services: refactor lease handling, unbound hosts

(cherry picked from commit 835ad1b) (cherry picked from commit 49e364b) (cherry picked from commit 0dca6ed) (cherry picked from commit 63e1ff5)
opnsense · Aug 17, 2016 · f583982 · f583982
1 parent cccba48
commit f583982
Show file tree

Hide file tree

Showing 13 changed files with 99 additions and 115 deletions.
diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc
@@ -2957,6 +2957,7 @@ function interface_configure($interface = 'wan', $reloadall = false, $linkupeven
         if ($interface == 'lan') {
             /* make new hosts file */
             system_hosts_generate();
+            services_dhcpleases_configure();
         }
 
         if ($reloadall == true) {

diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc
@@ -386,6 +386,31 @@ function services_dhcpdv6_leasesfile()
     return "{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases";
 }
 
+function services_dhcpleases_configure()
+{
+    global $config, $g;
+
+    killbypid('/var/run/dhcpleases.pid', 'TERM', true);
+
+    if (isset($config['dnsmasq']['enable']) && isset($config['dnsmasq']['regdhcp'])) {
+        mwexec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/db");
+        touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
+        if (isvalidpid('/var/run/dhcpleases.pid')) {
+            killbypid('/var/run/dhcpleases.pid', 'HUP');
+        } else {
+            mwexecf(
+                '/usr/local/sbin/dhcpleases -l %s -d %s -p %s -h %s',
+                array(
+                    "{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases",
+                    $config['system']['domain'],
+                    '/var/run/dnsmasq.pid',
+                    '/etc/hosts'
+                )
+            );
+        }
+    }
+}
+
 function services_dhcpd_configure($family = 'all', $blacklist = array())
 {
     global $g;
@@ -1081,8 +1106,8 @@ function services_dhcpdv6_configure($blacklist = array())
     global $config, $g;
 
     /* kill any running dhcpd */
-    killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid");
-    killbypid('/var/run/dhcpleases6.pid');
+    killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid", 'TERM', true);
+    killbypid('/var/run/dhcpleases6.pid', 'TERM', true);
 
     /* DHCP enabled on any interfaces? */
     if (!is_dhcpv6_server_enabled()) {
@@ -1966,7 +1991,7 @@ function services_dnsmasq_configure($dhcp_reload = true)
         /* run dnsmasq */
         $cmd = "/usr/local/sbin/dnsmasq --all-servers {$dns_rebind} {$args}";
         mwexec_bg($cmd);
-        system_dhcpleases_configure();
+        services_dhcpleases_configure();
         unset($args);
 
         if (file_exists("/var/run/booting")) {
@@ -1978,7 +2003,7 @@ function services_dnsmasq_configure($dhcp_reload = true)
      * XXX this is overly convoluted, potentiall
      * restarting all of dhcp up to three times ;)
      */
-    if (!file_exists("/var/run/booting") && $dhcp_reload) {
+    if ($dhcp_reload) {
         services_dhcpd_configure();
     }
 }
@@ -1995,7 +2020,6 @@ function services_unbound_configure($dhcp_reload = true)
         }
 
         sync_unbound_service();
-        system_dhcpleases_configure();
 
         if (file_exists("/var/run/booting")) {
             echo gettext("done.") . "\n";
@@ -2006,7 +2030,7 @@ function services_unbound_configure($dhcp_reload = true)
      * XXX this is overly convoluted, potentially
      * restarting all of dhcp up to three times ;)
      */
-    if (!file_exists("/var/run/booting") && $dhcp_reload) {
+    if ($dhcp_reload) {
         services_dhcpd_configure();
     }
 }

diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc
@@ -414,7 +414,7 @@ function system_hosts_generate()
      * Do not remove this because dhcpleases monitors with kqueue
      * it needs to be * killed before writing to hosts files.
      */
-    killbypid('/var/run/dhcpleases.pid');
+    killbypid('/var/run/dhcpleases.pid', 'TERM', true);
 
     $fd = fopen('/etc/hosts', 'w');
     if (!$fd) {
@@ -428,48 +428,9 @@ function system_hosts_generate()
         unbound_hosts_generate();
     }
 
-    system_dhcpleases_configure();
-
     return 0;
 }
 
-function system_dhcpleases_configure()
-{
-    global $config, $g;
-
-    /* Start the monitoring process for dynamic dhcpclients. */
-    if (isset($config['dnsmasq']['enable']) && isset($config['dnsmasq']['regdhcp'])) {
-        /* Make sure we do not error out */
-        mwexec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/db");
-        if (!file_exists("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases")) {
-            @touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
-        }
-        if (isvalidpid('/var/run/dhcpleases.pid')) {
-            killbypid('/var/run/dhcpleases.pid', 'HUP');
-        } else {
-            /* To ensure we do not start multiple instances of dhcpleases, perform some clean-up first. */
-            killbyname('dhcpleases');
-            @unlink('/var/run/dhcpleases.pid');
-            if (isset($config['unbound']['enable'])) {
-                $dns_pid = 'unbound.pid';
-            } else {
-                $dns_pid = 'dnsmasq.pid';
-            }
-            mwexecf(
-                '/usr/local/sbin/dhcpleases -l %s -d %s -p %s -h %s',
-                array(
-                  "{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases",
-                  $config['system']['domain'],
-                  "/var/run/{$dns_pid}",
-                  '/etc/hosts'
-                )
-            );
-        }
-    } else {
-        killbypid('/var/run/dhcpleases.pid');
-    }
-}
-
 function system_hostname_configure()
 {
     global $config;
@@ -1811,7 +1772,7 @@ function system_arp_wrong_if()
     ));
 }
 
-function get_possible_listen_ips($include_ipv6_link_local=false) {
+function get_possible_listen_ips($include_ipv6_link_local = false, $include_loopback = true) {
     $interfaces = get_configured_interface_with_descr();
     $carplist = get_configured_carp_interface_list();
     $listenips = array();
@@ -1835,9 +1796,11 @@ function get_possible_listen_ips($include_ipv6_link_local=false) {
             }
         }
     }
-    $tmp["name"]  = "Localhost";
-    $tmp["value"] = "lo0";
-    $listenips[] = $tmp;
+    if ($include_loopback) {
+        $tmp["name"]  = "Localhost";
+        $tmp["value"] = "lo0";
+        $listenips[] = $tmp;
+    }
     return $listenips;
 }
 

diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc
@@ -519,46 +519,47 @@ function unbound_add_domain_overrides($pvt=false) {
     }
 }
 
-function unbound_add_host_entries() {
+function unbound_add_host_entries()
+{
     global $config, $g;
 
     $unbound_entries = "local-zone: \"{$config['system']['domain']}\" transparent\n";
+
     // IPv4 entries
     $unbound_entries .= "local-data-ptr: \"127.0.0.1 localhost\"\n";
     $unbound_entries .= "local-data: \"localhost A 127.0.0.1\"\n";
     $unbound_entries .= "local-data: \"localhost.{$config['system']['domain']} A 127.0.0.1\"\n";
+
     // IPv6 entries
     $unbound_entries .= "local-data-ptr: \"::1 localhost\"\n";
     $unbound_entries .= "local-data: \"localhost AAAA ::1\"\n";
     $unbound_entries .= "local-data: \"localhost.{$config['system']['domain']} AAAA ::1\"\n";
 
-    $listen_addresses = "";
-    if (isset($config['unbound']['interface'])) {
-        $interfaces = explode(",", $config['unbound']['interface']);
-        foreach ($interfaces as $interface) {
-            if (is_ipaddrv4($interface)) {
-                $unbound_entries .= "local-data-ptr: \"{$interface} {$config['system']['hostname']}.{$config['system']['domain']}\"\n";
-                $unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} A {$interface}\"\n";
-                $unbound_entries .= "local-data: \"{$config['system']['hostname']} A {$interface}\"\n";
-            } else if (is_ipaddrv6($interface)) {
-                $unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} AAAA {$interface}\"\n";
-                $unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$interface}\"\n";
-            } else {
-                $if = get_real_interface($interface);
-                if (does_interface_exist($if)) {
-                    $laddr = find_interface_ip($if);
-                    if (is_ipaddrv4($laddr)) {
-                        $unbound_entries .= "local-data-ptr: \"{$laddr} {$config['system']['hostname']}.{$config['system']['domain']}\"\n";
-                        $unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} A {$laddr}\"\n";
-                        $unbound_entries .= "local-data: \"{$config['system']['hostname']} A {$laddr}\"\n";
-                    }
-                    $laddr6 = find_interface_ipv6($if);
-                    if (is_ipaddrv6($laddr6) && !isset($config['dnsmasq']['strictbind'])) {
-                        $unbound_entries .= "local-data-ptr: \"{$laddr6} {$config['system']['hostname']}.{$config['system']['domain']}\"\n";
-                        $unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} AAAA {$laddr}\"\n";
-                        $unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$laddr}\"\n";
-                    }
-                }
+    if (!empty($config['unbound']['active_interface'])) {
+        $interfaces = explode(",", $config['unbound']['active_interface']);
+    } else {
+        $interfaces = get_configured_interface_list();
+    }
+
+    foreach ($interfaces as $interface) {
+        $if = get_real_interface($interface);
+        if (does_interface_exist($if)) {
+            $laddr = find_interface_ip($if);
+            if (is_ipaddrv4($laddr)) {
+                $unbound_entries .= "local-data-ptr: \"{$laddr} {$config['system']['hostname']}.{$config['system']['domain']}\"\n";
+                $unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} A {$laddr}\"\n";
+                $unbound_entries .= "local-data: \"{$config['system']['hostname']} A {$laddr}\"\n";
+            }
+            $laddr6 = find_interface_ipv6($if);
+            if (is_ipaddrv6($laddr6)) {
+                $unbound_entries .= "local-data-ptr: \"{$laddr6} {$config['system']['hostname']}.{$config['system']['domain']}\"\n";
+                $unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} AAAA {$laddr6}\"\n";
+                $unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$laddr6}\"\n";
+            }
+            $lladdr6 = find_interface_ipv6_ll($if);
+            if (is_ipaddrv6($lladdr6)) {
+                $unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} AAAA {$lladdr6}\"\n";
+                $unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$lladdr6}\"\n";
             }
         }
     }

diff --git a/src/etc/inc/xmlrpc/legacy.inc b/src/etc/inc/xmlrpc/legacy.inc
@@ -134,20 +134,14 @@ function filter_configure_xmlrpc()
     filter_configure();
     system_routing_configure();
     setup_gateways_monitor();
-    relayd_configure();
-    openvpn_resync_all();
-    if (isset($config['dnsmasq']['enable'])) {
-        services_dnsmasq_configure();
-    } elseif (isset($config['unbound']['enable'])) {
-        services_unbound_configure();
-    } else {
-        # Both calls above run services_dhcpd_configure(), then we just
-        # need to call it when them are not called to avoid restart dhcpd
-        # twice, as described on ticket #3797
-        services_dhcpd_configure();
-    }
     system_hosts_generate();
+    services_dhcpleases_configure();
     local_sync_accounts();
+    services_dnsmasq_configure(false);
+    services_unbound_configure(false);
+    services_dhcpd_configure();
+    relayd_configure();
+    openvpn_resync_all();
 
     return true;
 }

diff --git a/src/etc/rc.bootup b/src/etc/rc.bootup
@@ -125,7 +125,6 @@ require_once("interfaces.inc");
 echo ".";
 require_once("services.inc");
 echo ".";
-echo ".";
 require_once("system.inc");
 echo ".";
 require_once("unbound.inc");
@@ -265,10 +264,10 @@ system_routing_configure();
 system_routing_enable();
 
 /* start dnsmasq service */
-services_dnsmasq_configure();
+services_dnsmasq_configure(false);
 
 /* start unbound service */
-services_unbound_configure();
+services_unbound_configure(false);
 
 /* Do an initial time sync */
 echo "Starting NTP time client...";
@@ -282,7 +281,7 @@ relayd_configure();
 services_dhcpd_configure();
 
 /* start dhcpleases dhpcp hosts leases program */
-system_dhcpleases_configure();
+services_dhcpleases_configure();
 
 /* start DHCP relay */
 services_dhcrelay_configure();

diff --git a/src/etc/rc.newwanip b/src/etc/rc.newwanip
@@ -141,6 +141,7 @@ if (!empty($bridgetmp)) {
 
 /* make new hosts file */
 system_hosts_generate();
+services_dhcpleases_configure();
 
 /* check tunneled IPv6 interface tracking */
 if (isset($config['interfaces'][$interface]['ipaddrv6'])) {

diff --git a/src/etc/rc.reload_all b/src/etc/rc.reload_all
@@ -49,6 +49,7 @@ system_timezone_configure();
 system_firmware_configure();
 system_hostname_configure();
 system_hosts_generate();
+services_dhcpleases_configure();
 system_resolvconf_generate();
 system_routing_enable();
 interfaces_configure();

diff --git a/src/www/services_dhcp.php b/src/www/services_dhcp.php
@@ -110,17 +110,16 @@ function reconfigure_dhcpd()
     killbyname("dhcpd");
     dhcp_clean_leases();
     system_hosts_generate();
-    /* dnsmasq_configure calls dhcpd_configure */
-    /* no need to restart dhcpd twice */
+    services_dhcpleases_configure();
     if (isset($config['dnsmasq']['enable']) && isset($config['dnsmasq']['regdhcpstatic']))  {
-        services_dnsmasq_configure();
+        services_dnsmasq_configure(false);
         clear_subsystem_dirty('hosts');
-    } elseif (isset($config['unbound']['enable']) && isset($config['unbound']['regdhcpstatic'])) {
-        services_unbound_configure();
+    }
+    if (isset($config['unbound']['enable']) && isset($config['unbound']['regdhcpstatic'])) {
+        services_unbound_configure(false);
         clear_subsystem_dirty('unbound');
-    } else {
-        services_dhcpd_configure();
     }
+    services_dhcpd_configure();
 
     clear_subsystem_dirty('staticmaps');
 }

diff --git a/src/www/services_dnsmasq.php b/src/www/services_dnsmasq.php
@@ -118,6 +118,7 @@
         /* Update resolv.conf in case the interface bindings exclude localhost. */
         system_resolvconf_generate();
         system_hosts_generate();
+        services_dhcpleases_configure();
         services_dnsmasq_configure();
         clear_subsystem_dirty('hosts');
         header("Location: services_dnsmasq.php");

diff --git a/src/www/services_unbound.php b/src/www/services_unbound.php
@@ -172,10 +172,8 @@
                           <select name="active_interface[]" multiple="multiple" size="3" class="selectpicker" data-live-search="true">
                             <option value="" <?=empty($pconfig['active_interface'][0]) ? 'selected="selected"' : ""; ?>><?=gettext("All");?></option>
 <?php
-                            foreach (get_possible_listen_ips(true) as $laddr):?>
-                            <option value="<?=$laddr['value'];?>" <?=in_array($laddr['value'], $pconfig['active_interface']) ? 'selected="selected"' : "";?>>
-                              <?=htmlspecialchars($laddr['name']);?>
-                            </option>
+                            foreach (get_possible_listen_ips(false, false) as $laddr):?>
+                            <option value="<?=$laddr['value'];?>" <?=in_array($laddr['value'], $pconfig['active_interface']) ? 'selected="selected"' : "";?>><?=htmlspecialchars($laddr['name']);?></option>
 <?php
                             endforeach; ?>
                           </select>
@@ -192,10 +190,13 @@
                         </td>
                       </tr>
                       <tr>
-                        <td><i class="fa fa-info-circle text-muted"></i> <?=gettext("DNS Query Forwarding");?></td>
+                        <td><a id="help_for_forwarding" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS Query Forwarding");?></td>
                         <td>
                           <input name="forwarding" type="checkbox" value="yes" <?=!empty($pconfig['forwarding']) ? "checked=\"checked\"" : "";?> />
                           <strong><?=gettext("Enable Forwarding Mode");?></strong>
+                          <div class="hidden" for="help_for_forwarding">
+                            <?= gettext('The configured system nameservers will be used to forward queries to.') ?>
+                          </div>
                         </td>
                       </tr>
                       <tr>

diff --git a/src/www/system_advanced_admin.php b/src/www/system_advanced_admin.php
@@ -232,13 +232,10 @@
 
         system_console_configure();
         system_hosts_generate();
-
-        // Restart DNS in case dns rebinding toggled
-        if (isset($config['dnsmasq']['enable'])) {
-            services_dnsmasq_configure();
-        } elseif (isset($config['unbound']['enable'])) {
-            services_unbound_configure();
-        }
+        services_dhcpleases_configure();
+        services_dnsmasq_configure(false);
+        services_unbound_configure(false);
+        services_dhcpd_configure();
 
         if ($restart_sshd) {
             configd_run('sshd restart', true);