Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914)

author: doktornotor <notordoktor@gmail.com> 2016-12-18 15:04:34 +0100
committer: GitHub <noreply@github.com> 2016-12-18 15:04:34 +0100
commit: 6a827f6959fc34972e532516a6a414e1cdf87714 (patch)
tree: bb3a89db723390b072038faf39e95021ba3e37fa /src/etc
parent: ac90c9012453c7e81ff0d0b472a55b116866c56e (diff)
download: pfsense-6a827f6959fc34972e532516a6a414e1cdf87714.zip
pfsense-6a827f6959fc34972e532516a6a414e1cdf87714.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc
index 02b2901..f073acf 100644
--- a/src/etc/inc/unbound.inc
+++ b/src/etc/inc/unbound.inc
@@ -740,6 +740,10 @@ function unbound_acls_config($cfgsubdir = "") {
 			foreach ($unbound_acl['row'] as $network) {
 				if ($unbound_acl['aclaction'] == "allow snoop") {
 					$unbound_acl['aclaction'] = "allow_snoop";
+				} elseif ($unbound_acl['aclaction'] == "deny nonlocal") {
+					$unbound_acl['aclaction'] = "deny_non_local";
+				} elseif ($unbound_acl['aclaction'] == "refuse nonlocal") {
+					$unbound_acl['aclaction'] = "refuse_non_local";
 				}
 				$aclcfg .= "access-control: {$network['acl_network']}/{$network['mask']} {$unbound_acl['aclaction']}\n";
 			}
author	doktornotor <notordoktor@gmail.com>	2016-12-18 15:04:34 +0100
committer	GitHub <noreply@github.com>	2016-12-18 15:04:34 +0100
commit	6a827f6959fc34972e532516a6a414e1cdf87714 (patch)
tree	bb3a89db723390b072038faf39e95021ba3e37fa /src/etc
parent	ac90c9012453c7e81ff0d0b472a55b116866c56e (diff)
download	pfsense-6a827f6959fc34972e532516a6a414e1cdf87714.zip pfsense-6a827f6959fc34972e532516a6a414e1cdf87714.tar.gz