Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédenteProchaine révisionLes deux révisions suivantes | ||
logiciel:internet:dnsmasq:dnsmasq.conf [2020/11/05 20:20] – [Options] admin | logiciel:internet:dnsmasq:dnsmasq.conf [2021/02/17 10:07] – ↷ Page déplacée de fr:logiciel:internet:dnsmasq:dnsmasq.conf à logiciel:internet:dnsmasq:dnsmasq.conf admin | ||
---|---|---|---|
Ligne 5: | Ligne 5: | ||
====== Format ====== | ====== Format ====== | ||
- | Une option par ligne | + | Une option par ligne :<code txt >< |
les options valides sont les mêmes que celles sur la ligne de commande. | les options valides sont les mêmes que celles sur la ligne de commande. | ||
Ligne 239: | Ligne 239: | ||
? dhcp-option=vendor: | ? dhcp-option=vendor: | ||
: Send the Encapsulated-vendor-class ID needed by some configurations of Etherboot to allow is to recognise the DHCP server. | : Send the Encapsulated-vendor-class ID needed by some configurations of Etherboot to allow is to recognise the DHCP server. | ||
- | | + | |
- | + | : | |
- | # Send options to PXELinux. Note that we need to send the options even | + | ? dhcp-option-force=208, |
- | # though they don't appear in the parameter request list, so we need | + | : Send options to PXELinux. Note that we need to send the options even though they don't appear in the parameter request list, so we need to use dhcp-option-force here. See http:// |
- | # to use dhcp-option-force here. | + | ? |
- | # See http:// | + | : |
- | # Magic number - needed before anything else is recognised | + | ? |
- | #dhcp-option-force=208,f1:00:74:7e | + | : |
- | # Configuration file name | + | ? |
- | #dhcp-option-force=209,configs/common | + | : |
- | # Path prefix | + | ? |
- | #dhcp-option-force=210,/ | + | : |
- | # Reboot time. (Note ' | + | ? dhcp-boot=pxelinux.0 |
- | #dhcp-option-force=211,30i | + | : |
- | + | ? | |
- | # Set the boot filename for netboot/ | + | : |
- | # this if you want to boot machines over the network and you will need | + | ? |
- | # a TFTP server; either dnsmasq' | + | : The idea is to send two different filenames, the first loads iPXE, and the second tells iPXE what to load. The dhcp-match sets the ipxe tag for requests from iPXE. |
- | # external one. (See below for how to enable the TFTP server.) | + | ? |
- | #dhcp-boot=pxelinux.0 | + | : |
- | + | ? dhcp-match=set: | |
- | # The same as above, but use custom tftp-server instead machine running dnsmasq | + | : |
- | # | + | ? dhcp-boot=tag: |
- | + | : | |
- | # Boot for iPXE. The idea is to send two different | + | ? |
- | # filenames, the first loads iPXE, and the second tells iPXE what to | + | : All the options are encapsulated within option 175 |
- | # load. The dhcp-match sets the ipxe tag for requests from iPXE. | + | ? |
- | #dhcp-boot=undionly.kpxe | + | : priority code |
- | #dhcp-match=set: | + | ? |
- | #dhcp-boot=tag: | + | : no-proxydhcp |
- | + | ? | |
- | # Encapsulated options for iPXE. All the options are | + | : bus-id |
- | # encapsulated within option 175 | + | ? |
- | #dhcp-option=encap: | + | : BIOS drive code |
- | #dhcp-option=encap: | + | ? |
- | #dhcp-option=encap: | + | : iSCSI username |
- | #dhcp-option=encap: | + | ? |
- | #dhcp-option=encap: | + | : iSCSI password |
- | #dhcp-option=encap: | + | ? dhcp-match |
- | + | : | |
- | # Test for the architecture of a netboot client. PXE clients are | + | : PXE clients are supposed to send their architecture as option 93. (See RFC 4578) |
- | # supposed to send their architecture as option 93. (See RFC 4578) | + | ? |
- | #dhcp-match=peecees, | + | ? |
- | #dhcp-match=itanics, | + | ? |
- | #dhcp-match=hammers, | + | ? |
- | #dhcp-match=mactels, | + | ? pxe-prompt |
- | + | : | |
- | # Do real PXE, rather than just booting a single file, this is an | + | ? pxe-prompt=" |
- | # alternative to dhcp-boot. | + | : Do real PXE, rather than just booting a single file, this is an alternative to dhcp-boot. |
- | #pxe-prompt=" | + | ? |
- | # or with timeout before first available action is taken: | + | : |
- | #pxe-prompt="Press F8 for menu.", 60 | + | ? |
- | + | : | |
- | # Available boot services. for PXE. | + | ? pxe-service=x86PC, |
- | #pxe-service=x86PC, | + | : |
- | + | ? | |
- | # Loads < | + | : |
- | #pxe-service=x86PC, | + | ? |
- | + | : | |
- | # Loads < | + | : |
- | # Beware this fails on old PXE ROMS. | + | ? |
- | #pxe-service=x86PC, | + | : |
- | + | ? | |
- | # Use bootserver on network, found my multicast or broadcast. | + | : |
- | #pxe-service=x86PC, | + | ? multicast-FTP |
- | + | : | |
- | # Use bootserver at a known IP address. | + | ? enable-tftp |
- | #pxe-service=x86PC, | + | : |
- | + | ? | |
- | # If you have multicast-FTP available, | + | : |
- | # information for that can be passed in a similar way using options 1 | + | ? |
- | # to 5. See page 19 of | + | : |
- | # http:// | + | ? |
- | + | : | |
- | + | ? | |
- | # Enable dnsmasq' | + | : |
- | #enable-tftp | + | ? dhcp-boot |
- | + | : | |
- | # Set the root directory for files available via FTP. | + | ? dhcp-boot=tag: |
- | #tftp-root=/ | + | : |
- | + | ? | |
- | # Do not abort if the tftp-root is unavailable | + | : |
- | #tftp-no-fail | + | : |
- | + | ? | |
- | # Make the TFTP server more secure: with this set, only files owned by | + | : |
- | # the user dnsmasq is running as will be send over the net. | + | ? |
- | #tftp-secure | + | : |
- | + | ? dhcp-lease-max=150 | |
- | # This option stops dnsmasq from negotiating a larger blocksize for TFTP | + | : Set the limit on DHCP leases, the default is 150 |
- | # transfers. It will slow things down, but may rescue some broken TFTP | + | ? |
- | # clients. | + | : |
- | #tftp-no-blocksize | + | : |
- | + | ? | |
- | # Set the boot file name only when the " | + | : |
- | #dhcp-boot=tag:red,pxelinux.red-net | + | ? |
- | + | : | |
- | # An example of dhcp-boot with an external TFTP server: the name and IP | + | : |
- | # address of the server are given after the filename. | + | ? |
- | # Can fail with old PXE ROMS. Overridden by --pxe-service. | + | : |
- | #dhcp-boot=/ | + | : |
- | + | ? cache-size=150 | |
- | # If there are multiple external tftp servers having a same name | + | : |
- | # (using /etc/hosts) then that name can be specified as the | + | ? no-negcache |
- | # tftp_servername (the third option to dhcp-boot) and in that | + | : |
- | # case dnsmasq resolves this name and returns the resultant IP | + | ? local-ttl= |
- | # addresses in round robin fashion. This facility can be used to | + | |
- | # load balance the tftp load among a set of servers. | + | ? bogus-nxdomain=64.94.110.11 |
- | #dhcp-boot=/ | + | : |
- | + | ? alias | |
- | # Set the limit on DHCP leases, the default is 150 | + | : |
- | #dhcp-lease-max=150 | + | ? alias=1.2.3.4, |
- | + | : This alias makes a result of 1.2.3.4 appear as 5.6.7.8 | |
- | # The DHCP server needs somewhere on disk to keep its lease database. | + | ? |
- | # This defaults to a sane location, but if you want to change it, use | + | : |
- | # the line below. | + | ? |
- | #dhcp-leasefile=/ | + | : |
- | + | ? MX records | |
- | # Set the DHCP server to authoritative mode. In this mode it will barge in | + | : |
- | # and take over the lease for any client which broadcasts on the network, | + | ? mx-host=maildomain.com, |
- | # whether it has a record of the lease or not. This avoids long timeouts | + | : |
- | # when a machine wakes up on a new network. DO NOT enable this if there' | + | ? |
- | # the slightest chance that you might end up accidentally configuring a DHCP | + | : |
- | # server for your campus/ | + | ? localmx |
- | # the same option, and this URL provides more information: | + | : |
- | # http:// | + | ? selfmx |
- | #dhcp-authoritative | + | : |
- | + | ? srv-host | |
- | # Set the DHCP server to enable DHCPv4 Rapid Commit Option per RFC 4039. | + | : |
- | # In this mode it will respond to a DHCPDISCOVER message including a Rapid Commit | + | : |
- | # option with a DHCPACK including a Rapid Commit option and fully committed address | + | : |
- | # and configuration information. This must only be enabled if either the server is | + | : |
- | # the only server for the subnet, or multiple servers are present and they each | + | : |
- | # commit a binding for all clients. | + | ? srv-host=_ldap._tcp.example.com, |
- | #dhcp-rapid-commit | + | : |
- | + | ? domain=example.com\\ | |
- | # Run an executable when a DHCP lease is created or destroyed. | + | : |
- | # The arguments sent to the script are " | + | ? |
- | # then the MAC address, the IP address and finally the hostname | + | : Two SRV records for LDAP, each with different priorities |
- | # if there is one. | + | ? srv-host=_ldap._tcp.example.com |
- | #dhcp-script=/bin/echo | + | : |
- | + | ? ptr-record=_http._tcp.dns-sd-services," | |
- | # Set the cachesize here. | + | : |
- | #cache-size=150 | + | ? txt-record |
- | + | : | |
- | # If you want to disable negative caching, uncomment this. | + | : |
- | #no-negcache | + | ? |
- | + | : | |
- | # Normally responses which come from /etc/hosts and the DHCP lease | + | ? |
- | # file have Time-To-Live set as zero, which conventionally means | + | : Example zeroconf |
- | # do not cache further. If you are happy to trade lower load on the | + | ? cname=bertand, |
- | # server for potentially stale date, you can set a time-to-live (in | + | : Provide an alias for a " |
- | # seconds) here. | + | ? log-queries |
- | #local-ttl= | + | : |
- | + | ? | |
- | # If you want dnsmasq to detect attempts by Verisign to send queries | + | : |
- | # to unregistered .com and .net hosts to its sitefinder service and | + | ? |
- | # have dnsmasq instead return the correct NXDOMAIN response, uncomment | + | ? |
- | # this line. You can add similar lines to do the same for other | + | : Include another lot of configuration options. |
- | # registries which have implemented wildcard A records. | + | ? conf-dir=/ |
- | # | + | : Include all the files in a directory except those ending in .bak |
- | + | ? | |
- | # If you want to fix up DNS results from upstream servers, use the | + | : |
- | # alias option. This only works for IPv4. | + | ? dhcp-name-match=set: |
- | # This alias makes a result of 1.2.3.4 appear as 5.6.7.8 | + | ? dhcp-ignore-names=tag: |
- | #alias=1.2.3.4,5.6.7.8 | + | : |
- | # and this maps 1.2.3.x to 5.6.7.x | + | : |
- | #alias=1.2.3.0,5.6.7.0, | + | |
- | # and this maps 192.168.0.10-> | + | |
- | # | + | |
- | + | ||
- | # Change these lines if you want dnsmasq to serve MX records. | + | |
- | + | ||
- | # Return an MX record named " | + | |
- | # servermachine.com and preference 50 | + | |
- | #mx-host=maildomain.com, | + | |
- | + | ||
- | # Set the default target for MX records created using the localmx option. | + | |
- | # | + | |
- | + | ||
- | # Return an MX record pointing to the mx-target for all local | + | |
- | # machines. | + | |
- | #localmx | + | |
- | + | ||
- | # Return an MX record pointing to itself for all local machines. | + | |
- | #selfmx | + | |
- | + | ||
- | # Change the following lines if you want dnsmasq to serve SRV | + | |
- | # records. | + | |
- | # Active Directory and other windows-originated DNS requests. | + | |
- | # See RFC 2782. | + | |
- | # You may add multiple srv-host lines. | + | |
- | # The fields are < | + | |
- | # If the domain part if missing from the name (so that is just has the | + | |
- | # service and protocol sections) then the domain given by the domain= | + | |
- | # config option is used. (Note that expand-hosts does not need to be | + | |
- | # set for this to work.) | + | |
- | + | ||
- | # A SRV record sending LDAP for the example.com domain to | + | |
- | # ldapserver.example.com port 389 | + | |
- | #srv-host=_ldap._tcp.example.com, | + | |
- | + | ||
- | # A SRV record sending LDAP for the example.com domain to | + | |
- | # ldapserver.example.com port 389 (using domain=) | + | |
- | # | + | |
- | #srv-host=_ldap._tcp, | + | |
- | + | ||
- | # Two SRV records for LDAP, each with different priorities | + | |
- | #srv-host=_ldap._tcp.example.com, | + | |
- | #srv-host=_ldap._tcp.example.com, | + | |
- | + | ||
- | # A SRV record indicating that there is no LDAP server for the domain | + | |
- | # example.com | + | |
- | #srv-host=_ldap._tcp.example.com | + | |
- | + | ||
- | # The following line shows how to make dnsmasq serve an arbitrary PTR | + | |
- | # record. This is useful for DNS-SD. (Note that the | + | |
- | # domain-name expansion done for SRV records _does_not | + | |
- | # occur for PTR records.) | + | |
- | #ptr-record=_http._tcp.dns-sd-services," | + | |
- | + | ||
- | # Change the following lines to enable dnsmasq to serve TXT records. | + | |
- | # These are used for things like SPF and zeroconf. (Note that the | + | |
- | # domain-name expansion done for SRV records _does_not | + | |
- | # occur for TXT records.) | + | |
- | + | ||
- | #Example SPF. | + | |
- | #txt-record=example.com," | + | |
- | + | ||
- | #Example | + | |
- | #txt-record=_http._tcp.example.com, | + | |
- | + | ||
- | # Provide an alias for a " | + | |
- | # for targets which are names from DHCP or /etc/hosts. Give host | + | |
- | # " | + | |
- | # | + | |
- | + | ||
- | # For debugging purposes, log each DNS query as it passes through | + | |
- | # dnsmasq. | + | |
- | #log-queries | + | |
- | + | ||
- | # Log lots of extra information about DHCP transactions. | + | |
- | #log-dhcp | + | |
- | + | ||
- | # Include another lot of configuration options. | + | |
- | #conf-file=/ | + | |
- | #conf-dir=/ | + | |
- | + | ||
- | # Include all the files in a directory except those ending in .bak | + | |
- | #conf-dir=/ | + | |
- | + | ||
- | # Include all files in a directory which end in .conf | + | |
- | #conf-dir=/ | + | |
- | + | ||
- | # If a DHCP client claims that its name is " | + | |
- | # This fixes a security hole. see CERT Vulnerability VU#598349 | + | |
- | # | + | |
- | # | + | |
====== Voir aussi ====== | ====== Voir aussi ====== |