Add documentation for common dnsmasq warnings
yubiuser opened this issue · 2 comments
yubiuser commented
In the upcoming Pi-hole version, the diagnosis system will also show dnsmasq
warnings. To reduce user confusion and support requests, we should add common dnsmasq warnings and their interpretation to the documentation
DL6ER commented
These are the possible warnings:
src/dnsmasq/auth.c:704
my_syslog(LOG_WARNING, _("ignoring zone transfer request from %s"), daemon->addrbuff);
src/dnsmasq/bpf.c:1713
my_syslog(LOG_WARNING, _("Unknown protocol version from route socket"));
src/dnsmasq/dnsmasq.c:10559
my_syslog(LOG_WARNING, _("cache size greater than 10000 may cause performance issues, and is unlikely to be useful."));
src/dnsmasq/dnsmasq.c:10571
my_syslog(LOG_WARNING, "chown of PID file %s failed: %s", daemon->runfile, strerror(chown_warn));
src/dnsmasq/dnsmasq.c:10627
my_syslog(LOG_WARNING, _("warning: failed to change owner of %s: %s"),
daemon->log_file, strerror(log_err));
src/dnsmasq/dnsmasq.c:10632
my_syslog(LOG_WARNING, _("setting --bind-interfaces option because of OS limitations"));
src/dnsmasq/dnsmasq.c:10645
my_syslog(LOG_WARNING, _("warning: interface %s does not currently exist"), if_tmp->name);
src/dnsmasq/dnsmasq.c:10650
my_syslog(LOG_WARNING, _("warning: ignoring resolv-file flag because no-resolv is set"));
src/dnsmasq/dnsmasq.c:10653
my_syslog(LOG_WARNING, _("warning: no upstream servers configured"));
src/dnsmasq/dnsmasq.c:10686
my_syslog(LOG_WARNING, netlink_warn);
src/dnsmasq/dnsmasq.c:11231
my_syslog(LOG_WARNING, _("script process killed by signal %d"), ev.data);
src/dnsmasq/dnsmasq.c:11235
my_syslog(LOG_WARNING, _("script process exited with status %d"), ev.data);
src/dnsmasq/dnsmasq.c:11358
my_syslog(LOG_WARNING, _("failed to access %s: %s"), res->name, strerror(errno));
src/dnsmasq/dnsmasq.c:11399
my_syslog(LOG_WARNING, _("no servers found in %s, will retry"), latest->name);
src/dnsmasq/dnssec.c:14950
my_syslog(LOG_WARNING, _("Insecure DS reply received for %s, check domain configuration and upstream DNS server DNSSEC support"), name);
src/dnsmasq/forward.c:18523
my_syslog(LOG_WARNING, _("discarding DNS reply: subnet option mismatch"));
src/dnsmasq/forward.c:18590
my_syslog(LOG_WARNING, _("nameserver %s refused to do a recursive query"), daemon->namebuff);
src/dnsmasq/forward.c:18635
my_syslog(LOG_WARNING, _("possible DNS-rebind attack detected: %s"), daemon->namebuff);
src/dnsmasq/forward.c:19007
my_syslog(LOG_WARNING, _("reducing DNS packet size for nameserver %s to %d"), daemon->addrbuff, SAFE_PKTSZ);
src/dnsmasq/forward.c:19322
my_syslog(LOG_WARNING, _("Ignoring query from non-local network"));
src/dnsmasq/forward.c:19888
my_syslog(LOG_WARNING, _("Ignoring query from non-local network"));
src/dnsmasq/forward.c:20508
my_syslog(LOG_WARNING, _("Maximum number of concurrent DNS queries reached (max: %d)"), daemon->ftabsize);
src/dnsmasq/forward.c:20510
my_syslog(LOG_WARNING, _("Maximum number of concurrent DNS queries to %s reached (max: %d)"), domain, daemon->ftabsize);
src/dnsmasq/log.c:23747
my_syslog(LOG_WARNING, _("overflow: %d log entries lost"), e);
src/dnsmasq/network.c:25534
my_syslog(LOG_WARNING, s, daemon->addrbuff, strerror(errno));
src/dnsmasq/network.c:25870
my_syslog(LOG_WARNING,
_("LOUD WARNING: listening on %s may accept requests via interfaces other than %s"),
daemon->addrbuff, iface->name);
src/dnsmasq/network.c:25878
my_syslog(LOG_WARNING, _("LOUD WARNING: use --bind-dynamic rather than --bind-interfaces to avoid DNS amplification attacks via these interface(s)"));
src/dnsmasq/network.c:25887
my_syslog(LOG_WARNING, _("warning: using interface %s instead"), iface->name);
src/dnsmasq/network.c:25896
my_syslog(LOG_WARNING, _("warning: no addresses found for interface %s"), intname->intr);
src/dnsmasq/network.c:26232
my_syslog(LOG_WARNING, _("ignoring nameserver %s - local interface"), daemon->namebuff);
src/dnsmasq/network.c:26242
my_syslog(LOG_WARNING,
_("ignoring nameserver %s - cannot make/bind socket: %s"),
daemon->namebuff, strerror(errno));
src/dnsmasq/tables.c:41725
my_syslog(LOG_WARNING, _("IPset: error: %s"), pfr_strerror(errno));
src/dnsmasq/tables.c:41757
my_syslog(LOG_WARNING, _("warning: DIOCR%sADDRS: %s"), ( remove ? "DEL" : "ADD" ), pfr_strerror(errno));
generated using this small awk
script (grep
isn't enough because of multi-line matches above)
#!/bin/bash
awk '{
if ($0 ~ /\(LOG_WARNING,/) {
triggered=1;
print FILENAME ":" NR;
}
if (triggered) {
print;
if ($0 ~ /\);/) {
triggered=0;
}
}
}' src/dnsmasq/*
AJ commented
What do we do about these warnings? I'm not sure if they're documented anywhere in terms of handling or their impact. Not sure how to make the warnings go away (besides "deleting" them)
Please ignore. Found it at https://docs.pi-hole.net/ftldns/dnsmasq_warn/