FreeBSD-src - Raptor Engineering's fork of pfsense FreeBSD src with pfSense changes

	Commit message (Collapse)	Author	Age	Files	Lines
*	Prevent resolvconf from updating /etc/resolv.conf. As Jakob Schlyter	des	2013-09-23	1	-5/+3
\| \| \| \| \| \| \| \| \| \|	pointed out, having additional nameservers listed in /etc/resolv.conf can break DNSSEC verification by providing a false positive if unbound returns SERVFAIL due to an invalid signature. The downside is that the domain / search path won't get updated either, but we can live with that. Approved by: re (blanket)
*	Ensure that resolvconf(8) preserves the edns0 setting.	des	2013-09-23	1	-0/+1
\| \| \| \|	Approved by: re (blanket)
*	Add a setup script for unbound(8) called local-unbound-setup. It	des	2013-09-23	2	-0/+363
	generates a configuration suitable for running unbound as a caching forwarding resolver, and configures resolvconf(8) to update unbound's list of forwarders in addition to /etc/resolv.conf. The initial list is taken from the existing resolv.conf, which is rewritten to point to localhost. Alternatively, a list of forwarders can be provided on the command line. To assist this script, add an rc.subr command called "enabled" which does nothing except return 0 if the service is enabled and 1 if it is not, without going through the usual checks. We should consider doing the same for "status", which is currently pointless. Add an rc script for unbound, called local_unbound. If there is no configuration file, the rc script runs local-unbound-setup to generate one. Note that these scripts place the unbound configuration files in /var/unbound rather than /etc/unbound. This is necessary so that unbound can reload its configuration while chrooted. We should probably provide symlinks in /etc. Approved by: re (blanket)