diff options
author | Renato Botelho <renato@netgate.com> | 2016-02-17 09:57:55 -0200 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2016-02-17 09:57:55 -0200 |
commit | 391d63da8fa0c46daa7275c225222dff5ec2522b (patch) | |
tree | 01576f6effeaf9d250f70066f24dcdc7c083d3b1 | |
parent | 4c62c1ff5055339478166bf4e3bd7e902acff5ef (diff) | |
download | pfsense-391d63da8fa0c46daa7275c225222dff5ec2522b.zip pfsense-391d63da8fa0c46daa7275c225222dff5ec2522b.tar.gz |
Fix #4675
Following bugs and improvements on DHCPv6 DDNS area, obtained from
PR #1638 from @Robert-Nelson:
- Use correct domain (ddnsdomain) instead of (domain)
- The option "deny client-updates" wasn't being set so forward entries
weren't being added. Allow user to chose between allow, deny or ignore
- Implement reverse DNZ zone information (PTR)
-rw-r--r-- | src/etc/inc/services.inc | 39 | ||||
-rw-r--r-- | src/usr/local/www/services_dhcpv6.php | 26 |
2 files changed, 55 insertions, 10 deletions
diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index 61dc997..5cb55ff 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -1360,8 +1360,15 @@ EOD; if ($dhcpv6ifconf['ddnsdomain'] <> "") { $dnscfgv6 .= " ddns-domainname \"{$dhcpv6ifconf['ddnsdomain']}\";\n"; } - $dnscfgv6 .= " ddns-update-style interim;\n"; + if (empty($dhcpv6ifconf['ddnsclientupdates'])) { + $ddnsclientupdates = 'allow'; + } else { + $ddnsclientupdates = $dhcpv6ifconf['ddnsclientupdates']; + } + $dnscfgv6 .= " {$ddnsclientupdates} client-updates;\n"; $nsupdate = true; + } else { + $dnscfgv6 .= " do-forward-updates false;\n"; } if (is_array($dhcpv6ifconf['dnsserver']) && ($dhcpv6ifconf['dnsserver'][0])) { @@ -1380,21 +1387,33 @@ EOD; } } - if ($dhcpv6ifconf['domain']) { + if (!is_ipaddrv6($ifcfgipv6)) { + $ifcfgsnv6 = "64"; + $subnetv6 = gen_subnetv6($dhcpv6ifconf['range']['from'], $ifcfgsnv6); + } + + $dhcpdv6conf .= "subnet6 {$subnetv6}/{$ifcfgsnv6}"; + + if (isset($dhcpv6ifconf['ddnsupdate']) && + !empty($dhcpv6ifconf['ddnsdomain'])) { $newzone = array(); - $newzone['domain-name'] = $dhcpv6ifconf['domain']; + $newzone['domain-name'] = $dhcpv6ifconf['ddnsdomain']; $newzone['dns-servers'][] = $dhcpv6ifconf['ddnsdomainprimary']; $newzone['ddnsdomainkeyname'] = $dhcpv6ifconf['ddnsdomainkeyname']; $newzone['ddnsdomainkey'] = $dhcpv6ifconf['ddnsdomainkey']; $ddns_zones[] = $newzone; + if (isset($dhcpv6ifconf['ddnsreverse'])) { + $ptr_zones = get_v6_ptr_zones($subnetv6, $ifcfgsnv6); + foreach ($ptr_zones as $ptr_zone) { + $reversezone = array(); + $reversezone['domain-name'] = $ptr_zone; + $reversezone['dns-servers'][] = + $dhcpv6ifconf['ddnsdomainprimary']; + $ddns_zones[] = $reversezone; + } + } } - if (is_ipaddrv6($ifcfgipv6)) { - $dhcpdv6conf .= "subnet6 {$subnetv6}/{$ifcfgsnv6}"; - } else { - $subnet6 = gen_subnetv6($dhcpv6ifconf['range']['from'], "64"); - $dhcpdv6conf .= "subnet6 {$subnet6}/64"; - } $dhcpdv6conf .= " {\n"; $dhcpdv6conf .= <<<EOD @@ -1493,7 +1512,7 @@ EOD; } } - if ($dhcpv6ifconf['domain']) { + if ($dhcpv6ifconf['ddnsdomain']) { $dhcpdv6conf .= dhcpdkey($dhcpv6ifconf); $dhcpdv6conf .= dhcpdzones($ddns_zones); } diff --git a/src/usr/local/www/services_dhcpv6.php b/src/usr/local/www/services_dhcpv6.php index e1c3e8c..e8ac503 100644 --- a/src/usr/local/www/services_dhcpv6.php +++ b/src/usr/local/www/services_dhcpv6.php @@ -132,6 +132,8 @@ if (is_array($config['dhcpdv6'][$if])) { $pconfig['ddnsdomainkeyname'] = $config['dhcpdv6'][$if]['ddnsdomainkeyname']; $pconfig['ddnsdomainkey'] = $config['dhcpdv6'][$if]['ddnsdomainkey']; $pconfig['ddnsupdate'] = isset($config['dhcpdv6'][$if]['ddnsupdate']); + $pconfig['ddnsreverse'] = isset($config['dhcpdv6'][$if]['ddnsreverse']); + $pconfig['ddnsclientupdates'] = $config['dhcpdv6'][$if]['ddnsclientupdates']; list($pconfig['ntp1'], $pconfig['ntp2']) = $config['dhcpdv6'][$if]['ntpserver']; $pconfig['tftp'] = $config['dhcpdv6'][$if]['tftp']; $pconfig['ldap'] = $config['dhcpdv6'][$if]['ldap']; @@ -364,6 +366,8 @@ if ($_POST) { $config['dhcpdv6'][$if]['ddnsdomainkeyname'] = $_POST['ddnsdomainkeyname']; $config['dhcpdv6'][$if]['ddnsdomainkey'] = $_POST['ddnsdomainkey']; $config['dhcpdv6'][$if]['ddnsupdate'] = ($_POST['ddnsupdate']) ? true : false; + $config['dhcpdv6'][$if]['ddnsreverse'] = ($_POST['ddnsreverse']) ? true : false; + $config['dhcpdv6'][$if]['ddnsclientupdates'] = $_POST['ddnsclientupdates']; unset($config['dhcpdv6'][$if]['ntpserver']); if ($_POST['ntp1']) { @@ -729,6 +733,26 @@ $section->addInput(new Form_Input( $pconfig['ddnsdomainkey'] ))->setHelp('Enter the dynamic DNS domain key secret which will be used to register client names in the DNS server.'); +$section->addInput(new Form_Select( + 'ddnsclientupdates', + 'DDNS Client Updates', + $pconfig['ddnsclientupdates'], + array( + 'allow' => gettext('Allow'), + 'deny' => gettext('Deny'), + 'ignore' => gettext('Ignore')) +))->setHelp('How Forward entries are handled when client indicates they wish to update DNS. ' . + 'Allow prevents DHCP from updating Forward entries, Deny indicates that DHCP will ' . + 'do the updates and the client should not, Ignore specifies that DHCP will do the ' . + 'update and the client can also attempt the update usually using a different domain name.'); + +$section->addInput(new Form_Checkbox( + 'ddnsreverse', + 'DDNS Reverse', + 'Add reverse dynamic DNS entries.', + $pconfig['ddnsreverse'] +)); + $btnntp = new Form_Button( 'btnntp', 'Advanced' @@ -967,6 +991,8 @@ events.push(function() { hideInput('ddnsdomainprimary', hide); hideInput('ddnsdomainkeyname', hide); hideInput('ddnsdomainkey', hide); + hideInput('ddnsclientupdates', hide); + hideCheckbox('ddnsreverse', hide); } // Make the 'Copy My MAC' button a plain button, not a submit button |