+msgstr "DHCP område %s -- %s er ikke konsistent med nettmaske %s"
+
+#: dhcp.c:622
+#, c-format
+msgid "failed to read %s:%m"
+msgstr "feilet å lese %s:%m"
+
+#: dhcp.c:641
+#, c-format
+msgid "bad line at %s line %d"
+msgstr "dårlig linje ved %s linje %d"
+
+#: dhcp.c:745
+#, c-format
+msgid "duplicate IP address %s (%s) in dhcp-config directive"
+msgstr "dubliserte IP adresser i %s (%s) i dhcp-config direktiv"
+
+#: dhcp.c:781
+#, c-format
+msgid "Ignoring DHCP host name %s because it has an illegal domain part"
+msgstr "Ignorerer DHCP verts navn %s på grunn av ulovlig domene del"
+
+#: lease.c:34
+#, c-format
+msgid "cannot open or create leases file: %s"
+msgstr "kan ikke åpne eller lage leie fil: %s"
+
+#: lease.c:71
+msgid "too many stored leases"
+msgstr "for mange lagrede leier"
+
+#: lease.c:118
+#, fuzzy, c-format
+msgid "failed to write %s: %m (retry in %ds)"
+msgstr "feilet å lese %s: %m"
+
+#: rfc2131.c:247
+#, c-format
+msgid "no address range available for DHCP request %s %s"
+msgstr "ingen adresse område tilgjengelig for DHCP krav %s %s"
+
+#: rfc2131.c:248
+msgid "with subnet selector"
+msgstr "med subnet velger"
+
+#: rfc2131.c:248
+msgid "via"
+msgstr "via"
+
+#: rfc2131.c:274 rfc2131.c:298
+msgid "disabled"
+msgstr "deaktivert"
+
+#: rfc2131.c:310 rfc2131.c:731
+msgid "address in use"
+msgstr "adresse i bruk"
+
+#: rfc2131.c:313
+msgid "no address configured"
+msgstr "ingen adresse konfigurert"
+
+#: rfc2131.c:326 rfc2131.c:605
+msgid "no address available"
+msgstr "ingen adresse tilgjengelig"
+
+#: rfc2131.c:333 rfc2131.c:734
+msgid "no leases left"
+msgstr "ingen leier igjen"
+
+#: rfc2131.c:336 rfc2131.c:707
+msgid "wrong network"
+msgstr "galt nettverk"
+
+#: rfc2131.c:540
+#, c-format
+msgid "disabling DHCP static address %s"
+msgstr "deaktiverer DHCP statisk adresse %s"
+
+#: rfc2131.c:558
+msgid "unknown lease"
+msgstr "ukjent leie"
+
+#: rfc2131.c:567 rfc2131.c:799
+msgid "ignored"
+msgstr "oversett"
+
+#: rfc2131.c:581
+#, c-format
+msgid "not using configured address %s because it is leased to %s"
+msgstr ""
+
+#: rfc2131.c:590
+#, c-format
+msgid "not using configured address %s because it is in use by the server"
+msgstr ""
+
+#: rfc2131.c:670
+msgid "wrong address"
+msgstr "gal adresse"
+
+#: rfc2131.c:683
+msgid "lease not found"
+msgstr "leie ikke funnet"
+
+#: rfc2131.c:715
+msgid "address not available"
+msgstr "adresse ikke tilgjengelig"
+
+#: rfc2131.c:724
+msgid "static lease available"
+msgstr "statisk leie tilgjengelig"
+
+#: rfc2131.c:728
+msgid "address reserved"
+msgstr "adresse reservert"
+
+#: rfc2131.c:946
+#, c-format
+msgid "cannot send DHCP option %d: no space left in packet"
+msgstr "kan ikke sende DHCP opsjon %d: ikke mer plass i pakken"
+
+#: rfc2131.c:1247
+#, c-format
+msgid "More than one vendor class matches, using %s"
+msgstr "Mer enn en produsent klasse som passer, bruker %s"
+
+#: netlink.c:51
+#, fuzzy, c-format
+msgid "cannot create RTnetlink socket: %s"
+msgstr "kan ikke binde netlink socket: %s"
+
+#: netlink.c:218
+#, c-format
+msgid "RTnetlink returns error: %s"
+msgstr ""
+
+#: dbus.c:112
+msgid "attempt to set an IPv6 server address via DBus - no IPv6 support"
+msgstr "forsøk på å sette en IPv6 tjener adresse via DBus - ingen IPv6 støtte"
+
+#: dbus.c:238
+msgid "setting upstream servers from DBus"
+msgstr "setter oppstrøms tjener fra DBus"
+
+#: dbus.c:274
+msgid "could not register a DBus message handler"
+msgstr "kunne ikke registrere en DBus meldingshåndterer"
+
+#: bpf.c:54
+#, c-format
+msgid "cannot create DHCP BPF socket: %s"
+msgstr "kan ikke lage DHCP BPF socket: %s"
+
+#: bpf.c:74
+#, fuzzy, c-format
+msgid "DHCP request for unsupported hardware type (%d) received on %s"
+msgstr "DHCP krav for ikke støttet maskinvare type (%d) mottatt på %s"
+
+#~ msgid "cannot open %s:%s"
+#~ msgstr "kan ikke åpne %s:%s"
+
+#~ msgid "DHCP, %s will be written every %s"
+#~ msgstr "DHCP, %s vil bli skrevet hver %s"
+
+#~ msgid ""
+#~ "cannot create DHCP packet socket: %s. Is CONFIG_PACKET enabled in your "
+#~ "kernel?"
+#~ msgstr ""
+#~ "kan ikke lage DHCP pakke socket: %s. Er CONFIG_PACKET aktivert i din "
+#~ "kjerne?"
+
+#~ msgid "Cannot use RTnetlink socket, falling back to ioctl API"
+#~ msgstr "Kan ikke benytte RTnetlink socket, faller tilbake til ioctl API"

po/pt_BR.po

@@ -0,0 +1,878 @@
+# Portuguese translations for dnsmasq package.
+# This file is put in the public domain.
+# Simon Kelley <simon@thekelleys.org.uk>, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: dnsmasq 2.26\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2006-04-21 19:59+0100\n"
+"PO-Revision-Date: 2006-01-16 20:42+0000\n"
+"Last-Translator: Simon Kelley <simon@thekelleys.org.uk>\n"
+"Language-Team: Portuguese <ldp-br@bazar.conectiva.com.br>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=ASCII\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#: cache.c:570
+#, c-format
+msgid "failed to load names from %s: %m"
+msgstr ""
+
+#: cache.c:606 dhcp.c:654
+#, c-format
+msgid "bad address at %s line %d"
+msgstr ""
+
+#: cache.c:633 dhcp.c:668
+#, c-format
+msgid "bad name at %s line %d"
+msgstr ""
+
+#: cache.c:639 dhcp.c:722
+#, c-format
+msgid "read %s - %d addresses"
+msgstr ""
+
+#: cache.c:675
+msgid "cleared cache"
+msgstr ""
+
+#: cache.c:728
+#, c-format
+msgid ""
+"not giving name %s to the DHCP lease of %s because the name exists in %s "
+"with address %s"
+msgstr ""
+
+#: cache.c:772
+#, c-format
+msgid ""
+"time %lu, cache size %d, %d/%d cache insertions re-used unexpired cache "
+"entries."
+msgstr ""
+
+#: util.c:153 option.c:1294
+msgid "could not get memory"
+msgstr ""
+
+#: util.c:176
+#, c-format
+msgid "%s at line %d of %%s"
+msgstr ""
+
+#: util.c:183
+msgid "FAILED to start up"
+msgstr ""
+
+#: util.c:304
+#, c-format
+msgid "infinite"
+msgstr ""
+
+#: option.c:125
+msgid "Specify local address(es) to listen on."
+msgstr ""
+
+#: option.c:126
+msgid "Return ipaddr for all hosts in specified domains."
+msgstr ""
+
+#: option.c:127
+msgid "Fake reverse lookups for RFC1918 private address ranges."
+msgstr ""
+
+#: option.c:128
+msgid "Treat ipaddr as NXDOMAIN (defeats Verisign wildcard)."
+msgstr ""
+
+#: option.c:129
+#, c-format
+msgid "Specify the size of the cache in entries (defaults to %s)."
+msgstr ""
+
+#: option.c:130
+#, c-format
+msgid "Specify configuration file (defaults to %s)."
+msgstr ""
+
+#: option.c:131
+msgid "Do NOT fork into the background: run in debug mode."
+msgstr ""
+
+#: option.c:132
+msgid "Do NOT forward queries with no domain part."
+msgstr ""
+
+#: option.c:133
+msgid "Return self-pointing MX records for local hosts."
+msgstr ""
+
+#: option.c:134
+msgid "Expand simple names in /etc/hosts with domain-suffix."
+msgstr ""
+
+#: option.c:135
+msgid "Don't forward spurious DNS requests from Windows hosts."
+msgstr ""
+
+#: option.c:136
+msgid "Enable DHCP in the range given with lease duration."
+msgstr ""
+
+#: option.c:137
+#, c-format
+msgid "Change to this group after startup (defaults to %s)."
+msgstr ""
+
+#: option.c:138
+msgid "Set address or hostname for a specified machine."
+msgstr ""
+
+#: option.c:139
+#, c-format
+msgid "Do NOT load %s file."
+msgstr ""
+
+#: option.c:140
+#, c-format
+msgid "Specify a hosts file to be read in addition to %s."
+msgstr ""
+
+#: option.c:141
+msgid "Specify interface(s) to listen on."
+msgstr ""
+
+#: option.c:142
+msgid "Specify interface(s) NOT to listen on."
+msgstr ""
+
+#: option.c:143
+msgid "Map DHCP user class to option set."
+msgstr ""
+
+#: option.c:144
+msgid "Don't do DHCP for hosts in option set."
+msgstr ""
+
+#: option.c:145
+msgid "Do NOT fork into the background, do NOT run in debug mode."
+msgstr ""
+
+#: option.c:146
+msgid "Assume we are the only DHCP server on the local network."
+msgstr ""
+
+#: option.c:147
+#, c-format
+msgid "Specify where to store DHCP leases (defaults to %s)."
+msgstr ""
+
+#: option.c:148
+msgid "Return MX records for local hosts."
+msgstr ""
+
+#: option.c:149
+msgid "Specify an MX record."
+msgstr ""
+
+#: option.c:150
+msgid "Specify BOOTP options to DHCP server."
+msgstr ""
+
+#: option.c:151
+#, c-format
+msgid "Do NOT poll %s file, reload only on SIGHUP."
+msgstr ""
+
+#: option.c:152
+msgid "Do NOT cache failed search results."
+msgstr ""
+
+#: option.c:153
+#, c-format
+msgid "Use nameservers strictly in the order given in %s."
+msgstr ""
+
+#: option.c:154
+msgid "Set extra options to be set to DHCP clients."
+msgstr ""
+
+#: option.c:155
+msgid "Specify port to listen for DNS requests on (defaults to 53)."
+msgstr ""
+
+#: option.c:156
+#, c-format
+msgid "Maximum supported UDP packet size for EDNS.0 (defaults to %s)."
+msgstr ""
+
+#: option.c:157
+msgid "Log queries."
+msgstr ""
+
+#: option.c:158
+msgid "Force the originating port for upstream queries."
+msgstr ""
+
+#: option.c:159
+msgid "Do NOT read resolv.conf."
+msgstr ""
+
+#: option.c:160
+#, c-format
+msgid "Specify path to resolv.conf (defaults to %s)."
+msgstr ""
+
+#: option.c:161
+msgid "Specify address(es) of upstream servers with optional domains."
+msgstr ""
+
+#: option.c:162
+msgid "Never forward queries to specified domains."
+msgstr ""
+
+#: option.c:163
+msgid "Specify the domain to be assigned in DHCP leases."
+msgstr ""
+
+#: option.c:164
+msgid "Specify default target in an MX record."
+msgstr ""
+
+#: option.c:165
+msgid "Specify time-to-live in seconds for replies from /etc/hosts."
+msgstr ""
+
+#: option.c:166
+#, c-format
+msgid "Change to this user after startup. (defaults to %s)."
+msgstr ""
+
+#: option.c:167
+msgid "Map DHCP vendor class to option set."
+msgstr ""
+
+#: option.c:168
+msgid "Display dnsmasq version and copyright information."
+msgstr ""
+
+#: option.c:169
+msgid "Translate IPv4 addresses from upstream servers."
+msgstr ""
+
+#: option.c:170
+msgid "Specify a SRV record."
+msgstr ""
+
+#: option.c:171
+msgid "Display this message."
+msgstr ""
+
+#: option.c:172
+#, c-format
+msgid "Specify path of PID file. (defaults to %s)."
+msgstr ""
+
+#: option.c:173
+#, c-format
+msgid "Specify maximum number of DHCP leases (defaults to %s)."
+msgstr ""
+
+#: option.c:174
+msgid "Answer DNS queries based on the interface a query was sent to."
+msgstr ""
+
+#: option.c:175
+msgid "Specify TXT DNS record."
+msgstr ""
+
+#: option.c:176
+msgid "Bind only to interfaces in use."
+msgstr ""
+
+#: option.c:177
+#, c-format
+msgid "Read DHCP static host information from %s."
+msgstr ""
+
+#: option.c:178
+msgid "Enable the DBus interface for setting upstream servers, etc."
+msgstr ""
+
+#: option.c:179
+msgid "Do not provide DHCP on this interface, only provide DNS."
+msgstr ""
+
+#: option.c:180
+msgid "Enable dynamic address allocation for bootp."
+msgstr ""
+
+#: option.c:181
+msgid "Map MAC address (with wildcards) to option set."
+msgstr ""
+
+#: option.c:182
+msgid "Disable ICMP echo address checking in the DHCP server."
+msgstr ""
+
+#: option.c:396
+msgid "missing \""
+msgstr ""
+
+#: option.c:425
+msgid "bad option"
+msgstr ""
+
+#: option.c:442
+#, c-format
+msgid "cannot read %s: %s"
+msgstr ""
+
+#: option.c:448
+#, c-format
+msgid ""
+"Usage: dnsmasq [options]\n"
+"\n"
+msgstr ""
+
+#: option.c:450
+#, c-format
+msgid "Use short options only on the command line.\n"
+msgstr ""
+
+#: option.c:452
+#, c-format
+msgid "Valid options are :\n"
+msgstr ""
+
+#: option.c:477
+#, c-format
+msgid "Dnsmasq version %s  %s\n"
+msgstr ""
+
+#: option.c:478
+#, c-format
+msgid ""
+"Compile time options %s\n"
+"\n"
+msgstr ""
+
+#: option.c:479
+#, c-format
+msgid "This software comes with ABSOLUTELY NO WARRANTY.\n"
+msgstr ""
+
+#: option.c:480
+#, c-format
+msgid "Dnsmasq is free software, and you are welcome to redistribute it\n"
+msgstr ""
+
+#: option.c:481
+#, c-format
+msgid "under the terms of the GNU General Public License, version 2.\n"
+msgstr ""
+
+#: option.c:491
+msgid "extraneous parameter"
+msgstr ""
+
+#: option.c:499
+msgid "missing parameter"
+msgstr ""
+
+#: option.c:516
+msgid "nested includes not allowed"
+msgstr ""
+
+#: option.c:576
+msgid "bad MX preference"
+msgstr ""
+
+#: option.c:585
+msgid "bad MX name"
+msgstr ""
+
+#: option.c:603
+msgid "bad MX target"
+msgstr ""
+
+#: option.c:802 option.c:813
+msgid "bad port"
+msgstr ""
+
+#: option.c:955
+msgid "bad dhcp-range"
+msgstr ""
+
+#: option.c:984
+msgid "only one netid tag allowed"
+msgstr ""
+
+#: option.c:1029
+msgid "inconsistent DHCP range"
+msgstr ""
+
+#: option.c:1214
+msgid "bad dhcp-host"
+msgstr ""
+
+#: option.c:1271
+msgid "bad dhcp-option"
+msgstr ""
+
+#: option.c:1289
+msgid "bad domain in dhcp-option"
+msgstr ""
+
+#: option.c:1459
+msgid "dhcp-option too long"
+msgstr ""
+
+#: option.c:1656
+msgid "bad TXT record"
+msgstr ""
+
+#: option.c:1688
+msgid "TXT record string too long"
+msgstr ""
+
+#: option.c:1727
+msgid "bad SRV record"
+msgstr ""
+
+#: option.c:1740
+msgid "bad SRV target"
+msgstr ""
+
+#: option.c:1752
+msgid "invalid port number"
+msgstr ""
+
+#: option.c:1763
+msgid "invalid priority"
+msgstr ""
+
+#: option.c:1774
+msgid "invalid weight"
+msgstr ""
+
+#: option.c:1799
+msgid "error"
+msgstr ""
+
+#: option.c:1801
+#, c-format
+msgid "bad command line options: %s."
+msgstr ""
+
+#: option.c:1803
+msgid "try --help"
+msgstr ""
+
+#: option.c:1805
+msgid "try -w"
+msgstr ""
+
+#: option.c:1845
+#, c-format
+msgid "cannot get host-name: %s"
+msgstr ""
+
+#: option.c:1874
+msgid "only one resolv.conf file allowed in no-poll mode."
+msgstr ""
+
+#: option.c:1881
+msgid "must have exactly one resolv.conf to read domain from."
+msgstr ""
+
+#: option.c:1884 network.c:501
+#, c-format
+msgid "failed to read %s: %m"
+msgstr ""
+
+#: option.c:1902
+#, c-format
+msgid "no search directive found in %s"
+msgstr ""
+
+#: forward.c:381
+#, c-format
+msgid "nameserver %s refused to do a recursive query"
+msgstr ""
+
+#: forward.c:888
+msgid "forwarding table overflow: check for server loops."
+msgstr ""
+
+#: isc.c:73 dnsmasq.c:460
+#, c-format
+msgid "failed to access %s: %m"
+msgstr ""
+
+#: isc.c:89
+#, c-format
+msgid "failed to load %s: %m"
+msgstr ""
+
+#: isc.c:93 network.c:505
+#, c-format
+msgid "reading %s"
+msgstr ""
+
+#: isc.c:115
+#, c-format
+msgid "bad name in %s"
+msgstr ""
+
+#: isc.c:177
+#, c-format
+msgid "Ignoring DHCP lease for %s because it has an illegal domain part"
+msgstr ""
+
+#: network.c:328 dnsmasq.c:129
+#, c-format
+msgid "failed to create listening socket: %s"
+msgstr ""
+
+#: network.c:335
+#, c-format
+msgid "failed to set IPV6 options on listening socket: %s"
+msgstr ""
+
+#: network.c:353
+#, c-format
+msgid "failed to bind listening socket for %s: %s"
+msgstr ""
+
+#: network.c:361
+#, c-format
+msgid "failed to listen on socket: %s"
+msgstr ""
+
+#: network.c:431
+#, c-format
+msgid "ignoring nameserver %s - local interface"
+msgstr ""
+
+#: network.c:440
+#, c-format
+msgid "ignoring nameserver %s - cannot make/bind socket: %m"
+msgstr ""
+
+#: network.c:454
+msgid "domain"
+msgstr ""
+
+#: network.c:456
+msgid "unqualified"
+msgstr ""
+
+#: network.c:456
+msgid "domains"
+msgstr ""
+
+#: network.c:459
+#, c-format
+msgid "using local addresses only for %s %s"
+msgstr ""
+
+#: network.c:461
+#, c-format
+msgid "using nameserver %s#%d for %s %s"
+msgstr ""
+
+#: network.c:464
+#, c-format
+msgid "using nameserver %s#%d"
+msgstr ""
+
+#: dnsmasq.c:94
+msgid ""
+"ISC dhcpd integration not available: set HAVE_ISC_READER in src/config.h"
+msgstr ""
+
+#: dnsmasq.c:111
+#, c-format
+msgid "failed to find list of interfaces: %s"
+msgstr ""
+
+#: dnsmasq.c:119
+#, c-format
+msgid "unknown interface %s"
+msgstr ""
+
+#: dnsmasq.c:125
+#, c-format
+msgid "no interface with address %s"
+msgstr ""
+
+#: dnsmasq.c:145
+msgid "must set exactly one interface on broken systems without IP_RECVIF"
+msgstr ""
+
+#: dnsmasq.c:158 dnsmasq.c:536
+#, c-format
+msgid "DBus error: %s"
+msgstr ""
+
+#: dnsmasq.c:161
+msgid "DBus not available: set HAVE_DBUS in src/config.h"
+msgstr ""
+
+#: dnsmasq.c:196
+#, c-format
+msgid "cannot create pipe: %s"
+msgstr ""
+
+#: dnsmasq.c:331
+#, c-format
+msgid "started, version %s cachesize %d"
+msgstr ""
+
+#: dnsmasq.c:333
+#, c-format
+msgid "started, version %s cache disabled"
+msgstr ""
+
+#: dnsmasq.c:335
+#, c-format
+msgid "compile time options: %s"
+msgstr ""
+
+#: dnsmasq.c:341
+msgid "DBus support enabled: connected to system bus"
+msgstr ""
+
+#: dnsmasq.c:343
+msgid "DBus support enabled: bus connection pending"
+msgstr ""
+
+#: dnsmasq.c:348
+msgid "setting --bind-interfaces option because of OS limitations"
+msgstr ""
+
+#: dnsmasq.c:353
+#, c-format
+msgid "warning: interface %s does not currently exist"
+msgstr ""
+
+#: dnsmasq.c:365
+#, c-format
+msgid "DHCP, static leases only on %.0s%s, lease time %s"
+msgstr ""
+
+#: dnsmasq.c:366
+#, c-format
+msgid "DHCP, IP range %s -- %s, lease time %s"
+msgstr ""
+
+#: dnsmasq.c:376
+#, c-format
+msgid "warning: setting capabilities failed: %m"
+msgstr ""
+
+#: dnsmasq.c:378
+msgid "running as root"
+msgstr ""
+
+#: dnsmasq.c:511
+msgid "exiting on receipt of SIGTERM"
+msgstr ""
+
+#: dnsmasq.c:538
+msgid "connected to system DBus"
+msgstr ""
+
+#: dhcp.c:32
+#, c-format
+msgid "cannot create DHCP socket : %s"
+msgstr ""
+
+#: dhcp.c:42
+#, c-format
+msgid "failed to set options on DHCP socket: %s"
+msgstr ""
+
+#: dhcp.c:49
+#, c-format
+msgid "failed to set SO_REUSEADDR on DHCP socket: %s"
+msgstr ""
+
+#: dhcp.c:59
+#, c-format
+msgid "failed to bind DHCP server socket: %s"
+msgstr ""
+
+#: dhcp.c:72
+#, c-format
+msgid "cannot create ICMP raw socket: %s."
+msgstr ""
+
+#: dhcp.c:84
+#, c-format
+msgid "duplicate IP address %s in dhcp-config directive."
+msgstr ""
+
+#: dhcp.c:306
+#, c-format
+msgid "DHCP range %s -- %s is not consistent with netmask %s"
+msgstr ""
+
+#: dhcp.c:622
+#, c-format
+msgid "failed to read %s:%m"
+msgstr ""
+
+#: dhcp.c:641
+#, c-format
+msgid "bad line at %s line %d"
+msgstr ""
+
+#: dhcp.c:745
+#, c-format
+msgid "duplicate IP address %s (%s) in dhcp-config directive"
+msgstr ""
+
+#: dhcp.c:781
+#, c-format
+msgid "Ignoring DHCP host name %s because it has an illegal domain part"
+msgstr ""
+
+#: lease.c:34
+#, c-format
+msgid "cannot open or create leases file: %s"
+msgstr ""
+
+#: lease.c:71
+msgid "too many stored leases"
+msgstr ""
+
+#: lease.c:118
+#, c-format
+msgid "failed to write %s: %m (retry in %ds)"
+msgstr ""
+
+#: rfc2131.c:247
+#, c-format
+msgid "no address range available for DHCP request %s %s"
+msgstr ""
+
+#: rfc2131.c:248
+msgid "with subnet selector"
+msgstr ""
+
+#: rfc2131.c:248
+msgid "via"
+msgstr ""
+
+#: rfc2131.c:274 rfc2131.c:298
+msgid "disabled"
+msgstr ""
+
+#: rfc2131.c:310 rfc2131.c:731
+msgid "address in use"
+msgstr ""
+
+#: rfc2131.c:313
+msgid "no address configured"
+msgstr ""
+
+#: rfc2131.c:326 rfc2131.c:605
+msgid "no address available"
+msgstr ""
+
+#: rfc2131.c:333 rfc2131.c:734
+msgid "no leases left"
+msgstr ""
+
+#: rfc2131.c:336 rfc2131.c:707
+msgid "wrong network"
+msgstr ""
+
+#: rfc2131.c:540
+#, c-format
+msgid "disabling DHCP static address %s"
+msgstr ""
+
+#: rfc2131.c:558
+msgid "unknown lease"
+msgstr ""
+
+#: rfc2131.c:567 rfc2131.c:799
+msgid "ignored"
+msgstr ""
+
+#: rfc2131.c:581
+#, c-format
+msgid "not using configured address %s because it is leased to %s"
+msgstr ""
+
+#: rfc2131.c:590
+#, c-format
+msgid "not using configured address %s because it is in use by the server"
+msgstr ""
+
+#: rfc2131.c:670
+msgid "wrong address"
+msgstr ""
+
+#: rfc2131.c:683
+msgid "lease not found"
+msgstr ""
+
+#: rfc2131.c:715
+msgid "address not available"
+msgstr ""
+
+#: rfc2131.c:724
+msgid "static lease available"
+msgstr ""
+
+#: rfc2131.c:728
+msgid "address reserved"
+msgstr ""
+
+#: rfc2131.c:946
+#, c-format
+msgid "cannot send DHCP option %d: no space left in packet"
+msgstr ""
+
+#: rfc2131.c:1247
+#, c-format
+msgid "More than one vendor class matches, using %s"
+msgstr ""
+
+#: netlink.c:51
+#, c-format
+msgid "cannot create RTnetlink socket: %s"
+msgstr ""
+
+#: netlink.c:218
+#, c-format
+msgid "RTnetlink returns error: %s"
+msgstr ""
+
+#: dbus.c:112
+msgid "attempt to set an IPv6 server address via DBus - no IPv6 support"
+msgstr ""
+
+#: dbus.c:238
+msgid "setting upstream servers from DBus"
+msgstr ""
+
+#: dbus.c:274
+msgid "could not register a DBus message handler"
+msgstr ""
+
+#: bpf.c:54
+#, c-format
+msgid "cannot create DHCP BPF socket: %s"
+msgstr ""
+
+#: bpf.c:74
+#, c-format
+msgid "DHCP request for unsupported hardware type (%d) received on %s"
+msgstr ""

rpm/dnsmasq-SuSE.patch

@@ -1,5 +1,5 @@
---- dnsmasq.8	2004-08-08 20:57:56.000000000 +0200
-+++ dnsmasq.8	2004-08-12 00:40:01.000000000 +0200
+--- man/dnsmasq.8	2004-08-08 20:57:56.000000000 +0200
++++ man/dnsmasq.8	2004-08-12 00:40:01.000000000 +0200
 @@ -69,7 +69,7 @@
  .TP
  .B \-g, --group=<groupname> 
@@ -17,15 +17,7 @@
  #define CHUSER "nobody"
 -#define CHGRP "dip"
 +#define CHGRP "dialout"
- #define IP6INTERFACES "/proc/net/if_inet6"
- #define UPTIME "/proc/uptime"
  #define DHCP_SERVER_PORT 67
-@@ -195,7 +195,7 @@
+ #define DHCP_CLIENT_PORT 68
  
- /* platform independent options. */
- #undef HAVE_BROKEN_RTC
--#define HAVE_ISC_READER
-+#undef HAVE_ISC_READER
- 
- #if defined(HAVE_BROKEN_RTC) && defined(HAVE_ISC_READER)
- #  error HAVE_ISC_READER is not compatible with HAVE_BROKEN_RTC
+

src/bpf.c

@@ -0,0 +1,235 @@
+/* dnsmasq is Copyright (c) 2000-2006 Simon Kelley
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 dated June, 1991.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+*/
+
+#include "dnsmasq.h"
+
+#ifndef HAVE_LINUX_NETWORK
+
+#include <net/bpf.h>
+
+static struct iovec ifconf = {
+  .iov_base = NULL,
+  .iov_len = 0
+};
+
+static struct iovec ifreq = {
+  .iov_base = NULL,
+  .iov_len = 0
+};
+
+struct header {
+  struct ether_header ether; 
+  struct ip ip;
+  struct udphdr {
+    u16 uh_sport;               /* source port */
+    u16 uh_dport;               /* destination port */
+    u16 uh_ulen;                /* udp length */
+    u16 uh_sum;                 /* udp checksum */
+  } udp;
+};
+
+void init_bpf(struct daemon *daemon)
+{
+  int i = 0;
+
+  while (1) 
+    {
+      /* useful size which happens to be sufficient */
+      if (expand_buf(&ifreq, sizeof(struct ifreq)))
+	{
+	  sprintf(ifreq.iov_base, "/dev/bpf%d", i++);
+	  if ((daemon->dhcp_raw_fd = open(ifreq.iov_base, O_RDWR, 0)) != -1)
+	    return;
+	}
+      if (errno != EBUSY)
+	die(_("cannot create DHCP BPF socket: %s"), NULL);
+    }	     
+}
+
+void send_via_bpf(struct daemon *daemon, struct dhcp_packet *mess, size_t len,
+		  struct in_addr iface_addr, struct ifreq *ifr)
+{
+   /* Hairy stuff, packet either has to go to the
+      net broadcast or the destination can't reply to ARP yet,
+      but we do know the physical address. 
+      Build the packet by steam, and send directly, bypassing
+      the kernel IP stack */
+  
+  struct header header;
+  u32 i, sum;
+  struct iovec iov[2];
+
+  /* Only know how to do ethernet on *BSD */
+  if (mess->htype != ARPHRD_ETHER || mess->hlen != ETHER_ADDR_LEN)
+    {
+      syslog(LOG_WARNING, _("DHCP request for unsupported hardware type (%d) received on %s"), 
+	     mess->htype, ifr->ifr_name);
+      return;
+    }
+   
+  ifr->ifr_addr.sa_family = AF_LINK;
+  if (ioctl(daemon->dhcpfd, SIOCGIFADDR, ifr) < 0)
+    return;
+  
+  memcpy(header.ether.ether_shost, LLADDR((struct sockaddr_dl *)&ifr->ifr_addr), ETHER_ADDR_LEN);
+  header.ether.ether_type = htons(ETHERTYPE_IP);
+  
+  if (ntohs(mess->flags) & 0x8000)
+    {
+      memset(header.ether.ether_dhost, 255,  ETHER_ADDR_LEN);
+      header.ip.ip_dst.s_addr = INADDR_BROADCAST;
+    }
+  else
+    {
+      memcpy(header.ether.ether_dhost, mess->chaddr, ETHER_ADDR_LEN); 
+      header.ip.ip_dst.s_addr = mess->yiaddr.s_addr;
+    }
+  
+  header.ip.ip_p = IPPROTO_UDP;
+  header.ip.ip_src.s_addr = iface_addr.s_addr;
+  header.ip.ip_len = htons(sizeof(struct ip) + 
+			   sizeof(struct udphdr) +
+			   len) ;
+  header.ip.ip_hl = sizeof(struct ip) / 4;
+  header.ip.ip_v = IPVERSION;
+  header.ip.ip_tos = 0;
+  header.ip.ip_id = htons(0);
+  header.ip.ip_off = htons(0x4000); /* don't fragment */
+  header.ip.ip_ttl = IPDEFTTL;
+  header.ip.ip_sum = 0;
+  for (sum = 0, i = 0; i < sizeof(struct ip) / 2; i++)
+    sum += ((u16 *)&header.ip)[i];
+  while (sum>>16)
+    sum = (sum & 0xffff) + (sum >> 16);  
+  header.ip.ip_sum = (sum == 0xffff) ? sum : ~sum;
+  
+  header.udp.uh_sport = htons(DHCP_SERVER_PORT);
+  header.udp.uh_dport = htons(DHCP_CLIENT_PORT);
+  if (len & 1)
+    ((char *)mess)[len] = 0; /* for checksum, in case length is odd. */
+  header.udp.uh_sum = 0;
+  header.udp.uh_ulen = sum = htons(sizeof(struct udphdr) + len);
+  sum += htons(IPPROTO_UDP);
+  for (i = 0; i < 4; i++)
+    sum += ((u16 *)&header.ip.ip_src)[i];
+  for (i = 0; i < sizeof(struct udphdr)/2; i++)
+    sum += ((u16 *)&header.udp)[i];
+  for (i = 0; i < (len + 1) / 2; i++)
+    sum += ((u16 *)mess)[i];
+  while (sum>>16)
+    sum = (sum & 0xffff) + (sum >> 16);
+  header.udp.uh_sum = (sum == 0xffff) ? sum : ~sum;
+  
+  ioctl(daemon->dhcp_raw_fd, BIOCSETIF, ifr);
+  
+  iov[0].iov_base = &header;
+  iov[0].iov_len = sizeof(struct header);
+  iov[1].iov_base = mess;
+  iov[1].iov_len = len;
+  while (writev(daemon->dhcp_raw_fd, iov, 2) == -1 && retry_send());
+}
+
+int iface_enumerate(struct daemon *daemon, void *parm, int (*ipv4_callback)(), int (*ipv6_callback)())
+{
+  char *ptr;
+  struct ifreq *ifr;
+  struct ifconf ifc;
+  int fd, errsav, ret = 0;
+  int lastlen = 0;
+  size_t len;
+  
+  if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1)
+    return 0;
+        
+  for (len = 0; ; len += 10*sizeof(struct ifreq))
+    {
+       if (!expand_buf(&ifconf, len))
+	 goto err;
+
+       ifc.ifc_len = len;
+       ifc.ifc_buf = ifconf.iov_base;
+
+       if (ioctl(fd, SIOCGIFCONF, &ifc) == -1)
+	 {
+	   if (errno != EINVAL || lastlen != 0)
+	     goto err;
+	 }
+       else
+	 {
+	   if (ifc.ifc_len == lastlen)
+	     break; /* got a big enough buffer now */
+	   lastlen = ifc.ifc_len;
+	 }
+     }
+  
+  for (ptr = ifc.ifc_buf; ptr < ifc.ifc_buf + ifc.ifc_len; ptr += len )
+    {
+      /* subsequent entries may not be aligned, so copy into
+	 an aligned buffer to avoid nasty complaints about 
+	 unaligned accesses. */
+#ifdef HAVE_SOCKADDR_SA_LEN
+      len = ((struct ifreq *)ptr)->ifr_addr.sa_len + IF_NAMESIZE;
+#else
+      len = sizeof(struct ifreq);
+#endif
+      if (!expand_buf(&ifreq, len))
+	goto err;
+
+      ifr = ifreq.iov_base;
+      memcpy(ifr, ptr, len);
+           
+      if (ifr->ifr_addr.sa_family == AF_INET && ipv4_callback)
+	{
+	  struct in_addr addr, netmask, broadcast;
+	  broadcast.s_addr = 0;
+	  addr = ((struct sockaddr_in *) &ifr->ifr_addr)->sin_addr;
+	  if (ioctl(fd, SIOCGIFNETMASK, ifr) == -1)
+	    continue;
+	  netmask = ((struct sockaddr_in *) &ifr->ifr_addr)->sin_addr;
+	  if (ioctl(fd, SIOCGIFBRDADDR, ifr) != -1)
+	    broadcast = ((struct sockaddr_in *) &ifr->ifr_addr)->sin_addr; 
+	  if (!((*ipv4_callback)(daemon, addr, 
+				 (int)if_nametoindex(ifr->ifr_name),
+				 netmask, broadcast, 
+				 parm)))
+	    goto err;
+	}
+#ifdef HAVE_IPV6
+      else if (ifr->ifr_addr.sa_family == AF_INET6 && ipv6_callback)
+	{
+	  struct in6_addr *addr = &((struct sockaddr_in6 *)&ifr->ifr_addr)->sin6_addr;
+	  /* voodoo to clear interface field in address */
+	  if (!(daemon->options & OPT_NOWILD) && IN6_IS_ADDR_LINKLOCAL(addr))
+	    {
+	      addr->s6_addr[2] = 0;
+	      addr->s6_addr[3] = 0;
+	    }
+	  if (!((*ipv6_callback)(daemon, addr,
+				 (int)((struct sockaddr_in6 *)&ifr->ifr_addr)->sin6_scope_id,
+				 (int)if_nametoindex(ifr->ifr_name),
+				 parm)))
+	    goto err;
+	}
+#endif
+    }
+  
+  ret = 1;
+
+ err:
+  errsav = errno;
+  close(fd);  
+  errno = errsav;
+
+  return ret;
+}
+
+#endif

src/cache.c

@@ -18,6 +18,7 @@ static int cache_inserted, cache_live_freed, insert_error;
 static union bigname *big_free;
 static int bignames_left, log_queries, cache_size, hash_size;
 static int uid;
+static char *addrbuff;
 
 static void cache_free(struct crec *crecp);
 static void cache_unlink(struct crec *crecp);
@@ -29,7 +30,11 @@ void cache_init(int size, int logq)
   struct crec *crecp;
   int i;
 
-  log_queries = logq;
+  if ((log_queries = logq))
+    addrbuff = safe_malloc(ADDRSTRLEN);
+  else
+    addrbuff = NULL;
+      
   cache_head = cache_tail = NULL;
   dhcp_inuse = dhcp_spare = NULL;
   new_chain = NULL;
@@ -194,7 +199,7 @@ static int cache_scan_free(char *name, struct all_addr *addr, time_t now, unsign
 	      }
 	  } 
 	else if ((crecp->flags & F_FORWARD) && 
-		 ((flags & crecp->flags & (F_IPV4 | F_IPV6)) || (crecp->flags & F_CNAME)) &&
+		 ((flags & crecp->flags & (F_IPV4 | F_IPV6)) || ((crecp->flags | flags) & F_CNAME)) &&
 		 hostname_isequal(cache_get_name(crecp), name))
 	  {
 	    if (crecp->flags & (F_HOSTS | F_DHCP))
@@ -762,17 +767,17 @@ void cache_add_dhcp_entry(struct daemon *daemon, char *host_name,
 
 
 
-void dump_cache(struct daemon *daemon)
+void dump_cache(struct daemon *daemon, time_t now)
 {
-  syslog(LOG_INFO, _("cache size %d, %d/%d cache insertions re-used unexpired cache entries."), 
-	 daemon->cachesize, cache_live_freed, cache_inserted); 
+  syslog(LOG_INFO, _("time %lu, cache size %d, %d/%d cache insertions re-used unexpired cache entries."), 
+	 (unsigned long)now, daemon->cachesize, cache_live_freed, cache_inserted); 
   
-  if (daemon->options & (OPT_DEBUG | OPT_LOG))
+  if ((daemon->options & (OPT_DEBUG | OPT_LOG)) &&
+      (addrbuff || (addrbuff = malloc(ADDRSTRLEN))))
     {
       struct crec *cache ;
-      char addrbuff[ADDRSTRLEN];
       int i;
-      syslog(LOG_DEBUG, "Host                                     Address                        Flags     Expires\n");
+      syslog(LOG_DEBUG, "Host                                     Address                        Flags     Expires");
     
       for (i=0; i<hash_size; i++)
 	for (cache = hash_table[i]; cache; cache = cache->hash_next)
@@ -797,7 +802,7 @@ void dump_cache(struct daemon *daemon)
 #endif
 	    syslog(LOG_DEBUG, 
 #ifdef HAVE_BROKEN_RTC
-		   "%-40.40s %-30.30s %s%s%s%s%s%s%s%s%s%s  %ld\n",
+		   "%-40.40s %-30.30s %s%s%s%s%s%s%s%s%s%s  %lu",
 #else
 		   "%-40.40s %-30.30s %s%s%s%s%s%s%s%s%s%s  %s",
 #endif
@@ -813,7 +818,7 @@ void dump_cache(struct daemon *daemon)
 		   cache->flags & F_NXDOMAIN ? "X" : " ",
 		   cache->flags & F_HOSTS ? "H" : " ",
 #ifdef HAVE_BROKEN_RTC
-		   cache->flags & F_IMMORTAL ? 0: (unsigned long)cache->ttd
+		   cache->flags & F_IMMORTAL ? 0: (unsigned long)(cache->ttd - now)
 #else
 	           cache->flags & F_IMMORTAL ? "\n" : ctime(&(cache->ttd)) 
 #endif
@@ -844,8 +849,7 @@ void log_query(unsigned short flags, char *name, struct all_addr *addr,
   char *source;
   char *verb = "is";
   char types[20];
-  char addrbuff[ADDRSTRLEN];
-
+  
   if (!log_queries)
     return;
   

src/config.h

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2005 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2006 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -10,19 +10,20 @@
    GNU General Public License for more details.
 */
 
-/* Author's email: simon@thekelleys.org.uk */
-
-#define VERSION "2.24"
+#define VERSION "2.29"
 
 #define FTABSIZ 150 /* max number of outstanding requests */
 #define MAX_PROCS 20 /* max no children for TCP requests */
 #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */
 #define EDNS_PKTSZ 1280 /* default max EDNS.0 UDP packet from RFC2671 */
 #define TIMEOUT 20 /* drop UDP queries after TIMEOUT seconds */
+#define LEASE_RETRY 60 /* on error, retry writing leasefile after LEASE_RETRY seconds */
 #define LOGRATE 120 /* log table overflows every LOGRATE seconds */
 #define CACHESIZ 150 /* default cache size */
-#define MAXTOK 50 /* token in DHCP leases */
 #define MAXLEASES 150 /* maximum number of DHCP leases */
+#define PING_WAIT 3 /* wait for ping address-in-use test */
+#define PING_CACHE_TIME 30 /* Ping test assumed to be valid this long. */
+#define DHCP_PACKET_MAX 16384 /* hard limit on DHCP packet size */
 #define SMALLDNAME 40 /* most domain names are smaller than this */
 #define HOSTSFILE "/etc/hosts"
 #define ETHERSFILE "/etc/ethers"
@@ -45,8 +46,6 @@
 #define DEFLEASE 3600 /* default lease time, 1 hour */
 #define CHUSER "nobody"
 #define CHGRP "dip"
-#define IP6INTERFACES "/proc/net/if_inet6"
-#define UPTIME "/proc/uptime"
 #define DHCP_SERVER_PORT 67
 #define DHCP_CLIENT_PORT 68
 
@@ -78,26 +77,6 @@
 #  define T_OPT 41
 #endif
 
-/* Decide if we're going to support IPv6 */
-/* We assume that systems which don't have IPv6
-   headers don't have ntop and pton either */
-
-#if defined(INET6_ADDRSTRLEN) && defined(IPV6_V6ONLY) && !defined(NO_IPV6)
-#  define HAVE_IPV6
-#  define ADDRSTRLEN INET6_ADDRSTRLEN
-#  if defined(SOL_IPV6)
-#    define IPV6_LEVEL SOL_IPV6
-#  else
-#    define IPV6_LEVEL IPPROTO_IPV6
-#  endif
-#elif defined(INET_ADDRSTRLEN)
-#  undef HAVE_IPV6
-#  define ADDRSTRLEN INET_ADDRSTRLEN
-#else
-#  undef HAVE_IPV6
-#  define ADDRSTRLEN 16 /* 4*3 + 3 dots + NULL */
-#endif
-
 /* Get linux C library versions. */
 #if defined(__linux__) && !defined(__UCLIBC__) && !defined(__uClinux__)
 #  include <libio.h> 
@@ -108,26 +87,25 @@
    new system, you may want to edit these. 
    May replace this with Autoconf one day. 
 
-HAVE_LINUX_IPV6_PROC
-   define this to do IPv6 interface discovery using
-   proc/net/if_inet6 ala LINUX. 
+HAVE_LINUX_NETWORK
+   define this to do networking the Linux way. When it's defined, the code will
+   use IP_PKTINFO, Linux capabilities and the RTnetlink system. If it's not defined,
+   a few facilities will be lost, namely support for multiple addresses on an interface,
+   DNS query retransmission, and (on some systems) wildcard interface binding.
 
 HAVE_BROKEN_RTC
-   define this on embeded systems which don't have an RTC
-   which keeps time over reboots. Causes dnsmasq to use uptime()
-   for timing, and keep relative time values in its leases file.
-   Also enables "Flash disk mode". Normally, dnsmasq tries very hard to 
-   keep the on-disk leases file up-to-date: rewriting it after every change.
-   When HAVE_BROKEN_RTC is in effect, a different regime is used:
-   The leases file is written when dnsmasq terminates, when it receives
-   SIGALRM, when a brand new lease is allocated, or every n seconds, 
-   where n is one third  of the smallest time configured for leases 
-   in a --dhcp-range or --dhcp-host option.
+   define this on embedded systems which don't have an RTC
+   which keeps time over reboots. Causes dnsmasq to use uptime
+   for timing, and keep lease lengths rather than expiry times
+   in its leases file. This also make dnsmasq "flash disk friendly".
+   Normally, dnsmasq tries very hard to keep the on-disk leases file
+   up-to-date: rewriting it after every renewal.  When HAVE_BROKEN_RTC 
+   is in effect, the lease file is only written when a new lease is 
+   created, or an old one destroyed. (Because those are the only times 
+   it changes.) This vastly reduces the number of file writes, and makes
+   it viable to keep the lease file on a flash filesystem.
    NOTE: when enabling or disabling this, be sure to delete any old
    leases file, otherwise dnsmasq may get very confused.
-   This configuration currently only works on Linux, but could be made to
-   work on other systems by teaching dnsmasq_time() in utils.c how to
-   read the system uptime.
 
 HAVE_ISC_READER 
    define this to include the old ISC dhcpcd integration. Note that you cannot
@@ -156,18 +134,6 @@ HAVE_DEV_URANDOM
 HAVE_SOCKADDR_SA_LEN
    define this if struct sockaddr has sa_len field (*BSD) 
 
-HAVE_PSELECT
-   If your C library implements pselect, define this.
-
-HAVE_BPF
-   If your OS implements Berkeley Packet filter, define this.
-
-HAVE_RTNETLINK
-   If your OS has the Linux Routing netlink socket API and suitable
-   C library headers, define this. Note that the code will fall
-   back to the Berkley API at runtime if netlink support is not
-   configured into the kernel.
-
 HAVE_DBUS
    Define this if you want to link against libdbus, and have dnsmasq
    define some methods to allow (re)configuration of the upstream DNS 
@@ -175,12 +141,11 @@ HAVE_DBUS
 
 NOTES:
    For Linux you should define 
-      HAVE_LINUX_IPV6_PROC 
+      HAVE_LINUX_NETWORK
       HAVE_GETOPT_LONG
       HAVE_RANDOM
       HAVE_DEV_RANDOM
       HAVE_DEV_URANDOM
-      HAVE_RTNETLINK
   you should NOT define 
       HAVE_ARC4RANDOM
       HAVE_SOCKADDR_SA_LEN
@@ -188,10 +153,8 @@ NOTES:
    For *BSD systems you should define 
      HAVE_SOCKADDR_SA_LEN
      HAVE_RANDOM
-     HAVE_BPF
    you should NOT define  
-     HAVE_LINUX_IPV6_PROC 
-     HAVE_RTNETLINK
+     HAVE_LINUX_NETWORK 
    and you MAY define  
      HAVE_ARC4RANDOM - OpenBSD and FreeBSD and NetBSD version 2.0 or later
      HAVE_DEV_URANDOM - OpenBSD and FreeBSD and NetBSD
@@ -202,83 +165,70 @@ NOTES:
 
 */
 
-/* platform independent options. */
-#undef HAVE_BROKEN_RTC
-#define HAVE_ISC_READER
+/* platform independent options- uncomment to enable */
+/* #define HAVE_BROKEN_RTC */
+/* #define HAVE_ISC_READER */
+/* #define HAVE_DBUS */
 
 #if defined(HAVE_BROKEN_RTC) && defined(HAVE_ISC_READER)
 #  error HAVE_ISC_READER is not compatible with HAVE_BROKEN_RTC
 #endif
 
-#undef HAVE_DBUS
-
 /* platform dependent options. */
 
 /* Must preceed __linux__ since uClinux defines __linux__ too. */
-#if defined(__uClinux__) || defined(__UCLIBC__)
-#undef HAVE_LINUX_IPV6_PROC
+#if defined(__uClinux__)
+#define HAVE_LINUX_NETWORK
 #define HAVE_GETOPT_LONG
-#define HAVE_RTNETLINK
 #undef HAVE_ARC4RANDOM
 #define HAVE_RANDOM
 #define HAVE_DEV_URANDOM
 #define HAVE_DEV_RANDOM
 #undef HAVE_SOCKADDR_SA_LEN
-#undef HAVE_PSELECT
-#if defined(__uClinux__)
 /* Never use fork() on uClinux. Note that this is subtly different from the
    --keep-in-foreground option, since it also  suppresses forking new 
    processes for TCP connections. It's intended for use on MMU-less kernels. */
-#  define NO_FORK
-#endif
+#define NO_FORK
 
-/* libc5 - must precede __linux__ too */
-/* Note to build a libc5 binary on a modern Debian system:
-   install the packages altgcc libc5 and libc5-altdev 
-   then run "make CC=i486-linuxlibc1-gcc" */
-/* Note that compling dnsmasq 2.x under libc5 and kernel 2.0.x
-   is probably doomed - no packet socket for starters. */
-#elif defined(__linux__) && \
-      defined(_LINUX_C_LIB_VERSION_MAJOR) && \
-      (_LINUX_C_LIB_VERSION_MAJOR == 5 )
-#undef HAVE_IPV6
-#undef HAVE_LINUX_IPV6_PROC
-#undef HAVE_RTNETLINK
-#define HAVE_GETOPT_LONG
+#elif defined(__UCLIBC__)
+#define HAVE_LINUX_NETWORK
+#if defined(__UCLIBC_HAS_GNU_GETOPT__) || \
+   ((__UCLIBC_MAJOR__==0) && (__UCLIBC_MINOR__==9) && (__UCLIBC_SUBLEVEL__<21))
+#    define HAVE_GETOPT_LONG
+#else
+#    undef HAVE_GETOPT_LONG
+#endif
 #undef HAVE_ARC4RANDOM
 #define HAVE_RANDOM
 #define HAVE_DEV_URANDOM
 #define HAVE_DEV_RANDOM
 #undef HAVE_SOCKADDR_SA_LEN
-#undef HAVE_PSELECT
-/* Fix various misfeatures of libc5 headers */
-typedef unsigned long in_addr_t; 
-typedef size_t socklen_t;
+#if !defined(__UCLIBC_HAS_MMU__)
+#  define NO_FORK
+#endif
+#if !defined(__UCLIBC_HAS_IPV6__)
+#  define NO_IPV6
+#endif
 
 /* This is for glibc 2.x */
 #elif defined(__linux__)
-#define HAVE_LINUX_IPV6_PROC
-#define HAVE_RTNETLINK
+#define HAVE_LINUX_NETWORK
 #define HAVE_GETOPT_LONG
 #undef HAVE_ARC4RANDOM
 #define HAVE_RANDOM
 #define HAVE_DEV_URANDOM
 #define HAVE_DEV_RANDOM
 #undef HAVE_SOCKADDR_SA_LEN
-#define HAVE_PSELECT
 /* glibc < 2.2  has broken Sockaddr_in6 so we have to use our own. */
 /* glibc < 2.2 doesn't define in_addr_t */
 #if defined(__GLIBC__) && (__GLIBC__ == 2) && \
     defined(__GLIBC_MINOR__) && (__GLIBC_MINOR__ < 2)
 typedef unsigned long in_addr_t; 
-#if defined(HAVE_IPV6)
 #   define HAVE_BROKEN_SOCKADDR_IN6
 #endif
-#endif
 
 #elif defined(__FreeBSD__) || defined(__OpenBSD__)
-#undef HAVE_LINUX_IPV6_PROC
-#undef HAVE_RTNETLINK
+#undef HAVE_LINUX_NETWORK
 /* Later verions of FreeBSD have getopt_long() */
 #if defined(optional_argument) && defined(required_argument)
 #   define HAVE_GETOPT_LONG
@@ -289,50 +239,47 @@ typedef unsigned long in_addr_t;
 #define HAVE_RANDOM
 #define HAVE_DEV_URANDOM
 #define HAVE_SOCKADDR_SA_LEN
-#undef HAVE_PSELECT
-#define HAVE_BPF
 
 #elif defined(__APPLE__)
-#undef HAVE_LINUX_IPV6_PROC
-#undef HAVE_RTNETLINK
+#undef HAVE_LINUX_NETWORK
 #undef HAVE_GETOPT_LONG
 #define HAVE_ARC4RANDOM
 #define HAVE_RANDOM
 #define HAVE_DEV_URANDOM
 #define HAVE_SOCKADDR_SA_LEN
-#undef HAVE_PSELECT
-#define HAVE_BPF
 /* Define before sys/socket.h is included so we get socklen_t */
 #define _BSD_SOCKLEN_T_
 /* This is not defined in Mac OS X arpa/nameserv.h */
 #define IN6ADDRSZ 16
  
 #elif defined(__NetBSD__)
-#undef HAVE_LINUX_IPV6_PROC
-#undef HAVE_RTNETLINK
+#undef HAVE_LINUX_NETWORK
 #define HAVE_GETOPT_LONG
 #undef HAVE_ARC4RANDOM
 #define HAVE_RANDOM
 #define HAVE_DEV_URANDOM
 #define HAVE_DEV_RANDOM
 #define HAVE_SOCKADDR_SA_LEN
-#undef HAVE_PSELECT
-#define HAVE_BPF
  
-/* env "LIBS=-lsocket -lnsl" make */
-#elif defined(__sun) || defined(__sun__)
-#undef HAVE_LINUX_IPV6_PROC
-#undef HAVE_RTNETLINK
-#undef HAVE_GETOPT_LONG
-#undef HAVE_ARC4RANDOM
-#define HAVE_RANDOM
-#undef HAVE_DEV_URANDOM
-#undef HAVE_DEV_RANDOM
-#undef HAVE_SOCKADDR_SA_LEN
-#undef HAVE_PSELECT
-#define HAVE_BPF
+#endif
+/* Decide if we're going to support IPv6 */
+/* We assume that systems which don't have IPv6
+   headers don't have ntop and pton either */
+
+#if defined(INET6_ADDRSTRLEN) && defined(IPV6_V6ONLY) && !defined(NO_IPV6)
+#  define HAVE_IPV6
+#  define ADDRSTRLEN INET6_ADDRSTRLEN
+#  if defined(SOL_IPV6)
+#    define IPV6_LEVEL SOL_IPV6
+#  else
+#    define IPV6_LEVEL IPPROTO_IPV6
+#  endif
+#elif defined(INET_ADDRSTRLEN)
+#  undef HAVE_IPV6
+#  define ADDRSTRLEN INET_ADDRSTRLEN
+#else
+#  undef HAVE_IPV6
+#  define ADDRSTRLEN 16 /* 4*3 + 3 dots + NULL */
 #endif
 
 
-
-

src/dbus.c

@@ -113,13 +113,14 @@ static void dbus_read_servers(struct daemon *daemon, DBusMessage *message)
 #else
 	  if (i == sizeof(struct in6_addr)-1)
 	    {
-	      memcpy(&addr.in6.sin6_addr, p, sizeof(struct in6_addr));
+	      memcpy(&addr.in6.sin6_addr, p, sizeof(addr.in6));
 #ifdef HAVE_SOCKADDR_SA_LEN
-              source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(struct sockaddr_in6);
+              source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(addr.in6);
 #endif
               source_addr.in6.sin6_family = addr.in6.sin6_family = AF_INET6;
               addr.in6.sin6_port = htons(NAMESERVER_PORT);
-              source_addr.in6.sin6_flowinfo = addr.in6.sin6_flowinfo = htonl(0);
+              source_addr.in6.sin6_flowinfo = addr.in6.sin6_flowinfo = 0;
+	      source_addr.in6.sin6_scope_id = addr.in6.sin6_scope_id = 0;
               source_addr.in6.sin6_addr = in6addr_any;
               source_addr.in6.sin6_port = htons(daemon->query_port);
 	      skip = 0;
@@ -211,14 +212,14 @@ static void dbus_read_servers(struct daemon *daemon, DBusMessage *message)
 	  free(serv);
 	}
       else 
-	    up = &serv->next;
+	up = &serv->next;
     }
 
 }
 
-DBusHandlerResult message_handler (DBusConnection *connection, 
-				   DBusMessage *message, 
-				   void *user_data)
+DBusHandlerResult message_handler(DBusConnection *connection, 
+				  DBusMessage *message, 
+				  void *user_data)
 {
   char *method = (char *)dbus_message_get_member(message);
   struct daemon *daemon = (struct daemon *)user_data;
@@ -239,7 +240,7 @@ DBusHandlerResult message_handler (DBusConnection *connection,
       check_servers(daemon);
     }
   else if (strcmp(method, "ClearCache") == 0)
-    clear_cache_and_reload(daemon, dnsmasq_time(daemon->uptime_fd));
+    clear_cache_and_reload(daemon);
   else
     return (DBUS_HANDLER_RESULT_NOT_YET_HANDLED);
   

src/dhcp.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2005 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2006 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -10,15 +10,22 @@
    GNU General Public License for more details.
 */
 
-/* Author's email: simon@thekelleys.org.uk */
-
 #include "dnsmasq.h"
 
+struct iface_param {
+  struct in_addr relay, primary;
+  struct dhcp_context *current;
+  int ind;
+};
+
+static int complete_context(struct daemon *daemon, struct in_addr local, int if_index, 
+			    struct in_addr netmask, struct in_addr broadcast, void *vparam);
+
 void dhcp_init(struct daemon *daemon)
 {
   int fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
   struct sockaddr_in saddr;
-  int flags, oneopt = 1, zeroopt = 0;
+  int flags, oneopt = 1;
   struct dhcp_config *configs, *cp;
 
   if (fd == -1)
@@ -26,7 +33,7 @@ void dhcp_init(struct daemon *daemon)
   
   if ((flags = fcntl(fd, F_GETFL, 0)) == -1 ||
       fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1 ||
-#if defined(IP_PKTINFO)
+#if defined(HAVE_LINUX_NETWORK)
       setsockopt(fd, SOL_IP, IP_PKTINFO, &oneopt, sizeof(oneopt)) == -1 ||
 #elif defined(IP_RECVIF)
       setsockopt(fd, IPPROTO_IP, IP_RECVIF, &oneopt, sizeof(oneopt)) == -1 ||
@@ -53,41 +60,20 @@ void dhcp_init(struct daemon *daemon)
 
   daemon->dhcpfd = fd;
 
-  if ((fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) == -1 ||
-      (flags = fcntl(fd, F_GETFL, 0)) == -1 ||
-      fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1 ||
-      setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &oneopt, sizeof(oneopt)) == -1 ||
-      setsockopt(fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1)
-    die(_("cannot create ICMP raw socket: %s."), NULL);
-
-  daemon->dhcp_icmp_fd = fd;
-
-#ifdef HAVE_BPF
-  { 
-    int i = 0;
-    while (1) 
-      {
-	char filename[50];
-	sprintf(filename, "/dev/bpf%d", i++);
-	if ((fd = open(filename, O_RDWR, 0)) != -1)
-	  break;
-	if (errno != EBUSY)
-	  die(_("cannot create DHCP BPF socket: %s"), NULL);
-      }	    
-  }
-#else
-  /* since we don't ever use the packet socket for reception,
-     and it receives copies of _all_ IP packets, then that data
-     will build up in kernel buffers, wasting memory. Set the
-     socket receive buffer size to one to avoid that. (zero is
-     rejected as non-sensical by some BSD kernels) */
-  if ((fd = socket(PF_PACKET, SOCK_DGRAM, htons(ETHERTYPE_IP))) == -1 ||
-      setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &oneopt, sizeof(oneopt)) == -1)
-    die(_("cannot create DHCP packet socket: %s. "
-	  "Is CONFIG_PACKET enabled in your kernel?"), NULL);
-#endif
+#ifndef HAVE_LINUX_NETWORK
+  /* When we're not using capabilities, we need to do this here before
+     we drop root. Also, set buffer size small, to avoid wasting
+     kernel buffers */
   
-  daemon->dhcp_raw_fd = fd;
+  if (daemon->options & OPT_NO_PING)
+    daemon->dhcp_icmp_fd = -1;
+  else if ((daemon->dhcp_icmp_fd = make_icmp_sock()) == -1 ||
+	   setsockopt(daemon->dhcp_icmp_fd, SOL_SOCKET, SO_RCVBUF, &oneopt, sizeof(oneopt)) == -1 )
+    die(_("cannot create ICMP raw socket: %s."), NULL);
+  
+  /* Make BPF raw send socket */
+  init_bpf(daemon);
+#endif
   
   /* If the same IP appears in more than one host config, then DISCOVER
      for one of the hosts will get the address, but REQUEST will be NAKed,
@@ -97,57 +83,68 @@ void dhcp_init(struct daemon *daemon)
       if ((configs->flags & cp->flags & CONFIG_ADDR) &&	configs->addr.s_addr == cp->addr.s_addr)
 	die(_("duplicate IP address %s in dhcp-config directive."), inet_ntoa(cp->addr));
   
-  daemon->dhcp_packet = safe_malloc(sizeof(struct udp_dhcp_packet));
-  /* These two each hold a DHCP option max size 255
+  daemon->dhcp_packet.iov_len = sizeof(struct dhcp_packet); 
+  daemon->dhcp_packet.iov_base = safe_malloc(daemon->dhcp_packet.iov_len);
+    /* These two each hold a DHCP option max size 255
      and get a terminating zero added */
   daemon->dhcp_buff = safe_malloc(256);
   daemon->dhcp_buff2 = safe_malloc(256); 
   daemon->ping_results = NULL;
 }
-
+  
 void dhcp_packet(struct daemon *daemon, time_t now)
 {
-  struct udp_dhcp_packet *rawpacket = daemon->dhcp_packet;
-  struct dhcp_packet *mess = &rawpacket->data;
+  struct dhcp_packet *mess;
   struct dhcp_context *context;
   struct iname *tmp;
   struct ifreq ifr;
   struct msghdr msg;
-  struct iovec iov[2];
+  struct sockaddr_in dest;
   struct cmsghdr *cmptr;
-  int sz, newlen, iface_index = 0;
-  int unicast_dest = 0;
+  struct iovec iov;
+  ssize_t sz; 
+  int iface_index = 0, unicast_dest = 0;
   struct in_addr iface_addr;
-#ifdef HAVE_BPF
-  unsigned char iface_hwaddr[ETHER_ADDR_LEN];
-#endif
+  struct iface_param parm;
 
   union {
     struct cmsghdr align; /* this ensures alignment */
-#ifdef IP_PKTINFO
+#ifdef HAVE_LINUX_NETWORK
     char control[CMSG_SPACE(sizeof(struct in_pktinfo))];
 #else
     char control[CMSG_SPACE(sizeof(struct sockaddr_dl))];
 #endif
   } control_u;
   
-  iov[0].iov_base = (char *)mess;
-  iov[0].iov_len = sizeof(struct dhcp_packet);
-
   msg.msg_control = control_u.control;
   msg.msg_controllen = sizeof(control_u);
-  msg.msg_flags = 0;
   msg.msg_name = NULL;
   msg.msg_namelen = 0;
-  msg.msg_iov = iov;
+  msg.msg_iov = &daemon->dhcp_packet;
   msg.msg_iovlen = 1;
   
-  sz = recvmsg(daemon->dhcpfd, &msg, 0);
+  do
+    {
+      msg.msg_flags = 0;
+      while ((sz = recvmsg(daemon->dhcpfd, &msg, MSG_PEEK)) == -1 && errno == EINTR);
+    }
+  while (sz != -1 && (msg.msg_flags & MSG_TRUNC) &&
+	 expand_buf(&daemon->dhcp_packet, daemon->dhcp_packet.iov_len + 100));
   
-  if (sz < (int)(sizeof(*mess) - sizeof(mess->options)))
+  /* expand_buf may have moved buffer */
+  mess = daemon->dhcp_packet.iov_base;
+  msg.msg_controllen = sizeof(control_u);
+  msg.msg_flags = 0;
+  msg.msg_name = &dest;
+  msg.msg_namelen = sizeof(dest);
+
+  while ((sz = recvmsg(daemon->dhcpfd, &msg, 0)) && errno == EINTR);
+ 
+  if ((msg.msg_flags & MSG_TRUNC) ||
+      sz < (ssize_t)(sizeof(*mess) - sizeof(mess->options)))
     return;
   
-#if defined (IP_PKTINFO)
+#if defined (HAVE_LINUX_NETWORK)
   if (msg.msg_controllen < sizeof(struct cmsghdr))
     return;
   for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
@@ -177,197 +174,122 @@ void dhcp_packet(struct daemon *daemon, time_t now)
     struct iname *name;
     for (name = daemon->if_names; name->isloop; name = name->next);
     strcpy(ifr.ifr_name, name->name);
+    iface_index = if_nametoindex(name->name);
   }
 #endif
 
-#ifdef HAVE_BPF
-  ifr.ifr_addr.sa_family = AF_LINK;
-  if (ioctl(daemon->dhcpfd, SIOCGIFADDR, &ifr) < 0)
-    return;
-  memcpy(iface_hwaddr, LLADDR((struct sockaddr_dl *)&ifr.ifr_addr), ETHER_ADDR_LEN);
-#endif
-  
   ifr.ifr_addr.sa_family = AF_INET;
   if (ioctl(daemon->dhcpfd, SIOCGIFADDR, &ifr) < 0 )
     return;
   iface_addr = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
 
-  /* enforce available interface configuration */
-  for (tmp = daemon->if_except; tmp; tmp = tmp->next)
-    if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
-      return;
- 
   for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
     if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
       return;
   
-  if (daemon->if_names || daemon->if_addrs)
-    {
-      for (tmp = daemon->if_names; tmp; tmp = tmp->next)
-	if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
-	  break;
-      if (!tmp)
-	for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
-	  if (tmp->addr.sa.sa_family == AF_INET && 
-	      tmp->addr.in.sin_addr.s_addr == iface_addr.s_addr)
-	    break;
-      if (!tmp)
-	return; 
-    }
+  if (!iface_check(daemon, AF_INET, (struct all_addr *)&iface_addr, ifr.ifr_name))
+    return;
   
   /* unlinked contexts are marked by context->current == context */
   for (context = daemon->dhcp; context; context = context->next)
     context->current = context;
   
-#ifdef HAVE_RTNETLINK
-  if (!netlink_process(daemon, iface_index, mess->giaddr, iface_addr, &context))
-#endif
-    {
-      struct in_addr iface_netmask, iface_broadcast;
-      
-      if (ioctl(daemon->dhcpfd, SIOCGIFNETMASK, &ifr) < 0)
-	return;
-      iface_netmask = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
-      
-      if (ioctl(daemon->dhcpfd, SIOCGIFBRDADDR, &ifr) < 0)
-	return;
-      iface_broadcast = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
-      
-      context = complete_context(daemon, iface_addr, NULL, iface_netmask, 
-				 iface_broadcast, mess->giaddr, iface_addr);
-    }
+  parm.relay = mess->giaddr;
+  parm.primary = iface_addr;
+  parm.current = NULL;
+  parm.ind = iface_index;
 
+  if (!iface_enumerate(daemon, &parm, complete_context, NULL))
+    return;
   lease_prune(NULL, now); /* lose any expired leases */
-  newlen = dhcp_reply(daemon, context, ifr.ifr_name, sz, now, unicast_dest);
-  lease_update_file(0, now);
+  iov.iov_len = dhcp_reply(daemon, parm.current, ifr.ifr_name, (size_t)sz, now, unicast_dest);
+  lease_update_file(daemon);
   lease_update_dns(daemon);
   
-  if (newlen == 0)
+  if (iov.iov_len == 0)
     return;
   
-  if (mess->giaddr.s_addr || mess->ciaddr.s_addr)
-    {
-      /* To send to BOOTP relay or configured client, use the IP packet */
-      
-      struct sockaddr_in dest;
-      dest.sin_family = AF_INET;
+  msg.msg_name = &dest;
+  msg.msg_namelen = sizeof(dest);
+  msg.msg_control = NULL;
+  msg.msg_controllen = 0;
+  msg.msg_iov = &iov;
+  iov.iov_base = daemon->dhcp_packet.iov_base;
+  
+  /* packet buffer may have moved */
+  mess = daemon->dhcp_packet.iov_base;
+  
 #ifdef HAVE_SOCKADDR_SA_LEN
-      dest.sin_len = sizeof(struct sockaddr_in);
+  dest.sin_len = sizeof(struct sockaddr_in);
 #endif
      
-      if (mess->giaddr.s_addr)
-	{
-	  dest.sin_port = htons(DHCP_SERVER_PORT);
-	  dest.sin_addr = mess->giaddr; 
-	}
-      else
-	{
-	  dest.sin_port = htons(DHCP_CLIENT_PORT);
-	  dest.sin_addr = mess->ciaddr;
-	}
-      
-      while(sendto(daemon->dhcpfd, mess, newlen, 0, 
-		   (struct sockaddr *)&dest, sizeof(dest)) == -1 &&
-	    retry_send());
+  if (mess->giaddr.s_addr)
+    {
+      /* Send to BOOTP relay  */
+      if (!dest.sin_port)
+	dest.sin_port = htons(DHCP_SERVER_PORT);
+      dest.sin_addr = mess->giaddr; 
+    }
+  else if (mess->ciaddr.s_addr)
+    {
+      dest.sin_addr = mess->ciaddr;
+      if (!dest.sin_port)
+	dest.sin_port = htons(DHCP_CLIENT_PORT);
+    } 
+#ifdef HAVE_LINUX_NETWORK
+  else if (ntohs(mess->flags) & 0x8000)
+    {
+      /* broadcast to 255.255.255.255 */
+      struct in_pktinfo *pkt;
+      msg.msg_controllen = sizeof(control_u);
+      cmptr = CMSG_FIRSTHDR(&msg);
+      dest.sin_addr.s_addr = INADDR_BROADCAST;
+      dest.sin_port = htons(DHCP_CLIENT_PORT);
+      pkt = (struct in_pktinfo *)CMSG_DATA(cmptr);
+      pkt->ipi_ifindex = iface_index;
+      pkt->ipi_spec_dst.s_addr = 0;
+      msg.msg_controllen = cmptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
+      cmptr->cmsg_level = SOL_IP;
+      cmptr->cmsg_type = IP_PKTINFO;
     }
   else
     {
-      /* Hairy stuff, packet either has to go to the
-	 net broadcast or the destination can't reply to ARP yet,
-	 but we do know the physical address. 
-	 Build the packet by steam, and send directly, bypassing
-	 the kernel IP stack */
-      
-      u32 i, sum;
-      unsigned char hwdest[ETHER_ADDR_LEN];
-      
-      if (ntohs(mess->flags) & 0x8000)
-	{
-	  memset(hwdest, 255,  ETHER_ADDR_LEN);
-	  rawpacket->ip.ip_dst.s_addr = INADDR_BROADCAST;
-	}
-      else
-	{
-	  memcpy(hwdest, mess->chaddr, ETHER_ADDR_LEN); 
-	  rawpacket->ip.ip_dst.s_addr = mess->yiaddr.s_addr;
-	}
-      
-      rawpacket->ip.ip_p = IPPROTO_UDP;
-      rawpacket->ip.ip_src.s_addr = iface_addr.s_addr;
-      rawpacket->ip.ip_len = htons(sizeof(struct ip) + 
-				   sizeof(struct udphdr) +
-				   newlen) ;
-      rawpacket->ip.ip_hl = sizeof(struct ip) / 4;
-      rawpacket->ip.ip_v = IPVERSION;
-      rawpacket->ip.ip_tos = 0;
-      rawpacket->ip.ip_id = htons(0);
-      rawpacket->ip.ip_off = htons(0x4000); /* don't fragment */
-      rawpacket->ip.ip_ttl = IPDEFTTL;
-      rawpacket->ip.ip_sum = 0;
-      for (sum = 0, i = 0; i < sizeof(struct ip) / 2; i++)
-	sum += ((u16 *)&rawpacket->ip)[i];
-      while (sum>>16)
-	sum = (sum & 0xffff) + (sum >> 16);  
-      rawpacket->ip.ip_sum = (sum == 0xffff) ? sum : ~sum;
-      
-      rawpacket->udp.uh_sport = htons(DHCP_SERVER_PORT);
-      rawpacket->udp.uh_dport = htons(DHCP_CLIENT_PORT);
-      ((u8 *)&rawpacket->data)[newlen] = 0; /* for checksum, in case length is odd. */
-      rawpacket->udp.uh_sum = 0;
-      rawpacket->udp.uh_ulen = sum = htons(sizeof(struct udphdr) + newlen);
-      sum += htons(IPPROTO_UDP);
-      for (i = 0; i < 4; i++)
-	sum += ((u16 *)&rawpacket->ip.ip_src)[i];
-      for (i = 0; i < (sizeof(struct udphdr) + newlen + 1) / 2; i++)
-	sum += ((u16 *)&rawpacket->udp)[i];
-      while (sum>>16)
-	sum = (sum & 0xffff) + (sum >> 16);
-      rawpacket->udp.uh_sum = (sum == 0xffff) ? sum : ~sum;
-      
-      { 
-#ifdef HAVE_BPF
-	struct ether_header header;
-	
-	header.ether_type = htons(ETHERTYPE_IP);
-	memcpy(header.ether_shost, iface_hwaddr, ETHER_ADDR_LEN);
-	memcpy(header.ether_dhost, hwdest, ETHER_ADDR_LEN); 
-	
-	ioctl(daemon->dhcp_raw_fd, BIOCSETIF, &ifr);
-	
-	iov[0].iov_base = (char *)&header;
-	iov[0].iov_len = sizeof(struct ether_header);
-	iov[1].iov_base = (char *)rawpacket;
-	iov[1].iov_len = ntohs(rawpacket->ip.ip_len);
-	while (writev(daemon->dhcp_raw_fd, iov, 2) == -1 && retry_send());
-#else
-	struct sockaddr_ll dest;
-	
-	memset(&dest, 0, sizeof(dest));
-	dest.sll_family = AF_PACKET;
-	dest.sll_halen =  ETHER_ADDR_LEN;
-	dest.sll_ifindex = iface_index;
-	dest.sll_protocol = htons(ETHERTYPE_IP);
-	memcpy(dest.sll_addr, hwdest, ETHER_ADDR_LEN); 
-	while (sendto(daemon->dhcp_raw_fd, rawpacket, ntohs(rawpacket->ip.ip_len), 
-		      0, (struct sockaddr *)&dest, sizeof(dest)) == -1 &&
-	       retry_send());
-#endif
-      }
+      /* unicast to unconfigured client */
+      dest.sin_addr = mess->yiaddr;
+      dest.sin_port = htons(DHCP_CLIENT_PORT);
+      if (mess->hlen != 0 && mess->htype != 0)
+	arp_inject(daemon->netlinkfd, mess->yiaddr, iface_index,
+		   mess->chaddr, mess->hlen);
     }
+#else
+  else 
+    {
+      send_via_bpf(daemon, mess, iov.iov_len, iface_addr, &ifr);
+      return;
+    }
+#endif
+   
+  while(sendmsg(daemon->dhcpfd, &msg, 0) == -1 && retry_send());
 }
-
+ 
 /* This is a complex routine: it gets called with each (address,netmask,broadcast) triple 
-   of the interface on which a DHCP packet arrives (and any relay address) and does the 
-   following things:
-   1) Fills in any netmask and broadcast addresses which have not been explicitly configured.
-   2) Fills in local (this host) and router (this host or relay) addresses.
-   3) Links contexts which are valid for hosts directly connected to the arrival interface on ->current.
+   of each interface (and any relay address) and does the  following things:
+
+   1) Discards stuff for interfaces other than the one on which a DHCP packet just arrived.
+   2) Fills in any netmask and broadcast addresses which have not been explicitly configured.
+   3) Fills in local (this host) and router (this host or relay) addresses.
+   4) Links contexts which are valid for hosts directly connected to the arrival interface on ->current.
+
    Note that the current chain may be superceded later for configured hosts or those coming via gateways. */
-struct dhcp_context *complete_context(struct daemon *daemon, struct in_addr local, struct dhcp_context *current,
-				      struct in_addr netmask, struct in_addr broadcast, struct in_addr relay,
-				      struct in_addr primary)
+
+static int complete_context(struct daemon *daemon, struct in_addr local, int if_index, 
+			     struct in_addr netmask, struct in_addr broadcast, void *vparam)
 {
   struct dhcp_context *context;
+  struct iface_param *param = vparam;
+  
+  if (if_index != param->ind)
+    return 1; /* no for us. */
   
   for (context = daemon->dhcp; context; context = context->next)
     {
@@ -397,8 +319,8 @@ struct dhcp_context *complete_context(struct daemon *daemon, struct in_addr loca
 		{
 		  context->router = local;
 		  context->local = local;
-		  context->current = current;
-		  current = context;
+		  context->current = param->current;
+		  param->current = context;
 		}
 	      
 	      if (!(context->flags & CONTEXT_BRDCAST))
@@ -409,10 +331,10 @@ struct dhcp_context *complete_context(struct daemon *daemon, struct in_addr loca
 		    context->broadcast.s_addr  = context->start.s_addr | ~context->netmask.s_addr;
 		}
 	    }	
-	  else if (relay.s_addr && is_same_net(relay, context->start, context->netmask))
+	  else if (param->relay.s_addr && is_same_net(param->relay, context->start, context->netmask))
 	    {
-	      context->router = relay;
-	      context->local = primary;
+	      context->router = param->relay;
+	      context->local = param->primary;
 	      /* fill in missing broadcast addresses for relayed ranges */
 	      if (!(context->flags & CONTEXT_BRDCAST))
 		context->broadcast.s_addr  = context->start.s_addr | ~context->netmask.s_addr;
@@ -421,25 +343,31 @@ struct dhcp_context *complete_context(struct daemon *daemon, struct in_addr loca
 	}
     }
 
-  return current;
+  return 1;
 }
 	  
 struct dhcp_context *address_available(struct dhcp_context *context, struct in_addr taddr)
 {
   /* Check is an address is OK for this network, check all
-     possible ranges. */
+     possible ranges. Make sure that the address isn't in use
+     by the server itself. */
   
   unsigned int start, end, addr = ntohl(taddr.s_addr);
-  
-  for (; context; context = context->current)
-    {
-      start = ntohl(context->start.s_addr);
-      end = ntohl(context->end.s_addr);
+  struct dhcp_context *tmp;
 
-      if (!(context->flags & CONTEXT_STATIC) &&
+  for (tmp = context; tmp; tmp = tmp->current)
+    if (taddr.s_addr == context->local.s_addr)
+      return NULL;
+  
+  for (tmp = context; tmp; tmp = tmp->current)
+    {
+      start = ntohl(tmp->start.s_addr);
+      end = ntohl(tmp->end.s_addr);
+
+      if (!(tmp->flags & CONTEXT_STATIC) &&
 	  addr >= start &&
 	  addr <= end)
-	return context;
+	return tmp;
     }
 
   return NULL;
@@ -447,24 +375,29 @@ struct dhcp_context *address_available(struct dhcp_context *context, struct in_a
 
 struct dhcp_context *narrow_context(struct dhcp_context *context, struct in_addr taddr)
 {
-  /* We start of with a set of possible contexts, all on the current subnet.
+  /* We start of with a set of possible contexts, all on the current physical interface.
      These are chained on ->current.
      Here we have an address, and return the actual context correponding to that
      address. Note that none may fit, if the address came a dhcp-host and is outside
-     any dhcp-range. In that case we return a static range is possible, or failing that,
-     any context on the subnet. (If there's more than one, this is a dodgy configuration: 
-     maybe there should be a warning.) */
+     any dhcp-range. In that case we return a static range if possible, or failing that,
+     any context on the correct subnet. (If there's more than one, this is a dodgy 
+     configuration: maybe there should be a warning.) */
   
-  struct dhcp_context *tmp = address_available(context, taddr);
+  struct dhcp_context *tmp;
 
-  if (tmp)
+  if ((tmp = address_available(context, taddr)))
     return tmp;
   
   for (tmp = context; tmp; tmp = tmp->current)
-    if (tmp->flags & CONTEXT_STATIC)
+    if (is_same_net(taddr, tmp->start, tmp->netmask) && 
+	(tmp->flags & CONTEXT_STATIC))
       return tmp;
 
-  return context;
+  for (tmp = context; tmp; tmp = tmp->current)
+    if (is_same_net(taddr, tmp->start, tmp->netmask))
+      return tmp;
+
+  return NULL;
 }
 
 struct dhcp_config *config_find_by_address(struct dhcp_config *configs, struct in_addr addr)
@@ -478,12 +411,13 @@ struct dhcp_config *config_find_by_address(struct dhcp_config *configs, struct i
   return NULL;
 }
 
-/* Is every member of check matched by a member of pool? */
-int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool)
+/* Is every member of check matched by a member of pool? 
+   If negonly, match unless there's a negative tag which matches. */
+int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool, int negonly)
 {
   struct dhcp_netid *tmp1;
   
-  if (!check)
+  if (!check && !negonly)
     return 0;
 
   for (; check; check = check->next)
@@ -493,7 +427,7 @@ int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool)
 	  for (tmp1 = pool; tmp1; tmp1 = tmp1->next)
 	    if (strcmp(check->net, tmp1->net) == 0)
 	      break;
-	  if (!tmp1)
+	  if (!tmp1 || negonly)
 	    return 0;
 	}
       else
@@ -505,97 +439,100 @@ int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool)
 }
 
 int address_allocate(struct dhcp_context *context, struct daemon *daemon,
-		     struct in_addr *addrp, unsigned char *hwaddr, 
+		     struct in_addr *addrp, unsigned char *hwaddr, int hw_len, 
 		     struct dhcp_netid *netids, time_t now)   
 {
   /* Find a free address: exclude anything in use and anything allocated to
      a particular hwaddr/clientid/hostname in our configuration.
-     Try to return from contexts which mathc netis first. */
+     Try to return from contexts which match netids first. */
 
-  struct in_addr start, addr ;
-  struct dhcp_context *c;
-  unsigned int i, j;
+  struct in_addr start, addr;
+  struct dhcp_context *c, *d;
+  int i, pass;
+  unsigned int j; 
+
+  /* hash hwaddr */
+  for (j = 0, i = 0; i < hw_len; i++)
+    j += hwaddr[i] + (hwaddr[i] << 8) + (hwaddr[i] << 16);
   
-  for (c = context; c; c = c->current)
-    if (c->flags & CONTEXT_STATIC)
-      continue;
-    else if (netids && !(c->flags & CONTEXT_FILTER))
-      continue;
-    else if (!netids && (c->flags & CONTEXT_FILTER))
-      continue;
-    else if (netids && (c->flags & CONTEXT_FILTER) && !match_netid(&c->netid, netids))
-      continue;
-    else
-      {
-	/* pick a seed based on hwaddr then iterate until we find a free address. */
-	for (j = c->addr_epoch, i = 0; i < ETHER_ADDR_LEN; i++)
-	  j += hwaddr[i] + (hwaddr[i] << 8) + (hwaddr[i] << 16);
-	
-	start.s_addr = addr.s_addr = 
-	  htonl(ntohl(c->start.s_addr) + 
-		(j % (1 + ntohl(c->end.s_addr) - ntohl(c->start.s_addr))));
-	
-	do {
-	  if (!lease_find_by_addr(addr) && 
-	      !config_find_by_address(daemon->dhcp_conf, addr))
-	    {
-	      struct ping_result *r, *victim = NULL;
-	      int count;
+  for (pass = 0; pass <= 1; pass++)
+    for (c = context; c; c = c->current)
+      if (c->flags & CONTEXT_STATIC)
+	continue;
+      else if (!match_netid(c->filter, netids, pass))
+	continue;
+      else
+	{
+	  /* pick a seed based on hwaddr then iterate until we find a free address. */
+	  start.s_addr = addr.s_addr = 
+	    htonl(ntohl(c->start.s_addr) + 
+		  ((j + c->addr_epoch) % (1 + ntohl(c->end.s_addr) - ntohl(c->start.s_addr))));
+	  
+	  do {
+	    /* eliminate addresses in use by the server. */
+	    for (d = context; d; d = d->current)
+	      if (addr.s_addr == d->local.s_addr)
+		break;
 
-	      /* check if we failed to ping addr sometime in the last
-		 30s. If so, assume the same situation still exists.
-		 This avoids problems when a stupid client bangs
-		 on us repeatedly. As a final check, is we did more
-		 than six ping checks in the last 30s, we are in 
-		 high-load mode, so don't do any more. */
-	      for (count = 0, r = daemon->ping_results; r; r = r->next)
-		if (difftime(now, r->time) > 30.0)
-		  victim = r; /* old record */
-		else if (++count == 6 || r->addr.s_addr == addr.s_addr)
+	    if (!d &&
+		!lease_find_by_addr(addr) && 
+		!config_find_by_address(daemon->dhcp_conf, addr))
+	      {
+		struct ping_result *r, *victim = NULL;
+		int count, max = (int)(0.6 * (((float)PING_CACHE_TIME)/
+					      ((float)PING_WAIT)));
+		
+		*addrp = addr;
+
+		if (daemon->options & OPT_NO_PING)
+		  return 1;
+		
+		/* check if we failed to ping addr sometime in the last
+		   PING_CACHE_TIME seconds. If so, assume the same situation still exists.
+		   This avoids problems when a stupid client bangs
+		   on us repeatedly. As a final check, if we did more
+		   than 60% of the possible ping checks in the last 
+		   PING_CACHE_TIME, we are in high-load mode, so don't do any more. */
+		for (count = 0, r = daemon->ping_results; r; r = r->next)
+		  if (difftime(now, r->time) >  (float)PING_CACHE_TIME)
+		    victim = r; /* old record */
+		  else if (++count == max || r->addr.s_addr == addr.s_addr)
+		    return 1;
+		    
+		if (icmp_ping(daemon, addr))
+		  /* address in use: perturb address selection so that we are
+		     less likely to try this address again. */
+		  c->addr_epoch++;
+		else
 		  {
-		    *addrp = addr;
+		    /* at this point victim may hold an expired record */
+		    if (!victim)
+		      {
+			if ((victim = malloc(sizeof(struct ping_result))))
+			  {
+			    victim->next = daemon->ping_results;
+			    daemon->ping_results = victim;
+			  }
+		      }
+		    
+		    /* record that this address is OK for 30s 
+		       without more ping checks */
+		    if (victim)
+		      {
+			victim->addr = addr;
+			victim->time = now;
+		      }
 		    return 1;
 		  }
-	      
-	      if (icmp_ping(daemon, addr))
-		/* address in use: perturb address selection so that we are
-		   less likely to try this address again. */
-		c->addr_epoch++;
-	      else
-		{
-		  /* at this point victim may hold an expired record */
-		  if (!victim)
-		    {
-		      if ((victim = malloc(sizeof(struct ping_result))))
-			{
-			  victim->next = daemon->ping_results;
-			  daemon->ping_results = victim;
-			}
-		    }
-		  
-		  /* record that this address is OK for 30s 
-		     without more ping checks */
-		  if (victim)
-		    {
-		      victim->addr = addr;
-		      victim->time = now;
-		    }
-		  *addrp = addr;
-		  return 1;
-		}
-	    }
-
-	  addr.s_addr = htonl(ntohl(addr.s_addr) + 1);
-	  
-	  if (addr.s_addr == htonl(ntohl(c->end.s_addr) + 1))
-	    addr = c->start;
-	  
-	} while (addr.s_addr != start.s_addr);
-      }
-
-  if (netids)
-    return address_allocate(context, daemon, addrp, hwaddr, NULL, now);
+	      }
 
+	    addr.s_addr = htonl(ntohl(addr.s_addr) + 1);
+	    
+	    if (addr.s_addr == htonl(ntohl(c->end.s_addr) + 1))
+	      addr = c->start;
+	    
+	  } while (addr.s_addr != start.s_addr);
+	}
   return 0;
 }
 
@@ -616,7 +553,8 @@ static int is_addr_in_context(struct dhcp_context *context, struct dhcp_config *
 struct dhcp_config *find_config(struct dhcp_config *configs,
 				struct dhcp_context *context,
 				unsigned char *clid, int clid_len,
-				unsigned char *hwaddr, char *hostname)
+				unsigned char *hwaddr, int hw_len, 
+				int hw_type, char *hostname)
 {
   struct dhcp_config *config; 
   
@@ -638,14 +576,14 @@ struct dhcp_config *find_config(struct dhcp_config *configs,
 	}
   
 
-  if (hwaddr)
-    for (config = configs; config; config = config->next)
-      if ((config->flags & CONFIG_HWADDR) &&
-	  config->wildcard_mask == 0 &&
-	  memcmp(config->hwaddr, hwaddr, ETHER_ADDR_LEN) == 0 &&
-	  is_addr_in_context(context, config))
-	return config;
-  
+  for (config = configs; config; config = config->next)
+    if ((config->flags & CONFIG_HWADDR) &&
+	config->wildcard_mask == 0 &&
+	config->hwaddr_len == hw_len &&
+	(config->hwaddr_type == hw_type || config->hwaddr_type == 0) &&
+	memcmp(config->hwaddr, hwaddr, hw_len) == 0 &&
+	is_addr_in_context(context, config))
+      return config;
   
   if (hostname && context)
     for (config = configs; config; config = config->next)
@@ -654,21 +592,15 @@ struct dhcp_config *find_config(struct dhcp_config *configs,
 	  is_addr_in_context(context, config))
 	return config;
   
-  if (hwaddr)
-    for (config = configs; config; config = config->next)
-      if ((config->flags & CONFIG_HWADDR) &&
-	  config->wildcard_mask != 0 &&
-	  is_addr_in_context(context, config))
-	{
-	  int i;
-	  unsigned int mask = config->wildcard_mask;
-	  for (i = ETHER_ADDR_LEN - 1; i >= 0; i--, mask = mask >> 1)
-	    if (mask & 1)
-	      config->hwaddr[i] = hwaddr[i];
-	  if (memcmp(config->hwaddr, hwaddr, ETHER_ADDR_LEN) == 0)
-	    return config;
-	}
-  
+  for (config = configs; config; config = config->next)
+    if ((config->flags & CONFIG_HWADDR) &&
+	config->wildcard_mask != 0 &&
+	config->hwaddr_len == hw_len &&	
+	(config->hwaddr_type == hw_type || config->hwaddr_type == 0) &&
+	is_addr_in_context(context, config) &&
+	memcmp_masked(config->hwaddr, hwaddr, hw_len, config->wildcard_mask))
+      return config;
+        
   return NULL;
 }
 
@@ -704,7 +636,7 @@ void dhcp_read_ethers(struct daemon *daemon)
       for (ip = buff; *ip && !isspace(*ip); ip++);
       for(; *ip && isspace(*ip); ip++)
 	*ip = 0;
-      if (!*ip || parse_hex(buff, hwaddr, 6, NULL) != 6)
+      if (!*ip || parse_hex(buff, hwaddr, ETHER_ADDR_LEN, NULL, NULL) != ETHER_ADDR_LEN)
 	{
 	  syslog(LOG_ERR, _("bad line at %s line %d"), ETHERSFILE, lineno); 
 	  continue;
@@ -749,6 +681,8 @@ void dhcp_read_ethers(struct daemon *daemon)
 	  for (config = configs; config; config = config->next)
 	    if ((config->flags & CONFIG_HWADDR) && 
 		config->wildcard_mask == 0 &&
+		config->hwaddr_len == ETHER_ADDR_LEN &&
+		(config->hwaddr_type == ARPHRD_ETHER || config->hwaddr_type == 0) &&
 		memcmp(config->hwaddr, hwaddr, ETHER_ADDR_LEN) == 0)
 	      break;
 	  
@@ -778,7 +712,8 @@ void dhcp_read_ethers(struct daemon *daemon)
       
       config->flags |= CONFIG_HWADDR | CONFIG_NOCLID;
       memcpy(config->hwaddr, hwaddr, ETHER_ADDR_LEN);
-
+      config->hwaddr_len = ETHER_ADDR_LEN;
+      config->hwaddr_type = ARPHRD_ETHER;
       count++;
     }
   
@@ -828,8 +763,8 @@ char *host_from_dns(struct daemon *daemon, struct in_addr addr)
   if (lookup && (lookup->flags & F_HOSTS))
     {
       hostname = daemon->dhcp_buff;
-      hostname[256] = 0;
       strncpy(hostname, cache_get_name(lookup), 256);
+      hostname[255] = 0;
       hostname = strip_hostname(daemon, hostname);
     }
 

src/dnsmasq.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2005 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2006 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -10,8 +10,6 @@
    GNU General Public License for more details.
 */
 
-/* Author's email: simon@thekelleys.org.uk */
-
 #include "dnsmasq.h"
 
 static char *compile_opts = 
@@ -37,9 +35,10 @@ static char *compile_opts =
 #ifdef NO_GETTEXT
 "no-"
 #endif
-"i18n";
+"I18N ";
 
-static volatile int sigterm, sighup, sigusr1, sigalarm, num_kids, in_child;
+static pid_t pid;
+static int pipewrite;
 
 static int set_dns_listeners(struct daemon *daemon, fd_set *set, int maxfd);
 static void check_dns_listeners(struct daemon *daemon, fd_set *set, time_t now);
@@ -48,12 +47,13 @@ static void sig_handler(int sig);
 int main (int argc, char **argv)
 {
   struct daemon *daemon;
-  int first_loop = 1;
   int bind_fallback = 0;
+  int bad_capabilities = 0;
   time_t now, last = 0;
   struct sigaction sigact;
-  sigset_t sigmask;
   struct iname *if_tmp;
+  int flags, piperead, pipefd[2];
+  unsigned char sig;
 
 #ifndef NO_GETTEXT
   setlocale(LC_ALL, "");
@@ -61,16 +61,7 @@ int main (int argc, char **argv)
   textdomain("dnsmasq");
 #endif
 
-  sighup = 1; /* init cache the first time through */
-  sigusr1 = 0; /* but don't dump */
-  sigterm = 0; /* or die */
-#ifdef HAVE_BROKEN_RTC
-  sigalarm = 1; /* need regular lease dumps */
-#else
-  sigalarm = 0; /* or not */
-#endif
-  num_kids = 0;
-  in_child = 0;
+  pid = 0;
  
   sigact.sa_handler = sig_handler;
   sigact.sa_flags = 0;
@@ -85,15 +76,6 @@ int main (int argc, char **argv)
   sigact.sa_handler = SIG_IGN;
   sigaction(SIGPIPE, &sigact, NULL);
 
-  /* now block all the signals, they stay that way except
-      during the call to pselect */
-  sigaddset(&sigact.sa_mask, SIGUSR1);
-  sigaddset(&sigact.sa_mask, SIGTERM);
-  sigaddset(&sigact.sa_mask, SIGHUP);
-  sigaddset(&sigact.sa_mask, SIGALRM);
-  sigaddset(&sigact.sa_mask, SIGCHLD);
-  sigprocmask(SIG_BLOCK, &sigact.sa_mask, &sigmask); 
-
   daemon = read_opts(argc, argv, compile_opts);
   
   if (daemon->edns_pktsz < PACKETSZ)
@@ -112,19 +94,25 @@ int main (int argc, char **argv)
     die(_("ISC dhcpd integration not available: set HAVE_ISC_READER in src/config.h"), NULL);
 #endif
   
-  if (!enumerate_interfaces(daemon, &daemon->interfaces, NULL, NULL))
-    die(_("failed to find list of interfaces: %s"), NULL);
-
-  if (!(daemon->options & OPT_NOWILD) && 
-      !(daemon->listeners = create_wildcard_listeners(daemon->port)))
+#ifdef HAVE_LINUX_NETWORK
+  netlink_init(daemon);
+#elif !(defined(IP_RECVDSTADDR) && \
+	defined(IP_RECVIF) && \
+	defined(IP_SENDSRCADDR))
+  if (!(daemon->options & OPT_NOWILD))
     {
       bind_fallback = 1;
       daemon->options |= OPT_NOWILD;
     }
+#endif
+
+  daemon->interfaces = NULL;
+  if (!enumerate_interfaces(daemon))
+    die(_("failed to find list of interfaces: %s"), NULL);
     
   if (daemon->options & OPT_NOWILD) 
     {
-      daemon->listeners = create_bound_listeners(daemon->interfaces, daemon->port);
+      daemon->listeners = create_bound_listeners(daemon);
 
       for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
 	if (if_tmp->name && !if_tmp->used)
@@ -137,20 +125,17 @@ int main (int argc, char **argv)
 	    die(_("no interface with address %s"), daemon->namebuff);
 	  }
     }
+  else if (!(daemon->listeners = create_wildcard_listeners(daemon->port)))
+    die(_("failed to create listening socket: %s"), NULL);
   
   forward_init(1);
   cache_init(daemon->cachesize, daemon->options & OPT_LOG);
 
-#ifdef HAVE_BROKEN_RTC
-  if ((daemon->uptime_fd = open(UPTIME, O_RDONLY)) == -1)
-    die(_("cannot open %s:%s"), UPTIME);
-#endif
- 
-  now = dnsmasq_time(daemon->uptime_fd);
+  now = dnsmasq_time();
   
   if (daemon->dhcp)
     {
-#if !defined(IP_PKTINFO) && !defined(IP_RECVIF)
+#if !defined(HAVE_LINUX_NETWORK) && !defined(IP_RECVIF)
       int c;
       struct iname *tmp;
       for (c = 0, tmp = daemon->if_names; tmp; tmp = tmp->next)
@@ -173,8 +158,7 @@ int main (int argc, char **argv)
 	die(_("DBus error: %s"), err);
     }
 #else
-  if (daemon->options & OPT_DBUS)
-    die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL);
+  die(_("DBus not available: set HAVE_DBUS in src/config.h"), NULL);
 #endif
   
   /* If query_port is set then create a socket now, before dumping root
@@ -194,7 +178,8 @@ int main (int argc, char **argv)
       addr.in6.sin6_family = AF_INET6;
       addr.in6.sin6_addr = in6addr_any;
       addr.in6.sin6_port = htons(daemon->query_port);
-      addr.in6.sin6_flowinfo = htonl(0);
+      addr.in6.sin6_flowinfo = 0;
+      addr.in6.sin6_scope_id = 0;
 #ifdef HAVE_SOCKADDR_SA_LEN
       addr.in6.sin6_len = sizeof(struct sockaddr_in6);
 #endif
@@ -202,15 +187,52 @@ int main (int argc, char **argv)
 #endif
     }
   
-  setbuf(stdout, NULL);
-
-  if (!(daemon->options & OPT_DEBUG))
+  /* Use a pipe to carry signals back to the event loop in a race-free manner */
+  if (pipe(pipefd) == -1 ||
+      (flags = fcntl(pipefd[0], F_GETFL)) == -1 ||
+      fcntl(pipefd[0], F_SETFL, flags | O_NONBLOCK) == -1 ||
+      (flags = fcntl(pipefd[1], F_GETFL)) == -1 ||
+      fcntl(pipefd[1], F_SETFL, flags | O_NONBLOCK) == -1)
+    die(_("cannot create pipe: %s"), NULL);
+  
+  piperead = pipefd[0];
+  pipewrite = pipefd[1];
+  /* prime the pipe to load stuff first time. */
+  sig = SIGHUP; 
+  write(pipewrite, &sig, 1);
+ 
+  if (!(daemon->options & OPT_DEBUG)) 
     {
       FILE *pidfile;
-      struct passwd *ent_pw;
+      struct passwd *ent_pw = daemon->username ? getpwnam(daemon->username) : NULL;
       fd_set test_set;
-      int maxfd, i;
-	
+      int maxfd, i; 
+
+#ifdef HAVE_LINUX_NETWORK
+      cap_user_header_t hdr = NULL;
+      cap_user_data_t data = NULL; 
+      
+      /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
+	 CAP_NET_RAW (for icmp) if we're doing dhcp */
+      if (ent_pw)
+	{
+	  hdr = safe_malloc(sizeof(*hdr));
+	  data = safe_malloc(sizeof(*data));
+	  hdr->version = _LINUX_CAPABILITY_VERSION;
+	  hdr->pid = 0; /* this process */
+	  data->effective = data->permitted = data->inheritable =
+	    (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) |
+	    (1 << CAP_SETGID) | (1 << CAP_SETUID);
+	  	  
+	  /* Tell kernel to not clear capabilities when dropping root */
+	  if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1) == -1)
+	    {
+	      bad_capabilities = errno;
+	      ent_pw = NULL;
+	    }
+	}
+#endif
+
       FD_ZERO(&test_set);
       maxfd = set_dns_listeners(daemon, &test_set, -1);
 #ifdef HAVE_DBUS
@@ -247,16 +269,21 @@ int main (int argc, char **argv)
 
       for (i=0; i<64; i++)
 	{
-#ifdef HAVE_BROKEN_RTC	  
-	  if (i == daemon->uptime_fd)
+	  if (i == piperead || i == pipewrite)
+	    continue;
+
+#ifdef HAVE_LINUX_NETWORK
+	  if (i == daemon->netlinkfd)
 	    continue;
 #endif
 	  
 	  if (daemon->dhcp && 
-	      (i == daemon->lease_fd || 
-	       i == daemon->dhcpfd || 
+	      (i == fileno(daemon->lease_stream) || 
+#ifndef HAVE_LINUX_NETWORK
 	       i == daemon->dhcp_raw_fd ||
-	       i == daemon->dhcp_icmp_fd))
+	       i == daemon->dhcp_icmp_fd ||
+#endif
+	       i == daemon->dhcpfd))
 	    continue;
 
 	  if (i <= maxfd && FD_ISSET(i, &test_set))
@@ -266,10 +293,11 @@ int main (int argc, char **argv)
 	}
 
       /* Change uid and gid for security */
-      if (daemon->username && (ent_pw = getpwnam(daemon->username)))
+      if (ent_pw)
 	{
 	  gid_t dummy;
 	  struct group *gp;
+
 	  /* remove all supplimentary groups */
 	  setgroups(0, &dummy);
 	  /* change group for /etc/ppp/resolv.conf 
@@ -279,8 +307,21 @@ int main (int argc, char **argv)
 	    setgid(gp->gr_gid); 
 	  /* finally drop root */
 	  setuid(ent_pw->pw_uid);
+
+#ifdef HAVE_LINUX_NETWORK
+	  data->effective = data->permitted = 
+	    (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW);
+	  data->inheritable = 0;
+	  
+	  /* lose the setuid and setgid capbilities */
+	  capset(hdr, data);
+#endif
 	}
     }
+#ifdef HAVE_LINUX_NETWORK
+  else
+     prctl(PR_SET_DUMPABLE, 1);
+#endif
 
   openlog("dnsmasq", 
 	  DNSMASQ_LOG_OPT(daemon->options & OPT_DEBUG), 
@@ -310,15 +351,10 @@ int main (int argc, char **argv)
     for (if_tmp = daemon->if_names; if_tmp; if_tmp = if_tmp->next)
       if (if_tmp->name && !if_tmp->used)
 	syslog(LOG_WARNING, _("warning: interface %s does not currently exist"), if_tmp->name);
-  
+   
   if (daemon->dhcp)
     {
       struct dhcp_context *dhcp_tmp;
-
-#ifdef HAVE_RTNETLINK
-      /* Must do this after daemonizing so that the pid is right */
-      daemon->netlinkfd =  netlink_init();
-#endif
       
       for (dhcp_tmp = daemon->dhcp; dhcp_tmp; dhcp_tmp = dhcp_tmp->next)
 	{
@@ -330,119 +366,72 @@ int main (int argc, char **argv)
 		 _("DHCP, IP range %s -- %s, lease time %s"),
 		 daemon->dhcp_buff, inet_ntoa(dhcp_tmp->end), daemon->dhcp_buff2);
 	}
- 
-#ifdef HAVE_BROKEN_RTC
-      daemon->min_leasetime = daemon->min_leasetime/3;
-      if (daemon->min_leasetime > (60 * 60 * 24))
-	daemon->min_leasetime = 60 * 60 * 24;
-      if (daemon->min_leasetime < 60)
-	daemon->min_leasetime = 60;
-      prettyprint_time(daemon->dhcp_buff2, daemon->min_leasetime);
-      syslog(LOG_INFO, _("DHCP, %s will be written every %s"), daemon->lease_file, daemon->dhcp_buff2);
-#endif
     }
 
   if (!(daemon->options & OPT_DEBUG) && (getuid() == 0 || geteuid() == 0))
-    syslog(LOG_WARNING, _("running as root"));
+    {
+      if (bad_capabilities)
+	{
+	  errno = bad_capabilities;
+	  syslog(LOG_WARNING, _("warning: setting capabilities failed: %m"));
+	}
+      syslog(LOG_WARNING, _("running as root"));
+    }
   
   check_servers(daemon);
   
-  while (sigterm == 0)
+  pid = getpid();
+
+  while (1)
     {
+      int maxfd;
+      struct timeval t, *tp = NULL;
       fd_set rset, wset, eset;
-      
-      if (sighup)
-	{
-	  clear_cache_and_reload(daemon, now);
-	  if (daemon->resolv_files && (daemon->options & OPT_NO_POLL))
-	    {
-	      reload_servers(daemon->resolv_files->name, daemon);
-	      check_servers(daemon);
-	    }
-	  sighup = 0;
-	}
-      
-      if (sigusr1)
-	{
-	  dump_cache(daemon);
-	  sigusr1 = 0;
-	}
-      
-      if (sigalarm)
-	{
-	  if (daemon->dhcp)
-	    {
-	      lease_update_file(1, now);
-#ifdef HAVE_BROKEN_RTC
-	      alarm(daemon->min_leasetime);
-#endif
-	    } 
-	  sigalarm  = 0;
-	}
+
+      t.tv_sec = 0; /* no warning */
       
       FD_ZERO(&rset);
       FD_ZERO(&wset);
       FD_ZERO(&eset);
       
-      if (!first_loop)
+      maxfd = set_dns_listeners(daemon, &rset, -1);
+	
+#ifdef HAVE_DBUS
+      /* Whilst polling for the dbus, wake every quarter second */
+      if ((daemon->options & OPT_DBUS) && !daemon->dbus)
 	{
-	  int maxfd = set_dns_listeners(daemon, &rset, -1);
-#ifdef HAVE_DBUS
-	  maxfd = set_dbus_listeners(daemon, maxfd, &rset, &wset, &eset);
-#endif
-	  if (daemon->dhcp)
-	    {
-	      FD_SET(daemon->dhcpfd, &rset);
-	      if (daemon->dhcpfd > maxfd)
-		maxfd = daemon->dhcpfd;
-	    }
-
-	  /* Whilst polling for the dbus, wake every quarter second */
-#ifdef HAVE_PSELECT
-	  {
-	    struct timespec *tp = NULL;
-#ifdef HAVE_DBUS
-	    struct timespec t;
-	    if ((daemon->options & OPT_DBUS) && !daemon->dbus)
-	      {
-		tp = &t;
-		tp->tv_sec = 0;
-		tp->tv_nsec = 250000000;
-	      }
-#endif
-	    if (pselect(maxfd+1, &rset, &wset, &eset, tp, &sigmask) < 0)
-	    {
-	      /* otherwise undefined after error */ 
-	      FD_ZERO(&rset); FD_ZERO(&wset); FD_ZERO(&eset);
-	    }
-	  }
-#else
-	  {
-	    sigset_t save_mask;
-	    struct timeval *tp = NULL;
-#ifdef HAVE_DBUS
-	    struct timeval t;
-	    if ((daemon->options & OPT_DBUS) && !daemon->dbus)
-	      {
-		tp = &t;
-		tp->tv_sec = 0;
-		tp->tv_usec = 250000;
-	      }
-#endif
-	    sigprocmask(SIG_SETMASK, &sigmask, &save_mask);
-	    if (select(maxfd+1, &rset, &wset, &eset, tp) < 0)
-	      {
-		/* otherwise undefined after error */ 
-		FD_ZERO(&rset); FD_ZERO(&wset); FD_ZERO(&eset);
-	      }
-	    sigprocmask(SIG_SETMASK, &save_mask, NULL);
-	    
-	  }
-#endif
+	  tp = &t;
+	  tp->tv_sec = 0;
+	  tp->tv_usec = 250000;
 	}
+
+      maxfd = set_dbus_listeners(daemon, maxfd, &rset, &wset, &eset);
+#endif	
+  
+      if (daemon->dhcp)
+	{
+	  FD_SET(daemon->dhcpfd, &rset);
+	  if (daemon->dhcpfd > maxfd)
+	    maxfd = daemon->dhcpfd;
+	}
+
+#ifdef HAVE_LINUX_NETWORK
+      FD_SET(daemon->netlinkfd, &rset);
+      if (daemon->netlinkfd > maxfd)
+	maxfd = daemon->netlinkfd;
+#endif
       
-      first_loop = 0;
-      now = dnsmasq_time(daemon->uptime_fd);
+      FD_SET(piperead, &rset);
+      if (piperead > maxfd)
+	maxfd = piperead;
+      
+      if (select(maxfd+1, &rset, &wset, &eset, tp) < 0)
+	{
+	  /* otherwise undefined after error */
+	  FD_ZERO(&rset); FD_ZERO(&wset); FD_ZERO(&eset);
+	}
+
+      now = dnsmasq_time();
 
       /* Check for changes to resolv files once per second max. */
       /* Don't go silent for long periods if the clock goes backwards. */
@@ -494,6 +483,49 @@ int main (int argc, char **argv)
 		}
 	    }
 	}
+
+      if (FD_ISSET(piperead, &rset))
+	{
+	  if (read(piperead, &sig, 1) == 1)
+	    switch (sig)
+	      {
+	      case SIGHUP:
+		clear_cache_and_reload(daemon);
+		if (daemon->resolv_files && (daemon->options & OPT_NO_POLL))
+		  {
+		    reload_servers(daemon->resolv_files->name, daemon);
+		    check_servers(daemon);
+		  }
+		break;
+		
+	      case SIGUSR1:
+		dump_cache(daemon, now);
+		break;
+		
+	      case SIGALRM:
+		if (daemon->dhcp)
+		  lease_update_file(daemon);
+		break;
+		
+	      case SIGTERM:
+		syslog(LOG_INFO, _("exiting on receipt of SIGTERM"));
+		if (daemon->dhcp)
+		  fclose(daemon->lease_stream);
+		exit(0);
+
+	      case SIGCHLD:
+		/* See Stevens 5.10 */
+		while (waitpid(-1, NULL, WNOHANG) > 0)
+		  daemon->num_kids--;
+		break;
+
+	      }
+	}
+
+#ifdef HAVE_LINUX_NETWORK
+      if (FD_ISSET(daemon->netlinkfd, &rset))
+	netlink_multicast(daemon);
+#endif
       
 #ifdef HAVE_DBUS
       /* if we didn't create a DBus connection, retry now. */ 
@@ -513,47 +545,34 @@ int main (int argc, char **argv)
       if (daemon->dhcp && FD_ISSET(daemon->dhcpfd, &rset))
 	dhcp_packet(daemon, now);
     }
-  
-  syslog(LOG_INFO, _("exiting on receipt of SIGTERM"));
-  
-  if (daemon->dhcp)
-    { 
-#ifdef HAVE_BROKEN_RTC
-      lease_update_file(1, now);
-#endif
-      close(daemon->lease_fd);
-    }
-  
-  return 0;
 }
 
 static void sig_handler(int sig)
 {
-  if (sig == SIGTERM)
-    sigterm = 1;
-  else if (sig == SIGHUP)
-    sighup = 1;
-  else if (sig == SIGUSR1)
-    sigusr1 = 1;
-  else if (sig == SIGALRM)
+  if (pid == 0)
+    {
+      /* ignore anything other than TERM during startup */
+      if (sig == SIGTERM)
+	exit(0);
+    }
+  else if (pid == getpid())
+    {
+      /* master process */
+      unsigned char sigchr = sig;
+      int errsave = errno;
+      write(pipewrite, &sigchr, 1);
+      errno = errsave;
+    }
+  else
     {
       /* alarm is used to kill children after a fixed time. */
-      if (in_child)
+      if (sig == SIGALRM)
 	exit(0);
-      else
-	sigalarm = 1;
-    }
-  else if (sig == SIGCHLD)
-    {
-      /* See Stevens 5.10 */
-      
-      while (waitpid(-1, NULL, WNOHANG) > 0)
-	num_kids--;
     }
 }
 
 
-void clear_cache_and_reload(struct daemon *daemon, time_t now)
+void clear_cache_and_reload(struct daemon *daemon)
 {
   cache_reload(daemon->options, daemon->namebuff, daemon->domain_suffix, daemon->addn_hosts);
   if (daemon->dhcp)
@@ -562,7 +581,7 @@ void clear_cache_and_reload(struct daemon *daemon, time_t now)
 	dhcp_read_ethers(daemon);
       dhcp_update_configs(daemon->dhcp_conf);
       lease_update_from_configs(daemon); 
-      lease_update_file(0, now); 
+      lease_update_file(daemon); 
       lease_update_dns(daemon);
     }
 }
@@ -609,30 +628,39 @@ static void check_dns_listeners(struct daemon *daemon, fd_set *set, time_t now)
        if (FD_ISSET(listener->tcpfd, set))
 	 {
 	   int confd;
-	   struct in_addr netmask, dst_addr_4;
-	   
+	  	   
 	   while((confd = accept(listener->tcpfd, NULL, NULL)) == -1 && errno == EINTR);
 	      
 	   if (confd != -1)
 	     {
-	       union mysockaddr tcp_addr;
-	       socklen_t tcp_len = sizeof(union mysockaddr);
-	   	       
-	       /* Check for allowed interfaces when binding the wildcard address:
-		  we do this by looking for an interface with the same address as 
-		  the local address of the TCP connection, then looking to see if that's
-		  an allowed interface. As a side effect, we get the netmask of the
-		  interface too, for localisation. */
-
-	       if ((num_kids >= MAX_PROCS) ||
-		   (!(daemon->options & OPT_NOWILD) &&
-		    (getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) == -1 ||
-		     !enumerate_interfaces(daemon, NULL, &tcp_addr, &netmask)))) 
+	       struct irec *iface = NULL;
+	       
+	       if (daemon->options & OPT_NOWILD)
+		 iface = listener->iface;
+	       else
+		 {
+		   union mysockaddr tcp_addr;
+		   socklen_t tcp_len = sizeof(union mysockaddr);
+		   /* Check for allowed interfaces when binding the wildcard address:
+		      we do this by looking for an interface with the same address as 
+		      the local address of the TCP connection, then looking to see if that's
+		      an allowed interface. As a side effect, we get the netmask of the
+		      interface too, for localisation. */
+		   
+		   /* interface may be new since startup */
+		   if (enumerate_interfaces(daemon) &&
+		       getsockname(confd, (struct sockaddr *)&tcp_addr, &tcp_len) != -1)
+		     for (iface = daemon->interfaces; iface; iface = iface->next)
+		       if (sockaddr_isequal(&iface->addr, &tcp_addr))
+			 break;
+		 }
+	       
+	       if ((daemon->num_kids >= MAX_PROCS) || !iface)
 		 close(confd);
 #ifndef NO_FORK
 	       else if (!(daemon->options & OPT_DEBUG) && fork())
 		 {
-		   num_kids++;
+		   daemon->num_kids++;
 		   close(confd);
 		 }
 #endif
@@ -641,18 +669,14 @@ static void check_dns_listeners(struct daemon *daemon, fd_set *set, time_t now)
 		   unsigned char *buff;
 		   struct server *s; 
 		   int flags;
-		   
+		   struct in_addr dst_addr_4;
+
+		   dst_addr_4.s_addr = 0;
+
 		   /* Arrange for SIGALARM after CHILD_LIFETIME seconds to
 		      terminate the process. */
 		   if (!(daemon->options & OPT_DEBUG))
-		     {
-		       sigset_t mask;
-		       sigemptyset(&mask);
-		       sigaddset(&mask, SIGALRM);
-		       sigprocmask(SIG_UNBLOCK, &mask, NULL);
-		       alarm(CHILD_LIFETIME);
-		       in_child = 1;
-		     }
+		     alarm(CHILD_LIFETIME);
 		   
 		   /* start with no upstream connections. */
 		   for (s = daemon->servers; s; s = s->next)
@@ -665,20 +689,9 @@ static void check_dns_listeners(struct daemon *daemon, fd_set *set, time_t now)
 		     fcntl(confd, F_SETFL, flags & ~O_NONBLOCK);
 		   
 		   if (listener->family == AF_INET)
-		     {
-		       if (daemon->options & OPT_NOWILD)
-			 {
-			   netmask = listener->iface->netmask;
-			   dst_addr_4 = listener->iface->addr.in.sin_addr;
-			 }
-		       else
-			 /* netmask already set by enumerate_interfaces */
-			 dst_addr_4 = tcp_addr.in.sin_addr;
-		     }
-		   else
-		     dst_addr_4.s_addr = 0;
+		     dst_addr_4 = iface->addr.in.sin_addr;
 		   
-		   buff = tcp_request(daemon, confd, now, dst_addr_4, netmask);
+		   buff = tcp_request(daemon, confd, now, dst_addr_4, iface->netmask);
 		   
 		   if (!(daemon->options & OPT_DEBUG))
 		     exit(0);
@@ -695,21 +708,35 @@ static void check_dns_listeners(struct daemon *daemon, fd_set *set, time_t now)
      }
 }
 
+int make_icmp_sock(void)
+{
+  int fd, flags;
+  int zeroopt = 0;
+
+  if ((fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1)
+    {
+      if ((flags = fcntl(fd, F_GETFL, 0)) == -1 ||
+	  fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1 ||
+	  setsockopt(fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1)
+	{
+	  close(fd);
+	  fd = -1;
+	}
+    }
+
+  return fd;
+}
+
 int icmp_ping(struct daemon *daemon, struct in_addr addr)
 {
-  /* Try and get an ICMP echo from a machine.
-     Note that we can't create the raw socket each time
-     we do this, since that needs root. Therefore the socket has to hang
-     around all the time. Since most of the time we won't read the 
-     socket, it will accumulate buffers full of ICMP messages,
-     wasting memory. To avoid that we set the receive buffer
-     length to zero except when we're actively pinging. */
+  /* Try and get an ICMP echo from a machine. */
 
   /* Note that whilst in the three second wait, we check for 
      (and service) events on the DNS sockets, (so doing that
      better not use any resources our caller has in use...)
      but we remain deaf to signals or further DHCP packets. */
 
+  int fd;
   struct sockaddr_in saddr;
   struct { 
     struct ip ip;
@@ -717,9 +744,18 @@ int icmp_ping(struct daemon *daemon, struct in_addr addr)
   } packet;
   unsigned short id = rand16();
   unsigned int i, j;
-  int opt = 2000, gotreply = 0;
+  int gotreply = 0;
   time_t start, now;
-  
+
+#ifdef HAVE_LINUX_NETWORK
+  if ((fd = make_icmp_sock()) == -1)
+    return 0;
+#else
+  int opt = 2000;
+  fd = daemon->dhcp_icmp_fd;
+  setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
+#endif
+
   saddr.sin_family = AF_INET;
   saddr.sin_port = 0;
   saddr.sin_addr = addr;
@@ -736,13 +772,12 @@ int icmp_ping(struct daemon *daemon, struct in_addr addr)
     j = (j & 0xffff) + (j >> 16);  
   packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j;
   
-  setsockopt(daemon->dhcp_icmp_fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
-
-  while (sendto(daemon->dhcp_icmp_fd, (char *)&packet.icmp, sizeof(struct icmp), 0, 
+  while (sendto(fd, (char *)&packet.icmp, sizeof(struct icmp), 0, 
 		(struct sockaddr *)&saddr, sizeof(saddr)) == -1 &&
 	 retry_send());
   
-  for (now = start = dnsmasq_time(daemon->uptime_fd); difftime(now, start) < 3.0;)
+  for (now = start = dnsmasq_time(); 
+       difftime(now, start) < (float)PING_WAIT;)
     {
       struct timeval tv;
       fd_set rset;
@@ -754,17 +789,17 @@ int icmp_ping(struct daemon *daemon, struct in_addr addr)
       tv.tv_sec = 0; 
       
       FD_ZERO(&rset);
-      FD_SET(daemon->dhcp_icmp_fd, &rset);
-      maxfd = set_dns_listeners(daemon, &rset, daemon->dhcp_icmp_fd);
+      FD_SET(fd, &rset);
+      maxfd = set_dns_listeners(daemon, &rset, fd);
 		
       if (select(maxfd+1, &rset, NULL, NULL, &tv) < 0)
 	FD_ZERO(&rset);
       
-      now = dnsmasq_time(daemon->uptime_fd);
+      now = dnsmasq_time();
       check_dns_listeners(daemon, &rset, now);
       
-      if (FD_ISSET(daemon->dhcp_icmp_fd, &rset) &&
-	  recvfrom(daemon->dhcp_icmp_fd, &packet, sizeof(packet), 0,
+      if (FD_ISSET(fd, &rset) &&
+	  recvfrom(fd, &packet, sizeof(packet), 0,
 		   (struct sockaddr *)&faddr, &len) == sizeof(packet) &&
 	  saddr.sin_addr.s_addr == faddr.sin_addr.s_addr &&
 	  packet.icmp.icmp_type == ICMP_ECHOREPLY &&
@@ -776,9 +811,13 @@ int icmp_ping(struct daemon *daemon, struct in_addr addr)
 	}
     }
   
+#ifdef HAVE_LINUX_NETWORK
+  close(fd);
+#else
   opt = 1;
-  setsockopt(daemon->dhcp_icmp_fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
-  
+  setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt));
+#endif
+
   return gotreply;
 }
 

src/dnsmasq.h

@@ -10,17 +10,8 @@
    GNU General Public License for more details.
 */
 
-/* Author's email: simon@thekelleys.org.uk */
+#define COPYRIGHT "Copyright (C) 2000-2006 Simon Kelley" 
 
-#define COPYRIGHT "Copyright (C) 2000-2005 Simon Kelley" 
-
-#ifdef __linux__
-/* for pselect.... */
-#  define _XOPEN_SOURCE 600 
-/* but then DNS headers don't compile without.... */
-#define _BSD_SOURCE
-#endif
- 
 /* get these before config.h  for IPv6 stuff... */
 #include <sys/types.h> 
 #include <netinet/in.h>
@@ -53,9 +44,6 @@
 #include <sys/ioctl.h>
 #include <sys/select.h>
 #include <sys/wait.h>
-#if defined(__sun) || defined(__sun__)
-#  include <sys/sockio.h>
-#endif
 #include <sys/time.h>
 #include <limits.h>
 #include <net/if.h>
@@ -80,25 +68,25 @@
 #include <netinet/in_systm.h>
 #include <netinet/ip.h>
 #include <netinet/ip_icmp.h>
-#ifdef HAVE_BPF
-#  include <net/bpf.h>
-#  include <net/if_dl.h>
-#else
-#  include <netpacket/packet.h>
-#endif
 #include <sys/uio.h>
+#ifndef HAVE_LINUX_NETWORK
+#  include <net/if_dl.h>
+#endif
+
+#ifdef HAVE_LINUX_NETWORK
+#include <linux/capability.h>
+/* There doesn't seem to be a universally-available 
+   userpace header for this. */
+extern int capset(cap_user_header_t header, cap_user_data_t data);
+#include <sys/prctl.h>
+#endif
 
 /* Min buffer size: we check after adding each record, so there must be 
    memory for the largest packet, and the largest record so the
    min for DNS is PACKETSZ+MAXDNAME+RRFIXEDSZ which is < 1000.
    This might be increased is EDNS packet size if greater than the minimum.
-   The buffer is also used for NETLINK, which needs to be about 2000
-   on systems with many interfaces/addresses. */
-#ifdef HAVE_RTNETLINK
-# define DNSMASQ_PACKETSZ PACKETSZ+MAXDNAME+RRFIXEDSZ
-#else
-# define DNSMASQ_PACKETSZ 2000
-#endif
+*/
+#define DNSMASQ_PACKETSZ PACKETSZ+MAXDNAME+RRFIXEDSZ
 
 #define OPT_BOGUSPRIV      1
 #define OPT_FILTER         2
@@ -121,6 +109,7 @@
 #define OPT_LOCALISE       262144
 #define OPT_DBUS           524288
 #define OPT_BOOTP_DYNAMIC  1048576
+#define OPT_NO_PING        2097152
 
 struct all_addr {
   union {
@@ -197,7 +186,7 @@ struct crec {
 #define F_NOERR     32768
 
 /* struct sockaddr is not large enough to hold any address,
-   and specifically not big enough to hold and IPv6 address.
+   and specifically not big enough to hold an IPv6 address.
    Blech. Roll our own. */
 union mysockaddr {
   struct sockaddr sa;
@@ -278,7 +267,7 @@ struct resolvc {
 struct hostsfile {
   struct hostsfile *next;
   char *fname;
-  int index; /* matches to cache entries fro logging */
+  int index; /* matches to cache entries for logging */
 };
 
 struct frec {
@@ -293,13 +282,19 @@ struct frec {
   struct frec *next;
 };
 
+#define DHCP_CHADDR_MAX 16
+
 struct dhcp_lease {
   int clid_len;          /* length of client identifier */
   unsigned char *clid;   /* clientid */
   char *hostname, *fqdn; /* name from client-hostname option or config */
   int auth_name;         /* hostname came from config, not from client */
   time_t expires;        /* lease expiry */
-  unsigned char hwaddr[ETHER_ADDR_LEN]; 
+#ifdef HAVE_BROKEN_RTC
+  unsigned int length;
+#endif
+  int hwaddr_len, hwaddr_type;
+  unsigned char hwaddr[DHCP_CHADDR_MAX]; 
   struct in_addr addr;
   struct dhcp_lease *next;
 };
@@ -317,7 +312,8 @@ struct dhcp_config {
   unsigned int flags;
   int clid_len;          /* length of client identifier */
   unsigned char *clid;   /* clientid */
-  unsigned char hwaddr[ETHER_ADDR_LEN]; 
+  int hwaddr_len, hwaddr_type;
+  unsigned char hwaddr[DHCP_CHADDR_MAX]; 
   char *hostname;
   struct dhcp_netid netid;
   struct in_addr addr;
@@ -335,12 +331,15 @@ struct dhcp_config {
 #define CONFIG_NOCLID          128
 
 struct dhcp_opt {
-  int opt, len, is_addr;
+  int opt, len, flags;
   unsigned char *val, *vendor_class;
   struct dhcp_netid *netid;
   struct dhcp_opt *next;
 };
 
+#define DHOPT_ADDR               1
+#define DHOPT_STRING             2
+
 struct dhcp_boot {
   char *file, *sname;
   struct in_addr next_server;
@@ -355,20 +354,27 @@ struct dhcp_vendor {
   struct dhcp_vendor *next;
 };
 
+struct dhcp_mac {
+  unsigned int mask;
+  int hwaddr_len, hwaddr_type;
+  unsigned char hwaddr[DHCP_CHADDR_MAX];
+  struct dhcp_netid netid;
+  struct dhcp_mac *next;
+};
+
 struct dhcp_context {
   unsigned int lease_time, addr_epoch;
   struct in_addr netmask, broadcast;
   struct in_addr local, router;
   struct in_addr start, end; /* range of available addresses */
   int flags;
-  struct dhcp_netid netid;
+  struct dhcp_netid netid, *filter;
   struct dhcp_context *next, *current;
 };
 
 #define CONTEXT_STATIC    1
-#define CONTEXT_FILTER    2
-#define CONTEXT_NETMASK   4
-#define CONTEXT_BRDCAST   8
+#define CONTEXT_NETMASK   2
+#define CONTEXT_BRDCAST   4
 
 
 typedef unsigned char u8;
@@ -376,22 +382,13 @@ typedef unsigned short u16;
 typedef unsigned int u32;
 
 
-struct udp_dhcp_packet {
-        struct ip ip;
-        struct udphdr {
-	  u16 uh_sport;               /* source port */
-	  u16 uh_dport;               /* destination port */
-	  u16 uh_ulen;                /* udp length */
-	  u16 uh_sum;                 /* udp checksum */
-	} udp;
-        struct dhcp_packet {
-	  u8 op, htype, hlen, hops;
-	  u32 xid;
-	  u16 secs, flags;
-	  struct in_addr ciaddr, yiaddr, siaddr, giaddr;
-	  u8 chaddr[16], sname[64], file[128];
-	  u8 options[312];
-	} data;
+struct dhcp_packet {
+  u8 op, htype, hlen, hops;
+  u32 xid;
+  u16 secs, flags;
+  struct in_addr ciaddr, yiaddr, siaddr, giaddr;
+  u8 chaddr[DHCP_CHADDR_MAX], sname[64], file[128];
+  u8 options[312];
 };
 
 struct ping_result {
@@ -425,6 +422,7 @@ struct daemon {
   struct dhcp_config *dhcp_conf;
   struct dhcp_opt *dhcp_opts, *vendor_opts;
   struct dhcp_vendor *dhcp_vendors;
+  struct dhcp_mac *dhcp_macs;
   struct dhcp_boot *boot_config;
   struct dhcp_netid_list *dhcp_ignore;
   int dhcp_max; 
@@ -440,16 +438,21 @@ struct daemon {
   struct irec *interfaces;
   struct listener *listeners;
   struct server *last_server;
-  int uptime_fd;
+  struct server *srv_save; /* Used for resend on DoD */
+  size_t packet_len;       /*      "        "        */
+  int num_kids;
   
   /* DHCP state */
-  int dhcpfd, dhcp_raw_fd, dhcp_icmp_fd, lease_fd;
-#ifdef HAVE_RTNETLINK
+  int dhcpfd; 
+#ifdef HAVE_LINUX_NETWORK
   int netlinkfd;
+#else
+  int dhcp_raw_fd, dhcp_icmp_fd;
 #endif
-  struct udp_dhcp_packet *dhcp_packet;
+  struct iovec dhcp_packet;
   char *dhcp_buff, *dhcp_buff2;
   struct ping_result *ping_results;
+  FILE *lease_stream;
 
   /* DBus stuff */
 #ifdef HAVE_DBUS
@@ -476,27 +479,27 @@ struct crec *cache_insert(char *name, struct all_addr *addr,
 void cache_reload(int opts, char *buff, char *domain_suffix, struct hostsfile  *addn_hosts);
 void cache_add_dhcp_entry(struct daemon *daemon, char *host_name, struct in_addr *host_address, time_t ttd);
 void cache_unhash_dhcp(void);
-void dump_cache(struct daemon *daemon);
+void dump_cache(struct daemon *daemon, time_t now);
 char *cache_get_name(struct crec *crecp);
 
 /* rfc1035.c */
-unsigned short extract_request(HEADER *header, unsigned int qlen, 
+unsigned short extract_request(HEADER *header, size_t qlen, 
 			       char *name, unsigned short *typep);
-int setup_reply(HEADER *header, unsigned int qlen,
-		struct all_addr *addrp, unsigned short flags,
-		unsigned long local_ttl);
-void extract_addresses(HEADER *header, unsigned int qlen, char *namebuff, 
+size_t setup_reply(HEADER *header, size_t  qlen,
+		   struct all_addr *addrp, unsigned short flags,
+		   unsigned long local_ttl);
+void extract_addresses(HEADER *header, size_t qlen, char *namebuff, 
 		       time_t now, struct daemon *daemon);
-int answer_request(HEADER *header, char *limit, unsigned int qlen, struct daemon *daemon, 
+size_t answer_request(HEADER *header, char *limit, size_t qlen, struct daemon *daemon, 
 		   struct in_addr local_addr, struct in_addr local_netmask, time_t now);
-int check_for_bogus_wildcard(HEADER *header, unsigned int qlen, char *name, 
+int check_for_bogus_wildcard(HEADER *header, size_t qlen, char *name, 
 			     struct bogus_addr *addr, time_t now);
-unsigned char *find_pseudoheader(HEADER *header, unsigned int plen,
-				 unsigned int *len, unsigned char **p);
+unsigned char *find_pseudoheader(HEADER *header, size_t plen,
+				 size_t *len, unsigned char **p);
 int check_for_local_domain(char *name, time_t now, struct daemon *daemon);
-unsigned int questions_crc(HEADER *header, unsigned int plen, char *buff);
-int resize_packet(HEADER *header, unsigned int plen, 
-		  unsigned char *pheader, unsigned int hlen);
+unsigned int questions_crc(HEADER *header, size_t plen, char *buff);
+size_t resize_packet(HEADER *header, size_t plen, 
+		  unsigned char *pheader, size_t hlen);
 
 /* util.c */
 unsigned short rand16(void);
@@ -509,14 +512,16 @@ void *safe_malloc(size_t size);
 int sa_len(union mysockaddr *addr);
 int sockaddr_isequal(union mysockaddr *s1, union mysockaddr *s2);
 int hostname_isequal(char *a, char *b);
-time_t dnsmasq_time(int fd);
+time_t dnsmasq_time(void);
 int is_same_net(struct in_addr a, struct in_addr b, struct in_addr mask);
 int retry_send(void);
 void prettyprint_time(char *buf, unsigned int t);
 int prettyprint_addr(union mysockaddr *addr, char *buf);
 int parse_hex(char *in, unsigned char *out, int maxlen, 
-	      unsigned int *wildcard_mask);
-
+	      unsigned int *wildcard_mask, int *mac_type);
+int memcmp_masked(unsigned char *a, unsigned char *b, int len, 
+		  unsigned int mask);
+int expand_buf(struct iovec *iov, size_t size);
 /* option.c */
 struct daemon *read_opts (int argc, char **argv, char *compile_opts);
 
@@ -531,10 +536,11 @@ unsigned char *tcp_request(struct daemon *daemon, int confd, time_t now,
 struct serverfd *allocate_sfd(union mysockaddr *addr, struct serverfd **sfds);
 void reload_servers(char *fname, struct daemon *daemon);
 void check_servers(struct daemon *daemon);
-int enumerate_interfaces(struct daemon *daemon, struct irec **chainp,
-			 union mysockaddr *test_addrp, struct in_addr *netmaskp);
+int enumerate_interfaces(struct daemon *daemon);
 struct listener *create_wildcard_listeners(int port);
-struct listener *create_bound_listeners(struct irec *interfaces, int port);
+struct listener *create_bound_listeners(struct daemon *daemon);
+int iface_check(struct daemon *daemon, int family, 
+		struct all_addr *addr, char *name);
 
 /* dhcp.c */
 void dhcp_init(struct daemon *daemon);
@@ -542,47 +548,45 @@ void dhcp_packet(struct daemon *daemon, time_t now);
 
 struct dhcp_context *address_available(struct dhcp_context *context, struct in_addr addr);
 struct dhcp_context *narrow_context(struct dhcp_context *context, struct in_addr taddr);
-int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool);
+int match_netid(struct dhcp_netid *check, struct dhcp_netid *pool, int negonly);
 int address_allocate(struct dhcp_context *context, struct daemon *daemon,
-		     struct in_addr *addrp, unsigned char *hwaddr,
+		     struct in_addr *addrp, unsigned char *hwaddr, int hw_len,
 		     struct dhcp_netid *netids, time_t now);
 struct dhcp_config *find_config(struct dhcp_config *configs,
 				struct dhcp_context *context,
 				unsigned char *clid, int clid_len,
-				unsigned char *hwaddr, char *hostname);
+				unsigned char *hwaddr, int hw_len, 
+				int hw_type, char *hostname);
 void dhcp_update_configs(struct dhcp_config *configs);
 void dhcp_read_ethers(struct daemon *daemon);
 struct dhcp_config *config_find_by_address(struct dhcp_config *configs, struct in_addr addr);
 char *strip_hostname(struct daemon *daemon, char *hostname);
 char *host_from_dns(struct daemon *daemon, struct in_addr addr);
-struct dhcp_context *complete_context(struct daemon *daemon, struct in_addr local, 
-				      struct dhcp_context *current, struct in_addr netmask, 
-				      struct in_addr broadcast, struct in_addr relay,
-				      struct in_addr primary);
 
 /* lease.c */
-void lease_update_file(int force, time_t now);
+void lease_update_file(struct daemon *daemon);
 void lease_update_dns(struct daemon *daemon);
 void lease_init(struct daemon *daemon, time_t now);
 struct dhcp_lease *lease_allocate(unsigned char *hwaddr, unsigned char *clid,
-				  int clid_len, struct in_addr addr);
+				  int hw_len, int hw_type, int clid_len, struct in_addr addr);
 int lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr,
-		      unsigned char *clid, int clid_len);
+		      unsigned char *clid, int hw_len, int hw_type, int clid_len);
 void lease_set_hostname(struct dhcp_lease *lease, char *name, 
 			char *suffix, int auth);
-void lease_set_expires(struct dhcp_lease *lease, time_t exp);
-struct dhcp_lease *lease_find_by_client(unsigned char *hwaddr,
+void lease_set_expires(struct dhcp_lease *lease, unsigned int len, time_t now);
+struct dhcp_lease *lease_find_by_client(unsigned char *hwaddr, int hw_len, int hw_type,  
 					unsigned char *clid, int clid_len);
 struct dhcp_lease *lease_find_by_addr(struct in_addr addr);
 void lease_prune(struct dhcp_lease *target, time_t now);
 void lease_update_from_configs(struct daemon *daemon);
 
 /* rfc2131.c */
-int dhcp_reply(struct daemon *daemon, struct dhcp_context *context, char *iface_name, unsigned int sz, time_t now, int unicast_dest);
+size_t dhcp_reply(struct daemon *daemon, struct dhcp_context *context, char *iface_name, size_t sz, time_t now, int unicast_dest);
 
 /* dnsmasq.c */
+int make_icmp_sock(void);
 int icmp_ping(struct daemon *daemon, struct in_addr addr);
-void clear_cache_and_reload(struct daemon *daemon, time_t now);
+void clear_cache_and_reload(struct daemon *daemon);
 
 /* isc.c */
 #ifdef HAVE_ISC_READER
@@ -590,11 +594,22 @@ void load_dhcp(struct daemon *daemon, time_t now);
 #endif
 
 /* netlink.c */
-#ifdef HAVE_RTNETLINK
-int netlink_init(void);
-int netlink_process(struct daemon *daemon, int index, 
-		    struct in_addr relay, struct in_addr primary,
-		    struct dhcp_context **retp);
+#ifdef HAVE_LINUX_NETWORK
+void netlink_init(struct daemon *daemon);
+int iface_enumerate(struct daemon *daemon, void *parm,
+		    int (*ipv4_callback)(), int (*ipv6_callback)());
+void netlink_multicast(struct daemon *daemon);
+void arp_inject(int fd, struct in_addr addr, 
+		int iface, unsigned char *mac, unsigned int mac_len);
+#endif
+
+/* bpf.c */
+#ifndef HAVE_LINUX_NETWORK
+void init_bpf(struct daemon *daemon);
+void send_via_bpf(struct daemon *daemon, struct dhcp_packet *mess, size_t len,
+		  struct in_addr iface_addr, struct ifreq *ifr);
+int iface_enumerate(struct daemon *daemon, void *parm,
+		    int (*ipv4_callback)(), int (*ipv6_callback)());
 #endif
 
 /* dbus.c */

src/forward.c

@@ -10,8 +10,6 @@
    GNU General Public License for more details.
 */
 
-/* Author's email: simon@thekelleys.org.uk */
-
 #include "dnsmasq.h"
 
 static struct frec *frec_list;
@@ -36,7 +34,7 @@ void forward_init(int first)
 
 /* Send a UDP packet with it's source address set as "source" 
    unless nowild is true, when we just send it with the kernel default */
-static void send_from(int fd, int nowild, char *packet, int len, 
+static void send_from(int fd, int nowild, char *packet, size_t len, 
 		      union mysockaddr *to, struct all_addr *source,
 		      unsigned int iface)
 {
@@ -44,7 +42,7 @@ static void send_from(int fd, int nowild, char *packet, int len,
   struct iovec iov[1]; 
   union {
     struct cmsghdr align; /* this ensures alignment */
-#if defined(IP_PKTINFO)
+#if defined(HAVE_LINUX_NETWORK)
     char control[CMSG_SPACE(sizeof(struct in_pktinfo))];
 #elif defined(IP_SENDSRCADDR)
     char control[CMSG_SPACE(sizeof(struct in_addr))];
@@ -74,7 +72,7 @@ static void send_from(int fd, int nowild, char *packet, int len,
 
       if (to->sa.sa_family == AF_INET)
 	{
-#if defined(IP_PKTINFO)
+#if defined(HAVE_LINUX_NETWORK)
 	  struct in_pktinfo *pkt = (struct in_pktinfo *)CMSG_DATA(cmptr);
 	  pkt->ipi_ifindex = 0;
 	  pkt->ipi_spec_dst = source->addr.addr4;
@@ -164,7 +162,7 @@ static unsigned short search_servers(struct daemon *daemon, time_t now, struct a
 	if (namelen >= domainlen &&
 	    hostname_isequal(matchstart, serv->domain) &&
 	    domainlen >= matchlen &&
-	    (namelen == domainlen || *(serv->domain) == '.' || *(matchstart-1) == '.' ))
+	    (domainlen == 0 || namelen == domainlen || *(serv->domain) == '.' || *(matchstart-1) == '.' ))
 	  {
 	    unsigned short sflag = serv->addr.sa.sa_family == AF_INET ? F_IPV4 : F_IPV6;
 	    *type = SERV_HAS_DOMAIN;
@@ -212,14 +210,14 @@ static unsigned short search_servers(struct daemon *daemon, time_t now, struct a
 /* returns new last_server */	
 static void forward_query(struct daemon *daemon, int udpfd, union mysockaddr *udpaddr,
 			  struct all_addr *dst_addr, unsigned int dst_iface,
-			  HEADER *header, int plen, time_t now, struct frec *forward)
+			  HEADER *header, size_t plen, time_t now, struct frec *forward)
 {
   char *domain = NULL;
   int type = 0;
   struct all_addr *addrp = NULL;
-  unsigned int crc = questions_crc(header, (unsigned int)plen, daemon->namebuff);
+  unsigned int crc = questions_crc(header, plen, daemon->namebuff);
   unsigned short flags = 0;
-  unsigned short gotname = extract_request(header, (unsigned int)plen, daemon->namebuff, NULL);
+  unsigned short gotname = extract_request(header, plen, daemon->namebuff, NULL);
   struct server *start = NULL;
     
   /* may be no servers available. */
@@ -302,6 +300,10 @@ static void forward_query(struct daemon *daemon, int udpfd, union mysockaddr *ud
 		}
 	      else
 		{
+		  /* Keep info in case we want to re-send this packet */
+		  daemon->srv_save = start;
+		  daemon->packet_len = plen;
+		  
 		  if (!gotname)
 		    strcpy(daemon->namebuff, "query");
 		  if (start->addr.sa.sa_family == AF_INET)
@@ -340,19 +342,20 @@ static void forward_query(struct daemon *daemon, int udpfd, union mysockaddr *ud
   /* could not send on, return empty answer or address if known for whole domain */
   if (udpfd != -1)
     {
-      plen = setup_reply(header, (unsigned int)plen, addrp, flags, daemon->local_ttl);
+      plen = setup_reply(header, plen, addrp, flags, daemon->local_ttl);
       send_from(udpfd, daemon->options & OPT_NOWILD, (char *)header, plen, udpaddr, dst_addr, dst_iface);
     }
 
   return;
 }
 
-static int process_reply(struct daemon *daemon, HEADER *header, time_t now, 
-			 unsigned int query_crc, struct server *server, unsigned int n)
+static size_t process_reply(struct daemon *daemon, HEADER *header, time_t now, 
+			    unsigned int query_crc, struct server *server, size_t n)
 {
   unsigned char *pheader, *sizep;
-  unsigned int plen, munged = 0;
-   
+  int munged = 0;
+  size_t plen; 
+
   /* If upstream is advertising a larger UDP packet size
 	 than we allow, trim it so that we don't get overlarge
 	 requests for the client. */
@@ -433,13 +436,17 @@ void reply_query(struct serverfd *sfd, struct daemon *daemon, time_t now)
   HEADER *header;
   union mysockaddr serveraddr;
   socklen_t addrlen = sizeof(serveraddr);
-  int n = recvfrom(sfd->fd, daemon->packet, daemon->edns_pktsz, 0, &serveraddr.sa, &addrlen);
-  
+  ssize_t n = recvfrom(sfd->fd, daemon->packet, daemon->edns_pktsz, 0, &serveraddr.sa, &addrlen);
+  size_t nn;
+
+  /* packet buffer overwritten */
+  daemon->srv_save = NULL;
+
   /* Determine the address of the server replying  so that we can mark that as good */
   serveraddr.sa.sa_family = sfd->source_addr.sa.sa_family;
 #ifdef HAVE_IPV6
   if (serveraddr.sa.sa_family == AF_INET6)
-    serveraddr.in6.sin6_flowinfo = htonl(0);
+    serveraddr.in6.sin6_flowinfo = 0;
 #endif
   
   header = (HEADER *)daemon->packet;
@@ -453,14 +460,14 @@ void reply_query(struct serverfd *sfd, struct daemon *daemon, time_t now)
 	 /* for broken servers, attempt to send to another one. */
 	 {
 	   unsigned char *pheader;
-	   unsigned int plen;
-	   int nn;
+	   size_t plen;
+	   
 	   /* recreate query from reply */
-	   pheader = find_pseudoheader(header, n, &plen, NULL);
+	   pheader = find_pseudoheader(header, (size_t)n, &plen, NULL);
 	   header->ancount = htons(0);
 	   header->nscount = htons(0);
 	   header->arcount = htons(0);
-	   if ((nn = resize_packet(header, n, pheader, plen)))
+	   if ((nn = resize_packet(header, (size_t)n, pheader, plen)))
 	     {
 	       forward->forwardall = 1;
 	       header->qr = 0;
@@ -496,11 +503,11 @@ void reply_query(struct serverfd *sfd, struct daemon *daemon, time_t now)
       if (forward->forwardall == 0 || --forward->forwardall == 1 || 
 	  (header->rcode != REFUSED && header->rcode != SERVFAIL))
 	{
-	  if ((n = process_reply(daemon, header, now, forward->crc, server, (unsigned int)n)))
+	  if ((nn = process_reply(daemon, header, now, forward->crc, server, (size_t)n)))
 	    {
 	      header->id = htons(forward->orig_id);
 	      header->ra = 1; /* recursion if available */
-	      send_from(forward->fd, daemon->options & OPT_NOWILD, daemon->packet, n, 
+	      send_from(forward->fd, daemon->options & OPT_NOWILD, daemon->packet, nn, 
 			&forward->source, &forward->dest, forward->iface);
 	    }
 	  forward->new_id = 0; /* cancel */
@@ -513,10 +520,11 @@ void receive_query(struct listener *listen, struct daemon *daemon, time_t now)
   HEADER *header = (HEADER *)daemon->packet;
   union mysockaddr source_addr;
   unsigned short type;
-  struct iname *tmp;
   struct all_addr dst_addr;
   struct in_addr netmask, dst_addr_4;
-  int m, n, if_index = 0;
+  size_t m;
+  ssize_t n;
+  int if_index = 0;
   struct iovec iov[1];
   struct msghdr msg;
   struct cmsghdr *cmptr;
@@ -525,7 +533,7 @@ void receive_query(struct listener *listen, struct daemon *daemon, time_t now)
 #ifdef HAVE_IPV6
     char control6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
 #endif
-#if defined(IP_PKTINFO)
+#if defined(HAVE_LINUX_NETWORK)
     char control[CMSG_SPACE(sizeof(struct in_pktinfo))];
 #elif defined(IP_RECVDSTADDR)
     char control[CMSG_SPACE(sizeof(struct in_addr)) +
@@ -533,6 +541,9 @@ void receive_query(struct listener *listen, struct daemon *daemon, time_t now)
 #endif
   } control_u;
   
+  /* packet buffer overwritten */
+  daemon->srv_save = NULL;
+  
   if (listen->family == AF_INET && (daemon->options & OPT_NOWILD))
     {
       dst_addr_4 = listen->iface->addr.in.sin_addr;
@@ -558,13 +569,15 @@ void receive_query(struct listener *listen, struct daemon *daemon, time_t now)
   if ((n = recvmsg(listen->fd, &msg, 0)) == -1)
     return;
   
-  if (n < (int)sizeof(HEADER) || header->qr)
+  if (n < (int)sizeof(HEADER) || 
+      (msg.msg_flags & MSG_TRUNC) ||
+      header->qr)
     return;
   
   source_addr.sa.sa_family = listen->family;
 #ifdef HAVE_IPV6
   if (listen->family == AF_INET6)
-    source_addr.in6.sin6_flowinfo = htonl(0);
+    source_addr.in6.sin6_flowinfo = 0;
 #endif
   
   if (!(daemon->options & OPT_NOWILD))
@@ -574,7 +587,7 @@ void receive_query(struct listener *listen, struct daemon *daemon, time_t now)
       if (msg.msg_controllen < sizeof(struct cmsghdr))
 	return;
 
-#if defined(IP_PKTINFO)
+#if defined(HAVE_LINUX_NETWORK)
       if (listen->family == AF_INET)
 	for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
 	  if (cmptr->cmsg_level == SOL_IP && cmptr->cmsg_type == IP_PKTINFO)
@@ -629,36 +642,11 @@ void receive_query(struct listener *listen, struct daemon *daemon, time_t now)
 	  netmask = ((struct sockaddr_in *) &ifr.ifr_addr)->sin_addr;
 	}
 
-      for (tmp = daemon->if_except; tmp; tmp = tmp->next)
-	if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
-	  return;
-      
-      if (daemon->if_names || daemon->if_addrs)
-	{
-	  for (tmp = daemon->if_names; tmp; tmp = tmp->next)
-	    if (tmp->name && (strcmp(tmp->name, ifr.ifr_name) == 0))
-	      break;
-	  if (!tmp)
-	    for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
-	      if (tmp->addr.sa.sa_family == listen->family)
-		{
-		  if (tmp->addr.sa.sa_family == AF_INET &&
-		      tmp->addr.in.sin_addr.s_addr == dst_addr.addr.addr4.s_addr)
-		    break;
-#ifdef HAVE_IPV6
-		  else if (tmp->addr.sa.sa_family == AF_INET6 &&
-			   memcmp(&tmp->addr.in6.sin6_addr, 
-				  &dst_addr.addr.addr6, 
-				  sizeof(struct in6_addr)) == 0)
-		    break;
-#endif
-		}
-	  if (!tmp)
-	    return; 
-	}
+      if (!iface_check(daemon, listen->family, &dst_addr, ifr.ifr_name))
+	return;
     }
   
-  if (extract_request(header, (unsigned int)n, daemon->namebuff, &type))
+  if (extract_request(header, (size_t)n, daemon->namebuff, &type))
     {
       if (listen->family == AF_INET) 
 	log_query(F_QUERY | F_IPV4 | F_FORWARD, daemon->namebuff, 
@@ -670,18 +658,18 @@ void receive_query(struct listener *listen, struct daemon *daemon, time_t now)
 #endif
     }
 
-  m = answer_request (header, ((char *) header) + PACKETSZ, (unsigned int)n, daemon, 
+  m = answer_request (header, ((char *) header) + PACKETSZ, (size_t)n, daemon, 
 		      dst_addr_4, netmask, now);
   if (m >= 1)
     send_from(listen->fd, daemon->options & OPT_NOWILD, (char *)header, m, &source_addr, &dst_addr, if_index);
   else
     forward_query(daemon, listen->fd, &source_addr, &dst_addr, if_index,
-		  header, n, now, NULL);
+		  header, (size_t)n, now, NULL);
 }
 
 static int read_write(int fd, unsigned char *packet, int size, int rw)
 {
-  int n, done;
+  ssize_t n, done;
   
   for (done = 0; done < size; done += n)
     {
@@ -695,7 +683,7 @@ static int read_write(int fd, unsigned char *packet, int size, int rw)
 	return 0;
       else if (n == -1)
 	{
-	  if (retry_send())
+	  if (errno == EINTR)
 	    goto retry;
 	  else
 	    return 0;
@@ -711,7 +699,8 @@ static int read_write(int fd, unsigned char *packet, int size, int rw)
 unsigned char *tcp_request(struct daemon *daemon, int confd, time_t now,
 			   struct in_addr local_addr, struct in_addr netmask)
 {
-  int size = 0, m;
+  int size = 0;
+  size_t m;
   unsigned short qtype, gotname;
   unsigned char c1, c2;
   /* Max TCP packet + slop */
@@ -905,6 +894,7 @@ static struct frec *get_new_frec(time_t now)
     {
       f->next = frec_list;
       f->time = now;
+      f->new_id = 0;
       frec_list = f;
     }
   return f; /* OK if malloc fails and this is NULL */

src/isc.c

@@ -17,6 +17,8 @@
 
 #ifdef HAVE_ISC_READER
 
+#define MAXTOK 50
+
 struct isc_lease {
   char *name, *fqdn;
   time_t expires;

src/lease.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2005 Simon Kelley
+/* dnsmasq is Copyright (c) 2000-2006 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -10,82 +10,79 @@
    GNU General Public License for more details.
 */
 
-/* Author's email: simon@thekelleys.org.uk */
-
 #include "dnsmasq.h"
 
 static struct dhcp_lease *leases;
-static FILE *lease_file;
-static int dns_dirty;
-enum { no, yes, force } file_dirty;
-static int leases_left;
+static int dns_dirty, file_dirty, leases_left;
 
 void lease_init(struct daemon *daemon, time_t now)
 {
   unsigned int a0, a1, a2, a3;
   unsigned long ei;
-  time_t expires;
-  unsigned char hwaddr[ETHER_ADDR_LEN];
+  unsigned char hwaddr[DHCP_CHADDR_MAX];
   struct in_addr addr;
   struct dhcp_lease *lease;
-  int clid_len = 0;
-  int has_old = 0;
-
+  int clid_len = 0, hw_len, hw_type;
+  
+  dns_dirty = 1;
+  file_dirty = 0;
   leases = NULL;
   leases_left = daemon->dhcp_max;
 
   /* NOTE: need a+ mode to create file if it doesn't exist */
-  if (!(lease_file = fopen(daemon->lease_file, "a+")))
+  if (!(daemon->lease_stream = fopen(daemon->lease_file, "a+")))
     die(_("cannot open or create leases file: %s"), NULL);
     
   /* a+ mode lease pointer at end. */
-  rewind(lease_file);
+  rewind(daemon->lease_stream);
 
   /* client-id max length is 255 which is 255*2 digits + 254 colons 
      borrow DNS packet buffer which is always larger than 1000 bytes */
-  while (fscanf(lease_file, "%lu %40s %d.%d.%d.%d %255s %764s",
+  while (fscanf(daemon->lease_stream, "%lu %255s %d.%d.%d.%d %255s %764s",
 		&ei, daemon->dhcp_buff2, &a0, &a1, &a2, &a3, 
 		daemon->dhcp_buff, daemon->packet) == 8)
     {
-#ifdef HAVE_BROKEN_RTC
-      if (ei)
-	expires = (time_t)ei + now;
-      else
-	expires = (time_t)0;
-#else 
+#ifndef HAVE_BROKEN_RTC
       /* strictly time_t is opaque, but this hack should work on all sane systems,
 	 even when sizeof(time_t) == 8 */
-      expires = (time_t)ei;
+      time_t expires = (time_t)ei;
       
       if (ei != 0  && difftime(now, expires) > 0)
 	{
-	  has_old = 1;
+	  file_dirty = 1;
 	  continue; /* expired */
 	}
 #endif
 
-      parse_hex(daemon->dhcp_buff2, hwaddr, ETHER_ADDR_LEN, NULL);
+      hw_len = parse_hex(daemon->dhcp_buff2, hwaddr, DHCP_CHADDR_MAX, NULL, &hw_type);
+      /* For backwards compatibility, no explict MAC address type means ether. */
+      if (hw_type == 0 && hw_len != 0)
+	hw_type = ARPHRD_ETHER;
+
       addr.s_addr = htonl((a0<<24) + (a1<<16) + (a2<<8) + a3);
 
       /* decode hex in place */
       if (strcmp(daemon->packet, "*") == 0)
 	clid_len = 0;
       else
-	clid_len = parse_hex(daemon->packet, (unsigned char *)daemon->packet, 255, NULL);
+	clid_len = parse_hex(daemon->packet, (unsigned char *)daemon->packet, 255, NULL, NULL);
       
-      if (!(lease = lease_allocate(hwaddr, (unsigned char *)daemon->packet, clid_len, addr)))
+      if (!(lease = lease_allocate(hwaddr, (unsigned char *)daemon->packet, hw_len, hw_type, clid_len, addr)))
 	die (_("too many stored leases"), NULL);
       
+#ifdef HAVE_BROKEN_RTC
+      if (ei != 0)
+	lease->expires = (time_t)ei + now;
+      else
+	lease->expires = (time_t)0;
+      lease->length = ei;
+#else
       lease->expires = expires;
+#endif
 
       if (strcmp(daemon->dhcp_buff, "*") !=  0)
-	  lease_set_hostname(lease, daemon->dhcp_buff, daemon->domain_suffix, 0);
+	lease_set_hostname(lease, daemon->dhcp_buff, daemon->domain_suffix, 0);
     }
-  
-  dns_dirty = 1;
-  file_dirty = has_old ? yes: no;
-
-  daemon->lease_fd = fileno(lease_file);
 }
 
 void lease_update_from_configs(struct daemon *daemon)
@@ -97,7 +94,8 @@ void lease_update_from_configs(struct daemon *daemon)
   char *name;
 
   for (lease = leases; lease; lease = lease->next)
-    if ((config = find_config(daemon->dhcp_conf, NULL, lease->clid, lease->clid_len, lease->hwaddr, NULL)) && 
+    if ((config = find_config(daemon->dhcp_conf, NULL, lease->clid, lease->clid_len, 
+			      lease->hwaddr, lease->hwaddr_len, lease->hwaddr_type, NULL)) && 
 	(config->flags & CONFIG_NAME) &&
 	(!(config->flags & CONFIG_ADDR) || config->addr.s_addr == lease->addr.s_addr))
       lease_set_hostname(lease, config->hostname, daemon->domain_suffix, 1);
@@ -105,54 +103,66 @@ void lease_update_from_configs(struct daemon *daemon)
       lease_set_hostname(lease, name, daemon->domain_suffix, 1); /* updates auth flag only */
 }
 
-void lease_update_file(int always, time_t now)
+void lease_update_file(struct daemon *daemon)
 {
   struct dhcp_lease *lease;
-  int i = always; /* avoid warning */
-  unsigned long expires;
-
-#ifdef HAVE_BROKEN_RTC
-  if (always || file_dirty == force)
+  int i;
+  
+  if (file_dirty != 0)
     {
-      lease_prune(NULL, now);
-#else
-  if (file_dirty != no)
-    {
-#endif
-      rewind(lease_file);
-      ftruncate(fileno(lease_file), 0);
+      errno = 0;
+      rewind(daemon->lease_stream);
+      if (errno != 0 || ftruncate(fileno(daemon->lease_stream), 0) != 0)
+	{
+	write_err:
+	  syslog(LOG_ERR, _("failed to write %s: %m (retry in %ds)"), daemon->lease_file, LEASE_RETRY);
+	  alarm(LEASE_RETRY);
+	  return;
+	}
       
       for (lease = leases; lease; lease = lease->next)
 	{
 #ifdef HAVE_BROKEN_RTC
-	  if (lease->expires)
-	    expires = (unsigned long) difftime(lease->expires, now);
-	  else
-	    expires = 0;
+	  if (fprintf(daemon->lease_stream, "%u ", lease->length) < 0)
+	    goto write_err;
 #else
-	  expires = now; /* eliminate warning */
-	  expires = (unsigned long)lease->expires;
+	  if (fprintf(daemon->lease_stream, "%lu ", (unsigned long)lease->expires) < 0)
+	    goto write_err;
 #endif
-	  fprintf(lease_file, "%lu %.2x:%.2x:%.2x:%.2x:%.2x:%.2x %s %s ", 
-		  expires, lease->hwaddr[0], lease->hwaddr[1],
-		  lease->hwaddr[2], lease->hwaddr[3], lease->hwaddr[4],
-		  lease->hwaddr[5], inet_ntoa(lease->addr),
-		  lease->hostname && strlen(lease->hostname) != 0 ? lease->hostname : "*");
+	  if ((lease->hwaddr_type != ARPHRD_ETHER || lease->hwaddr_len == 0) && 
+	      fprintf(daemon->lease_stream, "%.2x-", lease->hwaddr_type) < 0)
+	    goto write_err;
+	  for (i = 0; i < lease->hwaddr_len; i++)
+	    {
+	      if (fprintf(daemon->lease_stream, "%.2x", lease->hwaddr[i]) < 0)
+		goto write_err;
+	      if (i != lease->hwaddr_len - 1 &&
+		  fprintf(daemon->lease_stream, ":") < 0)
+		goto write_err;
+	    }
+	  if (fprintf(daemon->lease_stream, " %s %s ", inet_ntoa(lease->addr),
+		      lease->hostname && strlen(lease->hostname) != 0 ? lease->hostname : "*") < 0)
+	    goto write_err;
 	  
 	  if (lease->clid && lease->clid_len != 0)
 	    {
 	      for (i = 0; i < lease->clid_len - 1; i++)
-		fprintf(lease_file, "%.2x:", lease->clid[i]);
-	      fprintf(lease_file, "%.2x\n", lease->clid[i]);
+		if (fprintf(daemon->lease_stream, "%.2x:", lease->clid[i]) < 0)
+		  goto write_err;
+	      if (fprintf(daemon->lease_stream, "%.2x\n", lease->clid[i]) < 0)
+		goto write_err;
 	    }
 	  else
-	    fprintf(lease_file, "*\n");
+	    if (fprintf(daemon->lease_stream, "*\n") < 0)
+	      goto write_err;
 	  
 	}
 
-      fflush(lease_file);
-      fsync(fileno(lease_file));
-      file_dirty = no;
+      if (fflush(daemon->lease_stream) != 0)
+	goto write_err;
+      if (fsync(fileno(daemon->lease_stream)) < 0)
+	goto write_err;
+      file_dirty = 0;
     }
 }
 
@@ -183,7 +193,7 @@ void lease_prune(struct dhcp_lease *target, time_t now)
       tmp = lease->next;
       if ((lease->expires != 0 && difftime(now, lease->expires) > 0) || lease == target)
 	{
-	  file_dirty = yes;
+	  file_dirty = 1;
 
 	  *up = lease->next; /* unlink */
 	  if (lease->hostname)
@@ -204,7 +214,7 @@ void lease_prune(struct dhcp_lease *target, time_t now)
 } 
 	
   
-struct dhcp_lease *lease_find_by_client(unsigned char *hwaddr,
+struct dhcp_lease *lease_find_by_client(unsigned char *hwaddr, int hw_len, int hw_type,
 					unsigned char *clid, int clid_len)
 {
   struct dhcp_lease *lease;
@@ -217,7 +227,10 @@ struct dhcp_lease *lease_find_by_client(unsigned char *hwaddr,
   
   for (lease = leases; lease; lease = lease->next)	
     if ((!lease->clid || !clid) && 
-	memcmp(hwaddr, lease->hwaddr, ETHER_ADDR_LEN) == 0)
+	hw_len != 0 && 
+	lease->hwaddr_len == hw_len &&
+	lease->hwaddr_type == hw_type &&
+	memcmp(hwaddr, lease->hwaddr, hw_len) == 0)
       return lease;
   
   return NULL;
@@ -236,7 +249,7 @@ struct dhcp_lease *lease_find_by_addr(struct in_addr addr)
 
 
 struct dhcp_lease *lease_allocate(unsigned char *hwaddr, unsigned char *clid, 
-				  int clid_len, struct in_addr addr)
+				  int hw_len, int hw_type, int clid_len, struct in_addr addr)
 {
   struct dhcp_lease *lease;
   if (!leases_left || !(lease = malloc(sizeof(struct dhcp_lease))))
@@ -245,10 +258,15 @@ struct dhcp_lease *lease_allocate(unsigned char *hwaddr, unsigned char *clid,
   lease->clid = NULL;
   lease->hostname = lease->fqdn = NULL;  
   lease->addr = addr;
-  memset(lease->hwaddr, 0, ETHER_ADDR_LEN);
+  memset(lease->hwaddr, 0, DHCP_CHADDR_MAX);
+  lease->hwaddr_len = 0;
+  lease->hwaddr_type = 0;
   lease->expires = 1;
+#ifdef HAVE_BROKEN_RTC
+  lease->length = 0xffffffff; /* illegal value */
+#endif
   
-  if (!lease_set_hwaddr(lease, hwaddr, clid, clid_len))
+  if (!lease_set_hwaddr(lease, hwaddr, clid, hw_len, hw_type, clid_len))
     {
       free(lease);
       return NULL;
@@ -257,29 +275,56 @@ struct dhcp_lease *lease_allocate(unsigned char *hwaddr, unsigned char *clid,
   lease->next = leases;
   leases = lease;
   
-  file_dirty = force;
+  file_dirty = 1;
   leases_left--;
 
   return lease;
 }
 
-void lease_set_expires(struct dhcp_lease *lease, time_t exp)
+void lease_set_expires(struct dhcp_lease *lease, unsigned int len, time_t now)
 {
+  time_t exp = now + (time_t)len;
+  
+  if (len == 0xffffffff)
+    {
+      exp = 0;
+      len = 0;
+    }
+  
   if (exp != lease->expires)
     {
-      file_dirty = yes;
       dns_dirty = 1;
+      lease->expires = exp;
+#ifndef HAVE_BROKEN_RTC
+      file_dirty = 1;
+#endif
     }
-  lease->expires = exp;
-}
+  
+#ifdef HAVE_BROKEN_RTC
+  if (len != lease->length)
+    {
+      lease->length = len;
+      file_dirty = 1;
+    }
+#endif
+} 
 
 int lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr,
-		      unsigned char *clid, int clid_len)
+		      unsigned char *clid, int hw_len, int hw_type, int clid_len)
 {
-  if (memcmp(lease->hwaddr, hwaddr, ETHER_ADDR_LEN) != 0)
+  /* must have some sort of unique-id */
+  if (hw_len == 0 && (clid_len == 0 || !clid))
+    return 0;
+
+  if (hw_len != lease->hwaddr_len ||
+      hw_type != lease->hwaddr_type || 
+      hw_len == 0 ||
+      memcmp(lease->hwaddr, hwaddr, hw_len) != 0)
     {
-      file_dirty = force;
-      memcpy(lease->hwaddr, hwaddr, ETHER_ADDR_LEN);
+      file_dirty = 1;
+      memcpy(lease->hwaddr, hwaddr, hw_len);
+      lease->hwaddr_len = hw_len;
+      lease->hwaddr_type = hw_type;
     }
 
   /* only update clid when one is available, stops packets
@@ -292,15 +337,15 @@ int lease_set_hwaddr(struct dhcp_lease *lease, unsigned char *hwaddr,
 
       if (lease->clid_len != clid_len)
 	{
-	  file_dirty = force;
+	  file_dirty = 1;
 	  if (lease->clid)
 	    free(lease->clid);
 	  if (!(lease->clid = malloc(clid_len)))
 	    return 0;
 	}
       else if (memcmp(lease->clid, clid, clid_len) != 0)
-	file_dirty = force;
-
+	file_dirty = 1;
+      
       lease->clid_len = clid_len;
       memcpy(lease->clid, clid, clid_len);
     }
@@ -364,7 +409,7 @@ void lease_set_hostname(struct dhcp_lease *lease, char *name, char *suffix, int
   lease->fqdn = new_fqdn;
   lease->auth_name = auth;
   
-  file_dirty = force;
+  file_dirty = 1;
   dns_dirty = 1;
 }
 

src/netlink.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000-2005 Simon Kelley
+ /* dnsmasq is Copyright (c) 2000-2006 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -10,143 +10,267 @@
    GNU General Public License for more details.
 */
 
-/* Author's email: simon@thekelleys.org.uk */
-
 #include "dnsmasq.h"
 
-#ifdef HAVE_RTNETLINK
+#ifdef HAVE_LINUX_NETWORK
 
 #include <linux/types.h>
 #include <linux/netlink.h>
 #include <linux/rtnetlink.h>
 
-int netlink_init(void)
+static struct iovec iov;
+
+static void nl_err(struct nlmsghdr *h);
+static void nl_routechange(struct daemon *daemon, struct nlmsghdr *h);
+
+void netlink_init(struct daemon *daemon)
 {
   struct sockaddr_nl addr;
-  int sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
-  
-  if (sock < 0)
-    return -1; /* no kernel support */
 
   addr.nl_family = AF_NETLINK;
   addr.nl_pad = 0;
-  addr.nl_pid = getpid();
-  addr.nl_groups = 0;
+  addr.nl_pid = 0; /* autobind */
+#ifdef HAVE_IPV6
+  addr.nl_groups = RTMGRP_IPV4_ROUTE | RTMGRP_IPV6_ROUTE;
+#else
+  addr.nl_groups = RTMGRP_IPV4_ROUTE;
+#endif
   
-  if (bind(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0)
-    die(_("cannot bind netlink socket: %s"), NULL);
+  /* May not be able to have permission to set multicast groups don't die in that case */
+  if ((daemon->netlinkfd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE)) != -1)
+    {
+      if (bind(daemon->netlinkfd, (struct sockaddr *)&addr, sizeof(addr)) == -1)
+	{
+	  addr.nl_groups = 0;
+	  if (errno != EPERM || bind(daemon->netlinkfd, (struct sockaddr *)&addr, sizeof(addr)) == -1)
+	    daemon->netlinkfd = -1;
+	}
+    }
   
-  return sock;
+  if (daemon->netlinkfd == -1)
+    die(_("cannot create RTnetlink socket: %s"), NULL);
+  
+  iov.iov_len = 200;
+  iov.iov_base = safe_malloc(iov.iov_len);
 }
 
+static ssize_t netlink_recv(struct daemon *daemon)
+{
+  struct msghdr msg;
+  ssize_t rc;
 
-/* We borrow the DNS packet buffer here. (The DHCP one already has a packet in it)
-   Since it's used only within this routine, that's fine, just remember 
-   that calling icmp_echo() will trash it */
-int netlink_process(struct daemon *daemon, int index, struct in_addr relay, 
-		    struct in_addr primary, struct dhcp_context **retp)
+  msg.msg_control = NULL;
+  msg.msg_controllen = 0;
+  msg.msg_name = NULL;
+  msg.msg_namelen = 0;
+  msg.msg_iov = &iov;
+  msg.msg_iovlen = 1;
+    
+  while (1)
+    {
+      msg.msg_flags = 0;
+      while ((rc = recvmsg(daemon->netlinkfd, &msg, MSG_PEEK)) == -1 && errno == EINTR);
+      
+      /* 2.2.x doesn't suport MSG_PEEK at all, returning EOPNOTSUPP, so we just grab a 
+	 big buffer and pray in that case. */
+      if (rc == -1 && errno == EOPNOTSUPP)
+	{
+	  if (!expand_buf(&iov, 2000))
+	    return -1;
+	  break;
+	}
+      
+      if (rc == -1 || !(msg.msg_flags & MSG_TRUNC))
+        break;
+            
+      if (!expand_buf(&iov, iov.iov_len + 100))
+	return -1;
+    }
+
+  /* finally, read it for real */
+  while ((rc = recvmsg(daemon->netlinkfd, &msg, 0)) == -1 && errno == EINTR);
+  
+  return rc;
+}
+  
+int iface_enumerate(struct daemon *daemon, void *parm, int (*ipv4_callback)(), int (*ipv6_callback)())
 {
   struct sockaddr_nl addr;
   struct nlmsghdr *h;
-  int len, found_primary = 0;
-  struct dhcp_context *ret = NULL;
+  ssize_t len;
   static unsigned int seq = 0;
+  int family = AF_INET;
 
   struct {
     struct nlmsghdr nlh;
     struct rtgenmsg g; 
   } req;
 
-  if (daemon->netlinkfd == -1)
-    return 0;
-
   addr.nl_family = AF_NETLINK;
   addr.nl_pad = 0;
   addr.nl_groups = 0;
   addr.nl_pid = 0; /* address to kernel */
 
+ again:
   req.nlh.nlmsg_len = sizeof(req);
   req.nlh.nlmsg_type = RTM_GETADDR;
   req.nlh.nlmsg_flags = NLM_F_ROOT | NLM_F_MATCH | NLM_F_REQUEST;
   req.nlh.nlmsg_pid = 0;
   req.nlh.nlmsg_seq = ++seq;
-  req.g.rtgen_family = AF_INET; 
+  req.g.rtgen_family = family; 
 
   /* Don't block in recvfrom if send fails */
   while((len = sendto(daemon->netlinkfd, (void *)&req, sizeof(req), 0, 
 		      (struct sockaddr *)&addr, sizeof(addr))) == -1 && retry_send());
-
-  if (len == -1)
-    {
-      /* if RTnetlink not configured in the kernel, don't keep trying. */
-      if (errno == ECONNREFUSED)
-	{
-	  close(daemon->netlinkfd);
-	  daemon->netlinkfd = -1;
-	}
-      return 0;
-    }
-
- get_next:
-  while((len = recvfrom(daemon->netlinkfd, daemon->packet, daemon->packet_buff_sz, 
-			MSG_WAITALL, NULL, 0)) == -1 && retry_send());
- 
+  
   if (len == -1)
     return 0;
-  
-  h = (struct nlmsghdr *)daemon->packet;
-
-  while (NLMSG_OK(h, (unsigned int)len))
+    
+  while (1)
     {
-          
-      if (h->nlmsg_seq != seq)
-	goto get_next;
-	
-      if (h->nlmsg_type == NLMSG_DONE)
-	break;
-
-      if (h->nlmsg_type == NLMSG_ERROR)
+      if ((len = netlink_recv(daemon)) == -1)
 	return 0;
-      
-      if (h->nlmsg_type == RTM_NEWADDR)
-	{
-	  struct ifaddrmsg *ifa = NLMSG_DATA(h);
-	  
-	  if (ifa->ifa_index == index && ifa->ifa_family == AF_INET)
-	    {
-	      struct rtattr *rta = IFA_RTA(ifa);
-	      unsigned int len1 = h->nlmsg_len - NLMSG_LENGTH(sizeof(*ifa));
-	      struct in_addr netmask, addr, broadcast;
-	      
-	      netmask.s_addr = htonl(0xffffffff << (32 - ifa->ifa_prefixlen));
-	      addr.s_addr = 0;
-	      broadcast.s_addr = 0;
-	      
-	      while (RTA_OK(rta, len1))
-		{
-		  if (rta->rta_type == IFA_LOCAL)
-		    addr = *((struct in_addr *)(rta+1));
-		  else if (rta->rta_type == IFA_BROADCAST)
-		    broadcast = *((struct in_addr *)(rta+1));
-		  
-		  rta = RTA_NEXT(rta, len1);
-		}
-	      
-	      if (addr.s_addr)
-		{
-		  ret = complete_context(daemon, addr, ret, netmask, broadcast, relay, primary);	
-		  if (addr.s_addr == primary.s_addr)
-		    found_primary = 1;
-		}
-	    }
-	}
-
-      h = NLMSG_NEXT(h, len);
+  
+      for (h = (struct nlmsghdr *)iov.iov_base; NLMSG_OK(h, (size_t)len); h = NLMSG_NEXT(h, len))
+ 	if (h->nlmsg_type == NLMSG_ERROR)
+	  nl_err(h);
+	else if (h->nlmsg_seq != seq)
+	  nl_routechange(daemon, h); /* May be multicast arriving async */
+	else if (h->nlmsg_type == NLMSG_DONE)
+	  {
+#ifdef HAVE_IPV6
+	    if (family == AF_INET && ipv6_callback)
+	      {
+		family = AF_INET6;
+		goto again;
+	      }
+#endif
+	    return 1;
+	  }
+	else if (h->nlmsg_type == RTM_NEWADDR)
+	  {
+	    struct ifaddrmsg *ifa = NLMSG_DATA(h);  
+	    struct rtattr *rta = IFA_RTA(ifa);
+	    unsigned int len1 = h->nlmsg_len - NLMSG_LENGTH(sizeof(*ifa));
+	    
+	    if (ifa->ifa_family == AF_INET)
+	      {
+		struct in_addr netmask, addr, broadcast;
+		
+		netmask.s_addr = htonl(0xffffffff << (32 - ifa->ifa_prefixlen));
+		addr.s_addr = 0;
+		broadcast.s_addr = 0;
+		
+		while (RTA_OK(rta, len1))
+		  {
+		    if (rta->rta_type == IFA_LOCAL)
+		      addr = *((struct in_addr *)(rta+1));
+		    else if (rta->rta_type == IFA_BROADCAST)
+		      broadcast = *((struct in_addr *)(rta+1));
+		    
+		    rta = RTA_NEXT(rta, len1);
+		  }
+		
+		if (addr.s_addr && ipv4_callback)
+		  if (!((*ipv4_callback)(daemon, addr, ifa->ifa_index, netmask, broadcast, parm)))
+		    return 0;
+	      }
+#ifdef HAVE_IPV6
+	    else if (ifa->ifa_family == AF_INET6)
+	      {
+		struct in6_addr *addrp = NULL;
+		while (RTA_OK(rta, len1))
+		  {
+		    if (rta->rta_type == IFA_ADDRESS)
+		      addrp = ((struct in6_addr *)(rta+1)); 
+		    
+		    rta = RTA_NEXT(rta, len1);
+		  }
+		
+		if (addrp && ipv6_callback)
+		  if (!((*ipv6_callback)(daemon, addrp, ifa->ifa_index, ifa->ifa_index, parm)))
+		    return 0;
+	      }
+#endif
+	  }
     }
+}
 
-  *retp = ret;
+void netlink_multicast(struct daemon *daemon)
+{
+  ssize_t len;
+  struct nlmsghdr *h;
+  
+  if ((len = netlink_recv(daemon)) != -1)
+    {
+      for (h = (struct nlmsghdr *)iov.iov_base; NLMSG_OK(h, (size_t)len); h = NLMSG_NEXT(h, len))
+	if (h->nlmsg_type == NLMSG_ERROR)
+	  nl_err(h);
+	else
+	  nl_routechange(daemon, h);
+    }
+}
 
-  return found_primary;
+static void nl_err(struct nlmsghdr *h)
+{
+  struct nlmsgerr *err = NLMSG_DATA(h);
+  if (err->error != 0)
+    syslog(LOG_ERR, _("RTnetlink returns error: %s"), strerror(-(err->error)));
+}
+
+/* We arrange to receive netlink multicast messages whenever the network route is added.
+   If this happens and we still have a DNS packet in the buffer, we re-send it.
+   This helps on DoD links, where frequently the packet which triggers dialling is
+   a DNS query, which then gets lost. By re-sending, we can avoid the lookup
+   failing. */ 
+static void nl_routechange(struct daemon *daemon, struct nlmsghdr *h)
+{
+  if (h->nlmsg_type == RTM_NEWROUTE && daemon->srv_save)
+    {
+      struct rtmsg *rtm = NLMSG_DATA(h);
+      if (rtm->rtm_type == RTN_UNICAST &&
+	  rtm->rtm_scope == RT_SCOPE_LINK) 
+	while(sendto(daemon->srv_save->sfd->fd, daemon->packet, daemon->packet_len, 0,
+		     &daemon->srv_save->addr.sa, sa_len(&daemon->srv_save->addr)) == -1 && retry_send()); 
+    }
+}
+
+void arp_inject(int fd, struct in_addr ip_addr, int iface, 
+		unsigned char *mac, unsigned int mac_len)
+{
+  struct sockaddr_nl addr;
+  struct {
+    struct nlmsghdr nlh;
+    struct ndmsg m;
+    struct rtattr addr_attr;
+    struct in_addr addr;
+    struct rtattr ll_attr;
+    char mac[DHCP_CHADDR_MAX];
+  } req;
+  
+  memset(&req, 0, sizeof(req));
+  memset(&addr, 0, sizeof(addr));
+
+  addr.nl_family = AF_NETLINK;
+
+  req.nlh.nlmsg_len = sizeof(req);
+  req.nlh.nlmsg_type = RTM_NEWNEIGH;
+  req.nlh.nlmsg_flags = NLM_F_REQUEST | NLM_F_REPLACE | NLM_F_CREATE;
+
+  req.m.ndm_family = AF_INET;
+  req.m.ndm_ifindex = iface;
+  req.m.ndm_state = NUD_REACHABLE;
+
+  req.addr_attr.rta_type = NDA_DST;
+  req.addr_attr.rta_len = RTA_LENGTH(sizeof(struct in_addr));
+  req.addr = ip_addr;
+
+  req.ll_attr.rta_type = NDA_LLADDR;
+  req.ll_attr.rta_len = RTA_LENGTH(mac_len);
+  memcpy(req.mac, mac, mac_len);
+
+  while(sendto(fd, (void *)&req, sizeof(req), 0, (struct sockaddr *)&addr, sizeof(addr)) == -1 && 
+	retry_send());
 }
 
 #endif

src/network.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000 - 2005 Simon Kelley
+/* dnsmasq is Copyright (c) 2000 - 2006 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -10,262 +10,177 @@
    GNU General Public License for more details.
 */
 
-/* Author's email: simon@thekelleys.org.uk */
-
 #include "dnsmasq.h"
 
-static int iface_allowed(struct daemon *daemon, struct irec *iface, 
-			 char *name, int is_loopback, union mysockaddr *addr) 
+int iface_check(struct daemon *daemon, int family, struct all_addr *addr, char *name)
 {
   struct iname *tmp;
+  int ret = 1;
+
+  /* Note: have to check all and not bail out early, so that we set the
+     "used" flags. */
+
+  if (daemon->if_names || daemon->if_addrs)
+    {
+      ret = 0;
+
+      for (tmp = daemon->if_names; tmp; tmp = tmp->next)
+	if (tmp->name && (strcmp(tmp->name, name) == 0))
+	  ret = tmp->used = 1;
+	        
+      for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
+	if (tmp->addr.sa.sa_family == family)
+	  {
+	    if (family == AF_INET &&
+		tmp->addr.in.sin_addr.s_addr == addr->addr.addr4.s_addr)
+	      ret = tmp->used = 1;
+#ifdef HAVE_IPV6
+	    else if (family == AF_INET6 &&
+		     IN6_ARE_ADDR_EQUAL(&tmp->addr.in6.sin6_addr, 
+					&addr->addr.addr6))
+	      ret = tmp->used = 1;
+#endif
+	  }          
+    }
+  
+  for (tmp = daemon->if_except; tmp; tmp = tmp->next)
+    if (tmp->name && (strcmp(tmp->name, name) == 0))
+      ret = 0;
+  
+  return ret; 
+}
+      
+static int iface_allowed(struct daemon *daemon, struct irec **irecp, int if_index, 
+			 union mysockaddr *addr, struct in_addr netmask) 
+{
+  struct irec *iface;
+  int fd;
+  struct ifreq ifr;
+  
+  /* check whether the interface IP has been added already 
+     we call this routine multiple times. */
+  for (iface = *irecp; iface; iface = iface->next) 
+    if (sockaddr_isequal(&iface->addr, addr))
+      return 1;
+  
+#ifdef HAVE_LINUX_NETWORK
+  ifr.ifr_ifindex = if_index;
+#endif
+  
+  if ((fd = socket(PF_INET, SOCK_DGRAM, 0)) == -1 ||
+#ifdef HAVE_LINUX_NETWORK
+      ioctl(fd, SIOCGIFNAME, &ifr) == -1 ||
+#else
+      !if_indextoname(if_index, ifr.ifr_name) ||
+#endif
+      ioctl(fd, SIOCGIFFLAGS, &ifr) == -1)
+    {
+      if (fd != -1)
+	{
+	  int errsave = errno;
+	  close(fd);
+	  errno = errsave;
+	}
+      return 0;
+    }
+  
+  close(fd);
   
   /* If we are restricting the set of interfaces to use, make
      sure that loopback interfaces are in that set. */
-  if (daemon->if_names && is_loopback)
+  if (daemon->if_names && (ifr.ifr_flags & IFF_LOOPBACK))
     {
       struct iname *lo;
       for (lo = daemon->if_names; lo; lo = lo->next)
-	if (lo->name && strcmp(lo->name, name) == 0)
+	if (lo->name && strcmp(lo->name, ifr.ifr_name) == 0)
 	  {
 	    lo->isloop = 1;
 	    break;
 	  }
-      if (!lo)
+      
+      if (!lo && (lo = malloc(sizeof(struct iname))))
 	{
-	  lo = safe_malloc(sizeof(struct iname));
-	  lo->name = safe_malloc(strlen(name)+1);
-	  strcpy(lo->name, name);
+	  lo->name = safe_malloc(strlen(ifr.ifr_name)+1);
+	  strcpy(lo->name, ifr.ifr_name);
 	  lo->isloop = lo->used = 1;
 	  lo->next = daemon->if_names;
 	  daemon->if_names = lo;
 	}
     }
   
-  /* check blacklist */
-  if (daemon->if_except)
-    for (tmp = daemon->if_except; tmp; tmp = tmp->next)
-      if (tmp->name && strcmp(tmp->name, name) == 0)
-	return 0;
-	
-  /* we may need to check the whitelist */
-  if (daemon->if_names || daemon->if_addrs)
-    { 
-      int found = 0;
+  if (addr->sa.sa_family == AF_INET &&
+      !iface_check(daemon, AF_INET, (struct all_addr *)&addr->in.sin_addr, ifr.ifr_name))
+    return 1;
 
-      for (tmp = daemon->if_names; tmp; tmp = tmp->next)
-	if (tmp->name && (strcmp(tmp->name, name) == 0))
-	  found = tmp->used = 1;
-	  
-      for (tmp = daemon->if_addrs; tmp; tmp = tmp->next)
-	if (sockaddr_isequal(&tmp->addr, addr))
-	  found = tmp->used = 1;
-      
-      if (!found) 
-	return 0;
+#ifdef HAVE_IPV6
+  if (addr->sa.sa_family == AF_INET6 &&
+      !iface_check(daemon, AF_INET6, (struct all_addr *)&addr->in6.sin6_addr, ifr.ifr_name))
+    return 1;
+#endif
+
+  /* add to list */
+  if ((iface = malloc(sizeof(struct irec))))
+    {
+      iface->addr = *addr;
+      iface->netmask = netmask;
+      iface->next = *irecp;
+      *irecp = iface; 
+      return 1;
     }
   
-  /* check whether the interface IP has been added already 
-     it is possible to have multiple interfaces with the same address */
-  for (; iface; iface = iface->next) 
-    if (sockaddr_isequal(&iface->addr, addr))
-      break;
-  if (iface)
-    return 0;
-  
-  return 1;
+  errno = ENOMEM; 
+  return 0;
 }
 
-/* This does two different jobs: if chainp is non-NULL, it puts
-   a list of all the interfaces allowed by config into *chainp.
-   If chainp is NULL, it returns 1 if addr is  an address of an interface
-   allowed by config and if that address is IPv4, it fills in the
-   netmask of the interface. 
-   
-   If chainp is non-NULL, a zero return indicates a fatal error.
-
-   If chainp is NULL, errors result in a match failure and zero return.
-*/
-int enumerate_interfaces(struct daemon *daemon, struct irec **chainp,
-			 union mysockaddr *test_addrp, struct in_addr *netmaskp)
+#ifdef HAVE_IPV6
+static int iface_allowed_v6(struct daemon *daemon, struct in6_addr *local, 
+			    int scope, int if_index, void *vparam)
 {
-#if defined(HAVE_LINUX_IPV6_PROC) && defined(HAVE_IPV6)
-  FILE *f;
-#endif
   union mysockaddr addr;
-  struct irec *iface = NULL;
-  char *buf, *ptr;
-  struct ifreq *ifr = NULL;
-  struct ifconf ifc;
-  int lastlen = 0;
-  int len = 20 * sizeof(struct ifreq);
-  int fd = socket(PF_INET, SOCK_DGRAM, 0);
-  struct in_addr netmask;
-  int ret = 0;
+  struct in_addr netmask; /* dummy */
   
-  netmask.s_addr = 0; /* eliminate warning */
-
-  if (fd == -1)
-    return 0;
-
-#ifdef HAVE_IPV6
-  if (test_addrp && test_addrp->sa.sa_family == AF_INET6)
-    test_addrp->in6.sin6_flowinfo = htonl(0);
-#endif
-        
-  while (1)
-     {
-       buf = safe_malloc(len);
-
-       ifc.ifc_len = len;
-       ifc.ifc_buf = buf;
-       if (ioctl(fd, SIOCGIFCONF, &ifc) < 0)
-	 {
-	   if (errno != EINVAL || lastlen != 0)
-	     goto exit;
-	 }
-       else
-	 {
-	   if (ifc.ifc_len == lastlen)
-	     break; /* got a big enough buffer now */
-	   lastlen = ifc.ifc_len;
-	 }
-       len += 10*sizeof(struct ifreq);
-       free(buf);
-     }
+  netmask.s_addr = 0;
   
-  for (ptr = buf; ptr < buf + ifc.ifc_len; )
-    {
 #ifdef HAVE_SOCKADDR_SA_LEN
-      /* subsequent entries may not be aligned, so copy into
-	 an aligned buffer to avoid nasty complaints about 
-	 unaligned accesses. */
-      int ifr_len = ((struct ifreq *)ptr)->ifr_addr.sa_len + IF_NAMESIZE;
-      if (!(ifr = realloc(ifr, ifr_len)))
-	goto exit;
-      
-      memcpy(ifr, ptr, ifr_len);
-      ptr += ifr_len;
-#else
-      ifr = (struct ifreq *)ptr;
-      ptr += sizeof(struct ifreq);
+  addr.in6.sin6_len = sizeof(addr.in6);
 #endif
-      
-      /* copy address since getting flags overwrites */
-      if (ifr->ifr_addr.sa_family == AF_INET)
-	{
-	  addr.in = *((struct sockaddr_in *) &ifr->ifr_addr);
-	  addr.in.sin_port = htons(daemon->port);
-	  if (ioctl(fd, SIOCGIFNETMASK, ifr) == -1)
-	    goto exit;
-	  netmask = ((struct sockaddr_in *) &ifr->ifr_addr)->sin_addr;
-	}
-#ifdef HAVE_IPV6
-      else if (ifr->ifr_addr.sa_family == AF_INET6)
-	{
-#ifdef HAVE_BROKEN_SOCKADDR_IN6
-	  addr.in6 = *((struct my_sockaddr_in6 *) &ifr->ifr_addr);
-#else
-	  addr.in6 = *((struct sockaddr_in6 *) &ifr->ifr_addr);
-#endif
-	  addr.in6.sin6_port = htons(daemon->port);
-	  addr.in6.sin6_flowinfo = htonl(0);
-	}
-#endif
-      else
-	continue; /* unknown address family */
-      
-      if (ioctl(fd, SIOCGIFFLAGS, ifr) < 0)
-	goto exit;
+  addr.in6.sin6_family = AF_INET6;
+  addr.in6.sin6_addr = *local;
+  addr.in6.sin6_port = htons(daemon->port);
+  addr.in6.sin6_scope_id = scope;
+  addr.in6.sin6_flowinfo = 0;
 
-      if (iface_allowed(daemon, iface, ifr->ifr_name, ifr->ifr_flags & IFF_LOOPBACK, &addr))
-	{
-	  if (chainp)
-	    {
-	      struct irec *new = safe_malloc(sizeof(struct irec));
-	      new->addr = addr;
-	      new->netmask = netmask;
-	      new->next = iface;
-	      iface = new;
-	    }
-	  else if (sockaddr_isequal(&addr, test_addrp))
-	    {
-	      *netmaskp = netmask;
-	      ret = 1;
-	      goto exit;
-	    }
-	}
-    }
+  return iface_allowed(daemon, (struct irec **)vparam, if_index, &addr, netmask);
+}
+#endif
 
-#if defined(HAVE_LINUX_IPV6_PROC) && defined(HAVE_IPV6)
-  /* IPv6 addresses don't seem to work with SIOCGIFCONF. Barf */
-  /* This code snarfed from net-tools 1.60 and certainly linux specific, though
-     it shouldn't break on other Unices, and their SIOGIFCONF might work. */
-  if ((f = fopen(IP6INTERFACES, "r")))
-    {
-      unsigned int plen, scope, flags, if_idx;
-      char devname[21], addrstring[33];
-      
-      while (fscanf(f, "%32s %x %x %x %x %20s\n",
-		    addrstring, &if_idx, &plen, &scope, &flags, devname) != EOF) 
-	{
-	  int i;
-	  struct ifreq sifr;
-	  unsigned char *addr6p = (unsigned char *) &addr.in6.sin6_addr;
-	  memset(&addr, 0, sizeof(addr));
-	  addr.sa.sa_family = AF_INET6;
-	  for (i=0; i<16; i++)
-	    {
-	      unsigned int byte;
-	      sscanf(addrstring+i+i, "%02x", &byte);
-	      addr6p[i] = byte;
-	    }
-	  addr.in6.sin6_port = htons(daemon->port);
-	  addr.in6.sin6_flowinfo = htonl(0);
-	  addr.in6.sin6_scope_id = htonl(scope);
-	  
-	  strncpy(sifr.ifr_name, devname, IF_NAMESIZE);
-	  if (ioctl(fd, SIOCGIFFLAGS, &sifr) < 0)
-	    goto exit;
-	  
-	  if (iface_allowed(daemon, iface, sifr.ifr_name, sifr.ifr_flags & IFF_LOOPBACK, &addr))
-	    {
-	      if (chainp)
-		{
-		  struct irec *new = safe_malloc(sizeof(struct irec));
-		  new->addr = addr;
-		  new->next = iface;
-		  iface = new;
-		}
-	      else if (sockaddr_isequal(&addr, test_addrp))
-		{
-		  ret = 1;
-		  goto exit;
-		}
-	    }
-	}	    
-      fclose(f);
-    }
-#endif /* LINUX */
+static int iface_allowed_v4(struct daemon *daemon, struct in_addr local, int if_index, 
+			    struct in_addr netmask, struct in_addr broadcast, void *vparam)
+{
+  union mysockaddr addr;
   
-  if (chainp)
-    {
-      *chainp = iface;
-      ret = 1;
-    }
- 
- exit:  
-  if (buf)
-    free(buf);
 #ifdef HAVE_SOCKADDR_SA_LEN
-  if (ifr)
-    free(ifr);
+  addr.in.sin_len = sizeof(addr.in);
 #endif
-  close(fd);
+  addr.in.sin_family = AF_INET;
+  addr.in.sin_addr = broadcast; /* warning */
+  addr.in.sin_addr = local;
+  addr.in.sin_port = htons(daemon->port);
 
-  return ret;
+  return iface_allowed(daemon, (struct irec **)vparam, if_index, &addr, netmask);
+}
+   
+
+int enumerate_interfaces(struct daemon *daemon)
+{
+#ifdef HAVE_IPV6
+  return iface_enumerate(daemon, &daemon->interfaces, iface_allowed_v4, iface_allowed_v6);
+#else
+  return iface_enumerate(daemon, &daemon->interfaces, iface_allowed_v4, NULL);
+#endif
 }
 
-#if defined(HAVE_IPV6) && (defined(IP_PKTINFO) || (defined(IP_RECVDSTADDR) && defined(IP_RECVIF) && defined(IP_SENDSRCADDR)))
+#if defined(HAVE_IPV6)
 static int create_ipv6_listener(struct listener **link, int port)
 {
   union mysockaddr addr;
@@ -276,9 +191,10 @@ static int create_ipv6_listener(struct listener **link, int port)
   addr.in6.sin6_family = AF_INET6;
   addr.in6.sin6_addr = in6addr_any;
   addr.in6.sin6_port = htons(port);
-  addr.in6.sin6_flowinfo = htonl(0);
+  addr.in6.sin6_flowinfo = 0;
+  addr.in6.sin6_scope_id = 0;
 #ifdef HAVE_SOCKADDR_SA_LEN
-  addr.in6.sin6_len = sizeof(struct sockaddr_in6);
+  addr.in6.sin6_len = sizeof(addr.in6);
 #endif
 
   /* No error of the kernel doesn't support IPv6 */
@@ -332,10 +248,6 @@ static int create_ipv6_listener(struct listener **link, int port)
 
 struct listener *create_wildcard_listeners(int port)
 {
-#if !(defined(IP_PKTINFO) || (defined(IP_RECVDSTADDR) && defined(IP_RECVIF) && defined(IP_SENDSRCADDR)))
-  port = 0; /* eliminate warning */
-  return NULL;
-#else
   union mysockaddr addr;
   int opt = 1;
   struct listener *l, *l6 = NULL;
@@ -369,7 +281,7 @@ struct listener *create_wildcard_listeners(int port)
       setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)) == -1 ||
       (flags = fcntl(fd, F_GETFL, 0)) == -1 ||
       fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1 ||
-#if defined(IP_PKTINFO) 
+#if defined(HAVE_LINUX_NETWORK) 
       setsockopt(fd, SOL_IP, IP_PKTINFO, &opt, sizeof(opt)) == -1 ||
 #elif defined(IP_RECVDSTADDR) && defined(IP_RECVIF)
       setsockopt(fd, IPPROTO_IP, IP_RECVDSTADDR, &opt, sizeof(opt)) == -1 ||
@@ -389,18 +301,16 @@ struct listener *create_wildcard_listeners(int port)
   l->next = l6;
 
   return l;
-
-#endif
 }
 
-struct listener *create_bound_listeners(struct irec *interfaces, int port)
+struct listener *create_bound_listeners(struct daemon *daemon)
 {
 
   struct listener *listeners = NULL;
   struct irec *iface;
-  int flags = port, opt = 1;
+  int flags, opt = 1;
   
-  for (iface = interfaces ;iface; iface = iface->next)
+  for (iface = daemon->interfaces; iface; iface = iface->next)
     {
       struct listener *new = safe_malloc(sizeof(struct listener));
       new->family = iface->addr.sa.sa_family;
@@ -439,9 +349,9 @@ struct listener *create_bound_listeners(struct irec *interfaces, int port)
 	  else
 #endif
 	    {
-	      char addrbuff[ADDRSTRLEN];
-	      prettyprint_addr(&iface->addr, addrbuff);
-	      die(_("failed to bind listening socket for %s: %s"), addrbuff);
+	      prettyprint_addr(&iface->addr, daemon->namebuff);
+	      die(_("failed to bind listening socket for %s: %s"), 
+		  daemon->namebuff);
 	    }
 	}
       else
@@ -503,7 +413,7 @@ void check_servers(struct daemon *daemon)
   /* forward table rules reference servers, so have to blow them away */
   forward_init(0);
   
-  daemon->last_server = NULL;
+  daemon->last_server = daemon->srv_save = NULL;
   
   for (new = daemon->servers; new; new = tmp)
     {
@@ -611,7 +521,7 @@ void reload_servers(char *fname, struct daemon *daemon)
 #endif
 	    {
 #ifdef HAVE_SOCKADDR_SA_LEN
-	      source_addr.in.sin_len = addr.in.sin_len = sizeof(struct sockaddr_in);
+	      source_addr.in.sin_len = addr.in.sin_len = sizeof(source_addr.in);
 #endif
 	      source_addr.in.sin_family = addr.in.sin_family = AF_INET;
 	      addr.in.sin_port = htons(NAMESERVER_PORT);
@@ -622,11 +532,12 @@ void reload_servers(char *fname, struct daemon *daemon)
 	  else if (inet_pton(AF_INET6, token, &addr.in6.sin6_addr) > 0)
 	    {
 #ifdef HAVE_SOCKADDR_SA_LEN
-	      source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(struct sockaddr_in6);
+	      source_addr.in6.sin6_len = addr.in6.sin6_len = sizeof(source_addr.in6);
 #endif
 	      source_addr.in6.sin6_family = addr.in6.sin6_family = AF_INET6;
 	      addr.in6.sin6_port = htons(NAMESERVER_PORT);
-	      source_addr.in6.sin6_flowinfo = addr.in6.sin6_flowinfo = htonl(0);
+	      source_addr.in6.sin6_flowinfo = addr.in6.sin6_flowinfo = 0;
+	      source_addr.in6.sin6_scope_id = addr.in6.sin6_scope_id = 0;
 	      source_addr.in6.sin6_addr = in6addr_any;
 	      source_addr.in6.sin6_port = htons(daemon->query_port);
 	    }

src/option.c

@@ -1,4 +1,4 @@
-/* dnsmasq is Copyright (c) 2000 - 2005 Simon Kelley
+/* dnsmasq is Copyright (c) 2000 - 2006 Simon Kelley
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -10,8 +10,6 @@
    GNU General Public License for more details.
 */
 
-/* Author's email: simon@thekelleys.org.uk */
-
 #include "dnsmasq.h"
 
 struct myoption {
@@ -21,7 +19,7 @@ struct myoption {
   int val;
 };
 
-#define OPTSTRING "31yZDNLERKzowefnbvhdkqr:m:p:c:l:s:i:t:u:g:a:x:S:C:A:T:H:Q:I:B:F:G:O:M:X:V:U:j:P:J:W:Y:2:"
+#define OPTSTRING "531yZDNLERKzowefnbvhdkqr:m:p:c:l:s:i:t:u:g:a:x:S:C:A:T:H:Q:I:B:F:G:O:M:X:V:U:j:P:J:W:Y:2:4:"
 
 static const struct myoption opts[] = { 
   {"version", 0, 0, 'v'},
@@ -82,6 +80,8 @@ static const struct myoption opts[] = {
   {"txt-record", 1, 0, 'Y'},
   {"enable-dbus", 0, 0, '1'},
   {"bootp-dynamic", 0, 0, '3'},
+  {"dhcp-mac", 1, 0, '4'},
+  {"no-ping", 0, 0, '5'},
   {0, 0, 0, 0}
 };
 
@@ -111,6 +111,7 @@ static const struct optflags optmap[] = {
   { 'y', OPT_LOCALISE },
   { '1', OPT_DBUS },
   { '3', OPT_BOOTP_DYNAMIC },
+  { '5', OPT_NO_PING },
   { 'v', 0},
   { 'w', 0},
   { 0, 0 }
@@ -177,6 +178,8 @@ static const struct {
   { "-1, --enable-dbus", gettext_noop("Enable the DBus interface for setting upstream servers, etc."), NULL },
   { "-2, --no-dhcp-interface=interface", gettext_noop("Do not provide DHCP on this interface, only provide DNS."), NULL },
   { "-3, --bootp-dynamic", gettext_noop("Enable dynamic address allocation for bootp."), NULL },
+  { "-4, --dhcp-mac=<id>,<mac address>", gettext_noop("Map MAC address (with wildcards) to option set."), NULL },
+  { "-5, --no-ping", gettext_noop("Disable ICMP echo address checking in the DHCP server."), NULL },
   { NULL, NULL, NULL }
 }; 
 
@@ -298,7 +301,6 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
   daemon->namebuff = buff;
 
   /* Set defaults - everything else is zero or NULL */
-  daemon->min_leasetime = UINT_MAX;
   daemon->cachesize = CACHESIZ;
   daemon->port = NAMESERVER_PORT;
   daemon->default_resolv.is_default = 1;
@@ -646,8 +648,6 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		   "interface=" to disable all interfaces except loop. */
 		new->name = safe_string_alloc(arg);
 		new->isloop = new->used = 0;
-		if (safe_strchr(new->name, ':'))
-		  daemon->options |= OPT_NOWILD;
 		arg = comma;
 	      } while (arg);
 	      break;
@@ -663,8 +663,6 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		  {
 		    new->next = daemon->if_except;
 		    daemon->if_except = new;
-		    if (safe_strchr(new->name, ':'))
-		      daemon->options |= OPT_NOWILD;
 		  }
 		else
 		  {
@@ -702,16 +700,17 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		  {
 		    new->addr.sa.sa_family = AF_INET;
 #ifdef HAVE_SOCKADDR_SA_LEN
-		    new->addr.in.sin_len = sizeof(struct sockaddr_in);
+		    new->addr.in.sin_len = sizeof(new->addr.in);
 #endif
 		  }
 #ifdef HAVE_IPV6
 		else if (arg && inet_pton(AF_INET6, arg, &new->addr.in6.sin6_addr) > 0)
 		  {
 		    new->addr.sa.sa_family = AF_INET6;
-		    new->addr.in6.sin6_flowinfo = htonl(0);
+		    new->addr.in6.sin6_flowinfo = 0;
+		    new->addr.in6.sin6_scope_id = 0;
 #ifdef HAVE_SOCKADDR_SA_LEN
-		    new->addr.in6.sin6_len = sizeof(struct sockaddr_in6);
+		    new->addr.in6.sin6_len = sizeof(new->addr.in6);
 #endif
 		  }
 #endif
@@ -839,9 +838,10 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 			newlist->addr.in6.sin6_port = htons(serv_port);
 			newlist->source_addr.in6.sin6_port = htons(source_port);
 			newlist->addr.sa.sa_family = newlist->source_addr.sa.sa_family = AF_INET6;
-			newlist->addr.in6.sin6_flowinfo = newlist->source_addr.in6.sin6_flowinfo = htonl(0);
+			newlist->addr.in6.sin6_flowinfo = newlist->source_addr.in6.sin6_flowinfo = 0;
+			newlist->addr.in6.sin6_scope_id = newlist->source_addr.in6.sin6_scope_id = 0;
 #ifdef HAVE_SOCKADDR_SA_LEN
-			newlist->addr.in6.sin6_len = newlist->source_addr.in6.sin6_len = sizeof(struct sockaddr_in6);
+			newlist->addr.in6.sin6_len = newlist->source_addr.in6.sin6_len = sizeof(newlist->addr.in6);
 #endif
 			if (source)
 			  {
@@ -949,6 +949,7 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		new->broadcast.s_addr = 0;
 		new->router.s_addr = 0;
 		new->netid.net = NULL;
+		new->filter = NULL;
 		new->flags = 0;
 		
 		problem = _("bad dhcp-range");
@@ -959,26 +960,40 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		    break;
 		  }
 		
-		for (cp = arg; *cp; cp++)
-		  if (!(*cp == ' ' || *cp == '.' ||  (*cp >='0' && *cp <= '9')))
-		    break;
-
-		if (*cp != ',' && (comma = strchr(arg, ',')))
+		while(1)
 		  {
-		    *comma = 0;
-		    if (strstr(arg, "net:") == arg)
+		    for (cp = arg; *cp; cp++)
+		      if (!(*cp == ' ' || *cp == '.' ||  (*cp >='0' && *cp <= '9')))
+			break;
+		    
+		    if (*cp != ',' && (comma = strchr(arg, ',')))
 		      {
-			new->netid.net = safe_string_alloc(arg+4);
-			new->netid.next = NULL;
-			new->flags |= CONTEXT_FILTER;
+			*comma = 0;
+			if (strstr(arg, "net:") == arg)
+			  {
+			    struct dhcp_netid *tt = safe_malloc(sizeof (struct dhcp_netid));
+			    tt->net = safe_string_alloc(arg+4);
+			    tt->next = new->filter;
+			    new->filter = tt;
+			  }
+			else
+			  {
+			    if (new->netid.net)
+			      {
+				option = '?';
+				problem = _("only one netid tag allowed");
+			      }
+			    else
+			      new->netid.net = safe_string_alloc(arg);
+			  }
+			arg = comma + 1;
 		      }
 		    else
-		      new->netid.net = safe_string_alloc(arg);
-		    a[0] = comma + 1;
+		      {
+			a[0] = arg;
+			break;
+		      }
 		  }
-		else
-		  a[0] = arg;
-
 		
 		for (k = 1; k < 5; k++)
 		  {
@@ -987,7 +1002,7 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		    *(a[k]++) = 0;
 		  }
 		  
-		if ((k < 2) || ((new->start.s_addr = inet_addr(a[0])) == (in_addr_t)-1))
+		if (option == '?' || (k < 2) || ((new->start.s_addr = inet_addr(a[0])) == (in_addr_t)-1))
 		  option = '?';
 		else if (strcmp(a[1], "static") == 0)
 		  {
@@ -1067,9 +1082,6 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 			  }
 		      }
 		  }
-				
-		if (new->lease_time < daemon->min_leasetime)
-		  daemon->min_leasetime = new->lease_time;
 		break;
 	      }
 
@@ -1110,7 +1122,7 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 			      int len;
 			      arg += 3; /* dump id: */
 			      if (strchr(arg, ':'))
-				len = parse_hex(arg, (unsigned char *)arg, -1, NULL);
+				len = parse_hex(arg, (unsigned char *)arg, -1, NULL, NULL);
 			      else
 				len = (int) strlen(arg);
 			      
@@ -1125,10 +1137,11 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 			  new->flags |= CONFIG_NETID;
 			  new->netid.net = safe_string_alloc(arg+4);
 			}
-		      else if (parse_hex(a[j],  new->hwaddr, 6, &new->wildcard_mask) == 6)
+		      else 
+			{
+			  new->hwaddr_len = parse_hex(a[j],  new->hwaddr, DHCP_CHADDR_MAX, &new->wildcard_mask, &new->hwaddr_type);
 			  new->flags |= CONFIG_HWADDR;
-		      else
-			option = '?';
+			}
 		    }
 		  else if (strchr(a[j], '.') && (in.s_addr = inet_addr(a[j])) != (in_addr_t)-1)
 		    {
@@ -1208,11 +1221,8 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		    free(new);
 		  }
 		else
-		  {
-		    if ((new->flags & CONFIG_TIME) && new->lease_time < daemon->min_leasetime)
-		      daemon->min_leasetime = new->lease_time;
-		    daemon->dhcp_conf = new;
-		  }
+		  daemon->dhcp_conf = new;
+		  
 		break;
 	      }
 	      
@@ -1223,7 +1233,7 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		int addrs, digs, is_addr, is_hex, is_dec;
 		
 		new->len = 0;
-		new->is_addr = 0;
+		new->flags = 0;
 		new->netid = NULL;
 		new->val = NULL;
 		new->vendor_class = NULL;
@@ -1335,7 +1345,7 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 			  digs++;
 			  is_dec = is_addr = 0;
 			}
-		      else if (*cp == '.')
+		      else if (*cp == '.' || *cp == '/')
 			is_dec = is_hex = 0;
 		      else if (!((*cp >='0' && *cp <= '9') || *cp == '-'))
 			{
@@ -1357,7 +1367,7 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		      {
 			new->len = digs;
 			new->val = safe_malloc(new->len);
-			parse_hex(comma, new->val, digs, NULL);
+			parse_hex(comma, new->val, digs, NULL, NULL);
 		      }
 		    else if (is_dec)
 		      {
@@ -1396,19 +1406,42 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		    else if (is_addr)	
 		      {
 			struct in_addr in;
-			unsigned char *op;
-			new->len = INADDRSZ * addrs;
-			new->val = op = safe_malloc(new->len);
-			new->is_addr = 1;
+       			unsigned char *op;
+			char *slash;
+			/* max length of address/subnet descriptor is five bytes */
+			new->val = op = safe_malloc(5 * addrs);
+			if (!new->vendor_class)
+			  new->flags |= DHOPT_ADDR;
 			while (addrs--) 
 			  {
 			    cp = comma;
 			    if ((comma = strchr(cp, ',')))
 			      *comma++ = 0;
+			    if ((slash = strchr(cp, '/')))
+			      *slash++ = 0;
 			    in.s_addr = inet_addr(cp);
-			    memcpy(op, &in, INADDRSZ);
-			    op += INADDRSZ;
+			    if (!slash)
+			      {
+				memcpy(op, &in, INADDRSZ);
+				op += INADDRSZ;
+			      }
+			    else
+			      {
+				unsigned char *p = (unsigned char *)&in;
+				int netsize = atoi(slash);
+				*op++ = netsize;
+				if (netsize > 0)
+				  *op++ = *p++;
+				if (netsize > 8)
+				  *op++ = *p++;
+				if (netsize > 16)
+				  *op++ = *p++;
+				if (netsize > 24)
+				 *op++ = *p++;
+				new->flags &= ~DHOPT_ADDR; /* cannot re-write descriptor format */
+			      } 
 			  }
+			new->len = op - new->val;
 		      }
 		    else
 		      {
@@ -1416,6 +1449,7 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 			new->len = strlen(comma);
 			/* keep terminating zero on string */
 			new->val = (unsigned char *)safe_string_alloc(comma);
+			new->flags |= DHOPT_STRING;
 		      }
 		  }
 
@@ -1508,7 +1542,24 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 		  }
 		break;
 	      }
-
+	      
+	    case '4':
+	      {
+		if (!(comma = safe_strchr(arg, ',')))
+		  option = '?';
+		else
+		  {
+		    struct dhcp_mac *new = safe_malloc(sizeof(struct dhcp_mac));
+		    *comma = 0;
+		    new->netid.net = safe_string_alloc(arg);
+		    unhide_metas(comma+1);
+		    new->hwaddr_len = parse_hex(comma+1, new->hwaddr, DHCP_CHADDR_MAX, &new->mask, &new->hwaddr_type);
+		    new->next = daemon->dhcp_macs;
+		    daemon->dhcp_macs = new;
+		  }
+	      }
+	      break;
+	      
 	    case 'U':
 	    case 'j':
 	      {
@@ -1749,9 +1800,9 @@ struct daemon *read_opts (int argc, char **argv, char *compile_opts)
 	  else
 	    die(_("bad command line options: %s."),
 #ifdef HAVE_GETOPT_LONG
-		problem ? problem : "try --help"
+		problem ? problem : _("try --help")
 #else
-		problem ? problem : "try -w"
+		problem ? problem : _("try -w")
 #endif
 		);
 	}

src/rfc1035.c

@@ -17,7 +17,7 @@ static int add_resource_record(HEADER *header, char *limit, int *truncp,
 			       unsigned long ttl, unsigned int *offset, unsigned short type, 
 			       unsigned short class, char *format, ...);
 
-static int extract_name(HEADER *header, unsigned int plen, unsigned char **pp, 
+static int extract_name(HEADER *header, size_t plen, unsigned char **pp, 
 			char *name, int isExtract)
 {
   unsigned char *cp = (unsigned char *)name, *p = *pp, *p1 = NULL;
@@ -32,13 +32,13 @@ static int extract_name(HEADER *header, unsigned int plen, unsigned char **pp,
       unsigned int label_type = l & 0xc0;
       if (label_type == 0xc0) /* pointer */
 	{ 
-	  if (p - (unsigned char *)header + 1u >= plen)
+	  if ((size_t)(p - (unsigned char *)header + 1) >= plen)
 	    return 0;
 	      
 	  /* get offset */
 	  l = (l&0x3f) << 8;
 	  l |= *p++;
-	  if (l >= (unsigned int)plen) 
+	  if (l >= plen) 
 	    return 0;
 	  
 	  if (!p1) /* first jump, save location to go back to */
@@ -70,7 +70,7 @@ static int extract_name(HEADER *header, unsigned int plen, unsigned char **pp,
 	  /* output is \[x<hex>/siz]. which is digs+9 chars */
 	  if (cp - (unsigned char *)name + digs + 9 >= MAXDNAME)
 	    return 0;
-	  if (p - (unsigned char *)header + ((count-1)>>3) + 1u >= plen)
+	  if ((size_t)(p - (unsigned char *)header + ((count-1)>>3) + 1) >= plen)
 	    return 0;
 
 	  *cp++ = '\\';
@@ -94,7 +94,7 @@ static int extract_name(HEADER *header, unsigned int plen, unsigned char **pp,
 	{ /* label_type = 0 -> label. */
 	  if (cp - (unsigned char *)name + l + 1 >= MAXDNAME)
 	    return 0;
-	  if (p - (unsigned char *)header + 1u >= plen)
+	  if ((size_t)(p - (unsigned char *)header + 1) >= plen)
 	    return 0;
 	  for(j=0; j<l; j++, p++)
 	    if (isExtract)
@@ -134,7 +134,11 @@ static int extract_name(HEADER *header, unsigned int plen, unsigned char **pp,
     }
 
   if (isExtract)
-    *--cp = 0; /* terminate: lose final period */
+    {
+      if (cp != (unsigned char *)name)
+	cp--;
+      *cp = 0; /* terminate: lose final period */
+    }
   else if (*cp != 0)
     retvalue = 2;
     
@@ -253,7 +257,7 @@ static int in_arpa_name_2_addr(char *namein, struct all_addr *addrp)
   return 0;
 }
 
-static unsigned char *skip_name(unsigned char *ansp, HEADER *header, unsigned int plen)
+static unsigned char *skip_name(unsigned char *ansp, HEADER *header, size_t plen)
 {
   while(1)
     {
@@ -298,7 +302,7 @@ static unsigned char *skip_name(unsigned char *ansp, HEADER *header, unsigned in
   return ansp;
 }
 
-static unsigned char *skip_questions(HEADER *header, unsigned int plen)
+static unsigned char *skip_questions(HEADER *header, size_t plen)
 {
   int q, qdcount = ntohs(header->qdcount);
   unsigned char *ansp = (unsigned char *)(header+1);
@@ -315,7 +319,7 @@ static unsigned char *skip_questions(HEADER *header, unsigned int plen)
   return ansp;
 }
 
-static unsigned char *skip_section(unsigned char *ansp, int count, HEADER *header, unsigned int plen)
+static unsigned char *skip_section(unsigned char *ansp, int count, HEADER *header, size_t plen)
 {
   int i, rdlen;
   
@@ -338,7 +342,7 @@ static unsigned char *skip_section(unsigned char *ansp, int count, HEADER *heade
    might be poisoning attacks. Note that we decode the name rather 
    than CRC the raw bytes, since replies might be compressed differently. 
    We ignore case in the names for the same reason. */
-unsigned int questions_crc(HEADER *header, unsigned int plen, char *name)
+unsigned int questions_crc(HEADER *header, size_t plen, char *name)
 {
   int q;
   unsigned int crc = 0xffffffff;
@@ -380,7 +384,7 @@ unsigned int questions_crc(HEADER *header, unsigned int plen, char *name)
 }
 
 
-int resize_packet(HEADER *header, unsigned int plen, unsigned char *pheader, unsigned int hlen)
+size_t resize_packet(HEADER *header, size_t plen, unsigned char *pheader, size_t hlen)
 {
   unsigned char *ansp = skip_questions(header, plen);
     
@@ -403,7 +407,7 @@ int resize_packet(HEADER *header, unsigned int plen, unsigned char *pheader, uns
   return ansp - (unsigned char *)header;
 }
 
-unsigned char *find_pseudoheader(HEADER *header, unsigned int plen, unsigned int *len, unsigned char **p)
+unsigned char *find_pseudoheader(HEADER *header, size_t plen, size_t  *len, unsigned char **p)
 {
   /* See if packet has an RFC2671 pseudoheader, and if so return a pointer to it. 
      also return length of pseudoheader in *len and pointer to the UDP size in *p */
@@ -428,7 +432,7 @@ unsigned char *find_pseudoheader(HEADER *header, unsigned int plen, unsigned int
       save = ansp;
       ansp += 6; /* class, TTL */
       GETSHORT(rdlen, ansp);
-      if ((unsigned int)(ansp + rdlen - (unsigned char *)header) > plen) 
+      if ((size_t)(ansp + rdlen - (unsigned char *)header) > plen) 
 	return NULL;
        ansp += rdlen;
        if (type == T_OPT)
@@ -470,7 +474,7 @@ static void dns_doctor(HEADER *header, struct doctor *doctor, struct in_addr *ad
       }
 }
 
-static int find_soa(HEADER *header, struct doctor *doctor, unsigned int qlen)
+static int find_soa(HEADER *header, struct doctor *doctor, size_t qlen)
 {
   unsigned char *p;
   int qtype, qclass, rdlen;
@@ -513,7 +517,7 @@ static int find_soa(HEADER *header, struct doctor *doctor, unsigned int qlen)
       else
 	p += rdlen;
       
-      if ((unsigned int)(p - (unsigned char *)header) > qlen)
+      if ((size_t)(p - (unsigned char *)header) > qlen)
 	return 0; /* bad packet */
     }
  
@@ -533,7 +537,7 @@ static int find_soa(HEADER *header, struct doctor *doctor, unsigned int qlen)
 	
 	p += rdlen;
 	
-	if ((unsigned int)(p - (unsigned char *)header) > qlen)
+	if ((size_t)(p - (unsigned char *)header) > qlen)
 	  return 0; /* bad packet */
       }
  
@@ -543,7 +547,7 @@ static int find_soa(HEADER *header, struct doctor *doctor, unsigned int qlen)
 /* Note that the following code can create CNAME chains that don't point to a real record,
    either because of lack of memory, or lack of SOA records.  These are treated by the cache code as 
    expired and cleaned out that way. */
-void extract_addresses(HEADER *header, unsigned int qlen, char *name, time_t now, struct daemon *daemon)
+void extract_addresses(HEADER *header, size_t qlen, char *name, time_t now, struct daemon *daemon)
 {
   unsigned char *p, *p1, *endrr;
   int i, j, qtype, qclass, aqtype, aqclass, ardlen, res, searched_soa = 0;
@@ -625,7 +629,7 @@ void extract_addresses(HEADER *header, unsigned int qlen, char *name, time_t now
 		    }
 		  
 		  p1 = endrr;
-		  if ((unsigned int)(p1 - (unsigned char *)header) > qlen)
+		  if ((size_t)(p1 - (unsigned char *)header) > qlen)
 		    return; /* bad packet */
 		}
 	    }
@@ -709,7 +713,7 @@ void extract_addresses(HEADER *header, unsigned int qlen, char *name, time_t now
 		    }
 		  
 		  p1 = endrr;
-		  if ((unsigned int)(p1 - (unsigned char *)header) > qlen)
+		  if ((size_t)(p1 - (unsigned char *)header) > qlen)
 		    return; /* bad packet */
 		}
 	    }
@@ -742,7 +746,7 @@ void extract_addresses(HEADER *header, unsigned int qlen, char *name, time_t now
 /* If the packet holds exactly one query
    return 1 and leave the name from the query in name. */
 
-unsigned short extract_request(HEADER *header,unsigned int qlen, char *name, unsigned short *typep)
+unsigned short extract_request(HEADER *header, size_t qlen, char *name, unsigned short *typep)
 {
   unsigned char *p = (unsigned char *)(header+1);
   int qtype, qclass;
@@ -776,7 +780,7 @@ unsigned short extract_request(HEADER *header,unsigned int qlen, char *name, uns
 }
 
 
-int setup_reply(HEADER *header, unsigned int qlen,
+size_t setup_reply(HEADER *header, size_t qlen,
 		struct all_addr *addrp, unsigned short flags, unsigned long ttl)
 {
   unsigned char *p = skip_questions(header, qlen);
@@ -841,7 +845,7 @@ int check_for_local_domain(char *name, time_t now, struct daemon *daemon)
 /* Is the packet a reply with the answer address equal to addr?
    If so mung is into an NXDOMAIN reply and also put that information
    in the cache. */
-int check_for_bogus_wildcard(HEADER *header, unsigned int qlen, char *name, 
+int check_for_bogus_wildcard(HEADER *header, size_t qlen, char *name, 
 			     struct bogus_addr *baddr, time_t now)
 {
   unsigned char *p;
@@ -966,8 +970,8 @@ static int add_resource_record(HEADER *header, char *limit, int *truncp, unsigne
 }
 
 /* return zero if we can't answer from cache, or packet size if we can */
-int answer_request(HEADER *header, char *limit, unsigned int qlen, struct daemon *daemon, 
-		   struct in_addr local_addr, struct in_addr local_netmask, time_t now) 
+size_t answer_request(HEADER *header, char *limit, size_t qlen, struct daemon *daemon, 
+		      struct in_addr local_addr, struct in_addr local_netmask, time_t now) 
 {
   char *name = daemon->namebuff;
   unsigned char *p, *ansp, *pheader;
@@ -1049,11 +1053,15 @@ int answer_request(HEADER *header, char *limit, unsigned int qlen, struct daemon
 	      if (t->class == qclass && hostname_isequal(name, t->name))
 		{
 		  ans = 1;
-		  log_query(F_CNAME | F_FORWARD | F_CONFIG | F_NXDOMAIN, name, NULL, 0, NULL, 0);
-		  if (!dryrun &&
-		      add_resource_record(header, limit, &trunc, nameoffset, &ansp, 0, NULL,
-					  T_TXT, t->class, "t", t->len, t->txt))
-		    anscount++;
+		  if (!dryrun)
+		    {
+		      log_query(F_CNAME | F_FORWARD | F_CONFIG | F_NXDOMAIN, name, NULL, 0, NULL, 0);
+		      if (add_resource_record(header, limit, &trunc, nameoffset, &ansp, 
+					      daemon->local_ttl, NULL,
+					      T_TXT, t->class, "t", t->len, t->txt))
+			anscount++;
+
+		    }
 		}
 	    }
 	}

src/util.c

@@ -15,6 +15,10 @@
 
 #include "dnsmasq.h"
 
+#ifdef HAVE_BROKEN_RTC
+#include <sys/times.h>
+#endif
+
 /* Prefer arc4random(3) over random(3) over rand(3) */
 /* Also prefer /dev/urandom over /dev/random, to preserve the entropy pool */
 #ifdef HAVE_ARC4RANDOM
@@ -186,13 +190,12 @@ int sockaddr_isequal(union mysockaddr *s1, union mysockaddr *s2)
     { 
       if (s1->sa.sa_family == AF_INET &&
 	  s1->in.sin_port == s2->in.sin_port &&
-	  memcmp(&s1->in.sin_addr, &s2->in.sin_addr, sizeof(struct in_addr)) == 0)
+	  s1->in.sin_addr.s_addr == s2->in.sin_addr.s_addr)
 	return 1;
 #ifdef HAVE_IPV6      
       if (s1->sa.sa_family == AF_INET6 &&
 	  s1->in6.sin6_port == s2->in6.sin6_port &&
-	  s1->in6.sin6_flowinfo == s2->in6.sin6_flowinfo &&
-	  memcmp(&s1->in6.sin6_addr, &s2->in6.sin6_addr, sizeof(struct in6_addr)) == 0)
+	  IN6_ARE_ADDR_EQUAL(&s1->in6.sin6_addr, &s2->in6.sin6_addr))
 	return 1;
 #endif
     }
@@ -234,21 +237,17 @@ int hostname_isequal(char *a, char *b)
   return 1;
 }
     
-time_t dnsmasq_time(int fd)
+time_t dnsmasq_time(void)
 {
 #ifdef HAVE_BROKEN_RTC
-  /* we use uptime as a time-base, rather than epoch time
-     because epoch time can break when a machine contacts
-     a nameserver and updates it. */
-  char buf[30];
-  lseek(fd, 0, SEEK_SET);
-  read(fd, buf, 30);
-  /* ensure the time is terminated even if /proc/uptime sends something unexpected */
-  buf[29] = 0;  
-  read(fd, buf, 30);
-  return (time_t)atol(buf);
+  struct tms dummy;
+  static long tps = 0;
+
+  if (tps == 0)
+    tps = sysconf(_SC_CLK_TCK);
+
+  return (time_t)(times(&dummy)/tps);
 #else
-  fd = 0; /* stop warning */
   return time(NULL);
 #endif
 }
@@ -319,25 +318,39 @@ void prettyprint_time(char *buf, unsigned int t)
 
 
 /* in may equal out, when maxlen may be -1 (No max len). */
-int parse_hex(char *in, unsigned char *out, int maxlen, unsigned int *wildcard_mask)
+int parse_hex(char *in, unsigned char *out, int maxlen, 
+	      unsigned int *wildcard_mask, int *mac_type)
 {
   int mask = 0, i = 0;
   char *r;
-
+    
+  if (mac_type)
+    *mac_type = 0;
+  
   while (maxlen == -1 || i < maxlen)
     {
       for (r = in; *r != 0 && *r != ':' && *r != '-'; r++);
       if (*r == 0)
 	maxlen = i;
+      
       if (r != in )
 	{
-	  *r = 0;
-	  mask = mask << 1;
-	  if (strcmp(in, "*") == 0)
-	    mask |= 1;
+	  if (*r == '-' && i == 0 && mac_type)
+	   {
+	      *r = 0;
+	      *mac_type = strtol(in, NULL, 16);
+	      mac_type = NULL;
+	   }
 	  else
-	    out[i] = strtol(in, NULL, 16);
-	  i++;
+	    {
+	      *r = 0;
+	      mask = mask << 1;
+	      if (strcmp(in, "*") == 0)
+		mask |= 1;
+	      else
+		out[i] = strtol(in, NULL, 16);
+	      i++;
+	    }
 	}
       in = r+1;
     }
@@ -347,3 +360,39 @@ int parse_hex(char *in, unsigned char *out, int maxlen, unsigned int *wildcard_m
 
   return i;
 }
+
+int memcmp_masked(unsigned char *a, unsigned char *b, int len, unsigned int mask)
+{
+  int i;
+  for (i = len - 1; i >= 0; i--, mask = mask >> 1)
+    if (!(mask & 1) && a[i] != b[i])
+      return 0;
+
+  return 1;
+}
+
+/* _note_ may copy buffer */
+int expand_buf(struct iovec *iov, size_t size)
+{
+  void *new;
+
+  if (size <= iov->iov_len)
+    return 1;
+
+  if (!(new = malloc(size)))
+    {
+      errno = ENOMEM;
+      return 0;
+    }
+
+  if (iov->iov_base)
+    {
+      memcpy(new, iov->iov_base, iov->iov_len);
+      free(iov->iov_base);
+    }
+
+  iov->iov_base = new;
+  iov->iov_len = size;
+
+  return 1;
+}