- Mar 12, 2013
-
-
Marek Vavrusa authored
-
Marek Vavrusa authored
-
Marek Vavrusa authored
-
Ondřej Surý authored
Change-Id: I77615a328dce98e39964c567b55cf7c4dca331e2
-
Marek Vavrusa authored
Prints zone status in following format: <name> | type={master,slave} | serial=N | <state>
-
- Mar 11, 2013
-
-
Marek Vavrusa authored
-
Marek Vavrusa authored
Configuration can still be overriden using the command line parameters.
-
Marek Vavrusa authored
-
- Mar 01, 2013
-
-
-
Marek Vavrusa authored
-
Marek Vavrusa authored
-
- Feb 28, 2013
-
-
Marek Vavrusa authored
-
Marek Vavrusa authored
-
Marek Vavrusa authored
refs #2136
-
Marek Vavrusa authored
refs #2136
-
Marek Vavrusa authored
-
Marek Vavrusa authored
-
Marek Vavrusa authored
Doesn't guarantee waking up of the Idle threads and blocks when used in dt_start(). Caller should either activate existing threads or use dt_start() instead. refs #1441
-
Marek Vavrusa authored
Replaced with _SC_PAGESIZE, fixes OpenBSD build.
-
Marek Vavrusa authored
-
- Feb 27, 2013
-
-
Marek Vavrusa authored
fixes #1441
-
Marek Vavrusa authored
-
Marek Vavrusa authored
This reverts commit c185f2f4.
-
Daniel Salzman authored
Jenkins fails on all platforms with it.
-
- Feb 26, 2013
-
-
Marek Vavrusa authored
refs #2136
-
Marek Vavrusa authored
refs #2136
-
Marek Vavrusa authored
refs #2136
-
Marek Vavrusa authored
refs #2136
-
Marek Vavrusa authored
New classes: * ANY (for ANY qtype) * DNSSEC (for qtype = DNSSEC-related record) Now logging when netblock enters/leaves rate limiting. Calculated by the previous window when dt>0 and number of available tokens is zero. Buckets under a slow-start phase cannot reset on subsequent collisions, this is to avoid potential collision attack when two precalculated packets hit the same bucket regularly. This could happen in a legitimate traffic as well (less probably), if it does, the clients won't get completely denied, but will share the remaining rate until the slow-start phases out (1 time window). refs #2136
-
Lubos Slovak authored
fixes #2361 @30m
-
Lubos Slovak authored
fixes #2363 @15m
-
- Feb 25, 2013
-
-
Marek Vavrusa authored
Now works when enabled in configuration. No smoothing to precision better than 1s yet. SLIP also implemented. refs #2136
-
Marek Vavrusa authored
refs #2136
-
Marek Vavrusa authored
As response packet is temporary at the moment, copy flags/markers from the response to the query when parsing. refs #2136
-
Marek Vavrusa authored
refs #2136
-
Marek Vavrusa authored
refs #2136
-
Marek Vavrusa authored
RRL could be updated from any answering thread and due to the natural collisions, even one bucket. As every query also updates the bucket, it would be inefficient to sync all threads using RCU. For this reason N muteces are allocated and appropriate mutex is calculated from the id of the bucket (currently last digit). refs #2136
-
Marek Vavrusa authored
-
- Feb 22, 2013
-
-
Marek Vavrusa authored
Basic classes (evaluated in following order): * NORMAL - positive answer * ERROR - rcode is not NXDOMAIN nor NOERROR * NXDOMAIN - rcode is NXDOMAIN * EMPTY - response doesn't contain any answers * LARGE - packet size exceeded threshold (currently 1k) * WILDCARD - answering from a wildcard Reason behind not selectively classifying popular types like DNSKEY, RRSIG or ANY is that any type could be exploited, depending on the contents of the zone. refs #2136
-
Marek Vavrusa authored
-
