Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914)

(cherry picked from commit 6a827f6959fc34972e532516a6a414e1cdf87714)
author: doktornotor <notordoktor@gmail.com> 2016-12-18 15:04:34 +0100
committer: Renato Botelho <renato@netgate.com> 2016-12-20 10:41:51 -0200
commit: 77b7b90b75ddbc047668f9e157841c8b7b9e7988 (patch)
tree: bda92274248117d4cc4c039b945c47214ede0812 /src/etc/inc/unbound.inc
parent: 26ec7e01cc8a5dc5d9f09a1ba740ee3e3dabafb7 (diff)
download: pfsense-77b7b90b75ddbc047668f9e157841c8b7b9e7988.zip
pfsense-77b7b90b75ddbc047668f9e157841c8b7b9e7988.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc
index eb91b37..d8f4849 100644
--- a/src/etc/inc/unbound.inc
+++ b/src/etc/inc/unbound.inc
@@ -775,6 +775,10 @@ function unbound_acls_config($cfgsubdir = "") {
 			foreach ($unbound_acl['row'] as $network) {
 				if ($unbound_acl['aclaction'] == "allow snoop") {
 					$unbound_acl['aclaction'] = "allow_snoop";
+				} elseif ($unbound_acl['aclaction'] == "deny nonlocal") {
+					$unbound_acl['aclaction'] = "deny_non_local";
+				} elseif ($unbound_acl['aclaction'] == "refuse nonlocal") {
+					$unbound_acl['aclaction'] = "refuse_non_local";
 				}
 				$aclcfg .= "access-control: {$network['acl_network']}/{$network['mask']} {$unbound_acl['aclaction']}\n";
 			}
author	doktornotor <notordoktor@gmail.com>	2016-12-18 15:04:34 +0100
committer	Renato Botelho <renato@netgate.com>	2016-12-20 10:41:51 -0200
commit	77b7b90b75ddbc047668f9e157841c8b7b9e7988 (patch)
tree	bda92274248117d4cc4c039b945c47214ede0812 /src/etc/inc/unbound.inc
parent	26ec7e01cc8a5dc5d9f09a1ba740ee3e3dabafb7 (diff)
download	pfsense-77b7b90b75ddbc047668f9e157841c8b7b9e7988.zip pfsense-77b7b90b75ddbc047668f9e157841c8b7b9e7988.tar.gz