[OpenWrt-Devel] [PATCH 5/6] dnsmasq: Add conntrack support in the full variant
Hans Dedecker
dedeckeh at gmail.com
Wed Apr 27 05:14:01 EDT 2016
Conntrack support reads the connection track mark associated with
incoming DNS queries and sets the same mark value on the upstream
forwarded DNS query. This can be usefull to track traffic generated
by dnsmasq to associate it with the clients who generate the queries,
usefull for bandwidth accouting and firewall.
Signed-off-by: Hans Dedecker <dedeckeh at gmail.com>
---
package/network/services/dnsmasq/Makefile | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile
index a5b96a3..3f12a40 100644
--- a/package/network/services/dnsmasq/Makefile
+++ b/package/network/services/dnsmasq/Makefile
@@ -25,7 +25,8 @@ PKG_BUILD_PARALLEL:=1
PKG_CONFIG_DEPENDS:=CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dhcpv6 \
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dnssec \
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_auth \
- CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset
+ CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset \
+ CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_conntrack
include $(INCLUDE_DIR)/package.mk
@@ -51,9 +52,10 @@ endef
define Package/dnsmasq-full
$(call Package/dnsmasq/Default)
- TITLE += (with DNSSEC, DHCPv6, Auth DNS, IPset enabled by default)
+ TITLE += (with DNSSEC, DHCPv6, Auth DNS, IPset, Conntrack enabled by default)
DEPENDS:=+PACKAGE_dnsmasq_full_dnssec:libnettle \
- +PACKAGE_dnsmasq_full_ipset:kmod-ipt-ipset
+ +PACKAGE_dnsmasq_full_ipset:kmod-ipt-ipset \
+ +PACKAGE_dnsmasq_full_conntrack:libnetfilter-conntrack
VARIANT:=full
endef
@@ -70,8 +72,8 @@ endef
define Package/dnsmasq-full/description
$(call Package/dnsmasq/description)
-This is a fully configurable variant with DHCPv6, DNSSEC, Authroitative DNS and
-IPset support enabled by default.
+This is a fully configurable variant with DHCPv6, DNSSEC, Authoritative DNS and
+IPset, Conntrack support enabled by default.
endef
define Package/dnsmasq/conffiles
@@ -94,6 +96,9 @@ define Package/dnsmasq-full/config
config PACKAGE_dnsmasq_full_ipset
bool "Build with IPset support."
default y
+ config PACKAGE_dnsmasq_full_conntrack
+ bool "Build with Conntrack support."
+ default y
endif
endef
@@ -113,7 +118,8 @@ ifeq ($(BUILD_VARIANT),full)
COPTS += $(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dhcpv6),,-DNO_DHCP6) \
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dnssec),-DHAVE_DNSSEC) \
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_auth),,-DNO_AUTH) \
- $(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset),,-DNO_IPSET)
+ $(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset),,-DNO_IPSET) \
+ $(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_conntrack),-DHAVE_CONNTRACK,)
COPTS += $(if $(CONFIG_LIBNETTLE_MINI),-DNO_GMP,)
else
COPTS += -DNO_AUTH -DNO_IPSET
--
1.9.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list