summaryrefslogtreecommitdiffstats
path: root/etc/inc
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2010-07-18 18:44:01 -0400
committerScott Ullrich <sullrich@pfsense.org>2010-07-18 18:44:10 -0400
commit30d20e7d50a7c23d9f4ad27675c9f3e4946d43f3 (patch)
treeba72905fb9c0aca4298fdd0448db26839df27b2a /etc/inc
parent47e68f487386fa5b8a8ecea425185c7501a125fb (diff)
downloadpfsense-30d20e7d50a7c23d9f4ad27675c9f3e4946d43f3.zip
pfsense-30d20e7d50a7c23d9f4ad27675c9f3e4946d43f3.tar.gz
Honor the System -> Advanced -> DNS Rebinding flag and disable for dnsmasq if it is checked
Diffstat (limited to 'etc/inc')
-rw-r--r--etc/inc/services.inc13
1 files changed, 9 insertions, 4 deletions
diff --git a/etc/inc/services.inc b/etc/inc/services.inc
index af0d0c2..8d591ad 100644
--- a/etc/inc/services.inc
+++ b/etc/inc/services.inc
@@ -613,13 +613,18 @@ function services_dnsmasq_configure() {
/* Allow DNS Rebind for forwarded domains */
if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) {
- foreach($config['dnsmasq']['domainoverrides'] as $override) {
- $args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ ';
+ if(!isset($config['system']['webgui']['nodnsrebindcheck'])) {
+ foreach($config['dnsmasq']['domainoverrides'] as $override) {
+ $args .= ' --rebind-domain-ok=/' . $override['domain'] . '/ ';
+ }
}
}
+ if(!isset($config['system']['webgui']['nodnsrebindcheck']))
+ $dns_rebind = "--rebind-localhost-ok --stop-dns-rebind";
+
/* run dnsmasq */
- mwexec("/usr/local/sbin/dnsmasq --rebind-localhost-ok --stop-dns-rebind --local-ttl 1 --all-servers --dns-forward-max=5000 --cache-size=10000 {$args}");
+ mwexec("/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers {$dns_rebind} --dns-forward-max=5000 --cache-size=10000 {$args}");
if ($g['booting'])
echo "done.\n";
@@ -1260,4 +1265,4 @@ function upnp_start() {
}
}
-?>
+?> \ No newline at end of file
OpenPOWER on IntegriCloud