dnsmasq --version (return code: 0)
Dnsmasq version 2.75 Copyright (c) 2000-2015 Simon Kelley
Compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify
This software comes with ABSOLUTELY NO WARRANTY.
Dnsmasq is free software, and you are welcome to redistribute it
under the terms of the GNU General Public License, version 2 or 3.
dnsmasq --help (return code: 0)
Usage: dnsmasq [options]
Valid options are:
-a, --listen-address=<ipaddr> Specify local address(es) to listen on.
-A, --address=/<domain>/<ipaddr> Return ipaddr for all hosts in specified domains.
-b, --bogus-priv Fake reverse lookups for RFC1918 private address ranges.
-B, --bogus-nxdomain=<ipaddr> Treat ipaddr as NXDOMAIN (defeats Verisign wildcard).
-c, --cache-size=<integer> Specify the size of the cache in entries (defaults to 150).
-C, --conf-file=<path> Specify configuration file (defaults to /etc/dnsmasq.conf).
-d, --no-daemon Do NOT fork into the background: run in debug mode.
-D, --domain-needed Do NOT forward queries with no domain part.
-e, --selfmx Return self-pointing MX records for local hosts.
-E, --expand-hosts Expand simple names in /etc/hosts with domain-suffix.
-f, --filterwin2k Don't forward spurious DNS requests from Windows hosts.
-F, --dhcp-range=<ipaddr>,... Enable DHCP in the range given with lease duration.
-g, --group=<groupname> Change to this group after startup (defaults to dip).
-G, --dhcp-host=<hostspec> Set address or hostname for a specified machine.
--dhcp-hostsfile=<path> Read DHCP host specs from file.
--dhcp-optsfile=<path> Read DHCP option specs from file.
--dhcp-hostsdir=<path> Read DHCP host specs from a directory.
--dhcp-optsdir=<path> Read DHCP options from a directory.
--tag-if=tag-expression Evaluate conditional tag expression.
-h, --no-hosts Do NOT load /etc/hosts file.
-H, --addn-hosts=<path> Specify a hosts file to be read in addition to /etc/hosts.
--hostsdir=<path> Read hosts files from a directory.
-i, --interface=<interface> Specify interface(s) to listen on.
-I, --except-interface=<interface> Specify interface(s) NOT to listen on.
-j, --dhcp-userclass=set:<tag>,<class> Map DHCP user class to tag.
--dhcp-circuitid=set:<tag>,<circuit>Map RFC3046 circuit-id to tag.
--dhcp-remoteid=set:<tag>,<remote> Map RFC3046 remote-id to tag.
--dhcp-subscrid=set:<tag>,<remote> Map RFC3993 subscriber-id to tag.
-J, --dhcp-ignore=tag:<tag>... Don't do DHCP for hosts with tag set.
--dhcp-broadcast[=tag:<tag>...] Force broadcast replies for hosts with tag set.
-k, --keep-in-foreground Do NOT fork into the background, do NOT run in debug mode.
-K, --dhcp-authoritative Assume we are the only DHCP server on the local network.
-l, --dhcp-leasefile=<path> Specify where to store DHCP leases (defaults to /var/lib/misc/dnsmasq.leases).
-L, --localmx Return MX records for local hosts.
-m, --mx-host=<host_name>,<target>,<prefSpecify an MX record.
-M, --dhcp-boot=<bootp opts> Specify BOOTP options to DHCP server.
-n, --no-poll Do NOT poll /etc/resolv.conf file, reload only on SIGHUP.
-N, --no-negcache Do NOT cache failed search results.
-o, --strict-order Use nameservers strictly in the order given in /etc/resolv.conf.
-O, --dhcp-option=<optspec> Specify options to be sent to DHCP clients.
--dhcp-option-force=<optspec> DHCP option sent even if the client does not request it.
-p, --port=<integer> Specify port to listen for DNS requests on (defaults to 53).
-P, --edns-packet-max=<integer> Maximum supported UDP packet size for EDNS.0 (defaults to 4096).
-q, --log-queries Log DNS queries.
-Q, --query-port=<integer> Force the originating port for upstream DNS queries.
-R, --no-resolv Do NOT read resolv.conf.
-r, --resolv-file=<path> Specify path to resolv.conf (defaults to /etc/resolv.conf).
--servers-file=<path> Specify path to file with server= options
-S, --server=/<domain>/<ipaddr> Specify address(es) of upstream servers with optional domains.
--rev-server=<addr>/<prefix>,<ipaddrSpecify address of upstream servers for reverse address queries
--local=/<domain>/ Never forward queries to specified domains.
-s, --domain=<domain>[,<range>] Specify the domain to be assigned in DHCP leases.
-t, --mx-target=<host_name> Specify default target in an MX record.
-T, --local-ttl=<integer> Specify time-to-live in seconds for replies from /etc/hosts.
--neg-ttl=<integer> Specify time-to-live in seconds for negative caching.
--max-ttl=<integer> Specify time-to-live in seconds for maximum TTL to send to clients.
--max-cache-ttl=<integer> Specify time-to-live ceiling for cache.
--min-cache-ttl=<integer> Specify time-to-live floor for cache.
-u, --user=<username> Change to this user after startup. (defaults to nobody).
-U, --dhcp-vendorclass=set:<tag>,<class>Map DHCP vendor class to tag.
-v, --version Display dnsmasq version and copyright information.
-V, --alias=<ipaddr>,<ipaddr>,<netmask> Translate IPv4 addresses from upstream servers.
-W, --srv-host=<name>,<target>,... Specify a SRV record.
-w, --help Display this message. Use --help dhcp for known DHCP options.
-x, --pid-file=<path> Specify path of PID file (defaults to /var/run/dnsmasq.pid).
-X, --dhcp-lease-max=<integer> Specify maximum number of DHCP leases (defaults to 1000).
-y, --localise-queries Answer DNS queries based on the interface a query was sent to.
-Y, --txt-record=<name>,<txt>[,<txt] Specify TXT DNS record.
--ptr-record=<name>,<target> Specify PTR DNS record.
--interface-name=<name>,<interface> Give DNS name to IPv4 address of interface.
-z, --bind-interfaces Bind only to interfaces in use.
-Z, --read-ethers Read DHCP static host information from /etc/ethers.
-1, --enable-dbus[=<busname>] Enable the DBus interface for setting upstream servers, etc.
-2, --no-dhcp-interface=<interface> Do not provide DHCP on this interface, only provide DNS.
-3, --bootp-dynamic[=tag:<tag>]... Enable dynamic address allocation for bootp.
-4, --dhcp-mac=set:<tag>,<mac address> Map MAC address (with wildcards) to option set.
--bridge-interface=<iface>,<alias>..Treat DHCP requests on aliases as arriving from interface.
-5, --no-ping Disable ICMP echo address checking in the DHCP server.
-6, --dhcp-script=<path> Shell script to run on DHCP lease creation and destruction.
--dhcp-luascript=path Lua script to run on DHCP lease creation and destruction.
--dhcp-scriptuser=<username> Run lease-change scripts as this user.
-7, --conf-dir=<path> Read configuration from all the files in this directory.
-8, --log-facility=<facilty>|<file> Log to this syslog facility or file. (defaults to DAEMON)
-9, --leasefile-ro Do not use leasefile.
-0, --dns-forward-max=<integer> Maximum number of concurrent DNS queries. (defaults to 150)
--clear-on-reload Clear DNS cache when reloading /etc/resolv.conf.
--dhcp-ignore-names[=tag:<tag>]... Ignore hostnames provided by DHCP clients.
--dhcp-no-override Do NOT reuse filename and server fields for extra DHCP options.
--enable-tftp[=<intr>[,<intr>]] Enable integrated read-only TFTP server.
--tftp-root=<dir>[,<iface>] Export files by TFTP only from the specified subtree.
--tftp-unique-root Add client IP address to tftp-root.
--tftp-secure Allow access only to files owned by the user running dnsmasq.
--tftp-no-fail Do not terminate the service if TFTP directories are inaccessible.
--tftp-max=<integer> Maximum number of conncurrent TFTP transfers (defaults to 50).
--tftp-no-blocksize Disable the TFTP blocksize extension.
--tftp-lowercase Convert TFTP filenames to lowercase
--tftp-port-range=<start>,<end> Ephemeral port range for use by TFTP transfers.
--log-dhcp Extra logging for DHCP.
--log-async[=<integer>] Enable async. logging; optionally set queue length.
--stop-dns-rebind Stop DNS rebinding. Filter private IP ranges when resolving.
--rebind-localhost-ok Allow rebinding of 127.0.0.0/8, for RBL servers.
--rebind-domain-ok=/<domain>/ Inhibit DNS-rebind protection on this domain.
--all-servers Always perform DNS queries to all servers.
--dhcp-match=set:<tag>,<optspec> Set tag if client includes matching option in request.
--dhcp-alternate-port[=<ports>] Use alternative ports for DHCP.
--naptr-record=<name>,<naptr> Specify NAPTR DNS record.
--min-port=<port> Specify lowest port available for DNS query transmission.
--dhcp-fqdn Use only fully qualified domain names for DHCP clients.
--dhcp-generate-names[=tag:<tag>] Generate hostnames based on MAC address for nameless clients.
--dhcp-proxy[=<ipaddr>]... Use these DHCP relays as full proxies.
--dhcp-relay=<local-addr>,<server>[,Relay DHCP requests to a remote server
--cname=<alias>,<target> Specify alias name for LOCAL DNS name.
--pxe-prompt=<prompt>,[<timeout>] Prompt to send to PXE clients.
--pxe-service=<service> Boot service for PXE menu.
--test Check configuration syntax.
--add-mac Add requestor's MAC address to forwarded DNS queries.
--add-subnet=<v4 pref>[,<v6 pref>] Add requestor's IP subnet to forwarded DNS queries.
--proxy-dnssec Proxy DNSSEC validation results from upstream nameservers.
--dhcp-sequential-ip Attempt to allocate sequential IP addresses to DHCP clients.
--conntrack Copy connection-track mark from queries to upstream connections.
--dhcp-client-update Allow DHCP clients to do their own DDNS updates.
--enable-ra Send router-advertisements for interfaces doing DHCPv6
--dhcp-duid=<enterprise>,<duid> Specify DUID_EN-type DHCPv6 server DUID
--host-record=<name>,<address> Specify host (A/AAAA and PTR) records
--dns-rr=<name>,<RR-number>,[<data>]Specify arbitrary DNS resource record
--bind-dynamic Bind to interfaces in use - check for new interfaces
--auth-server=<NS>,<interface> Export local names to global DNS
--auth-zone=<domain>,[<subnet>...] Domain to export to global DNS
--auth-ttl=<integer> Set TTL for authoritative replies
--auth-soa=<serial>[,...] Set authoritive zone information
--auth-sec-servers=<NS>[,<NS>...] Secondary authoritative nameservers for forward domains
--auth-peer=<ipaddr>[,<ipaddr>...] Peers which are allowed to do zone transfer
--ipset=/<domain>/<ipset>[,<ipset>..Specify ipsets to which matching domains should be added
--synth-domain=<domain>,<range>,[<prSpecify a domain and address range for synthesised names
--dnssec Activate DNSSEC validation
--trust-anchor=<domain>,[<class>],..Specify trust anchor key digest.
--dnssec-debug Disable upstream checking for DNSSEC debugging.
--dnssec-check-unsigned Ensure answers without DNSSEC are in unsigned zones.
--dnssec-no-timecheck Don't check DNSSEC signature timestamps until first cache-reload
--dnssec-timestamp=<path> Timestamp file to verify system clock for DNSSEC
--ra-param=<interface>,[high,|low,]<Set priority, resend-interval and router-lifetime
--quiet-dhcp Do not log routine DHCP.
--quiet-dhcp6 Do not log routine DHCPv6.
--quiet-ra Do not log RA.
--local-service Accept queries only from directly-connected networks
--dns-loop-detect Detect and remove DNS forwarding loops
--ignore-address=<ipaddr> Ignore DNS responses containing ipaddr.