]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/blob - util/configparser.y
projects / FreeBSD / FreeBSD.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Vendor import of Unbound 1.9.6.
[FreeBSD/FreeBSD.git] / util / configparser.y
1 /*
2  * configparser.y -- yacc grammar for unbound configuration files
3  *
4  * Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
5  *
6  * Copyright (c) 2007, NLnet Labs. All rights reserved.
7  * 
8  * This software is open source.
9  * 
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 
14  * Redistributions of source code must retain the above copyright notice,
15  * this list of conditions and the following disclaimer.
16  * 
17  * Redistributions in binary form must reproduce the above copyright notice,
18  * this list of conditions and the following disclaimer in the documentation
19  * and/or other materials provided with the distribution.
20  * 
21  * Neither the name of the NLNET LABS nor the names of its contributors may
22  * be used to endorse or promote products derived from this software without
23  * specific prior written permission.
24  * 
25  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
28  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
29  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
31  * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
32  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36  */
37
38 %{
39 #include "config.h"
40
41 #include <stdarg.h>
42 #include <stdio.h>
43 #include <string.h>
44 #include <stdlib.h>
45 #include <assert.h>
46
47 #include "util/configyyrename.h"
48 #include "util/config_file.h"
49 #include "util/net_help.h"
50
51 int ub_c_lex(void);
52 void ub_c_error(const char *message);
53
54 static void validate_respip_action(const char* action);
55
56 /* these need to be global, otherwise they cannot be used inside yacc */
57 extern struct config_parser_state* cfg_parser;
58
59 #if 0
60 #define OUTYY(s)  printf s /* used ONLY when debugging */
61 #else
62 #define OUTYY(s)
63 #endif
64
65 %}
66 %union {
67         char*   str;
68 };
69
70 %token SPACE LETTER NEWLINE COMMENT COLON ANY ZONESTR
71 %token <str> STRING_ARG
72 %token VAR_SERVER VAR_VERBOSITY VAR_NUM_THREADS VAR_PORT
73 %token VAR_OUTGOING_RANGE VAR_INTERFACE
74 %token VAR_DO_IP4 VAR_DO_IP6 VAR_PREFER_IP6 VAR_DO_UDP VAR_DO_TCP
75 %token VAR_TCP_MSS VAR_OUTGOING_TCP_MSS VAR_TCP_IDLE_TIMEOUT
76 %token VAR_EDNS_TCP_KEEPALIVE VAR_EDNS_TCP_KEEPALIVE_TIMEOUT
77 %token VAR_CHROOT VAR_USERNAME VAR_DIRECTORY VAR_LOGFILE VAR_PIDFILE
78 %token VAR_MSG_CACHE_SIZE VAR_MSG_CACHE_SLABS VAR_NUM_QUERIES_PER_THREAD
79 %token VAR_RRSET_CACHE_SIZE VAR_RRSET_CACHE_SLABS VAR_OUTGOING_NUM_TCP
80 %token VAR_INFRA_HOST_TTL VAR_INFRA_LAME_TTL VAR_INFRA_CACHE_SLABS
81 %token VAR_INFRA_CACHE_NUMHOSTS VAR_INFRA_CACHE_LAME_SIZE VAR_NAME
82 %token VAR_STUB_ZONE VAR_STUB_HOST VAR_STUB_ADDR VAR_TARGET_FETCH_POLICY
83 %token VAR_HARDEN_SHORT_BUFSIZE VAR_HARDEN_LARGE_QUERIES
84 %token VAR_FORWARD_ZONE VAR_FORWARD_HOST VAR_FORWARD_ADDR
85 %token VAR_DO_NOT_QUERY_ADDRESS VAR_HIDE_IDENTITY VAR_HIDE_VERSION
86 %token VAR_IDENTITY VAR_VERSION VAR_HARDEN_GLUE VAR_MODULE_CONF
87 %token VAR_TRUST_ANCHOR_FILE VAR_TRUST_ANCHOR VAR_VAL_OVERRIDE_DATE
88 %token VAR_BOGUS_TTL VAR_VAL_CLEAN_ADDITIONAL VAR_VAL_PERMISSIVE_MODE
89 %token VAR_INCOMING_NUM_TCP VAR_MSG_BUFFER_SIZE VAR_KEY_CACHE_SIZE
90 %token VAR_KEY_CACHE_SLABS VAR_TRUSTED_KEYS_FILE 
91 %token VAR_VAL_NSEC3_KEYSIZE_ITERATIONS VAR_USE_SYSLOG 
92 %token VAR_OUTGOING_INTERFACE VAR_ROOT_HINTS VAR_DO_NOT_QUERY_LOCALHOST
93 %token VAR_CACHE_MAX_TTL VAR_HARDEN_DNSSEC_STRIPPED VAR_ACCESS_CONTROL
94 %token VAR_LOCAL_ZONE VAR_LOCAL_DATA VAR_INTERFACE_AUTOMATIC
95 %token VAR_STATISTICS_INTERVAL VAR_DO_DAEMONIZE VAR_USE_CAPS_FOR_ID
96 %token VAR_STATISTICS_CUMULATIVE VAR_OUTGOING_PORT_PERMIT 
97 %token VAR_OUTGOING_PORT_AVOID VAR_DLV_ANCHOR_FILE VAR_DLV_ANCHOR
98 %token VAR_NEG_CACHE_SIZE VAR_HARDEN_REFERRAL_PATH VAR_PRIVATE_ADDRESS
99 %token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
100 %token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
101 %token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
102 %token VAR_CONTROL_USE_CERT
103 %token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
104 %token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
105 %token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
106 %token VAR_VAL_SIG_SKEW_MAX VAR_CACHE_MIN_TTL VAR_VAL_LOG_LEVEL
107 %token VAR_AUTO_TRUST_ANCHOR_FILE VAR_KEEP_MISSING VAR_ADD_HOLDDOWN 
108 %token VAR_DEL_HOLDDOWN VAR_SO_RCVBUF VAR_EDNS_BUFFER_SIZE VAR_PREFETCH
109 %token VAR_PREFETCH_KEY VAR_SO_SNDBUF VAR_SO_REUSEPORT VAR_HARDEN_BELOW_NXDOMAIN
110 %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_LOG_REPLIES VAR_LOG_LOCAL_ACTIONS
111 %token VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM
112 %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST
113 %token VAR_STUB_SSL_UPSTREAM VAR_FORWARD_SSL_UPSTREAM VAR_TLS_CERT_BUNDLE
114 %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN
115 %token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE
116 %token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES
117 %token VAR_INFRA_CACHE_MIN_RTT
118 %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA
119 %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH
120 %token VAR_DNSTAP_SEND_IDENTITY VAR_DNSTAP_SEND_VERSION
121 %token VAR_DNSTAP_IDENTITY VAR_DNSTAP_VERSION
122 %token VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES
123 %token VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES
124 %token VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES
125 %token VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES
126 %token VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES
127 %token VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES
128 %token VAR_RESPONSE_IP_TAG VAR_RESPONSE_IP VAR_RESPONSE_IP_DATA
129 %token VAR_HARDEN_ALGO_DOWNGRADE VAR_IP_TRANSPARENT
130 %token VAR_DISABLE_DNSSEC_LAME_CHECK
131 %token VAR_IP_RATELIMIT VAR_IP_RATELIMIT_SLABS VAR_IP_RATELIMIT_SIZE
132 %token VAR_RATELIMIT VAR_RATELIMIT_SLABS VAR_RATELIMIT_SIZE
133 %token VAR_RATELIMIT_FOR_DOMAIN VAR_RATELIMIT_BELOW_DOMAIN
134 %token VAR_IP_RATELIMIT_FACTOR VAR_RATELIMIT_FACTOR
135 %token VAR_SEND_CLIENT_SUBNET VAR_CLIENT_SUBNET_ZONE
136 %token VAR_CLIENT_SUBNET_ALWAYS_FORWARD VAR_CLIENT_SUBNET_OPCODE
137 %token VAR_MAX_CLIENT_SUBNET_IPV4 VAR_MAX_CLIENT_SUBNET_IPV6
138 %token VAR_MIN_CLIENT_SUBNET_IPV4 VAR_MIN_CLIENT_SUBNET_IPV6
139 %token VAR_MAX_ECS_TREE_SIZE_IPV4 VAR_MAX_ECS_TREE_SIZE_IPV6
140 %token VAR_CAPS_WHITELIST VAR_CACHE_MAX_NEGATIVE_TTL VAR_PERMIT_SMALL_HOLDDOWN
141 %token VAR_QNAME_MINIMISATION VAR_QNAME_MINIMISATION_STRICT VAR_IP_FREEBIND
142 %token VAR_DEFINE_TAG VAR_LOCAL_ZONE_TAG VAR_ACCESS_CONTROL_TAG
143 %token VAR_LOCAL_ZONE_OVERRIDE VAR_ACCESS_CONTROL_TAG_ACTION
144 %token VAR_ACCESS_CONTROL_TAG_DATA VAR_VIEW VAR_ACCESS_CONTROL_VIEW
145 %token VAR_VIEW_FIRST VAR_SERVE_EXPIRED VAR_SERVE_EXPIRED_TTL
146 %token VAR_SERVE_EXPIRED_TTL_RESET VAR_FAKE_DSA VAR_FAKE_SHA1
147 %token VAR_LOG_IDENTITY VAR_HIDE_TRUSTANCHOR VAR_TRUST_ANCHOR_SIGNALING
148 %token VAR_AGGRESSIVE_NSEC VAR_USE_SYSTEMD VAR_SHM_ENABLE VAR_SHM_KEY
149 %token VAR_ROOT_KEY_SENTINEL
150 %token VAR_DNSCRYPT VAR_DNSCRYPT_ENABLE VAR_DNSCRYPT_PORT VAR_DNSCRYPT_PROVIDER
151 %token VAR_DNSCRYPT_SECRET_KEY VAR_DNSCRYPT_PROVIDER_CERT
152 %token VAR_DNSCRYPT_PROVIDER_CERT_ROTATED
153 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE
154 %token VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS
155 %token VAR_DNSCRYPT_NONCE_CACHE_SIZE
156 %token VAR_DNSCRYPT_NONCE_CACHE_SLABS
157 %token VAR_IPSECMOD_ENABLED VAR_IPSECMOD_HOOK VAR_IPSECMOD_IGNORE_BOGUS
158 %token VAR_IPSECMOD_MAX_TTL VAR_IPSECMOD_WHITELIST VAR_IPSECMOD_STRICT
159 %token VAR_CACHEDB VAR_CACHEDB_BACKEND VAR_CACHEDB_SECRETSEED
160 %token VAR_CACHEDB_REDISHOST VAR_CACHEDB_REDISPORT VAR_CACHEDB_REDISTIMEOUT
161 %token VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM VAR_FOR_UPSTREAM
162 %token VAR_AUTH_ZONE VAR_ZONEFILE VAR_MASTER VAR_URL VAR_FOR_DOWNSTREAM
163 %token VAR_FALLBACK_ENABLED VAR_TLS_ADDITIONAL_PORT VAR_LOW_RTT VAR_LOW_RTT_PERMIL
164 %token VAR_FAST_SERVER_PERMIL VAR_FAST_SERVER_NUM
165 %token VAR_ALLOW_NOTIFY VAR_TLS_WIN_CERT VAR_TCP_CONNECTION_LIMIT
166 %token VAR_FORWARD_NO_CACHE VAR_STUB_NO_CACHE VAR_LOG_SERVFAIL VAR_DENY_ANY
167 %token VAR_UNKNOWN_SERVER_TIME_LIMIT VAR_LOG_TAG_QUERYREPLY
168 %token VAR_STREAM_WAIT_SIZE VAR_TLS_CIPHERS VAR_TLS_CIPHERSUITES
169 %token VAR_TLS_SESSION_TICKET_KEYS
170 %token VAR_IPSET VAR_IPSET_NAME_V4 VAR_IPSET_NAME_V6
171
172 %%
173 toplevelvars: /* empty */ | toplevelvars toplevelvar ;
174 toplevelvar: serverstart contents_server | stubstart contents_stub |
175         forwardstart contents_forward | pythonstart contents_py | 
176         rcstart contents_rc | dtstart contents_dt | viewstart contents_view |
177         dnscstart contents_dnsc | cachedbstart contents_cachedb |
178         ipsetstart contents_ipset | authstart contents_auth
179         ;
180
181 /* server: declaration */
182 serverstart: VAR_SERVER
183         { 
184                 OUTYY(("\nP(server:)\n")); 
185         }
186         ;
187 contents_server: contents_server content_server 
188         | ;
189 content_server: server_num_threads | server_verbosity | server_port |
190         server_outgoing_range | server_do_ip4 |
191         server_do_ip6 | server_prefer_ip6 |
192         server_do_udp | server_do_tcp |
193         server_tcp_mss | server_outgoing_tcp_mss | server_tcp_idle_timeout |
194         server_tcp_keepalive | server_tcp_keepalive_timeout |
195         server_interface | server_chroot | server_username | 
196         server_directory | server_logfile | server_pidfile |
197         server_msg_cache_size | server_msg_cache_slabs |
198         server_num_queries_per_thread | server_rrset_cache_size | 
199         server_rrset_cache_slabs | server_outgoing_num_tcp | 
200         server_infra_host_ttl | server_infra_lame_ttl | 
201         server_infra_cache_slabs | server_infra_cache_numhosts |
202         server_infra_cache_lame_size | server_target_fetch_policy | 
203         server_harden_short_bufsize | server_harden_large_queries |
204         server_do_not_query_address | server_hide_identity |
205         server_hide_version | server_identity | server_version |
206         server_harden_glue | server_module_conf | server_trust_anchor_file |
207         server_trust_anchor | server_val_override_date | server_bogus_ttl |
208         server_val_clean_additional | server_val_permissive_mode |
209         server_incoming_num_tcp | server_msg_buffer_size | 
210         server_key_cache_size | server_key_cache_slabs | 
211         server_trusted_keys_file | server_val_nsec3_keysize_iterations |
212         server_use_syslog | server_outgoing_interface | server_root_hints |
213         server_do_not_query_localhost | server_cache_max_ttl |
214         server_harden_dnssec_stripped | server_access_control |
215         server_local_zone | server_local_data | server_interface_automatic |
216         server_statistics_interval | server_do_daemonize | 
217         server_use_caps_for_id | server_statistics_cumulative |
218         server_outgoing_port_permit | server_outgoing_port_avoid |
219         server_dlv_anchor_file | server_dlv_anchor | server_neg_cache_size |
220         server_harden_referral_path | server_private_address |
221         server_private_domain | server_extended_statistics | 
222         server_local_data_ptr | server_jostle_timeout | 
223         server_unwanted_reply_threshold | server_log_time_ascii | 
224         server_domain_insecure | server_val_sig_skew_min | 
225         server_val_sig_skew_max | server_cache_min_ttl | server_val_log_level |
226         server_auto_trust_anchor_file | server_add_holddown | 
227         server_del_holddown | server_keep_missing | server_so_rcvbuf |
228         server_edns_buffer_size | server_prefetch | server_prefetch_key |
229         server_so_sndbuf | server_harden_below_nxdomain | server_ignore_cd_flag |
230         server_log_queries | server_log_replies | server_tcp_upstream | server_ssl_upstream |
231         server_log_local_actions |
232         server_ssl_service_key | server_ssl_service_pem | server_ssl_port |
233         server_minimal_responses | server_rrset_roundrobin | server_max_udp_size |
234         server_so_reuseport | server_delay_close |
235         server_unblock_lan_zones | server_insecure_lan_zones |
236         server_dns64_prefix | server_dns64_synthall | server_dns64_ignore_aaaa |
237         server_infra_cache_min_rtt | server_harden_algo_downgrade |
238         server_ip_transparent | server_ip_ratelimit | server_ratelimit |
239         server_ip_ratelimit_slabs | server_ratelimit_slabs |
240         server_ip_ratelimit_size | server_ratelimit_size |
241         server_ratelimit_for_domain |
242         server_ratelimit_below_domain | server_ratelimit_factor |
243         server_ip_ratelimit_factor | server_send_client_subnet |
244         server_client_subnet_zone | server_client_subnet_always_forward |
245         server_client_subnet_opcode |
246         server_max_client_subnet_ipv4 | server_max_client_subnet_ipv6 |
247         server_min_client_subnet_ipv4 | server_min_client_subnet_ipv6 |
248         server_max_ecs_tree_size_ipv4 | server_max_ecs_tree_size_ipv6 |
249         server_caps_whitelist | server_cache_max_negative_ttl |
250         server_permit_small_holddown | server_qname_minimisation |
251         server_ip_freebind | server_define_tag | server_local_zone_tag |
252         server_disable_dnssec_lame_check | server_access_control_tag |
253         server_local_zone_override | server_access_control_tag_action |
254         server_access_control_tag_data | server_access_control_view |
255         server_qname_minimisation_strict | server_serve_expired |
256         server_serve_expired_ttl | server_serve_expired_ttl_reset |
257         server_fake_dsa | server_log_identity | server_use_systemd |
258         server_response_ip_tag | server_response_ip | server_response_ip_data |
259         server_shm_enable | server_shm_key | server_fake_sha1 |
260         server_hide_trustanchor | server_trust_anchor_signaling |
261         server_root_key_sentinel |
262         server_ipsecmod_enabled | server_ipsecmod_hook |
263         server_ipsecmod_ignore_bogus | server_ipsecmod_max_ttl |
264         server_ipsecmod_whitelist | server_ipsecmod_strict |
265         server_udp_upstream_without_downstream | server_aggressive_nsec |
266         server_tls_cert_bundle | server_tls_additional_port | server_low_rtt |
267         server_fast_server_permil | server_fast_server_num  | server_tls_win_cert |
268         server_tcp_connection_limit | server_log_servfail | server_deny_any |
269         server_unknown_server_time_limit | server_log_tag_queryreply |
270         server_stream_wait_size | server_tls_ciphers |
271         server_tls_ciphersuites | server_tls_session_ticket_keys
272         ;
273 stubstart: VAR_STUB_ZONE
274         {
275                 struct config_stub* s;
276                 OUTYY(("\nP(stub_zone:)\n")); 
277                 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
278                 if(s) {
279                         s->next = cfg_parser->cfg->stubs;
280                         cfg_parser->cfg->stubs = s;
281                 } else 
282                         yyerror("out of memory");
283         }
284         ;
285 contents_stub: contents_stub content_stub 
286         | ;
287 content_stub: stub_name | stub_host | stub_addr | stub_prime | stub_first |
288         stub_no_cache | stub_ssl_upstream
289         ;
290 forwardstart: VAR_FORWARD_ZONE
291         {
292                 struct config_stub* s;
293                 OUTYY(("\nP(forward_zone:)\n")); 
294                 s = (struct config_stub*)calloc(1, sizeof(struct config_stub));
295                 if(s) {
296                         s->next = cfg_parser->cfg->forwards;
297                         cfg_parser->cfg->forwards = s;
298                 } else 
299                         yyerror("out of memory");
300         }
301         ;
302 contents_forward: contents_forward content_forward 
303         | ;
304 content_forward: forward_name | forward_host | forward_addr | forward_first |
305         forward_no_cache | forward_ssl_upstream
306         ;
307 viewstart: VAR_VIEW
308         {
309                 struct config_view* s;
310                 OUTYY(("\nP(view:)\n")); 
311                 s = (struct config_view*)calloc(1, sizeof(struct config_view));
312                 if(s) {
313                         s->next = cfg_parser->cfg->views;
314                         if(s->next && !s->next->name)
315                                 yyerror("view without name");
316                         cfg_parser->cfg->views = s;
317                 } else 
318                         yyerror("out of memory");
319         }
320         ;
321 contents_view: contents_view content_view 
322         | ;
323 content_view: view_name | view_local_zone | view_local_data | view_first |
324                 view_response_ip | view_response_ip_data | view_local_data_ptr
325         ;
326 authstart: VAR_AUTH_ZONE
327         {
328                 struct config_auth* s;
329                 OUTYY(("\nP(auth_zone:)\n")); 
330                 s = (struct config_auth*)calloc(1, sizeof(struct config_auth));
331                 if(s) {
332                         s->next = cfg_parser->cfg->auths;
333                         cfg_parser->cfg->auths = s;
334                         /* defaults for auth zone */
335                         s->for_downstream = 1;
336                         s->for_upstream = 1;
337                         s->fallback_enabled = 0;
338                 } else 
339                         yyerror("out of memory");
340         }
341         ;
342 contents_auth: contents_auth content_auth 
343         | ;
344 content_auth: auth_name | auth_zonefile | auth_master | auth_url |
345         auth_for_downstream | auth_for_upstream | auth_fallback_enabled |
346         auth_allow_notify
347         ;
348 server_num_threads: VAR_NUM_THREADS STRING_ARG 
349         { 
350                 OUTYY(("P(server_num_threads:%s)\n", $2)); 
351                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
352                         yyerror("number expected");
353                 else cfg_parser->cfg->num_threads = atoi($2);
354                 free($2);
355         }
356         ;
357 server_verbosity: VAR_VERBOSITY STRING_ARG 
358         { 
359                 OUTYY(("P(server_verbosity:%s)\n", $2)); 
360                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
361                         yyerror("number expected");
362                 else cfg_parser->cfg->verbosity = atoi($2);
363                 free($2);
364         }
365         ;
366 server_statistics_interval: VAR_STATISTICS_INTERVAL STRING_ARG 
367         { 
368                 OUTYY(("P(server_statistics_interval:%s)\n", $2)); 
369                 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
370                         cfg_parser->cfg->stat_interval = 0;
371                 else if(atoi($2) == 0)
372                         yyerror("number expected");
373                 else cfg_parser->cfg->stat_interval = atoi($2);
374                 free($2);
375         }
376         ;
377 server_statistics_cumulative: VAR_STATISTICS_CUMULATIVE STRING_ARG
378         {
379                 OUTYY(("P(server_statistics_cumulative:%s)\n", $2));
380                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
381                         yyerror("expected yes or no.");
382                 else cfg_parser->cfg->stat_cumulative = (strcmp($2, "yes")==0);
383                 free($2);
384         }
385         ;
386 server_extended_statistics: VAR_EXTENDED_STATISTICS STRING_ARG
387         {
388                 OUTYY(("P(server_extended_statistics:%s)\n", $2));
389                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
390                         yyerror("expected yes or no.");
391                 else cfg_parser->cfg->stat_extended = (strcmp($2, "yes")==0);
392                 free($2);
393         }
394         ;
395 server_shm_enable: VAR_SHM_ENABLE STRING_ARG
396         {
397                 OUTYY(("P(server_shm_enable:%s)\n", $2));
398                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
399                         yyerror("expected yes or no.");
400                 else cfg_parser->cfg->shm_enable = (strcmp($2, "yes")==0);
401                 free($2);
402         }
403         ;
404 server_shm_key: VAR_SHM_KEY STRING_ARG 
405         { 
406                 OUTYY(("P(server_shm_key:%s)\n", $2)); 
407                 if(strcmp($2, "") == 0 || strcmp($2, "0") == 0)
408                         cfg_parser->cfg->shm_key = 0;
409                 else if(atoi($2) == 0)
410                         yyerror("number expected");
411                 else cfg_parser->cfg->shm_key = atoi($2);
412                 free($2);
413         }
414         ;
415 server_port: VAR_PORT STRING_ARG
416         {
417                 OUTYY(("P(server_port:%s)\n", $2));
418                 if(atoi($2) == 0)
419                         yyerror("port number expected");
420                 else cfg_parser->cfg->port = atoi($2);
421                 free($2);
422         }
423         ;
424 server_send_client_subnet: VAR_SEND_CLIENT_SUBNET STRING_ARG
425         {
426         #ifdef CLIENT_SUBNET
427                 OUTYY(("P(server_send_client_subnet:%s)\n", $2));
428                 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet, $2))
429                         fatal_exit("out of memory adding client-subnet");
430         #else
431                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
432         #endif
433         }
434         ;
435 server_client_subnet_zone: VAR_CLIENT_SUBNET_ZONE STRING_ARG
436         {
437         #ifdef CLIENT_SUBNET
438                 OUTYY(("P(server_client_subnet_zone:%s)\n", $2));
439                 if(!cfg_strlist_insert(&cfg_parser->cfg->client_subnet_zone,
440                         $2))
441                         fatal_exit("out of memory adding client-subnet-zone");
442         #else
443                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
444         #endif
445         }
446         ;
447 server_client_subnet_always_forward:
448         VAR_CLIENT_SUBNET_ALWAYS_FORWARD STRING_ARG
449         {
450         #ifdef CLIENT_SUBNET
451                 OUTYY(("P(server_client_subnet_always_forward:%s)\n", $2));
452                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
453                         yyerror("expected yes or no.");
454                 else
455                         cfg_parser->cfg->client_subnet_always_forward =
456                                 (strcmp($2, "yes")==0);
457         #else
458                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
459         #endif
460                 free($2);
461         }
462         ;
463 server_client_subnet_opcode: VAR_CLIENT_SUBNET_OPCODE STRING_ARG
464         {
465         #ifdef CLIENT_SUBNET
466                 OUTYY(("P(client_subnet_opcode:%s)\n", $2));
467                 OUTYY(("P(Deprecated option, ignoring)\n"));
468         #else
469                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
470         #endif
471                 free($2);
472         }
473         ;
474 server_max_client_subnet_ipv4: VAR_MAX_CLIENT_SUBNET_IPV4 STRING_ARG
475         {
476         #ifdef CLIENT_SUBNET
477                 OUTYY(("P(max_client_subnet_ipv4:%s)\n", $2));
478                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
479                         yyerror("IPv4 subnet length expected");
480                 else if (atoi($2) > 32)
481                         cfg_parser->cfg->max_client_subnet_ipv4 = 32;
482                 else if (atoi($2) < 0)
483                         cfg_parser->cfg->max_client_subnet_ipv4 = 0;
484                 else cfg_parser->cfg->max_client_subnet_ipv4 = (uint8_t)atoi($2);
485         #else
486                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
487         #endif
488                 free($2);
489         }
490         ;
491 server_max_client_subnet_ipv6: VAR_MAX_CLIENT_SUBNET_IPV6 STRING_ARG
492         {
493         #ifdef CLIENT_SUBNET
494                 OUTYY(("P(max_client_subnet_ipv6:%s)\n", $2));
495                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
496                         yyerror("Ipv6 subnet length expected");
497                 else if (atoi($2) > 128)
498                         cfg_parser->cfg->max_client_subnet_ipv6 = 128;
499                 else if (atoi($2) < 0)
500                         cfg_parser->cfg->max_client_subnet_ipv6 = 0;
501                 else cfg_parser->cfg->max_client_subnet_ipv6 = (uint8_t)atoi($2);
502         #else
503                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
504         #endif
505                 free($2);
506         }
507         ;
508 server_min_client_subnet_ipv4: VAR_MIN_CLIENT_SUBNET_IPV4 STRING_ARG
509         {
510         #ifdef CLIENT_SUBNET
511                 OUTYY(("P(min_client_subnet_ipv4:%s)\n", $2));
512                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
513                         yyerror("IPv4 subnet length expected");
514                 else if (atoi($2) > 32)
515                         cfg_parser->cfg->min_client_subnet_ipv4 = 32;
516                 else if (atoi($2) < 0)
517                         cfg_parser->cfg->min_client_subnet_ipv4 = 0;
518                 else cfg_parser->cfg->min_client_subnet_ipv4 = (uint8_t)atoi($2);
519         #else
520                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
521         #endif
522                 free($2);
523         }
524         ;
525 server_min_client_subnet_ipv6: VAR_MIN_CLIENT_SUBNET_IPV6 STRING_ARG
526         {
527         #ifdef CLIENT_SUBNET
528                 OUTYY(("P(min_client_subnet_ipv6:%s)\n", $2));
529                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
530                         yyerror("Ipv6 subnet length expected");
531                 else if (atoi($2) > 128)
532                         cfg_parser->cfg->min_client_subnet_ipv6 = 128;
533                 else if (atoi($2) < 0)
534                         cfg_parser->cfg->min_client_subnet_ipv6 = 0;
535                 else cfg_parser->cfg->min_client_subnet_ipv6 = (uint8_t)atoi($2);
536         #else
537                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
538         #endif
539                 free($2);
540         }
541         ;
542 server_max_ecs_tree_size_ipv4: VAR_MAX_ECS_TREE_SIZE_IPV4 STRING_ARG
543         {
544         #ifdef CLIENT_SUBNET
545                 OUTYY(("P(max_ecs_tree_size_ipv4:%s)\n", $2));
546                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
547                         yyerror("IPv4 ECS tree size expected");
548                 else if (atoi($2) < 0)
549                         cfg_parser->cfg->max_ecs_tree_size_ipv4 = 0;
550                 else cfg_parser->cfg->max_ecs_tree_size_ipv4 = (uint32_t)atoi($2);
551         #else
552                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
553         #endif
554                 free($2);
555         }
556         ;
557 server_max_ecs_tree_size_ipv6: VAR_MAX_ECS_TREE_SIZE_IPV6 STRING_ARG
558         {
559         #ifdef CLIENT_SUBNET
560                 OUTYY(("P(max_ecs_tree_size_ipv6:%s)\n", $2));
561                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
562                         yyerror("IPv6 ECS tree size expected");
563                 else if (atoi($2) < 0)
564                         cfg_parser->cfg->max_ecs_tree_size_ipv6 = 0;
565                 else cfg_parser->cfg->max_ecs_tree_size_ipv6 = (uint32_t)atoi($2);
566         #else
567                 OUTYY(("P(Compiled without edns subnet option, ignoring)\n"));
568         #endif
569                 free($2);
570         }
571         ;
572 server_interface: VAR_INTERFACE STRING_ARG
573         {
574                 OUTYY(("P(server_interface:%s)\n", $2));
575                 if(cfg_parser->cfg->num_ifs == 0)
576                         cfg_parser->cfg->ifs = calloc(1, sizeof(char*));
577                 else    cfg_parser->cfg->ifs = realloc(cfg_parser->cfg->ifs,
578                                 (cfg_parser->cfg->num_ifs+1)*sizeof(char*));
579                 if(!cfg_parser->cfg->ifs)
580                         yyerror("out of memory");
581                 else
582                         cfg_parser->cfg->ifs[cfg_parser->cfg->num_ifs++] = $2;
583         }
584         ;
585 server_outgoing_interface: VAR_OUTGOING_INTERFACE STRING_ARG
586         {
587                 OUTYY(("P(server_outgoing_interface:%s)\n", $2));
588                 if(cfg_parser->cfg->num_out_ifs == 0)
589                         cfg_parser->cfg->out_ifs = calloc(1, sizeof(char*));
590                 else    cfg_parser->cfg->out_ifs = realloc(
591                         cfg_parser->cfg->out_ifs, 
592                         (cfg_parser->cfg->num_out_ifs+1)*sizeof(char*));
593                 if(!cfg_parser->cfg->out_ifs)
594                         yyerror("out of memory");
595                 else
596                         cfg_parser->cfg->out_ifs[
597                                 cfg_parser->cfg->num_out_ifs++] = $2;
598         }
599         ;
600 server_outgoing_range: VAR_OUTGOING_RANGE STRING_ARG
601         {
602                 OUTYY(("P(server_outgoing_range:%s)\n", $2));
603                 if(atoi($2) == 0)
604                         yyerror("number expected");
605                 else cfg_parser->cfg->outgoing_num_ports = atoi($2);
606                 free($2);
607         }
608         ;
609 server_outgoing_port_permit: VAR_OUTGOING_PORT_PERMIT STRING_ARG
610         {
611                 OUTYY(("P(server_outgoing_port_permit:%s)\n", $2));
612                 if(!cfg_mark_ports($2, 1, 
613                         cfg_parser->cfg->outgoing_avail_ports, 65536))
614                         yyerror("port number or range (\"low-high\") expected");
615                 free($2);
616         }
617         ;
618 server_outgoing_port_avoid: VAR_OUTGOING_PORT_AVOID STRING_ARG
619         {
620                 OUTYY(("P(server_outgoing_port_avoid:%s)\n", $2));
621                 if(!cfg_mark_ports($2, 0, 
622                         cfg_parser->cfg->outgoing_avail_ports, 65536))
623                         yyerror("port number or range (\"low-high\") expected");
624                 free($2);
625         }
626         ;
627 server_outgoing_num_tcp: VAR_OUTGOING_NUM_TCP STRING_ARG
628         {
629                 OUTYY(("P(server_outgoing_num_tcp:%s)\n", $2));
630                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
631                         yyerror("number expected");
632                 else cfg_parser->cfg->outgoing_num_tcp = atoi($2);
633                 free($2);
634         }
635         ;
636 server_incoming_num_tcp: VAR_INCOMING_NUM_TCP STRING_ARG
637         {
638                 OUTYY(("P(server_incoming_num_tcp:%s)\n", $2));
639                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
640                         yyerror("number expected");
641                 else cfg_parser->cfg->incoming_num_tcp = atoi($2);
642                 free($2);
643         }
644         ;
645 server_interface_automatic: VAR_INTERFACE_AUTOMATIC STRING_ARG
646         {
647                 OUTYY(("P(server_interface_automatic:%s)\n", $2));
648                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
649                         yyerror("expected yes or no.");
650                 else cfg_parser->cfg->if_automatic = (strcmp($2, "yes")==0);
651                 free($2);
652         }
653         ;
654 server_do_ip4: VAR_DO_IP4 STRING_ARG
655         {
656                 OUTYY(("P(server_do_ip4:%s)\n", $2));
657                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
658                         yyerror("expected yes or no.");
659                 else cfg_parser->cfg->do_ip4 = (strcmp($2, "yes")==0);
660                 free($2);
661         }
662         ;
663 server_do_ip6: VAR_DO_IP6 STRING_ARG
664         {
665                 OUTYY(("P(server_do_ip6:%s)\n", $2));
666                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
667                         yyerror("expected yes or no.");
668                 else cfg_parser->cfg->do_ip6 = (strcmp($2, "yes")==0);
669                 free($2);
670         }
671         ;
672 server_do_udp: VAR_DO_UDP STRING_ARG
673         {
674                 OUTYY(("P(server_do_udp:%s)\n", $2));
675                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
676                         yyerror("expected yes or no.");
677                 else cfg_parser->cfg->do_udp = (strcmp($2, "yes")==0);
678                 free($2);
679         }
680         ;
681 server_do_tcp: VAR_DO_TCP STRING_ARG
682         {
683                 OUTYY(("P(server_do_tcp:%s)\n", $2));
684                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
685                         yyerror("expected yes or no.");
686                 else cfg_parser->cfg->do_tcp = (strcmp($2, "yes")==0);
687                 free($2);
688         }
689         ;
690 server_prefer_ip6: VAR_PREFER_IP6 STRING_ARG
691         {
692                 OUTYY(("P(server_prefer_ip6:%s)\n", $2));
693                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
694                         yyerror("expected yes or no.");
695                 else cfg_parser->cfg->prefer_ip6 = (strcmp($2, "yes")==0);
696                 free($2);
697         }
698         ;
699 server_tcp_mss: VAR_TCP_MSS STRING_ARG
700         {
701                 OUTYY(("P(server_tcp_mss:%s)\n", $2));
702                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
703                         yyerror("number expected");
704                 else cfg_parser->cfg->tcp_mss = atoi($2);
705                 free($2);
706         }
707         ;
708 server_outgoing_tcp_mss: VAR_OUTGOING_TCP_MSS STRING_ARG
709         {
710                 OUTYY(("P(server_outgoing_tcp_mss:%s)\n", $2));
711                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
712                         yyerror("number expected");
713                 else cfg_parser->cfg->outgoing_tcp_mss = atoi($2);
714                 free($2);
715         }
716         ;
717 server_tcp_idle_timeout: VAR_TCP_IDLE_TIMEOUT STRING_ARG
718         {
719                 OUTYY(("P(server_tcp_idle_timeout:%s)\n", $2));
720                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
721                         yyerror("number expected");
722                 else if (atoi($2) > 120000)
723                         cfg_parser->cfg->tcp_idle_timeout = 120000;
724                 else if (atoi($2) < 1)
725                         cfg_parser->cfg->tcp_idle_timeout = 1;
726                 else cfg_parser->cfg->tcp_idle_timeout = atoi($2);
727                 free($2);
728         }
729         ;
730 server_tcp_keepalive: VAR_EDNS_TCP_KEEPALIVE STRING_ARG
731         {
732                 OUTYY(("P(server_tcp_keepalive:%s)\n", $2));
733                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
734                         yyerror("expected yes or no.");
735                 else cfg_parser->cfg->do_tcp_keepalive = (strcmp($2, "yes")==0);
736                 free($2);
737         }
738         ;
739 server_tcp_keepalive_timeout: VAR_EDNS_TCP_KEEPALIVE_TIMEOUT STRING_ARG
740         {
741                 OUTYY(("P(server_tcp_keepalive_timeout:%s)\n", $2));
742                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
743                         yyerror("number expected");
744                 else if (atoi($2) > 6553500)
745                         cfg_parser->cfg->tcp_keepalive_timeout = 6553500;
746                 else if (atoi($2) < 1)
747                         cfg_parser->cfg->tcp_keepalive_timeout = 0;
748                 else cfg_parser->cfg->tcp_keepalive_timeout = atoi($2);
749                 free($2);
750         }
751         ;
752 server_tcp_upstream: VAR_TCP_UPSTREAM STRING_ARG
753         {
754                 OUTYY(("P(server_tcp_upstream:%s)\n", $2));
755                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
756                         yyerror("expected yes or no.");
757                 else cfg_parser->cfg->tcp_upstream = (strcmp($2, "yes")==0);
758                 free($2);
759         }
760         ;
761 server_udp_upstream_without_downstream: VAR_UDP_UPSTREAM_WITHOUT_DOWNSTREAM STRING_ARG
762         {
763                 OUTYY(("P(server_udp_upstream_without_downstream:%s)\n", $2));
764                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
765                         yyerror("expected yes or no.");
766                 else cfg_parser->cfg->udp_upstream_without_downstream = (strcmp($2, "yes")==0);
767                 free($2);
768         }
769         ;
770 server_ssl_upstream: VAR_SSL_UPSTREAM STRING_ARG
771         {
772                 OUTYY(("P(server_ssl_upstream:%s)\n", $2));
773                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
774                         yyerror("expected yes or no.");
775                 else cfg_parser->cfg->ssl_upstream = (strcmp($2, "yes")==0);
776                 free($2);
777         }
778         ;
779 server_ssl_service_key: VAR_SSL_SERVICE_KEY STRING_ARG
780         {
781                 OUTYY(("P(server_ssl_service_key:%s)\n", $2));
782                 free(cfg_parser->cfg->ssl_service_key);
783                 cfg_parser->cfg->ssl_service_key = $2;
784         }
785         ;
786 server_ssl_service_pem: VAR_SSL_SERVICE_PEM STRING_ARG
787         {
788                 OUTYY(("P(server_ssl_service_pem:%s)\n", $2));
789                 free(cfg_parser->cfg->ssl_service_pem);
790                 cfg_parser->cfg->ssl_service_pem = $2;
791         }
792         ;
793 server_ssl_port: VAR_SSL_PORT STRING_ARG
794         {
795                 OUTYY(("P(server_ssl_port:%s)\n", $2));
796                 if(atoi($2) == 0)
797                         yyerror("port number expected");
798                 else cfg_parser->cfg->ssl_port = atoi($2);
799                 free($2);
800         }
801         ;
802 server_tls_cert_bundle: VAR_TLS_CERT_BUNDLE STRING_ARG
803         {
804                 OUTYY(("P(server_tls_cert_bundle:%s)\n", $2));
805                 free(cfg_parser->cfg->tls_cert_bundle);
806                 cfg_parser->cfg->tls_cert_bundle = $2;
807         }
808         ;
809 server_tls_win_cert: VAR_TLS_WIN_CERT STRING_ARG
810         {
811                 OUTYY(("P(server_tls_win_cert:%s)\n", $2));
812                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
813                         yyerror("expected yes or no.");
814                 else cfg_parser->cfg->tls_win_cert = (strcmp($2, "yes")==0);
815                 free($2);
816         }
817         ;
818 server_tls_additional_port: VAR_TLS_ADDITIONAL_PORT STRING_ARG
819         {
820                 OUTYY(("P(server_tls_additional_port:%s)\n", $2));
821                 if(!cfg_strlist_insert(&cfg_parser->cfg->tls_additional_port,
822                         $2))
823                         yyerror("out of memory");
824         }
825         ;
826 server_tls_ciphers: VAR_TLS_CIPHERS STRING_ARG
827         {
828                 OUTYY(("P(server_tls_ciphers:%s)\n", $2));
829                 free(cfg_parser->cfg->tls_ciphers);
830                 cfg_parser->cfg->tls_ciphers = $2;
831         }
832         ;
833 server_tls_ciphersuites: VAR_TLS_CIPHERSUITES STRING_ARG
834         {
835                 OUTYY(("P(server_tls_ciphersuites:%s)\n", $2));
836                 free(cfg_parser->cfg->tls_ciphersuites);
837                 cfg_parser->cfg->tls_ciphersuites = $2;
838         }
839         ;
840 server_tls_session_ticket_keys: VAR_TLS_SESSION_TICKET_KEYS STRING_ARG
841         {
842                 OUTYY(("P(server_tls_session_ticket_keys:%s)\n", $2));
843                 if(!cfg_strlist_append(&cfg_parser->cfg->tls_session_ticket_keys,
844                         $2))
845                         yyerror("out of memory");
846         }
847         ;
848 server_use_systemd: VAR_USE_SYSTEMD STRING_ARG
849         {
850                 OUTYY(("P(server_use_systemd:%s)\n", $2));
851                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
852                         yyerror("expected yes or no.");
853                 else cfg_parser->cfg->use_systemd = (strcmp($2, "yes")==0);
854                 free($2);
855         }
856         ;
857 server_do_daemonize: VAR_DO_DAEMONIZE STRING_ARG
858         {
859                 OUTYY(("P(server_do_daemonize:%s)\n", $2));
860                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
861                         yyerror("expected yes or no.");
862                 else cfg_parser->cfg->do_daemonize = (strcmp($2, "yes")==0);
863                 free($2);
864         }
865         ;
866 server_use_syslog: VAR_USE_SYSLOG STRING_ARG
867         {
868                 OUTYY(("P(server_use_syslog:%s)\n", $2));
869                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
870                         yyerror("expected yes or no.");
871                 else cfg_parser->cfg->use_syslog = (strcmp($2, "yes")==0);
872 #if !defined(HAVE_SYSLOG_H) && !defined(UB_ON_WINDOWS)
873                 if(strcmp($2, "yes") == 0)
874                         yyerror("no syslog services are available. "
875                                 "(reconfigure and compile to add)");
876 #endif
877                 free($2);
878         }
879         ;
880 server_log_time_ascii: VAR_LOG_TIME_ASCII STRING_ARG
881         {
882                 OUTYY(("P(server_log_time_ascii:%s)\n", $2));
883                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
884                         yyerror("expected yes or no.");
885                 else cfg_parser->cfg->log_time_ascii = (strcmp($2, "yes")==0);
886                 free($2);
887         }
888         ;
889 server_log_queries: VAR_LOG_QUERIES STRING_ARG
890         {
891                 OUTYY(("P(server_log_queries:%s)\n", $2));
892                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
893                         yyerror("expected yes or no.");
894                 else cfg_parser->cfg->log_queries = (strcmp($2, "yes")==0);
895                 free($2);
896         }
897         ;
898 server_log_replies: VAR_LOG_REPLIES STRING_ARG
899   {
900         OUTYY(("P(server_log_replies:%s)\n", $2));
901         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
902                 yyerror("expected yes or no.");
903         else cfg_parser->cfg->log_replies = (strcmp($2, "yes")==0);
904         free($2);
905   }
906   ;
907 server_log_tag_queryreply: VAR_LOG_TAG_QUERYREPLY STRING_ARG
908   {
909         OUTYY(("P(server_log_tag_queryreply:%s)\n", $2));
910         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
911                 yyerror("expected yes or no.");
912         else cfg_parser->cfg->log_tag_queryreply = (strcmp($2, "yes")==0);
913         free($2);
914   }
915   ;
916 server_log_servfail: VAR_LOG_SERVFAIL STRING_ARG
917         {
918                 OUTYY(("P(server_log_servfail:%s)\n", $2));
919                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
920                         yyerror("expected yes or no.");
921                 else cfg_parser->cfg->log_servfail = (strcmp($2, "yes")==0);
922                 free($2);
923         }
924         ;
925 server_log_local_actions: VAR_LOG_LOCAL_ACTIONS STRING_ARG
926   {
927         OUTYY(("P(server_log_local_actions:%s)\n", $2));
928         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
929                 yyerror("expected yes or no.");
930         else cfg_parser->cfg->log_local_actions = (strcmp($2, "yes")==0);
931         free($2);
932   }
933   ;
934 server_chroot: VAR_CHROOT STRING_ARG
935         {
936                 OUTYY(("P(server_chroot:%s)\n", $2));
937                 free(cfg_parser->cfg->chrootdir);
938                 cfg_parser->cfg->chrootdir = $2;
939         }
940         ;
941 server_username: VAR_USERNAME STRING_ARG
942         {
943                 OUTYY(("P(server_username:%s)\n", $2));
944                 free(cfg_parser->cfg->username);
945                 cfg_parser->cfg->username = $2;
946         }
947         ;
948 server_directory: VAR_DIRECTORY STRING_ARG
949         {
950                 OUTYY(("P(server_directory:%s)\n", $2));
951                 free(cfg_parser->cfg->directory);
952                 cfg_parser->cfg->directory = $2;
953                 /* change there right away for includes relative to this */
954                 if($2[0]) {
955                         char* d;
956 #ifdef UB_ON_WINDOWS
957                         w_config_adjust_directory(cfg_parser->cfg);
958 #endif
959                         d = cfg_parser->cfg->directory;
960                         /* adjust directory if we have already chroot,
961                          * like, we reread after sighup */
962                         if(cfg_parser->chroot && cfg_parser->chroot[0] &&
963                                 strncmp(d, cfg_parser->chroot, strlen(
964                                 cfg_parser->chroot)) == 0)
965                                 d += strlen(cfg_parser->chroot);
966                         if(d[0]) {
967                             if(chdir(d))
968                                 log_err("cannot chdir to directory: %s (%s)",
969                                         d, strerror(errno));
970                         }
971                 }
972         }
973         ;
974 server_logfile: VAR_LOGFILE STRING_ARG
975         {
976                 OUTYY(("P(server_logfile:%s)\n", $2));
977                 free(cfg_parser->cfg->logfile);
978                 cfg_parser->cfg->logfile = $2;
979                 cfg_parser->cfg->use_syslog = 0;
980         }
981         ;
982 server_pidfile: VAR_PIDFILE STRING_ARG
983         {
984                 OUTYY(("P(server_pidfile:%s)\n", $2));
985                 free(cfg_parser->cfg->pidfile);
986                 cfg_parser->cfg->pidfile = $2;
987         }
988         ;
989 server_root_hints: VAR_ROOT_HINTS STRING_ARG
990         {
991                 OUTYY(("P(server_root_hints:%s)\n", $2));
992                 if(!cfg_strlist_insert(&cfg_parser->cfg->root_hints, $2))
993                         yyerror("out of memory");
994         }
995         ;
996 server_dlv_anchor_file: VAR_DLV_ANCHOR_FILE STRING_ARG
997         {
998                 OUTYY(("P(server_dlv_anchor_file:%s)\n", $2));
999                 free(cfg_parser->cfg->dlv_anchor_file);
1000                 cfg_parser->cfg->dlv_anchor_file = $2;
1001         }
1002         ;
1003 server_dlv_anchor: VAR_DLV_ANCHOR STRING_ARG
1004         {
1005                 OUTYY(("P(server_dlv_anchor:%s)\n", $2));
1006                 if(!cfg_strlist_insert(&cfg_parser->cfg->dlv_anchor_list, $2))
1007                         yyerror("out of memory");
1008         }
1009         ;
1010 server_auto_trust_anchor_file: VAR_AUTO_TRUST_ANCHOR_FILE STRING_ARG
1011         {
1012                 OUTYY(("P(server_auto_trust_anchor_file:%s)\n", $2));
1013                 if(!cfg_strlist_insert(&cfg_parser->cfg->
1014                         auto_trust_anchor_file_list, $2))
1015                         yyerror("out of memory");
1016         }
1017         ;
1018 server_trust_anchor_file: VAR_TRUST_ANCHOR_FILE STRING_ARG
1019         {
1020                 OUTYY(("P(server_trust_anchor_file:%s)\n", $2));
1021                 if(!cfg_strlist_insert(&cfg_parser->cfg->
1022                         trust_anchor_file_list, $2))
1023                         yyerror("out of memory");
1024         }
1025         ;
1026 server_trusted_keys_file: VAR_TRUSTED_KEYS_FILE STRING_ARG
1027         {
1028                 OUTYY(("P(server_trusted_keys_file:%s)\n", $2));
1029                 if(!cfg_strlist_insert(&cfg_parser->cfg->
1030                         trusted_keys_file_list, $2))
1031                         yyerror("out of memory");
1032         }
1033         ;
1034 server_trust_anchor: VAR_TRUST_ANCHOR STRING_ARG
1035         {
1036                 OUTYY(("P(server_trust_anchor:%s)\n", $2));
1037                 if(!cfg_strlist_insert(&cfg_parser->cfg->trust_anchor_list, $2))
1038                         yyerror("out of memory");
1039         }
1040         ;
1041 server_trust_anchor_signaling: VAR_TRUST_ANCHOR_SIGNALING STRING_ARG
1042         {
1043                 OUTYY(("P(server_trust_anchor_signaling:%s)\n", $2));
1044                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1045                         yyerror("expected yes or no.");
1046                 else
1047                         cfg_parser->cfg->trust_anchor_signaling =
1048                                 (strcmp($2, "yes")==0);
1049                 free($2);
1050         }
1051         ;
1052 server_root_key_sentinel: VAR_ROOT_KEY_SENTINEL STRING_ARG
1053         {
1054                 OUTYY(("P(server_root_key_sentinel:%s)\n", $2));
1055                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1056                         yyerror("expected yes or no.");
1057                 else
1058                         cfg_parser->cfg->root_key_sentinel =
1059                                 (strcmp($2, "yes")==0);
1060                 free($2);
1061         }
1062         ;
1063 server_domain_insecure: VAR_DOMAIN_INSECURE STRING_ARG
1064         {
1065                 OUTYY(("P(server_domain_insecure:%s)\n", $2));
1066                 if(!cfg_strlist_insert(&cfg_parser->cfg->domain_insecure, $2))
1067                         yyerror("out of memory");
1068         }
1069         ;
1070 server_hide_identity: VAR_HIDE_IDENTITY STRING_ARG
1071         {
1072                 OUTYY(("P(server_hide_identity:%s)\n", $2));
1073                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1074                         yyerror("expected yes or no.");
1075                 else cfg_parser->cfg->hide_identity = (strcmp($2, "yes")==0);
1076                 free($2);
1077         }
1078         ;
1079 server_hide_version: VAR_HIDE_VERSION STRING_ARG
1080         {
1081                 OUTYY(("P(server_hide_version:%s)\n", $2));
1082                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1083                         yyerror("expected yes or no.");
1084                 else cfg_parser->cfg->hide_version = (strcmp($2, "yes")==0);
1085                 free($2);
1086         }
1087         ;
1088 server_hide_trustanchor: VAR_HIDE_TRUSTANCHOR STRING_ARG
1089         {
1090                 OUTYY(("P(server_hide_trustanchor:%s)\n", $2));
1091                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1092                         yyerror("expected yes or no.");
1093                 else cfg_parser->cfg->hide_trustanchor = (strcmp($2, "yes")==0);
1094                 free($2);
1095         }
1096         ;
1097 server_identity: VAR_IDENTITY STRING_ARG
1098         {
1099                 OUTYY(("P(server_identity:%s)\n", $2));
1100                 free(cfg_parser->cfg->identity);
1101                 cfg_parser->cfg->identity = $2;
1102         }
1103         ;
1104 server_version: VAR_VERSION STRING_ARG
1105         {
1106                 OUTYY(("P(server_version:%s)\n", $2));
1107                 free(cfg_parser->cfg->version);
1108                 cfg_parser->cfg->version = $2;
1109         }
1110         ;
1111 server_so_rcvbuf: VAR_SO_RCVBUF STRING_ARG
1112         {
1113                 OUTYY(("P(server_so_rcvbuf:%s)\n", $2));
1114                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_rcvbuf))
1115                         yyerror("buffer size expected");
1116                 free($2);
1117         }
1118         ;
1119 server_so_sndbuf: VAR_SO_SNDBUF STRING_ARG
1120         {
1121                 OUTYY(("P(server_so_sndbuf:%s)\n", $2));
1122                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->so_sndbuf))
1123                         yyerror("buffer size expected");
1124                 free($2);
1125         }
1126         ;
1127 server_so_reuseport: VAR_SO_REUSEPORT STRING_ARG
1128     {
1129         OUTYY(("P(server_so_reuseport:%s)\n", $2));
1130         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1131             yyerror("expected yes or no.");
1132         else cfg_parser->cfg->so_reuseport =
1133             (strcmp($2, "yes")==0);
1134         free($2);
1135     }
1136     ;
1137 server_ip_transparent: VAR_IP_TRANSPARENT STRING_ARG
1138     {
1139         OUTYY(("P(server_ip_transparent:%s)\n", $2));
1140         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1141             yyerror("expected yes or no.");
1142         else cfg_parser->cfg->ip_transparent =
1143             (strcmp($2, "yes")==0);
1144         free($2);
1145     }
1146     ;
1147 server_ip_freebind: VAR_IP_FREEBIND STRING_ARG
1148     {
1149         OUTYY(("P(server_ip_freebind:%s)\n", $2));
1150         if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1151             yyerror("expected yes or no.");
1152         else cfg_parser->cfg->ip_freebind =
1153             (strcmp($2, "yes")==0);
1154         free($2);
1155     }
1156     ;
1157 server_stream_wait_size: VAR_STREAM_WAIT_SIZE STRING_ARG
1158         {
1159                 OUTYY(("P(server_stream_wait_size:%s)\n", $2));
1160                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->stream_wait_size))
1161                         yyerror("memory size expected");
1162                 free($2);
1163         }
1164         ;
1165 server_edns_buffer_size: VAR_EDNS_BUFFER_SIZE STRING_ARG
1166         {
1167                 OUTYY(("P(server_edns_buffer_size:%s)\n", $2));
1168                 if(atoi($2) == 0)
1169                         yyerror("number expected");
1170                 else if (atoi($2) < 12)
1171                         yyerror("edns buffer size too small");
1172                 else if (atoi($2) > 65535)
1173                         cfg_parser->cfg->edns_buffer_size = 65535;
1174                 else cfg_parser->cfg->edns_buffer_size = atoi($2);
1175                 free($2);
1176         }
1177         ;
1178 server_msg_buffer_size: VAR_MSG_BUFFER_SIZE STRING_ARG
1179         {
1180                 OUTYY(("P(server_msg_buffer_size:%s)\n", $2));
1181                 if(atoi($2) == 0)
1182                         yyerror("number expected");
1183                 else if (atoi($2) < 4096)
1184                         yyerror("message buffer size too small (use 4096)");
1185                 else cfg_parser->cfg->msg_buffer_size = atoi($2);
1186                 free($2);
1187         }
1188         ;
1189 server_msg_cache_size: VAR_MSG_CACHE_SIZE STRING_ARG
1190         {
1191                 OUTYY(("P(server_msg_cache_size:%s)\n", $2));
1192                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->msg_cache_size))
1193                         yyerror("memory size expected");
1194                 free($2);
1195         }
1196         ;
1197 server_msg_cache_slabs: VAR_MSG_CACHE_SLABS STRING_ARG
1198         {
1199                 OUTYY(("P(server_msg_cache_slabs:%s)\n", $2));
1200                 if(atoi($2) == 0)
1201                         yyerror("number expected");
1202                 else {
1203                         cfg_parser->cfg->msg_cache_slabs = atoi($2);
1204                         if(!is_pow2(cfg_parser->cfg->msg_cache_slabs))
1205                                 yyerror("must be a power of 2");
1206                 }
1207                 free($2);
1208         }
1209         ;
1210 server_num_queries_per_thread: VAR_NUM_QUERIES_PER_THREAD STRING_ARG
1211         {
1212                 OUTYY(("P(server_num_queries_per_thread:%s)\n", $2));
1213                 if(atoi($2) == 0)
1214                         yyerror("number expected");
1215                 else cfg_parser->cfg->num_queries_per_thread = atoi($2);
1216                 free($2);
1217         }
1218         ;
1219 server_jostle_timeout: VAR_JOSTLE_TIMEOUT STRING_ARG
1220         {
1221                 OUTYY(("P(server_jostle_timeout:%s)\n", $2));
1222                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1223                         yyerror("number expected");
1224                 else cfg_parser->cfg->jostle_time = atoi($2);
1225                 free($2);
1226         }
1227         ;
1228 server_delay_close: VAR_DELAY_CLOSE STRING_ARG
1229         {
1230                 OUTYY(("P(server_delay_close:%s)\n", $2));
1231                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1232                         yyerror("number expected");
1233                 else cfg_parser->cfg->delay_close = atoi($2);
1234                 free($2);
1235         }
1236         ;
1237 server_unblock_lan_zones: VAR_UNBLOCK_LAN_ZONES STRING_ARG
1238         {
1239                 OUTYY(("P(server_unblock_lan_zones:%s)\n", $2));
1240                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1241                         yyerror("expected yes or no.");
1242                 else cfg_parser->cfg->unblock_lan_zones = 
1243                         (strcmp($2, "yes")==0);
1244                 free($2);
1245         }
1246         ;
1247 server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG
1248         {
1249                 OUTYY(("P(server_insecure_lan_zones:%s)\n", $2));
1250                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1251                         yyerror("expected yes or no.");
1252                 else cfg_parser->cfg->insecure_lan_zones = 
1253                         (strcmp($2, "yes")==0);
1254                 free($2);
1255         }
1256         ;
1257 server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG
1258         {
1259                 OUTYY(("P(server_rrset_cache_size:%s)\n", $2));
1260                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->rrset_cache_size))
1261                         yyerror("memory size expected");
1262                 free($2);
1263         }
1264         ;
1265 server_rrset_cache_slabs: VAR_RRSET_CACHE_SLABS STRING_ARG
1266         {
1267                 OUTYY(("P(server_rrset_cache_slabs:%s)\n", $2));
1268                 if(atoi($2) == 0)
1269                         yyerror("number expected");
1270                 else {
1271                         cfg_parser->cfg->rrset_cache_slabs = atoi($2);
1272                         if(!is_pow2(cfg_parser->cfg->rrset_cache_slabs))
1273                                 yyerror("must be a power of 2");
1274                 }
1275                 free($2);
1276         }
1277         ;
1278 server_infra_host_ttl: VAR_INFRA_HOST_TTL STRING_ARG
1279         {
1280                 OUTYY(("P(server_infra_host_ttl:%s)\n", $2));
1281                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1282                         yyerror("number expected");
1283                 else cfg_parser->cfg->host_ttl = atoi($2);
1284                 free($2);
1285         }
1286         ;
1287 server_infra_lame_ttl: VAR_INFRA_LAME_TTL STRING_ARG
1288         {
1289                 OUTYY(("P(server_infra_lame_ttl:%s)\n", $2));
1290                 verbose(VERB_DETAIL, "ignored infra-lame-ttl: %s (option "
1291                         "removed, use infra-host-ttl)", $2);
1292                 free($2);
1293         }
1294         ;
1295 server_infra_cache_numhosts: VAR_INFRA_CACHE_NUMHOSTS STRING_ARG
1296         {
1297                 OUTYY(("P(server_infra_cache_numhosts:%s)\n", $2));
1298                 if(atoi($2) == 0)
1299                         yyerror("number expected");
1300                 else cfg_parser->cfg->infra_cache_numhosts = atoi($2);
1301                 free($2);
1302         }
1303         ;
1304 server_infra_cache_lame_size: VAR_INFRA_CACHE_LAME_SIZE STRING_ARG
1305         {
1306                 OUTYY(("P(server_infra_cache_lame_size:%s)\n", $2));
1307                 verbose(VERB_DETAIL, "ignored infra-cache-lame-size: %s "
1308                         "(option removed, use infra-cache-numhosts)", $2);
1309                 free($2);
1310         }
1311         ;
1312 server_infra_cache_slabs: VAR_INFRA_CACHE_SLABS STRING_ARG
1313         {
1314                 OUTYY(("P(server_infra_cache_slabs:%s)\n", $2));
1315                 if(atoi($2) == 0)
1316                         yyerror("number expected");
1317                 else {
1318                         cfg_parser->cfg->infra_cache_slabs = atoi($2);
1319                         if(!is_pow2(cfg_parser->cfg->infra_cache_slabs))
1320                                 yyerror("must be a power of 2");
1321                 }
1322                 free($2);
1323         }
1324         ;
1325 server_infra_cache_min_rtt: VAR_INFRA_CACHE_MIN_RTT STRING_ARG
1326         {
1327                 OUTYY(("P(server_infra_cache_min_rtt:%s)\n", $2));
1328                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1329                         yyerror("number expected");
1330                 else cfg_parser->cfg->infra_cache_min_rtt = atoi($2);
1331                 free($2);
1332         }
1333         ;
1334 server_target_fetch_policy: VAR_TARGET_FETCH_POLICY STRING_ARG
1335         {
1336                 OUTYY(("P(server_target_fetch_policy:%s)\n", $2));
1337                 free(cfg_parser->cfg->target_fetch_policy);
1338                 cfg_parser->cfg->target_fetch_policy = $2;
1339         }
1340         ;
1341 server_harden_short_bufsize: VAR_HARDEN_SHORT_BUFSIZE STRING_ARG
1342         {
1343                 OUTYY(("P(server_harden_short_bufsize:%s)\n", $2));
1344                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1345                         yyerror("expected yes or no.");
1346                 else cfg_parser->cfg->harden_short_bufsize = 
1347                         (strcmp($2, "yes")==0);
1348                 free($2);
1349         }
1350         ;
1351 server_harden_large_queries: VAR_HARDEN_LARGE_QUERIES STRING_ARG
1352         {
1353                 OUTYY(("P(server_harden_large_queries:%s)\n", $2));
1354                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1355                         yyerror("expected yes or no.");
1356                 else cfg_parser->cfg->harden_large_queries = 
1357                         (strcmp($2, "yes")==0);
1358                 free($2);
1359         }
1360         ;
1361 server_harden_glue: VAR_HARDEN_GLUE STRING_ARG
1362         {
1363                 OUTYY(("P(server_harden_glue:%s)\n", $2));
1364                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1365                         yyerror("expected yes or no.");
1366                 else cfg_parser->cfg->harden_glue = 
1367                         (strcmp($2, "yes")==0);
1368                 free($2);
1369         }
1370         ;
1371 server_harden_dnssec_stripped: VAR_HARDEN_DNSSEC_STRIPPED STRING_ARG
1372         {
1373                 OUTYY(("P(server_harden_dnssec_stripped:%s)\n", $2));
1374                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1375                         yyerror("expected yes or no.");
1376                 else cfg_parser->cfg->harden_dnssec_stripped = 
1377                         (strcmp($2, "yes")==0);
1378                 free($2);
1379         }
1380         ;
1381 server_harden_below_nxdomain: VAR_HARDEN_BELOW_NXDOMAIN STRING_ARG
1382         {
1383                 OUTYY(("P(server_harden_below_nxdomain:%s)\n", $2));
1384                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1385                         yyerror("expected yes or no.");
1386                 else cfg_parser->cfg->harden_below_nxdomain = 
1387                         (strcmp($2, "yes")==0);
1388                 free($2);
1389         }
1390         ;
1391 server_harden_referral_path: VAR_HARDEN_REFERRAL_PATH STRING_ARG
1392         {
1393                 OUTYY(("P(server_harden_referral_path:%s)\n", $2));
1394                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1395                         yyerror("expected yes or no.");
1396                 else cfg_parser->cfg->harden_referral_path = 
1397                         (strcmp($2, "yes")==0);
1398                 free($2);
1399         }
1400         ;
1401 server_harden_algo_downgrade: VAR_HARDEN_ALGO_DOWNGRADE STRING_ARG
1402         {
1403                 OUTYY(("P(server_harden_algo_downgrade:%s)\n", $2));
1404                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1405                         yyerror("expected yes or no.");
1406                 else cfg_parser->cfg->harden_algo_downgrade = 
1407                         (strcmp($2, "yes")==0);
1408                 free($2);
1409         }
1410         ;
1411 server_use_caps_for_id: VAR_USE_CAPS_FOR_ID STRING_ARG
1412         {
1413                 OUTYY(("P(server_use_caps_for_id:%s)\n", $2));
1414                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1415                         yyerror("expected yes or no.");
1416                 else cfg_parser->cfg->use_caps_bits_for_id = 
1417                         (strcmp($2, "yes")==0);
1418                 free($2);
1419         }
1420         ;
1421 server_caps_whitelist: VAR_CAPS_WHITELIST STRING_ARG
1422         {
1423                 OUTYY(("P(server_caps_whitelist:%s)\n", $2));
1424                 if(!cfg_strlist_insert(&cfg_parser->cfg->caps_whitelist, $2))
1425                         yyerror("out of memory");
1426         }
1427         ;
1428 server_private_address: VAR_PRIVATE_ADDRESS STRING_ARG
1429         {
1430                 OUTYY(("P(server_private_address:%s)\n", $2));
1431                 if(!cfg_strlist_insert(&cfg_parser->cfg->private_address, $2))
1432                         yyerror("out of memory");
1433         }
1434         ;
1435 server_private_domain: VAR_PRIVATE_DOMAIN STRING_ARG
1436         {
1437                 OUTYY(("P(server_private_domain:%s)\n", $2));
1438                 if(!cfg_strlist_insert(&cfg_parser->cfg->private_domain, $2))
1439                         yyerror("out of memory");
1440         }
1441         ;
1442 server_prefetch: VAR_PREFETCH STRING_ARG
1443         {
1444                 OUTYY(("P(server_prefetch:%s)\n", $2));
1445                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1446                         yyerror("expected yes or no.");
1447                 else cfg_parser->cfg->prefetch = (strcmp($2, "yes")==0);
1448                 free($2);
1449         }
1450         ;
1451 server_prefetch_key: VAR_PREFETCH_KEY STRING_ARG
1452         {
1453                 OUTYY(("P(server_prefetch_key:%s)\n", $2));
1454                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1455                         yyerror("expected yes or no.");
1456                 else cfg_parser->cfg->prefetch_key = (strcmp($2, "yes")==0);
1457                 free($2);
1458         }
1459         ;
1460 server_deny_any: VAR_DENY_ANY STRING_ARG
1461         {
1462                 OUTYY(("P(server_deny_any:%s)\n", $2));
1463                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1464                         yyerror("expected yes or no.");
1465                 else cfg_parser->cfg->deny_any = (strcmp($2, "yes")==0);
1466                 free($2);
1467         }
1468         ;
1469 server_unwanted_reply_threshold: VAR_UNWANTED_REPLY_THRESHOLD STRING_ARG
1470         {
1471                 OUTYY(("P(server_unwanted_reply_threshold:%s)\n", $2));
1472                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1473                         yyerror("number expected");
1474                 else cfg_parser->cfg->unwanted_threshold = atoi($2);
1475                 free($2);
1476         }
1477         ;
1478 server_do_not_query_address: VAR_DO_NOT_QUERY_ADDRESS STRING_ARG
1479         {
1480                 OUTYY(("P(server_do_not_query_address:%s)\n", $2));
1481                 if(!cfg_strlist_insert(&cfg_parser->cfg->donotqueryaddrs, $2))
1482                         yyerror("out of memory");
1483         }
1484         ;
1485 server_do_not_query_localhost: VAR_DO_NOT_QUERY_LOCALHOST STRING_ARG
1486         {
1487                 OUTYY(("P(server_do_not_query_localhost:%s)\n", $2));
1488                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1489                         yyerror("expected yes or no.");
1490                 else cfg_parser->cfg->donotquery_localhost = 
1491                         (strcmp($2, "yes")==0);
1492                 free($2);
1493         }
1494         ;
1495 server_access_control: VAR_ACCESS_CONTROL STRING_ARG STRING_ARG
1496         {
1497                 OUTYY(("P(server_access_control:%s %s)\n", $2, $3));
1498                 if(strcmp($3, "deny")!=0 && strcmp($3, "refuse")!=0 &&
1499                         strcmp($3, "deny_non_local")!=0 &&
1500                         strcmp($3, "refuse_non_local")!=0 &&
1501                         strcmp($3, "allow_setrd")!=0 && 
1502                         strcmp($3, "allow")!=0 && 
1503                         strcmp($3, "allow_snoop")!=0) {
1504                         yyerror("expected deny, refuse, deny_non_local, "
1505                                 "refuse_non_local, allow, allow_setrd or "
1506                                 "allow_snoop in access control action");
1507                         free($2);
1508                         free($3);
1509                 } else {
1510                         if(!cfg_str2list_insert(&cfg_parser->cfg->acls, $2, $3))
1511                                 fatal_exit("out of memory adding acl");
1512                 }
1513         }
1514         ;
1515 server_module_conf: VAR_MODULE_CONF STRING_ARG
1516         {
1517                 OUTYY(("P(server_module_conf:%s)\n", $2));
1518                 free(cfg_parser->cfg->module_conf);
1519                 cfg_parser->cfg->module_conf = $2;
1520         }
1521         ;
1522 server_val_override_date: VAR_VAL_OVERRIDE_DATE STRING_ARG
1523         {
1524                 OUTYY(("P(server_val_override_date:%s)\n", $2));
1525                 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1526                         cfg_parser->cfg->val_date_override = 0;
1527                 } else if(strlen($2) == 14) {
1528                         cfg_parser->cfg->val_date_override = 
1529                                 cfg_convert_timeval($2);
1530                         if(!cfg_parser->cfg->val_date_override)
1531                                 yyerror("bad date/time specification");
1532                 } else {
1533                         if(atoi($2) == 0)
1534                                 yyerror("number expected");
1535                         cfg_parser->cfg->val_date_override = atoi($2);
1536                 }
1537                 free($2);
1538         }
1539         ;
1540 server_val_sig_skew_min: VAR_VAL_SIG_SKEW_MIN STRING_ARG
1541         {
1542                 OUTYY(("P(server_val_sig_skew_min:%s)\n", $2));
1543                 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1544                         cfg_parser->cfg->val_sig_skew_min = 0;
1545                 } else {
1546                         cfg_parser->cfg->val_sig_skew_min = atoi($2);
1547                         if(!cfg_parser->cfg->val_sig_skew_min)
1548                                 yyerror("number expected");
1549                 }
1550                 free($2);
1551         }
1552         ;
1553 server_val_sig_skew_max: VAR_VAL_SIG_SKEW_MAX STRING_ARG
1554         {
1555                 OUTYY(("P(server_val_sig_skew_max:%s)\n", $2));
1556                 if(*$2 == '\0' || strcmp($2, "0") == 0) {
1557                         cfg_parser->cfg->val_sig_skew_max = 0;
1558                 } else {
1559                         cfg_parser->cfg->val_sig_skew_max = atoi($2);
1560                         if(!cfg_parser->cfg->val_sig_skew_max)
1561                                 yyerror("number expected");
1562                 }
1563                 free($2);
1564         }
1565         ;
1566 server_cache_max_ttl: VAR_CACHE_MAX_TTL STRING_ARG
1567         {
1568                 OUTYY(("P(server_cache_max_ttl:%s)\n", $2));
1569                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1570                         yyerror("number expected");
1571                 else cfg_parser->cfg->max_ttl = atoi($2);
1572                 free($2);
1573         }
1574         ;
1575 server_cache_max_negative_ttl: VAR_CACHE_MAX_NEGATIVE_TTL STRING_ARG
1576         {
1577                 OUTYY(("P(server_cache_max_negative_ttl:%s)\n", $2));
1578                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1579                         yyerror("number expected");
1580                 else cfg_parser->cfg->max_negative_ttl = atoi($2);
1581                 free($2);
1582         }
1583         ;
1584 server_cache_min_ttl: VAR_CACHE_MIN_TTL STRING_ARG
1585         {
1586                 OUTYY(("P(server_cache_min_ttl:%s)\n", $2));
1587                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1588                         yyerror("number expected");
1589                 else cfg_parser->cfg->min_ttl = atoi($2);
1590                 free($2);
1591         }
1592         ;
1593 server_bogus_ttl: VAR_BOGUS_TTL STRING_ARG
1594         {
1595                 OUTYY(("P(server_bogus_ttl:%s)\n", $2));
1596                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1597                         yyerror("number expected");
1598                 else cfg_parser->cfg->bogus_ttl = atoi($2);
1599                 free($2);
1600         }
1601         ;
1602 server_val_clean_additional: VAR_VAL_CLEAN_ADDITIONAL STRING_ARG
1603         {
1604                 OUTYY(("P(server_val_clean_additional:%s)\n", $2));
1605                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1606                         yyerror("expected yes or no.");
1607                 else cfg_parser->cfg->val_clean_additional = 
1608                         (strcmp($2, "yes")==0);
1609                 free($2);
1610         }
1611         ;
1612 server_val_permissive_mode: VAR_VAL_PERMISSIVE_MODE STRING_ARG
1613         {
1614                 OUTYY(("P(server_val_permissive_mode:%s)\n", $2));
1615                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1616                         yyerror("expected yes or no.");
1617                 else cfg_parser->cfg->val_permissive_mode = 
1618                         (strcmp($2, "yes")==0);
1619                 free($2);
1620         }
1621         ;
1622 server_aggressive_nsec: VAR_AGGRESSIVE_NSEC STRING_ARG
1623         {
1624                 OUTYY(("P(server_aggressive_nsec:%s)\n", $2));
1625                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1626                         yyerror("expected yes or no.");
1627                 else
1628                         cfg_parser->cfg->aggressive_nsec =
1629                                 (strcmp($2, "yes")==0);
1630                 free($2);
1631         }
1632         ;
1633 server_ignore_cd_flag: VAR_IGNORE_CD_FLAG STRING_ARG
1634         {
1635                 OUTYY(("P(server_ignore_cd_flag:%s)\n", $2));
1636                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1637                         yyerror("expected yes or no.");
1638                 else cfg_parser->cfg->ignore_cd = (strcmp($2, "yes")==0);
1639                 free($2);
1640         }
1641         ;
1642 server_serve_expired: VAR_SERVE_EXPIRED STRING_ARG
1643         {
1644                 OUTYY(("P(server_serve_expired:%s)\n", $2));
1645                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1646                         yyerror("expected yes or no.");
1647                 else cfg_parser->cfg->serve_expired = (strcmp($2, "yes")==0);
1648                 free($2);
1649         }
1650         ;
1651 server_serve_expired_ttl: VAR_SERVE_EXPIRED_TTL STRING_ARG
1652         {
1653                 OUTYY(("P(server_serve_expired_ttl:%s)\n", $2));
1654                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1655                         yyerror("number expected");
1656                 else cfg_parser->cfg->serve_expired_ttl = atoi($2);
1657                 free($2);
1658         }
1659         ;
1660 server_serve_expired_ttl_reset: VAR_SERVE_EXPIRED_TTL_RESET STRING_ARG
1661         {
1662                 OUTYY(("P(server_serve_expired_ttl_reset:%s)\n", $2));
1663                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1664                         yyerror("expected yes or no.");
1665                 else cfg_parser->cfg->serve_expired_ttl_reset = (strcmp($2, "yes")==0);
1666                 free($2);
1667         }
1668         ;
1669 server_fake_dsa: VAR_FAKE_DSA STRING_ARG
1670         {
1671                 OUTYY(("P(server_fake_dsa:%s)\n", $2));
1672                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1673                         yyerror("expected yes or no.");
1674 #ifdef HAVE_SSL
1675                 else fake_dsa = (strcmp($2, "yes")==0);
1676                 if(fake_dsa)
1677                         log_warn("test option fake_dsa is enabled");
1678 #endif
1679                 free($2);
1680         }
1681         ;
1682 server_fake_sha1: VAR_FAKE_SHA1 STRING_ARG
1683         {
1684                 OUTYY(("P(server_fake_sha1:%s)\n", $2));
1685                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1686                         yyerror("expected yes or no.");
1687 #ifdef HAVE_SSL
1688                 else fake_sha1 = (strcmp($2, "yes")==0);
1689                 if(fake_sha1)
1690                         log_warn("test option fake_sha1 is enabled");
1691 #endif
1692                 free($2);
1693         }
1694         ;
1695 server_val_log_level: VAR_VAL_LOG_LEVEL STRING_ARG
1696         {
1697                 OUTYY(("P(server_val_log_level:%s)\n", $2));
1698                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1699                         yyerror("number expected");
1700                 else cfg_parser->cfg->val_log_level = atoi($2);
1701                 free($2);
1702         }
1703         ;
1704 server_val_nsec3_keysize_iterations: VAR_VAL_NSEC3_KEYSIZE_ITERATIONS STRING_ARG
1705         {
1706                 OUTYY(("P(server_val_nsec3_keysize_iterations:%s)\n", $2));
1707                 free(cfg_parser->cfg->val_nsec3_key_iterations);
1708                 cfg_parser->cfg->val_nsec3_key_iterations = $2;
1709         }
1710         ;
1711 server_add_holddown: VAR_ADD_HOLDDOWN STRING_ARG
1712         {
1713                 OUTYY(("P(server_add_holddown:%s)\n", $2));
1714                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1715                         yyerror("number expected");
1716                 else cfg_parser->cfg->add_holddown = atoi($2);
1717                 free($2);
1718         }
1719         ;
1720 server_del_holddown: VAR_DEL_HOLDDOWN STRING_ARG
1721         {
1722                 OUTYY(("P(server_del_holddown:%s)\n", $2));
1723                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1724                         yyerror("number expected");
1725                 else cfg_parser->cfg->del_holddown = atoi($2);
1726                 free($2);
1727         }
1728         ;
1729 server_keep_missing: VAR_KEEP_MISSING STRING_ARG
1730         {
1731                 OUTYY(("P(server_keep_missing:%s)\n", $2));
1732                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
1733                         yyerror("number expected");
1734                 else cfg_parser->cfg->keep_missing = atoi($2);
1735                 free($2);
1736         }
1737         ;
1738 server_permit_small_holddown: VAR_PERMIT_SMALL_HOLDDOWN STRING_ARG
1739         {
1740                 OUTYY(("P(server_permit_small_holddown:%s)\n", $2));
1741                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1742                         yyerror("expected yes or no.");
1743                 else cfg_parser->cfg->permit_small_holddown =
1744                         (strcmp($2, "yes")==0);
1745                 free($2);
1746         }
1747 server_key_cache_size: VAR_KEY_CACHE_SIZE STRING_ARG
1748         {
1749                 OUTYY(("P(server_key_cache_size:%s)\n", $2));
1750                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->key_cache_size))
1751                         yyerror("memory size expected");
1752                 free($2);
1753         }
1754         ;
1755 server_key_cache_slabs: VAR_KEY_CACHE_SLABS STRING_ARG
1756         {
1757                 OUTYY(("P(server_key_cache_slabs:%s)\n", $2));
1758                 if(atoi($2) == 0)
1759                         yyerror("number expected");
1760                 else {
1761                         cfg_parser->cfg->key_cache_slabs = atoi($2);
1762                         if(!is_pow2(cfg_parser->cfg->key_cache_slabs))
1763                                 yyerror("must be a power of 2");
1764                 }
1765                 free($2);
1766         }
1767         ;
1768 server_neg_cache_size: VAR_NEG_CACHE_SIZE STRING_ARG
1769         {
1770                 OUTYY(("P(server_neg_cache_size:%s)\n", $2));
1771                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->neg_cache_size))
1772                         yyerror("memory size expected");
1773                 free($2);
1774         }
1775         ;
1776 server_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
1777         {
1778                 OUTYY(("P(server_local_zone:%s %s)\n", $2, $3));
1779                 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
1780                    strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
1781                    strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
1782                    && strcmp($3, "typetransparent")!=0
1783                    && strcmp($3, "always_transparent")!=0
1784                    && strcmp($3, "always_refuse")!=0
1785                    && strcmp($3, "always_nxdomain")!=0
1786                    && strcmp($3, "noview")!=0
1787                    && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0
1788                    && strcmp($3, "inform_redirect") != 0
1789                          && strcmp($3, "ipset") != 0) {
1790                         yyerror("local-zone type: expected static, deny, "
1791                                 "refuse, redirect, transparent, "
1792                                 "typetransparent, inform, inform_deny, "
1793                                 "inform_redirect, always_transparent, "
1794                                 "always_refuse, always_nxdomain, noview "
1795                                 ", nodefault or ipset");
1796                         free($2);
1797                         free($3);
1798                 } else if(strcmp($3, "nodefault")==0) {
1799                         if(!cfg_strlist_insert(&cfg_parser->cfg->
1800                                 local_zones_nodefault, $2))
1801                                 fatal_exit("out of memory adding local-zone");
1802                         free($3);
1803 #ifdef USE_IPSET
1804                 } else if(strcmp($3, "ipset")==0) {
1805                         if(!cfg_strlist_insert(&cfg_parser->cfg->
1806                                 local_zones_ipset, $2))
1807                                 fatal_exit("out of memory adding local-zone");
1808                         free($3);
1809 #endif
1810                 } else {
1811                         if(!cfg_str2list_insert(&cfg_parser->cfg->local_zones, 
1812                                 $2, $3))
1813                                 fatal_exit("out of memory adding local-zone");
1814                 }
1815         }
1816         ;
1817 server_local_data: VAR_LOCAL_DATA STRING_ARG
1818         {
1819                 OUTYY(("P(server_local_data:%s)\n", $2));
1820                 if(!cfg_strlist_insert(&cfg_parser->cfg->local_data, $2))
1821                         fatal_exit("out of memory adding local-data");
1822         }
1823         ;
1824 server_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
1825         {
1826                 char* ptr;
1827                 OUTYY(("P(server_local_data_ptr:%s)\n", $2));
1828                 ptr = cfg_ptr_reverse($2);
1829                 free($2);
1830                 if(ptr) {
1831                         if(!cfg_strlist_insert(&cfg_parser->cfg->
1832                                 local_data, ptr))
1833                                 fatal_exit("out of memory adding local-data");
1834                 } else {
1835                         yyerror("local-data-ptr could not be reversed");
1836                 }
1837         }
1838         ;
1839 server_minimal_responses: VAR_MINIMAL_RESPONSES STRING_ARG
1840         {
1841                 OUTYY(("P(server_minimal_responses:%s)\n", $2));
1842                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1843                         yyerror("expected yes or no.");
1844                 else cfg_parser->cfg->minimal_responses =
1845                         (strcmp($2, "yes")==0);
1846                 free($2);
1847         }
1848         ;
1849 server_rrset_roundrobin: VAR_RRSET_ROUNDROBIN STRING_ARG
1850         {
1851                 OUTYY(("P(server_rrset_roundrobin:%s)\n", $2));
1852                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1853                         yyerror("expected yes or no.");
1854                 else cfg_parser->cfg->rrset_roundrobin =
1855                         (strcmp($2, "yes")==0);
1856                 free($2);
1857         }
1858         ;
1859 server_unknown_server_time_limit: VAR_UNKNOWN_SERVER_TIME_LIMIT STRING_ARG
1860         {
1861                 OUTYY(("P(server_unknown_server_time_limit:%s)\n", $2));
1862                 cfg_parser->cfg->unknown_server_time_limit = atoi($2);
1863                 free($2);
1864         }
1865         ;
1866 server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG
1867         {
1868                 OUTYY(("P(server_max_udp_size:%s)\n", $2));
1869                 cfg_parser->cfg->max_udp_size = atoi($2);
1870                 free($2);
1871         }
1872         ;
1873 server_dns64_prefix: VAR_DNS64_PREFIX STRING_ARG
1874         {
1875                 OUTYY(("P(dns64_prefix:%s)\n", $2));
1876                 free(cfg_parser->cfg->dns64_prefix);
1877                 cfg_parser->cfg->dns64_prefix = $2;
1878         }
1879         ;
1880 server_dns64_synthall: VAR_DNS64_SYNTHALL STRING_ARG
1881         {
1882                 OUTYY(("P(server_dns64_synthall:%s)\n", $2));
1883                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
1884                         yyerror("expected yes or no.");
1885                 else cfg_parser->cfg->dns64_synthall = (strcmp($2, "yes")==0);
1886                 free($2);
1887         }
1888         ;
1889 server_dns64_ignore_aaaa: VAR_DNS64_IGNORE_AAAA STRING_ARG
1890         {
1891                 OUTYY(("P(dns64_ignore_aaaa:%s)\n", $2));
1892                 if(!cfg_strlist_insert(&cfg_parser->cfg->dns64_ignore_aaaa,
1893                         $2))
1894                         fatal_exit("out of memory adding dns64-ignore-aaaa");
1895         }
1896         ;
1897 server_define_tag: VAR_DEFINE_TAG STRING_ARG
1898         {
1899                 char* p, *s = $2;
1900                 OUTYY(("P(server_define_tag:%s)\n", $2));
1901                 while((p=strsep(&s, " \t\n")) != NULL) {
1902                         if(*p) {
1903                                 if(!config_add_tag(cfg_parser->cfg, p))
1904                                         yyerror("could not define-tag, "
1905                                                 "out of memory");
1906                         }
1907                 }
1908                 free($2);
1909         }
1910         ;
1911 server_local_zone_tag: VAR_LOCAL_ZONE_TAG STRING_ARG STRING_ARG
1912         {
1913                 size_t len = 0;
1914                 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1915                         &len);
1916                 free($3);
1917                 OUTYY(("P(server_local_zone_tag:%s)\n", $2));
1918                 if(!bitlist) {
1919                         yyerror("could not parse tags, (define-tag them first)");
1920                         free($2);
1921                 }
1922                 if(bitlist) {
1923                         if(!cfg_strbytelist_insert(
1924                                 &cfg_parser->cfg->local_zone_tags,
1925                                 $2, bitlist, len)) {
1926                                 yyerror("out of memory");
1927                                 free($2);
1928                         }
1929                 }
1930         }
1931         ;
1932 server_access_control_tag: VAR_ACCESS_CONTROL_TAG STRING_ARG STRING_ARG
1933         {
1934                 size_t len = 0;
1935                 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
1936                         &len);
1937                 free($3);
1938                 OUTYY(("P(server_access_control_tag:%s)\n", $2));
1939                 if(!bitlist) {
1940                         yyerror("could not parse tags, (define-tag them first)");
1941                         free($2);
1942                 }
1943                 if(bitlist) {
1944                         if(!cfg_strbytelist_insert(
1945                                 &cfg_parser->cfg->acl_tags,
1946                                 $2, bitlist, len)) {
1947                                 yyerror("out of memory");
1948                                 free($2);
1949                         }
1950                 }
1951         }
1952         ;
1953 server_access_control_tag_action: VAR_ACCESS_CONTROL_TAG_ACTION STRING_ARG STRING_ARG STRING_ARG
1954         {
1955                 OUTYY(("P(server_access_control_tag_action:%s %s %s)\n", $2, $3, $4));
1956                 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_actions,
1957                         $2, $3, $4)) {
1958                         yyerror("out of memory");
1959                         free($2);
1960                         free($3);
1961                         free($4);
1962                 }
1963         }
1964         ;
1965 server_access_control_tag_data: VAR_ACCESS_CONTROL_TAG_DATA STRING_ARG STRING_ARG STRING_ARG
1966         {
1967                 OUTYY(("P(server_access_control_tag_data:%s %s %s)\n", $2, $3, $4));
1968                 if(!cfg_str3list_insert(&cfg_parser->cfg->acl_tag_datas,
1969                         $2, $3, $4)) {
1970                         yyerror("out of memory");
1971                         free($2);
1972                         free($3);
1973                         free($4);
1974                 }
1975         }
1976         ;
1977 server_local_zone_override: VAR_LOCAL_ZONE_OVERRIDE STRING_ARG STRING_ARG STRING_ARG
1978         {
1979                 OUTYY(("P(server_local_zone_override:%s %s %s)\n", $2, $3, $4));
1980                 if(!cfg_str3list_insert(&cfg_parser->cfg->local_zone_overrides,
1981                         $2, $3, $4)) {
1982                         yyerror("out of memory");
1983                         free($2);
1984                         free($3);
1985                         free($4);
1986                 }
1987         }
1988         ;
1989 server_access_control_view: VAR_ACCESS_CONTROL_VIEW STRING_ARG STRING_ARG
1990         {
1991                 OUTYY(("P(server_access_control_view:%s %s)\n", $2, $3));
1992                 if(!cfg_str2list_insert(&cfg_parser->cfg->acl_view,
1993                         $2, $3)) {
1994                         yyerror("out of memory");
1995                 }
1996         }
1997         ;
1998 server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG
1999         {
2000                 size_t len = 0;
2001                 uint8_t* bitlist = config_parse_taglist(cfg_parser->cfg, $3,
2002                         &len);
2003                 free($3);
2004                 OUTYY(("P(response_ip_tag:%s)\n", $2));
2005                 if(!bitlist) {
2006                         yyerror("could not parse tags, (define-tag them first)");
2007                         free($2);
2008                 }
2009                 if(bitlist) {
2010                         if(!cfg_strbytelist_insert(
2011                                 &cfg_parser->cfg->respip_tags,
2012                                 $2, bitlist, len)) {
2013                                 yyerror("out of memory");
2014                                 free($2);
2015                         }
2016                 }
2017         }
2018         ;
2019 server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG 
2020         { 
2021                 OUTYY(("P(server_ip_ratelimit:%s)\n", $2)); 
2022                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2023                         yyerror("number expected");
2024                 else cfg_parser->cfg->ip_ratelimit = atoi($2);
2025                 free($2);
2026         }
2027         ;
2028
2029 server_ratelimit: VAR_RATELIMIT STRING_ARG 
2030         { 
2031                 OUTYY(("P(server_ratelimit:%s)\n", $2)); 
2032                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2033                         yyerror("number expected");
2034                 else cfg_parser->cfg->ratelimit = atoi($2);
2035                 free($2);
2036         }
2037         ;
2038 server_ip_ratelimit_size: VAR_IP_RATELIMIT_SIZE STRING_ARG
2039   {
2040         OUTYY(("P(server_ip_ratelimit_size:%s)\n", $2));
2041         if(!cfg_parse_memsize($2, &cfg_parser->cfg->ip_ratelimit_size))
2042                 yyerror("memory size expected");
2043         free($2);
2044   }
2045   ;
2046 server_ratelimit_size: VAR_RATELIMIT_SIZE STRING_ARG
2047         {
2048                 OUTYY(("P(server_ratelimit_size:%s)\n", $2));
2049                 if(!cfg_parse_memsize($2, &cfg_parser->cfg->ratelimit_size))
2050                         yyerror("memory size expected");
2051                 free($2);
2052         }
2053         ;
2054 server_ip_ratelimit_slabs: VAR_IP_RATELIMIT_SLABS STRING_ARG
2055   {
2056         OUTYY(("P(server_ip_ratelimit_slabs:%s)\n", $2));
2057         if(atoi($2) == 0)
2058                 yyerror("number expected");
2059         else {
2060                 cfg_parser->cfg->ip_ratelimit_slabs = atoi($2);
2061                 if(!is_pow2(cfg_parser->cfg->ip_ratelimit_slabs))
2062                         yyerror("must be a power of 2");
2063         }
2064         free($2);
2065   }
2066   ;
2067 server_ratelimit_slabs: VAR_RATELIMIT_SLABS STRING_ARG
2068         {
2069                 OUTYY(("P(server_ratelimit_slabs:%s)\n", $2));
2070                 if(atoi($2) == 0)
2071                         yyerror("number expected");
2072                 else {
2073                         cfg_parser->cfg->ratelimit_slabs = atoi($2);
2074                         if(!is_pow2(cfg_parser->cfg->ratelimit_slabs))
2075                                 yyerror("must be a power of 2");
2076                 }
2077                 free($2);
2078         }
2079         ;
2080 server_ratelimit_for_domain: VAR_RATELIMIT_FOR_DOMAIN STRING_ARG STRING_ARG
2081         {
2082                 OUTYY(("P(server_ratelimit_for_domain:%s %s)\n", $2, $3));
2083                 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
2084                         yyerror("number expected");
2085                         free($2);
2086                         free($3);
2087                 } else {
2088                         if(!cfg_str2list_insert(&cfg_parser->cfg->
2089                                 ratelimit_for_domain, $2, $3))
2090                                 fatal_exit("out of memory adding "
2091                                         "ratelimit-for-domain");
2092                 }
2093         }
2094         ;
2095 server_ratelimit_below_domain: VAR_RATELIMIT_BELOW_DOMAIN STRING_ARG STRING_ARG
2096         {
2097                 OUTYY(("P(server_ratelimit_below_domain:%s %s)\n", $2, $3));
2098                 if(atoi($3) == 0 && strcmp($3, "0") != 0) {
2099                         yyerror("number expected");
2100                         free($2);
2101                         free($3);
2102                 } else {
2103                         if(!cfg_str2list_insert(&cfg_parser->cfg->
2104                                 ratelimit_below_domain, $2, $3))
2105                                 fatal_exit("out of memory adding "
2106                                         "ratelimit-below-domain");
2107                 }
2108         }
2109         ;
2110 server_ip_ratelimit_factor: VAR_IP_RATELIMIT_FACTOR STRING_ARG 
2111   { 
2112         OUTYY(("P(server_ip_ratelimit_factor:%s)\n", $2)); 
2113         if(atoi($2) == 0 && strcmp($2, "0") != 0)
2114                 yyerror("number expected");
2115         else cfg_parser->cfg->ip_ratelimit_factor = atoi($2);
2116         free($2);
2117         }
2118         ;
2119 server_ratelimit_factor: VAR_RATELIMIT_FACTOR STRING_ARG 
2120         { 
2121                 OUTYY(("P(server_ratelimit_factor:%s)\n", $2)); 
2122                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2123                         yyerror("number expected");
2124                 else cfg_parser->cfg->ratelimit_factor = atoi($2);
2125                 free($2);
2126         }
2127         ;
2128 server_low_rtt: VAR_LOW_RTT STRING_ARG 
2129         { 
2130                 OUTYY(("P(low-rtt option is deprecated, use fast-server-num instead)\n"));
2131                 free($2);
2132         }
2133         ;
2134 server_fast_server_num: VAR_FAST_SERVER_NUM STRING_ARG 
2135         { 
2136                 OUTYY(("P(server_fast_server_num:%s)\n", $2)); 
2137                 if(atoi($2) <= 0)
2138                         yyerror("number expected");
2139                 else cfg_parser->cfg->fast_server_num = atoi($2);
2140                 free($2);
2141         }
2142         ;
2143 server_fast_server_permil: VAR_FAST_SERVER_PERMIL STRING_ARG 
2144         { 
2145                 OUTYY(("P(server_fast_server_permil:%s)\n", $2)); 
2146                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2147                         yyerror("number expected");
2148                 else cfg_parser->cfg->fast_server_permil = atoi($2);
2149                 free($2);
2150         }
2151         ;
2152 server_qname_minimisation: VAR_QNAME_MINIMISATION STRING_ARG
2153         {
2154                 OUTYY(("P(server_qname_minimisation:%s)\n", $2));
2155                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2156                         yyerror("expected yes or no.");
2157                 else cfg_parser->cfg->qname_minimisation = 
2158                         (strcmp($2, "yes")==0);
2159                 free($2);
2160         }
2161         ;
2162 server_qname_minimisation_strict: VAR_QNAME_MINIMISATION_STRICT STRING_ARG
2163         {
2164                 OUTYY(("P(server_qname_minimisation_strict:%s)\n", $2));
2165                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2166                         yyerror("expected yes or no.");
2167                 else cfg_parser->cfg->qname_minimisation_strict = 
2168                         (strcmp($2, "yes")==0);
2169                 free($2);
2170         }
2171         ;
2172 server_ipsecmod_enabled: VAR_IPSECMOD_ENABLED STRING_ARG
2173         {
2174         #ifdef USE_IPSECMOD
2175                 OUTYY(("P(server_ipsecmod_enabled:%s)\n", $2));
2176                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2177                         yyerror("expected yes or no.");
2178                 else cfg_parser->cfg->ipsecmod_enabled = (strcmp($2, "yes")==0);
2179         #else
2180                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2181         #endif
2182                 free($2);
2183         }
2184         ;
2185 server_ipsecmod_ignore_bogus: VAR_IPSECMOD_IGNORE_BOGUS STRING_ARG
2186         {
2187         #ifdef USE_IPSECMOD
2188                 OUTYY(("P(server_ipsecmod_ignore_bogus:%s)\n", $2));
2189                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2190                         yyerror("expected yes or no.");
2191                 else cfg_parser->cfg->ipsecmod_ignore_bogus = (strcmp($2, "yes")==0);
2192         #else
2193                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2194         #endif
2195                 free($2);
2196         }
2197         ;
2198 server_ipsecmod_hook: VAR_IPSECMOD_HOOK STRING_ARG
2199         {
2200         #ifdef USE_IPSECMOD
2201                 OUTYY(("P(server_ipsecmod_hook:%s)\n", $2));
2202                 free(cfg_parser->cfg->ipsecmod_hook);
2203                 cfg_parser->cfg->ipsecmod_hook = $2;
2204         #else
2205                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2206                 free($2);
2207         #endif
2208         }
2209         ;
2210 server_ipsecmod_max_ttl: VAR_IPSECMOD_MAX_TTL STRING_ARG
2211         {
2212         #ifdef USE_IPSECMOD
2213                 OUTYY(("P(server_ipsecmod_max_ttl:%s)\n", $2));
2214                 if(atoi($2) == 0 && strcmp($2, "0") != 0)
2215                         yyerror("number expected");
2216                 else cfg_parser->cfg->ipsecmod_max_ttl = atoi($2);
2217                 free($2);
2218         #else
2219                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2220                 free($2);
2221         #endif
2222         }
2223         ;
2224 server_ipsecmod_whitelist: VAR_IPSECMOD_WHITELIST STRING_ARG
2225         {
2226         #ifdef USE_IPSECMOD
2227                 OUTYY(("P(server_ipsecmod_whitelist:%s)\n", $2));
2228                 if(!cfg_strlist_insert(&cfg_parser->cfg->ipsecmod_whitelist, $2))
2229                         yyerror("out of memory");
2230         #else
2231                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2232                 free($2);
2233         #endif
2234         }
2235         ;
2236 server_ipsecmod_strict: VAR_IPSECMOD_STRICT STRING_ARG
2237         {
2238         #ifdef USE_IPSECMOD
2239                 OUTYY(("P(server_ipsecmod_strict:%s)\n", $2));
2240                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2241                         yyerror("expected yes or no.");
2242                 else cfg_parser->cfg->ipsecmod_strict = (strcmp($2, "yes")==0);
2243                 free($2);
2244         #else
2245                 OUTYY(("P(Compiled without IPsec module, ignoring)\n"));
2246                 free($2);
2247         #endif
2248         }
2249         ;
2250 stub_name: VAR_NAME STRING_ARG
2251         {
2252                 OUTYY(("P(name:%s)\n", $2));
2253                 if(cfg_parser->cfg->stubs->name)
2254                         yyerror("stub name override, there must be one name "
2255                                 "for one stub-zone");
2256                 free(cfg_parser->cfg->stubs->name);
2257                 cfg_parser->cfg->stubs->name = $2;
2258         }
2259         ;
2260 stub_host: VAR_STUB_HOST STRING_ARG
2261         {
2262                 OUTYY(("P(stub-host:%s)\n", $2));
2263                 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, $2))
2264                         yyerror("out of memory");
2265         }
2266         ;
2267 stub_addr: VAR_STUB_ADDR STRING_ARG
2268         {
2269                 OUTYY(("P(stub-addr:%s)\n", $2));
2270                 if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, $2))
2271                         yyerror("out of memory");
2272         }
2273         ;
2274 stub_first: VAR_STUB_FIRST STRING_ARG
2275         {
2276                 OUTYY(("P(stub-first:%s)\n", $2));
2277                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2278                         yyerror("expected yes or no.");
2279                 else cfg_parser->cfg->stubs->isfirst=(strcmp($2, "yes")==0);
2280                 free($2);
2281         }
2282         ;
2283 stub_no_cache: VAR_STUB_NO_CACHE STRING_ARG
2284         {
2285                 OUTYY(("P(stub-no-cache:%s)\n", $2));
2286                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2287                         yyerror("expected yes or no.");
2288                 else cfg_parser->cfg->stubs->no_cache=(strcmp($2, "yes")==0);
2289                 free($2);
2290         }
2291         ;
2292 stub_ssl_upstream: VAR_STUB_SSL_UPSTREAM STRING_ARG
2293         {
2294                 OUTYY(("P(stub-ssl-upstream:%s)\n", $2));
2295                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2296                         yyerror("expected yes or no.");
2297                 else cfg_parser->cfg->stubs->ssl_upstream = 
2298                         (strcmp($2, "yes")==0);
2299                 free($2);
2300         }
2301         ;
2302 stub_prime: VAR_STUB_PRIME STRING_ARG
2303         {
2304                 OUTYY(("P(stub-prime:%s)\n", $2));
2305                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2306                         yyerror("expected yes or no.");
2307                 else cfg_parser->cfg->stubs->isprime = 
2308                         (strcmp($2, "yes")==0);
2309                 free($2);
2310         }
2311         ;
2312 forward_name: VAR_NAME STRING_ARG
2313         {
2314                 OUTYY(("P(name:%s)\n", $2));
2315                 if(cfg_parser->cfg->forwards->name)
2316                         yyerror("forward name override, there must be one "
2317                                 "name for one forward-zone");
2318                 free(cfg_parser->cfg->forwards->name);
2319                 cfg_parser->cfg->forwards->name = $2;
2320         }
2321         ;
2322 forward_host: VAR_FORWARD_HOST STRING_ARG
2323         {
2324                 OUTYY(("P(forward-host:%s)\n", $2));
2325                 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, $2))
2326                         yyerror("out of memory");
2327         }
2328         ;
2329 forward_addr: VAR_FORWARD_ADDR STRING_ARG
2330         {
2331                 OUTYY(("P(forward-addr:%s)\n", $2));
2332                 if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, $2))
2333                         yyerror("out of memory");
2334         }
2335         ;
2336 forward_first: VAR_FORWARD_FIRST STRING_ARG
2337         {
2338                 OUTYY(("P(forward-first:%s)\n", $2));
2339                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2340                         yyerror("expected yes or no.");
2341                 else cfg_parser->cfg->forwards->isfirst=(strcmp($2, "yes")==0);
2342                 free($2);
2343         }
2344         ;
2345 forward_no_cache: VAR_FORWARD_NO_CACHE STRING_ARG
2346         {
2347                 OUTYY(("P(forward-no-cache:%s)\n", $2));
2348                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2349                         yyerror("expected yes or no.");
2350                 else cfg_parser->cfg->forwards->no_cache=(strcmp($2, "yes")==0);
2351                 free($2);
2352         }
2353         ;
2354 forward_ssl_upstream: VAR_FORWARD_SSL_UPSTREAM STRING_ARG
2355         {
2356                 OUTYY(("P(forward-ssl-upstream:%s)\n", $2));
2357                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2358                         yyerror("expected yes or no.");
2359                 else cfg_parser->cfg->forwards->ssl_upstream = 
2360                         (strcmp($2, "yes")==0);
2361                 free($2);
2362         }
2363         ;
2364 auth_name: VAR_NAME STRING_ARG
2365         {
2366                 OUTYY(("P(name:%s)\n", $2));
2367                 if(cfg_parser->cfg->auths->name)
2368                         yyerror("auth name override, there must be one name "
2369                                 "for one auth-zone");
2370                 free(cfg_parser->cfg->auths->name);
2371                 cfg_parser->cfg->auths->name = $2;
2372         }
2373         ;
2374 auth_zonefile: VAR_ZONEFILE STRING_ARG
2375         {
2376                 OUTYY(("P(zonefile:%s)\n", $2));
2377                 free(cfg_parser->cfg->auths->zonefile);
2378                 cfg_parser->cfg->auths->zonefile = $2;
2379         }
2380         ;
2381 auth_master: VAR_MASTER STRING_ARG
2382         {
2383                 OUTYY(("P(master:%s)\n", $2));
2384                 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->masters, $2))
2385                         yyerror("out of memory");
2386         }
2387         ;
2388 auth_url: VAR_URL STRING_ARG
2389         {
2390                 OUTYY(("P(url:%s)\n", $2));
2391                 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->urls, $2))
2392                         yyerror("out of memory");
2393         }
2394         ;
2395 auth_allow_notify: VAR_ALLOW_NOTIFY STRING_ARG
2396         {
2397                 OUTYY(("P(allow-notify:%s)\n", $2));
2398                 if(!cfg_strlist_insert(&cfg_parser->cfg->auths->allow_notify,
2399                         $2))
2400                         yyerror("out of memory");
2401         }
2402         ;
2403 auth_for_downstream: VAR_FOR_DOWNSTREAM STRING_ARG
2404         {
2405                 OUTYY(("P(for-downstream:%s)\n", $2));
2406                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2407                         yyerror("expected yes or no.");
2408                 else cfg_parser->cfg->auths->for_downstream =
2409                         (strcmp($2, "yes")==0);
2410                 free($2);
2411         }
2412         ;
2413 auth_for_upstream: VAR_FOR_UPSTREAM STRING_ARG
2414         {
2415                 OUTYY(("P(for-upstream:%s)\n", $2));
2416                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2417                         yyerror("expected yes or no.");
2418                 else cfg_parser->cfg->auths->for_upstream =
2419                         (strcmp($2, "yes")==0);
2420                 free($2);
2421         }
2422         ;
2423 auth_fallback_enabled: VAR_FALLBACK_ENABLED STRING_ARG
2424         {
2425                 OUTYY(("P(fallback-enabled:%s)\n", $2));
2426                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2427                         yyerror("expected yes or no.");
2428                 else cfg_parser->cfg->auths->fallback_enabled =
2429                         (strcmp($2, "yes")==0);
2430                 free($2);
2431         }
2432         ;
2433 view_name: VAR_NAME STRING_ARG
2434         {
2435                 OUTYY(("P(name:%s)\n", $2));
2436                 if(cfg_parser->cfg->views->name)
2437                         yyerror("view name override, there must be one "
2438                                 "name for one view");
2439                 free(cfg_parser->cfg->views->name);
2440                 cfg_parser->cfg->views->name = $2;
2441         }
2442         ;
2443 view_local_zone: VAR_LOCAL_ZONE STRING_ARG STRING_ARG
2444         {
2445                 OUTYY(("P(view_local_zone:%s %s)\n", $2, $3));
2446                 if(strcmp($3, "static")!=0 && strcmp($3, "deny")!=0 &&
2447                    strcmp($3, "refuse")!=0 && strcmp($3, "redirect")!=0 &&
2448                    strcmp($3, "transparent")!=0 && strcmp($3, "nodefault")!=0
2449                    && strcmp($3, "typetransparent")!=0
2450                    && strcmp($3, "always_transparent")!=0
2451                    && strcmp($3, "always_refuse")!=0
2452                    && strcmp($3, "always_nxdomain")!=0
2453                    && strcmp($3, "noview")!=0
2454                    && strcmp($3, "inform")!=0 && strcmp($3, "inform_deny")!=0) {
2455                         yyerror("local-zone type: expected static, deny, "
2456                                 "refuse, redirect, transparent, "
2457                                 "typetransparent, inform, inform_deny, "
2458                                 "always_transparent, always_refuse, "
2459                                 "always_nxdomain, noview or nodefault");
2460                         free($2);
2461                         free($3);
2462                 } else if(strcmp($3, "nodefault")==0) {
2463                         if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2464                                 local_zones_nodefault, $2))
2465                                 fatal_exit("out of memory adding local-zone");
2466                         free($3);
2467 #ifdef USE_IPSET
2468                 } else if(strcmp($3, "ipset")==0) {
2469                         if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2470                                 local_zones_ipset, $2))
2471                                 fatal_exit("out of memory adding local-zone");
2472                         free($3);
2473 #endif
2474                 } else {
2475                         if(!cfg_str2list_insert(
2476                                 &cfg_parser->cfg->views->local_zones, 
2477                                 $2, $3))
2478                                 fatal_exit("out of memory adding local-zone");
2479                 }
2480         }
2481         ;
2482 view_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2483         {
2484                 OUTYY(("P(view_response_ip:%s %s)\n", $2, $3));
2485                 validate_respip_action($3);
2486                 if(!cfg_str2list_insert(
2487                         &cfg_parser->cfg->views->respip_actions, $2, $3))
2488                         fatal_exit("out of memory adding per-view "
2489                                 "response-ip action");
2490         }
2491         ;
2492 view_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2493         {
2494                 OUTYY(("P(view_response_ip_data:%s)\n", $2));
2495                 if(!cfg_str2list_insert(
2496                         &cfg_parser->cfg->views->respip_data, $2, $3))
2497                         fatal_exit("out of memory adding response-ip-data");
2498         }
2499         ;
2500 view_local_data: VAR_LOCAL_DATA STRING_ARG
2501         {
2502                 OUTYY(("P(view_local_data:%s)\n", $2));
2503                 if(!cfg_strlist_insert(&cfg_parser->cfg->views->local_data, $2)) {
2504                         fatal_exit("out of memory adding local-data");
2505                 }
2506         }
2507         ;
2508 view_local_data_ptr: VAR_LOCAL_DATA_PTR STRING_ARG
2509         {
2510                 char* ptr;
2511                 OUTYY(("P(view_local_data_ptr:%s)\n", $2));
2512                 ptr = cfg_ptr_reverse($2);
2513                 free($2);
2514                 if(ptr) {
2515                         if(!cfg_strlist_insert(&cfg_parser->cfg->views->
2516                                 local_data, ptr))
2517                                 fatal_exit("out of memory adding local-data");
2518                 } else {
2519                         yyerror("local-data-ptr could not be reversed");
2520                 }
2521         }
2522         ;
2523 view_first: VAR_VIEW_FIRST STRING_ARG
2524         {
2525                 OUTYY(("P(view-first:%s)\n", $2));
2526                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2527                         yyerror("expected yes or no.");
2528                 else cfg_parser->cfg->views->isfirst=(strcmp($2, "yes")==0);
2529                 free($2);
2530         }
2531         ;
2532 rcstart: VAR_REMOTE_CONTROL
2533         { 
2534                 OUTYY(("\nP(remote-control:)\n")); 
2535         }
2536         ;
2537 contents_rc: contents_rc content_rc 
2538         | ;
2539 content_rc: rc_control_enable | rc_control_interface | rc_control_port |
2540         rc_server_key_file | rc_server_cert_file | rc_control_key_file |
2541         rc_control_cert_file | rc_control_use_cert
2542         ;
2543 rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
2544         {
2545                 OUTYY(("P(control_enable:%s)\n", $2));
2546                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2547                         yyerror("expected yes or no.");
2548                 else cfg_parser->cfg->remote_control_enable = 
2549                         (strcmp($2, "yes")==0);
2550                 free($2);
2551         }
2552         ;
2553 rc_control_port: VAR_CONTROL_PORT STRING_ARG
2554         {
2555                 OUTYY(("P(control_port:%s)\n", $2));
2556                 if(atoi($2) == 0)
2557                         yyerror("control port number expected");
2558                 else cfg_parser->cfg->control_port = atoi($2);
2559                 free($2);
2560         }
2561         ;
2562 rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
2563         {
2564                 OUTYY(("P(control_interface:%s)\n", $2));
2565                 if(!cfg_strlist_append(&cfg_parser->cfg->control_ifs, $2))
2566                         yyerror("out of memory");
2567         }
2568         ;
2569 rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
2570         {
2571                 OUTYY(("P(control_use_cert:%s)\n", $2));
2572                 cfg_parser->cfg->control_use_cert = (strcmp($2, "yes")==0);
2573                 free($2);
2574         }
2575         ;
2576 rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
2577         {
2578                 OUTYY(("P(rc_server_key_file:%s)\n", $2));
2579                 free(cfg_parser->cfg->server_key_file);
2580                 cfg_parser->cfg->server_key_file = $2;
2581         }
2582         ;
2583 rc_server_cert_file: VAR_SERVER_CERT_FILE STRING_ARG
2584         {
2585                 OUTYY(("P(rc_server_cert_file:%s)\n", $2));
2586                 free(cfg_parser->cfg->server_cert_file);
2587                 cfg_parser->cfg->server_cert_file = $2;
2588         }
2589         ;
2590 rc_control_key_file: VAR_CONTROL_KEY_FILE STRING_ARG
2591         {
2592                 OUTYY(("P(rc_control_key_file:%s)\n", $2));
2593                 free(cfg_parser->cfg->control_key_file);
2594                 cfg_parser->cfg->control_key_file = $2;
2595         }
2596         ;
2597 rc_control_cert_file: VAR_CONTROL_CERT_FILE STRING_ARG
2598         {
2599                 OUTYY(("P(rc_control_cert_file:%s)\n", $2));
2600                 free(cfg_parser->cfg->control_cert_file);
2601                 cfg_parser->cfg->control_cert_file = $2;
2602         }
2603         ;
2604 dtstart: VAR_DNSTAP
2605         {
2606                 OUTYY(("\nP(dnstap:)\n"));
2607         }
2608         ;
2609 contents_dt: contents_dt content_dt
2610         | ;
2611 content_dt: dt_dnstap_enable | dt_dnstap_socket_path |
2612         dt_dnstap_send_identity | dt_dnstap_send_version |
2613         dt_dnstap_identity | dt_dnstap_version |
2614         dt_dnstap_log_resolver_query_messages |
2615         dt_dnstap_log_resolver_response_messages |
2616         dt_dnstap_log_client_query_messages |
2617         dt_dnstap_log_client_response_messages |
2618         dt_dnstap_log_forwarder_query_messages |
2619         dt_dnstap_log_forwarder_response_messages
2620         ;
2621 dt_dnstap_enable: VAR_DNSTAP_ENABLE STRING_ARG
2622         {
2623                 OUTYY(("P(dt_dnstap_enable:%s)\n", $2));
2624                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2625                         yyerror("expected yes or no.");
2626                 else cfg_parser->cfg->dnstap = (strcmp($2, "yes")==0);
2627                 free($2);
2628         }
2629         ;
2630 dt_dnstap_socket_path: VAR_DNSTAP_SOCKET_PATH STRING_ARG
2631         {
2632                 OUTYY(("P(dt_dnstap_socket_path:%s)\n", $2));
2633                 free(cfg_parser->cfg->dnstap_socket_path);
2634                 cfg_parser->cfg->dnstap_socket_path = $2;
2635         }
2636         ;
2637 dt_dnstap_send_identity: VAR_DNSTAP_SEND_IDENTITY STRING_ARG
2638         {
2639                 OUTYY(("P(dt_dnstap_send_identity:%s)\n", $2));
2640                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2641                         yyerror("expected yes or no.");
2642                 else cfg_parser->cfg->dnstap_send_identity = (strcmp($2, "yes")==0);
2643                 free($2);
2644         }
2645         ;
2646 dt_dnstap_send_version: VAR_DNSTAP_SEND_VERSION STRING_ARG
2647         {
2648                 OUTYY(("P(dt_dnstap_send_version:%s)\n", $2));
2649                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2650                         yyerror("expected yes or no.");
2651                 else cfg_parser->cfg->dnstap_send_version = (strcmp($2, "yes")==0);
2652                 free($2);
2653         }
2654         ;
2655 dt_dnstap_identity: VAR_DNSTAP_IDENTITY STRING_ARG
2656         {
2657                 OUTYY(("P(dt_dnstap_identity:%s)\n", $2));
2658                 free(cfg_parser->cfg->dnstap_identity);
2659                 cfg_parser->cfg->dnstap_identity = $2;
2660         }
2661         ;
2662 dt_dnstap_version: VAR_DNSTAP_VERSION STRING_ARG
2663         {
2664                 OUTYY(("P(dt_dnstap_version:%s)\n", $2));
2665                 free(cfg_parser->cfg->dnstap_version);
2666                 cfg_parser->cfg->dnstap_version = $2;
2667         }
2668         ;
2669 dt_dnstap_log_resolver_query_messages: VAR_DNSTAP_LOG_RESOLVER_QUERY_MESSAGES STRING_ARG
2670         {
2671                 OUTYY(("P(dt_dnstap_log_resolver_query_messages:%s)\n", $2));
2672                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2673                         yyerror("expected yes or no.");
2674                 else cfg_parser->cfg->dnstap_log_resolver_query_messages =
2675                         (strcmp($2, "yes")==0);
2676                 free($2);
2677         }
2678         ;
2679 dt_dnstap_log_resolver_response_messages: VAR_DNSTAP_LOG_RESOLVER_RESPONSE_MESSAGES STRING_ARG
2680         {
2681                 OUTYY(("P(dt_dnstap_log_resolver_response_messages:%s)\n", $2));
2682                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2683                         yyerror("expected yes or no.");
2684                 else cfg_parser->cfg->dnstap_log_resolver_response_messages =
2685                         (strcmp($2, "yes")==0);
2686                 free($2);
2687         }
2688         ;
2689 dt_dnstap_log_client_query_messages: VAR_DNSTAP_LOG_CLIENT_QUERY_MESSAGES STRING_ARG
2690         {
2691                 OUTYY(("P(dt_dnstap_log_client_query_messages:%s)\n", $2));
2692                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2693                         yyerror("expected yes or no.");
2694                 else cfg_parser->cfg->dnstap_log_client_query_messages =
2695                         (strcmp($2, "yes")==0);
2696                 free($2);
2697         }
2698         ;
2699 dt_dnstap_log_client_response_messages: VAR_DNSTAP_LOG_CLIENT_RESPONSE_MESSAGES STRING_ARG
2700         {
2701                 OUTYY(("P(dt_dnstap_log_client_response_messages:%s)\n", $2));
2702                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2703                         yyerror("expected yes or no.");
2704                 else cfg_parser->cfg->dnstap_log_client_response_messages =
2705                         (strcmp($2, "yes")==0);
2706                 free($2);
2707         }
2708         ;
2709 dt_dnstap_log_forwarder_query_messages: VAR_DNSTAP_LOG_FORWARDER_QUERY_MESSAGES STRING_ARG
2710         {
2711                 OUTYY(("P(dt_dnstap_log_forwarder_query_messages:%s)\n", $2));
2712                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2713                         yyerror("expected yes or no.");
2714                 else cfg_parser->cfg->dnstap_log_forwarder_query_messages =
2715                         (strcmp($2, "yes")==0);
2716                 free($2);
2717         }
2718         ;
2719 dt_dnstap_log_forwarder_response_messages: VAR_DNSTAP_LOG_FORWARDER_RESPONSE_MESSAGES STRING_ARG
2720         {
2721                 OUTYY(("P(dt_dnstap_log_forwarder_response_messages:%s)\n", $2));
2722                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2723                         yyerror("expected yes or no.");
2724                 else cfg_parser->cfg->dnstap_log_forwarder_response_messages =
2725                         (strcmp($2, "yes")==0);
2726                 free($2);
2727         }
2728         ;
2729 pythonstart: VAR_PYTHON
2730         { 
2731                 OUTYY(("\nP(python:)\n")); 
2732         }
2733         ;
2734 contents_py: contents_py content_py
2735         | ;
2736 content_py: py_script
2737         ;
2738 py_script: VAR_PYTHON_SCRIPT STRING_ARG
2739         {
2740                 OUTYY(("P(python-script:%s)\n", $2));
2741                 if(!cfg_strlist_append_ex(&cfg_parser->cfg->python_script, $2))
2742                         yyerror("out of memory");
2743         }
2744 server_disable_dnssec_lame_check: VAR_DISABLE_DNSSEC_LAME_CHECK STRING_ARG
2745         {
2746                 OUTYY(("P(disable_dnssec_lame_check:%s)\n", $2));
2747                 if (strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2748                         yyerror("expected yes or no.");
2749                 else cfg_parser->cfg->disable_dnssec_lame_check =
2750                         (strcmp($2, "yes")==0);
2751                 free($2);
2752         }
2753         ;
2754 server_log_identity: VAR_LOG_IDENTITY STRING_ARG
2755         {
2756                 OUTYY(("P(server_log_identity:%s)\n", $2));
2757                 free(cfg_parser->cfg->log_identity);
2758                 cfg_parser->cfg->log_identity = $2;
2759         }
2760         ;
2761 server_response_ip: VAR_RESPONSE_IP STRING_ARG STRING_ARG
2762         {
2763                 OUTYY(("P(server_response_ip:%s %s)\n", $2, $3));
2764                 validate_respip_action($3);
2765                 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_actions,
2766                         $2, $3))
2767                         fatal_exit("out of memory adding response-ip");
2768         }
2769         ;
2770 server_response_ip_data: VAR_RESPONSE_IP_DATA STRING_ARG STRING_ARG
2771         {
2772                 OUTYY(("P(server_response_ip_data:%s)\n", $2));
2773                 if(!cfg_str2list_insert(&cfg_parser->cfg->respip_data,
2774                         $2, $3))
2775                         fatal_exit("out of memory adding response-ip-data");
2776         }
2777         ;
2778 dnscstart: VAR_DNSCRYPT
2779         {
2780                 OUTYY(("\nP(dnscrypt:)\n"));
2781         }
2782         ;
2783 contents_dnsc: contents_dnsc content_dnsc
2784         | ;
2785 content_dnsc:
2786         dnsc_dnscrypt_enable | dnsc_dnscrypt_port | dnsc_dnscrypt_provider |
2787         dnsc_dnscrypt_secret_key | dnsc_dnscrypt_provider_cert |
2788         dnsc_dnscrypt_provider_cert_rotated |
2789         dnsc_dnscrypt_shared_secret_cache_size |
2790         dnsc_dnscrypt_shared_secret_cache_slabs |
2791         dnsc_dnscrypt_nonce_cache_size |
2792         dnsc_dnscrypt_nonce_cache_slabs
2793         ;
2794 dnsc_dnscrypt_enable: VAR_DNSCRYPT_ENABLE STRING_ARG
2795         {
2796                 OUTYY(("P(dnsc_dnscrypt_enable:%s)\n", $2));
2797                 if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
2798                         yyerror("expected yes or no.");
2799                 else cfg_parser->cfg->dnscrypt = (strcmp($2, "yes")==0);
2800                 free($2);
2801         }
2802         ;
2803
2804 dnsc_dnscrypt_port: VAR_DNSCRYPT_PORT STRING_ARG
2805         {
2806                 OUTYY(("P(dnsc_dnscrypt_port:%s)\n", $2));
2807                 if(atoi($2) == 0)
2808                         yyerror("port number expected");
2809                 else cfg_parser->cfg->dnscrypt_port = atoi($2);
2810                 free($2);
2811         }
2812         ;
2813 dnsc_dnscrypt_provider: VAR_DNSCRYPT_PROVIDER STRING_ARG
2814         {
2815                 OUTYY(("P(dnsc_dnscrypt_provider:%s)\n", $2));
2816                 free(cfg_parser->cfg->dnscrypt_provider);
2817                 cfg_parser->cfg->dnscrypt_provider = $2;
2818         }
2819         ;
2820 dnsc_dnscrypt_provider_cert: VAR_DNSCRYPT_PROVIDER_CERT STRING_ARG
2821         {
2822                 OUTYY(("P(dnsc_dnscrypt_provider_cert:%s)\n", $2));
2823                 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_provider_cert, $2))
2824                         log_warn("dnscrypt-provider-cert %s is a duplicate", $2);
2825                 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert, $2))
2826                         fatal_exit("out of memory adding dnscrypt-provider-cert");
2827         }
2828         ;
2829 dnsc_dnscrypt_provider_cert_rotated: VAR_DNSCRYPT_PROVIDER_CERT_ROTATED STRING_ARG
2830         {
2831                 OUTYY(("P(dnsc_dnscrypt_provider_cert_rotated:%s)\n", $2));
2832                 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_provider_cert_rotated, $2))
2833                         fatal_exit("out of memory adding dnscrypt-provider-cert-rotated");
2834         }
2835         ;
2836 dnsc_dnscrypt_secret_key: VAR_DNSCRYPT_SECRET_KEY STRING_ARG
2837         {
2838                 OUTYY(("P(dnsc_dnscrypt_secret_key:%s)\n", $2));
2839                 if(cfg_strlist_find(cfg_parser->cfg->dnscrypt_secret_key, $2))
2840                         log_warn("dnscrypt-secret-key: %s is a duplicate", $2);
2841                 if(!cfg_strlist_insert(&cfg_parser->cfg->dnscrypt_secret_key, $2))
2842                         fatal_exit("out of memory adding dnscrypt-secret-key");
2843         }
2844         ;
2845 dnsc_dnscrypt_shared_secret_cache_size: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SIZE STRING_ARG
2846   {
2847         OUTYY(("P(dnscrypt_shared_secret_cache_size:%s)\n", $2));
2848         if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_shared_secret_cache_size))
2849                 yyerror("memory size expected");
2850         free($2);
2851   }
2852   ;
2853 dnsc_dnscrypt_shared_secret_cache_slabs: VAR_DNSCRYPT_SHARED_SECRET_CACHE_SLABS STRING_ARG
2854   {
2855         OUTYY(("P(dnscrypt_shared_secret_cache_slabs:%s)\n", $2));
2856         if(atoi($2) == 0)
2857                 yyerror("number expected");
2858         else {
2859                 cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs = atoi($2);
2860                 if(!is_pow2(cfg_parser->cfg->dnscrypt_shared_secret_cache_slabs))
2861                         yyerror("must be a power of 2");
2862         }
2863         free($2);
2864   }
2865   ;
2866 dnsc_dnscrypt_nonce_cache_size: VAR_DNSCRYPT_NONCE_CACHE_SIZE STRING_ARG
2867   {
2868         OUTYY(("P(dnscrypt_nonce_cache_size:%s)\n", $2));
2869         if(!cfg_parse_memsize($2, &cfg_parser->cfg->dnscrypt_nonce_cache_size))
2870                 yyerror("memory size expected");
2871         free($2);
2872   }
2873   ;
2874 dnsc_dnscrypt_nonce_cache_slabs: VAR_DNSCRYPT_NONCE_CACHE_SLABS STRING_ARG
2875   {
2876         OUTYY(("P(dnscrypt_nonce_cache_slabs:%s)\n", $2));
2877         if(atoi($2) == 0)
2878                 yyerror("number expected");
2879         else {
2880                 cfg_parser->cfg->dnscrypt_nonce_cache_slabs = atoi($2);
2881                 if(!is_pow2(cfg_parser->cfg->dnscrypt_nonce_cache_slabs))
2882                         yyerror("must be a power of 2");
2883         }
2884         free($2);
2885   }
2886   ;
2887 cachedbstart: VAR_CACHEDB
2888         {
2889                 OUTYY(("\nP(cachedb:)\n"));
2890         }
2891         ;
2892 contents_cachedb: contents_cachedb content_cachedb
2893         | ;
2894 content_cachedb: cachedb_backend_name | cachedb_secret_seed |
2895         redis_server_host | redis_server_port | redis_timeout
2896         ;
2897 cachedb_backend_name: VAR_CACHEDB_BACKEND STRING_ARG
2898         {
2899         #ifdef USE_CACHEDB
2900                 OUTYY(("P(backend:%s)\n", $2));
2901                 if(cfg_parser->cfg->cachedb_backend)
2902                         yyerror("cachedb backend override, there must be one "
2903                                 "backend");
2904                 free(cfg_parser->cfg->cachedb_backend);
2905                 cfg_parser->cfg->cachedb_backend = $2;
2906         #else
2907                 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2908                 free($2);
2909         #endif
2910         }
2911         ;
2912 cachedb_secret_seed: VAR_CACHEDB_SECRETSEED STRING_ARG
2913         {
2914         #ifdef USE_CACHEDB
2915                 OUTYY(("P(secret-seed:%s)\n", $2));
2916                 if(cfg_parser->cfg->cachedb_secret)
2917                         yyerror("cachedb secret-seed override, there must be "
2918                                 "only one secret");
2919                 free(cfg_parser->cfg->cachedb_secret);
2920                 cfg_parser->cfg->cachedb_secret = $2;
2921         #else
2922                 OUTYY(("P(Compiled without cachedb, ignoring)\n"));
2923                 free($2);
2924         #endif
2925         }
2926         ;
2927 redis_server_host: VAR_CACHEDB_REDISHOST STRING_ARG
2928         {
2929         #if defined(USE_CACHEDB) && defined(USE_REDIS)
2930                 OUTYY(("P(redis_server_host:%s)\n", $2));
2931                 free(cfg_parser->cfg->redis_server_host);
2932                 cfg_parser->cfg->redis_server_host = $2;
2933         #else
2934                 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2935                 free($2);
2936         #endif
2937         }
2938         ;
2939 redis_server_port: VAR_CACHEDB_REDISPORT STRING_ARG
2940         {
2941         #if defined(USE_CACHEDB) && defined(USE_REDIS)
2942                 int port;
2943                 OUTYY(("P(redis_server_port:%s)\n", $2));
2944                 port = atoi($2);
2945                 if(port == 0 || port < 0 || port > 65535)
2946                         yyerror("valid redis server port number expected");
2947                 else cfg_parser->cfg->redis_server_port = port;
2948         #else
2949                 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2950         #endif
2951                 free($2);
2952         }
2953         ;
2954 redis_timeout: VAR_CACHEDB_REDISTIMEOUT STRING_ARG
2955         {
2956         #if defined(USE_CACHEDB) && defined(USE_REDIS)
2957                 OUTYY(("P(redis_timeout:%s)\n", $2));
2958                 if(atoi($2) == 0)
2959                         yyerror("redis timeout value expected");
2960                 else cfg_parser->cfg->redis_timeout = atoi($2);
2961         #else
2962                 OUTYY(("P(Compiled without cachedb or redis, ignoring)\n"));
2963         #endif
2964                 free($2);
2965         }
2966         ;
2967 server_tcp_connection_limit: VAR_TCP_CONNECTION_LIMIT STRING_ARG STRING_ARG
2968         {
2969                 OUTYY(("P(server_tcp_connection_limit:%s %s)\n", $2, $3));
2970                 if (atoi($3) < 0)
2971                         yyerror("positive number expected");
2972                 else {
2973                         if(!cfg_str2list_insert(&cfg_parser->cfg->tcp_connection_limits, $2, $3))
2974                                 fatal_exit("out of memory adding tcp connection limit");
2975                 }
2976         }
2977         ;
2978         ipsetstart: VAR_IPSET
2979                 {
2980                         OUTYY(("\nP(ipset:)\n"));
2981                 }
2982                 ;
2983         contents_ipset: contents_ipset content_ipset
2984                 | ;
2985         content_ipset: ipset_name_v4 | ipset_name_v6
2986                 ;
2987         ipset_name_v4: VAR_IPSET_NAME_V4 STRING_ARG
2988                 {
2989                 #ifdef USE_IPSET
2990                         OUTYY(("P(name-v4:%s)\n", $2));
2991                         if(cfg_parser->cfg->ipset_name_v4)
2992                                 yyerror("ipset name v4 override, there must be one "
2993                                         "name for ip v4");
2994                         free(cfg_parser->cfg->ipset_name_v4);
2995                         cfg_parser->cfg->ipset_name_v4 = $2;
2996                 #else
2997                         OUTYY(("P(Compiled without ipset, ignoring)\n"));
2998                         free($2);
2999                 #endif
3000                 }
3001         ;
3002         ipset_name_v6: VAR_IPSET_NAME_V6 STRING_ARG
3003         {
3004                 #ifdef USE_IPSET
3005                         OUTYY(("P(name-v6:%s)\n", $2));
3006                         if(cfg_parser->cfg->ipset_name_v6)
3007                                 yyerror("ipset name v6 override, there must be one "
3008                                         "name for ip v6");
3009                         free(cfg_parser->cfg->ipset_name_v6);
3010                         cfg_parser->cfg->ipset_name_v6 = $2;
3011                 #else
3012                         OUTYY(("P(Compiled without ipset, ignoring)\n"));
3013                         free($2);
3014                 #endif
3015                 }
3016         ;
3017 %%
3018
3019 /* parse helper routines could be here */
3020 static void
3021 validate_respip_action(const char* action)
3022 {
3023         if(strcmp(action, "deny")!=0 &&
3024                 strcmp(action, "redirect")!=0 &&
3025                 strcmp(action, "inform")!=0 &&
3026                 strcmp(action, "inform_deny")!=0 &&
3027                 strcmp(action, "always_transparent")!=0 &&
3028                 strcmp(action, "always_refuse")!=0 &&
3029                 strcmp(action, "always_nxdomain")!=0)
3030         {
3031                 yyerror("response-ip action: expected deny, redirect, "
3032                         "inform, inform_deny, always_transparent, "
3033                         "always_refuse or always_nxdomain");
3034         }
3035 }
3036
3037
Unnamed repository; edit this file 'description' to name the repository.