2 * configparser.y -- yacc grammar for unbound configuration files
4 * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
6 * Copyright (c) 2007, NLnet Labs. All rights reserved.
8 * This software is open source.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
14 * Redistributions of source code must retain the above copyright notice,
15 * this list of conditions and the following disclaimer.
17 * Redistributions in binary form must reproduce the above copyright notice,
18 * this list of conditions and the following disclaimer in the documentation
19 * and/or other materials provided with the distribution.
21 * Neither the name of the NLNET LABS nor the names of its contributors may
22 * be used to endorse or promote products derived from this software without
23 * specific prior written permission.
25 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
28 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
29 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
31 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
32 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
47 #include "util/configyyrename.h"
48 #include "util/config_file.h"
49 #include "util/net_help.h"
52 void ub_c_error(const char *message);
54 static void validate_respip_action(const char* action);
56 /* these need to be global, otherwise they cannot be used inside yacc */
57 extern struct config_parser_state* cfg_parser;
60 #define OUTYY(s) printf s /* used ONLY when debugging */
70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
71 %token <str> STRING_ARG
72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
73 %token VAR_OUTGOING_RANGE VAR_INTERFACE
74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT
76 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT
77 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE
78 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD
79 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP
80 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS
81 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME
82 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY
83 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES
84 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR
85 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION
86 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF
87 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE
88 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE
89 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE
90 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE
91 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG
92 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST
93 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL
94 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC
95 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID
96 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT
97 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR
98 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS
99 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
100 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
101 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
102 %token VAR_CONTROL_USE_CERT
103 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
104 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
105 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
106 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL
107 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN
108 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
109 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
110 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS
111 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
112 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
113 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE
114 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
115 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
116 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
117 %token VAR_INFRA_CACHE_MIN_RTT
118 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA
119 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
120 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION
121 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION
122 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES
123 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES
124 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES
125 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
126 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
127 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
128 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
129 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
130 %token VAR_DISABLE_DNSSEC_LAME_CHECK
131 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
132 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
133 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
134 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
135 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE
136 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE
137 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6
138 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6
139 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6
140 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
141 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
142 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
143 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION
144 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
145 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL
146 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_FAKE_DSA VAR_FAKE_SHA1
147 %token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING
148 %token VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY
149 %token VAR_ROOT_KEY_SENTINEL
150 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER
151 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT
152 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED
153 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE
154 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS
155 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE
156 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS
157 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
158 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
159 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED
160 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT
161 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM
162 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM
163 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL
164 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM
165 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT
166 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY
167 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY
168 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES
169 %token VAR_TLS_SESSION_TICKET_KEYS
170 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6
173 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
174 toplevelvar: serverstart contents_server | stubstart contents_stub |
175 forwardstart contents_forward | pythonstart contents_py |
176 rcstart contents_rc | dtstart contents_dt | viewstart contents_view |
177 dnscstart contents_dnsc | cachedbstart contents_cachedb |
178 ipsetstart contents_ipset | authstart contents_auth
181 /* server: declaration */
182 serverstart: VAR_SERVER
184 OUTYY(("\nP(server:)\n"));
187 contents_server: contents_server content_server
189 content_server: server_num_threads | server_verbosity | server_port |
190 server_outgoing_range | server_do_ip4 |
191 server_do_ip6 | server_prefer_ip6 |
192 server_do_udp | server_do_tcp |
193 server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout |
194 server_tcp_keepalive | server_tcp_keepalive_timeout |
195 server_interface | server_chroot | server_username |
196 server_directory | server_logfile | server_pidfile |
197 server_msg_cache_size | server_msg_cache_slabs |
198 server_num_queries_per_thread | server_rrset_cache_size |
199 server_rrset_cache_slabs | server_outgoing_num_tcp |
200 server_infra_host_ttl | server_infra_lame_ttl |
201 server_infra_cache_slabs | server_infra_cache_numhosts |
202 server_infra_cache_lame_size | server_target_fetch_policy |
203 server_harden_short_bufsize | server_harden_large_queries |
204 server_do_not_query_address | server_hide_identity |
205 server_hide_version | server_identity | server_version |
206 server_harden_glue | server_module_conf | server_trust_anchor_file |
207 server_trust_anchor | server_val_override_date | server_bogus_ttl |
208 server_val_clean_additional | server_val_permissive_mode |
209 server_incoming_num_tcp | server_msg_buffer_size |
210 server_key_cache_size | server_key_cache_slabs |
211 server_trusted_keys_file | server_val_nsec3_keysize_iterations |
212 server_use_syslog | server_outgoing_interface | server_root_hints |
213 server_do_not_query_localhost | server_cache_max_ttl |
214 server_harden_dnssec_stripped | server_access_control |
215 server_local_zone | server_local_data | server_interface_automatic |
216 server_statistics_interval | server_do_daemonize |
217 server_use_caps_for_id | server_statistics_cumulative |
218 server_outgoing_port_permit | server_outgoing_port_avoid |
219 server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size |
220 server_harden_referral_path | server_private_address |
221 server_private_domain | server_extended_statistics |
222 server_local_data_ptr | server_jostle_timeout |
223 server_unwanted_reply_threshold | server_log_time_ascii |
224 server_domain_insecure | server_val_sig_skew_min |
225 server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level |
226 server_auto_trust_anchor_file | server_add_holddown |
227 server_del_holddown | server_keep_missing | server_so_rcvbuf |
228 server_edns_buffer_size | server_prefetch | server_prefetch_key |
229 server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
230 server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
231 server_log_local_actions |
232 server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
233 server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
234 server_so_reuseport | server_delay_close |
235 server_unblock_lan_zones | server_insecure_lan_zones |
236 server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa |
237 server_infra_cache_min_rtt | server_harden_algo_downgrade |
238 server_ip_transparent | server_ip_ratelimit | server_ratelimit |
239 server_ip_ratelimit_slabs | server_ratelimit_slabs |
240 server_ip_ratelimit_size | server_ratelimit_size |
241 server_ratelimit_for_domain |
242 server_ratelimit_below_domain | server_ratelimit_factor |
243 server_ip_ratelimit_factor | server_send_client_subnet |
244 server_client_subnet_zone | server_client_subnet_always_forward |
245 server_client_subnet_opcode |
246 server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 |
247 server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 |
248 server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 |
249 server_caps_whitelist | server_cache_max_negative_ttl |
250 server_permit_small_holddown | server_qname_minimisation |
251 server_ip_freebind | server_define_tag | server_local_zone_tag |
252 server_disable_dnssec_lame_check | server_access_control_tag |
253 server_local_zone_override | server_access_control_tag_action |
254 server_access_control_tag_data | server_access_control_view |
255 server_qname_minimisation_strict | server_serve_expired |
256 server_serve_expired_ttl | server_serve_expired_ttl_reset |
257 server_fake_dsa | server_log_identity | server_use_systemd |
258 server_response_ip_tag | server_response_ip | server_response_ip_data |
259 server_shm_enable | server_shm_key | server_fake_sha1 |
260 server_hide_trustanchor | server_trust_anchor_signaling |
261 server_root_key_sentinel |
262 server_ipsecmod_enabled | server_ipsecmod_hook |
263 server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
264 server_ipsecmod_whitelist | server_ipsecmod_strict |
265 server_udp_upstream_without_downstream | server_aggressive_nsec |
266 server_tls_cert_bundle | server_tls_additional_port | server_low_rtt |
267 server_fast_server_permil | server_fast_server_num | server_tls_win_cert |
268 server_tcp_connection_limit | server_log_servfail | server_deny_any |
269 server_unknown_server_time_limit | server_log_tag_queryreply |
270 server_stream_wait_size | server_tls_ciphers |
271 server_tls_ciphersuites | server_tls_session_ticket_keys
273 stubstart: VAR_STUB_ZONE
275 struct config_stub* s;
276 OUTYY(("\nP(stub_zone:)\n"));
277 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
279 s->next = cfg_parser->cfg->stubs;
280 cfg_parser->cfg->stubs = s;
282 yyerror("out of memory");
285 contents_stub: contents_stub content_stub
287 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first |
288 stub_no_cache | stub_ssl_upstream
290 forwardstart: VAR_FORWARD_ZONE
292 struct config_stub* s;
293 OUTYY(("\nP(forward_zone:)\n"));
294 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
296 s->next = cfg_parser->cfg->forwards;
297 cfg_parser->cfg->forwards = s;
299 yyerror("out of memory");
302 contents_forward: contents_forward content_forward
304 content_forward: forward_name | forward_host | forward_addr | forward_first |
305 forward_no_cache | forward_ssl_upstream
309 struct config_view* s;
310 OUTYY(("\nP(view:)\n"));
311 s = (struct config_view*)calloc(1, sizeof(struct config_view));
313 s->next = cfg_parser->cfg->views;
314 if(s->next && !s->next->name)
315 yyerror("view without name");
316 cfg_parser->cfg->views = s;
318 yyerror("out of memory");
321 contents_view: contents_view content_view
323 content_view: view_name | view_local_zone | view_local_data | view_first |
324 view_response_ip | view_response_ip_data | view_local_data_ptr
326 authstart: VAR_AUTH_ZONE
328 struct config_auth* s;
329 OUTYY(("\nP(auth_zone:)\n"));
330 s = (struct config_auth*)calloc(1, sizeof(struct config_auth));
332 s->next = cfg_parser->cfg->auths;
333 cfg_parser->cfg->auths = s;
334 /* defaults for auth zone */
335 s->for_downstream = 1;
337 s->fallback_enabled = 0;
339 yyerror("out of memory");
342 contents_auth: contents_auth content_auth
344 content_auth: auth_name | auth_zonefile | auth_master | auth_url |
345 auth_for_downstream | auth_for_upstream | auth_fallback_enabled |
348 server_num_threads: VAR_NUM_THREADS STRING_ARG
350 OUTYY(("P(server_num_threads:%s)\n", $2));
351 if(atoi($2) == 0 && strcmp($2, "0") != 0)
352 yyerror("number expected");
353 else cfg_parser->cfg->num_threads = atoi($2);
357 server_verbosity: VAR_VERBOSITY STRING_ARG
359 OUTYY(("P(server_verbosity:%s)\n", $2));
360 if(atoi($2) == 0 && strcmp($2, "0") != 0)
361 yyerror("number expected");
362 else cfg_parser->cfg->verbosity = atoi($2);
366 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG
368 OUTYY(("P(server_statistics_interval:%s)\n", $2));
369 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
370 cfg_parser->cfg->stat_interval = 0;
371 else if(atoi($2) == 0)
372 yyerror("number expected");
373 else cfg_parser->cfg->stat_interval = atoi($2);
377 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG
379 OUTYY(("P(server_statistics_cumulative:%s)\n", $2));
380 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
381 yyerror("expected yes or no.");
382 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0);
386 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG
388 OUTYY(("P(server_extended_statistics:%s)\n", $2));
389 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
390 yyerror("expected yes or no.");
391 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0);
395 server_shm_enable: VAR_SHM_ENABLE STRING_ARG
397 OUTYY(("P(server_shm_enable:%s)\n", $2));
398 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
399 yyerror("expected yes or no.");
400 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0);
404 server_shm_key: VAR_SHM_KEY STRING_ARG
406 OUTYY(("P(server_shm_key:%s)\n", $2));
407 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
408 cfg_parser->cfg->shm_key = 0;
409 else if(atoi($2) == 0)
410 yyerror("number expected");
411 else cfg_parser->cfg->shm_key = atoi($2);
415 server_port: VAR_PORT STRING_ARG
417 OUTYY(("P(server_port:%s)\n", $2));
419 yyerror("port number expected");
420 else cfg_parser->cfg->port = atoi($2);
424 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG
427 OUTYY(("P(server_send_client_subnet:%s)\n", $2));
428 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2))
429 fatal_exit("out of memory adding client-subnet");
431 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
435 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG
438 OUTYY(("P(server_client_subnet_zone:%s)\n", $2));
439 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone,
441 fatal_exit("out of memory adding client-subnet-zone");
443 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
447 server_client_subnet_always_forward:
448 VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG
451 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2));
452 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
453 yyerror("expected yes or no.");
455 cfg_parser->cfg->client_subnet_always_forward =
456 (strcmp($2, "yes")==0);
458 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
463 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG
466 OUTYY(("P(client_subnet_opcode:%s)\n", $2));
467 OUTYY(("P(Deprecated option, ignoring)\n"));
469 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
474 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG
477 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2));
478 if(atoi($2) == 0 && strcmp($2, "0") != 0)
479 yyerror("IPv4 subnet length expected");
480 else if (atoi($2) > 32)
481 cfg_parser->cfg->max_client_subnet_ipv4 = 32;
482 else if (atoi($2) < 0)
483 cfg_parser->cfg->max_client_subnet_ipv4 = 0;
484 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2);
486 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
491 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG
494 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2));
495 if(atoi($2) == 0 && strcmp($2, "0") != 0)
496 yyerror("Ipv6 subnet length expected");
497 else if (atoi($2) > 128)
498 cfg_parser->cfg->max_client_subnet_ipv6 = 128;
499 else if (atoi($2) < 0)
500 cfg_parser->cfg->max_client_subnet_ipv6 = 0;
501 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2);
503 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
508 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG
511 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2));
512 if(atoi($2) == 0 && strcmp($2, "0") != 0)
513 yyerror("IPv4 subnet length expected");
514 else if (atoi($2) > 32)
515 cfg_parser->cfg->min_client_subnet_ipv4 = 32;
516 else if (atoi($2) < 0)
517 cfg_parser->cfg->min_client_subnet_ipv4 = 0;
518 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2);
520 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
525 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG
528 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2));
529 if(atoi($2) == 0 && strcmp($2, "0") != 0)
530 yyerror("Ipv6 subnet length expected");
531 else if (atoi($2) > 128)
532 cfg_parser->cfg->min_client_subnet_ipv6 = 128;
533 else if (atoi($2) < 0)
534 cfg_parser->cfg->min_client_subnet_ipv6 = 0;
535 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2);
537 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
542 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG
545 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2));
546 if(atoi($2) == 0 && strcmp($2, "0") != 0)
547 yyerror("IPv4 ECS tree size expected");
548 else if (atoi($2) < 0)
549 cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0;
550 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2);
552 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
557 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG
560 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2));
561 if(atoi($2) == 0 && strcmp($2, "0") != 0)
562 yyerror("IPv6 ECS tree size expected");
563 else if (atoi($2) < 0)
564 cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0;
565 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2);
567 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
572 server_interface: VAR_INTERFACE STRING_ARG
574 OUTYY(("P(server_interface:%s)\n", $2));
575 if(cfg_parser->cfg->num_ifs == 0)
576 cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
577 else cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
578 (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
579 if(!cfg_parser->cfg->ifs)
580 yyerror("out of memory");
582 cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
585 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
587 OUTYY(("P(server_outgoing_interface:%s)\n", $2));
588 if(cfg_parser->cfg->num_out_ifs == 0)
589 cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*));
590 else cfg_parser->cfg->out_ifs = realloc(
591 cfg_parser->cfg->out_ifs,
592 (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*));
593 if(!cfg_parser->cfg->out_ifs)
594 yyerror("out of memory");
596 cfg_parser->cfg->out_ifs[
597 cfg_parser->cfg->num_out_ifs++] = $2;
600 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG
602 OUTYY(("P(server_outgoing_range:%s)\n", $2));
604 yyerror("number expected");
605 else cfg_parser->cfg->outgoing_num_ports = atoi($2);
609 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG
611 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2));
612 if(!cfg_mark_ports($2, 1,
613 cfg_parser->cfg->outgoing_avail_ports, 65536))
614 yyerror("port number or range (\"low-high\") expected");
618 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG
620 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2));
621 if(!cfg_mark_ports($2, 0,
622 cfg_parser->cfg->outgoing_avail_ports, 65536))
623 yyerror("port number or range (\"low-high\") expected");
627 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG
629 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2));
630 if(atoi($2) == 0 && strcmp($2, "0") != 0)
631 yyerror("number expected");
632 else cfg_parser->cfg->outgoing_num_tcp = atoi($2);
636 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG
638 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2));
639 if(atoi($2) == 0 && strcmp($2, "0") != 0)
640 yyerror("number expected");
641 else cfg_parser->cfg->incoming_num_tcp = atoi($2);
645 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG
647 OUTYY(("P(server_interface_automatic:%s)\n", $2));
648 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
649 yyerror("expected yes or no.");
650 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0);
654 server_do_ip4: VAR_DO_IP4 STRING_ARG
656 OUTYY(("P(server_do_ip4:%s)\n", $2));
657 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
658 yyerror("expected yes or no.");
659 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0);
663 server_do_ip6: VAR_DO_IP6 STRING_ARG
665 OUTYY(("P(server_do_ip6:%s)\n", $2));
666 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
667 yyerror("expected yes or no.");
668 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0);
672 server_do_udp: VAR_DO_UDP STRING_ARG
674 OUTYY(("P(server_do_udp:%s)\n", $2));
675 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
676 yyerror("expected yes or no.");
677 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0);
681 server_do_tcp: VAR_DO_TCP STRING_ARG
683 OUTYY(("P(server_do_tcp:%s)\n", $2));
684 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
685 yyerror("expected yes or no.");
686 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0);
690 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG
692 OUTYY(("P(server_prefer_ip6:%s)\n", $2));
693 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
694 yyerror("expected yes or no.");
695 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0);
699 server_tcp_mss: VAR_TCP_MSS STRING_ARG
701 OUTYY(("P(server_tcp_mss:%s)\n", $2));
702 if(atoi($2) == 0 && strcmp($2, "0") != 0)
703 yyerror("number expected");
704 else cfg_parser->cfg->tcp_mss = atoi($2);
708 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG
710 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2));
711 if(atoi($2) == 0 && strcmp($2, "0") != 0)
712 yyerror("number expected");
713 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2);
717 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG
719 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2));
720 if(atoi($2) == 0 && strcmp($2, "0") != 0)
721 yyerror("number expected");
722 else if (atoi($2) > 120000)
723 cfg_parser->cfg->tcp_idle_timeout = 120000;
724 else if (atoi($2) < 1)
725 cfg_parser->cfg->tcp_idle_timeout = 1;
726 else cfg_parser->cfg->tcp_idle_timeout = atoi($2);
730 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG
732 OUTYY(("P(server_tcp_keepalive:%s)\n", $2));
733 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
734 yyerror("expected yes or no.");
735 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0);
739 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG
741 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2));
742 if(atoi($2) == 0 && strcmp($2, "0") != 0)
743 yyerror("number expected");
744 else if (atoi($2) > 6553500)
745 cfg_parser->cfg->tcp_keepalive_timeout = 6553500;
746 else if (atoi($2) < 1)
747 cfg_parser->cfg->tcp_keepalive_timeout = 0;
748 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2);
752 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
754 OUTYY(("P(server_tcp_upstream:%s)\n", $2));
755 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
756 yyerror("expected yes or no.");
757 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0);
761 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG
763 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2));
764 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
765 yyerror("expected yes or no.");
766 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0);
770 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
772 OUTYY(("P(server_ssl_upstream:%s)\n", $2));
773 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
774 yyerror("expected yes or no.");
775 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0);
779 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG
781 OUTYY(("P(server_ssl_service_key:%s)\n", $2));
782 free(cfg_parser->cfg->ssl_service_key);
783 cfg_parser->cfg->ssl_service_key = $2;
786 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG
788 OUTYY(("P(server_ssl_service_pem:%s)\n", $2));
789 free(cfg_parser->cfg->ssl_service_pem);
790 cfg_parser->cfg->ssl_service_pem = $2;
793 server_ssl_port: VAR_SSL_PORT STRING_ARG
795 OUTYY(("P(server_ssl_port:%s)\n", $2));
797 yyerror("port number expected");
798 else cfg_parser->cfg->ssl_port = atoi($2);
802 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG
804 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2));
805 free(cfg_parser->cfg->tls_cert_bundle);
806 cfg_parser->cfg->tls_cert_bundle = $2;
809 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG
811 OUTYY(("P(server_tls_win_cert:%s)\n", $2));
812 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
813 yyerror("expected yes or no.");
814 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0);
818 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG
820 OUTYY(("P(server_tls_additional_port:%s)\n", $2));
821 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port,
823 yyerror("out of memory");
826 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG
828 OUTYY(("P(server_tls_ciphers:%s)\n", $2));
829 free(cfg_parser->cfg->tls_ciphers);
830 cfg_parser->cfg->tls_ciphers = $2;
833 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG
835 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2));
836 free(cfg_parser->cfg->tls_ciphersuites);
837 cfg_parser->cfg->tls_ciphersuites = $2;
840 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG
842 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2));
843 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys,
845 yyerror("out of memory");
848 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
850 OUTYY(("P(server_use_systemd:%s)\n", $2));
851 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
852 yyerror("expected yes or no.");
853 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
857 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
859 OUTYY(("P(server_do_daemonize:%s)\n", $2));
860 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
861 yyerror("expected yes or no.");
862 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0);
866 server_use_syslog: VAR_USE_SYSLOG STRING_ARG
868 OUTYY(("P(server_use_syslog:%s)\n", $2));
869 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
870 yyerror("expected yes or no.");
871 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0);
872 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS)
873 if(strcmp($2, "yes") == 0)
874 yyerror("no syslog services are available. "
875 "(reconfigure and compile to add)");
880 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG
882 OUTYY(("P(server_log_time_ascii:%s)\n", $2));
883 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
884 yyerror("expected yes or no.");
885 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0);
889 server_log_queries: VAR_LOG_QUERIES STRING_ARG
891 OUTYY(("P(server_log_queries:%s)\n", $2));
892 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
893 yyerror("expected yes or no.");
894 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0);
898 server_log_replies: VAR_LOG_REPLIES STRING_ARG
900 OUTYY(("P(server_log_replies:%s)\n", $2));
901 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
902 yyerror("expected yes or no.");
903 else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
907 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG
909 OUTYY(("P(server_log_tag_queryreply:%s)\n", $2));
910 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
911 yyerror("expected yes or no.");
912 else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0);
916 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG
918 OUTYY(("P(server_log_servfail:%s)\n", $2));
919 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
920 yyerror("expected yes or no.");
921 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0);
925 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG
927 OUTYY(("P(server_log_local_actions:%s)\n", $2));
928 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
929 yyerror("expected yes or no.");
930 else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0);
934 server_chroot: VAR_CHROOT STRING_ARG
936 OUTYY(("P(server_chroot:%s)\n", $2));
937 free(cfg_parser->cfg->chrootdir);
938 cfg_parser->cfg->chrootdir = $2;
941 server_username: VAR_USERNAME STRING_ARG
943 OUTYY(("P(server_username:%s)\n", $2));
944 free(cfg_parser->cfg->username);
945 cfg_parser->cfg->username = $2;
948 server_directory: VAR_DIRECTORY STRING_ARG
950 OUTYY(("P(server_directory:%s)\n", $2));
951 free(cfg_parser->cfg->directory);
952 cfg_parser->cfg->directory = $2;
953 /* change there right away for includes relative to this */
957 w_config_adjust_directory(cfg_parser->cfg);
959 d = cfg_parser->cfg->directory;
960 /* adjust directory if we have already chroot,
961 * like, we reread after sighup */
962 if(cfg_parser->chroot && cfg_parser->chroot[0] &&
963 strncmp(d, cfg_parser->chroot, strlen(
964 cfg_parser->chroot)) == 0)
965 d += strlen(cfg_parser->chroot);
968 log_err("cannot chdir to directory: %s (%s)",
974 server_logfile: VAR_LOGFILE STRING_ARG
976 OUTYY(("P(server_logfile:%s)\n", $2));
977 free(cfg_parser->cfg->logfile);
978 cfg_parser->cfg->logfile = $2;
979 cfg_parser->cfg->use_syslog = 0;
982 server_pidfile: VAR_PIDFILE STRING_ARG
984 OUTYY(("P(server_pidfile:%s)\n", $2));
985 free(cfg_parser->cfg->pidfile);
986 cfg_parser->cfg->pidfile = $2;
989 server_root_hints: VAR_ROOT_HINTS STRING_ARG
991 OUTYY(("P(server_root_hints:%s)\n", $2));
992 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2))
993 yyerror("out of memory");
996 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG
998 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2));
999 free(cfg_parser->cfg->dlv_anchor_file);
1000 cfg_parser->cfg->dlv_anchor_file = $2;
1003 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG
1005 OUTYY(("P(server_dlv_anchor:%s)\n", $2));
1006 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2))
1007 yyerror("out of memory");
1010 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG
1012 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2));
1013 if(!cfg_strlist_insert(&cfg_parser->cfg->
1014 auto_trust_anchor_file_list, $2))
1015 yyerror("out of memory");
1018 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG
1020 OUTYY(("P(server_trust_anchor_file:%s)\n", $2));
1021 if(!cfg_strlist_insert(&cfg_parser->cfg->
1022 trust_anchor_file_list, $2))
1023 yyerror("out of memory");
1026 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG
1028 OUTYY(("P(server_trusted_keys_file:%s)\n", $2));
1029 if(!cfg_strlist_insert(&cfg_parser->cfg->
1030 trusted_keys_file_list, $2))
1031 yyerror("out of memory");
1034 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG
1036 OUTYY(("P(server_trust_anchor:%s)\n", $2));
1037 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2))
1038 yyerror("out of memory");
1041 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG
1043 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2));
1044 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1045 yyerror("expected yes or no.");
1047 cfg_parser->cfg->trust_anchor_signaling =
1048 (strcmp($2, "yes")==0);
1052 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG
1054 OUTYY(("P(server_root_key_sentinel:%s)\n", $2));
1055 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1056 yyerror("expected yes or no.");
1058 cfg_parser->cfg->root_key_sentinel =
1059 (strcmp($2, "yes")==0);
1063 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG
1065 OUTYY(("P(server_domain_insecure:%s)\n", $2));
1066 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2))
1067 yyerror("out of memory");
1070 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG
1072 OUTYY(("P(server_hide_identity:%s)\n", $2));
1073 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1074 yyerror("expected yes or no.");
1075 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0);
1079 server_hide_version: VAR_HIDE_VERSION STRING_ARG
1081 OUTYY(("P(server_hide_version:%s)\n", $2));
1082 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1083 yyerror("expected yes or no.");
1084 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0);
1088 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG
1090 OUTYY(("P(server_hide_trustanchor:%s)\n", $2));
1091 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1092 yyerror("expected yes or no.");
1093 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0);
1097 server_identity: VAR_IDENTITY STRING_ARG
1099 OUTYY(("P(server_identity:%s)\n", $2));
1100 free(cfg_parser->cfg->identity);
1101 cfg_parser->cfg->identity = $2;
1104 server_version: VAR_VERSION STRING_ARG
1106 OUTYY(("P(server_version:%s)\n", $2));
1107 free(cfg_parser->cfg->version);
1108 cfg_parser->cfg->version = $2;
1111 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG
1113 OUTYY(("P(server_so_rcvbuf:%s)\n", $2));
1114 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf))
1115 yyerror("buffer size expected");
1119 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG
1121 OUTYY(("P(server_so_sndbuf:%s)\n", $2));
1122 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf))
1123 yyerror("buffer size expected");
1127 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG
1129 OUTYY(("P(server_so_reuseport:%s)\n", $2));
1130 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1131 yyerror("expected yes or no.");
1132 else cfg_parser->cfg->so_reuseport =
1133 (strcmp($2, "yes")==0);
1137 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG
1139 OUTYY(("P(server_ip_transparent:%s)\n", $2));
1140 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1141 yyerror("expected yes or no.");
1142 else cfg_parser->cfg->ip_transparent =
1143 (strcmp($2, "yes")==0);
1147 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG
1149 OUTYY(("P(server_ip_freebind:%s)\n", $2));
1150 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1151 yyerror("expected yes or no.");
1152 else cfg_parser->cfg->ip_freebind =
1153 (strcmp($2, "yes")==0);
1157 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG
1159 OUTYY(("P(server_stream_wait_size:%s)\n", $2));
1160 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size))
1161 yyerror("memory size expected");
1165 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG
1167 OUTYY(("P(server_edns_buffer_size:%s)\n", $2));
1169 yyerror("number expected");
1170 else if (atoi($2) < 12)
1171 yyerror("edns buffer size too small");
1172 else if (atoi($2) > 65535)
1173 cfg_parser->cfg->edns_buffer_size = 65535;
1174 else cfg_parser->cfg->edns_buffer_size = atoi($2);
1178 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG
1180 OUTYY(("P(server_msg_buffer_size:%s)\n", $2));
1182 yyerror("number expected");
1183 else if (atoi($2) < 4096)
1184 yyerror("message buffer size too small (use 4096)");
1185 else cfg_parser->cfg->msg_buffer_size = atoi($2);
1189 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG
1191 OUTYY(("P(server_msg_cache_size:%s)\n", $2));
1192 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size))
1193 yyerror("memory size expected");
1197 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG
1199 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2));
1201 yyerror("number expected");
1203 cfg_parser->cfg->msg_cache_slabs = atoi($2);
1204 if(!is_pow2(cfg_parser->cfg->msg_cache_slabs))
1205 yyerror("must be a power of 2");
1210 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG
1212 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2));
1214 yyerror("number expected");
1215 else cfg_parser->cfg->num_queries_per_thread = atoi($2);
1219 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG
1221 OUTYY(("P(server_jostle_timeout:%s)\n", $2));
1222 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1223 yyerror("number expected");
1224 else cfg_parser->cfg->jostle_time = atoi($2);
1228 server_delay_close: VAR_DELAY_CLOSE STRING_ARG
1230 OUTYY(("P(server_delay_close:%s)\n", $2));
1231 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1232 yyerror("number expected");
1233 else cfg_parser->cfg->delay_close = atoi($2);
1237 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
1239 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2));
1240 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1241 yyerror("expected yes or no.");
1242 else cfg_parser->cfg->unblock_lan_zones =
1243 (strcmp($2, "yes")==0);
1247 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
1249 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
1250 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1251 yyerror("expected yes or no.");
1252 else cfg_parser->cfg->insecure_lan_zones =
1253 (strcmp($2, "yes")==0);
1257 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
1259 OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
1260 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size))
1261 yyerror("memory size expected");
1265 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG
1267 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2));
1269 yyerror("number expected");
1271 cfg_parser->cfg->rrset_cache_slabs = atoi($2);
1272 if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs))
1273 yyerror("must be a power of 2");
1278 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG
1280 OUTYY(("P(server_infra_host_ttl:%s)\n", $2));
1281 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1282 yyerror("number expected");
1283 else cfg_parser->cfg->host_ttl = atoi($2);
1287 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG
1289 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2));
1290 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option "
1291 "removed, use infra-host-ttl)", $2);
1295 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG
1297 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2));
1299 yyerror("number expected");
1300 else cfg_parser->cfg->infra_cache_numhosts = atoi($2);
1304 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG
1306 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2));
1307 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s "
1308 "(option removed, use infra-cache-numhosts)", $2);
1312 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG
1314 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2));
1316 yyerror("number expected");
1318 cfg_parser->cfg->infra_cache_slabs = atoi($2);
1319 if(!is_pow2(cfg_parser->cfg->infra_cache_slabs))
1320 yyerror("must be a power of 2");
1325 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG
1327 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2));
1328 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1329 yyerror("number expected");
1330 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2);
1334 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG
1336 OUTYY(("P(server_target_fetch_policy:%s)\n", $2));
1337 free(cfg_parser->cfg->target_fetch_policy);
1338 cfg_parser->cfg->target_fetch_policy = $2;
1341 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG
1343 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2));
1344 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1345 yyerror("expected yes or no.");
1346 else cfg_parser->cfg->harden_short_bufsize =
1347 (strcmp($2, "yes")==0);
1351 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG
1353 OUTYY(("P(server_harden_large_queries:%s)\n", $2));
1354 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1355 yyerror("expected yes or no.");
1356 else cfg_parser->cfg->harden_large_queries =
1357 (strcmp($2, "yes")==0);
1361 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG
1363 OUTYY(("P(server_harden_glue:%s)\n", $2));
1364 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1365 yyerror("expected yes or no.");
1366 else cfg_parser->cfg->harden_glue =
1367 (strcmp($2, "yes")==0);
1371 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG
1373 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2));
1374 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1375 yyerror("expected yes or no.");
1376 else cfg_parser->cfg->harden_dnssec_stripped =
1377 (strcmp($2, "yes")==0);
1381 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG
1383 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2));
1384 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1385 yyerror("expected yes or no.");
1386 else cfg_parser->cfg->harden_below_nxdomain =
1387 (strcmp($2, "yes")==0);
1391 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG
1393 OUTYY(("P(server_harden_referral_path:%s)\n", $2));
1394 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1395 yyerror("expected yes or no.");
1396 else cfg_parser->cfg->harden_referral_path =
1397 (strcmp($2, "yes")==0);
1401 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG
1403 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2));
1404 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1405 yyerror("expected yes or no.");
1406 else cfg_parser->cfg->harden_algo_downgrade =
1407 (strcmp($2, "yes")==0);
1411 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG
1413 OUTYY(("P(server_use_caps_for_id:%s)\n", $2));
1414 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1415 yyerror("expected yes or no.");
1416 else cfg_parser->cfg->use_caps_bits_for_id =
1417 (strcmp($2, "yes")==0);
1421 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG
1423 OUTYY(("P(server_caps_whitelist:%s)\n", $2));
1424 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2))
1425 yyerror("out of memory");
1428 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG
1430 OUTYY(("P(server_private_address:%s)\n", $2));
1431 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2))
1432 yyerror("out of memory");
1435 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG
1437 OUTYY(("P(server_private_domain:%s)\n", $2));
1438 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2))
1439 yyerror("out of memory");
1442 server_prefetch: VAR_PREFETCH STRING_ARG
1444 OUTYY(("P(server_prefetch:%s)\n", $2));
1445 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1446 yyerror("expected yes or no.");
1447 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0);
1451 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG
1453 OUTYY(("P(server_prefetch_key:%s)\n", $2));
1454 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1455 yyerror("expected yes or no.");
1456 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0);
1460 server_deny_any: VAR_DENY_ANY STRING_ARG
1462 OUTYY(("P(server_deny_any:%s)\n", $2));
1463 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1464 yyerror("expected yes or no.");
1465 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0);
1469 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG
1471 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2));
1472 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1473 yyerror("number expected");
1474 else cfg_parser->cfg->unwanted_threshold = atoi($2);
1478 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG
1480 OUTYY(("P(server_do_not_query_address:%s)\n", $2));
1481 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2))
1482 yyerror("out of memory");
1485 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG
1487 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2));
1488 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1489 yyerror("expected yes or no.");
1490 else cfg_parser->cfg->donotquery_localhost =
1491 (strcmp($2, "yes")==0);
1495 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG
1497 OUTYY(("P(server_access_control:%s %s)\n", $2, $3));
1498 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 &&
1499 strcmp($3, "deny_non_local")!=0 &&
1500 strcmp($3, "refuse_non_local")!=0 &&
1501 strcmp($3, "allow_setrd")!=0 &&
1502 strcmp($3, "allow")!=0 &&
1503 strcmp($3, "allow_snoop")!=0) {
1504 yyerror("expected deny, refuse, deny_non_local, "
1505 "refuse_non_local, allow, allow_setrd or "
1506 "allow_snoop in access control action");
1510 if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3))
1511 fatal_exit("out of memory adding acl");
1515 server_module_conf: VAR_MODULE_CONF STRING_ARG
1517 OUTYY(("P(server_module_conf:%s)\n", $2));
1518 free(cfg_parser->cfg->module_conf);
1519 cfg_parser->cfg->module_conf = $2;
1522 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG
1524 OUTYY(("P(server_val_override_date:%s)\n", $2));
1525 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1526 cfg_parser->cfg->val_date_override = 0;
1527 } else if(strlen($2) == 14) {
1528 cfg_parser->cfg->val_date_override =
1529 cfg_convert_timeval($2);
1530 if(!cfg_parser->cfg->val_date_override)
1531 yyerror("bad date/time specification");
1534 yyerror("number expected");
1535 cfg_parser->cfg->val_date_override = atoi($2);
1540 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG
1542 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2));
1543 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1544 cfg_parser->cfg->val_sig_skew_min = 0;
1546 cfg_parser->cfg->val_sig_skew_min = atoi($2);
1547 if(!cfg_parser->cfg->val_sig_skew_min)
1548 yyerror("number expected");
1553 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG
1555 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2));
1556 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1557 cfg_parser->cfg->val_sig_skew_max = 0;
1559 cfg_parser->cfg->val_sig_skew_max = atoi($2);
1560 if(!cfg_parser->cfg->val_sig_skew_max)
1561 yyerror("number expected");
1566 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG
1568 OUTYY(("P(server_cache_max_ttl:%s)\n", $2));
1569 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1570 yyerror("number expected");
1571 else cfg_parser->cfg->max_ttl = atoi($2);
1575 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG
1577 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2));
1578 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1579 yyerror("number expected");
1580 else cfg_parser->cfg->max_negative_ttl = atoi($2);
1584 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG
1586 OUTYY(("P(server_cache_min_ttl:%s)\n", $2));
1587 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1588 yyerror("number expected");
1589 else cfg_parser->cfg->min_ttl = atoi($2);
1593 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG
1595 OUTYY(("P(server_bogus_ttl:%s)\n", $2));
1596 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1597 yyerror("number expected");
1598 else cfg_parser->cfg->bogus_ttl = atoi($2);
1602 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG
1604 OUTYY(("P(server_val_clean_additional:%s)\n", $2));
1605 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1606 yyerror("expected yes or no.");
1607 else cfg_parser->cfg->val_clean_additional =
1608 (strcmp($2, "yes")==0);
1612 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG
1614 OUTYY(("P(server_val_permissive_mode:%s)\n", $2));
1615 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1616 yyerror("expected yes or no.");
1617 else cfg_parser->cfg->val_permissive_mode =
1618 (strcmp($2, "yes")==0);
1622 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG
1624 OUTYY(("P(server_aggressive_nsec:%s)\n", $2));
1625 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1626 yyerror("expected yes or no.");
1628 cfg_parser->cfg->aggressive_nsec =
1629 (strcmp($2, "yes")==0);
1633 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG
1635 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2));
1636 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1637 yyerror("expected yes or no.");
1638 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0);
1642 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG
1644 OUTYY(("P(server_serve_expired:%s)\n", $2));
1645 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1646 yyerror("expected yes or no.");
1647 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0);
1651 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG
1653 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2));
1654 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1655 yyerror("number expected");
1656 else cfg_parser->cfg->serve_expired_ttl = atoi($2);
1660 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG
1662 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2));
1663 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1664 yyerror("expected yes or no.");
1665 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0);
1669 server_fake_dsa: VAR_FAKE_DSA STRING_ARG
1671 OUTYY(("P(server_fake_dsa:%s)\n", $2));
1672 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1673 yyerror("expected yes or no.");
1675 else fake_dsa = (strcmp($2, "yes")==0);
1677 log_warn("test option fake_dsa is enabled");
1682 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
1684 OUTYY(("P(server_fake_sha1:%s)\n", $2));
1685 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1686 yyerror("expected yes or no.");
1688 else fake_sha1 = (strcmp($2, "yes")==0);
1690 log_warn("test option fake_sha1 is enabled");
1695 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG
1697 OUTYY(("P(server_val_log_level:%s)\n", $2));
1698 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1699 yyerror("number expected");
1700 else cfg_parser->cfg->val_log_level = atoi($2);
1704 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG
1706 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2));
1707 free(cfg_parser->cfg->val_nsec3_key_iterations);
1708 cfg_parser->cfg->val_nsec3_key_iterations = $2;
1711 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG
1713 OUTYY(("P(server_add_holddown:%s)\n", $2));
1714 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1715 yyerror("number expected");
1716 else cfg_parser->cfg->add_holddown = atoi($2);
1720 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG
1722 OUTYY(("P(server_del_holddown:%s)\n", $2));
1723 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1724 yyerror("number expected");
1725 else cfg_parser->cfg->del_holddown = atoi($2);
1729 server_keep_missing: VAR_KEEP_MISSING STRING_ARG
1731 OUTYY(("P(server_keep_missing:%s)\n", $2));
1732 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1733 yyerror("number expected");
1734 else cfg_parser->cfg->keep_missing = atoi($2);
1738 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG
1740 OUTYY(("P(server_permit_small_holddown:%s)\n", $2));
1741 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1742 yyerror("expected yes or no.");
1743 else cfg_parser->cfg->permit_small_holddown =
1744 (strcmp($2, "yes")==0);
1747 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG
1749 OUTYY(("P(server_key_cache_size:%s)\n", $2));
1750 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size))
1751 yyerror("memory size expected");
1755 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG
1757 OUTYY(("P(server_key_cache_slabs:%s)\n", $2));
1759 yyerror("number expected");
1761 cfg_parser->cfg->key_cache_slabs = atoi($2);
1762 if(!is_pow2(cfg_parser->cfg->key_cache_slabs))
1763 yyerror("must be a power of 2");
1768 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG
1770 OUTYY(("P(server_neg_cache_size:%s)\n", $2));
1771 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size))
1772 yyerror("memory size expected");
1776 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1778 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3));
1779 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1780 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1781 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
1782 && strcmp($3, "typetransparent")!=0
1783 && strcmp($3, "always_transparent")!=0
1784 && strcmp($3, "always_refuse")!=0
1785 && strcmp($3, "always_nxdomain")!=0
1786 && strcmp($3, "noview")!=0
1787 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0
1788 && strcmp($3, "inform_redirect") != 0
1789 && strcmp($3, "ipset") != 0) {
1790 yyerror("local-zone type: expected static, deny, "
1791 "refuse, redirect, transparent, "
1792 "typetransparent, inform, inform_deny, "
1793 "inform_redirect, always_transparent, "
1794 "always_refuse, always_nxdomain, noview "
1795 ", nodefault or ipset");
1798 } else if(strcmp($3, "nodefault")==0) {
1799 if(!cfg_strlist_insert(&cfg_parser->cfg->
1800 local_zones_nodefault, $2))
1801 fatal_exit("out of memory adding local-zone");
1804 } else if(strcmp($3, "ipset")==0) {
1805 if(!cfg_strlist_insert(&cfg_parser->cfg->
1806 local_zones_ipset, $2))
1807 fatal_exit("out of memory adding local-zone");
1811 if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones,
1813 fatal_exit("out of memory adding local-zone");
1817 server_local_data: VAR_LOCAL_DATA STRING_ARG
1819 OUTYY(("P(server_local_data:%s)\n", $2));
1820 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2))
1821 fatal_exit("out of memory adding local-data");
1824 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
1827 OUTYY(("P(server_local_data_ptr:%s)\n", $2));
1828 ptr = cfg_ptr_reverse($2);
1831 if(!cfg_strlist_insert(&cfg_parser->cfg->
1833 fatal_exit("out of memory adding local-data");
1835 yyerror("local-data-ptr could not be reversed");
1839 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG
1841 OUTYY(("P(server_minimal_responses:%s)\n", $2));
1842 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1843 yyerror("expected yes or no.");
1844 else cfg_parser->cfg->minimal_responses =
1845 (strcmp($2, "yes")==0);
1849 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
1851 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2));
1852 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1853 yyerror("expected yes or no.");
1854 else cfg_parser->cfg->rrset_roundrobin =
1855 (strcmp($2, "yes")==0);
1859 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG
1861 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2));
1862 cfg_parser->cfg->unknown_server_time_limit = atoi($2);
1866 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
1868 OUTYY(("P(server_max_udp_size:%s)\n", $2));
1869 cfg_parser->cfg->max_udp_size = atoi($2);
1873 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG
1875 OUTYY(("P(dns64_prefix:%s)\n", $2));
1876 free(cfg_parser->cfg->dns64_prefix);
1877 cfg_parser->cfg->dns64_prefix = $2;
1880 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG
1882 OUTYY(("P(server_dns64_synthall:%s)\n", $2));
1883 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1884 yyerror("expected yes or no.");
1885 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0);
1889 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG
1891 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2));
1892 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa,
1894 fatal_exit("out of memory adding dns64-ignore-aaaa");
1897 server_define_tag: VAR_DEFINE_TAG STRING_ARG
1900 OUTYY(("P(server_define_tag:%s)\n", $2));
1901 while((p=strsep(&s, " \t\n")) != NULL) {
1903 if(!config_add_tag(cfg_parser->cfg, p))
1904 yyerror("could not define-tag, "
1911 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG
1914 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1917 OUTYY(("P(server_local_zone_tag:%s)\n", $2));
1919 yyerror("could not parse tags, (define-tag them first)");
1923 if(!cfg_strbytelist_insert(
1924 &cfg_parser->cfg->local_zone_tags,
1925 $2, bitlist, len)) {
1926 yyerror("out of memory");
1932 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG
1935 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1938 OUTYY(("P(server_access_control_tag:%s)\n", $2));
1940 yyerror("could not parse tags, (define-tag them first)");
1944 if(!cfg_strbytelist_insert(
1945 &cfg_parser->cfg->acl_tags,
1946 $2, bitlist, len)) {
1947 yyerror("out of memory");
1953 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG
1955 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4));
1956 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions,
1958 yyerror("out of memory");
1965 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG
1967 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4));
1968 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas,
1970 yyerror("out of memory");
1977 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG
1979 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4));
1980 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides,
1982 yyerror("out of memory");
1989 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
1991 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3));
1992 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view,
1994 yyerror("out of memory");
1998 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG
2001 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
2004 OUTYY(("P(response_ip_tag:%s)\n", $2));
2006 yyerror("could not parse tags, (define-tag them first)");
2010 if(!cfg_strbytelist_insert(
2011 &cfg_parser->cfg->respip_tags,
2012 $2, bitlist, len)) {
2013 yyerror("out of memory");
2019 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG
2021 OUTYY(("P(server_ip_ratelimit:%s)\n", $2));
2022 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2023 yyerror("number expected");
2024 else cfg_parser->cfg->ip_ratelimit = atoi($2);
2029 server_ratelimit: VAR_RATELIMIT STRING_ARG
2031 OUTYY(("P(server_ratelimit:%s)\n", $2));
2032 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2033 yyerror("number expected");
2034 else cfg_parser->cfg->ratelimit = atoi($2);
2038 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
2040 OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
2041 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
2042 yyerror("memory size expected");
2046 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
2048 OUTYY(("P(server_ratelimit_size:%s)\n", $2));
2049 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size))
2050 yyerror("memory size expected");
2054 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
2056 OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
2058 yyerror("number expected");
2060 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
2061 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
2062 yyerror("must be a power of 2");
2067 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
2069 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
2071 yyerror("number expected");
2073 cfg_parser->cfg->ratelimit_slabs = atoi($2);
2074 if(!is_pow2(cfg_parser->cfg->ratelimit_slabs))
2075 yyerror("must be a power of 2");
2080 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG
2082 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3));
2083 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
2084 yyerror("number expected");
2088 if(!cfg_str2list_insert(&cfg_parser->cfg->
2089 ratelimit_for_domain, $2, $3))
2090 fatal_exit("out of memory adding "
2091 "ratelimit-for-domain");
2095 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
2097 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3));
2098 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
2099 yyerror("number expected");
2103 if(!cfg_str2list_insert(&cfg_parser->cfg->
2104 ratelimit_below_domain, $2, $3))
2105 fatal_exit("out of memory adding "
2106 "ratelimit-below-domain");
2110 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG
2112 OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2));
2113 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2114 yyerror("number expected");
2115 else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
2119 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG
2121 OUTYY(("P(server_ratelimit_factor:%s)\n", $2));
2122 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2123 yyerror("number expected");
2124 else cfg_parser->cfg->ratelimit_factor = atoi($2);
2128 server_low_rtt: VAR_LOW_RTT STRING_ARG
2130 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n"));
2134 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG
2136 OUTYY(("P(server_fast_server_num:%s)\n", $2));
2138 yyerror("number expected");
2139 else cfg_parser->cfg->fast_server_num = atoi($2);
2143 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG
2145 OUTYY(("P(server_fast_server_permil:%s)\n", $2));
2146 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2147 yyerror("number expected");
2148 else cfg_parser->cfg->fast_server_permil = atoi($2);
2152 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG
2154 OUTYY(("P(server_qname_minimisation:%s)\n", $2));
2155 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2156 yyerror("expected yes or no.");
2157 else cfg_parser->cfg->qname_minimisation =
2158 (strcmp($2, "yes")==0);
2162 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG
2164 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2));
2165 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2166 yyerror("expected yes or no.");
2167 else cfg_parser->cfg->qname_minimisation_strict =
2168 (strcmp($2, "yes")==0);
2172 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG
2175 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2));
2176 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2177 yyerror("expected yes or no.");
2178 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0);
2180 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2185 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG
2188 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2));
2189 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2190 yyerror("expected yes or no.");
2191 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0);
2193 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2198 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG
2201 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2));
2202 free(cfg_parser->cfg->ipsecmod_hook);
2203 cfg_parser->cfg->ipsecmod_hook = $2;
2205 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2210 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG
2213 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2));
2214 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2215 yyerror("number expected");
2216 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2);
2219 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2224 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG
2227 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2));
2228 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2))
2229 yyerror("out of memory");
2231 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2236 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG
2239 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2));
2240 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2241 yyerror("expected yes or no.");
2242 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0);
2245 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2250 stub_name: VAR_NAME STRING_ARG
2252 OUTYY(("P(name:%s)\n", $2));
2253 if(cfg_parser->cfg->stubs->name)
2254 yyerror("stub name override, there must be one name "
2255 "for one stub-zone");
2256 free(cfg_parser->cfg->stubs->name);
2257 cfg_parser->cfg->stubs->name = $2;
2260 stub_host: VAR_STUB_HOST STRING_ARG
2262 OUTYY(("P(stub-host:%s)\n", $2));
2263 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2))
2264 yyerror("out of memory");
2267 stub_addr: VAR_STUB_ADDR STRING_ARG
2269 OUTYY(("P(stub-addr:%s)\n", $2));
2270 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2))
2271 yyerror("out of memory");
2274 stub_first: VAR_STUB_FIRST STRING_ARG
2276 OUTYY(("P(stub-first:%s)\n", $2));
2277 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2278 yyerror("expected yes or no.");
2279 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0);
2283 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG
2285 OUTYY(("P(stub-no-cache:%s)\n", $2));
2286 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2287 yyerror("expected yes or no.");
2288 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0);
2292 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG
2294 OUTYY(("P(stub-ssl-upstream:%s)\n", $2));
2295 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2296 yyerror("expected yes or no.");
2297 else cfg_parser->cfg->stubs->ssl_upstream =
2298 (strcmp($2, "yes")==0);
2302 stub_prime: VAR_STUB_PRIME STRING_ARG
2304 OUTYY(("P(stub-prime:%s)\n", $2));
2305 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2306 yyerror("expected yes or no.");
2307 else cfg_parser->cfg->stubs->isprime =
2308 (strcmp($2, "yes")==0);
2312 forward_name: VAR_NAME STRING_ARG
2314 OUTYY(("P(name:%s)\n", $2));
2315 if(cfg_parser->cfg->forwards->name)
2316 yyerror("forward name override, there must be one "
2317 "name for one forward-zone");
2318 free(cfg_parser->cfg->forwards->name);
2319 cfg_parser->cfg->forwards->name = $2;
2322 forward_host: VAR_FORWARD_HOST STRING_ARG
2324 OUTYY(("P(forward-host:%s)\n", $2));
2325 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2))
2326 yyerror("out of memory");
2329 forward_addr: VAR_FORWARD_ADDR STRING_ARG
2331 OUTYY(("P(forward-addr:%s)\n", $2));
2332 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2))
2333 yyerror("out of memory");
2336 forward_first: VAR_FORWARD_FIRST STRING_ARG
2338 OUTYY(("P(forward-first:%s)\n", $2));
2339 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2340 yyerror("expected yes or no.");
2341 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0);
2345 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG
2347 OUTYY(("P(forward-no-cache:%s)\n", $2));
2348 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2349 yyerror("expected yes or no.");
2350 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0);
2354 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG
2356 OUTYY(("P(forward-ssl-upstream:%s)\n", $2));
2357 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2358 yyerror("expected yes or no.");
2359 else cfg_parser->cfg->forwards->ssl_upstream =
2360 (strcmp($2, "yes")==0);
2364 auth_name: VAR_NAME STRING_ARG
2366 OUTYY(("P(name:%s)\n", $2));
2367 if(cfg_parser->cfg->auths->name)
2368 yyerror("auth name override, there must be one name "
2369 "for one auth-zone");
2370 free(cfg_parser->cfg->auths->name);
2371 cfg_parser->cfg->auths->name = $2;
2374 auth_zonefile: VAR_ZONEFILE STRING_ARG
2376 OUTYY(("P(zonefile:%s)\n", $2));
2377 free(cfg_parser->cfg->auths->zonefile);
2378 cfg_parser->cfg->auths->zonefile = $2;
2381 auth_master: VAR_MASTER STRING_ARG
2383 OUTYY(("P(master:%s)\n", $2));
2384 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2))
2385 yyerror("out of memory");
2388 auth_url: VAR_URL STRING_ARG
2390 OUTYY(("P(url:%s)\n", $2));
2391 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2))
2392 yyerror("out of memory");
2395 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG
2397 OUTYY(("P(allow-notify:%s)\n", $2));
2398 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify,
2400 yyerror("out of memory");
2403 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG
2405 OUTYY(("P(for-downstream:%s)\n", $2));
2406 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2407 yyerror("expected yes or no.");
2408 else cfg_parser->cfg->auths->for_downstream =
2409 (strcmp($2, "yes")==0);
2413 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG
2415 OUTYY(("P(for-upstream:%s)\n", $2));
2416 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2417 yyerror("expected yes or no.");
2418 else cfg_parser->cfg->auths->for_upstream =
2419 (strcmp($2, "yes")==0);
2423 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG
2425 OUTYY(("P(fallback-enabled:%s)\n", $2));
2426 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2427 yyerror("expected yes or no.");
2428 else cfg_parser->cfg->auths->fallback_enabled =
2429 (strcmp($2, "yes")==0);
2433 view_name: VAR_NAME STRING_ARG
2435 OUTYY(("P(name:%s)\n", $2));
2436 if(cfg_parser->cfg->views->name)
2437 yyerror("view name override, there must be one "
2438 "name for one view");
2439 free(cfg_parser->cfg->views->name);
2440 cfg_parser->cfg->views->name = $2;
2443 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
2445 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3));
2446 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
2447 strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
2448 strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
2449 && strcmp($3, "typetransparent")!=0
2450 && strcmp($3, "always_transparent")!=0
2451 && strcmp($3, "always_refuse")!=0
2452 && strcmp($3, "always_nxdomain")!=0
2453 && strcmp($3, "noview")!=0
2454 && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0) {
2455 yyerror("local-zone type: expected static, deny, "
2456 "refuse, redirect, transparent, "
2457 "typetransparent, inform, inform_deny, "
2458 "always_transparent, always_refuse, "
2459 "always_nxdomain, noview or nodefault");
2462 } else if(strcmp($3, "nodefault")==0) {
2463 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2464 local_zones_nodefault, $2))
2465 fatal_exit("out of memory adding local-zone");
2468 } else if(strcmp($3, "ipset")==0) {
2469 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2470 local_zones_ipset, $2))
2471 fatal_exit("out of memory adding local-zone");
2475 if(!cfg_str2list_insert(
2476 &cfg_parser->cfg->views->local_zones,
2478 fatal_exit("out of memory adding local-zone");
2482 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2484 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3));
2485 validate_respip_action($3);
2486 if(!cfg_str2list_insert(
2487 &cfg_parser->cfg->views->respip_actions, $2, $3))
2488 fatal_exit("out of memory adding per-view "
2489 "response-ip action");
2492 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2494 OUTYY(("P(view_response_ip_data:%s)\n", $2));
2495 if(!cfg_str2list_insert(
2496 &cfg_parser->cfg->views->respip_data, $2, $3))
2497 fatal_exit("out of memory adding response-ip-data");
2500 view_local_data: VAR_LOCAL_DATA STRING_ARG
2502 OUTYY(("P(view_local_data:%s)\n", $2));
2503 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) {
2504 fatal_exit("out of memory adding local-data");
2508 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
2511 OUTYY(("P(view_local_data_ptr:%s)\n", $2));
2512 ptr = cfg_ptr_reverse($2);
2515 if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2517 fatal_exit("out of memory adding local-data");
2519 yyerror("local-data-ptr could not be reversed");
2523 view_first: VAR_VIEW_FIRST STRING_ARG
2525 OUTYY(("P(view-first:%s)\n", $2));
2526 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2527 yyerror("expected yes or no.");
2528 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0);
2532 rcstart: VAR_REMOTE_CONTROL
2534 OUTYY(("\nP(remote-control:)\n"));
2537 contents_rc: contents_rc content_rc
2539 content_rc: rc_control_enable | rc_control_interface | rc_control_port |
2540 rc_server_key_file | rc_server_cert_file | rc_control_key_file |
2541 rc_control_cert_file | rc_control_use_cert
2543 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
2545 OUTYY(("P(control_enable:%s)\n", $2));
2546 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2547 yyerror("expected yes or no.");
2548 else cfg_parser->cfg->remote_control_enable =
2549 (strcmp($2, "yes")==0);
2553 rc_control_port: VAR_CONTROL_PORT STRING_ARG
2555 OUTYY(("P(control_port:%s)\n", $2));
2557 yyerror("control port number expected");
2558 else cfg_parser->cfg->control_port = atoi($2);
2562 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
2564 OUTYY(("P(control_interface:%s)\n", $2));
2565 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2))
2566 yyerror("out of memory");
2569 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
2571 OUTYY(("P(control_use_cert:%s)\n", $2));
2572 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0);
2576 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
2578 OUTYY(("P(rc_server_key_file:%s)\n", $2));
2579 free(cfg_parser->cfg->server_key_file);
2580 cfg_parser->cfg->server_key_file = $2;
2583 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG
2585 OUTYY(("P(rc_server_cert_file:%s)\n", $2));
2586 free(cfg_parser->cfg->server_cert_file);
2587 cfg_parser->cfg->server_cert_file = $2;
2590 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG
2592 OUTYY(("P(rc_control_key_file:%s)\n", $2));
2593 free(cfg_parser->cfg->control_key_file);
2594 cfg_parser->cfg->control_key_file = $2;
2597 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG
2599 OUTYY(("P(rc_control_cert_file:%s)\n", $2));
2600 free(cfg_parser->cfg->control_cert_file);
2601 cfg_parser->cfg->control_cert_file = $2;
2606 OUTYY(("\nP(dnstap:)\n"));
2609 contents_dt: contents_dt content_dt
2611 content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
2612 dt_dnstap_send_identity | dt_dnstap_send_version |
2613 dt_dnstap_identity | dt_dnstap_version |
2614 dt_dnstap_log_resolver_query_messages |
2615 dt_dnstap_log_resolver_response_messages |
2616 dt_dnstap_log_client_query_messages |
2617 dt_dnstap_log_client_response_messages |
2618 dt_dnstap_log_forwarder_query_messages |
2619 dt_dnstap_log_forwarder_response_messages
2621 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG
2623 OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
2624 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2625 yyerror("expected yes or no.");
2626 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0);
2630 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG
2632 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
2633 free(cfg_parser->cfg->dnstap_socket_path);
2634 cfg_parser->cfg->dnstap_socket_path = $2;
2637 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG
2639 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
2640 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2641 yyerror("expected yes or no.");
2642 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0);
2646 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG
2648 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
2649 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2650 yyerror("expected yes or no.");
2651 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0);
2655 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG
2657 OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
2658 free(cfg_parser->cfg->dnstap_identity);
2659 cfg_parser->cfg->dnstap_identity = $2;
2662 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG
2664 OUTYY(("P(dt_dnstap_version:%s)\n", $2));
2665 free(cfg_parser->cfg->dnstap_version);
2666 cfg_parser->cfg->dnstap_version = $2;
2669 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG
2671 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2));
2672 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2673 yyerror("expected yes or no.");
2674 else cfg_parser->cfg->dnstap_log_resolver_query_messages =
2675 (strcmp($2, "yes")==0);
2679 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG
2681 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2));
2682 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2683 yyerror("expected yes or no.");
2684 else cfg_parser->cfg->dnstap_log_resolver_response_messages =
2685 (strcmp($2, "yes")==0);
2689 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG
2691 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2));
2692 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2693 yyerror("expected yes or no.");
2694 else cfg_parser->cfg->dnstap_log_client_query_messages =
2695 (strcmp($2, "yes")==0);
2699 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG
2701 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2));
2702 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2703 yyerror("expected yes or no.");
2704 else cfg_parser->cfg->dnstap_log_client_response_messages =
2705 (strcmp($2, "yes")==0);
2709 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG
2711 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2));
2712 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2713 yyerror("expected yes or no.");
2714 else cfg_parser->cfg->dnstap_log_forwarder_query_messages =
2715 (strcmp($2, "yes")==0);
2719 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG
2721 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2));
2722 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2723 yyerror("expected yes or no.");
2724 else cfg_parser->cfg->dnstap_log_forwarder_response_messages =
2725 (strcmp($2, "yes")==0);
2729 pythonstart: VAR_PYTHON
2731 OUTYY(("\nP(python:)\n"));
2734 contents_py: contents_py content_py
2736 content_py: py_script
2738 py_script: VAR_PYTHON_SCRIPT STRING_ARG
2740 OUTYY(("P(python-script:%s)\n", $2));
2741 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2))
2742 yyerror("out of memory");
2744 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG
2746 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2));
2747 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2748 yyerror("expected yes or no.");
2749 else cfg_parser->cfg->disable_dnssec_lame_check =
2750 (strcmp($2, "yes")==0);
2754 server_log_identity: VAR_LOG_IDENTITY STRING_ARG
2756 OUTYY(("P(server_log_identity:%s)\n", $2));
2757 free(cfg_parser->cfg->log_identity);
2758 cfg_parser->cfg->log_identity = $2;
2761 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2763 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3));
2764 validate_respip_action($3);
2765 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions,
2767 fatal_exit("out of memory adding response-ip");
2770 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2772 OUTYY(("P(server_response_ip_data:%s)\n", $2));
2773 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data,
2775 fatal_exit("out of memory adding response-ip-data");
2778 dnscstart: VAR_DNSCRYPT
2780 OUTYY(("\nP(dnscrypt:)\n"));
2783 contents_dnsc: contents_dnsc content_dnsc
2786 dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider |
2787 dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert |
2788 dnsc_dnscrypt_provider_cert_rotated |
2789 dnsc_dnscrypt_shared_secret_cache_size |
2790 dnsc_dnscrypt_shared_secret_cache_slabs |
2791 dnsc_dnscrypt_nonce_cache_size |
2792 dnsc_dnscrypt_nonce_cache_slabs
2794 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG
2796 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2));
2797 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2798 yyerror("expected yes or no.");
2799 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0);
2804 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG
2806 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2));
2808 yyerror("port number expected");
2809 else cfg_parser->cfg->dnscrypt_port = atoi($2);
2813 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG
2815 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2));
2816 free(cfg_parser->cfg->dnscrypt_provider);
2817 cfg_parser->cfg->dnscrypt_provider = $2;
2820 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG
2822 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2));
2823 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2))
2824 log_warn("dnscrypt-provider-cert %s is a duplicate", $2);
2825 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2))
2826 fatal_exit("out of memory adding dnscrypt-provider-cert");
2829 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG
2831 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2));
2832 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2))
2833 fatal_exit("out of memory adding dnscrypt-provider-cert-rotated");
2836 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG
2838 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2));
2839 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2))
2840 log_warn("dnscrypt-secret-key: %s is a duplicate", $2);
2841 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2))
2842 fatal_exit("out of memory adding dnscrypt-secret-key");
2845 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG
2847 OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2));
2848 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size))
2849 yyerror("memory size expected");
2853 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG
2855 OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2));
2857 yyerror("number expected");
2859 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2);
2860 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs))
2861 yyerror("must be a power of 2");
2866 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG
2868 OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2));
2869 if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size))
2870 yyerror("memory size expected");
2874 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG
2876 OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2));
2878 yyerror("number expected");
2880 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2);
2881 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs))
2882 yyerror("must be a power of 2");
2887 cachedbstart: VAR_CACHEDB
2889 OUTYY(("\nP(cachedb:)\n"));
2892 contents_cachedb: contents_cachedb content_cachedb
2894 content_cachedb: cachedb_backend_name | cachedb_secret_seed |
2895 redis_server_host | redis_server_port | redis_timeout
2897 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG
2900 OUTYY(("P(backend:%s)\n", $2));
2901 if(cfg_parser->cfg->cachedb_backend)
2902 yyerror("cachedb backend override, there must be one "
2904 free(cfg_parser->cfg->cachedb_backend);
2905 cfg_parser->cfg->cachedb_backend = $2;
2907 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2912 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG
2915 OUTYY(("P(secret-seed:%s)\n", $2));
2916 if(cfg_parser->cfg->cachedb_secret)
2917 yyerror("cachedb secret-seed override, there must be "
2919 free(cfg_parser->cfg->cachedb_secret);
2920 cfg_parser->cfg->cachedb_secret = $2;
2922 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2927 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG
2929 #if defined(USE_CACHEDB) && defined(USE_REDIS)
2930 OUTYY(("P(redis_server_host:%s)\n", $2));
2931 free(cfg_parser->cfg->redis_server_host);
2932 cfg_parser->cfg->redis_server_host = $2;
2934 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2939 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG
2941 #if defined(USE_CACHEDB) && defined(USE_REDIS)
2943 OUTYY(("P(redis_server_port:%s)\n", $2));
2945 if(port == 0 || port < 0 || port > 65535)
2946 yyerror("valid redis server port number expected");
2947 else cfg_parser->cfg->redis_server_port = port;
2949 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2954 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG
2956 #if defined(USE_CACHEDB) && defined(USE_REDIS)
2957 OUTYY(("P(redis_timeout:%s)\n", $2));
2959 yyerror("redis timeout value expected");
2960 else cfg_parser->cfg->redis_timeout = atoi($2);
2962 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2967 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG
2969 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3));
2971 yyerror("positive number expected");
2973 if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3))
2974 fatal_exit("out of memory adding tcp connection limit");
2978 ipsetstart: VAR_IPSET
2980 OUTYY(("\nP(ipset:)\n"));
2983 contents_ipset: contents_ipset content_ipset
2985 content_ipset: ipset_name_v4 | ipset_name_v6
2987 ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG
2990 OUTYY(("P(name-v4:%s)\n", $2));
2991 if(cfg_parser->cfg->ipset_name_v4)
2992 yyerror("ipset name v4 override, there must be one "
2994 free(cfg_parser->cfg->ipset_name_v4);
2995 cfg_parser->cfg->ipset_name_v4 = $2;
2997 OUTYY(("P(Compiled without ipset, ignoring)\n"));
3002 ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG
3005 OUTYY(("P(name-v6:%s)\n", $2));
3006 if(cfg_parser->cfg->ipset_name_v6)
3007 yyerror("ipset name v6 override, there must be one "
3009 free(cfg_parser->cfg->ipset_name_v6);
3010 cfg_parser->cfg->ipset_name_v6 = $2;
3012 OUTYY(("P(Compiled without ipset, ignoring)\n"));
3019 /* parse helper routines could be here */
3021 validate_respip_action(const char* action)
3023 if(strcmp(action, "deny")!=0 &&
3024 strcmp(action, "redirect")!=0 &&
3025 strcmp(action, "inform")!=0 &&
3026 strcmp(action, "inform_deny")!=0 &&
3027 strcmp(action, "always_transparent")!=0 &&
3028 strcmp(action, "always_refuse")!=0 &&
3029 strcmp(action, "always_nxdomain")!=0)
3031 yyerror("response-ip action: expected deny, redirect, "
3032 "inform, inform_deny, always_transparent, "
3033 "always_refuse or always_nxdomain");