Data Fields
config_file Struct Reference

The configuration options. More...

#include <config_file.h>

Data Fields

int verbosity
 verbosity level as specified in the config file
int stat_interval
 statistics interval (in seconds)
int stat_cumulative
 if false, statistics values are reset after printing them
int stat_extended
 if true, the statistics are kept in greater detail
int num_threads
 number of threads to create
int port
 port on which queries are answered. More...
int do_ip4
 do ip4 query support. More...
int do_ip6
 do ip6 query support. More...
int prefer_ip6
 prefer ip6 upstream queries. More...
int do_udp
 do udp query support. More...
int do_tcp
 do tcp query support. More...
int tcp_upstream
 tcp upstream queries (no UDP upstream queries)
int tcp_mss
 maximum segment size of tcp socket which queries are answered
int outgoing_tcp_mss
 maximum segment size of tcp socket for outgoing queries
char * ssl_service_key
 private key file for dnstcp-ssl service (enabled if not NULL)
char * ssl_service_pem
 public key file for dnstcp-ssl service
int ssl_port
 port on which to provide ssl service
int ssl_upstream
 if outgoing tcp connections use SSL
int outgoing_num_ports
 outgoing port range number of ports (per thread)
size_t outgoing_num_tcp
 number of outgoing tcp buffers per (per thread)
size_t incoming_num_tcp
 number of incoming tcp buffers per (per thread)
int * outgoing_avail_ports
 allowed udp port numbers, array with 0 if not allowed
size_t edns_buffer_size
 EDNS buffer size to use.
size_t msg_buffer_size
 number of bytes buffer size for DNS messages
size_t msg_cache_size
 size of the message cache
size_t msg_cache_slabs
 slabs in the message cache. More...
size_t num_queries_per_thread
 number of queries every thread can service
size_t jostle_time
 number of msec to wait before items can be jostled out
size_t rrset_cache_size
 size of the rrset cache
size_t rrset_cache_slabs
 slabs in the rrset cache
int host_ttl
 host cache ttl in seconds
size_t infra_cache_slabs
 number of slabs in the infra host cache
size_t infra_cache_numhosts
 max number of hosts in the infra cache
int infra_cache_min_rtt
 min value for infra cache rtt
int delay_close
 delay close of udp-timeouted ports, if 0 no delayclose. More...
char * target_fetch_policy
 the target fetch policy for the iterator
int if_automatic
 automatic interface for incoming messages. More...
size_t so_rcvbuf
 SO_RCVBUF size to set on port 53 UDP socket.
size_t so_sndbuf
 SO_SNDBUF size to set on port 53 UDP socket.
int so_reuseport
 SO_REUSEPORT requested on port 53 sockets.
int ip_transparent
 IP_TRANSPARENT socket option requested on port 53 sockets.
int ip_freebind
 IP_FREEBIND socket option request on port 53 sockets.
int num_ifs
 number of interfaces to open. More...
char ** ifs
 interface description strings (IP addresses)
int num_out_ifs
 number of outgoing interfaces to open. More...
char ** out_ifs
 outgoing interface description strings (IP addresses)
struct config_strlistroot_hints
 the root hints
struct config_stubstubs
 the stub definitions, linked list
struct config_stubforwards
 the forward zone definitions, linked list
struct config_strlistdonotqueryaddrs
 list of donotquery addresses, linked list
struct config_str2listacls
 list of access control entries, linked list
int donotquery_localhost
 use default localhost donotqueryaddr entries
int harden_short_bufsize
 harden against very small edns buffer sizes
int harden_large_queries
 harden against very large query sizes
int harden_glue
 harden against spoofed glue (out of zone data)
int harden_dnssec_stripped
 harden against receiving no DNSSEC data for trust anchor
int harden_below_nxdomain
 harden against queries that fall under known nxdomain names
int harden_referral_path
 harden the referral path, query for NS,A,AAAA and validate
int harden_algo_downgrade
 harden against algorithm downgrade
int use_caps_bits_for_id
 use 0x20 bits in query as random ID bits
struct config_strlistcaps_whitelist
 0x20 whitelist, domains that do not use capsforid
struct config_strlistprivate_address
 strip away these private addrs from answers, no DNS Rebinding
struct config_strlistprivate_domain
 allow domain (and subdomains) to use private address space
size_t unwanted_threshold
 what threshold for unwanted action. More...
int max_ttl
 the number of seconds maximal TTL used for RRsets and messages
int min_ttl
 the number of seconds minimum TTL used for RRsets and messages
int max_negative_ttl
 the number of seconds maximal negative TTL for SOA in auth
int prefetch
 if prefetching of messages should be performed. More...
int prefetch_key
 if prefetching of DNSKEYs should be performed. More...
char * chrootdir
 chrootdir, if not "" or chroot will be done
char * username
 username to change to, if not "". More...
char * directory
 working directory
char * logfile
 filename to log to. More...
char * pidfile
 pidfile to write pid to. More...
int use_syslog
 should log messages be sent to syslogd
int log_time_ascii
 log timestamp in ascii UTC
int log_queries
 log queries with one line per query
int hide_identity
 do not report identity (id.server, hostname.bind)
int hide_version
 do not report version (version.server, version.bind)
char * identity
 identity, hostname is returned if "". More...
char * version
 version, package version returned if "". More...
char * module_conf
 the module configuration string
struct config_strlisttrust_anchor_file_list
 files with trusted DS and DNSKEYs in zonefile format, list
struct config_strlisttrust_anchor_list
 list of trustanchor keys, linked list
struct config_strlistauto_trust_anchor_file_list
 files with 5011 autotrust tracked keys
struct config_strlisttrusted_keys_file_list
 files with trusted DNSKEYs in named.conf format, list
char * dlv_anchor_file
 DLV anchor file.
struct config_strlistdlv_anchor_list
 DLV anchor inline.
struct config_strlistdomain_insecure
 insecure domain list
int32_t val_date_override
 if not 0, this value is the validation date for RRSIGs
int32_t val_sig_skew_min
 the minimum for signature clock skew
int32_t val_sig_skew_max
 the maximum for signature clock skew
int bogus_ttl
 this value sets the number of seconds before revalidating bogus
int val_clean_additional
 should validator clean additional section for secure msgs
int val_log_level
 log bogus messages by the validator
int val_log_squelch
 squelch val_log_level to log - this is library goes to callback
int val_permissive_mode
 should validator allow bogus messages to go through
int ignore_cd
 ignore the CD flag in incoming queries and refuse them bogus data
char * val_nsec3_key_iterations
 nsec3 maximum iterations per key size, string
unsigned int add_holddown
 autotrust add holddown time, in seconds
unsigned int del_holddown
 autotrust del holddown time, in seconds
unsigned int keep_missing
 autotrust keep_missing time, in seconds. More...
int permit_small_holddown
 permit small holddown values, allowing 5011 rollover very fast
size_t key_cache_size
 size of the key cache
size_t key_cache_slabs
 slabs in the key cache. More...
size_t neg_cache_size
 size of the neg cache
struct config_str2listlocal_zones
 local zones config
struct config_strlistlocal_zones_nodefault
 local zones nodefault list
struct config_strlistlocal_data
 local data RRs configured
struct config_str3listlocal_zone_overrides
 local zone override types per netblock
int unblock_lan_zones
 unblock lan zones (reverse lookups for AS112 zones)
int insecure_lan_zones
 insecure lan zones (don't validate AS112 zones)
struct config_strbytelistlocal_zone_tags
 list of zonename, tagbitlist
struct config_strbytelistacl_tags
 list of aclname, tagbitlist
struct config_str3listacl_tag_actions
 list of aclname, tagname, localzonetype
struct config_str3listacl_tag_datas
 list of aclname, tagname, redirectdata
char ** tagname
 tag list, array with tagname[i] is malloced string
int num_tags
 number of items in the taglist
int remote_control_enable
 remote control section. More...
struct config_strlistcontrol_ifs
 the interfaces the remote control should listen on
int control_port
 port number for the control port
int remote_control_use_cert
 use certificates for remote control
char * server_key_file
 private key file for server
char * server_cert_file
 certificate file for server
char * control_key_file
 private key file for unbound-control
char * control_cert_file
 certificate file for unbound-control
char * python_script
 Python script file.
int do_daemonize
 daemonize, i.e. More...
int minimal_responses
int rrset_roundrobin
size_t max_udp_size
char * dns64_prefix
int dns64_synthall
int dnstap
 true to enable dnstap support
char * dnstap_socket_path
 dnstap socket path
int dnstap_send_identity
 true to send "identity" via dnstap
int dnstap_send_version
 true to send "version" via dnstap
char * dnstap_identity
 dnstap "identity", hostname is used if "". More...
char * dnstap_version
 dnstap "version", package version is used if "". More...
int dnstap_log_resolver_query_messages
 true to log dnstap RESOLVER_QUERY message events
int dnstap_log_resolver_response_messages
 true to log dnstap RESOLVER_RESPONSE message events
int dnstap_log_client_query_messages
 true to log dnstap CLIENT_QUERY message events
int dnstap_log_client_response_messages
 true to log dnstap CLIENT_RESPONSE message events
int dnstap_log_forwarder_query_messages
 true to log dnstap FORWARDER_QUERY message events
int dnstap_log_forwarder_response_messages
 true to log dnstap FORWARDER_RESPONSE message events
int disable_dnssec_lame_check
 true to disable DNSSEC lameness check in iterator
int ratelimit
 ratelimit 0 is off, otherwise qps (unless overridden)
size_t ratelimit_slabs
 number of slabs for ratelimit cache
size_t ratelimit_size
 memory size in bytes for ratelimit cache
struct config_str2listratelimit_for_domain
 ratelimits for domain (exact match)
struct config_str2listratelimit_below_domain
 ratelimits below domain
int ratelimit_factor
 ratelimit factor, 0 blocks all, 10 allows 1/10 of traffic
int qname_minimisation
 minimise outgoing QNAME and hide original QTYPE if possible

Detailed Description

The configuration options.

Strings are malloced.

Field Documentation

int config_file::port

port on which queries are answered.

Referenced by config_create(), config_set_option(), daemon_open_shared_ports(), and listening_ports_open().

int config_file::do_ip4
int config_file::do_ip6
int config_file::prefer_ip6

prefer ip6 upstream queries.

Referenced by iter_filter_order(), and morechecks().

int config_file::do_udp
int config_file::do_tcp
size_t config_file::msg_cache_slabs
int config_file::delay_close

delay close of udp-timeouted ports, if 0 no delayclose.

in msec

Referenced by config_create(), config_set_option(), libworker_setup(), and worker_init().

int config_file::if_automatic

automatic interface for incoming messages.

Uses ipv6 remapping, and recvmsg/sendmsg ancillary data to detect interfaces, boolean

Referenced by checkrlimits(), config_create(), config_set_option(), and listening_ports_open().

int config_file::num_ifs

number of interfaces to open.

If 0 default all interfaces.

Referenced by checkrlimits(), config_create(), config_delete(), interfacechecks(), and listening_ports_open().

int config_file::num_out_ifs

number of outgoing interfaces to open.

If 0 default all interfaces.

Referenced by config_create(), config_delete(), config_set_option(), interfacechecks(), libworker_setup(), and worker_init().

size_t config_file::unwanted_threshold

what threshold for unwanted action.

Referenced by config_create(), config_set_option(), libworker_setup(), and worker_init().

int config_file::prefetch

if prefetching of messages should be performed.

Referenced by config_create(), config_set_option(), and worker_handle_request().

int config_file::prefetch_key

if prefetching of DNSKEYs should be performed.

Referenced by config_create(), config_set_option(), processInitRequest3(), and processQueryResponse().

char* config_file::username
char* config_file::logfile
char* config_file::pidfile
char* config_file::identity

identity, hostname is returned if "".

Referenced by answer_chaos(), config_create(), config_delete(), and config_set_option().

char* config_file::version

version, package version returned if "".

Referenced by answer_chaos(), config_create(), config_delete(), and config_set_option().

unsigned int config_file::keep_missing

autotrust keep_missing time, in seconds.

0 is forever.

Referenced by config_create(), config_set_option(), and remove_missing_trustanchors().

size_t config_file::key_cache_slabs

slabs in the key cache.

Referenced by config_create(), config_create_forlib(), config_set_option(), and key_cache_create().

int config_file::remote_control_enable
int config_file::do_daemonize

daemonize, i.e.

fork into the background.

Referenced by config_create(), config_set_option(), and perform_setup().

char* config_file::dnstap_identity

dnstap "identity", hostname is used if "".

Referenced by config_delete().

char* config_file::dnstap_version

dnstap "version", package version is used if "".

Referenced by config_delete().

The documentation for this struct was generated from the following file: