dnsmasq: Add conntrack support in the full variant
Conntrack support reads the connection track mark associated with incoming DNS queries and sets the same mark value on the upstream forwarded DNS query. This can be usefull to track traffic generated by dnsmasq to associate it with the clients who generate the queries, usefull for bandwidth accouting and firewall. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This commit is contained in:
parent
16122117a5
commit
ce9e5e16ff
1 changed files with 12 additions and 6 deletions
|
@ -25,7 +25,8 @@ PKG_BUILD_PARALLEL:=1
|
||||||
PKG_CONFIG_DEPENDS:=CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dhcpv6 \
|
PKG_CONFIG_DEPENDS:=CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dhcpv6 \
|
||||||
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dnssec \
|
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dnssec \
|
||||||
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_auth \
|
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_auth \
|
||||||
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset
|
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset \
|
||||||
|
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_conntrack
|
||||||
|
|
||||||
include $(INCLUDE_DIR)/package.mk
|
include $(INCLUDE_DIR)/package.mk
|
||||||
|
|
||||||
|
@ -51,9 +52,10 @@ endef
|
||||||
|
|
||||||
define Package/dnsmasq-full
|
define Package/dnsmasq-full
|
||||||
$(call Package/dnsmasq/Default)
|
$(call Package/dnsmasq/Default)
|
||||||
TITLE += (with DNSSEC, DHCPv6, Auth DNS, IPset enabled by default)
|
TITLE += (with DNSSEC, DHCPv6, Auth DNS, IPset, Conntrack enabled by default)
|
||||||
DEPENDS:=+PACKAGE_dnsmasq_full_dnssec:libnettle \
|
DEPENDS:=+PACKAGE_dnsmasq_full_dnssec:libnettle \
|
||||||
+PACKAGE_dnsmasq_full_ipset:kmod-ipt-ipset
|
+PACKAGE_dnsmasq_full_ipset:kmod-ipt-ipset \
|
||||||
|
+PACKAGE_dnsmasq_full_conntrack:libnetfilter-conntrack
|
||||||
VARIANT:=full
|
VARIANT:=full
|
||||||
endef
|
endef
|
||||||
|
|
||||||
|
@ -70,8 +72,8 @@ endef
|
||||||
define Package/dnsmasq-full/description
|
define Package/dnsmasq-full/description
|
||||||
$(call Package/dnsmasq/description)
|
$(call Package/dnsmasq/description)
|
||||||
|
|
||||||
This is a fully configurable variant with DHCPv6, DNSSEC, Authroitative DNS and
|
This is a fully configurable variant with DHCPv6, DNSSEC, Authoritative DNS and
|
||||||
IPset support enabled by default.
|
IPset, Conntrack support enabled by default.
|
||||||
endef
|
endef
|
||||||
|
|
||||||
define Package/dnsmasq/conffiles
|
define Package/dnsmasq/conffiles
|
||||||
|
@ -94,6 +96,9 @@ define Package/dnsmasq-full/config
|
||||||
config PACKAGE_dnsmasq_full_ipset
|
config PACKAGE_dnsmasq_full_ipset
|
||||||
bool "Build with IPset support."
|
bool "Build with IPset support."
|
||||||
default y
|
default y
|
||||||
|
config PACKAGE_dnsmasq_full_conntrack
|
||||||
|
bool "Build with Conntrack support."
|
||||||
|
default y
|
||||||
endif
|
endif
|
||||||
endef
|
endef
|
||||||
|
|
||||||
|
@ -113,7 +118,8 @@ ifeq ($(BUILD_VARIANT),full)
|
||||||
COPTS += $(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dhcpv6),,-DNO_DHCP6) \
|
COPTS += $(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dhcpv6),,-DNO_DHCP6) \
|
||||||
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dnssec),-DHAVE_DNSSEC) \
|
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dnssec),-DHAVE_DNSSEC) \
|
||||||
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_auth),,-DNO_AUTH) \
|
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_auth),,-DNO_AUTH) \
|
||||||
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset),,-DNO_IPSET)
|
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset),,-DNO_IPSET) \
|
||||||
|
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_conntrack),-DHAVE_CONNTRACK,)
|
||||||
COPTS += $(if $(CONFIG_LIBNETTLE_MINI),-DNO_GMP,)
|
COPTS += $(if $(CONFIG_LIBNETTLE_MINI),-DNO_GMP,)
|
||||||
else
|
else
|
||||||
COPTS += -DNO_AUTH -DNO_IPSET
|
COPTS += -DNO_AUTH -DNO_IPSET
|
||||||
|
|
Loading…
Reference in a new issue