https://blog.powerdns.com/2018/11/08/dnsdist-1-3-3-released/
- Security fix: fixes a possible record smugging with a crafted
DNS query with trailing data (CVE-2018-14663, bsc#1114511)
- New Features
- Add consistent hash builtin policy
- Add EDNSOptionRule
- Add DSTPortRule
- Make getOutstanding usable from both lua and console
- Added :excludeRange and :includeRange methods to
DynBPFFilter class
- Add Prometheus stats support
- Name threads in the programs
- Support the NXDomain action with dynamic blocks
- Add security polling
- Add a PoolAvailableRule to easily add backup pools
- Improvements
- Get rid of some allocs/copies in DNS parsing
- Set a correct EDNS OPT RR for self-generated answers
- Fix a sign-comparison warning in isEDNSOptionInOPT()
- Add warning rates to DynBlockRulesGroup rules
- Add support for exporting a server id in protobuf
- dnsdist did not set TCP_NODELAY, causing needless latency
- Add a setting to control the number of stored sessions
- Wrap GnuTLS and OpenSSL pointers in smart pointers
- Add a ‘creationOrder’ field to rules
- Fix return-type detection with boost 1.69’s tribool
- Fix format string issue on 32bits ARM
- Wrap TCP connection objects in smart pointers
- Add the setConsoleOutputMaxMsgSize function
OBS-URL: https://build.opensuse.org/package/show/server:dns/dnsdist?expand=0&rev=10
- fix user creation code
- update to 1.2.1
* Make dnsdist dynamic truncate do right thing on TCP/IP.
* Add missing QPSAction.
* Don't create a Remote Logger in client mode.
* Keep the TCP connection open on cache hit, generated answers.
* Add the missing <sys/time.h> include to mplexer.hh for struct timeval.
* Sort the servers based on their 'order' after it has been set.
* Fix the outstanding counter when an exception is raised.
* Do not connect the snmpAgent from a dnsdist client.
OBS-URL: https://build.opensuse.org/request/show/577238
OBS-URL: https://build.opensuse.org/package/show/server:dns/dnsdist?expand=0&rev=5
dnsdist 1.1.0 has seen a significant amount of development,
mostly based on feedback from they many 1.0 deployments. The
majority of the new features have already been taken into
production by pre-release and beta users.
Highlights include:
- TeeAction: send responses to a second nameserver, but ignore
responses. Used to test new installations on existing traffic.
Also used by the Yeti rootserver project.
- Response rules which act on received responses
- AXFR/IXFR support, including filtering options
- Linux kernel based query type and query name filtering (eBPF),
for very high speed packet rejection. Includes counters and
statistics
- Query counting infrastructure (contributed by TransIP’s Reinier
Schoof)
For the many other new features, improvements and bug fixes,
please see the dnsdist website for the more complete changelog
and the current documentation.
http://dnsdist.org/changelog/#dnsdist-110http://dnsdist.org/README/
- refresh dnsdist_bindir.patch to apply cleanly again
OBS-URL: https://build.opensuse.org/package/show/server:dns/dnsdist?expand=0&rev=2
