diff options
-rw-r--r-- | src/etc/inc/pfsense-utils.inc | 2 | ||||
-rw-r--r-- | src/etc/inc/services.inc | 39 | ||||
-rw-r--r-- | src/etc/inc/util.inc | 52 | ||||
-rw-r--r-- | src/usr/local/www/bootstrap/css/pfSense.css | 11 | ||||
-rw-r--r-- | src/usr/local/www/head.inc | 2 | ||||
-rw-r--r-- | src/usr/local/www/services_dhcpv6.php | 26 |
6 files changed, 121 insertions, 11 deletions
diff --git a/src/etc/inc/pfsense-utils.inc b/src/etc/inc/pfsense-utils.inc index 42fb321..77d5008 100644 --- a/src/etc/inc/pfsense-utils.inc +++ b/src/etc/inc/pfsense-utils.inc @@ -884,6 +884,7 @@ function setup_serial_port($when = "save", $path = "") { } else { $specific_platform = system_identify_specific_platform(); if ($specific_platform['name'] == 'RCC-VE' || + $specific_platform['name'] == 'RCC' || $specific_platform['name'] == 'RCC-DFF') { $serial_only = true; } @@ -951,6 +952,7 @@ function setup_serial_port($when = "save", $path = "") { $specplatform = system_identify_specific_platform(); if ($specplatform['name'] == 'RCC-VE' || + $specplatform['name'] == 'RCC' || $specplatform['name'] == 'RCC-DFF') { $new_boot_config[] = 'comconsole_port="0x2F8"'; $new_boot_config[] = 'hint.uart.0.flags="0x00"'; diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index 61dc997..5cb55ff 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -1360,8 +1360,15 @@ EOD; if ($dhcpv6ifconf['ddnsdomain'] <> "") { $dnscfgv6 .= " ddns-domainname \"{$dhcpv6ifconf['ddnsdomain']}\";\n"; } - $dnscfgv6 .= " ddns-update-style interim;\n"; + if (empty($dhcpv6ifconf['ddnsclientupdates'])) { + $ddnsclientupdates = 'allow'; + } else { + $ddnsclientupdates = $dhcpv6ifconf['ddnsclientupdates']; + } + $dnscfgv6 .= " {$ddnsclientupdates} client-updates;\n"; $nsupdate = true; + } else { + $dnscfgv6 .= " do-forward-updates false;\n"; } if (is_array($dhcpv6ifconf['dnsserver']) && ($dhcpv6ifconf['dnsserver'][0])) { @@ -1380,21 +1387,33 @@ EOD; } } - if ($dhcpv6ifconf['domain']) { + if (!is_ipaddrv6($ifcfgipv6)) { + $ifcfgsnv6 = "64"; + $subnetv6 = gen_subnetv6($dhcpv6ifconf['range']['from'], $ifcfgsnv6); + } + + $dhcpdv6conf .= "subnet6 {$subnetv6}/{$ifcfgsnv6}"; + + if (isset($dhcpv6ifconf['ddnsupdate']) && + !empty($dhcpv6ifconf['ddnsdomain'])) { $newzone = array(); - $newzone['domain-name'] = $dhcpv6ifconf['domain']; + $newzone['domain-name'] = $dhcpv6ifconf['ddnsdomain']; $newzone['dns-servers'][] = $dhcpv6ifconf['ddnsdomainprimary']; $newzone['ddnsdomainkeyname'] = $dhcpv6ifconf['ddnsdomainkeyname']; $newzone['ddnsdomainkey'] = $dhcpv6ifconf['ddnsdomainkey']; $ddns_zones[] = $newzone; + if (isset($dhcpv6ifconf['ddnsreverse'])) { + $ptr_zones = get_v6_ptr_zones($subnetv6, $ifcfgsnv6); + foreach ($ptr_zones as $ptr_zone) { + $reversezone = array(); + $reversezone['domain-name'] = $ptr_zone; + $reversezone['dns-servers'][] = + $dhcpv6ifconf['ddnsdomainprimary']; + $ddns_zones[] = $reversezone; + } + } } - if (is_ipaddrv6($ifcfgipv6)) { - $dhcpdv6conf .= "subnet6 {$subnetv6}/{$ifcfgsnv6}"; - } else { - $subnet6 = gen_subnetv6($dhcpv6ifconf['range']['from'], "64"); - $dhcpdv6conf .= "subnet6 {$subnet6}/64"; - } $dhcpdv6conf .= " {\n"; $dhcpdv6conf .= <<<EOD @@ -1493,7 +1512,7 @@ EOD; } } - if ($dhcpv6ifconf['domain']) { + if ($dhcpv6ifconf['ddnsdomain']) { $dhcpdv6conf .= dhcpdkey($dhcpv6ifconf); $dhcpdv6conf .= dhcpdzones($ddns_zones); } diff --git a/src/etc/inc/util.inc b/src/etc/inc/util.inc index 31d929c..8005283 100644 --- a/src/etc/inc/util.inc +++ b/src/etc/inc/util.inc @@ -931,6 +931,58 @@ function check_subnetsv6_overlap($subnet1, $bits1, $subnet2, $bits2) { return ($subnetv6_start1 == $subnetv6_start2); } +/* return all PTR zones for a IPv6 network */ +function get_v6_ptr_zones($subnet, $bits) { + $result = array(); + + if (!is_ipaddrv6($subnet)) { + return $result; + } + + if (!is_numericint($bits) || $bits > 128) { + return $result; + } + + /* + * Find a small nibble boundary subnet mask + * e.g. a /29 will create 8 /32 PTR zones + */ + $small_sn = $bits; + while ($small_sn % 4 != 0) { + $small_sn++; + } + + /* Get network prefix */ + $small_subnet = Net_IPv6::getNetmask($subnet, $bits); + + /* + * While small network is part of bigger one, increase 4-bit in last + * digit to get next small network + */ + while (Net_IPv6::isInNetmask($small_subnet, $subnet, $bits)) { + /* Get a pure hex value */ + $unpacked = unpack('H*hex', inet_pton($small_subnet)); + /* Create PTR record using $small_sn / 4 chars */ + $result[] = implode('.', array_reverse(str_split(substr( + $unpacked['hex'], 0, $small_sn / 4)))).'.ip6.arpa'; + + /* Detect what part of IP should be increased */ + $change_part = (int) ($small_sn / 16); + if ($small_sn % 16 == 0) { + $change_part--; + } + + /* Convert desired part to decimal and increase 1 */ + $parts = explode(":", Net_IPv6::uncompress($small_subnet)); + $dec = base_convert($parts[$change_part], 16, 10) + 1; + /* Move back to hex and rebuild IP address */ + $parts[$change_part] = base_convert($dec, 10, 16); + $small_subnet = implode(":", $parts); + } + + return $result; +} + /* return true if $addr is in $subnet, false if not */ function ip_in_subnet($addr, $subnet) { if (is_ipaddrv6($addr) && is_subnetv6($subnet)) { diff --git a/src/usr/local/www/bootstrap/css/pfSense.css b/src/usr/local/www/bootstrap/css/pfSense.css index 87082c8..1d621c8 100644 --- a/src/usr/local/www/bootstrap/css/pfSense.css +++ b/src/usr/local/www/bootstrap/css/pfSense.css @@ -96,8 +96,17 @@ tr.disabled th { background-color: #212121; } +.navbar-brand > img { + /* reduce logo size */ + max-width: 127px; + max-height: 36px; + width: auto; + height: auto; +} + .navbar-brand { - padding-top: 3px; + /* vertically center logo */ + padding-top: 7px; } .nav>li>a { diff --git a/src/usr/local/www/head.inc b/src/usr/local/www/head.inc index 4a52da6..bfca9a0 100644 --- a/src/usr/local/www/head.inc +++ b/src/usr/local/www/head.inc @@ -434,6 +434,8 @@ if (($pagename === "index.php") && ($numColumns > 2)) { <ul class="dropdown-menu" role="menu"><?=output_menu($item['menu'], $item['href'])?></ul> </li> <?php endforeach?> + </ul> + <ul class="nav navbar-nav navbar-right"> <?php if (are_notices_pending()):?> <?php $notices = get_notices()?> <li class="dropdown"> diff --git a/src/usr/local/www/services_dhcpv6.php b/src/usr/local/www/services_dhcpv6.php index e1c3e8c..e8ac503 100644 --- a/src/usr/local/www/services_dhcpv6.php +++ b/src/usr/local/www/services_dhcpv6.php @@ -132,6 +132,8 @@ if (is_array($config['dhcpdv6'][$if])) { $pconfig['ddnsdomainkeyname'] = $config['dhcpdv6'][$if]['ddnsdomainkeyname']; $pconfig['ddnsdomainkey'] = $config['dhcpdv6'][$if]['ddnsdomainkey']; $pconfig['ddnsupdate'] = isset($config['dhcpdv6'][$if]['ddnsupdate']); + $pconfig['ddnsreverse'] = isset($config['dhcpdv6'][$if]['ddnsreverse']); + $pconfig['ddnsclientupdates'] = $config['dhcpdv6'][$if]['ddnsclientupdates']; list($pconfig['ntp1'], $pconfig['ntp2']) = $config['dhcpdv6'][$if]['ntpserver']; $pconfig['tftp'] = $config['dhcpdv6'][$if]['tftp']; $pconfig['ldap'] = $config['dhcpdv6'][$if]['ldap']; @@ -364,6 +366,8 @@ if ($_POST) { $config['dhcpdv6'][$if]['ddnsdomainkeyname'] = $_POST['ddnsdomainkeyname']; $config['dhcpdv6'][$if]['ddnsdomainkey'] = $_POST['ddnsdomainkey']; $config['dhcpdv6'][$if]['ddnsupdate'] = ($_POST['ddnsupdate']) ? true : false; + $config['dhcpdv6'][$if]['ddnsreverse'] = ($_POST['ddnsreverse']) ? true : false; + $config['dhcpdv6'][$if]['ddnsclientupdates'] = $_POST['ddnsclientupdates']; unset($config['dhcpdv6'][$if]['ntpserver']); if ($_POST['ntp1']) { @@ -729,6 +733,26 @@ $section->addInput(new Form_Input( $pconfig['ddnsdomainkey'] ))->setHelp('Enter the dynamic DNS domain key secret which will be used to register client names in the DNS server.'); +$section->addInput(new Form_Select( + 'ddnsclientupdates', + 'DDNS Client Updates', + $pconfig['ddnsclientupdates'], + array( + 'allow' => gettext('Allow'), + 'deny' => gettext('Deny'), + 'ignore' => gettext('Ignore')) +))->setHelp('How Forward entries are handled when client indicates they wish to update DNS. ' . + 'Allow prevents DHCP from updating Forward entries, Deny indicates that DHCP will ' . + 'do the updates and the client should not, Ignore specifies that DHCP will do the ' . + 'update and the client can also attempt the update usually using a different domain name.'); + +$section->addInput(new Form_Checkbox( + 'ddnsreverse', + 'DDNS Reverse', + 'Add reverse dynamic DNS entries.', + $pconfig['ddnsreverse'] +)); + $btnntp = new Form_Button( 'btnntp', 'Advanced' @@ -967,6 +991,8 @@ events.push(function() { hideInput('ddnsdomainprimary', hide); hideInput('ddnsdomainkeyname', hide); hideInput('ddnsdomainkey', hide); + hideInput('ddnsclientupdates', hide); + hideCheckbox('ddnsreverse', hide); } // Make the 'Copy My MAC' button a plain button, not a submit button |