732c451dd4
Add max_clients to cap the maximum number of client queries
2018-01-24 16:51:26 +01:00
e272dd84f7
up
2018-01-24 16:04:52 +01:00
285cd09831
Don't compress on mips64
2018-01-24 15:41:48 +01:00
81ec92d837
Remove --brute for now, for speed
2018-01-24 15:34:38 +01:00
1dbc765fd7
crlf
2018-01-24 15:23:03 +01:00
b11c536fcc
Compress only on relevant targets
2018-01-24 15:21:24 +01:00
94f9c14ad7
Only attempt to use systemd on linux
...
Remove plan9 builds
2018-01-24 15:14:48 +01:00
d208d38f3f
Update go, compress executables
2018-01-24 15:03:58 +01:00
0b52211fa3
Update dnsc:// leftovers
2018-01-24 14:48:48 +01:00
c184ce1a03
systemd support
...
How does it work? I don't know. Does it work? I don't know.
Would I encourage its use? No.
2018-01-24 14:44:32 +01:00
0ce20518db
Make the UDP and TCP listeners more generic
2018-01-24 14:22:56 +01:00
1bcb791270
up
2018-01-24 14:13:29 +01:00
abb659eed2
Nits
2018-01-23 15:51:57 +01:00
3a3535dcbc
Still tolerate hex-encoded pks, but emit a warning
2018-01-23 15:42:22 +01:00
ccbdd41f5d
Add support for shorter stamps with binary public keys
2018-01-23 15:23:11 +01:00
2d7920af22
Prefer sdns:// which is less application-tainted
2018-01-22 12:00:42 +01:00
d7b8217018
Only cache specific Rcodes
2018-01-22 11:19:57 +01:00
a9476fe04b
Mention how to run as a non-root user on Linux
2018-01-22 10:56:52 +01:00
973b53afdc
Simplify
2018-01-22 10:02:06 +01:00
8324b29b42
Require stamps in static server definitions
...
Provider names, etc. are not future-proof. In particular, they are
incompatible with other protocols such as DoH.
2018-01-22 09:59:32 +01:00
1d18a230c0
Consistent casing
2018-01-21 22:18:20 +01:00
3dcedac390
beta8
2018-01-21 19:52:51 +01:00
29fee1585f
abc.ex.com should be rejected if both ex.com and bc.ex.com are listed in a blacklist
...
With the following ruleset:
ex.com
bc.ex.com
"abc.ex.com" finds "bc.ex.com" as the longest suffix. However, since it's
not at a label boundary, it is not rejected.
However, there is a more general rule that should be considered, ex.com.
So we need to perform at least two lookups in that case.
2018-01-21 19:47:19 +01:00
6ca2697128
Clear certIgnoreTimestamp if we found at live 1 live server
2018-01-21 18:14:37 +01:00
8bcba92f97
Add an undocumented option to ignore cert timestamps
2018-01-21 18:10:38 +01:00
05e07e8b69
Add a simple built-in DNS client for testing
2018-01-21 18:02:32 +01:00
d9b5625226
IP blocking
2018-01-21 16:07:44 +01:00
1c80e80a0d
Do not recommend block_ipv6
2018-01-21 00:54:20 +01:00
f80c16ed2a
Slightly change the way we block ipv6
2018-01-20 22:30:36 +01:00
f7b8b70322
Revert "AAAA filter: Reject instead of sending an empty response"
...
This reverts commit aceb8b30f7
2018-01-20 22:06:40 +01:00
aceb8b30f7
AAAA filter: Reject instead of sending an empty response
...
Empty responses can cause issues with CNAME records
2018-01-20 20:37:02 +01:00
f33b8a964a
Use softfloat on mips builds
2018-01-20 19:20:50 +01:00
4f0c36ac27
Don't log blocked suffixes in reverse
2018-01-20 17:25:16 +01:00
9a85a50efd
beta6
2018-01-20 17:14:53 +01:00
a1461f3452
Remove unused variable
2018-01-20 17:14:21 +01:00
5dd08fe56b
Fix swapped out arguments in substring check
...
*example.com* was matching ample.com, not xxxexample.comxxx
Fixes #14
2018-01-20 17:11:46 +01:00
4f42dd01a4
nxlog
2018-01-20 17:03:48 +01:00
1e0e01e8e1
NXLOG: a new output plugin to log suspicious queries
2018-01-20 16:59:40 +01:00
caca210568
Regen deps
2018-01-20 14:20:45 +01:00
47fdc45b2d
beta5
2018-01-20 14:15:20 +01:00
ed50798049
Preliminary implementation of stamps
2018-01-20 14:13:11 +01:00
88414e1448
Print stamps; require an env variable for debug level
2018-01-20 13:56:26 +01:00
0fe21b2d57
Shortcut filters for the root zone
2018-01-20 13:30:19 +01:00
066db6a080
Replace logged_qtypes with ignored_qtypes
2018-01-20 13:27:37 +01:00
5080502381
" -> ' \because\people\still\use\backslahes\to\separate\path\components
2018-01-20 13:20:30 +01:00
475d7edb2a
Fix suffix matching so that www.example is rejected if example is filtered
2018-01-20 13:18:54 +01:00
b9e89d2278
megacheck
2018-01-20 01:00:19 +01:00
5dae74ab0b
beta4
2018-01-20 00:40:44 +01:00
187de17396
Don't prefetch more frequently than 1/min
2018-01-20 00:31:54 +01:00
1c27d6c230
Improved error handling
2018-01-20 00:30:33 +01:00
Frank Denis