diff options
| author | lukehamburg <luke.hamburg@gmail.com> | 2017-03-09 19:54:28 -0500 |
|---|---|---|
| committer | lukehamburg <luke.hamburg@gmail.com> | 2017-03-09 19:54:28 -0500 |
| commit | cd1ae3289b369bd7e85bf631aa1ae81f3281258a (patch) | |
| tree | d36cc53904c06c4d693e7ae8cedb71332f0a028a /src/usr/local/www/system_advanced_network.php | |
| parent | 2b359eda6d4d6712888a59cb5b01aeee245e34be (diff) | |
| download | pfsense-cd1ae3289b369bd7e85bf631aa1ae81f3281258a.zip pfsense-cd1ae3289b369bd7e85bf631aa1ae81f3281258a.tar.gz | |
Adds option to skip adding IPv6 entries in /etc/hosts for LANs
If a LAN interface's IPv6 configuration is set to Track, and the tracked interface loses connectivity, it can cause connections to the firewall that were established via IPv6 hostname to fail. This can happen unintentionally when accessing the system by hostname, since by default both IPv4 and IPv6 entries are added to /etc/hosts. This patch + enabling this option prevents those IPv6 records from being created and prevents this from occurring.
Set the option in System > Advanced > Networking
FILES CHANGED
- /etc/inc/system.inc
- /usr/local/www/system_advanced_network.php
Diffstat (limited to 'src/usr/local/www/system_advanced_network.php')
| -rw-r--r-- | src/usr/local/www/system_advanced_network.php | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/usr/local/www/system_advanced_network.php b/src/usr/local/www/system_advanced_network.php index 297d82a..fc55e45 100644 --- a/src/usr/local/www/system_advanced_network.php +++ b/src/usr/local/www/system_advanced_network.php @@ -40,6 +40,7 @@ require_once("shaper.inc"); $pconfig['ipv6nat_enable'] = isset($config['diag']['ipv6nat']['enable']); $pconfig['ipv6nat_ipaddr'] = $config['diag']['ipv6nat']['ipaddr']; $pconfig['ipv6allow'] = isset($config['system']['ipv6allow']); +$pconfig['ipv6dontcreatelocaldns'] = isset($config['system']['ipv6dontcreatelocaldns']); $pconfig['global-v6duid'] = $config['system']['global-v6duid']; $pconfig['prefer_ipv4'] = isset($config['system']['prefer_ipv4']); $pconfig['sharednet'] = $config['system']['sharednet']; @@ -86,6 +87,12 @@ if ($_POST) { unset($config['system']['ipv6allow']); } + if ($_POST['ipv6dontcreatelocaldns'] == "yes") { + $config['system']['ipv6dontcreatelocaldns'] = true; + } else { + unset($config['system']['ipv6dontcreatelocaldns']); + } + if ($_POST['prefer_ipv4'] == "yes") { $config['system']['prefer_ipv4'] = true; } else { @@ -203,6 +210,16 @@ $section->addInput(new Form_Checkbox( ))->setHelp('By default, if IPv6 is configured and a hostname resolves IPv6 and IPv4 addresses, '. 'IPv6 will be used. If this option is selected, IPv4 will be preferred over IPv6.'); +$section->addInput(new Form_Checkbox( + 'ipv6dontcreatelocaldns', + 'IPv6 DNS entry', + 'Do not generate local IPv6 DNS entries for LAN interfaces', + $pconfig['ipv6dontcreatelocaldns'] +))->setHelp('If a LAN interface\'s IPv6 configuration is set to Track, and the tracked interface loses connectivity, '. + 'it can cause connections to this firewall that were established via IPv6 hostname to fail. This can happen '. + 'unintentionally when accessing the system by hostname, since by default both IPv4 and IPv6 entries are added '. + 'to /etc/hosts. Enabling this option prevents those IPv6 records from being created.'); + $group = new Form_Group('DHCP6 DUID'); $group->add(new Form_Input( |
