-----------------------------------------------------------------------------
DNSPROXY 1.15
The dnsproxy daemon is a proxy for DNS queries. It forwards these queries
to two previously configured nameservers: one for authoritative queries
and another for recursive queries. The received answers are sent back to
the client unchanged. No local caching is done.
Primary motivation for this project was the need to replace Bind servers
with djbdns in an ISP environment. These servers get recursive queries
from customers and authoritative queries from outside at the same IP
address. Now it is possible to run dnscache and tinydns on the same
machine with queries dispatched by dnsproxy.
Other scenarios are firewalls where you want to proxy queries to the real
servers in your DMZ. Or internal nameservers behind firewalls, or...
Some features:
- Secure. Runs chrooted and without root privileges.
- Fast. Able to process hundreds of queries per second.
- Easy to setup. Simple configuration file.
Source code is available at http://www.wolfermann.org/dnsproxy.html
-----------------------------------------------------------------------------
INSTALLATION
If you run any current UNIX-like operating system, only the following
steps should be necessary:
./configure
make
make install
This release includes a stripped down version of the libevent library
written by Niels Provos. See http://www.monkey.org/~provos/libevent/
for more information. To use an already installed libevent:
./configure --with-native-libevent
-----------------------------------------------------------------------------
CONFIGURATION
At startup dnsproxy reads a configuration file specified via the -c
option or at the default location of /etc/dnsproxy.conf. The syntax of
this configuration file is of the form "keyword value" and looks like:
authoritative 127.0.0.1 # Authoritative server. Required.
authoritative-port 53001 # It's port. Defaults to 53.
authoritative-timeout 10 # Seconds to wait for answers.
recursive 127.0.0.1 # Recursive server. Required.
recursive-port 53002 # It's port. Defaults to 53.
recursive-timeout 90 # Seconds to wait for answers.
listen 192.168.168.1 # Dnsproxy's listen address.
port 53 # Dnsproxy's port address.
chroot /var/empty # Directory to chroot dnsproxy.
user nobody # Unprivileged user to run as.
internal 192.168.168.0/24 # Only internal IP addresses are
internal 127.0.0.1 # allowed to do recursive queries.
statistics 3600 # Print statistics every hour.
-----------------------------------------------------------------------------
COMPATIBILITY
This package should build and run on the following systems:
OpenBSD 3.2 - 3.7
NetBSD 1.6.1
FreeBSD 4.8 4.9 5.2
Solaris 8 - 10
Linux SuSE, Gentoo
Other POSIX environments should work also. Please drop me a mail at
dnsproxy@wolfermann.org if you run dnsproxy on an unlisted system.
-----------------------------------------------------------------------------
LICENSE
This software is released under an OSI approved MIT-style license:
Copyright (c) 2003,2004,2005 Armin Wolfermann.
Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the "Software"),
to deal in the Software without restriction, including without limitation
the rights to use, copy, modify, merge, publish, distribute, sublicense,
and/or sell copies of the Software, and to permit persons to whom the
Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.
-----------------------------------------------------------------------------
$Id: README.in,v 1.15 2005/05/16 22:52:21 armin Exp $
