QUOTE
-c, --cache-size= Set the size of dnsmasq's cache. The default is 300 names. Setting thecachesizetozerodisables caching.
完整的资料:
QUOTE
DNSMASQ(1) DNSMASQ(1)NAME dnsmasq - A caching DNS forwarder.SYNOPSIS dnsmasq ...DESCRIPTION dnsmasqisalightweight DNS forwarder.It accepts DNS queries and either answers them from a small, local, cache orforwardsthemtoareal, recursive, DNS server. It loads the contents of /etc/hosts into the cache at startup sothat local hostnames which do not appear in the global DNS can be resolved. It can alsoreadhostnamesfroma DHCPleases file so that local hosts which have addresses allocated by DHCP can be named. dnsmasq islightweightandeasytoconfigure.Itis intendedasberunon NAT firewalls andprovide a DNS service to a small LAN.OPTIONS -h, --no-hosts Don't read the hostnames in /etc/hosts. -d, --no-daemon Debug mode, don't forktothebackground,don't writeapidfile, print a complete cache dump on receipt on SIGUSR1. -v, --version Print the version number. -p, --port= Listen oninstead of the standardDNSport (53). Useful mainly for debugging. -i, --interface= Listenonlyon the specified interface. More than one interface may be specified. Dnsmasq always lis? tensontheloopback (local) interface. If no -i flags are given, dnsmasq listens onallavailable interfaces. -b, --bogus-priv Bogusprivate reverse lookups. All reverse lookups for private IP ranges(ie192.168.x.x,etc)are resolved to their own IP address. -r, --resolv-file= ReadtheIP addresses of the upstream nameservers from , instead of /etc/resolv.conf.Forthe formatofthisfilesee resolv.conf(5) the only lines relevant to dnsmasq are nameserver ones. -m, --mx-host= Return an mx record namedpointing to the hostonwhichdnsmasq is running. This is useful for directing mail from systems on a LAN to acen? tral server. -c, --cache-size= Set the size of dnsmasq's cache. The default is 300 names. Setting thecachesizetozerodisables caching. -l, --dhcp-lease= Read DHCP leases from the specified lease file. The file is of the format created by the ISC dhcpdae? mon:see dhcpd.leases(5) for details. Dnsmasq will re-read the file as it changes. Any host which sets the"hostname"or"client-hostname"option will have that name inserted into dnsmasq's cache. -s, --domain-suffix= Specifies the domain which hosts read from the DHCP leases file must have to be legal. The intention is to constrain hostnames so that an untrusted host on the LAN cannot advertise it's name via dhcp as e.g. "microsoft.com" and capture traffic notmeantfor it. If no domain suffix it specified, then any DHCP hostname with a domain part (ie with a period) will bedisallowedand logged. If suffix is specified, then hostnames with a domain part are allowed, pro? videdthe domain part matches the suffix. In addi? tion, when a suffix is set then hostnames without a domainparthavethe suffix added as an optional domain part. Eg on my network I canset--domain- suffix=thekelleys.org.ukandhave a machine whose DHCP hostname is "laptop". The IP address forthat machineis available from dnsmasq both as "laptop" and "laptop.thekelleys.org.uk".NOTES When it receives a SIGHUP, dnsmasq clearsitscacheand re-loads /etc/hosts. Whenitreceives a SIGUSR1, dnsmasq writes cache statis? tics to the system log. It writes the cache size, the num? berofnameswhichhavehad to removed from the cache before they expired in order to make roomfornewnames andthe total number of names have been inserted into the cache. In --no-daemon mode, a complete dumpofthecon? tents of the cache is made to stdout. dnsmasqchecksthe modification time of /etc/resolv.conf (or equivalent if --resolv-file is used) andre-readsit ifitchanges.ThisallowstheDNS servers to be set dynamically by PPP or DHCP. Absence of /etc/resolv.conf is notanerror since it may not have been created before a PPP connection exists. Dnsmasq simplykeepscheckingin case /etc/resolv.conf is created at any time. In order to configure dnsmasq to act as cache for the host on which it isrunning,put"nameserver127.0.0.1"in /etc/resolv.conf and put the realnameserversin /etc/resolv.dnsmasq (or similar) then run dnsmasq with the -r /etc/resolv.dnsmasq option.FILES /etc/resolv.conf /etc/hosts /etc/dhcp.leases /var/run/dnsmasq.pidSEE ALSO dhcp.leases(5), hosts(5), resolver(5)AUTHOR This manual page was written by Simon Kelley . DNSMASQ(1) 还有一个:
QUOTE
DNSMASQ(8) DNSMASQ(8)NAME dnsmasq - A caching DNS forwarder.SYNOPSIS dnsmasq ...DESCRIPTION dnsmasqisalightweightDNS forwarder.It accepts DNS queries and either answers them from a small, local, cache or forwardsthemtoa real,recursive,DNS server. It loads the contents of /etc/hosts into the cache at startup so that local hostnames which do not appear in the globalDNScanberesolved.It can also read hostnames from a DHCP leases file so that local hosts which have addresses allocated byDHCP can be named. dnsmasq supports IPv6. dnsmasqis lightweight and easy to configure. It is intended as be run on small router/firewalls andprovide a DNS service to a LAN.OPTIONS Note that in general missing parametersareallowedandswitchoff functions, for instance "--pid-file=" disables writing a PID file. -h, --no-hosts Don't read the hostnames in /etc/hosts. -H, --addn-hosts= Additionalhostsfile.Readthespecifiedfileas well as /etc/hosts. If -h is given, read onlythespecifiedfile.At most one additional hosts file may be given. -T, --local-ttl= Whenreplyingwithinformationfrom/etc/hostsor the DHCP leases file dnsmasq by default sets thetime-to-livefieldto zero,meaningthattherequestor should not itself cache the information. This is the correct thing to do in almost all situ- ations.Thisoptionallowsa time-to-live (in seconds) to be given for these replies. This will reduce the load on the server attheexpenseof clients using stale data under some circum- stances. -d, --no-daemon Debug mode: don't fork to thebackground,don'twriteapid file,don'tchangeuser id, generate a complete cache dump on receipt on SIGUSR1, log to stderr as well as syslog. -q, --log-queries Log the results of DNS queries handled by dnsmasq. Enable a full cache dump on receipt of SIGUSR1. -x, --pid-file= Specifyanalternate path for dnsmasq to record its process-id in. Normally /var/run/dnsmasq.pid. -u, --user= Specify the userid to which dnsmasq will changeafterstartup. Dnsmasqmust normally be started as root, but it will drop root priviledges after startup by changing id to anotheruser.Nor- mallythisuseris"nobody" but that can be over-ridden with this switch. -g, --group= Specify the group which dnsmasq will runas.Thedefaultsto "dip", if available, to facilitate access to /etc/ppp/resolv.conf which is not normally world readable. -v, --version Print the version number. -p, --port= Listen oninstead of the standard DNS port(53).Useful mainly for debugging. -Q, --query-port= Send outbound DNS queries from, and listen for their replies on, the specific UDP portinstead of usingonechosen atruntime. Usefultosimplify your firewall rules; without this, your firewall would have to allow connections from outside DNS servers to a range of UDP ports, or dynamically adapt to the port being used by the current dnsmasq instance. -i, --interface= Listen only on the specified interface. More than oneinterface may be specified. Dnsmasq always listens on the loopback (local) interface. If no -i flags aregiven,dnsmasqlistensonall available interfaces unless overridden by -a or -I flags. -I, --except-interface= Do not listen on the specified interface. -a, --listen-address Listenonlyonthe given IP address. As with -i more than one address may be specified. Unlike -i theloopbackinterfaceis notspecial: if dnsmasq is to listen on the loopback interface, it's IP, 127.0.0.1, must be explicitly given. If no -a flags are given,dnsmasq listens on all available interfaces unless over- ridden by -i or -I flags. -b, --bogus-priv Bogus private reverse lookups. All reverse lookupsforprivate IP ranges(ie192.168.x.x,etc)whicharenotfoundin /etc/hosts or the DHCPleasesfileareresolvedtotheIP address in dotted-quad form. -B, --bogus-nxdomain= Transformreplieswhichcontain the IP address given into "No such domain" replies. This is intended to counteractadevious move made by Versign in September 2003 when they started return- ing the address ofanadvertisingwebpageinresponseto queriesfor unregistered names, instead of the correct NXDOMAIN response. This option tells dnsmasq to fake the correct response whenitseesthisbehaviour.As at Sept 2003 the IP address being returnd by Verisign is 64.94.110.11 -f, --filterwin2k Later versions of windows make periodic DNS requests which don't getsensible answers from the public DNS and can cause problems by triggering dial-on-demand links. This flag turns on an option to filter such requests. The requests blocked are for records of types SOA and SRV, and type ANY wheretherequestednamehas underscores, to catch LDAP requests. -r, --resolv-file= ReadtheIP addresses of the upstream nameservers from , instead of /etc/resolv.conf. For the formatofthisfilesee resolv.conf(5) the only lines relevant to dnsmasq are nameserver ones. Dnsmasq can be told topollmorethanoneresolv.conf file, the first file namespecified overrides the default, sub- sequent ones add to the list. This is only allowed when polling; thefile with the currently latest modification time is the one used. -R, --no-resolv Don't read /etc/resolv.conf. Get upstream servers only fromthe command line or /etc/dnsmasq.conf. -o, --strict-order Bydefault,dnsmasqwillsend queries to any of the upstream servers it knows about and tries to favour servers to areknown tobeup.Settingthis flag forces dnsmasq to try each query witheachserverstrictlyintheorderthey appear in /etc/resolv.conf -n, --no-poll Don't poll /etc/resolv.conf for changes. -D, --domain-needed Tellsdnsmasq to never forward queries for plain names, without dots or domain parts, to upstream nameservers. Ifthenameis notknowmfrom /etc/hosts or DHCP then a "not found" answer is returned. -S, --server=[/[]/][[#][@[#]]] Specify IP address of upsream severs directly. Setting this flag doesnotsuppressreadingof/etc/resolv.conf, use -R to do that. If one or more optional domains are given, that serveris usedonly for those domains and they are queried only using the specified server. This is intended for privatenameservers:if youhave a nameserver on your network which deals with names of the form xxx.internal.thekelleys.org.uk at 192.168.1.1 then giv- ing theflag-S /internal.thekelleys.org.uk/192.168.1.1 will send all queriesforinternalmachinestothatnameserver, everythingelsewill go to the servers in /etc/resolv.conf. An empty domainspecification,//hasthespecialmeaningof "unqualifiednamesonly"ie names without any dots in them. A non-standard port may be specified as partoftheIPaddress usinga#character. More than one -S flag is allowed, with repeated domain or ipaddr parts as required. Also permitted is a -S flag whichgivesadomainbutnoIP address;thistellsdnsmasq that a domain is local and it may answer queries from /etc/hosts or DHCP but should neverforward queries on that domain to any upstream servers.local is a syn- onym for server to makeconfigurationfilesclearerinthis case. Theoptional second IP address after the @ character tells dns- masq how to set the source address of the queries to thisname- server.Itshouldbeanaddress belonging to the machine on which dnsmasq is running otherwisethisserverlinewillbe loggedand then ignored. The query-port flag is ignored for any servers which have a source address specified but theportmay be specified directly as part of the source address. -A, --address=// SpecifyanIPaddresstoreturnforany host in the given domains.Queries in the domains are never forwarded andalways repliedtowiththe specified IP address which may be IPv4 or IPv6. To give both IPv4 and IPv6 addressesforadomain,use repeated-Aflags.Note that /etc/hosts and DHCP leases over- ride this for individual names. A common use of this is to redi- recttheentiredoubleclick.net domain to some friendly local web server to avoid banner ads. -m, --mx-host= Return an MX record namedpointing to the hostspeci- fiedin the --mx-target switch or, if that switch is not given, the host on which dnsmasq is running. This is useful for direct- ing mail from systems on a LAN to a central server. -t, --mx-target= Specifytarget for the MX record returned by dnsmasq. See --mx- host. Note that to turn on the MXfunction,atleastoneof --mx-hostand --mx-target must be set. If only one of --mx-host and --mx-target is set, the other defaults tothehostnameof the machine on which dnsmasq is running. -e, --selfmx ReturnanMX record pointing to itself for each local machine. Local machines are those in /etc/hosts or the DHCP leasesfile. -L, --localmx Returnan MX record pointing to the host given by mx-target (or the machine on which dnsmasq is running) for each local machine. Localmachines are those in /etc/hosts or the DHCP leases file. -c, --cache-size= Set the size of dnsmasq's cache. The default is 150 names.Set- ting the cache size to zero disables caching. -N, --no-negcache Disablenegativecaching.Negativecaching allows dnsmasq to remember "no such domain" answers from upstream nameserversand answeridenticalquerieswithoutforwarding them again. This flag disables negative caching. -l, --dhcp-lease= Read DHCP leases from the specified lease file. The fileisof theformatcreated by the ISC dhcp daemon: see dhcpd.leases(5) for details. Dnsmasq will re-read the file asitchanges.Any hostwhich sets the "hostname" or "client-hostname" option will have that name inserted into dnsmasq's cache. -s, --domain-suffix= Specifies the domain which hosts read from the DHCP leasesfile musthaveto be legal. The intention is to constrain hostnames so that an untrusted host on the LAN cannot advertise it'sname viadhcpas e.g. "microsoft.com" and capture traffic not meant for it. If no domain suffix is specified, then any DHCP hostname withadomainpart(ie with a period) will be disallowed and logged. If suffix is specified, thenhostnameswithadomain partareallowed, provided the domain part matches the suffix. In addition, when a suffixissetthenhostnameswithouta domain part have the suffix added as an optional domain part. Eg on my network I canset--domain-suffix=thekelleys.org.ukand haveamachine whose DHCP hostname is "laptop". The IP address for that machine is available from dnsmasq both as "laptop"and "laptop.thekelleys.org.uk". -E, --expand-hosts Addthedomain-suffixtosimplenames (without a period) in /etc/hosts in the same way as for DHCP-derived names.CONFIG FILE At startup, dnsmasq reads /etc/dnsmasq.conf, if it exists.Theformat ofthisfileconsistsofoneoption per line, exactly as the long options detailed in the OPTIONS section. Lines starting with # are com- mentsandignored.Foroptionswhichmayonly be specified once, /etc/dnsmasq.conf overridesthecommandline.Usethe--conf-file option to specify a different configuration file.NOTES Whenitreceives a SIGHUP, dnsmasq clears its cache and then re-loads /etc/hosts. If --no-poll is set SIGHUP also re-reads/etc/resolv.conf. SIGHUP does NOT re-read /etc/dnsmasq.conf. When it receives a SIGUSR1, dnsmasq writes cache statistics to the sys- tem log. It writes the cache size, the number of names whichhavehad to removed from the cache before they expired in order to make room for new names and the total number of names havebeeninsertedintothe cache. In --no-daemon mode or when full logging is enabled (-q), a com- plete dump of the contents of the cache is made. When it receives a SIGUSR2, dnsmasq re-scans networkinterfaces.This isrequired if it is to listen for queries on newly created interfaces or interfaces which have changed IP address. For this facility to work, dnsmasq mustbetoldtocontinuerunningasuserroot,using --user=root Dnsmasq is a DNS query forwarder: ititnotcapableofrecursively answering arbitrary queries starting from the root servers but forwards such queries to a fully recursive upstream DNS serverwhichistypi- cally provided by an ISP. By default, dnsmasq reads /etc/resolv.conf to discover the IP addresses of the upstream nameserversitshoulduse, sincetheinformationis typically stored there. Unless --no-poll is used, dnsmasq checks themodificationtimeof/etc/resolv.conf(or equivalentif--resolv-fileisused) and re-reads it if it changes. This allows the DNS servers to be set dynamically by PPP or DHCPsince both protocols provide the information.Absence of /etc/resolv.conf is not an error since it may not have been created before a PPP connection exists.Dnsmasq simply keeps checking in case /etc/resolv.conf is cre- ated atanytime.Dnsmasqcanbetoldtoparsemorethanone resolv.conffile.This is useful on a laptop, where both PPP and DHCP may be used: dnsmasq can be set to poll both/etc/ppp/resolv.confand /etc/dhcpc/resolv.confandwill use the contents of whichever changed last, giving automatic switching between DNS servers. Upstream servers may also bespecifiedonthecommandlineorin /etc/dnsmasq.conf. These server specifications optionally take a domain name which tells dnsmasq to use that server only to find names inthat particular domain. Inorder to configure dnsmasq to act as cache for the host on which it is running, put "nameserver 127.0.0.1"in/etc/resolv.conftoforce localprocessestosendqueries to dnsmasq. Then either specify the upstream servers directly to dnsmasqusing--serveroptionsorput theiraddressesreal in another file, say /etc/resolv.dnsmasq and run dnsmasq with the -r /etc/resolv.dnsmasq option. Thissecondtechnique allows for dynamic update of the server addresses by PPP or DHCP.FILES /etc/dnsmasq.conf /etc/resolv.conf /etc/hosts /var/lib/dhcp/dhcp.leases /var/run/dnsmasq.pidSEE ALSO dhcp.leases(5), hosts(5), resolver(5)AUTHOR This manual page was written by Simon Kelley . DNSMASQ(8) 真晕了,默认值居然有 3 种:150,300,600。还没细看版本呢。 是不是增加了文件?
要根据CL的包格式重新制作软件包的 需要把dnsmasq.conf添加到root.tgz包里。。。
但是CL不支持root.tgz的备份,要自己手工重做这个包。
也不难,在CL里做个新目录,把root.tgz用tar解到目录里,把dnsmasq.conf拷到
对应目录,同时在./var/lib/lrpkg/root.list添加一行/etc/dnsmasq.conf,然后
用tar重新打包就OK了
差点忘了,还要把这个目录里的新root.tgz拷出来,覆盖原来的root.tgz
我也是Linux的新手,刚迷上LFS
页:
[1]
2