| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
|
|
Fix for: Shared object "libprotobuf.so.29" not found
|
|
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Not committed (merge conflicts...):
net/radsecproxy/distinfo
The following distfiles could not be fetched (fetched conditionally?):
./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
|
|
Fix for: Shared object "libprotobuf.so.28" not found
|
|
|
|
* Released: 1st of October 2020
* Improvements:
- Add the "clearConsoleHistory" command
* Bug Fixes:
- Stop the related responder thread when a backend is removed
- Fix getEDNSOptions() for {AN,NS}COUNT != 0 and ARCOUNT = 0
- Fix building with LLVM11 (@RvdE)
- Only add EDNS on negative answers if the query had EDNS
|
|
1.5.0
Improvements
Use explicit flag for the specific version of c++ we are targeting.
Prevent a copy of a pool’s backends when selecting a server.
Bug Fixes
Fix compilation with h2o_socket_get_ssl_server_name().
Prevent a possible overflow via large Proxy Protocol values. (Valentei Sergey)
Avoid name clashes on Solaris derived systems.
Resize hostname to final size in getCarbonHostname(). (Aki Tuomi)
Fix compilation on OpenBSD/amd64.
Handle calling PacketCache methods on a nil object.
1.4.0
Improvements
Fix the default value of setMaxUDPOutstanding in the console’s help (phonedph1)
Add bindings for the noerrors and drops members of StatNode
Fix -Wshadow warnings (Aki Tuomi)
Fix typo: settting to setting (Chris Hofstaedtler)
Bug Fixes
Lowercase the name blocked by a SMT dynamic block
misc
Prefer the cipher suite from the server by default (DoH, DoT)
|
|
|
|
|
|
New Features:
Add consistent hash builtin policy
Add EDNSOptionRule
Add DSTPortRule (phonedph1)
Make getOutstanding usable from both lua and console (phonedph1)
Added :excludeRange and :includeRange methods to DynBPFFilter class
(Reinier Schoof)
Add Prometheus stats support (Pavel Odintsov, Kai S)
Name threads in the programs
Support the NXDomain action with dynamic blocks
Add security polling
Add a PoolAvailableRule to easily add backup pools (Robin Geuze)
Improvements:
Get rid of some allocs/copies in DNS parsing
Set a correct EDNS OPT RR for self-generated answers
Fix a sign-comparison warning in isEDNSOptionInOPT()
Add warning rates to DynBlockRulesGroup rules
Add support for exporting a server id in protobuf
dnsdist did not set TCP_NODELAY, causing needless latency
Add a setting to control the number of stored sessions
Wrap GnuTLS and OpenSSL pointers in smart pointers
Add a ‘creationOrder’ field to rules
Fix return-type detection with boost 1.69’s tribool
Fix format string issue on 32bits ARM
Wrap TCP connection objects in smart pointers
Add the setConsoleOutputMaxMsgSize function
Add the ability to update webserver credentials
Bug Fixes:
Display dynblocks’ default action, None, as the global one
Fix compilation when SO_REUSEPORT is not defined
Release memory on DNS over TLS handshake failure
Handle trailing data correctly when adding OPT or ECS info
|
|
|
|
|
|
New features:
- Add support for more than one TLS certificate
- Add a negative ttl option to the packet cache
- Add the ability to dump a summary of the cache content
- Add netmask-based {ex,in}clusions to DynblockRulesGroup
- Add DNSAction.NoOp to debug dynamic blocks
- Add SetECSAction to set an arbitrary outgoing ecs value
- Add support for rotating certificates and keys
|
|
New Features
- Add configuration option to disable IP_BIND_ADDRESS_NO_PORT
Improvements
- Handle bracketed IPv6 addresses without ports
Bug Fixes
- Make dnsdist dynamic truncate do right thing on TCP/IP.
- Add missing QPSAction
- Don't create a Remote Logger in client mode.
- Use libsodium's CFLAGS, we might need them to find the includes.
- Keep the TCP connection open on cache hit, generated answers.
- Add the missing <sys/time.h> include to mplexer.hh for struct timeval.
- Sort the servers based on their 'order' after it has been set.
- Quiet unused variable warning on macOS (Chris Hofstaedtler).
- Fix the outstanding counter when an exception is raised.
- Do not connect the snmpAgent from a dnsdist client.
|
|
to avoid having to refer to the property group explicitly. Fixes
joyent/pkgsrc#84. Bump PKGREVISION.
|
|
Fixes at least joyent/pkgsrc#60.
|
|
|
|
- fix for CVE-2016-7069 and CVE-2017-7557.
- applying rules on cache hits
- addition of runtime changeable rules that matches IP address for a
certain time: TimedIPSetRule
- SNMP support, exporting statistics and sending traps
- preventing the packet cache from ageing responses when deployed in
front of authoritative servers
- TTL alteration capabilities
- consistent hash results over multiple deployments
- exporting CNAME records over protobuf
- tuning the size of the ringbuffers used to keep track of recent
queries and responses
- various DNSCrypt-related fixes and improvements, including automatic
key rotation
Full changelog:
https://dnsdist.org/changelog.html
|
|
|
|
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its
goal in life is to route traffic to the best server, delivering top
performance to legitimate users while shunting or blocking abusive
traffic.
|
