diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2010-07-18 18:44:01 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2010-07-18 18:44:10 -0400 |
commit | 30d20e7d50a7c23d9f4ad27675c9f3e4946d43f3 (patch) | |
tree | ba72905fb9c0aca4298fdd0448db26839df27b2a /etc/inc | |
parent | 47e68f487386fa5b8a8ecea425185c7501a125fb (diff) | |
download | pfsense-30d20e7d50a7c23d9f4ad27675c9f3e4946d43f3.zip pfsense-30d20e7d50a7c23d9f4ad27675c9f3e4946d43f3.tar.gz |
Honor the System -> Advanced -> DNS Rebinding flag and disable for dnsmasq if it is checked
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/services.inc | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/etc/inc/services.inc b/etc/inc/services.inc index af0d0c2..8d591ad 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -613,13 +613,18 @@ function services_dnsmasq_configure() { /* Allow DNS Rebind for forwarded domains */ if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) { - foreach($config['dnsmasq']['domainoverrides'] as $override) { - $args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ '; + if(!isset($config['system']['webgui']['nodnsrebindcheck'])) { + foreach($config['dnsmasq']['domainoverrides'] as $override) { + $args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ '; + } } } + if(!isset($config['system']['webgui']['nodnsrebindcheck'])) + $dns_rebind = "--rebind-localhost-ok --stop-dns-rebind"; + /* run dnsmasq */ - mwexec("/usr/local/sbin/dnsmasq --rebind-localhost-ok --stop-dns-rebind --local-ttl 1 --all-servers --dns-forward-max=5000 --cache-size=10000 {$args}"); + mwexec("/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers {$dns_rebind} --dns-forward-max=5000 --cache-size=10000 {$args}"); if ($g['booting']) echo "done.\n"; @@ -1260,4 +1265,4 @@ function upnp_start() { } } -?> +?>
\ No newline at end of file |