Re: [Dnsmasq-discuss] Can one produce a list of IP's assigned by DHCP

2010-12-20 Thread Justin McAteer
For all of my installations, the list of current leases is stored at:
/var/lib/misc/dnsmasq.leases

Thank You,
Justin McAteer





On Mon, Dec 20, 2010 at 3:59 PM, Santiago Zarate santi...@zarate.net.ve wrote:
 if im not mistaken, you can pass a SIGUSR1 signal to the dnsmasq
 process... it should send what's inside to the log...

 Check here: http://www.thekelleys.org.uk/dnsmasq/docs/setup.html
 under

 Other configuration details:

 Sending SIGUSR1 (killall -10 dnsmasq) to the dnsmasq process will
 cause to to write cache usage statisticss to the log, typically
 /var/log/syslog or /var/log/messages.

 2010/12/20 Bernard T. Higonnet bth...@higonnet.net

 other than by perusing the log?

 I am trying to research a situation in which it appears (sic) that
 dnsmasq assigns an address and then when asked if it exists answers it
 does not.

 My newbie status means I could have any of this wrong...

 TIA
 Bernard Higonnet

 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss



 --
 Atentamente
 Santiago Zarate
 Consultoria de Software
   +(58) 416 911 3678
   santi...@zarate.net.ve

 «Dar un nuevo paso, articular una nueva palabra, es lo que la gente mas teme.»
   - Fyodor Mikhaylovich Dostoyevsky

 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




Re: [Dnsmasq-discuss] File System Access by Dnsmasq

2010-08-08 Thread Justin McAteer
You can find all opened files by dnsmasq using the fd directory in the
proc filesystem

ls -la /proc/pid/fd

or by using the command

lsof


Thanks,
Justin McAteer



On Sat, Aug 7, 2010 at 2:40 AM, Robert Pollai rap.nosp...@gmx.net wrote:
 Hi,

 I am running dnsmasq on a NAS from Synology. The NAS puts its disks into 
 standby if they are not needed and I want to move all files accessed by 
 dnsmasq to a USB flash drive, so that dnsmasq won’t wake up the disks.

 So far I have done that for the log file and lease file by adding the 
 following two lines to the configuration file:

 dhcp-leasefile=/volumeUSB1/dnsmasq/dnsmasq.lease
 log-facility=/volumeUSB1/dnsmasq/dnsmasq.log

 But still the disks seem to wake up when I switch one a device that fetches 
 an IP via DHCP.

 Are there any other files that dnsmasq accesses, directly or through the 
 operating system? Is the configuration file accessed regularly or only on 
 startup?

 Thanks for your support, regards, Robert

 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




Re: [Dnsmasq-discuss] TTL override for clients?

2010-05-06 Thread Justin McAteer
Fredrik

I am interested in this and have a few questions. Is this being used
with web browsers, or other DNS clients? I have heard that there is
usually caching by Windows and also by the browser which may or may
not pay attention to the TTL information they are given.

If you are using this with web browsers, which versions. Also, have
you had to make any changes related to the client OS or client browser
configuration to support your custom TTL values?

Thank You,
Justin McAteer




On Thu, May 6, 2010 at 3:15 AM, Fredrik Ringertz
fredrik_ringe...@livewire-connections.com wrote:
 Hi Simon,

 Yes you are right, I did not think of that :)

 Thank you very much for your help on this!


 Best Regards

 Fredrik

 -Original Message-
 From: Simon Kelley [mailto:si...@thekelleys.org.uk]
 Sent: 05 May 2010 21:50
 To: Fredrik Ringertz
 Cc: dnsmasq-discuss@lists.thekelleys.org.uk
 Subject: Re: [Dnsmasq-discuss] TTL override for clients?

 Fredrik Ringertz wrote:
 Hi Simon,

 Thanks again for all your help! I believe my patch seems to be
 working fine now after some more testing.

 I have attached it here in case anyone else would be interested in
 it. It will add a new configurable option (can be set in both command
 line or dnsmasq.conf) called max-ttl. The TTL (in seconds)
 specified after it will be a maximum ttl which will be handed out to
 a client.

 For example, if max-ttl is set to 150 and a client looks up
 google.com which has a TTL of 300, then dnsmasq will add google.com
 to its cache with a TTL of 300 still, however it will tell its
 clients that the TTL is 150. If the returned TTL for google.com
 happened to be 60, then 60 would be given to the clients since it is
 lower then the configured max-ttl value.

 This is handy if for example like me you want your clients to have a
 low ttl to avoid longer caching, but you don't want to override the
 actual TTL value (to avoid flooding the upstream DNS servers).


 Any feedback on the patch is highly appreciated as I am going to
 apply it in a working environment soon and my C++ knowledge is basic
 at best :)

 I haven't been able to add the max-ttl option to the French and
 Spanish man page but otherwise I think it is all in there :)



 That looks great. The only problem I can see is that you don't take into
 account that --max-ttl may not be supplied, in which can daemon-max_ttl
 will be zero and nothing should be done.


 For your deployment it's fine. I've folded the patch into

 http://www.thekelleys.org.uk/dnsmasq/test-releases/dnsmasq-2.53test20.tar.gz

 and fixed the no --max-ttl issue there.

 Cheers,


 Simon.




 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




[Dnsmasq-discuss] DHCP Query Rate Limiting

2010-04-28 Thread Justin McAteer
Simon, et al,

I have a device with a DHCP client that will occasionally go insane. I
have and will continue to work with the vendor, but that is another
discussion altogether. What happens in the particular scenario I am
addressing here is that the DHCP client begins sending DHCP Discover
messages as fast as is possiblefor the device (to the tune of about 40
per second). DNSMasq seems to be behaving correctly, it is responding
with a DHCP Offer to each query. However, I have dchp-logging enabled
(and I'd like to keep it that way), and I have a fair number of
options going out to this type of client. The symptom is that DNSMasq
is flooding the system log, which seems to have buffering disabled
because kjournald CPU usage is going up to about 50% and wait is going
up to about 20%, so the system basically becomes useless.

I wonder if it wouldn't make sense to have some kind of rate limiting
option in DNSMasq to help mitigate this type of problem? It seems to
me that this could be a potential avenue for a denial of service
attack.

As a side note, I believe this is a problem with the client dealing
with the 'infinite' lease times that we are using. I haven't exactly
pinpointed a repeatable scenario, but I am working on it; when I do I
will file another bug report with the device vendor.

Thanks,
Justin McAteer



Re: [Dnsmasq-discuss] DHCP Query Rate Limiting

2010-04-28 Thread Justin McAteer
Thanks, I will try the 'log-async' option. Hopefully this will help
mitigate the problem.

Thanks,
Justin




On Wed, Apr 28, 2010 at 10:23 AM, Simon Kelley si...@thekelleys.org.uk wrote:
 Justin McAteer wrote:
 Simon, et al,

 I have a device with a DHCP client that will occasionally go insane. I
 have and will continue to work with the vendor, but that is another
 discussion altogether. What happens in the particular scenario I am
 addressing here is that the DHCP client begins sending DHCP Discover
 messages as fast as is possiblefor the device (to the tune of about 40
 per second). DNSMasq seems to be behaving correctly, it is responding
 with a DHCP Offer to each query. However, I have dchp-logging enabled
 (and I'd like to keep it that way), and I have a fair number of
 options going out to this type of client. The symptom is that DNSMasq
 is flooding the system log, which seems to have buffering disabled
 because kjournald CPU usage is going up to about 50% and wait is going
 up to about 20%, so the system basically becomes useless.

 I wonder if it wouldn't make sense to have some kind of rate limiting
 option in DNSMasq to help mitigate this type of problem? It seems to
 me that this could be a potential avenue for a denial of service
 attack.

 Without logging, I think dnsmasq is already as hard as it could be
 against this sort of attack: The DISCOVER-OFFER transaction doesn't
 allocate any memory or other resources, so extra code to detect a flood
 would only be able to inhibit sending the DISCOVER packet, which
 probably costs less than flood-detection. This problem occurred some
 time ago and revealed a problem with the way dnsmasq does ping-checks on
 the allocated addresses. That process is now rate-limited for exactly
 this reason.

 Have you tried setting log-async in /etc/dnsmasq.conf? That should
 effectively rate-limit dnsmasq's logging and may provide a complete
 solution.



 As a side note, I believe this is a problem with the client dealing
 with the 'infinite' lease times that we are using. I haven't exactly
 pinpointed a repeatable scenario, but I am working on it; when I do I
 will file another bug report with the device vendor.

 The client is broken, no doubt.



 Cheers,

 Simon.



 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




Re: [Dnsmasq-discuss] dnsmasq service script mssing on RHEL 5.2

2010-04-14 Thread Justin McAteer
Kurt,

I believe I may have run into your problem before as well. However, now we
are installing from source and we are using the following command to install
the SysV Init script:

cp contrib/init.d/rc.redhat.dnsmasq  /etc/init.d/dnsmasq

Where the 'contrib' directory is part of the DNSMasq source tree. Also
you would need to setup the service to be started on the correct
runlevels with the command:

chkconfig dnsmasq on


Even if you are not installing from source, you should be able to copy this
file from the source control server and install it just the same.

Thanks,
Justin



On Wed, Apr 14, 2010 at 10:05 AM, Kurt Simons indy...@yahoo.com wrote:

 Hi, I installed dnsmasq on RHEL5.2 and it appeared to install fine and runs
 fine if I execute dnsmasq manually, however, no script was installed in
 /etc/rc.d/init.d (or /etc/init.d) to start dnsmasq upon server reboot.

 Any ideas?



 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




Re: [Dnsmasq-discuss] dnsmasq service script mssing on RHEL 5.2

2010-04-14 Thread Justin McAteer
Kurt,

My mistake. It appears that the init script we are using is not part of the
standard repository, but something we have added locally. As I recall, I
found this in an RPM package of DNSMasq.

In any case, this script very small, reliable and LSB compliant. I am using
this script with Pacemaker (think next generation Heartbeat) and it passed
all of the LSB compliance requirements with flying colors. I have been very
happy with this Init script.

Thanks,
Justin


On Wed, Apr 14, 2010 at 11:39 AM, Justin McAteer
justin.mcat...@gmail.comwrote:

 Kurt,

 I believe I may have run into your problem before as well. However, now we
 are installing from source and we are using the following command to install
 the SysV Init script:

 cp contrib/init.d/rc.redhat.dnsmasq  /etc/init.d/dnsmasq

 Where the 'contrib' directory is part of the DNSMasq source tree. Also you 
 would need to setup the service to be started on the correct runlevels with 
 the command:

 chkconfig dnsmasq on


 Even if you are not installing from source, you should be able to copy this
 file from the source control server and install it just the same.

 Thanks,
 Justin



 On Wed, Apr 14, 2010 at 10:05 AM, Kurt Simons indy...@yahoo.com wrote:

 Hi, I installed dnsmasq on RHEL5.2 and it appeared to install fine and
 runs fine if I execute dnsmasq manually, however, no script was installed in
 /etc/rc.d/init.d (or /etc/init.d) to start dnsmasq upon server reboot.

 Any ideas?



 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss





Re: [Dnsmasq-discuss] dnsmasq service script mssing on RHEL 5.2

2010-04-14 Thread Justin McAteer
Forgot the attachment.

Thanks,
Justin



On Wed, Apr 14, 2010 at 1:05 PM, Justin McAteer justin.mcat...@gmail.comwrote:

 Kurt,

 My mistake. It appears that the init script we are using is not part of the
 standard repository, but something we have added locally. As I recall, I
 found this in an RPM package of DNSMasq.

 In any case, this script very small, reliable and LSB compliant. I am using
 this script with Pacemaker (think next generation Heartbeat) and it passed
 all of the LSB compliance requirements with flying colors. I have been very
 happy with this Init script.

 Thanks,
 Justin



 On Wed, Apr 14, 2010 at 11:39 AM, Justin McAteer justin.mcat...@gmail.com
  wrote:

 Kurt,

 I believe I may have run into your problem before as well. However, now we
 are installing from source and we are using the following command to install
 the SysV Init script:

 cp contrib/init.d/rc.redhat.dnsmasq  /etc/init.d/dnsmasq

 Where the 'contrib' directory is part of the DNSMasq source tree. Also you 
 would need to setup the service to be started on the correct runlevels with 
 the command:

 chkconfig dnsmasq on


 Even if you are not installing from source, you should be able to copy
 this file from the source control server and install it just the same.

 Thanks,
 Justin



 On Wed, Apr 14, 2010 at 10:05 AM, Kurt Simons indy...@yahoo.com wrote:

  Hi, I installed dnsmasq on RHEL5.2 and it appeared to install fine and
 runs fine if I execute dnsmasq manually, however, no script was installed in
 /etc/rc.d/init.d (or /etc/init.d) to start dnsmasq upon server reboot.

 Any ideas?



 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss






rc.redhat.dnsmasq
Description: Binary data


Re: [Dnsmasq-discuss] dhcp-option 120, sip server, how?

2009-11-08 Thread Justin McAteer
HS,

The phone will have to request option 120 from the server or DNSMasq
will not send the option. Alternatively, you may use dhcp-option-force
to have the server send the option whether the client requests it or
not.

Thank You,
Justin McAteer




On Fri, Nov 6, 2009 at 7:40 PM, H. S. hs.sa...@gmail.com wrote:
 On Fri, Nov 6, 2009 at 8:30 PM, H. S. hs.sa...@gmail.com wrote:
 On Sun, Nov 1, 2009 at 4:41 PM, Simon Kelley si...@thekelleys.org.uk wrote:


 Current version of dnsmasq know about the peculiar format of option 120, so
 you can just do:

 dhcp-option=120,192.168.5.1

 dnsmasq had no problem with this. Yet to try with the Nokia phone.

 Despite giving that option in dnsmasq and restarting it, the phone
 still did not grab a DHCP offer :(

 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




Re: [Dnsmasq-discuss] dhcp-option 120, sip server, how?

2009-11-02 Thread Justin McAteer
I believe many clients also support the setting of more than one SIP
server. I seem to recall testing this and having it work, but that's
been a while back.

Thank You,
Justin McAteer





On Sun, Nov 1, 2009 at 1:41 PM, Simon Kelley si...@thekelleys.org.uk wrote:
 H.S. wrote:
 Hello,

 How do I specify dhcp-option 120 (for sip server) in my dnsmasq conf
 file? I have tried:
 dhcp-option:
 dhcp-option=120,1,192.168.5.1

 but after searching the web have not verified if this is the correct
 method (there are reports of specifying it in hex as well).

 Suggestions, please?

 Thanks.

 Current version of dnsmasq know about the peculiar format of option 120,
 so you can just do:

 dhcp-option=120,192.168.5.1

 or taking advantage of the fact that dnsmasq now knows the names of most
 options

 dhcp-option=option:sip,192.168.5.1

 finally, the name version of the SIP option is supported too:

 dhcp-option=option:sip,sipserver.mydomain.com


 HTH

 Simon.




 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




Re: [Dnsmasq-discuss] patch proposal: getent support for ethers

2009-06-26 Thread Justin McAteer
Gents,

We are wanting to do some database integration with dnsmasq here as
well. I saw there was a patch that provided MySQL support for 2.20,
but it has not been maintained. Also, there was another patch
mentioned elsewhere (I believe against a newer version), but it is not
available.

I have considered doing some type of FIFO with the text files and a
script as well, but I am afraid that type of solution may be too
fragile for my deployment environment.

Does anyone have any insight into what the issues with the previous
MySQL patch was, or if there are any good shortcuts to getting basic
database integration into dnsmasq?

Cheers,
Justin McAteer





On Thu, Jun 25, 2009 at 7:10 PM,
richardvo...@gmail.comrichardvo...@gmail.com wrote:
 Many people have asked for a DHCP server with LDAP support, but nobody
 make that happen (at least, not with dynamic updates).

 I've implemented dynamic update of static IP assignments from an SQL
 server with no changes needed to the dnsmasq code.  While your method
 should work, it definitely won't be efficient.  Since DHCP is a
 polling protocol, requests have to be more frequent than updates
 almost by definition (the lease-time must be set short in case of
 dynamic updates, or the client won't see the new settings).

 I accomplished this by making /etc/ethers a pipe connected to a perl
 script which reads all assignments from the database.  Happily I am
 using postgresql which allows clients to be notified of table updates,
 so I have another perl script which waits for an update and signals
 the dnsmasq process to re-read /etc/ethers.

 I think you could set up something similar for your environment.

 I guess if the number of assignments in the database is far larger
 than the number of simultaneously connected clients then querying the
 database per-request might be better than transferring the entire
 database after each change.  I don't know if the dbus interface would
 allow updating individual assignments.

 ___
 Dnsmasq-discuss mailing list
 Dnsmasq-discuss@lists.thekelleys.org.uk
 http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss