diff options
| author | PiBa-NL <pba_2k3@yahoo.com> | 2014-03-19 17:10:49 +0100 |
|---|---|---|
| committer | PiBa-NL <pba_2k3@yahoo.com> | 2014-03-19 17:10:49 +0100 |
| commit | 39b3fe5d22482d16a161193167c00af90390343a (patch) | |
| tree | 53b19691d90440731195eb2325db2ecd8511feb2 /config/bind | |
| parent | 2a4f986325ccd3a08273bee285993415da12aeb2 (diff) | |
| parent | fd710b1c45207f551d7b0a38eb95b5b5e353ac77 (diff) | |
| download | pfsense-packages-39b3fe5d22482d16a161193167c00af90390343a.tar.gz pfsense-packages-39b3fe5d22482d16a161193167c00af90390343a.tar.bz2 pfsense-packages-39b3fe5d22482d16a161193167c00af90390343a.zip | |
Merge branch 'master' of https://github.com/pfsense/pfsense-packages into hap_de-install_logging
Conflicts:
config/haproxy-devel/haproxy.inc
Diffstat (limited to 'config/bind')
| -rw-r--r-- | config/bind/bind.inc | 58 | ||||
| -rw-r--r-- | config/bind/bind.widget.php | 2 | ||||
| -rw-r--r-- | config/bind/bind.xml | 18 | ||||
| -rw-r--r-- | config/bind/bind_acls.xml | 2 | ||||
| -rw-r--r-- | config/bind/bind_zones.xml | 2 |
5 files changed, 55 insertions, 27 deletions
diff --git a/config/bind/bind.inc b/config/bind/bind.inc index ff3728fb..156e9eb8 100644 --- a/config/bind/bind.inc +++ b/config/bind/bind.inc @@ -43,7 +43,7 @@ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version > 2.0) define('BIND_LOCALBASE', '/usr/pbi/bind-' . php_uname("m")); else - define('BIND_LOCALBASE','/usr/local'); + define('BIND_LOCALBASE','/usr/local'); define('CHROOT_LOCALBASE','/cf/named'); @@ -95,8 +95,7 @@ function bind_zone_validate($post, $input_errors){ } } - function bind_sync(){ - +function bind_sync(){ global $config; conf_mount_rw(); //create rndc @@ -164,8 +163,8 @@ EOD; } //check ips to listen on if (preg_match("/All/",$bind['listenon'])){ - $bind_listenonv6="Any;"; - $bind_listenon="Any;"; + $bind_listenonv6="any;"; + $bind_listenon="any;"; } else{ $bind_listenonv6=""; @@ -198,10 +197,10 @@ EOD; if ($bind_notify == on) $bind_conf .="\t\tnotify yes;\n"; if ($hide_version == on) - $bind_conf .="\t\tversion \"N/A\";\n"; + $bind_conf .="\t\tversion none;\n"; - $bind_conf .="\t\t$custom_options\n"; - $bind_conf .= "\t};\n\n"; + $bind_conf .= preg_replace("/^/m","\t\t",$custom_options); + $bind_conf .= "\n\t};\n\n"; if ($bind_logging == on){ //check if bind is included on syslog @@ -209,8 +208,9 @@ EOD; $restart_syslog=0; foreach ($syslog_files as $syslog_file){ $syslog_file_data=file_get_contents($syslog_file); - if (!preg_match("/dnsmasq,named,filterdns/",$syslog_file_data)){ + if ( !preg_match("/dnsmasq,named,filterdns/",$syslog_file_data) || !preg_match("/'dnsmasq','named','filterdns'/",$syslog_file_data) ) { $syslog_file_data=preg_replace("/dnsmasq,filterdns/","dnsmasq,named,filterdns",$syslog_file_data); + $syslog_file_data=preg_replace("/'dnsmasq','filterdns'/","'dnsmasq','named','filterdns'",$syslog_file_data); file_put_contents($syslog_file,$syslog_file_data); $restart_syslog++; } @@ -244,15 +244,22 @@ EOD; #Config Zone domain if(!is_array($config["installedpackages"]["bindacls"]) || !is_array($config["installedpackages"]["bindacls"]["config"])){ - $config["installedpackages"]["bindacls"]["config"][] =array("name"=>"any","description"=>"Default Access list","row" => array("value"=> "","description"=>"")); - write_config("Create Default bind acl 'Any'"); + $config["installedpackages"]["bindacls"]["config"][] = + array("name"=>"none","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>"")); + $config["installedpackages"]["bindacls"]["config"][] = + array("name"=>"any","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>"")); + $config["installedpackages"]["bindacls"]["config"][] = + array("name"=>"localhost","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>"")); + $config["installedpackages"]["bindacls"]["config"][] = + array("name"=>"localnets","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>"")); + write_config("Create BIND Built-in ACLs"); } $bindacls = $config["installedpackages"]["bindacls"]["config"]; for ($i=0; $i<sizeof($bindacls); $i++) { $aclname = $bindacls[$i]['name']; $aclhost = $bindacls[$i]['row']; - if($aclname != "any"){ + if($aclname != "none" && $aclname != "any" && $aclname != "localhost" && $aclname != "localnets"){ $bind_conf .= "acl \"$aclname\" {\n"; for ($u=0; $u<sizeof($aclhost); $u++) { @@ -438,12 +445,33 @@ EOD; $zone_conf .= "$hostname \t IN $hosttype $hostvalue \t$hostdst\n"; } - if (($zone[regdhcpstatic] == 'on') && is_array($config['dhcpd'])) { - foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) + if (($zone[regdhcpstatic] == 'on') && is_array($config['dhcpd'])) { + foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable'])) foreach ($dhcpifconf['staticmap'] as $host) if ($host['ipaddr'] && $host['hostname']) { - $zone_conf .= "{$host['hostname']}\tIN A\t{$host['ipaddr']}\n"; + if($zonereverso == "on") { + $hostdomain = $dhcpifconf['domain']; + if(strlen($hostdomain) == 0) { + $hostdomain = $config['system']['domain']; + } + if(strlen($hostdomain) != 0) { + $hostdomain .= '.'; + } + $zoneparts = array_reverse(explode('.',$zonename)); + $addressparts = explode('.',$host['ipaddr']); + $addressstart = 0; + while($addressstart < count($zoneparts) && $addressstart < count($addressparts) && $zoneparts[$addressstart] == $addressparts[$addressstart]) { + $addressstart++; + } + $shortaddress=''; + for($addresspointer = count($addressparts)-1; $addresspointer >= $addressstart; $addresspointer--) { + $shortaddress .= (strlen($shortaddress) > 0 ? '.' : '') . $addressparts[$addresspointer]; + } + $zone_conf .= "{$shortaddress}\tIN PTR\t{$host['hostname']}.{$hostdomain}\n"; + } else { + $zone_conf .= "{$host['hostname']}\tIN A\t{$host['ipaddr']}\n"; + } } } if ($zone['customzonerecords']!=""){ diff --git a/config/bind/bind.widget.php b/config/bind/bind.widget.php index 490ded9b..dc6b3bf0 100644 --- a/config/bind/bind.widget.php +++ b/config/bind/bind.widget.php @@ -1,7 +1,7 @@ <?php /* Copyright 2013 Marcello Coutinho - Part of bind package for pfSense(www.pfsense.com) + Part of bind package for pfSense(www.pfsense.org) Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: diff --git a/config/bind/bind.xml b/config/bind/bind.xml index 76fdf523..beb96589 100644 --- a/config/bind/bind.xml +++ b/config/bind/bind.xml @@ -91,42 +91,42 @@ <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/bind/bind.xml</item> + <item>https://packages.pfsense.org/packages/config/bind/bind.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/bind/bind_views.xml</item> + <item>https://packages.pfsense.org/packages/config/bind/bind_views.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/bind/bind_zones.xml</item> + <item>https://packages.pfsense.org/packages/config/bind/bind_zones.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/bind/bind_acls.xml</item> + <item>https://packages.pfsense.org/packages/config/bind/bind_acls.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/bind/bind.inc</item> + <item>https://packages.pfsense.org/packages/config/bind/bind.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/bind/bind_sync.xml</item> + <item>https://packages.pfsense.org/packages/config/bind/bind_sync.xml</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/shortcuts/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/bind/pkg_bind.inc</item> + <item>https://packages.pfsense.org/packages/config/bind/pkg_bind.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/www/widgets/widgets/</prefix> <chmod>0755</chmod> - <item>http://www.pfsense.org/packages/config/bind/bind.widget.php</item> + <item>https://packages.pfsense.org/packages/config/bind/bind.widget.php</item> </additional_files_needed> <fields> <field> @@ -160,7 +160,7 @@ <field> <fielddescr>Hide Version</fielddescr> <fieldname>bind_hide_version</fieldname> - <description>Hide the version of BIND, this prevents discover the version of our servers, use any exploit that exploits a vulnerability in Bind.</description> + <description>Hide the version of BIND (do not process queries to version.bind at all). This makes it more difficult to exploit the server.</description> <type>checkbox</type> </field> <field> diff --git a/config/bind/bind_acls.xml b/config/bind/bind_acls.xml index b8d10158..dbd9e29d 100644 --- a/config/bind/bind_acls.xml +++ b/config/bind/bind_acls.xml @@ -108,7 +108,7 @@ <type>input</type> </field> <field> - <fielddescr>Enter IP or range bloc network.</fielddescr> + <fielddescr>Enter IP or range block network.</fielddescr> <description>Leave blank to allow All</description> <fieldname>none</fieldname> <type>rowhelper</type> diff --git a/config/bind/bind_zones.xml b/config/bind/bind_zones.xml index be4da9cf..3506df63 100644 --- a/config/bind/bind_zones.xml +++ b/config/bind/bind_zones.xml @@ -126,7 +126,7 @@ <fieldname>name</fieldname> <description><![CDATA[Enter the name for zone (ex:mydomain.com)<br> For reverse zones, include zone ip in reverse order or following your provider instructions.(Ex: 1.168.192)<br> - IN-ADDR.ARPA will be automaticaly included on conf files when reveser zone option is checked.]]></description> + IN-ADDR.ARPA will be automaticaly included on conf files when reverse zone option is checked.]]></description> <type>input</type> <required/> </field> |