Skip to content

Commit

Permalink
unbound: toggle system A/AAAA record creation
Browse files Browse the repository at this point in the history
  • Loading branch information
@swhite2
swhite2 committed Aug 3, 2022
1 parent a3ee365 commit e5633b8
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 31 deletions.
64 changes: 33 additions & 31 deletions src/etc/inc/plugins.inc.d/unbound.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -463,44 +463,46 @@ function unbound_add_host_entries($ifconfig_details = null)
$interfaces = array_keys(get_configured_interface_with_descr());
}

foreach ($interfaces as $interface) {
if ($interface == 'lo0' || substr($interface, 0, 4) == 'ovpn') {
continue;
}

list ($laddr) = interfaces_primary_address($interface, $ifconfig_details);
list ($laddr6) = interfaces_primary_address6($interface, $ifconfig_details);

foreach (['4' => $laddr, '6' => $laddr6] as $ip_version => $addr) {
if (empty($addr)) {
if (empty($config['unbound']['noregrecords'])) {
foreach ($interfaces as $interface) {
if ($interface == 'lo0' || substr($interface, 0, 4) == 'ovpn') {
continue;
}

$domain = $config['system']['domain'];
$dhcpd = $ip_version == '4' ? 'dhcpd' : 'dhcpd6';
$record = $ip_version == '4' ? 'A' : 'AAAA';
if (isset($config[$dhcpd][$interface]['enable']) && !empty($config[$dhcpd][$interface]['domain'])) {
$domain = $config[$dhcpd][$interface]['domain'];
}
if ($interface === get_primary_interface_from_list($interfaces) && !in_array($addr, $ptr_records, true)) {
$unbound_entries .= "local-data-ptr: \"{$addr} {$config['system']['hostname']}.{$domain}\"\n";
}
$unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$domain} {$record} {$addr}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']} {$record} {$addr}\"\n";
list ($laddr) = interfaces_primary_address($interface, $ifconfig_details);
list ($laddr6) = interfaces_primary_address6($interface, $ifconfig_details);

$ptr_records[] = $addr;
}
foreach (['4' => $laddr, '6' => $laddr6] as $ip_version => $addr) {
if (empty($addr)) {
continue;
}

if (empty($config['unbound']['noreglladdr6'])) {
if (!empty($lladdr6)) {
/* cannot embed scope */
$lladdr6 = explode('%', $lladdr6)[0];
$domain = $config['system']['domain'];
if (isset($config['dhcpdv6'][$interface]['enable']) && !empty($config['dhcpdv6'][$interface]['domain'])) {
$domain = $config['dhcpdv6'][$interface]['domain'];
$dhcpd = $ip_version == '4' ? 'dhcpd' : 'dhcpd6';
$record = $ip_version == '4' ? 'A' : 'AAAA';
if (isset($config[$dhcpd][$interface]['enable']) && !empty($config[$dhcpd][$interface]['domain'])) {
$domain = $config[$dhcpd][$interface]['domain'];
}
if ($interface === get_primary_interface_from_list($interfaces) && !in_array($addr, $ptr_records, true)) {
$unbound_entries .= "local-data-ptr: \"{$addr} {$config['system']['hostname']}.{$domain}\"\n";
}
$unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$domain} {$record} {$addr}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']} {$record} {$addr}\"\n";

$ptr_records[] = $addr;
}

if (empty($config['unbound']['noreglladdr6'])) {
if (!empty($lladdr6)) {
/* cannot embed scope */
$lladdr6 = explode('%', $lladdr6)[0];
$domain = $config['system']['domain'];
if (isset($config['dhcpdv6'][$interface]['enable']) && !empty($config['dhcpdv6'][$interface]['domain'])) {
$domain = $config['dhcpdv6'][$interface]['domain'];
}
$unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$domain} AAAA {$lladdr6}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$lladdr6}\"\n";
}
$unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$domain} AAAA {$lladdr6}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$lladdr6}\"\n";
}
}
}
Expand Down
16 changes: 16 additions & 0 deletions src/www/services_unbound.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@
$pconfig['regdhcpstatic'] = isset($a_unboundcfg['regdhcpstatic']);
$pconfig['txtsupport'] = isset($a_unboundcfg['txtsupport']);
$pconfig['cacheflush'] = isset($a_unboundcfg['cacheflush']);
$pconfig['noregrecords'] = isset($a_unboundcfg['noregrecords']);
// text values
$pconfig['port'] = !empty($a_unboundcfg['port']) ? $a_unboundcfg['port'] : null;
$pconfig['regdhcpdomain'] = !empty($a_unboundcfg['regdhcpdomain']) ? $a_unboundcfg['regdhcpdomain'] : null;
Expand Down Expand Up @@ -111,6 +112,7 @@
}

// boolean values
$a_unboundcfg['noregrecords'] = !empty($pconfig['noregrecords']);
$a_unboundcfg['cacheflush'] = !empty($pconfig['cacheflush']);
$a_unboundcfg['dns64'] = !empty($pconfig['dns64']);
$a_unboundcfg['dnssec'] = !empty($pconfig['dnssec']);
Expand Down Expand Up @@ -295,6 +297,20 @@
</div>
</td>
</tr>
<tr>
<td><a id="help_for_noregrecords" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?= gettext('System A/AAAA records') ?></td>
<td>
<input name="noregrecords" type="checkbox" id="noregrecords" value="yes" <?= !empty($pconfig['noregrecords']) ? 'checked="checked"' : '' ?>/>
<?= gettext('Do not register system A/AAAA records') ?>
<div class="hidden" data-for="help_for_noregrecords">
<?= sprintf(gettext("If this option is set, then A/AAAA records for " .
"all configured listen interfaces will not be generated. " .
"If desired, you can manually add them in %sUnbound DNS: Overrides%s. " .
"Use this to control which interface IP addresses are mapped to the system domain name " .
"as well as to restrict the amount of information exposed in replies."), '<a href="ui/unbound/overrides/">', '</a>'); ?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_txtsupport" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("TXT Comment Support");?></td>
<td>
Expand Down

0 comments on commit e5633b8

Please sign in to comment.