luci: add server flags option and suppress some log

etc/smartdns/smartdns.conf

@@ -148,7 +148,7 @@ force-qtype-SOA 65
 # response-mode [first-ping|fastest-ip|fastest-response]
 
 # set log level
-# log-level: [level], level=fatal, error, warn, notice, info, debug
+# log-level: [level], level=off, fatal, error, warn, notice, info, debug
 # log-file: file path of log file.
 # log-console [yes|no]: output log to console.
 # log-size: size of each log file, support k,m,g

package/luci-compat/files/luci/i18n/smartdns.zh-cn.po

@@ -12,6 +12,9 @@ msgstr "额外规则标识"
 msgid "Additional Server Args"
 msgstr "额外的服务器参数"
 
+msgid "Additional server args, refer to the help description of the bind option."
+msgstr "额外的服务器参数，参考bind选项的帮助说明。"
+
 msgid "Advanced Settings"
 msgstr "高级设置"
 
@@ -287,6 +290,18 @@ msgstr "监听在指定的设备上，避免非本地网络的DNS查询请求。
 msgid "Local Port"
 msgstr "本地端口"
 
+msgid "Log Size"
+msgstr "日志大小"
+
+msgid "Log Level"
+msgstr "日志级别"
+
+msgid "Log Number"
+msgstr "日志数量"
+
+msgid "Log File"
+msgstr "日志文件路径"
+
 msgid "Marking Packets"
 msgstr "数据包标记"
 
@@ -563,6 +578,9 @@ msgstr "上传域名列表文件"
 msgid "Upload smartdns config file to /etc/smartdns/conf.d"
 msgstr "上传配置文件到/etc/smartdns/conf.d"
 
+msgid "Upstream DNS Server Configuration"
+msgstr "上游DNS服务器配置"
+
 msgid "Upstream Servers"
 msgstr "上游服务器"
 

package/luci-compat/files/luci/model/cbi/smartdns/smartdns.lua

@@ -162,7 +162,7 @@ end
 
 ---- Domain prefetch load 
 o = s:taboption("advanced", Flag, "prefetch_domain", translate("Domain prefetch"), translate("Enable domain prefetch, accelerate domain response speed."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -183,8 +183,8 @@ o.rempty      = true
 
 ---- cache-persist;
 o = s:taboption("advanced", Flag, "cache_persist", translate("Cache Persist"), translate("Write cache to disk on exit and load on startup."))
-o.rmempty      = false;
-o.default     = o.enabled;
+o.rmempty      = false
+o.default     = o.enabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "1"
 end
@@ -199,8 +199,8 @@ end
 
 -- Force AAAA SOA
 o = s:taboption("advanced", Flag, "force_aaaa_soa", translate("Force AAAA SOA"), translate("Force AAAA SOA."))
-o.rmempty     = false
-o.default     = o.enabled
+o.rmempty     = true
+o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
 end
@@ -268,6 +268,12 @@ uci:foreach("smartdns", "download-file", function(section)
     o:value(section.name);
 end)
 
+---- other args
+o = s:taboption("advanced", Value, "server_flags", translate("Additional Server Args"), translate("Additional server args, refer to the help description of the bind option."))
+o.default     = ""
+o.rempty      = true
+o.optional    = true
+
 ---- second dns server
 ---- Eanble
 o = s:taboption("seconddns", Flag, "seconddns_enabled", translate("Enable"), translate("Enable or disable second DNS server."))
@@ -297,7 +303,7 @@ o.datatype    = "hostname"
 o.rempty      = true
 
 o = s:taboption("seconddns", Flag, "seconddns_no_speed_check", translate("Skip Speed Check"), translate("Do not check speed."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -305,7 +311,7 @@ end
 
 ---- skip address rules
 o = s:taboption("seconddns", Flag, "seconddns_no_rule_addr", translate("Skip Address Rules"), translate("Skip address rules."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -313,7 +319,7 @@ end
 
 ---- skip name server rules
 o = s:taboption("seconddns", Flag, "seconddns_no_rule_nameserver", translate("Skip Nameserver Rule"), translate("Skip nameserver rules."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -321,7 +327,7 @@ end
 
 ---- skip ipset rules
 o = s:taboption("seconddns", Flag, "seconddns_no_rule_ipset", translate("Skip Ipset Rule"), translate("Skip ipset rules."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -329,14 +335,14 @@ end
 
 ---- skip soa address rule
 o = s:taboption("seconddns", Flag, "seconddns_no_rule_soa", translate("Skip SOA Address Rule"), translate("Skip SOA address rules."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
 end
 
 o = s:taboption("seconddns", Flag, "seconddns_no_dualstack_selection", translate("Skip Dualstack Selection"), translate("Skip Dualstack Selection."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -344,7 +350,7 @@ end
 
 ---- skip cache
 o = s:taboption("seconddns", Flag, "seconddns_no_cache", translate("Skip Cache"), translate("Skip Cache."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -352,7 +358,7 @@ end
 
 ---- Force AAAA SOA
 o = s:taboption("seconddns", Flag, "seconddns_force_aaaa_soa", translate("Force AAAA SOA"), translate("Force AAAA SOA."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -379,6 +385,12 @@ function o.validate(self, value)
     return nil, translate("NFTset name format error, format: [#[4|6]:[family#table#set]]")
 end
 
+---- other args
+o = s:taboption("seconddns", Value, "seconddns_server_flags", translate("Additional Server Args"),  translate("Additional server args, refer to the help description of the bind option."))
+o.default     = ""
+o.rempty      = true
+o.optional    = true
+
 ----- Proxy server settings
 o = s:taboption("proxy", Value, "proxy_server", translate("Proxy Server"), translate("Proxy Server URL, format: [socks5|http]://user:pass@ip:port."));
 o.datatype = 'string';
@@ -418,12 +430,36 @@ function custom.write(self, section, value)
 end
 
 o = s:taboption("custom", Flag, "coredump", translate("Generate Coredump"), translate("Generate Coredump file when smartdns crash, coredump file is located at /tmp/smartdns.xxx.core."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
 end
 
+o = s:taboption("custom", Value, "log_size", translate("Log Size"))
+o.rmempty = true
+o.placeholder = "default"
+
+o = s:taboption("custom", ListValue, "log_level", translate("Log Level"))
+o.rmempty     = true
+o.placeholder = "default"
+o:value("", translate("default"))
+o:value("debug")
+o:value("info")
+o:value("notice")
+o:value("warn")
+o:value("error")
+o:value("fatal")
+o:value("off")
+
+o = s:taboption("custom", Value, "log_num", translate("Log Number"))
+o.rmempty = true
+o.placeholder = "default"
+
+o = s:taboption("custom", Value, "log_file", translate("Log File"))
+o.rmempty = true
+o.placeholder = "/var/log/smartdns/smartdns.log"
+
 -- Upstream servers
 s = m:section(TypedSection, "server", translate("Upstream Servers"), translate("Upstream Servers, support UDP, TCP protocol. " ..
 	"Please configure multiple DNS servers, including multiple foreign DNS servers."))
@@ -522,11 +558,11 @@ end
 
 o = s:taboption("forwarding", Flag, "no_speed_check", translate("Skip Speed Check"),
     translate("Do not check speed."))
-o.rmempty = false
+o.rmempty = true
 o.default = o.disabled
 
 o = s:taboption("forwarding", Flag, "force_aaaa_soa", translate("Force AAAA SOA"), translate("Force AAAA SOA."))
-o.rmempty = false
+o.rmempty = true
 o.default = o.disabled
 
 o = s:taboption("forwarding", Value, "ipset_name", translate("IPset Name"), translate("IPset name."))
@@ -636,7 +672,7 @@ s.anonymous = true
 
 ---- download Files Settings
 o = s:option(Flag, "enable_auto_update", translate("Enable Auto Update"), translate("Enable daily auto update."))
-o.rmempty = false
+o.rmempty = true
 o.default = o.disabled
 o.rempty = true
 
@@ -670,11 +706,11 @@ s.addremove = true
 s.template = "cbi/tblsection"
 
 o = s:option(Value, 'name', translate('File Name'), translate('File Name'))
-o.rmempty = false
+o.rmempty = true
 o.datatype = 'string'
 
 o = s:option(Value, 'url', translate('URL'), translate('URL'))
-o.rmempty = false
+o.rmempty = true
 o.datatype = 'string'
 function o.validate(self, value, section)
     if value == "" then
@@ -736,7 +772,7 @@ o.write = function()
 end
 
 o = s:option(Button, "Restart")
-o.title = translate("Restart smartdns")
+o.title = translate("Restart Service")
 o.inputtitle = translate("Restart")
 o.inputstyle = "apply"
 o.write = function()

package/luci-compat/files/luci/model/cbi/smartdns/upstream.lua

@@ -56,7 +56,7 @@ o.default     = "udp"
 o.rempty      = false
 
 ---- server group
-o = s:option(Value, "server_group", translate("Server Group"), translate("DNS Server group belongs to, used with nameserver, such as office, home."))
+o = s:option(Value, "server_group", translate("Server Group"), translate("DNS Server group belongs to, such as office, home."))
 o.rmempty     = true
 o.placeholder = "default"
 o.datatype    = "hostname"
@@ -64,14 +64,14 @@ o.rempty      = true
 
 ---- exclude default group
 o = s:option(Flag, "exclude_default_group", translate("Exclude Default Group"), translate("Exclude DNS Server from default group."))
-o.rmempty = false
+o.rmempty = true
 o.default = o.disabled
 o.editable = true
 o.modalonly = true
 
 ---- blacklist_ip
 o = s:option(Flag, "blacklist_ip", translate("IP Blacklist Filtering"), translate("Filtering IP with blacklist"))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -87,7 +87,7 @@ o:depends("type", "https")
 
 ---- certificate verify
 o = s:option(Flag, "no_check_certificate", translate("No check certificate"), translate("Do not check certificate."))
-o.rmempty     = false
+o.rmempty     = true
 o.default     = o.disabled
 o.cfgvalue    = function(...)
     return Flag.cfgvalue(...) or "0"
@@ -154,6 +154,5 @@ end
 o = s:option(Value, "addition_arg", translate("Additional Server Args"), translate("Additional Args for upstream dns servers"))
 o.default     = ""
 o.rempty      = true
-o.optional    = true
 
 return m

package/luci/files/luci/i18n/smartdns.zh-cn.po

@@ -12,6 +12,9 @@ msgstr "额外规则标识"
 msgid "Additional Server Args"
 msgstr "额外的服务器参数"
 
+msgid "Additional server args, refer to the help description of the bind option."
+msgstr "额外的服务器参数，参考bind选项的帮助说明。"
+
 msgid "Advanced Settings"
 msgstr "高级设置"
 
@@ -287,6 +290,18 @@ msgstr "监听在指定的设备上，避免非本地网络的DNS查询请求。
 msgid "Local Port"
 msgstr "本地端口"
 
+msgid "Log Size"
+msgstr "日志大小"
+
+msgid "Log Level"
+msgstr "日志级别"
+
+msgid "Log Number"
+msgstr "日志数量"
+
+msgid "Log File"
+msgstr "日志文件路径"
+
 msgid "Marking Packets"
 msgstr "数据包标记"
 

package/luci/files/root/www/luci-static/resources/view/smartdns/smartdns.js

@@ -245,7 +245,7 @@ return view.extend({
 		// Domain prefetch load ;
 		o = s.taboption("advanced", form.Flag, "prefetch_domain", _("Domain prefetch"),
 			_("Enable domain prefetch, accelerate domain response speed."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		// Domain Serve expired
@@ -270,7 +270,7 @@ return view.extend({
 
 		// Force AAAA SOA
 		o = s.taboption("advanced", form.Flag, "force_aaaa_soa", _("Force AAAA SOA"), _("Force AAAA SOA."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		// Force HTTPS SOA
@@ -342,6 +342,12 @@ return view.extend({
 			_("Reply maximum TTL for all domain result."));
 		o.rempty = true;
 
+		// other args
+		o = s.taboption("advanced", form.Value, "server_flags", _("Additional Server Args"), 
+			_("Additional server args, refer to the help description of the bind option."))
+		o.default = ""
+		o.rempty = true
+
 		// include config
 		download_files = uci.sections('smartdns', 'download-file');
 		o = s.taboption("advanced", form.DynamicList, "conf_files", _("Include Config Files<br>/etc/smartdns/conf.d"),
@@ -365,7 +371,7 @@ return view.extend({
 		o = s.taboption("seconddns", form.Flag, "seconddns_enabled", _("Enable"),
 			_("Enable or disable second DNS server."));
 		o.default = o.disabled;
-		o.rempty = false;
+		o.rempty = true;
 
 		// Port;
 		o = s.taboption("seconddns", form.Value, "seconddns_port", _("Local Port"), _("Smartdns local server port"));
@@ -389,46 +395,46 @@ return view.extend({
 
 		o = s.taboption("seconddns", form.Flag, "seconddns_no_speed_check", _("Skip Speed Check"),
 			_("Do not check speed."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		// skip address rules;
 		o = s.taboption("seconddns", form.Flag, "seconddns_no_rule_addr", _("Skip Address Rules"),
 			_("Skip address rules."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		// skip name server rules;
 		o = s.taboption("seconddns", form.Flag, "seconddns_no_rule_nameserver", _("Skip Nameserver Rule"),
 			_("Skip nameserver rules."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		// skip ipset rules;
 		o = s.taboption("seconddns", form.Flag, "seconddns_no_rule_ipset", _("Skip Ipset Rule"),
 			_("Skip ipset rules."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		// skip soa address rule;
 		o = s.taboption("seconddns", form.Flag, "seconddns_no_rule_soa", _("Skip SOA Address Rule"),
 			_("Skip SOA address rules."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		o = s.taboption("seconddns", form.Flag, "seconddns_no_dualstack_selection", _("Skip Dualstack Selection"),
 			_("Skip Dualstack Selection."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		// skip cache;
 		o = s.taboption("seconddns", form.Flag, "seconddns_no_cache", _("Skip Cache"), _("Skip Cache."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		// Force AAAA SOA
 		o = s.taboption("seconddns", form.Flag, "seconddns_force_aaaa_soa", _("Force AAAA SOA"), _("Force AAAA SOA."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		o = s.taboption("seconddns", form.Value, "seconddns_ipset_name", _("IPset Name"), _("IPset name."));
@@ -469,6 +475,12 @@ return view.extend({
 			return true;
 		}
 
+		// other args
+		o = s.taboption("seconddns", form.Value, "seconddns_server_flags", _("Additional Server Args"), 
+			_("Additional server args, refer to the help description of the bind option."))
+		o.default = ""
+		o.rempty = true
+
 		///////////////////////////////////////
 		// DNS64 Settings
 		///////////////////////////////////////
@@ -481,7 +493,7 @@ return view.extend({
 		// download Files Settings
 		///////////////////////////////////////
 		o = s.taboption("files", form.Flag, "enable_auto_update", _("Enable Auto Update"), _("Enable daily auto update."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 		o.rempty = true;
 
@@ -521,11 +533,11 @@ return view.extend({
 		ss.sortable = true;
 
 		so = ss.option(form.Value, 'name', _('File Name'), _('File Name'));
-		so.rmempty = false;
+		so.rmempty = true;
 		so.datatype = 'file';
 
 		so = ss.option(form.Value, 'url', _('URL'), _('URL'));
-		so.rmempty = false;
+		so.rmempty = true;
 		so.datatype = 'string';
 		so.validate = function (section_id, value) {
 			if (value == "") {
@@ -586,9 +598,33 @@ return view.extend({
 
 		o = s.taboption("custom", form.Flag, "coredump", _("Generate Coredump"),
 			_("Generate Coredump file when smartdns crash, coredump file is located at /tmp/smartdns.xxx.core."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
+		o = s.taboption("custom", form.Value, "log_size", _("Log Size"));
+		o.rmempty = true;
+		o.placeholder = "default";
+
+		o = s.taboption("custom", form.ListValue, "log_level", _("Log Level"));
+		o.rmempty = true;
+		o.placeholder = "default";
+		o.value("", _("default"));
+		o.value("debug");
+		o.value("info");
+		o.value("notice");
+		o.value("warn");
+		o.value("error");
+		o.value("fatal");
+		o.value("off");
+
+		o = s.taboption("custom", form.Value, "log_num", _("Log Number"));
+		o.rmempty = true;
+		o.placeholder = "default";
+
+		o = s.taboption("custom", form.Value, "log_file", _("Log File"))
+		o.rmempty = true
+		o.placeholder = "/var/log/smartdns/smartdns.log"
+
 		////////////////
 		// Upstream servers;
 		////////////////
@@ -656,7 +692,7 @@ return view.extend({
 
 		// Advanced Options
 		o = s.taboption("advanced", form.Flag, "exclude_default_group", _("Exclude Default Group"), _("Exclude DNS Server from default group."))
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 		o.editable = true;
 		o.modalonly = true;
@@ -664,7 +700,7 @@ return view.extend({
 		// blacklist_ip
 		o = s.taboption("advanced", form.Flag, "blacklist_ip", _("IP Blacklist Filtering"),
 			_("Filtering IP with blacklist"))
-		o.rmempty = false
+		o.rmempty = true
 		o.default = o.disabled
 		o.modalonly = true;
 
@@ -681,7 +717,7 @@ return view.extend({
 		// certificate verify
 		o = s.taboption("advanced", form.Flag, "no_check_certificate", _("No check certificate"),
 			_("Do not check certificate."))
-		o.rmempty = false
+		o.rmempty = true
 		o.default = o.disabled
 		o.modalonly = true;
 		o.depends("type", "tls")
@@ -800,11 +836,11 @@ return view.extend({
 
 		o = s.taboption("forwarding", form.Flag, "no_speed_check", _("Skip Speed Check"),
 			_("Do not check speed."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		o = s.taboption("forwarding", form.Flag, "force_aaaa_soa", _("Force AAAA SOA"), _("Force AAAA SOA."));
-		o.rmempty = false;
+		o.rmempty = true;
 		o.default = o.disabled;
 
 		o = s.taboption("forwarding", form.Value, "ipset_name", _("IPset Name"), _("IPset name."));
@@ -954,7 +990,7 @@ return view.extend({
 
 		so = ss.option(form.FileUpload, "domain_list_file", _("Domain List File"),
 			_("Upload domain list file, or configure auto download from Download File Setting page."));
-		so.rmempty = false
+		so.rmempty = true
 		so.datatype = "file"
 		so.rempty = true
 		so.root_directory = "/etc/smartdns/domain-set"

package/openwrt/custom.conf

@@ -1,14 +1,2 @@
 # Add custom settings here.
-
-# set log level
-# log-level [level], level=fatal, error, warn, notice, info, debug
-# log-level error
-
-# log-size k,m,g
-# log-size 128k
-
-# log-file /var/log/smartdns.log
-# log-num 2
-
-# List of hosts that supply bogus NX domain results 
-# bogus-nxdomain [ip/subnet]
+# please read https://pymumu.github.io/smartdns/config/basic-config/

package/openwrt/files/etc/init.d/smartdns

@@ -445,6 +445,9 @@ load_second_server()
 	config_get_bool "seconddns_tcp_server" "$section" "seconddns_tcp_server" "1"
 	config_get ipv6_server "$section" "ipv6_server" "1"
 
+	config_get seconddns_server_flags "$section" "seconddns_server_flags" ""
+	[ -z "$seconddns_server_flags" ] || ARGS="$ARGS $seconddns_server_flags"
+
 	conf_append_bind "$seconddns_port" "$device" "$seconddns_tcp_server" "$ipv6_server" "$ARGS"
 }
 

src/dns.c

@@ -913,6 +913,11 @@ int dns_add_SOA(struct dns_packet *packet, dns_rr_type type, const char *domain,
 	unsigned char data[sizeof(*soa)];
 	unsigned char *ptr = data;
 	int len = 0;
+
+	if (soa == NULL || domain == NULL || packet == NULL) {
+		return -1;
+	}
+
 	safe_strncpy((char *)ptr, soa->mname, DNS_MAX_CNAME_LEN);
 	ptr += strnlen(soa->mname, DNS_MAX_CNAME_LEN - 1) + 1;
 	safe_strncpy((char *)ptr, soa->rname, DNS_MAX_CNAME_LEN);

src/dns_client.c

@@ -56,7 +56,7 @@
 #include <unistd.h>
 
 #define DNS_MAX_HOSTNAME 256
-#define DNS_MAX_EVENTS 64
+#define DNS_MAX_EVENTS 256
 #define DNS_HOSTNAME_LEN 128
 #define DNS_TCP_BUFFER (32 * 1024)
 #define DNS_TCP_IDLE_TIMEOUT (60 * 10)

src/dns_conf.c

@@ -3308,18 +3308,20 @@ static int _config_log_level(void *data, int argc, char *argv[])
 	/* read log level and set */
 	char *value = argv[1];
 
-	if (strncmp("debug", value, MAX_LINE_LEN) == 0) {
+	if (strncasecmp("debug", value, MAX_LINE_LEN) == 0) {
 		dns_conf_log_level = TLOG_DEBUG;
-	} else if (strncmp("info", value, MAX_LINE_LEN) == 0) {
+	} else if (strncasecmp("info", value, MAX_LINE_LEN) == 0) {
 		dns_conf_log_level = TLOG_INFO;
-	} else if (strncmp("notice", value, MAX_LINE_LEN) == 0) {
+	} else if (strncasecmp("notice", value, MAX_LINE_LEN) == 0) {
 		dns_conf_log_level = TLOG_NOTICE;
-	} else if (strncmp("warn", value, MAX_LINE_LEN) == 0) {
+	} else if (strncasecmp("warn", value, MAX_LINE_LEN) == 0) {
 		dns_conf_log_level = TLOG_WARN;
-	} else if (strncmp("error", value, MAX_LINE_LEN) == 0) {
+	} else if (strncasecmp("error", value, MAX_LINE_LEN) == 0) {
 		dns_conf_log_level = TLOG_ERROR;
-	} else if (strncmp("fatal", value, MAX_LINE_LEN) == 0) {
+	} else if (strncasecmp("fatal", value, MAX_LINE_LEN) == 0) {
 		dns_conf_log_level = TLOG_FATAL;
+	} else if (strncasecmp("off", value, MAX_LINE_LEN) == 0) {
+		dns_conf_log_level = TLOG_OFF;
 	} else {
 		return -1;
 	}

src/dns_server.c

@@ -1122,6 +1122,11 @@ static int _dns_server_reply_tcp(struct dns_request *request, struct dns_server_
 	unsigned char inpacket_data[DNS_IN_PACKSIZE];
 	unsigned char *inpacket = inpacket_data;
 
+	if (len > sizeof(inpacket_data) - 2) {
+		tlog(TLOG_ERROR, "packet size is invalid.");
+		return -1;
+	}
+
 	/* TCP query format
 	 * | len (short) | dns query data |
 	 */
@@ -6361,6 +6366,7 @@ static void _dns_server_save_cache_to_file(void)
 			close(i);
 		}
 
+		tlog_setlevel(TLOG_OFF);
 		_dns_server_cache_save(1);
 		_exit(0);
 	} else if (pid < 0) {

src/proxy.c

@@ -542,7 +542,7 @@ static proxy_handshake_state _proxy_handshake_socks5(struct proxy_conn *proxy_co
 			return PROXY_HANDSHAKE_ERR;
 		}
 
-		tlog(TLOG_INFO, "server %s select auth method is %d", proxy_conn->server_info->proxy_name,
+		tlog(TLOG_DEBUG, "server %s select auth method is %d", proxy_conn->server_info->proxy_name,
 			 proxy_conn->buffer.buffer[1]);
 		if (proxy_conn->buffer.buffer[1] == PROXY_SOCKS5_AUTH_USER_PASS) {
 			return _proxy_handshake_socks5_send_auth(proxy_conn);
@@ -592,7 +592,7 @@ static proxy_handshake_state _proxy_handshake_socks5(struct proxy_conn *proxy_co
 			return PROXY_HANDSHAKE_ERR;
 		}
 
-		tlog(TLOG_INFO, "server %s auth success", proxy_conn->server_info->proxy_name);
+		tlog(TLOG_DEBUG, "server %s auth success", proxy_conn->server_info->proxy_name);
 		proxy_conn->state = PROXY_CONN_CONNECTING;
 		return _proxy_handshake_socks5_reply_connect_addr(proxy_conn);
 	case PROXY_CONN_CONNECTING: {
@@ -720,7 +720,7 @@ static proxy_handshake_state _proxy_handshake_socks5(struct proxy_conn *proxy_co
 		}
 
 		proxy_conn->state = PROXY_CONN_CONNECTED;
-		tlog(TLOG_INFO, "success connect to socks5 proxy server %s", proxy_conn->server_info->proxy_name);
+		tlog(TLOG_DEBUG, "success connect to socks5 proxy server %s", proxy_conn->server_info->proxy_name);
 		return PROXY_HANDSHAKE_CONNECTED;
 	} break;
 	default:
@@ -838,7 +838,7 @@ static int _proxy_handshake_http(struct proxy_conn *proxy_conn)
 		if (proxy_conn->buffer.len < 0) {
 			proxy_conn->buffer.len = 0;
 		}
-		tlog(TLOG_INFO, "success connect to http proxy server %s", proxy_conn->server_info->proxy_name);
+		tlog(TLOG_DEBUG, "success connect to http proxy server %s", proxy_conn->server_info->proxy_name);
 		proxy_conn->state = PROXY_CONN_CONNECTED;
 		ret = PROXY_HANDSHAKE_CONNECTED;
 		goto out;
@@ -929,6 +929,11 @@ int proxy_conn_sendto(struct proxy_conn *proxy_conn, const void *buf, size_t len
 		return -1;
 	}
 
+	if (sizeof(buffer) - buffer_len <= len) {
+		errno = ENOSPC;
+		return -1;
+	}
+
 	memcpy(buffer + buffer_len, buf, len);
 	buffer_len += len;
 

src/tlog.h

@@ -26,7 +26,8 @@ typedef enum {
     TLOG_WARN = 3,
     TLOG_ERROR = 4,
     TLOG_FATAL = 5,
-    TLOG_END = 6
+    TLOG_OFF = 6,
+    TLOG_END = 7
 } tlog_level;
 
 struct tlog_time {