unbound: fix boot time and default run directory
Unbound struggles with boot ifup, so procd triggers changed to push outside of this noise. Unbound has run in /var/lib/unbound/, so chroot (jail) protects /etc/, and it can save flash wear. Compiled defaults reflect this now, so Unbound tools are easier run on the command line. Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
This commit is contained in:
parent
74c043276a
commit
8830d72bbd
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=unbound
|
||||
PKG_VERSION:=1.7.3
|
||||
PKG_RELEASE:=3
|
||||
PKG_RELEASE:=4
|
||||
|
||||
PKG_LICENSE:=BSD-3-Clause
|
||||
PKG_LICENSE_FILES:=LICENSE
|
||||
|
@ -36,7 +36,7 @@ define Package/unbound
|
|||
SECTION:=net
|
||||
CATEGORY:=Network
|
||||
SUBMENU:=IP Addresses and Names
|
||||
USERID:=unbound=553:unbound=553
|
||||
USERID:=unbound:unbound
|
||||
TITLE+= (daemon)
|
||||
DEPENDS+= +libunbound
|
||||
endef
|
||||
|
@ -117,8 +117,10 @@ CONFIGURE_ARGS += \
|
|||
--enable-tfo-server \
|
||||
--with-libexpat="$(STAGING_DIR)/usr" \
|
||||
--with-ssl="$(STAGING_DIR)/usr" \
|
||||
--with-pidfile=/var/run/unbound.pid \
|
||||
--with-user=unbound
|
||||
--with-user=unbound \
|
||||
--with-run-dir=/var/lib/unbound \
|
||||
--with-conf-file=/var/lib/unbound/unbound.conf \
|
||||
--with-pidfile=/var/run/unbound.pid
|
||||
|
||||
define Package/unbound/conffiles
|
||||
/etc/config/unbound
|
||||
|
@ -142,7 +144,7 @@ define Package/unbound/install
|
|||
$(1)/usr/sbin/
|
||||
$(INSTALL_DIR) $(1)/etc/unbound
|
||||
$(INSTALL_DATA) \
|
||||
$(PKG_INSTALL_DIR)/etc/unbound/unbound.conf \
|
||||
$(PKG_INSTALL_DIR)/var/lib/unbound/unbound.conf \
|
||||
$(1)/etc/unbound/unbound.conf
|
||||
$(INSTALL_DATA) ./files/root.key $(1)/etc/unbound/root.key
|
||||
$(INSTALL_DATA) ./files/unbound_ext.conf $(1)/etc/unbound/unbound_ext.conf
|
||||
|
|
|
@ -41,6 +41,7 @@ UB_TLS_ETC_FILE=/etc/ssl/certs/ca-certificates.crt
|
|||
UB_RKEY_FILE=$UB_VARDIR/root.key
|
||||
UB_RHINT_FILE=$UB_VARDIR/root.hints
|
||||
UB_TIME_FILE=$UB_VARDIR/hotplug.time
|
||||
UB_SKIP_FILE=$UB_VARDIR/skip.time
|
||||
|
||||
# control app keys
|
||||
UB_CTLKEY_FILE=$UB_VARDIR/unbound_control.key
|
||||
|
@ -50,7 +51,7 @@ UB_SRVPEM_FILE=$UB_VARDIR/unbound_server.pem
|
|||
|
||||
# similar default SOA / NS RR as Unbound uses for private ARPA zones
|
||||
UB_XSER=$(( $( date +%s ) / 60 ))
|
||||
UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 600"
|
||||
UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 300"
|
||||
UB_XNS="7200 IN NS localhost."
|
||||
UB_XTXT="7200 IN TXT \"comment=local intranet dns zone\""
|
||||
UB_MTXT="7200 IN TXT \"comment=masked internet dns zone\""
|
||||
|
|
|
@ -206,6 +206,7 @@ dnsmasq_local_arpa() {
|
|||
dnsmasq_inactive() {
|
||||
local record
|
||||
|
||||
|
||||
if [ "$UB_D_EXTRA_DNS" -gt 0 ] ; then
|
||||
# Parasite from the uci.dhcp.domain clauses
|
||||
DM_LIST_KNOWN_ZONES="$DM_LIST_KNOWN_ZONES $UB_TXT_DOMAIN"
|
||||
|
|
|
@ -43,8 +43,8 @@ odhcpd_zonedata() {
|
|||
local dhcp_origin=$( uci_get dhcp.@odhcpd[0].leasefile )
|
||||
|
||||
|
||||
if [ -f "$UB_TIME_FILE" -a "$dhcp_link" = "odhcpd" \
|
||||
-a -f "$dhcp_origin" -a -n "$dhcp_domain" ] ; then
|
||||
if [ -f "$UB_TOTAL_CONF" -a -f "$dhcp_origin" \
|
||||
-a "$dhcp_link" = "odhcpd" -a -n "$dhcp_domain" ] ; then
|
||||
# Capture the lease file which could be changing often
|
||||
sort $dhcp_origin > $dhcp_ls_new
|
||||
|
||||
|
|
|
@ -54,22 +54,31 @@ stop_service() {
|
|||
##############################################################################
|
||||
|
||||
service_triggers() {
|
||||
local trigger
|
||||
local legacy=$( uci_get unbound.@unbound[0].trigger )
|
||||
local triggers=$( uci_get unbound.@unbound[0].trigger_interface )
|
||||
local trigger="$triggers $legacy"
|
||||
|
||||
triggers="$triggers $legacy"
|
||||
PROCD_RELOAD_DELAY=2000
|
||||
procd_add_reload_trigger "unbound"
|
||||
. /usr/lib/unbound/defaults.sh
|
||||
|
||||
|
||||
if [ ! -f "$UB_TOTAL_CONF" -o -n "$UB_BOOT" ] ; then
|
||||
# Unbound is can be a bit heavy, so wait some on first start but any
|
||||
# interface coming up affects the trigger and delay so guarantee start
|
||||
procd_add_raw_trigger "interface.*.up" 5000 /etc/init.d/unbound restart
|
||||
|
||||
elif [ -n "$triggers" ] ; then
|
||||
PROCD_RELOAD_DELAY=2000
|
||||
procd_add_reload_trigger "unbound" "dhcp"
|
||||
|
||||
|
||||
if [ -n "$triggers" ] ; then
|
||||
for trigger in $triggers ; do
|
||||
# due to some netifd/procd interactions with IP6, limit interfaces
|
||||
# User selected triggers to restart at any other time
|
||||
procd_add_reload_interface_trigger "$trigger"
|
||||
done
|
||||
|
||||
else
|
||||
procd_add_raw_trigger "interface.*.up" 2000 /etc/init.d/unbound reload
|
||||
PROCD_RELOAD_DELAY=2000
|
||||
procd_add_reload_trigger "unbound" "dhcp"
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
|
@ -61,6 +61,9 @@ UB_TXT_HOSTNAME=thisrouter
|
|||
|
||||
##############################################################################
|
||||
|
||||
# reset as a combo with UB_B_NTP_BOOT and some time stamp files
|
||||
UB_B_READY=1
|
||||
|
||||
# keep track of assignments during inserted resource records
|
||||
UB_LIST_NETW_ALL=""
|
||||
UB_LIST_NETW_LAN=""
|
||||
|
@ -219,7 +222,7 @@ unbound_mkdir() {
|
|||
# Debian-like package dns-root-data
|
||||
cp -p /usr/share/dns/root.hints $UB_RHINT_FILE
|
||||
|
||||
elif [ ! -f "$UB_TIME_FILE" ] ; then
|
||||
elif [ "$UB_B_READY" -eq 0 ] ; then
|
||||
logger -t unbound -s "default root hints (built in root-servers.net)"
|
||||
fi
|
||||
fi
|
||||
|
@ -233,7 +236,7 @@ unbound_mkdir() {
|
|||
elif [ -x $UB_ANCHOR ] ; then
|
||||
$UB_ANCHOR -a $UB_RKEY_FILE
|
||||
|
||||
elif [ ! -f "$UB_TIME_FILE" ] ; then
|
||||
elif [ "$UB_B_READY" -eq 0 ] ; then
|
||||
logger -t unbound -s "default trust anchor (built in root DS record)"
|
||||
fi
|
||||
fi
|
||||
|
@ -285,9 +288,21 @@ unbound_mkdir() {
|
|||
fi
|
||||
|
||||
|
||||
if [ "$UB_B_NTP_BOOT" -eq 0 ] ; then
|
||||
# time is considered okay on this device (skip /etc/hotplug/ntpd/unbound)
|
||||
if [ -f "$UB_TIME_FILE" ] ; then
|
||||
# NTP is done so its like you actually had an RTC
|
||||
UB_B_READY=1
|
||||
UB_B_NTP_BOOT=0
|
||||
|
||||
elif [ "$UB_B_NTP_BOOT" -eq 0 ] ; then
|
||||
# time is considered okay on this device (ignore /etc/hotplug/ntpd/unbound)
|
||||
date -Is > $UB_TIME_FILE
|
||||
UB_B_READY=0
|
||||
UB_B_NTP_BOOT=0
|
||||
|
||||
else
|
||||
# DNSSEC-TIME will not reconcile
|
||||
UB_B_READY=0
|
||||
UB_B_NTP_BOOT=1
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -407,8 +422,8 @@ unbound_zone() {
|
|||
|
||||
case $zone_type in
|
||||
auth_zone)
|
||||
if [ -n "$UB_LIST_ZONE_NAMES" ] \
|
||||
&& [ -n "$url_dir" -o -n "$UB_LIST_ZONE_SERVERS" ] ; then
|
||||
if [ -n "$UB_LIST_ZONE_NAMES" \
|
||||
-a \( -n "$url_dir" -o -n "$UB_LIST_ZONE_SERVERS" \) ] ; then
|
||||
for zone_name in $UB_LIST_ZONE_NAMES ; do
|
||||
if [ "$zone_name" = "." ] ; then
|
||||
zone_sym=.
|
||||
|
@ -626,7 +641,7 @@ unbound_conf() {
|
|||
;;
|
||||
|
||||
*)
|
||||
if [ ! -f "$UB_TIME_FILE" ] ; then
|
||||
if [ "$UB_B_READY" -eq 0 ] ; then
|
||||
logger -t unbound -s "default protocol configuration"
|
||||
fi
|
||||
|
||||
|
@ -686,7 +701,7 @@ unbound_conf() {
|
|||
echo
|
||||
} >> $UB_CORE_CONF
|
||||
|
||||
elif [ ! -f "$UB_TIME_FILE" ] ; then
|
||||
elif [ "$UB_B_READY" -eq 0 ] ; then
|
||||
logger -t unbound -s "default memory configuration"
|
||||
fi
|
||||
|
||||
|
@ -696,7 +711,7 @@ unbound_conf() {
|
|||
|
||||
|
||||
if [ "$UB_B_DNSSEC" -gt 0 ] ; then
|
||||
if [ ! -f "$UB_TIME_FILE" -a "$UB_B_NTP_BOOT" -gt 0 ] ; then
|
||||
if [ "$UB_B_NTP_BOOT" -gt 0 ] ; then
|
||||
# DNSSEC chicken and egg with getting NTP time
|
||||
echo " val-override-date: -1" >> $UB_CORE_CONF
|
||||
fi
|
||||
|
@ -777,7 +792,7 @@ unbound_conf() {
|
|||
;;
|
||||
|
||||
*)
|
||||
if [ ! -f "$UB_TIME_FILE" ] ; then
|
||||
if [ "$UB_B_READY" -eq 0 ] ; then
|
||||
logger -t unbound -s "default recursion configuration"
|
||||
fi
|
||||
;;
|
||||
|
@ -898,8 +913,8 @@ unbound_hostname() {
|
|||
echo
|
||||
} >> $UB_HOST_CONF
|
||||
|
||||
elif [ -n "$UB_TXT_DOMAIN" ] \
|
||||
&& [ "$UB_D_WAN_FQDN" -gt 0 -o "$UB_D_LAN_FQDN" -gt 0 ] ; then
|
||||
elif [ -n "$UB_TXT_DOMAIN" \
|
||||
-a \( "$UB_D_WAN_FQDN" -gt 0 -o "$UB_D_LAN_FQDN" -gt 0 \) ] ; then
|
||||
case "$UB_D_DOMAIN_TYPE" in
|
||||
deny|inform_deny|refuse|static)
|
||||
{
|
||||
|
@ -947,180 +962,178 @@ unbound_hostname() {
|
|||
} >> $UB_HOST_CONF
|
||||
|
||||
|
||||
if [ -f "$UB_TIME_FILE" ] ; then
|
||||
if [ -n "$UB_LIST_NETW_WAN" ] ; then
|
||||
for ifsubnet in $UB_LIST_NETW_WAN ; do
|
||||
ifaddr=${ifsubnet#*@}
|
||||
ifaddr=${ifaddr%/*}
|
||||
ifarpa=$( host_ptr_any "$ifaddr" )
|
||||
if [ -n "$UB_LIST_NETW_WAN" ] ; then
|
||||
for ifsubnet in $UB_LIST_NETW_WAN ; do
|
||||
ifaddr=${ifsubnet#*@}
|
||||
ifaddr=${ifaddr%/*}
|
||||
ifarpa=$( host_ptr_any "$ifaddr" )
|
||||
|
||||
|
||||
if [ -n "$ifarpa" ] ; then
|
||||
if [ "$UB_D_WAN_FQDN" -gt 0 ] ; then
|
||||
{
|
||||
# Create a static zone for WAN host record only (singular)
|
||||
echo " domain-insecure: $ifarpa"
|
||||
echo " private-address: $ifaddr"
|
||||
echo " local-zone: $ifarpa static"
|
||||
echo " local-data: \"$ifarpa. $UB_XSOA\""
|
||||
echo " local-data: \"$ifarpa. $UB_XNS\""
|
||||
echo " local-data: '$ifarpa. $UB_MTXT'"
|
||||
echo
|
||||
} >> $UB_HOST_CONF
|
||||
if [ -n "$ifarpa" ] ; then
|
||||
if [ "$UB_D_WAN_FQDN" -gt 0 ] ; then
|
||||
{
|
||||
# Create a static zone for WAN host record only (singular)
|
||||
echo " domain-insecure: $ifarpa"
|
||||
echo " private-address: $ifaddr"
|
||||
echo " local-zone: $ifarpa static"
|
||||
echo " local-data: \"$ifarpa. $UB_XSOA\""
|
||||
echo " local-data: \"$ifarpa. $UB_XNS\""
|
||||
echo " local-data: '$ifarpa. $UB_MTXT'"
|
||||
echo
|
||||
} >> $UB_HOST_CONF
|
||||
|
||||
elif [ "$zonetype" -gt 0 ] ; then
|
||||
{
|
||||
echo " local-zone: $ifarpa transparent"
|
||||
echo
|
||||
} >> $UB_HOST_CONF
|
||||
fi
|
||||
elif [ "$zonetype" -gt 0 ] ; then
|
||||
{
|
||||
echo " local-zone: $ifarpa transparent"
|
||||
echo
|
||||
} >> $UB_HOST_CONF
|
||||
fi
|
||||
done
|
||||
fi
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
|
||||
if [ -n "$UB_LIST_NETW_LAN" ] ; then
|
||||
for ifsubnet in $UB_LIST_NETW_LAN ; do
|
||||
ifarpa=$( domain_ptr_any "${ifsubnet#*@}" )
|
||||
if [ -n "$UB_LIST_NETW_LAN" ] ; then
|
||||
for ifsubnet in $UB_LIST_NETW_LAN ; do
|
||||
ifarpa=$( domain_ptr_any "${ifsubnet#*@}" )
|
||||
|
||||
|
||||
if [ -n "$ifarpa" ] ; then
|
||||
if [ "$zonetype" -eq 2 ] ; then
|
||||
{
|
||||
# Do NOT forward queries with your ip6.arpa or in-addr.arpa
|
||||
echo " domain-insecure: $ifarpa"
|
||||
echo " local-zone: $ifarpa static"
|
||||
echo " local-data: \"$ifarpa. $UB_XSOA\""
|
||||
echo " local-data: \"$ifarpa. $UB_XNS\""
|
||||
echo " local-data: '$ifarpa. $UB_XTXT'"
|
||||
echo
|
||||
} >> $UB_HOST_CONF
|
||||
if [ -n "$ifarpa" ] ; then
|
||||
if [ "$zonetype" -eq 2 ] ; then
|
||||
{
|
||||
# Do NOT forward queries with your ip6.arpa or in-addr.arpa
|
||||
echo " domain-insecure: $ifarpa"
|
||||
echo " local-zone: $ifarpa static"
|
||||
echo " local-data: \"$ifarpa. $UB_XSOA\""
|
||||
echo " local-data: \"$ifarpa. $UB_XNS\""
|
||||
echo " local-data: '$ifarpa. $UB_XTXT'"
|
||||
echo
|
||||
} >> $UB_HOST_CONF
|
||||
|
||||
elif [ "$zonetype" -eq 1 -a "$UB_D_PRIV_BLCK" -eq 0 ] ; then
|
||||
{
|
||||
echo " local-zone: $ifarpa transparent"
|
||||
echo
|
||||
} >> $UB_HOST_CONF
|
||||
fi
|
||||
elif [ "$zonetype" -eq 1 -a "$UB_D_PRIV_BLCK" -eq 0 ] ; then
|
||||
{
|
||||
echo " local-zone: $ifarpa transparent"
|
||||
echo
|
||||
} >> $UB_HOST_CONF
|
||||
fi
|
||||
done
|
||||
fi
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
|
||||
ulaprefix=$( uci_get network.@globals[0].ula_prefix )
|
||||
ulaprefix=${ulaprefix%%:/*}
|
||||
hostfqdn="$UB_TXT_HOSTNAME.$UB_TXT_DOMAIN"
|
||||
ulaprefix=$( uci_get network.@globals[0].ula_prefix )
|
||||
ulaprefix=${ulaprefix%%:/*}
|
||||
hostfqdn="$UB_TXT_HOSTNAME.$UB_TXT_DOMAIN"
|
||||
|
||||
|
||||
if [ -z "$ulaprefix" ] ; then
|
||||
# Nonsense so this option isn't globbed below
|
||||
ulaprefix="fdno:such:addr::"
|
||||
fi
|
||||
if [ -z "$ulaprefix" ] ; then
|
||||
# Nonsense so this option isn't globbed below
|
||||
ulaprefix="fdno:such:addr::"
|
||||
fi
|
||||
|
||||
|
||||
if [ "$UB_LIST_NETW_LAN" -a "$UB_D_LAN_FQDN" -gt 0 ] ; then
|
||||
for ifsubnet in $UB_LIST_NETW_LAN ; do
|
||||
ifaddr=${ifsubnet#*@}
|
||||
ifaddr=${ifaddr%/*}
|
||||
ifname=${ifsubnet%@*}
|
||||
iffqdn="$ifname.$hostfqdn"
|
||||
if [ "$UB_LIST_NETW_LAN" -a "$UB_D_LAN_FQDN" -gt 0 ] ; then
|
||||
for ifsubnet in $UB_LIST_NETW_LAN ; do
|
||||
ifaddr=${ifsubnet#*@}
|
||||
ifaddr=${ifaddr%/*}
|
||||
ifname=${ifsubnet%@*}
|
||||
iffqdn="$ifname.$hostfqdn"
|
||||
|
||||
|
||||
if [ "$UB_D_LAN_FQDN" -eq 4 ] ; then
|
||||
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
if [ "$UB_D_LAN_FQDN" -eq 4 ] ; then
|
||||
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
|
||||
elif [ "$UB_D_LAN_FQDN" -eq 3 ] ; then
|
||||
names="$hostfqdn $UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
elif [ "$UB_D_LAN_FQDN" -eq 3 ] ; then
|
||||
names="$hostfqdn $UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
|
||||
else
|
||||
names="$UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
fi
|
||||
else
|
||||
names="$UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
fi
|
||||
|
||||
|
||||
for name in $names ; do
|
||||
case $ifaddr in
|
||||
"${ulaprefix}"*)
|
||||
# IP6 ULA only is assigned for OPTION 1
|
||||
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
;;
|
||||
|
||||
[1-9]*.*[0-9])
|
||||
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ "$UB_D_LAN_FQDN" -gt 1 ] ; then
|
||||
# IP6 GLA is assigned for higher options
|
||||
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
done
|
||||
echo >> $UB_HOST_CONF
|
||||
done
|
||||
fi
|
||||
|
||||
|
||||
if [ -n "$UB_LIST_NETW_WAN" -a "$UB_D_WAN_FQDN" -gt 0 ] ; then
|
||||
for ifsubnet in $UB_LIST_NETW_WAN ; do
|
||||
ifaddr=${ifsubnet#*@}
|
||||
ifaddr=${ifaddr%/*}
|
||||
ifname=${ifsubnet%@*}
|
||||
iffqdn="$ifname.$hostfqdn"
|
||||
|
||||
|
||||
if [ "$UB_D_WAN_FQDN" -eq 4 ] ; then
|
||||
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
|
||||
elif [ "$UB_D_WAN_FQDN" -eq 3 ] ; then
|
||||
names="$hostfqdn $UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
|
||||
else
|
||||
names="$UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
fi
|
||||
|
||||
|
||||
for name in $names ; do
|
||||
case $ifaddr in
|
||||
"${ulaprefix}"*)
|
||||
# IP6 ULA only is assigned for OPTION 1
|
||||
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
;;
|
||||
|
||||
[1-9]*.*[0-9])
|
||||
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ "$UB_D_WAN_FQDN" -gt 1 ] ; then
|
||||
# IP6 GLA is assigned for higher options
|
||||
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
fi
|
||||
for name in $names ; do
|
||||
case $ifaddr in
|
||||
"${ulaprefix}"*)
|
||||
# IP6 ULA only is assigned for OPTION 1
|
||||
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
;;
|
||||
esac
|
||||
done
|
||||
echo >> $UB_HOST_CONF
|
||||
|
||||
[1-9]*.*[0-9])
|
||||
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ "$UB_D_LAN_FQDN" -gt 1 ] ; then
|
||||
# IP6 GLA is assigned for higher options
|
||||
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
fi # end if time file
|
||||
echo >> $UB_HOST_CONF
|
||||
done
|
||||
fi
|
||||
|
||||
|
||||
if [ -n "$UB_LIST_NETW_WAN" -a "$UB_D_WAN_FQDN" -gt 0 ] ; then
|
||||
for ifsubnet in $UB_LIST_NETW_WAN ; do
|
||||
ifaddr=${ifsubnet#*@}
|
||||
ifaddr=${ifaddr%/*}
|
||||
ifname=${ifsubnet%@*}
|
||||
iffqdn="$ifname.$hostfqdn"
|
||||
|
||||
|
||||
if [ "$UB_D_WAN_FQDN" -eq 4 ] ; then
|
||||
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
|
||||
elif [ "$UB_D_WAN_FQDN" -eq 3 ] ; then
|
||||
names="$hostfqdn $UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
|
||||
else
|
||||
names="$UB_TXT_HOSTNAME"
|
||||
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
|
||||
echo "$ptrrec" >> $UB_HOST_CONF
|
||||
fi
|
||||
|
||||
|
||||
for name in $names ; do
|
||||
case $ifaddr in
|
||||
"${ulaprefix}"*)
|
||||
# IP6 ULA only is assigned for OPTION 1
|
||||
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
;;
|
||||
|
||||
[1-9]*.*[0-9])
|
||||
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
;;
|
||||
|
||||
*)
|
||||
if [ "$UB_D_WAN_FQDN" -gt 1 ] ; then
|
||||
# IP6 GLA is assigned for higher options
|
||||
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
|
||||
echo "$namerec" >> $UB_HOST_CONF
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
done
|
||||
echo >> $UB_HOST_CONF
|
||||
done
|
||||
fi
|
||||
fi # end if uci valid
|
||||
}
|
||||
|
||||
|
@ -1178,7 +1191,7 @@ unbound_uci() {
|
|||
UB_D_DHCP_LINK=dnsmasq
|
||||
|
||||
|
||||
if [ ! -f "$UB_TIME_FILE" ] ; then
|
||||
if [ "$UB_B_READY" -eq 0 ] ; then
|
||||
logger -t unbound -s "Please use 'dhcp_link' selector instead"
|
||||
fi
|
||||
fi
|
||||
|
@ -1193,7 +1206,7 @@ unbound_uci() {
|
|||
fi
|
||||
|
||||
|
||||
if [ ! -f "$UB_TIME_FILE" -a "$UB_D_DHCP_LINK" = "none" ] ; then
|
||||
if [ "$UB_B_READY" -eq 0 -a "$UB_D_DHCP_LINK" = "none" ] ; then
|
||||
logger -t unbound -s "cannot forward to dnsmasq"
|
||||
fi
|
||||
fi
|
||||
|
@ -1207,7 +1220,7 @@ unbound_uci() {
|
|||
fi
|
||||
|
||||
|
||||
if [ ! -f "$UB_TIME_FILE" -a "$UB_D_DHCP_LINK" = "none" ] ; then
|
||||
if [ "$UB_B_READY" -eq 0 -a "$UB_D_DHCP_LINK" = "none" ] ; then
|
||||
logger -t unbound -s "cannot receive records from odhcpd"
|
||||
fi
|
||||
fi
|
||||
|
@ -1220,8 +1233,8 @@ unbound_uci() {
|
|||
fi
|
||||
|
||||
|
||||
if [ "$UB_N_RX_PORT" -ne 53 ] \
|
||||
&& [ "$UB_N_RX_PORT" -lt 1024 -o 10240 -lt "$UB_N_RX_PORT" ] ; then
|
||||
if [ "$UB_N_RX_PORT" -ne 53 \
|
||||
-a \( "$UB_N_RX_PORT" -lt 1024 -o 10240 -lt "$UB_N_RX_PORT" \) ] ; then
|
||||
logger -t unbound -s "privileged port or in 5 digits, using default"
|
||||
UB_N_RX_PORT=53
|
||||
fi
|
||||
|
@ -1264,7 +1277,7 @@ unbound_include() {
|
|||
fi
|
||||
|
||||
|
||||
if [ -f "$UB_TIME_FILE" -a -f "$UB_DHCP_CONF" ] ; then
|
||||
if [ -f "$UB_DHCP_CONF" ] ; then
|
||||
{
|
||||
# Seed DHCP records because dhcp scripts trigger externally
|
||||
# Incremental Unbound restarts may drop unbound-control records
|
||||
|
@ -1274,8 +1287,8 @@ unbound_include() {
|
|||
fi
|
||||
|
||||
|
||||
if [ ! -f "$UB_TIME_FILE" -o -z "$adb_files" \
|
||||
-o ! -x /usr/bin/adblock.sh -o ! -x /etc/init.d/adblock ] ; then
|
||||
if [ -z "$adb_files" \
|
||||
-o ! -x /usr/bin/adblock.sh -o ! -x /etc/init.d/adblock ] ; then
|
||||
adb_enabled=0
|
||||
|
||||
elif /etc/init.d/adblock enabled ; then
|
||||
|
|
Loading…
Reference in New Issue