echo " port: $UB_N_RX_PORT"
echo " outgoing-port-permit: 10240-65535"
echo " interface: 0.0.0.0"
- echo " interface: ::0"
echo " outgoing-interface: 0.0.0.0"
echo " do-ip4: yes"
echo " do-ip6: no"
echo " edns-buffer-size: $UB_N_EDNS_SIZE"
echo " port: $UB_N_RX_PORT"
echo " outgoing-port-permit: 10240-65535"
- echo " interface: 0.0.0.0"
echo " interface: ::0"
echo " outgoing-interface: ::0"
echo " do-ip4: no"
} >> $UB_CORE_CONF
;;
+ ip6_local)
+ {
+ echo " edns-buffer-size: $UB_N_EDNS_SIZE"
+ echo " port: $UB_N_RX_PORT"
+ echo " outgoing-port-permit: 10240-65535"
+ echo " interface: 0.0.0.0"
+ echo " interface: ::0"
+ echo " outgoing-interface: 0.0.0.0"
+ echo " do-ip4: yes"
+ echo " do-ip6: yes"
+ echo
+ } >> $UB_CORE_CONF
+ ;;
+
ip6_prefer)
{
echo " edns-buffer-size: $UB_N_EDNS_SIZE"
esac
- {
- # Other harding and options for an embedded router
- echo " harden-short-bufsize: yes"
- echo " harden-large-queries: yes"
- echo " harden-glue: yes"
- echo " harden-below-nxdomain: no"
- echo " harden-referral-path: no"
- echo " use-caps-for-id: no"
- echo
- } >> $UB_CORE_CONF
-
-
case "$UB_D_RESOURCE" in
# Tiny - Unbound's recommended cheap hardware config
tiny) rt_mem=1 ; rt_conn=2 ; rt_buff=1 ;;
# Small - Half RRCACHE and open ports
small) rt_mem=8 ; rt_conn=10 ; rt_buff=2 ;;
# Medium - Nearly default but with some added balancintg
- medium) rt_mem=16 ; rt_conn=20 ; rt_buff=4 ;;
+ medium) rt_mem=16 ; rt_conn=15 ; rt_buff=4 ;;
# Large - Double medium
- large) rt_mem=32 ; rt_conn=40 ; rt_buff=4 ;;
+ large) rt_mem=32 ; rt_conn=20 ; rt_buff=4 ;;
# Whatever unbound does
*) rt_mem=0 ; rt_conn=0 ;;
esac
if [ "$rt_mem" -gt 0 ] ; then
{
+ # Other harding and options for an embedded router
+ echo " harden-short-bufsize: yes"
+ echo " harden-large-queries: yes"
+ echo " harden-glue: yes"
+ echo " use-caps-for-id: no"
+ echo
# Set memory sizing parameters
echo " msg-buffer-size: $(($rt_buff*8192))"
- echo " outgoing-range: $(($rt_conn*64))"
- echo " num-queries-per-thread: $(($rt_conn*32))"
+ echo " outgoing-range: $(($rt_conn*32))"
+ echo " num-queries-per-thread: $(($rt_conn*16))"
echo " outgoing-num-tcp: $(($rt_conn))"
echo " incoming-num-tcp: $(($rt_conn))"
echo " rrset-cache-size: $(($rt_mem*256))k"
+++ /dev/null
-Index: daemon/remote.c
-===================================================================
---- a/daemon/remote.c
-+++ b/daemon/remote.c
-@@ -1950,6 +1950,11 @@
- return NULL;
- }
- } else {
-+#ifndef HAVE_SSL_SET1_HOST
-+ if(auth_name)
-+ log_err("no name verification functionality in "
-+ "ssl library, ignored name for %s", todo);
-+#endif
- /* add address */
- if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
- auth_name)) {
-Index: iterator/iter_fwd.c
-===================================================================
---- a/iterator/iter_fwd.c
-+++ b/iterator/iter_fwd.c
-@@ -239,6 +239,11 @@
- s->name, p->str);
- return 0;
- }
-+#ifndef HAVE_SSL_SET1_HOST
-+ if(tls_auth_name)
-+ log_err("no name verification functionality in "
-+ "ssl library, ignored name for %s", p->str);
-+#endif
- if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
- tls_auth_name)) {
- log_err("out of memory");
-Index: iterator/iter_hints.c
-===================================================================
---- a/iterator/iter_hints.c
-+++ b/iterator/iter_hints.c
-@@ -252,6 +252,11 @@
- s->name, p->str);
- return 0;
- }
-+#ifndef HAVE_SSL_SET1_HOST
-+ if(auth_name)
-+ log_err("no name verification functionality in "
-+ "ssl library, ignored name for %s", p->str);
-+#endif
- if(!delegpt_add_addr_mlc(dp, &addr, addrlen, 0, 0,
- auth_name)) {
- log_err("out of memory");
git.99rst.org / openwrt-packages.git / commitdiff