diff options
| author | NOYB <Al_Stu@Frontier.com> | 2015-11-25 18:33:13 -0800 |
|---|---|---|
| committer | Stephen Beaver <sbeaver@netgate.com> | 2015-12-01 07:42:57 -0500 |
| commit | ca47c065d4a197b24c6dcd8700ca1fd195a4d719 (patch) | |
| tree | 8f98cb7926f50301b575e63256bde700d71570bf /src | |
| parent | 2538495e6f6378b438cda3f72493778e7dc95ac7 (diff) | |
| download | pfsense-ca47c065d4a197b24c6dcd8700ca1fd195a4d719.zip pfsense-ca47c065d4a197b24c6dcd8700ca1fd195a4d719.tar.gz | |
Services - DNS Resolver - System Domain Local Zone Type Option
Expose system domain unbound local-zone type to be configurable.
Diffstat (limited to 'src')
| -rw-r--r-- | src/etc/inc/unbound.inc | 8 | ||||
| -rw-r--r-- | src/usr/local/www/services_unbound.php | 27 |
2 files changed, 34 insertions, 1 deletions
diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc index 5979fae..35613e8 100644 --- a/src/etc/inc/unbound.inc +++ b/src/etc/inc/unbound.inc @@ -559,7 +559,13 @@ function unbound_add_domain_overrides($pvt_rev="") { function unbound_add_host_entries() { global $config, $g; - $unbound_entries = "local-zone: \"{$config['system']['domain']}\" transparent\n"; + if (empty($config['unbound']['system_domain_local_zone_type'])) { + $system_domain_local_zone_type = "transparent"; + } else { + $system_domain_local_zone_type = $config['unbound']['system_domain_local_zone_type']; + } + + $unbound_entries = "local-zone: \"{$config['system']['domain']}\" $system_domain_local_zone_type\n"; $hosts = read_hosts(); $added_ptr = array(); diff --git a/src/usr/local/www/services_unbound.php b/src/usr/local/www/services_unbound.php index 1552e07..dfa8718 100644 --- a/src/usr/local/www/services_unbound.php +++ b/src/usr/local/www/services_unbound.php @@ -120,6 +120,12 @@ if (empty($a_unboundcfg['outgoing_interface'])) { $pconfig['outgoing_interface'] = explode(",", $a_unboundcfg['outgoing_interface']); } +if (empty($a_unboundcfg['system_domain_local_zone_type'])) { + $pconfig['system_domain_local_zone_type'] = "transparent"; +} else { + $pconfig['system_domain_local_zone_type'] = $a_unboundcfg['system_domain_local_zone_type']; +} + if ($_POST) { if ($_POST['apply']) { $retval = services_unbound_configure(); @@ -151,6 +157,10 @@ if ($_POST) { $input_errors[] = "One or more Outgoing Network Interfaces must be selected."; } + if (empty($pconfig['system_domain_local_zone_type'])) { + $input_errors[] = "A System Domain Local-Zone Type must be selected."; + } + if ($pconfig['port'] && !is_port($pconfig['port'])) { $input_errors[] = gettext("You must specify a valid port number."); } @@ -168,6 +178,11 @@ if ($_POST) { $pconfig['outgoing_interface'] = implode(",", $pconfig['outgoing_interface']); } + if (isset($pconfig['system_domain_local_zone_type']) && !empty($pconfig['system_domain_local_zone_type'])) { + $display_system_domain_local_zone_type = $pconfig['system_domain_local_zone_type']; + $pconfig['system_domain_local_zone_type'] = $pconfig['system_domain_local_zone_type']; + } + $test_output = array(); if (test_unbound_config($pconfig, $test_output)) { $input_errors[] = gettext("The generated config file cannot be parsed by unbound. Please correct the following errors:"); @@ -184,6 +199,7 @@ if ($_POST) { $a_unboundcfg['txtsupport'] = isset($pconfig['txtsupport']); $a_unboundcfg['active_interface'] = $pconfig['active_interface']; $a_unboundcfg['outgoing_interface'] = $pconfig['outgoing_interface']; + $a_unboundcfg['system_domain_local_zone_type'] = $pconfig['system_domain_local_zone_type']; $a_unboundcfg['custom_options'] = $pconfig['custom_options']; write_config("DNS Resolver configured."); @@ -192,6 +208,7 @@ if ($_POST) { $pconfig['active_interface'] = $display_active_interface; $pconfig['outgoing_interface'] = $display_outgoing_interface; + $pconfig['system_domain_local_zone_type'] = $display_system_domain_local_zone_type; $pconfig['custom_options'] = $display_custom_options; } } @@ -299,6 +316,15 @@ $section->addInput(new Form_Select( true ))->setHelp('Utilize different network interface(s) that the DNS Resolver will use to send queries to authoritative servers and receive their replies. By default all interfaces are used.'); +$unbound_local_zone_types = array("deny" => gettext("Deny"), "refuse" => gettext("Refuse"), "static" => gettext("Static"), "transparent" => gettext("Transparent"), "typetransparent" => gettext("Type Transparent"), "redirect" => gettext("Redirect"), "inform" => gettext("Inform"), "inform_deny" => gettext("Inform Deny"), "nodefault" => gettext("No Default")); + +$section->addInput(new Form_Select( + 'system_domain_local_zone_type', + 'System Domain Local Zone Type', + $pconfig['system_domain_local_zone_type'], + $unbound_local_zone_types +))->setHelp('The local-zone type used for the pfSense system domain (System | General Setup | Domain). Transparent is the default. Local-Zone type descriptions are available in the unbound.conf(5) manual pages.'); + $section->addInput(new Form_Checkbox( 'dnssec', 'DNSSEC', @@ -371,6 +397,7 @@ events.push(function(){ disableInput('port', hide); disableInput('active_interface', hide); disableInput('outgoing_interface', hide); + disableInput('system_domain_local_zone_type', hide); disableInput('regdhcpstatic', hide); disableInput('dnssec', hide); disableInput('forwarding', hide); |
