diff options
author | Renato Botelho <garga@pfSense.org> | 2013-07-31 04:17:26 -0700 |
---|---|---|
committer | Renato Botelho <garga@pfSense.org> | 2013-07-31 04:17:26 -0700 |
commit | 783228c7cc00dc08ac5bdc17bf8cb0eacb77ec02 (patch) | |
tree | 4dae32b0e60778ba8c52920054ecd978ba3bdac5 | |
parent | 463cef18157cde3dfd9eb517f224dcccb76780ff (diff) | |
parent | 721ea6f4f0502276be7304444f481e702c0041dd (diff) | |
download | pfsense-783228c7cc00dc08ac5bdc17bf8cb0eacb77ec02.zip pfsense-783228c7cc00dc08ac5bdc17bf8cb0eacb77ec02.tar.gz |
Merge pull request #750 from phil-davis/RELENG_2_1
Reorder reverse lookup overrides so user-specified ones are effective 2.1
-rw-r--r-- | etc/inc/services.inc | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/etc/inc/services.inc b/etc/inc/services.inc index 13e41d2..bf1be36 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -1660,16 +1660,9 @@ function services_dnsmasq_configure() { } } - /* Setup forwarded domains */ - if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) { - foreach($config['dnsmasq']['domainoverrides'] as $override) { - if ($override['ip'] == "!") - $override[ip] = ""; - $args .= ' --server=/' . $override['domain'] . '/' . $override['ip']; - } - } - - /* If selected, then forward reverse lookups for private IPv4 addresses to nowhere. */ + /* If selected, then first forward reverse lookups for private IPv4 addresses to nowhere. */ + /* If any of these are duplicated by a user-specified domain override (e.g. 10.in-addr.arpa) then */ + /* the user-specified entry made later on the command line below will be the one that is effective. */ if (isset($config['dnsmasq']['no_private_reverse'])) { /* Note: Carrier Grade NAT (CGN) addresses 100.64.0.0/10 are intentionally not here. */ /* End-users should not be aware of CGN addresses, so reverse lookups for these should not happen. */ @@ -1682,6 +1675,15 @@ function services_dnsmasq_configure() { } } + /* Setup forwarded domains */ + if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) { + foreach($config['dnsmasq']['domainoverrides'] as $override) { + if ($override['ip'] == "!") + $override[ip] = ""; + $args .= ' --server=/' . $override['domain'] . '/' . $override['ip']; + } + } + /* Allow DNS Rebind for forwarded domains */ if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) { if(!isset($config['system']['webgui']['nodnsrebindcheck'])) { |