diff options
| -rw-r--r-- | etc/inc/services.inc | 29 | ||||
| -rwxr-xr-x | usr/local/www/services_dnsmasq.php | 46 |
2 files changed, 71 insertions, 4 deletions
diff --git a/etc/inc/services.inc b/etc/inc/services.inc index e56b84b..1458e1c 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -1577,6 +1577,31 @@ function services_dnsmasq_configure() { if (is_port($config['dnsmasq']['port'])) $args .= " --port={$config['dnsmasq']['port']} "; + $listen_addresses = ""; + if(isset($config['dnsmasq']['interface'])) { + $interfaces = explode(",", $config['dnsmasq']['interface']); + foreach ($interfaces as $interface) { + if (is_ipaddr($interface)) { + $listen_addresses .= " --listen-address={$interface} "; + } else { + $if = get_real_interface($interface); + if (does_interface_exist($if)) { + $laddr = find_interface_ip($if); + if (is_ipaddrv4($laddr)) + $listen_addresses .= " --listen-address={$laddr} "; + $laddr6 = find_interface_ipv6($if); + if (is_ipaddrv6($laddr6) && !isset($config['dnsmasq']['strictbind'])) + $listen_addresses .= " --listen-address={$laddr6} "; + } + } + } + if (!empty($listen_addresses)) { + $args .= " {$listen_addresses} "; + if (isset($config['dnsmasq']['strictbind'])) + $args .= " --bind-interfaces "; + } + } + /* Setup forwarded domains */ if (isset($config['dnsmasq']['domainoverrides']) && is_array($config['dnsmasq']['domainoverrides'])) { foreach($config['dnsmasq']['domainoverrides'] as $override) { @@ -1625,7 +1650,9 @@ function services_dnsmasq_configure() { } /* run dnsmasq */ - mwexec_bg("/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers {$dns_rebind} --dns-forward-max=5000 --cache-size=10000 {$args}"); + $cmd = "/usr/local/sbin/dnsmasq --local-ttl 1 --all-servers {$dns_rebind} --dns-forward-max=5000 --cache-size=10000 {$args}"; + //log_error("dnsmasq command: {$cmd}"); + mwexec_bg($cmd); unset($args); if ($g['booting']) diff --git a/usr/local/www/services_dnsmasq.php b/usr/local/www/services_dnsmasq.php index 55c2797..7017296 100755 --- a/usr/local/www/services_dnsmasq.php +++ b/usr/local/www/services_dnsmasq.php @@ -54,6 +54,9 @@ $pconfig['no_private_reverse'] = isset($config['dnsmasq']['no_private_reverse']) $pconfig['port'] = $config['dnsmasq']['port']; $pconfig['custom_options'] = $config['dnsmasq']['custom_options']; +$pconfig['strictbind'] = isset($config['dnsmasq']['strictbind']); +$pconfig['interface'] = explode(",", $config['dnsmasq']['interface']); + if (!is_array($config['dnsmasq']['hosts'])) $config['dnsmasq']['hosts'] = array(); @@ -77,6 +80,7 @@ if ($_POST) { $config['dnsmasq']['domain_needed'] = ($_POST['domain_needed']) ? true : false; $config['dnsmasq']['no_private_reverse'] = ($_POST['no_private_reverse']) ? true : false; $config['dnsmasq']['custom_options'] = str_replace("\r\n", "\n", $_POST['custom_options']); + $config['dnsmasq']['strictbind'] = ($_POST['strictbind']) ? true : false; if ($_POST['port']) if(is_port($_POST['port'])) @@ -86,9 +90,10 @@ if ($_POST) { else if (isset($config['dnsmasq']['port'])) unset($config['dnsmasq']['port']); - if ($_POST['port']) - if(!is_port($_POST['port'])) - $input_errors[] = gettext("You must specify a valid port number"); + if (is_array($_POST['interface'])) + $config['dnsmasq']['interface'] = implode(",", $_POST['interface']); + elseif (isset($config['dnsmasq']['interface'])) + unset($config['dnsmasq']['interface']); if ($config['dnsmasq']['custom_options']) { $args = ''; @@ -251,6 +256,41 @@ function show_advanced_dns() { </td> </tr> <tr> + <td width="22%" valign="top" rowspan="2" class="vncellreq"><?=gettext("Interfaces"); ?></td> + <td width="78%" class="vtable"> + <?php + $interface_addresses = get_possible_listen_ips(true); + $size=count($interface_addresses)+1; + ?> + <?=gettext("Interface IPs used to respond to queries from the DNS Forwarder. In an interface has both IPv4 and IPv6 IPs, both are used. Queries to other interface IPs not selected below are discarded. The default behavior is to respond to queries on every available IPv4 and IPv6 address.");?> + <br /><br /> + <select id="interface" name="interface[]" multiple="true" class="formselect" size="<?php echo $size; ?>"> + <option value="">All</option> + <?php foreach ($interface_addresses as $laddr): + $selected = ""; + if (in_array($laddr['value'], $pconfig['interface'])) + $selected = 'selected="selected"'; + ?> + <option value="<?=$laddr['value'];?>" <?=$selected;?>> + <?=htmlspecialchars($laddr['name']);?> + </option> + <?php endforeach; ?> + </select> + <br /> + </td> + </tr> + <tr> + <td width="78%" class="vtable"><p> + <input name="strictbind" type="checkbox" id="strictbind" value="yes" <?php if ($pconfig['strictbind'] == "yes") echo "checked";?>> + <strong><?=gettext("Strict Interface Binding");?></strong> + <br /> + <?= gettext("If this option is set, the DNS forwarder will only bind to the interfaces selected above, rather than binding to all interfaces and discarding queries to other addresses."); ?> + <br /><br /> + <?= gettext("NOTE: This option does NOT work with IPv6. If set, dnsmasq will not bind to IPv6 addresses."); ?> + </p> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Advanced");?></td> <td width="78%" class="vtable"><p> <div id="showadvbox" <?php if ($pconfig['custom_options']) echo "style='display:none'"; ?>> |
