dan
/
tor-android
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
tor-android/jni/pdnsd/doc/html/index.html

687 lines
36 KiB
HTML
Raw Normal View History

add support for PDNSD DNS Daemon for VPN DNS resolution Tor's DNS port doesn't work well with the VPN mode, so we will use PDSND to resolve DNS over Tor using OpenDNS. This is a hack/solution that we learned from SocksDroid.
2016-01-04 06:38:36 +00:00
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>pdnsd homepage</title>
<meta http-equiv="Content-type" content="text/html; charset=ISO-8859-1">
<style type="text/css">
<!--
.small { font-family:helvetica; font-size:small; text-align:center; }
// -->
</style>
</head>
<body bgcolor="#EEEEEE">
<!-- This html code is used for the homepage and for the pdnsd documentation. Since there are some sections that
are unwanted in the documentation (particularly the link section with non-local images), and some things that shall
not appear in the textified version (some links etc), I introduce 4 tags: the homepage html code is translated to
documentation html code by replacing the "nodoc(" comment with the html start comment tag, and the ")nodoc" comment
with the html end comment tag.
Likewise, before the doc html version is translated to text, the "notext(" and ")notext" comments are translated to
html comment tags.
-->
<!--notext(-->
<table width="100%">
<tr>
<td> <span class="small">
<a href="index.html#aboutpdnsd">About pdnsd</a>
</span></td>
<td> <span class="small">
<a href="faq.html">pdnsd FAQ</a>
</span></td>
<td> <span class="small">
<a href="doc.html">Documentation</a>
</span></td>
<td> <span class="small">
<a href="../../COPYING">GNU GPL (pdnsd's License)</a>
</span> </td>
<td><span class="small">
<a href="dl.html">Download Section</a>
</span></td>
</tr>
</table>
<center><h1>The pdnsd Homepage</h1></center>
<center><h2>News</h2></center>
<table width="100%" cellspacing=1 cellpadding=7>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2012-03-17</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.9a-par has been released.</b>
Version 1.2.9a fixes a bug in the 1.2.9 release that causes a build failure when pdnsd is
configured with <span style="white-space:nowrap;"><code>--enable-strict-rfc2181</code></span>.
If you do not use this option to compile pdnsd, there is no need to upgrade from 1.2.9 to 1.2.9a.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2012-02-27</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.9-par has been released.</b>
Version 1.2.9 supports many more RR types (including those necessary for DNSSEC) and
EDNS (Extension mechanisms for DNS) to enable UDP messages larger than 512 bytes.
It also has support for defining local TXT records and has several new options and bugfixes
(including file descriptor leaks that effect FreeBSD users).
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2011-05-03</b></td>
<td bgcolor="#ccffff" width="80%"><b>The latest source code is available from a
<a href="http://gitorious.org/pdnsd">git repository</a>.</b><br>
In response to frequent requests I have uploaded a git tree including the latest code
and a fairly extensive history of pdnsd development to
<a href="http://gitorious.org/pdnsd/pdnsd">gitorious.org</a>.
Anyone who wants to participate in pdnsd development is free to create a
<a href="http://gitorious.org/pdnsd/pdnsd/clone">clone repo on gitorious.org</a>
and push his modifications there.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2010-02-22</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.8-par has been released.</b>
The main new feature of version 1.2.8 is automatic discovery of root servers.
Furthermore, there are some additional improvements in the resolver.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2008-09-04</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.7-par has been released.</b>
Foremost, this release fixes some security problems.
It contains a fix for a "dangling pointer" bug that could cause pdnsd to
crash when it received a long reply. It also addresses some of the issues
raised in the <a href="http://www.kb.cert.org/vuls/id/800113">CERT
vulnerability note VU#800113</a> by making the default of
<code>query_port_start</code> equal to 1024, thereby ensuring that source
ports are randomly selected by the pdnsd resolver in the range 1024-65535.
This release also fixes problems with compiling pdnsd for the ARM architecture
and for the Darwin platform (Max OS X).
<br>
There are a number of (minor) new features.
pdnsd now supports "include" files, essentially configuration files that
only contain definitions for local records.
It is now possible to define interactively, using <code>pdnsd-ctl</code>,
any local record that can be defined in a configuration file.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2007-09-04</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.6-par has been released.</b>
pdnsd's license has been upgraded to GPL version 3.
A bug has been fixed which which caused pdnsd to handle NXDOMAIN replies
inefficiently when configured with <code>neg_domain_pol=on</code>. The
code that implements the ping test has been fixed, which was broken for
64-bit systems. A new option <code>randomize_servers</code> can be used
to give each server in a section of the configuration file an equal
chance of being queried. The new options <code>reject</code>,
<code>reject_policy</code> and <code>reject_recursively</code> make it
possible to check for the presence of certain IP addresses in the
replies of name servers and to avoid some types of unwanted replies.
The pdnsd-ctl '<code>add a</code>' and '<code>add aaaa</code>' commands
now allow multiple IP addresses to be specified for the same name.
pdnsd's ability to resolve from root servers has been improved.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2006-09-02</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.5-par has been released.</b>
This release introduces a new query method: <code>udp_tcp</code>.
With this method a UDP query is tried first and, if the UDP answer is
truncated, the query is repeated using TCP, which is the behaviour that
seems to be recommended by the DNS standards. There is a new
configuration option <code>use_nss</code>, which can be turned off to
prevent lengthy timeouts and stalls in certain situations. A bug has
been fixed which could cause pdnsd to crash if debug output was
generated before the debug output stream was properly initialized.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2006-01-09</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.4-par has been released.</b>
A memory leak and a minor buffer-overflow problem have been fixed.
There is now a fix for some situations that would previously cause pdnsd to
exit prematurely (such as ACPI S3 sleep or trying to attach strace to pdnsd).
Time intervals specified in the configuration file can now be expressed in
minutes, hours, days and weeks as well as seconds.
Support for Apple Mac OS X v10.4 Tiger has been improved.
The "<code>pdnsd-ctl&nbsp;status</code>" command now also provides some
information about the status of the running threads.
There are some further improvements in the debugging information provided by pdnsd.<br>
TCP-query support is now compiled in by default (but can still be disabled using
the configure option <code>--disable-tcp-queries</code>).
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2005-07-11</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.3-par has been released.</b>
New feature in this release: the "<code>pdnsd-ctl&nbsp;empty-cache</code>" command can
be provided with an include/exclude list, allowing the user to specify a
selection of names to be removed, instead of emptying the cache completely.<br>
Additional improvements: pdnsd should now remain responsive while executing the
"<code>pdnsd-ctl&nbsp;empty-cache</code>" command.
With the <code>query_method=tcp_udp</code> option pdnsd will now also
try a UDP query after a TCP connection times out, which should allow
pdnsd to resolve the same names with <code>query_method=tcp_udp</code>
as with <code>query_method=udp_only</code>, although perhaps with an
occasional delay.
"<code>pdnsd-ctl&nbsp;config</code>" or "<code>pdnsd-ctl&nbsp;server</code>"
commands should now run without delays, even if pdnsd is performing
<code>ping</code> or <code>query</code> uptests at the time.
Some problems with resolving certain names using root servers have been fixed.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2005-04-03</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.2-par has been released.</b>
The main emphasis of this release is improved portability.
A bug has been fixed that prevented pdnsd from compiling successfully on some
64 bit architectures.
This release has (experimental) support for the Darwin (Apple Mac OS X) platform.
On Linux systems, the configure script will now try to detect automatically whether
the system implements the Native POSIX Thread Library, but the method used may not
necessarily be foolproof.
In addition, the debug features have been improved and should make it easier to find out
why pdnsd considers some queries or replies malformed.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2004-11-07</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2.1-par has been released.</b>
The main new feature of this release is improved support for non-Linux platforms.<br>
This release has (experimental) support for the Cygwin platform, and should also fix
some compilation glitches that have been reported by FreeBSD users.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2004-10-10</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.2-par has been released.</b>
pdnsd is new and improved! Most of the changes effect the internal workings
of pdnsd, but there also a number of interesting new features (well, I think they are interesting).<br>
Among the bugs fixed are two rather nasty ones which involve the handling of NXT and NAPTR records
and which can cause pdnsd to crash or abort.<br>
The new features include a new server availability test which can be specified with <code>uptest=query</code>,
support for reading the DNS configuration from resolv.conf files,
a new option for optimizing the use of root servers,
a new option that makes defining local records for reverse resolving easier,
support for defining wildcard records,
a new pdnsd-ctl command for reloading the config file without restarting pdnsd, and
a new pdnsd-ctl command for dumping information about the names stored in the cache.
The documentation has also been updated: there is now a <code>pdnsd.conf</code> man page.<br>
For a more complete list of the changes I'll have to refer you to <a href="../../README.par"><code>README.par</code></a> and the <a
href="../../ChangeLog"><code>ChangeLog</code></a>.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2004-05-22</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.1.11a-par has been released.</b>
This release contains a fix for FreeBSD users that bypasses a problem
with the macro <code>ENONET</code>, which can cause a compilation failure when it is undefined.
Linux users will notice no difference between 1.1.11a-par and 1.1.11-par.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2004-05-10</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.1.11-par has been released.</b>
This version has a rather large number of small changes, which are rather difficult to summarize.
Among the bugs fixed are a race condition in the cache lookup code, a
flaw in the code that caused a busy spin when a remote server answered
with "Not Implemented", and problems with the -4 and -6 command-line
options. Among the improvements are an alternative sorting algorithm
which should allow pdnsd to start up faster when reading a large cache
file from disk, automatic mapping of IPv4 to IPv6 addresses when running
in IPv6 mode, somewhat more efficient memory use, better compression of
the replies and changes in the parallel querying algorithm that should
improve the chances of catching a reply from a remote server.<br>
For a more complete list of the changes I'll have to refer you to <a href="../../README.par"><code>README.par</code></a> and the <a
href="../../ChangeLog"><code>ChangeLog</code></a>.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2004-02-10</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.1.10-par has been released.</b>
The main new feature of this release is a new parser for configuration
files, completely rewritten from scratch in C. The main advantages are:
(f)lex and yacc/bison are no longer needed to build pdnsd, more
informative error messages instead of merely "<code>parse error</code>",
and string literals no longer need to be enclosed in quotes in most
cases.<br> Furthermore, a bug has been fixed that caused incorrect
IPV6-type PTR records to be generated when sourcing
<code>/etc/hosts</code> like files.<br>
There have been other small changes, more details can be found in the <a
href="../../ChangeLog"><code>ChangeLog</code></a>.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2004-01-08</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.1.9-par has been released.</b>
"maintenance" release by Paul Rombouts.<br>
The change of version number is not very significant; the
difference between 1.1.9-par and the previous 1.1.8b1-par8 is marginal.
However, I felt the need to simplify the numbering, because it was
becoming rather baroque.<br>
I've added some missing pieces to the documentation (the pdnsd <a
href="doc.html">manual</a> and the man page for pdnsd-ctl). BTW, did you
know that it's possible to define aliases for domain names with pdnsd? I
had plans to implement such a feature when I discovered that pdnsd
already supports it. It was just poorly documented. (If want to try this
for your self, look for the new information about CNAME records under
the rr Section in the <a href="doc.html#rrsection">manual</a>.)<br> The
changes to the code consist mostly of optimizations, removal of some
size limits due to fixed-size buffers, and some cleaning up. I've also
tried to make the error responses of <a
href="doc.html#pdnsdctl"><code>pdnsd-ctl</code></a> more helpful.<br>
More details can be found in the <a href="../../ChangeLog"><code>ChangeLog</code></a>.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2003-10-10</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.1.8b1-par8 has been released.</b>
"maintenance" release by Paul Rombouts.<br>
This version introduces a "delegation-only" feature that may be useful
for blocking Verisign's Sitefinder.<br>
The parser for the configuration file now tolerates domain names missing
a dot at the end.<br>
I have provided alternative implementations for some GNU extensions that I
used in an effort to make the code more portable. In particular, the
code should build on FreeBSD again.<br>
More details can be found in the <a href="../../README.par"><code>README.par</code></a> file.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2003-09-19</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.1.8b1-par7 has been released.</b>
"maintenance" release by Paul Rombouts. Besides fixing a number of bugs I have
reworked some of the code for adding and removing entries in the cache in an
effort to improve efficiency and stability.<br>
More details can be found in the <a href="../../ChangeLog"><code>ChangeLog</code></a>.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2003-07-28</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.1.8b1-par6 has been released.</b>
"maintenance" release by Paul Rombouts. In addition to some further code cleanup,
the documentation has been revised.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2003-07-10</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.1.8b1-par5 has been released.</b>
A troublesome allocation size error has been discovered in Thomas Moestl's code.
In practice this bug only wastes memory but it could
also potentially lead to memory corruption. Upgrading is recommended.
More details can be found in the <code>ChangeLog</code>.
</td>
</tr>
<tr>
<td bgcolor="#ffccff" width="20%"><b>2003-06-30</b></td>
<td bgcolor="#ccffff" width="80%"><b>Version 1.1.8b1-par4 has been released.</b>
Due to incompatibilities between various implementations of
the pthread library on Linux systems, problems can occur with signal handling in
pdnsd. The usual symptom is failure by pdnsd to save the cache to disk, and
<code>/var/cache/pdnsd/pdnsd.cache</code> remaining empty. If you experience
this kind of trouble, try reconfiguring with different values for the new
<code>--with-thread-lib</code> option. The allowable values are
described in the <a href="doc.html#threadlib">documentation</a>.
</td>
</tr>
<tr>
<td bgcolor="#FFCCFF" width="20%"><b>2003-04-07</b></td>
<td bgcolor="#CCFFFF" width="80%"><b>pdnsd is no longer maintained by Thomas Moestl:</b>
I have not had time to maintain pdnsd for quite a while now, and have been very slow to
respond to issues, or did not respond at all. It is time that I officially announce that
pdnsd is no longer actively maintained; I apologize to all those who reported bugs or
asked questions without receiving any reply. However, <b>Paul A. Rombouts</b> has published
a patch set against the last released version at
<a href="http://members.home.nl/p.a.rombouts/pdnsd.html">http://members.home.nl/p.a.rombouts/pdnsd.html</a>,
which cleans up a lot of code fixes many bugs.
</td>
</tr>
<tr>
<td bgcolor="#FFCCFF" width="20%"><b>2002-07-19</b></td>
<td bgcolor="#CCFFFF" width="80%"><b>Documentation update.</b>
Please note that pdnsd should <b>never be installed with setuid or setgid attributes</b>,
as it is not always possible to give up all privileges due to operating system restrictions.
While this was never intended and I don't think that anybody would actually do this, the
documentation was updated to explicitely mention this to avoid misunderstandings.
</td>
</tr>
<tr>
<td bgcolor="#FFCCFF" width="20%"><b>2002-01-15</b></td>
<td bgcolor="#CCFFFF" width="80%"><b>Version 1.1.7a has been released.</b>
This fixes a reversed test in an assertion that would cause pdnsd to termintate when the ping uptest
was used. No other changes were made.
</td>
</tr>
<tr>
<td bgcolor="#FFCCFF" width="20%"><b>2002-01-15</b></td>
<td bgcolor="#CCFFFF" width="80%"><b>Version 1.1.7 has been released.</b>
This fixes some problems that might be remotely exploitable to gain access as the user pdnsd runs as
(an unprivileged user by default). To do this, an attacker needs to control a name server that is
queried by pdnsd, and send a malicious reply to such a query.<br>
Upgrading is strongly recommended!<br>
There are also minor bug fixes and stability improvements.
</td>
</tr>
</table>
<!--)notext-->
<hr>
<h2><a name="aboutpdnsd">About pdnsd</a></h2>
pdnsd is a proxy DNS server with permanent caching (the cache contents
are written to hard disk on exit) that is designed to cope with unreachable
or down DNS servers (for example in dial-in networking).<br>
Since version 1.1.0, pdnsd supports negative caching.<br>
<br>
It is licensed under the <a HREF="http://www.gnu.org">GNU</a> General Public License (<a HREF="../../COPYING">GPL</A><!--notext(-->,
<a HREF="http://www.gnu.org/copyleft/gpl.html">also available in html</A> and
<a HREF="http://www.gnu.org/copyleft/copyleft.html#translations">translated into various languages</A>.<!--)notext-->).
This, in short, means that the sources are distributed togehter with the program, and
that you are free to modify the sources and redistribute them as long as you
also license them under the GPL. You do not need to pay anything for pdnsd.
It also means that there is <b>ABSOLUTELY NO WARRANTY</b> for pdnsd or any part
of it. For details, please <a href="../../COPYING">read the GPL</a>.
<p>
pdnsd can be used with applications that do DNS lookups, e.g. on startup, and
can't be configured to change that behaviour, to prevent the often minute-long
hangs (or even crashes) that result from stalled DNS queries. Some Netscape Navigator
versions for Unix, for example, expose this behaviour.
</p>
pdnsd is configurable via a file and supports run-time configuration using the program pdnsd-ctl that comes
with pdnsd. This allows you to set the status flags of servers that pdnsd knows (to influence which servers
pdnsd will query), and the addition, deletion and invalidation of DNS records in pdnsd's cache.
<br>
Parallel name server queries are supported. This is a technique that allows
querying several servers at the same time so that very slow or unavailable
servers will not block the answer for one timeout interval.
<br>
Since version 1.0.0, pdnsd has full IPv6 support.
<p>
There is also a limited support for local zone records, intended for defining
1.0.0.127.in-addr.arpa. and localhost. , since some clients request that
information and it must be served even if the cached servers are not available
or do not serve these records. pdnsd may also read your /etc/hosts file
(this file is normally used by your local resolver and usually contains
information for localhost as well as for your machines FQDN) and serve its
contents.
</p> <p>
pdnsd was started on Linux, and has since been ported to FreeBSD (and Cygwin and Darwin).
90% of the source code should be easily portable to POSIX-
and BSD-compatible systems, provided that those systems support the POSIX threads (pthreads).
The rest might need OS-specific rewrites.
</p><p>
Currently, pdnsd is only compileable by gcc. This should be easy to fix, but I just
do not have documentation for other compilers. If you are not able or do not want
to use gcc, I would recommend you just try to do the minor changes.
</p>
<p>
pdnsd must be started as root in some cases (raw sockets are needed for icmp
echoes for the option <code>uptest=ping</code>, and the default port is 53, this must be
&gt;1024 to allow non-root execution). However, pdnsd can be configured to change it's user
and group id to those of a non-privileged user after opening the sockets needed for this.
</p> <p>
The server should support the full standard DNS queries following the rfcs 1034
and 1035. As of version 1.0.0, the rfc compliance has been improved again, and pdnsd is now
believed (or hoped?) to be fully rfc-compatible. It completely follows rfc 2181 (except
for one minor issue in the FreeBSD port, see the <a href="doc.html">documentation</a>).
It does not support the
following features, of which most are marked optional, experimental or obsolete
in these rfcs:
</p>
<ul>
<li> Inverse queries
<li> Status queries
<li> Completion queries
<li> Namespaces other than IN (Internet)
<li> AXFR and IXFR queries (whole zone transfers); since pdnsd does not maintain zones, that should not violate the standard
</ul>
The following record types, that are extensions to the original DNS standard, are supported for caching since version 1.2.9
(if you do not need most of them, you can disable runtime support for the unneeded ones before compiling pdnsd and save a little cache and executable space, see the source file <code>src/rr_types.in</code>):
<ul>
<li> RP (<i>responsible person</i>, RFC 1183)
<li> AFSDB (<i>AFS database location</i>, RFC 1183)
<li> X25 (<i>X25 address</i>, RFC 1183)
<li> ISDN (<i>ISDN number/address</i>, RFC 1183)
<li> RT (<i>route through</i>, RFC 1183)
<li> NSAP (<i>Network Service Access Protocol address </i>, RFC 1348)
<li> PX (<i>X.400/RFC822 mapping information</i>, RFC 1995)
<li> GPOS (<i>geographic position</i>, deprecated)
<li> AAAA (<i>IPv6 address</i>, RFC 1886)
<li> LOC (<i>location</i>, RFC 1876)
<li> EID (<i>Nimrod EID</i>)
<li> NIMLOC (<i>Nimrod locator</i>)
<li> SRV (<i>service record</i>, RFC 2782)
<li> ATMA (<i>ATM address</i>)
<li> NAPTR (<i>URI mapping</i>, RFC 2168)
<li> KX (<i>key exchange</i>, RFC 2230)
<li> CERT (<i>Certificate record</i>, RFC 4398)
<li> DS (<i>Delegation Signer</i>, RFC 4034)
<li> RRSIG (<i>Resource Record Signature</i>, RFC 4034)
<li> NSEC (<i>Next Secure</i>, RFC 4034)
<li> DNSKEY (<i>record containing the public key for a zone</i>, RFC 4034)
<li> NSEC3 (<i>Next Secure version 3</i>, RFC 5155)
<li> NSEC3PARAM (<i>NSEC3 parameters</i>, RFC 5155)
</ul>
<p style="text-indent: 1em;">
<i><b>Note</b>: This list is incomplete. For the complete list see the source file</i> <code>src/rr_types.in</code>.
</p>
There are FreeBSD and OpenBSD ports available for pdnsd (ports/net/pdnsd for both).
Thanks go to Roman Shterenzon for the FreeBSD port Sebastian Stark for the OpenBSD one!
Thanks to Kiyo Kelvin Lee now also runs on the Cygwin platform!
Thanks goes to Rodney Brown for extending portability to the Darwin (Apple Mac OS X) platform!
<p>
If you have questions left, you should take a look into the <a HREF="faq.html">FAQ</a>.
<br>
Bugfixes, patches and compatability fixes for other OSs are very welcome!
</p>
<h2>Features in detail</h2>
<p>
This section describes some of pdnsds features in detail. Most of the options are set
in the config file. For more information on the configuration file, see
<a href="doc.html">the documenation page</a>.
</p><br>
<h3>Uptests</h3>
pdnsd provides several methods to test whether a remote DNS server should be regarded as available
(so that pdnsd can query it), in
addition to the obvious &quot;none&quot; test (the server is always regarded as available,
or availability is set on or off using the <a href="doc.html#pdnsdctl"><code>pdnsd-ctl</code></a> utility).
These tests are:
<ul>
<li><b>ping:</b> a given adress is ping'ed in a given interval. If it there is no response
or the host is unreachable, the server is seen to be not available (for those who don't know:
pinging is sending a certain Internet packet type to a host to which any standard-conformant
host is required to reply).
<li><b>if:</b> a given network interface is tested whether it is existent, up and running. If
it is not, the server is regarded to be not available. This is especially useful for ppp and
similar interfaces. A special case test for Linux isdn (ippp*) interfaces is integrated, so that the uptests
should also work for these.
<li><b>dev:</b> this is a variant of the if uptest for use with Linux dial-on-demand ppp interfaces. In addition
to performing an if-style interface uptest, it also tests whether a specified program (e.g. pppd) owns
a lock to a given (modem-) device.
<li><b>exec:</b> a given shell command line is executed and the exit status of the whole command line (which
is normally the exit status of the last command) is evaluated. If it is not zero, the server is regarded
to be not available. This is a very flexible testing method with which it should be able to perform
virtually any needed test.
<li><b>query:</b> <em>New in version 1.2:</em>
This works like the ping test, except it sends an (empty) DNS query to the remote server.
If the server sends a well-formed response back within the timeout period (except SERVFAIL),
it will be regarded as available.
This test is useful if a remote server does not respond to ICMP_ECHO requests at all,
which unfortunately is quite common these days.
In many cases this test will be a more reliable indicator of availability
than the ones mentioned above.
</ul>
<br>
<h3>Local Records (&quot;Zones&quot;)</h3>
As mentioned above, there are only very basic local record types (ie the record types that you may use in record
declarations in your local configuration for records that pdnsd shall serve in addion to the cached ones).
They are organized roughly in zones but have not complete zone declarations, so I generally do not use the
term &quot;zone&quot; for them, but rather &quot;local records&quot;.
These are the local record types pdnsd can understand:
<ul>
<li> <b>SOA</b> (information about the name server)
<li> <b>A</b> (domain-name-to-address mapping)
<li> <b>PTR</b> (pointer, used normally for address-to-domain-name mapping)
<li> <b>NS</b> (name server, generated automatically by pdnsd for any local record set)
<li> <b>CNAME</b> (canonical host name)
<li> <b>MX</b> (mail exchange for the domain)
<li> <b>TXT</b> (arbitrary text strings, often used for Sender Policy Framework)
</ul>
You can specify these records in the configuration file. <br>
You may &quot;source&quot; a file in a format like that used in the <code>/etc/hosts</code> file, that means
that pdnsd reads this file, extracts addresses and domain names from it and automatically generates
A records for name to address mapping, PTR records for address to name mapping and NS records (name
server specifiation) for each entry in the file.<br>
Records can also be changed dynamically at run time.<br>
A script contributed by Marko Stolle makes pdnsd usable in a DHCP setup using this feature.
<br>
<h1>System requirements</h1>
As mentioned, pdnsd currently runs under Linux, FreeBSD and Cygwin.
Other BSD flavours may or may not work (feedback is very welcome!).
The system and software requirements under Linux are:
<ul>
<li> Kernel version &gt;2.2.0
<li> glibc version &gt;2.0.1 (aka libc6) with LinuxThreads (normally included)
or NPTL (Native Posix Thread Library, recommended).<br>
Due to a bug, pdnsd 0.9.8 does not run with glibc2.1.1. This behaviour was
fixed in pdnsd 0.9.9.
<li> For IPv6: glibc&gt;=2.1
</ul>
The system requirements under FreeBSD are:
<ul>
<li> FreeBSD versions &gt;=2.6 (prior ones may or may not work)
<li> For IPv6: FreeBSD &gt;=4.0 is recommended (no idea if it runs on prior versions)
</ul>
The common software requirements for all supported systems are:
<ul>
<li> GCC, preferably egcs-2.* or 3.* (other compilers are currently not supported; the needed patch for another compiler
should not be difficult, however)
<li> GNU or BSD make
<li> the standard commands install, grep, sed, awk, touch and which (along with the REALLY
standard ones mv, cp, ln, rm, pwd, test, echo, cat, mkdir, chown, chmod, tar). In
any standard Unix installation, this should be no problem.
<li> for hacking and building own packages, you might also need gzip, bzip2, perl and rpmbuild
</ul>
<br>
<h1>Download</h1>
If you want to download pdnsd, please visit the <a href="dl.html">download page</a>.
<br>
<h1><a name="authors">Authors</a></h1>
<p>
pdnsd was originally written by <a href="mailto:tmoestl@gmx.net">Thomas Moestl</a>,
but is no longer maintained by him. <a href="mailto:p.a.rombouts@home.nl">Paul A. Rombouts</a>
has revised large portions of the code and has added a number of new features.
See <a href="../../README.par"><code>README.par</code></a> and the <a href="../../ChangeLog"><code>ChangeLog</code></a>
in the source directory (or <code>/usr/share/doc/pdnsd-&lt;version&gt;</code>
if you have installed a binary package) for more details.
If you have questions about the recent modifications, you can find
<a name="currentmaintainer">the email address of the current maintainer</a>
at the end of <a href="../../README.par"><code>README.par</code></a>.
</p>
<p>
Daniel Smolik has contributed RedHat RPMs (the most recent RPMs are available <a href="dl.html">here</a>).<br>
Torben Janssen contributed start scripts for Red Hat Linux. <br>
Soenke J. Peters contributed patches and suggestions for Red Hat compatability.<br>
Wolfgang Ocker has contributed the code and documentation for the <code>server_ip</code> option.<br>
Markus Mohr contributed a Debian rc script.<br>
Nikita V. Youschenko contributed extensions to the "<code>if</code>" uptest.<br>
Lyonel Vincent extended the serve_aliases option to support an arbitrary number of aliases.<br>
Sourav K. Mandal wrote the autoconf scripts and contributed many fixes and suggestions.<br>
Stephan Boettcher contributed the SCHEME= option.<br>
Ron Yorston contributed the uptest for Linux ppp dial-on-demand devices.<br>
Alexandre Nunes fixed some bugs in the autoconf files.<br>
Sverker Wiberg contributed fixes for IPv6.<br>
Carsten Block contributed <code>configure</code>-able rc scripts.<br>
Olaf Kirch contributed a security fix for the run_as code.<br>
Paul Wagland contributed various patches for bind9-compatability and other issues.<br>
Roman Shterenzon contributed patches and lots of helpful hints for FreeBSD compatability.<br>
Bernd Leibing has contributed spec file fixes.<br>
Michael Wiedmann has contributed the pdnsd-ctl.8 man page.<br>
Marko Stolle has contributed the contrib/pdnsd_update.pl script that makes pdnsd usable in a DHCP setup.<br>
P.J. Bostley has contributed patches to get pdnsd working on alpha properly.<br>
Christian Engstler contributed patches for SuSE compatability.<br>
Bjoern Fischer contributed code to make pdnsd leave the case of names in the cache unchanged.<br>
Marko Stolle contributed the contrib/pdnsd_update.pl script that makes pdnsd usable in a DHCP setup.<br>
Andrew M. Bishop contributed the support for the label server option and the pdnsd-ctl interface for using it.<br>
Frank Elsner contributed rc script fixes. <br>
Andreas Steinmetz contributed the code for <code>query_port_start</code> and <code>query_port_end</code> options.<br>
Mahesh T. Pai contributed the pdnsd.8 man page.<br>
Nikola Kotur contributed the Slackware start-up script.<br>
Kiyo Kelvin Lee contributed a patch for Cygwin support.<br>
Rodney Brown contributed a patch for Darwin (Apple Mac OS X) support.<br>
Jan-Marek Glogowski contributed a patch implementing the <code>use_nss</code> option.
</p>
<p>
Special thanks to Bert Frederiks for letting me do a late-night debugging run on his machine to
spot obscure bugs!
</p>
<p>
Thanks to the following persons for reporting bugs and being helpful:<br>
David G. Andersen,<br>
Dirk Armbrust,<br>
Daniel Black,<br>
Kevin A. Burton,<br>
Juliusz Chroboczek,<br>
Joachim Dorner,<br>
Stefan Erhardt,<br>
Stefan F<>rster,<br>
Mike Hammer,<br>
Jonathan Hudson,<br>
Dan Jacobson,<br>
Byrial Jensen,<br>
Patrick Loschmidt,<br>
James MacLean,<br>
Fraser McCrossan,<br>
Michael M<>ller,<br>
Erich Reitz,<br>
Brian Schroeder,<br>
Milan P. Stanic,<br>
Michael Steiner,<br>
Norbert Steinl,<br>
Markus Storm,<br>
Michael Str<74>der,<br>
Alan Swanson,<br>
Eelco Vriezekolk.
</p>
<!--nodoc(-->
<h1>Links</h1>
Well, this is the obligatory link section.
<br>
<br>
<table width="100%" cellpadding=7>
<tr>
<td><center>
<a href="http://www.gnu.org">
<img src="gnuhead.png" alt="http://www.gnu.org"><br>
The GNU homepage
</a>
</center></td>
<td><center>
<a href="http://freecode.com">
<img src="fm_logo.png" alt="http://freecode.com"><br>
Freecode (formerly Freshmeat) - large free software index
</a>
</center></td>
</tr>
<tr>
<td><center>
<a href="http://www.freebsd.org">
<img src="freebsd.png" alt="http://www.freebsd.org"><br>
The FreeBSD project
</a>
</center></td>
</tr>
</table>
<!--)nodoc-->
<br>
<hr>
<address><a href="mailto:tmoestl@gmx.net">Thomas Moestl</a>
and <a href="mailto:p.a.rombouts@home.nl">Paul A. Rombouts</a>
</address>
<br>
<p>
<i>Last revised: 17 March 2012 by Paul A. Rombouts</i>
</p>
</body>
</html>