+++ /dev/null
-#
-# Copyright (C) 2010-2014 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=unbound
-PKG_VERSION:=1.4.22
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.unbound.net/downloads
-PKG_MD5SUM:=59728c74fef8783f8bad1d7451eba97f
-
-PKG_BUILD_DEPENDS:=libexpat
-PKG_BUILD_PARALLEL:=1
-PKG_FIXUP:=autoreconf
-PKG_INSTALL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/unbound/Default
- TITLE:=A validating, recursive & caching DNS resolver
- URL:=http://www.unbound.net/
- DEPENDS:=+libopenssl
-endef
-
-define Package/unbound
- $(call Package/unbound/Default)
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=IP Addresses and Names
- TITLE+= (daemon)
- DEPENDS+= +libunbound
-endef
-
-define Package/unbound/description
- This package contains the Unbound daemon.
-endef
-
-define Package/unbound-anchor
- $(call Package/unbound/Default)
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=IP Addresses and Names
- TITLE+= (anchor utility)
- DEPENDS+= +unbound +libexpat
-endef
-
-define Package/unbound-anchor/description
- This package contains the Unbound anchor utility.
-endef
-
-define Package/unbound-control
- $(call Package/unbound/Default)
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=IP Addresses and Names
- TITLE+= (control utility)
- DEPENDS+= +unbound
-endef
-
-define Package/unbound-control/description
- This package contains the Unbound control utility.
-endef
-
-define Package/unbound-control-setup
- $(call Package/unbound/Default)
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=IP Addresses and Names
- TITLE+= (control setup utility)
- DEPENDS+= +unbound-control +openssl-util
-endef
-
-define Package/unbound-control-setup/description
- This package contains the Unbound control setup utility.
-endef
-
-define Package/unbound-host
- $(call Package/unbound/Default)
- SECTION:=net
- CATEGORY:=Network
- SUBMENU:=IP Addresses and Names
- TITLE+= (DNS lookup utility)
- DEPENDS+= +libunbound
-endef
-
-define Package/unbound-host/description
- This package contains the Unbound DNS lookup utility.
-endef
-
-define Package/libunbound
- $(call Package/unbound/Default)
- SECTION:=libs
- CATEGORY:=Libraries
- TITLE+= (library)
-endef
-
-define Package/libunbound/description
- This package contains the Unbound shared library.
-endef
-
-CONFIGURE_ARGS += \
- --disable-ecdsa \
- --disable-gost \
- --enable-allsymbols \
- --with-libexpat="$(STAGING_DIR)/usr" \
- --with-ssl="$(STAGING_DIR)/usr" \
- --without-pthreads
-
-define Package/unbound/conffiles
-/etc/unbound/unbound.conf
-endef
-
-define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/include
- $(CP) $(PKG_INSTALL_DIR)/usr/include/unbound.h $(1)/usr/include/
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libunbound.{so*,a,la} $(1)/usr/lib/
-endef
-
-define Package/unbound/install
- $(INSTALL_DIR) $(1)/usr/sbin
- $(CP) \
- $(PKG_INSTALL_DIR)/usr/sbin/unbound \
- $(PKG_INSTALL_DIR)/usr/sbin/unbound-checkconf \
- $(1)/usr/sbin/
- $(INSTALL_DIR) $(1)/etc/unbound
- $(INSTALL_CONF) \
- $(PKG_INSTALL_DIR)/etc/unbound/unbound.conf \
- $(1)/etc/unbound/
- $(INSTALL_CONF) ./files/root.key $(1)/etc/unbound/
- $(INSTALL_CONF) ./files/named.cache $(1)/etc/unbound/
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/unbound.init $(1)/etc/init.d/unbound
-endef
-
-define Package/unbound-anchor/install
- $(INSTALL_DIR) $(1)/usr/sbin
- $(CP) $(PKG_INSTALL_DIR)/usr/sbin/unbound-anchor $(1)/usr/sbin/
-endef
-
-define Package/unbound-control/install
- $(INSTALL_DIR) $(1)/usr/sbin
- $(CP) $(PKG_INSTALL_DIR)/usr/sbin/unbound-control $(1)/usr/sbin/
-endef
-
-define Package/unbound-control-setup/install
- $(INSTALL_DIR) $(1)/usr/sbin
- $(CP) $(PKG_INSTALL_DIR)/usr/sbin/unbound-control-setup $(1)/usr/sbin/
-endef
-
-define Package/unbound-host/install
- $(INSTALL_DIR) $(1)/usr/sbin
- $(CP) $(PKG_INSTALL_DIR)/usr/sbin/unbound-host $(1)/usr/sbin/
-endef
-
-define Package/libunbound/install
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_INSTALL_DIR)/usr/lib/libunbound.so.* $(1)/usr/lib/
-endef
-
-$(eval $(call BuildPackage,unbound))
-$(eval $(call BuildPackage,unbound-anchor))
-$(eval $(call BuildPackage,unbound-control))
-$(eval $(call BuildPackage,unbound-control-setup))
-$(eval $(call BuildPackage,unbound-host))
-$(eval $(call BuildPackage,libunbound))
+++ /dev/null
-; This file holds the information on root name servers needed to
-; initialize cache of Internet domain name servers
-; (e.g. reference this file in the "cache . <file>"
-; configuration file of BIND domain name servers).
-;
-; This file is made available by InterNIC
-; under anonymous FTP as
-; file /domain/named.cache
-; on server FTP.INTERNIC.NET
-; -OR- RS.INTERNIC.NET
-;
-; last update: Mar 26, 2014
-; related version of root zone: 2014032601
-;
-; formerly NS.INTERNIC.NET
-;
-. 3600000 IN NS A.ROOT-SERVERS.NET.
-A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
-A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
-;
-; FORMERLY NS1.ISI.EDU
-;
-. 3600000 NS B.ROOT-SERVERS.NET.
-B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
-;
-; FORMERLY C.PSI.NET
-;
-. 3600000 NS C.ROOT-SERVERS.NET.
-C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
-C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::C
-;
-; FORMERLY TERP.UMD.EDU
-;
-. 3600000 NS D.ROOT-SERVERS.NET.
-D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13
-D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D
-;
-; FORMERLY NS.NASA.GOV
-;
-. 3600000 NS E.ROOT-SERVERS.NET.
-E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
-;
-; FORMERLY NS.ISC.ORG
-;
-. 3600000 NS F.ROOT-SERVERS.NET.
-F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
-F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F
-;
-; FORMERLY NS.NIC.DDN.MIL
-;
-. 3600000 NS G.ROOT-SERVERS.NET.
-G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
-;
-; FORMERLY AOS.ARL.ARMY.MIL
-;
-. 3600000 NS H.ROOT-SERVERS.NET.
-H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
-H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235
-;
-; FORMERLY NIC.NORDU.NET
-;
-. 3600000 NS I.ROOT-SERVERS.NET.
-I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
-I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53
-;
-; OPERATED BY VERISIGN, INC.
-;
-. 3600000 NS J.ROOT-SERVERS.NET.
-J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
-J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
-;
-; OPERATED BY RIPE NCC
-;
-. 3600000 NS K.ROOT-SERVERS.NET.
-K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
-K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1
-;
-; OPERATED BY ICANN
-;
-. 3600000 NS L.ROOT-SERVERS.NET.
-L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
-L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42
-;
-; OPERATED BY WIDE
-;
-. 3600000 NS M.ROOT-SERVERS.NET.
-M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
-M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35
-; End of File
+++ /dev/null
-. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
+++ /dev/null
-#!/bin/sh /etc/rc.common
-#Copyright (C) 2010 Ondrej Caletka <o.caletka@sh.cvut.cz>
-START=61
-
-start () {
- unbound
-}
-
-stop () {
- PIDFILE='/var/run/unbound.pid'
- if [ -f $PIDFILE ] ; then
- kill $(cat $PIDFILE)
- fi
-}
+++ /dev/null
---- a/doc/example.conf.in
-+++ b/doc/example.conf.in
-@@ -38,6 +38,8 @@ server:
- # interface: 192.0.2.154
- # interface: 192.0.2.154@5003
- # interface: 2001:DB8::5
-+ interface: 0.0.0.0
-+ interface: ::0
-
- # enable this feature to copy the source address of queries to reply.
- # Socket options are not supported on all platforms. experimental.
-@@ -57,6 +59,7 @@ server:
- # port range that can be open simultaneously. About double the
- # num-queries-per-thread, or, use as many as the OS will allow you.
- # outgoing-range: 4096
-+ outgoing-range: 60
-
- # permit unbound to use this port number or port range for
- # making outgoing queries, using an outgoing interface.
-@@ -73,9 +76,11 @@ server:
-
- # number of outgoing simultaneous tcp buffers to hold per thread.
- # outgoing-num-tcp: 10
-+ outgoing-num-tcp: 1
-
- # number of incoming simultaneous tcp buffers to hold per thread.
- # incoming-num-tcp: 10
-+ incoming-num-tcp: 1
-
- # buffer size for UDP port 53 incoming (SO_RCVBUF socket option).
- # 0 is system default. Use 4m to catch query spikes for busy servers.
-@@ -99,18 +104,22 @@ server:
- # buffer size for handling DNS data. No messages larger than this
- # size can be sent or received, by UDP or TCP. In bytes.
- # msg-buffer-size: 65552
-+ msg-buffer-size: 8192
-
- # the amount of memory to use for the message cache.
- # plain value in bytes or you can append k, m or G. default is "4Mb".
- # msg-cache-size: 4m
-+ msg-cache-size: 100k
-
- # the number of slabs to use for the message cache.
- # the number of slabs must be a power of 2.
- # more slabs reduce lock contention, but fragment memory usage.
- # msg-cache-slabs: 4
-+ msg-cache-slabs: 1
-
- # the number of queries that a thread gets to service.
- # num-queries-per-thread: 1024
-+ num-queries-per-thread: 30
-
- # if very busy, 50% queries run to completion, 50% get timeout in msec
- # jostle-timeout: 200
-@@ -121,11 +130,13 @@ server:
- # the amount of memory to use for the RRset cache.
- # plain value in bytes or you can append k, m or G. default is "4Mb".
- # rrset-cache-size: 4m
-+ rrset-cache-size: 100k
-
- # the number of slabs to use for the RRset cache.
- # the number of slabs must be a power of 2.
- # more slabs reduce lock contention, but fragment memory usage.
- # rrset-cache-slabs: 4
-+ rrset-cache-slabs: 1
-
- # the time to live (TTL) value lower bound, in seconds. Default 0.
- # If more than an hour could easily give trouble due to stale data.
-@@ -143,9 +154,11 @@ server:
- # the number of slabs must be a power of 2.
- # more slabs reduce lock contention, but fragment memory usage.
- # infra-cache-slabs: 4
-+ infra-cache-slabs: 1
-
- # the maximum number of hosts that are cached (roundtrip, EDNS, lame).
- # infra-cache-numhosts: 10000
-+ infra-cache-numhosts: 200
-
- # Enable IPv4, "yes" or "no".
- # do-ip4: yes
-@@ -178,6 +191,8 @@ server:
- # access-control: ::0/0 refuse
- # access-control: ::1 allow
- # access-control: ::ffff:127.0.0.1 allow
-+ access-control: 0.0.0.0/0 allow
-+ access-control: ::0/0 allow
-
- # if given, a chroot(2) is done to the given directory.
- # i.e. you can chroot to the working directory, for example,
-@@ -208,6 +223,7 @@ server:
- # and the given username is assumed. Default is user "unbound".
- # If you give "" no privileges are dropped.
- # username: "@UNBOUND_USERNAME@"
-+ username: ""
-
- # the working directory. The relative files in this config are
- # relative to this directory. If you give "" the working directory
-@@ -230,10 +246,12 @@ server:
-
- # the pid file. Can be an absolute path outside of chroot/work dir.
- # pidfile: "@UNBOUND_PIDFILE@"
-+ pidfile: "/var/run/unbound.pid"
-
- # file to read root hints from.
- # get one from ftp://FTP.INTERNIC.NET/domain/named.cache
- # root-hints: ""
-+ root-hints: "/etc/unbound/named.cache"
-
- # enable to not answer id.server and hostname.bind queries.
- # hide-identity: no
-@@ -256,12 +274,15 @@ server:
- # positive value: fetch that many targets opportunistically.
- # Enclose the list of numbers between quotes ("").
- # target-fetch-policy: "3 2 1 0 0"
-+ target-fetch-policy: "2 1 0 0 0 0"
-
- # Harden against very small EDNS buffer sizes.
- # harden-short-bufsize: no
-+ harden-short-bufsize: yes
-
- # Harden against unseemly large queries.
- # harden-large-queries: no
-+ harden-large-queries: yes
-
- # Harden against out of zone rrsets, to avoid spoofing attempts.
- # harden-glue: yes
-@@ -342,7 +363,7 @@ server:
- # you start unbound (i.e. in the system boot scripts). And enable:
- # Please note usage of unbound-anchor root anchor is at your own risk
- # and under the terms of our LICENSE (see that file in the source).
-- # auto-trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@"
-+ auto-trust-anchor-file: "@UNBOUND_ROOTKEY_FILE@"
-
- # File with DLV trusted keys. Same format as trust-anchor-file.
- # There can be only one DLV configured, it is trusted from root down.
-@@ -428,15 +449,18 @@ server:
- # the amount of memory to use for the key cache.
- # plain value in bytes or you can append k, m or G. default is "4Mb".
- # key-cache-size: 4m
-+ key-cache-size: 100k
-
- # the number of slabs to use for the key cache.
- # the number of slabs must be a power of 2.
- # more slabs reduce lock contention, but fragment memory usage.
- # key-cache-slabs: 4
-+ key-cache-slabs: 1
-
- # the amount of memory to use for the negative cache (used for DLV).
- # plain value in bytes or you can append k, m or G. default is "1Mb".
- # neg-cache-size: 1m
-+ neg-cache-size: 10k
-
- # By default, for a number of zones a small default 'nothing here'
- # reply is built-in. Query traffic is thus blocked. If you
projects / openwrt / svn-archive / archive.git / commitdiff