diff options
-rw-r--r-- | config/bind/bind.inc | 605 | ||||
-rw-r--r-- | config/bind/bind.xml | 231 | ||||
-rw-r--r-- | config/bind/bind_acls.xml | 138 | ||||
-rw-r--r-- | config/bind/bind_sync.xml | 130 | ||||
-rw-r--r-- | config/bind/bind_views.xml | 168 | ||||
-rw-r--r-- | config/bind/bind_zones.xml | 382 | ||||
-rw-r--r-- | config/bind/pkg_bind.inc | 11 |
7 files changed, 1665 insertions, 0 deletions
diff --git a/config/bind/bind.inc b/config/bind/bind.inc new file mode 100644 index 00000000..65d3c4f7 --- /dev/null +++ b/config/bind/bind.inc @@ -0,0 +1,605 @@ +<?PHP +/* $Id$ */ +/* + bind.inc + part of the Bind package for pfSense + Copyright (C) 2013 Juliano Oliveira/Adriano Brancher + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + +*/ +$shortcut_section = "bind"; +require_once('globals.inc'); +require_once('config.inc'); +require_once('util.inc'); +require_once('pfsense-utils.inc'); +require_once('pkg-utils.inc'); +require_once('service-utils.inc'); +if(!function_exists("filter_configure")) + require_once("filter.inc"); + +function bind_sync(){ + + global $config; + + $bind = $config["installedpackages"]["bind"]["config"][0]; + $bind_enable = $bind['enable_bind']; + $bind_forwarder = $bind['bind_forwarder']; + $forwader_ips = $bind['bind_forwader_ips']; + $ram_limite = $bind['bind_ram_limite']; + $hide_version = $bind['bind_hide_version']; + $bind_notify = $bind['bind_notify']; + $custom_options = base64_decode($bind['bind_custom_options']); + $bind_logging = $bind['bind_logging']; + + + $bind_conf ="#Bind pfsense configuration\n"; + $bind_conf .="#Do not edit this file!!!\n"; +$bind_conf .= <<<EOD + + options { + directory "/etc/namedb"; + pid-file "/var/run/named/pid"; + statistics-file "/var/log/named.stats"; + + max-cache-size $ram_limite;\n +EOD; + + //check ips to listen on + if (preg_match("/All/",$bind['listenon'])){ + $bind_listenonv6="Any;"; + $bind_listenon="Any;"; + } + else{ + $bind_listenonv6=""; + $bind_listenon =""; + foreach (explode(',',$bind['listenon']) as $listenon){ + if (is_ipaddrv6($listenon)) + $bind_listenonv6 .= $listenon."; "; + elseif (is_ipaddr($listenon)) + $bind_listenon .= $listenon."; "; + else{ + $listenon=(pfSense_get_interface_addresses(convert_friendly_interface_to_real_interface_name($listenon))); + if (is_ipaddr($listenon['ipaddr'])) + $bind_listenon .= $listenon['ipaddr']."; "; + elseif(is_ipaddrv6($listenon['ipaddr'])) + $bind_listenonv6 .= $listenon['ipaddr']."; "; + } + } + } + $bind_listenonv6=($bind_listenonv6==""?"none;":$bind_listenonv6); + $bind_listenon=($bind_listenon==""?"none;":$bind_listenon); + print "<PRE>$bind_listenonv6 $bind_listenon"; + if (key_exists("ipv6allow",$config['system'])){ + $bind_conf .="\t\tlisten-on-v6 { $bind_listenonv6 };\n"; + } + $bind_conf .="\t\tlisten-on { $bind_listenon };\n"; + + #forwarder config + if ($bind_forwarder == on) + $bind_conf .="\t\tforwarders { $forwader_ips };\n"; + if ($bind_notify == on) + $bind_conf .="\t\tnotify yes;\n"; + if ($hide_version == on) + $bind_conf .="\t\tversion \"N/A\";\n"; + + $bind_conf .="\t\t$custom_options\n"; + $bind_conf .= "\t};\n\n"; + + if ($bind_logging == on){ +$bind_conf .= <<<EOD + + logging { + channel custom { + file "/var/log/named.log"; + print-time yes; + print-category yes; + }; + + category config {custom;}; + category notify {custom;}; + category dnssec {custom;}; + category general {custom;}; + category security {custom;}; + category xfer-out {custom;}; + category lame-servers {custom;}; + }; + +EOD; + } + + + #Config Zone domain + if(is_array($config["installedpackages"]["bindacls"])) + $bindacls = $config["installedpackages"]["bindacls"]["config"]; + else + $bindacls =array(); + + for ($i=0; $i<sizeof($bindacls); $i++) + { + $aclname = $bindacls[$i]['name']; + $aclhost = $bindacls[$i]['row']; + if($aclname != "any"){ + $bind_conf .= "acl \"$aclname\" {\n"; + for ($u=0; $u<sizeof($aclhost); $u++) + { + $aclhostvalue = $aclhost[$u]['value']; + $bind_conf .= "\t$aclhostvalue;\n"; + } + $bind_conf .= "};\n\n"; + } + } + + if(is_array($config["installedpackages"]["bindviews"])) + $bindview = $config["installedpackages"]["bindviews"]["config"]; + else + $bindview =array(); + + for ($i=0; $i<sizeof($bindview); $i++) + { + $views = $config["installedpackages"]["bindviews"]["config"][$i]; + $viewname = $views['name']; + $viewrecursion = $views['recursion']; + if($views['match-clients'] == '') + $viewmatchclients = "none"; + else + $viewmatchclients = str_replace(',','; ',$views['match-clients']); + if($views['allow-recursion'] == '') + $viewallowrecursion = "none"; + else + $viewallowrecursion = str_replace(',','; ',$views['allow-recursion']); + $viewcustomoptions = $views['bind_custom_options']; + + $bind_conf .= "view \"$viewname\" { \n\n"; + $bind_conf .= "\trecursion $viewrecursion;\n"; + $bind_conf .= "\tmatch-clients { $viewmatchclients;};\n"; + $bind_conf .= "\tallow-recursion { $viewallowrecursion;};\n"; + $bind_conf .= "\t$viewcustomoptions\n\n"; + + $bind_conf .="\tzone \".\" {\n"; + $bind_conf .="\t\ttype hint;\n"; + $bind_conf .="\t\tfile \"/etc/namedb/named.root\";\n"; + $bind_conf .= "\t};\n\n"; + + for ($x=0; $x<sizeof($config["installedpackages"]["bindzone"]["config"]); $x++) + { + $zone = $config["installedpackages"]["bindzone"]["config"][$x]; + + $zonename = $zone['name']; + $zonetype = $zone['type']; + $zoneview = $zone['view']; + $zonecuston = $zone['custon']; + $zoneipslave = $zone['slaveip']; + $zonereverso = $zone['reverso']; + if($zone['allowupdate'] == '') + $zoneallowupdate = "none"; + else + $zoneallowupdate = str_replace(',','; ',$zone['allowupdate']); + if($zone['allowquery'] == '') + $zoneallowquery = "none"; + else + $zoneallowquery = str_replace(',','; ',$zone['allowquery']); + if($zone['allowtransfer'] == '') + $zoneallowtransfer = "none"; + else + $zoneallowtransfer = str_replace(',','; ',$zone['allowtransfer']); + + if ($zoneview == $viewname) + { + if($zonereverso == "on") + $bind_conf .= "\tzone \"$zonename.in-addr.arpa\" {\n"; + else + $bind_conf .= "\tzone \"$zonename\" {\n"; + + $bind_conf .= "\t\ttype $zonetype;\n"; + $bind_conf .= "\t\tfile \"/etc/namedb/$zonetype/$zoneview/$zonename.DB\";\n"; + if ($zonetype == "slave") + $bind_conf .= "\t\tmasters { $zoneipslave };\n"; + if ($zonetype != "slave") + $bind_conf .= "\t\tallow-update { $zoneallowupdate;};\n"; + if ($zonetype != "slave") + $bind_conf .= "\t\tallow-query { $zoneallowquery;};\n"; + if ($zonetype != "slave") + $bind_conf .= "\t\tallow-transfer { $zoneallowtransfer;};\n"; + if ($zonecuston != '') + $bind_conf .= "\t\t$zonecuston\n"; + $bind_conf .= "\t};\n\n"; + + if (!(file_exists("/etc/namedb/$zonetype"))) { + mwexec("mkdir /etc/namedb/$zonetype"); + } + + if (!(file_exists("/etc/namedb/$zonetype/$zoneview"))) { + mwexec("mkdir /etc/namedb/$zonetype/$zoneview"); + } + + if ($zonetype == "master"){ + $zonetll = $zone['tll']; + $zonemail = $zone['mail']; + $zoneserial = $zone['serial']; + $zonerefresh = $zone['refresh']; + $zoneretry = $zone['retry']; + $zoneexpire = $zone['expire']; + $zoneminimum = $zone['minimum']; + $zonenameserver = $zone['nameserver']; + $zoneipns = $zone['ipns']; + $zonereverso = $zone['reverso']; + if($zone['allowupdate'] == '') + $zoneallowupdate = "none"; + else + $zoneallowupdate = str_replace(',','; ',$zone['allowupdate']); + if($zone['allowquery'] == '') + $zoneallowquery = "none"; + else + $zoneallowquery = str_replace(',','; ',$zone['allowquery']); + if($zone['allowtransfer'] == '') + $zoneallowtransfer = "none"; + else + $zoneallowtransfer = str_replace(',','; ',$zone['allowtransfer']); + $zone_conf = ";$zonename\n"; + $zone_conf .= "\$TTL $zonetll\n\n"; + + if($zonereverso == "on") + $zone_conf .= "@\t IN SOA $zonenameserver. \t $zonemail. (\n"; + else + $zone_conf .= "$zonename.\t IN SOA $zonenameserver. \t $zonemail. (\n"; + + $zone_conf .= "\t$zoneserial\n"; + $zone_conf .= "\t$zonerefresh\n"; + $zone_conf .= "\t$zoneretry\n"; + $zone_conf .= "\t$zoneexpire\n"; + $zone_conf .= "\t$zoneminimum)\n\n"; + + if($zonereverso == "on") + $zone_conf .= "\t IN NS \t\t$zonenameserver.\n"; + else{ + $zone_conf .= "@ \t IN NS \t\t$zonenameserver.\n"; + $zone_conf .= "@ \t IN A \t\t$zoneipns\n"; + } + for ($y=0; $y<sizeof($zone['row']); $y++) + { + $hostname = $zone['row'][$y]['hostname']; + $hosttype = $zone['row'][$y]['hosttype']; + $hostdst = $zone['row'][$y]['hostdst']; + $hostvalue = $zone['row'][$y]['hostvalue']; + + $zone_conf .= "$hostname \t IN $hosttype $hostvalue \t$hostdst\n"; + } + file_put_contents("/etc/namedb/$zonetype/$zoneview/$zonename.DB", $zone_conf); + + #reader file domain zone + #reader file host definition + } + } + } + + $bind_conf .= "};\n"; + } + if (!is_dir("/etc/namedb")) + mkdir("/etc/namedb",0755); + file_put_contents('/etc/namedb/named.conf', $bind_conf); + + + if($bind_enable == "on") + mwexec("/usr/local/etc/rc.d/named.sh restart"); + else + mwexec("/usr/local/etc/rc.d/named.sh stop"); +} + +function bind_print_javascript_type_zone(){ +?> + <script language="JavaScript"> + <!-- + function on_type_zone_changed() { + + var field = document.iform.type; + var tipo = field.options[field.selectedIndex].value; + if (tipo == 'master') { + + document.iform.slaveip.disabled = 1; + document.iform.tll.disabled = 0; + document.iform.nameserver.disabled = 0; + document.iform.ipns.disabled = 0; + document.iform.mail.disabled = 0; + document.iform.serial.disabled = 0; + document.iform.refresh.disabled = 0; + document.iform.retry.disabled = 0; + document.iform.expire.disabled = 0; + document.iform.minimum.disabled = 0; + + } + else { + document.iform.slaveip.disabled = 0; + document.iform.tll.disabled = 1; + document.iform.nameserver.disabled = 1; + document.iform.ipns.disabled = 1; + document.iform.mail.disabled = 1; + document.iform.serial.disabled = 1; + document.iform.refresh.disabled = 1; + document.iform.retry.disabled = 1; + document.iform.expire.disabled = 1; + document.iform.minimum.disabled = 1; + } + } + --> + </script> +<?php +} + +function bind_print_javascript_type_zone2(){ + print("<script language=\"JavaScript\">on_type_zone_changed()</script>\n"); +} + +# Carregar o campo com os dados da views +# ----------------------------------------------------------------------------- + +function get_bind_conf_items_list($data_group, $fieldname) { + global $config; + $res = ''; + if (is_array($config["installedpackages"][$data_group])){ + $conf = $config["installedpackages"][$data_group]["config"]; + if (is_array($conf)) + foreach($conf as $cf) $res[] = $cf[$fieldname]; + } + return $res; +} + +# Carregar o campo com os dados da views +# ----------------------------------------------------------------------------- + +function bind_views_before_form_dest($pkg,$data_group,$fieldname,$dest) { + + $destination_items = get_bind_conf_items_list($data_group,$fieldname); + $i=0; + if (is_array($pkg['fields']['field'])) + foreach($pkg['fields']['field'] as $field) { + # + if ($field['fieldname'] == $dest) { + $fld = &$pkg['fields']['field'][$i]; + if (is_array($destination_items)) + foreach($destination_items as $nmkey => $nm) + $fld['options']['option'][] = array('name'=>ucfirst(strtolower($nm)), 'value'=>strtolower($nm)); + } + $i++; + } +} + +# Analizador do serial da zona de dns +# ----------------------------------------------------------------------------- + +function get_bind_conf_serial($data_group, $fieldname) { + global $config; + $res = ''; + if (is_array($config["installedpackages"][$data_group])){ + $conf = $config["installedpackages"][$data_group]["config"]; + if (is_array($conf)) + foreach($conf as $cf) $res[] = $cf[$fieldname]; + } + return $res; +} + +# Carregar o campo com os dados da views +# ----------------------------------------------------------------------------- + +function bind_zona_before_form_dest($pkg,$data_group,$fieldname,$dest) { + + $destination_items = get_bind_conf_serial($data_group,$fieldname); + $i=0; + if (is_array($pkg['fields']['field'])) + foreach($pkg['fields']['field'] as $field) { + # + if ($field['fieldname'] == $dest) { + $fld = &$pkg['fields']['field'][$i]; + $fld['default_value'] = date("Y")."000000"; + #$fld['value'] = date("Ymdhms")."boa"; + } + $i++; + } +} +function bind_write_rcfile() { + $rc = array(); + $BIND_LOCALBASE = "/usr/local"; + $rc['file'] = 'named.sh'; + $rc['start'] = <<<EOD +if [ -z "`ps auxw | grep "[n]amed -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then + {$BIND_LOCALBASE}/sbin/named -c /etc/namedb/named.conf -u bind +fi + +EOD; + $rc['stop'] = <<<EOD +killall -9 named 2>/dev/null +sleep 2 +EOD; + $rc['restart'] = <<<EOD +if [ -z "`ps auxw | grep "[n]amed -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then + {$BIND_LOCALBASE}/sbin/named -c /etc/namedb/named.conf -u bind + else + killall -9 named 2>/dev/null + sleep 3 + $BIND_LOCALBASE}/sbin/named -c /etc/namedb/named.conf -u bind + fi + +EOD; + conf_mount_rw(); + write_rcfile($rc); + conf_mount_ro(); +} + +function create_log_file(){ + mwexec("touch /var/log/named.log"); + mwexec("chown bind:bind /var/log/named.log"); + mwexec("chmod 755 /var/log/named.log"); +} + +function delete_log_file(){ + mwexec("rm /var/log/named.log"); +} +/* Uses XMLRPC to synchronize the changes to a remote node */ +function bind_sync_on_changes() { + global $config, $g; + if (is_array($config['installedpackages']['bind']['config'])){ + $bind_sync=$config['installedpackages']['bind']['config'][0]; + $synconchanges = $bind_sync['synconchanges']; + $synctimeout = $bind_sync['synctimeout']; + switch ($synconchanges){ + case "manual": + if (is_array($bind_sync[row])){ + $rs=$bind_sync[row]; + } + else{ + log_error("[bind] xmlrpc sync is enabled but there is no hosts to push on bind config."); + return; + } + break; + case "auto": + if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){ + $system_carp=$config['installedpackages']['carpsettings']['config'][0]; + $rs[0]['ipaddress']=$system_carp['synchronizetoip']; + $rs[0]['username']=$system_carp['username']; + $rs[0]['password']=$system_carp['password']; + } + else{ + log_error("[bind] xmlrpc sync is enabled but there is no system backup hosts to push bind config."); + return; + } + break; + default: + return; + break; + } + if (is_array($rs)){ + log_error("[bind] xmlrpc sync is starting."); + foreach($rs as $sh){ + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + if($sh['username']) + $username = $sh['username']; + else + $username = 'admin'; + if($password && $sync_to_ip) + bind_do_xmlrpc_sync($sync_to_ip, $username, $password,$synctimeout); + } + log_error("[bind] xmlrpc sync is ending."); + } + } +} +/* Do the actual XMLRPC sync */ +function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout) { + global $config, $g; + + if(!$username) + return; + + if(!$password) + return; + + if(!$sync_to_ip) + return; + + if(!$synctimeout) + $synctimeout=25; + + + $xmlrpc_sync_neighbor = $sync_to_ip; + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + $synchronizetoip .= $sync_to_ip; + + /* xml will hold the sections to sync */ + $xml = array(); + $xml['bind'] = $config['installedpackages']['bind']; + $xml['bindacls'] = $config['installedpackages']['bindacls']; + $xml['bindviews'] = $config['installedpackages']['bindviews']; + $xml['bindzone'] = $config['installedpackages']['bindzone']; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($xml) + ); + + /* set a few variables needed for sync code borrowed from filter.inc */ + $url = $synchronizetoip; + log_error("[bind] Beginning bind XMLRPC sync to {$url}:{$port}."); + $method = 'pfsense.merge_installedpackages_section_xmlrpc'; + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + if($g['debug']) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after defined sync timeout value*/ + $resp = $cli->send($msg, $synctimeout); + if(!$resp) { + $error = "A communications error occurred while attempting bind XMLRPC sync with {$url}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "bind Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, $synctimeout); + $error = "An error code was received while attempting bind XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "bind Settings Sync", ""); + } else { + log_error("[bind] XMLRPC sync successfully completed with {$url}:{$port}."); + } + + /* tell bind to reload our settings on the destination sync host. */ + $method = 'pfsense.exec_php'; + $execcmd = "require_once('/usr/local/pkg/bind.inc');\n"; + $execcmd .= "bind_sync('yes');"; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("[bind] XMLRPC reload data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + $resp = $cli->send($msg, $synctimeout); + if(!$resp) { + $error = "A communications error occurred while attempting bind XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("sync_settings", $error, "Bind Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, $synctimeout); + $error = "[Bind] An error code was received while attempting bind XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "bind Settings Sync", ""); + } else { + log_error("Bind XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } + +} +?> diff --git a/config/bind/bind.xml b/config/bind/bind.xml new file mode 100644 index 00000000..4e0c4326 --- /dev/null +++ b/config/bind/bind.xml @@ -0,0 +1,231 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + bind.xml + part of pfSense (http://www.pfSense.com) + part of the Bind package for pfSense + Copyright (C) 2013 Juliano Oliveira/Adriano Brancher + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>bind</name> + <version>1.0</version> + <title>Bind: Domain Named Settings</title> + <include_file>/usr/local/pkg/bind.inc</include_file> + <menu> + <name>Bind Server</name> + <tooltiptext>Modify Bind settings</tooltiptext> + <section>Services</section> + <url>/pkg_edit.php?xml=bind.xml</url> + </menu> + <service> + <name>named</name> + <rcfile>named.sh</rcfile> + <executable>named</executable> + <description>Domain Name Service</description> + </service> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=bind.xml</url> + <active/> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=bind_acls.xml</url> + </tab> + <tab> + <text>Views</text> + <url>/pkg.php?xml=bind_views.xml</url> + </tab> + <tab> + <text>Zones</text> + <url>/pkg.php?xml=bind_zones.xml</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=bind_sync.xml</url> + </tab> + + </tabs> + <!-- Installation --> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.useb.org.br/packages/config/bind/bind.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.useb.org.br/packages/config/bind/bind_views.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/bind/bind_zones.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/bind/bind_acls.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/bind/bind.inc</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/pkg/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/bind/bind_sync.xml</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/shortcuts/</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.org/packages/config/bind/pkg_bind.inc</item> + </additional_files_needed> + <fields> + <field> + <fielddescr>Enable Bind</fielddescr> + <fieldname>enable_bind</fieldname> + <description>Enable DNS Bind on Server.</description> + <type>checkbox</type> + <required/> + </field> + <field> + <fielddescr>Enable logging</fielddescr> + <fieldname>bind_logging</fieldname> + <description>Enable Bind logs, /var/log/named.log</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Enable Notify</fielddescr> + <fieldname>bind_notify</fieldname> + <description>Update imediaty slave zone</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Hide Version</fielddescr> + <fieldname>bind_hide_version</fieldname> + <description>Hide the version of BIND, this prevents discover the version of our servers, use any exploit that exploits a vulnerability in Bind.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Limitar Memory RAM</fielddescr> + <fieldname>bind_ram_limite</fieldname> + <description>Limits the use of RAM for the DNS when much use does not exhaust the resources of the machine, recommend 256M</description> + <type>input</type> + <size>80</size> + <default_value>256M</default_value> + </field> + <field> + <type>listtopic</type> + <name>Listen on Interfaces</name> + <fieldname>temp01</fieldname> + </field> + <field> + <fielddescr>Listen-on</fielddescr> + <fieldname>listenon</fieldname> + <description>Enable Named to listen on</description> + <type>interfaces_selection</type> + <showlistenall/> + <showvirtualips/> + <multiple/> + </field> + <field> + <type>listtopic</type> + <name>Forwarder Config</name> + <fieldname>temp01</fieldname> + </field> + <field> + <fielddescr>Forwarder</fielddescr> + <fieldname>bind_forwarder</fieldname> + <description>Forwardes enable DNS Bind on Server.</description> + <type>checkbox</type> + <enablefields>bind_forwader_ips</enablefields> + </field> + <field> + <fielddescr>Forwarder IPs</fielddescr> + <fieldname>bind_forwader_ips</fieldname> + <description>Paste here ips do forwarder. Separate by semi-colons (;). [Applies only to Forwarder mode]</description> + <type>input</type> + <size>80</size> + </field> + <field> + <type>listtopic</type> + <name>Custon Options</name> + <fieldname>temp01</fieldname> + </field> + <field> + <fielddescr>Custom Options</fielddescr> + <fieldname>bind_custom_options</fieldname> + <description><![CDATA[You can put your own custom options here, one per line.<br> + They'll be added to the configuration. They need to be named.conf native options.]]> + </description> + <type>textarea</type> + <cols>65</cols> + <rows>5</rows> + <encoding>base64</encoding> + </field> + </fields> + <custom_php_after_head_command> + </custom_php_after_head_command> + <custom_php_command_before_form> + bind_views_before_form_dest(&$pkg,"bindacls","name","listenonv6"); + bind_views_before_form_dest(&$pkg,"bindacls","name","listenon"); + </custom_php_command_before_form> + <custom_add_php_command> + </custom_add_php_command> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_php_resync_config_command> + bind_sync(); + </custom_php_resync_config_command> + <custom_php_install_command> + bind_write_rcfile(); + create_log_file(); + </custom_php_install_command> + <custom_php_deinstall_command> + delete_log_file(); + </custom_php_deinstall_command> + <filter_rules_needed></filter_rules_needed> +</packagegui> diff --git a/config/bind/bind_acls.xml b/config/bind/bind_acls.xml new file mode 100644 index 00000000..b8d10158 --- /dev/null +++ b/config/bind/bind_acls.xml @@ -0,0 +1,138 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + bind_acls.xml + part of pfSense (http://www.pfSense.com) + part of the Bind package for pfSense + Copyright (C) 2013 Juliano Oliveira/Adriano Brancher + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>bindacls</name> + <version>0.1.0</version> + <title>Bind: ACLs Settings</title> + <include_file>/usr/local/pkg/bind.inc</include_file> + <menu> + <name>Bind Server</name> + <tooltiptext></tooltiptext> + <section>Services</section> + <configfile>bind.xml</configfile> + </menu> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=bind.xml</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=bind_acls.xml</url> + <active/> + </tab> + <tab> + <text>Views</text> + <url>/pkg.php?xml=bind_views.xml</url> + </tab> + <tab> + <text>Zones</text> + <url>/pkg.php?xml=bind_zones.xml</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=bind_sync.xml</url> + </tab> + </tabs> + <configpath>['installedpackages']['bindacls']['config']</configpath> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>ACL</fielddescr> + <fieldname>name</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + </columnitem> + <movable>on</movable> + </adddeleteeditpagefields> + <!-- fields gets invoked when the user adds or edits a item. the following items + will be parsed and rendered for the user as a gui with input, and selectboxes. --> + <fields> + <field> + <fielddescr>ACL Name</fielddescr> + <fieldname>name</fieldname> + <description>Enter name ACL.</description> + <type>input</type> + <required/> + </field> + <field> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + <description>Enter the description for this ACL.</description> + <type>input</type> + </field> + <field> + <fielddescr>Enter IP or range bloc network.</fielddescr> + <description>Leave blank to allow All</description> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>Value</fielddescr> + <fieldname>value</fieldname> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + <type>input</type> + <size>20</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_command_before_form> + </custom_php_command_before_form> + <custom_delete_php_command> + </custom_delete_php_command> + <custom_php_resync_config_command> + bind_sync(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/bind/bind_sync.xml b/config/bind/bind_sync.xml new file mode 100644 index 00000000..7fde2eb5 --- /dev/null +++ b/config/bind/bind_sync.xml @@ -0,0 +1,130 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + bind_sync.xml + part of the sarg package for pfSense + Copyright (C) 2013 Marcello Coutinho + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code MUST retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>bindsync</name> + <version>1.0</version> + <title>Bind: XMLRPC Sync</title> + <include_file>/usr/local/pkg/bind.inc</include_file> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=bind.xml</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=bind_acls.xml</url> + </tab> + <tab> + <text>Views</text> + <url>/pkg.php?xml=bind_views.xml</url> + </tab> + <tab> + <text>Zones</text> + <url>/pkg.php?xml=bind_zones.xml</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg.php?xml=bind_sync.xml</url> + <active/> + </tab> + </tabs> + <fields> + <field> + <name>XMLRPC Sync</name> + <type>listtopic</type> + </field> + <field> + <fielddescr>Automatically sync bind configuration changes</fielddescr> + <fieldname>synconchanges</fieldname> + <description>Select a sync method for bind.</description> + <type>select</type> + <required/> + <default_value>auto</default_value> + <options> + <option><name>Sync to configured system backup server</name><value>auto</value></option> + <option><name>Sync to host(s) defined below</name><value>manual</value></option> + <option><name>Do not sync this package configuration</name><value>disabled</value></option> + </options> + </field> + <field> + <fielddescr>Sync timeout</fielddescr> + <fieldname>synctimeout</fieldname> + <description>Select sync max wait time</description> + <type>select</type> + <required/> + <default_value>25</default_value> + <options> + <option><name>30 seconds(Default)</name><value>30</value></option> + <option><name>60 seconds</name><value>60</value></option> + <option><name>90 seconds</name><value>90</value></option> + <option><name>250 seconds</name><value>250</value></option> + <option><name>120 seconds</name><value>120</value></option> + </options> + </field> + <field> + <fielddescr>Remote Server</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>IP Address</fielddescr> + <fieldname>ipaddress</fieldname> + <description>IP Address of remote server</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Password</fielddescr> + <fieldname>password</fieldname> + <description>Password for remote server.</description> + <type>password</type> + <size>20</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_validation_command> + </custom_php_validation_command> + <custom_php_resync_config_command> + </custom_php_resync_config_command> +</packagegui> diff --git a/config/bind/bind_views.xml b/config/bind/bind_views.xml new file mode 100644 index 00000000..2ff19c85 --- /dev/null +++ b/config/bind/bind_views.xml @@ -0,0 +1,168 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + bind_zone.xml + part of pfSense (http://www.pfSense.com) + part of the Bind package for pfSense + Copyright (C) 2013 Juliano Oliveira/Adriano Brancher + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>bindviews</name> + <version>0.1.0</version> + <title>Bind: Views Settings</title> + <include_file>/usr/local/pkg/bind.inc</include_file> + <!-- Menu is where this packages menu will appear --> + <menu> + <name>Bind Server</name> + <tooltiptext></tooltiptext> + <section>Services</section> + <configfile>bind.xml</configfile> + </menu> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=bind.xml</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=bind_acls.xml</url> + </tab> + <tab> + <text>Views</text> + <url>/pkg.php?xml=bind_views.xml</url> + <active/> + </tab> + <tab> + <text>Zones</text> + <url>/pkg.php?xml=bind_zones.xml</url> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=bind_sync.xml</url> + </tab> + </tabs> +<!-- configpath gets expanded out automatically and config items will be + stored in that location --> + <configpath>['installedpackages']['bindviews']['config']</configpath> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>View</fielddescr> + <fieldname>name</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + </columnitem> + <movable>on</movable> + </adddeleteeditpagefields> + <!-- fields gets invoked when the user adds or edits a item. the following items + will be parsed and rendered for the user as a gui with input, and selectboxes. --> + <fields> + <field> + <fielddescr>View Name</fielddescr> + <fieldname>name</fieldname> + <description>Enter the name of the View.</description> + <type>input</type> + <required/> + </field> + <field> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + <description>Enter a description of the View.</description> + <type>input</type> + </field> + <field> + <fielddescr>Recursion</fielddescr> + <fieldname>recursion</fieldname> + <description>A recursive query occurs when your DNS server is queried for a domain that it currently knows nothing about, in which case it will try to resolve the given host by performing further queries (eg by starting at the root servers and working out, or by simply passing the request to yet another DNS server).</description> + <type>select</type> + <options> + <option><name>No</name><value>no</value></option> + <option><name>Yes</name><value>yes</value></option> + </options> + </field> + <field> + <fielddescr>Match-clients</fielddescr> + <fieldname>match-clients</fieldname> + <description>If either or both of match-clients are missing they default to any (all hosts match). The match-clients statement defines the address_match_list for the source IP address of the incoming messages.</description> + <type>select_source</type> + <source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source> + <source_name>name</source_name> + <source_value>name</source_value> + <multiple/> + <size>03</size> + </field> + <field> + <fielddescr>Allow-recursion</fielddescr> + <fieldname>allow-recursion</fieldname> + <description>For example, if you have one DNS server serving your local network, you may want all of your local computers to use your DNS server.</description> + <type>select_source</type> + <source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source> + <source_name>name</source_name> + <source_value>name</source_value> + <multiple/> + <size>03</size> + </field> + <field> + <type>listtopic</type> + <name>Custom Views </name> + <fieldname>temp</fieldname> + </field> + <field> + <fielddescr>Custom Options</fielddescr> + <fieldname>bind_custom_options</fieldname> + <description>You can put your own custom options here, separated by semi-colons (;).</description> + <type>textarea</type> + <cols>65</cols> + <rows>5</rows> + </field> + </fields> + <custom_php_command_before_form> + bind_views_before_form_dest(&$pkg,"bindacls","name","match-clients"); + bind_views_before_form_dest(&$pkg,"bindacls","name","allow-recursion"); + </custom_php_command_before_form> + <custom_delete_php_command> + </custom_delete_php_command> + <custom_php_resync_config_command> + bind_sync(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/bind/bind_zones.xml b/config/bind/bind_zones.xml new file mode 100644 index 00000000..577b6cad --- /dev/null +++ b/config/bind/bind_zones.xml @@ -0,0 +1,382 @@ +<?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<packagegui> + <copyright> + <![CDATA[ +/* $Id$ */ +/* ========================================================================== */ +/* + bind_zone.xml + part of pfSense (http://www.pfSense.com) + part of the Bind package for pfSense + Copyright (C) 2013 Juliano Oliveira/Adriano Brancher + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + ]]> + </copyright> + <description>Describe your package here</description> + <requirements>Describe your package requirements here</requirements> + <faq>Currently there are no FAQ items provided.</faq> + <name>bindzone</name> + <version>none</version> + <title>Bind: Zones Settings</title> + <include_file>/usr/local/pkg/bind.inc</include_file> + <!-- Menu is where this packages menu will appear --> + <menu> + <name>Bind Server</name> + <tooltiptext></tooltiptext> + <section>Services</section> + <configfile>bind.xml</configfile> + </menu> + <tabs> + <tab> + <text>Settings</text> + <url>/pkg_edit.php?xml=bind.xml</url> + </tab> + <tab> + <text>ACLs</text> + <url>/pkg.php?xml=bind_acls.xml</url> + </tab> + <tab> + <text>Views</text> + <url>/pkg.php?xml=bind_views.xml</url> + </tab> + <tab> + <text>Zones</text> + <url>/pkg.php?xml=bind_zones.xml&id=0</url> + <active/> + </tab> + <tab> + <text>Sync</text> + <url>/pkg_edit.php?xml=bind_sync.xml</url> + </tab> + </tabs> + <!-- configpath gets expanded out automatically and config items will be + stored in that location --> + <configpath>['installedpackages']['bindzone']['config']</configpath> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Zones Name</fielddescr> + <fieldname>name</fieldname> + </columnitem> + <columnitem> + <fielddescr>Zonas Type</fielddescr> + <fieldname>type</fieldname> + </columnitem> + <columnitem> + <fielddescr>View Name</fielddescr> + <fieldname>view</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + </columnitem> + <movable>on</movable> + </adddeleteeditpagefields> + <!-- fields gets invoked when the user adds or edits a item. the following items + will be parsed and rendered for the user as a gui with input, and selectboxes. --> + <fields> + <field> + <type>listtopic</type> + <name>Domain Zone Configuration</name> + <fieldname>temp01</fieldname> + </field> + <field> + <fielddescr>Zone Name:</fielddescr> + <fieldname>name</fieldname> + <description>Enter the name for zone (ex:exemple.com.br)</description> + <type>input</type> + <required/> + </field> + <field> + <fielddescr>Zonas Type</fielddescr> + <fieldname>type</fieldname> + <description>Select the type that zone to Master Primary DNS, Secondary DNS to select Slave.</description> + <type>select</type> + <options> + <option> + <name>Master</name> + <value>master</value> + <enablefields>description</enablefields> + </option> + <option> + <name>Slave</name> + <value>slave</value> + <enablefields>ttl</enablefields> + </option> + </options> + <onchange>on_type_zone_changed()</onchange> + <required/> + </field> + <field> + <fielddescr>View</fielddescr> + <fieldname>view</fieldname> + <description><![CDATA[Select the View that this area will belong.]]></description> + <type>select_source</type> + <source><![CDATA[$config['installedpackages']['bindviews']['config']]]></source> + <source_name>name</source_name> + <source_value>name</source_value> + </field> + <field> + <fielddescr>Zone Reverse</fielddescr> + <fieldname>reverso</fieldname> + <description>Enable this if the zone is reverse.</description> + <type>checkbox</type> + </field> + <field> + <fielddescr>Custon Option</fielddescr> + <fieldname>custon</fieldname> + <description>You can put your own custom options here, separated by semi-colons (;).</description> + <type>textarea</type> + <cols>65</cols> + <rows>3</rows> + </field> + <field> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + <description>Enter the description for this zone.</description> + <type>textarea</type> + <cols>65</cols> + <rows>3</rows> + </field> + <field> + <type>listtopic</type> + <name>Slave Zone Configuration </name> + <fieldname>temp04</fieldname> + </field> + <field> + <fielddescr>IP Master Zone</fielddescr> + <fieldname>slaveip</fieldname> + <description>In which case the zone is slave, enter the IP address of the master DNS zone.</description> + <type>input</type> + </field> + <field> + <type>listtopic</type> + <name>Master Zone Configuration </name> + <fieldname>temp03</fieldname> + </field> + <field> + <fielddescr>TLL</fielddescr> + <fieldname>tll</fieldname> + <description>Default expiration time of all resource records without their own TTL value</description> + <type>input</type> + </field> + <field> + <fielddescr>Name Server</fielddescr> + <fieldname>nameserver</fieldname> + <description>Enter ns.example.com is a nameserver for example.com</description> + <type>input</type> + </field> + <field> + <fielddescr>IP Name Server</fielddescr> + <fieldname>ipns</fieldname> + <description>Enter address ip for nameserver</description> + <type>input</type> + </field> + <field> + <fielddescr>Mail Admin Zone</fielddescr> + <fieldname>mail</fieldname> + <description>Enter mail admin zone, is . not @</description> + <type>input</type> + </field> + <field> + <fielddescr>Serial</fielddescr> + <fieldname>serial</fieldname> + <description>Parsed value for the slave to update the DNS Zone</description> + <type>input</type> + </field> + <field> + <fielddescr>Refresh</fielddescr> + <fieldname>refresh</fieldname> + <description>Slave refresh (1 day)</description> + <type>input</type> + <default_value>1d</default_value> + </field> + <field> + <fielddescr>Retry</fielddescr> + <fieldname>retry</fieldname> + <description>Slave retry time in case of a problem (2 hours)</description> + <type>input</type> + <default_value>2h</default_value> + </field> + <field> + <fielddescr>Expire</fielddescr> + <fieldname>expire</fieldname> + <description>Slave expiration time (4 weeks)</description> + <type>input</type> + <default_value>4w</default_value> + </field> + <field> + <fielddescr>Minimum</fielddescr> + <fieldname>minimum</fieldname> + <description>Maximum caching time in case of failed lookups (1 hour)</description> + <type>input</type> + <default_value>1h</default_value> + </field> + <field> + <fielddescr>Allow-update</fielddescr> + <fieldname>allowupdate</fieldname> + <description><![CDATA[Allow-update defines a match list eg IP address(es) that are allowed to submit dynamic updates for 'master' zones ie it enables Dynamic DNS (DDNS).]]></description> + <type>select_source</type> + <source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source> + <source_name>name</source_name> + <source_value>name</source_value> + <multiple/> + <size>03</size> + </field> + <field> + <fielddescr>Allow-query</fielddescr> + <fieldname>allowquery</fieldname> + <description>Allow-query defines an match list of IP address(es) which are allowed to issue queries to the server.</description> + <type>select_source</type> + <source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source> + <source_name>name</source_name> + <source_value>name</source_value> + <multiple/> + <size>03</size> + </field> + <field> + <fielddescr>Allow-transfer</fielddescr> + <fieldname>allowtransfer</fieldname> + <description>Allow-transfer defines a match list eg IP address(es) that are allowed to transfer (copy) the zone information from the server (master or slave for the zone). While on its face this may seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys can get all of it anyway. However if the thought of anyone being able to transfer your precious zone file is repugnant, or (and this is far more significant) you are concerned about possible DoS attack initiated by XFER requests, then use the following policy.</description> + <type>select_source</type> + <source><![CDATA[$config['installedpackages']['bindacls']['config']]]></source> + <source_name>name</source_name> + <source_value>name</source_value> + <multiple/> + <size>03</size> + </field> + <field> + <type>listtopic</type> + <name>Hosts Configuration Zone Domain</name> + <fieldname>temp02</fieldname> + </field> + <field> + <fielddescr>Enter the desired host, "Host Name" is the name of the Host: www or pop, "Host Type" simple kind host, "Value" in case the MX priority, "CNAME or IP address" is the destination host.</fielddescr> + <fieldname>none</fieldname> + <type>rowhelper</type> + <rowhelper> + <rowhelperfield> + <fielddescr>Host Name</fielddescr> + <fieldname>hostname</fieldname> + <description>Enter the Host Name (ex: www)</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Host Type</fielddescr> + <fieldname>hosttype</fieldname> + <description>Select Type Host</description> + <type>select</type> + <options> + <option> + <name>A</name> + <value>A</value> + </option> + <option> + <name>AAAA</name> + <value>AAAA</value> + </option> + <option> + <name>DNAME</name> + <value>DNAME</value> + </option> + <option> + <name>MX</name> + <value>MX</value> + </option> + <option> + <name>CNAME</name> + <value>CNAME</value> + </option> + <option> + <name>NS</name> + <value>NS</value> + </option> + <option> + <name>LOC</name> + <value>LOC</value> + </option> + <option> + <name>SRV</name> + <value>SRV</value> + </option> + <option> + <name>PTR</name> + <value>PTR</value> + </option> + <option> + <name>TXT</name> + <value>TXT</value> + </option> + </options> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Value</fielddescr> + <fieldname>hostvalue</fieldname> + <description>MX 10 or 20</description> + <type>input</type> + <size>1</size> + </rowhelperfield> + <rowhelperfield> + <fielddescr>Ip Address or CNAME destination</fielddescr> + <fieldname>hostdst</fieldname> + <description>Enter the IP address or CNAME destination for Domain (ex: 10.31.11.1 or mail.example.com)</description> + <type>input</type> + <size>20</size> + </rowhelperfield> + </rowhelper> + </field> + </fields> + <custom_php_after_form_command> + bind_print_javascript_type_zone2(); + </custom_php_after_form_command> + <custom_php_after_head_command> + bind_print_javascript_type_zone(); + </custom_php_after_head_command> + <custom_php_command_before_form> + bind_views_before_form_dest(&$pkg,"bindacls","name","allowtransfer"); + bind_views_before_form_dest(&$pkg,"bindacls","name","allowquery"); + bind_views_before_form_dest(&$pkg,"bindacls","name","allowupdate"); + bind_views_before_form_dest(&$pkg,"bindviews","name","view"); + bind_zona_before_form_dest(&$pkg,"bindzone","name","serial"); + </custom_php_command_before_form> + <custom_php_validation_command> + $_POST['serial']=$_POST['serial']+1; + </custom_php_validation_command> + <custom_delete_php_command> + bind_sync(); + </custom_delete_php_command> + <custom_php_resync_config_command> + bind_sync(); + </custom_php_resync_config_command> +</packagegui> diff --git a/config/bind/pkg_bind.inc b/config/bind/pkg_bind.inc new file mode 100644 index 00000000..8c79c900 --- /dev/null +++ b/config/bind/pkg_bind.inc @@ -0,0 +1,11 @@ +<?php + +global $shortcuts; + +$shortcuts['bind'] = array(); +$shortcuts['bind']['main'] = "pkg_edit.php?xml=bind.xml"; +$shortcuts['bind']['log'] = "diag_logs.php"; +$shortcuts['bind']['status'] = "status_services.php"; +$shortcuts['bind']['service'] = "bind"; + +?> |