Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PfPorts: dnsmasq is a little old

    2.1 Snapshot Feedback and Problems - RETIRED
    2
    5
    1386
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      msi last edited by

      G'day

      Don't know if this the best place to report this, or redmine:

      pfPorts contains DNSmasq 2.45 which dates back to 2008 - although, beyond some possibility to TFTP DoS vulnerability fixed with 2.50 (CVE: 2009-2957, CVE: 2009-2958) I haven't found security vulnerabilities in the current version inside pfSense. Any objections against an update?

      1 Reply Last reply Reply Quote 0
      • M
        msi last edited by

        Replying to myself since I looked at why potentially this is the current state - at least  initially - dnsmasq was kept on 2.45.

        The cause was the removal of the ISC dhscp lease monitoring code from dnsmasq.
        From my findings in redmine and git logs it seems this method has been replace now long time ago with an own dhcp lease parser.

        Would be interesting to hear if there were other causes. In the meanwhile I'm looking at the ports file in DNSmasq - maybe
        this could be synced to FreeBSD - and actually the current upstream Makefile seems to enable IPv6 by default as compared to back in 2008.

        1 Reply Last reply Reply Quote 0
        • jimp
          jimp Rebel Alliance Developer Netgate last edited by

          If a current version works with all the features we use, then sure it can be updated.

          We actually use dnsmasq-no-isc-dhcp-parser pfPort now which is 2.55.

          The old port was kept in place in case we had to build new images based on pfSense 1.2.x for customers.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • M
            msi last edited by

            Thanks, I didn't realize this (still getting accustomed to the structure of pfsense-tools).

            So far, current versions after 2.55 contain a couple of IPv6/DHCPv6-related changes and improvements which might be of interest for pfSense 2.1

            1 Reply Last reply Reply Quote 0
            • M
              msi last edited by

              In the meantime: dnsmasq has been bumped to the latest version, feel free to check out snapshots.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post