Add the ability for dnsmasq to selectively respond to queries only on certain IPs and bind to specific interfaces.

1 files changed, 43 insertions, 3 deletions

diff --git a/usr/local/www/services_dnsmasq.php b/usr/local/www/services_dnsmasq.php
index 55c2797..7017296 100755
--- a/usr/local/www/services_dnsmasq.php
+++ b/usr/local/www/services_dnsmasq.php
@@ -54,6 +54,9 @@ $pconfig['no_private_reverse'] = isset($config['dnsmasq']['no_private_reverse'])
 $pconfig['port'] = $config['dnsmasq']['port'];
 $pconfig['custom_options'] = $config['dnsmasq']['custom_options'];
 
+$pconfig['strictbind'] = isset($config['dnsmasq']['strictbind']);
+$pconfig['interface'] = explode(",", $config['dnsmasq']['interface']);
+
 if (!is_array($config['dnsmasq']['hosts']))
 	$config['dnsmasq']['hosts'] = array();
 
@@ -77,6 +80,7 @@ if ($_POST) {
 	$config['dnsmasq']['domain_needed'] = ($_POST['domain_needed']) ? true : false;
 	$config['dnsmasq']['no_private_reverse'] = ($_POST['no_private_reverse']) ? true : false;
 	$config['dnsmasq']['custom_options'] = str_replace("\r\n", "\n", $_POST['custom_options']);
+	$config['dnsmasq']['strictbind'] = ($_POST['strictbind']) ? true : false;
 
 	if ($_POST['port'])
 		if(is_port($_POST['port']))
@@ -86,9 +90,10 @@ if ($_POST) {
 	else if (isset($config['dnsmasq']['port']))
 		unset($config['dnsmasq']['port']);
 
-	if ($_POST['port'])
-		if(!is_port($_POST['port']))
-			$input_errors[] = gettext("You must specify a valid port number");
+	if (is_array($_POST['interface']))
+		$config['dnsmasq']['interface'] = implode(",", $_POST['interface']);
+	elseif (isset($config['dnsmasq']['interface']))
+		unset($config['dnsmasq']['interface']);
 
 	if ($config['dnsmasq']['custom_options']) {
 		$args = '';
@@ -251,6 +256,41 @@ function show_advanced_dns() {
 		</td>
 	</tr>
 	<tr>
+		<td width="22%" valign="top" rowspan="2" class="vncellreq"><?=gettext("Interfaces"); ?></td>
+		<td width="78%" class="vtable">
+		<?php
+			$interface_addresses = get_possible_listen_ips(true);
+			$size=count($interface_addresses)+1;
+		?>
+			<?=gettext("Interface IPs used to respond to queries from the DNS Forwarder. In an interface has both IPv4 and IPv6 IPs, both are used. Queries to other interface IPs not selected below are discarded. The default behavior is to respond to queries on every available IPv4 and IPv6 address.");?>
+			<br /><br />
+			<select id="interface" name="interface[]" multiple="true" class="formselect" size="<?php echo $size; ?>">
+				<option value="">All</option>
+			<?php  foreach ($interface_addresses as $laddr):
+					$selected = "";
+					if (in_array($laddr['value'], $pconfig['interface']))
+						$selected = 'selected="selected"';
+			?>
+				<option value="<?=$laddr['value'];?>" <?=$selected;?>>
+					<?=htmlspecialchars($laddr['name']);?>
+				</option>
+			<?php endforeach; ?>
+			</select>
+			<br />
+		</td>
+	</tr>
+	<tr>
+		<td width="78%" class="vtable"><p>
+			<input name="strictbind" type="checkbox" id="strictbind" value="yes" <?php if ($pconfig['strictbind'] == "yes") echo "checked";?>>
+			<strong><?=gettext("Strict Interface Binding");?></strong>
+			<br />
+			<?= gettext("If this option is set, the DNS forwarder will only bind to the interfaces selected above, rather than binding to all interfaces and discarding queries to other addresses."); ?>
+			<br /><br />
+			<?= gettext("NOTE: This option does NOT work with IPv6. If set, dnsmasq will not bind to IPv6 addresses."); ?>
+			</p>
+		</td>
+	</tr>
+	<tr>
 		<td width="22%" valign="top" class="vncellreq"><?=gettext("Advanced");?></td>
 		<td width="78%" class="vtable"><p>
 			<div id="showadvbox" <?php if ($pconfig['custom_options']) echo "style='display:none'"; ?>>