From cd1ae3289b369bd7e85bf631aa1ae81f3281258a Mon Sep 17 00:00:00 2001
From: lukehamburg <luke.hamburg@gmail.com>
Date: Thu, 9 Mar 2017 19:54:28 -0500
Subject: Adds option to skip adding IPv6 entries in /etc/hosts for LANs If a
 LAN interface's IPv6 configuration is set to Track, and the tracked interface
 loses connectivity, it can cause connections to the firewall that were
 established via IPv6 hostname to fail. This can happen unintentionally when
 accessing the system by hostname, since by default both IPv4 and IPv6 entries
 are added to /etc/hosts. This patch + enabling this option prevents those
 IPv6 records from being created and prevents this from occurring.

Set the option in System > Advanced > Networking

FILES CHANGED
- /etc/inc/system.inc
- /usr/local/www/system_advanced_network.php
---
 src/etc/inc/system.inc                        | 16 +++++++++-------
 src/usr/local/www/system_advanced_network.php | 17 +++++++++++++++++
 2 files changed, 26 insertions(+), 7 deletions(-)

diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc
index 61b6a77..6a1f529 100644
--- a/src/etc/inc/system.inc
+++ b/src/etc/inc/system.inc
@@ -327,13 +327,15 @@ function system_hosts_local_entries() {
 			);
 			$hosts_if_found = true;
 		}
-		$cfgipv6 = get_interface_ipv6($sysif);
-		if (is_ipaddrv6($cfgipv6)) {
-			$hosts[] = array(
-			    'ipaddr' => $cfgipv6,
-			    'fqdn' => $local_fqdn
-			);
-			$hosts_if_found = true;
+		if (!isset($syscfg['ipv6dontcreatelocaldns'])) {
+			$cfgipv6 = get_interface_ipv6($sysif);
+			if (is_ipaddrv6($cfgipv6)) {
+				$hosts[] = array(
+					'ipaddr' => $cfgipv6,
+					'fqdn' => $local_fqdn
+				);
+				$hosts_if_found = true;
+			}
 		}
 		if ($hosts_if_found == true) {
 			break;
diff --git a/src/usr/local/www/system_advanced_network.php b/src/usr/local/www/system_advanced_network.php
index 297d82a..fc55e45 100644
--- a/src/usr/local/www/system_advanced_network.php
+++ b/src/usr/local/www/system_advanced_network.php
@@ -40,6 +40,7 @@ require_once("shaper.inc");
 $pconfig['ipv6nat_enable'] = isset($config['diag']['ipv6nat']['enable']);
 $pconfig['ipv6nat_ipaddr'] = $config['diag']['ipv6nat']['ipaddr'];
 $pconfig['ipv6allow'] = isset($config['system']['ipv6allow']);
+$pconfig['ipv6dontcreatelocaldns'] = isset($config['system']['ipv6dontcreatelocaldns']);
 $pconfig['global-v6duid'] = $config['system']['global-v6duid'];
 $pconfig['prefer_ipv4'] = isset($config['system']['prefer_ipv4']);
 $pconfig['sharednet'] = $config['system']['sharednet'];
@@ -86,6 +87,12 @@ if ($_POST) {
 			unset($config['system']['ipv6allow']);
 		}
 
+		if ($_POST['ipv6dontcreatelocaldns'] == "yes") {
+			$config['system']['ipv6dontcreatelocaldns'] = true;
+		} else {
+			unset($config['system']['ipv6dontcreatelocaldns']);
+		}
+
 		if ($_POST['prefer_ipv4'] == "yes") {
 			$config['system']['prefer_ipv4'] = true;
 		} else {
@@ -203,6 +210,16 @@ $section->addInput(new Form_Checkbox(
 ))->setHelp('By default, if IPv6 is configured and a hostname resolves IPv6 and IPv4 addresses, '. 
 	'IPv6 will be used. If this option is selected, IPv4 will be preferred over IPv6.');
 
+$section->addInput(new Form_Checkbox(
+	'ipv6dontcreatelocaldns',
+	'IPv6 DNS entry',
+	'Do not generate local IPv6 DNS entries for LAN interfaces',
+	$pconfig['ipv6dontcreatelocaldns']
+))->setHelp('If a LAN interface\'s IPv6 configuration is set to Track, and the tracked interface loses connectivity, '.
+    'it can cause connections to this firewall that were established via IPv6 hostname to fail. This can happen '.
+	'unintentionally when accessing the system by hostname, since by default both IPv4 and IPv6 entries are added '.
+	'to /etc/hosts. Enabling this option prevents those IPv6 records from being created.');
+
 $group = new Form_Group('DHCP6 DUID');
 
 $group->add(new Form_Input(
-- 
cgit v1.1


From 6ff1f0f39f772173162cc7797ea86110e193913e Mon Sep 17 00:00:00 2001
From: lukehamburg <luke.hamburg@gmail.com>
Date: Wed, 29 Mar 2017 23:56:20 -0400
Subject: Updated help text to be more accurate as per jim-p suggestion.

---
 src/usr/local/www/system_advanced_network.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/usr/local/www/system_advanced_network.php b/src/usr/local/www/system_advanced_network.php
index fc55e45..20d8791 100644
--- a/src/usr/local/www/system_advanced_network.php
+++ b/src/usr/local/www/system_advanced_network.php
@@ -216,9 +216,9 @@ $section->addInput(new Form_Checkbox(
 	'Do not generate local IPv6 DNS entries for LAN interfaces',
 	$pconfig['ipv6dontcreatelocaldns']
 ))->setHelp('If a LAN interface\'s IPv6 configuration is set to Track, and the tracked interface loses connectivity, '.
-    'it can cause connections to this firewall that were established via IPv6 hostname to fail. This can happen '.
-	'unintentionally when accessing the system by hostname, since by default both IPv4 and IPv6 entries are added '.
-	'to /etc/hosts. Enabling this option prevents those IPv6 records from being created.');
+    'it can cause connections to this firewall that were established via hostname to fail. This can happen '.
+	'unintentionally when accessing the firewall by hostname, since by default both IPv4 and IPv6 entries are added '.
+	'to the system\'s DNS. Enabling this option prevents those IPv6 records from being created.');
 
 $group = new Form_Group('DHCP6 DUID');
 
-- 
cgit v1.1