DNSPROXY(1)
NAME
dnsproxy -- DNS proxy
SYNOPSIS
dnsproxy [-dhV] [-c file]
DESCRIPTION
The dnsproxy daemon waits for nameserver queries on a user specified
address, dispatches these queries to authoritative and recursive nameservers and forwards the received answers back to the original client.
The options are as follows:
-c file Read configuration from file.
-d Detach from current terminal and run as background process.
-h Show usage.
-V Show version.
If a client from an internal IP address does a recursive lookup the query
is forwarded to a recursive DNS server. Authoritative queries and
queries coming from clients in foreign networks are forwarded to an
authoritative DNS server.
CONFIGURATION FILE
At startup dnsproxy reads a configuration file specified via the -c
option or at the default location of /etc/dnsproxy.conf.
The following keywords are recognized:
authoritative IP
Address of the authoritative nameserver [required].
recursive IP
Address of the recursive nameserver [required].
listen IP
Local address (defaults to 0.0.0.0).
port number
Local port number (defaults to 53).
chroot path
A path to chroot to before starting to answer queries.
user name
A user to change to before starting to answer queries.
authoritative-timeout seconds
Time in seconds when authoritative queries time out (defaults to 10).
recursive-timeout seconds
Time in seconds when recursive queries time out (defaults to 90).
authoritative-port number
Port number on authoritative nameserver (defaults to 53).
recursive-port number
Port number on recursive nameserver (defaults to 53).
statistics seconds
Period between output of statistics (defaults to 3600). Use 0 to disable
output of statistics completely.
- internal network
Declare networks recognized as internal and thus eligible to do recursive queries. One network in CIDR notation per keyword. - EXAMPLE
- authoritative 10.1.1.1
recursive 127.0.0.1
recursive-port 10053
listen 192.168.1.1
port 53
chroot /var/empty
user nobody
internal 192.168.1.0/24
internal 127.0.0.1
STATISTICS
- Every hour (by default) dnsproxy logs the collected statistics about its
usage to standard error (or syslog when running detached). Statistics
look like - ActiveQr AuthorQr RecursQr AllQuery Answered
0 0 0 0 0
TimeoutQ DroppedQ DroppedA LateAnsw HashColl
0 0 0 0 0 - and have the following meaning:
- ActiveQr
Number of currently active queries proxied to the servers. - AuthorQr
Accumulated number of authoritative queries. - RecursQr
Accumulated number of recursive queries. - AllQuery
Accumulated number of all queries ever received. - Answered
Accumulated number of answered queries. - TimeoutQ
Accumulated number of queries that did not receive an answer in time. - DroppedQ
Accumulated number of dropped queries (e.g. transmission errors). - DroppedA
Accumulated number of dropped answers. - LateAnsw
Accumulated number of answers received after the timeout period. - HashColl
Accumulated number of hash collisions in the query list.
SEE ALSO
VERSION
This manual page describes dnsproxy version 1.16.
AUTHORS
Armin Wolfermann <armin@wolfermann.org>
- The dnsproxy homepage is at http://www.wolfermann.org/dnsproxy.html.