aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/unbound/unbound.inc37
-rwxr-xr-xpkg_config.8.xml2
-rwxr-xr-xpkg_config.8.xml.amd642
3 files changed, 26 insertions, 15 deletions
diff --git a/config/unbound/unbound.inc b/config/unbound/unbound.inc
index fa326574..ebe8fbdf 100644
--- a/config/unbound/unbound.inc
+++ b/config/unbound/unbound.inc
@@ -240,13 +240,15 @@ function unbound_get_network_interface_addresses() {
$unbound_config = $config['installedpackages']['unbound']['config'][0];
$unboundint = explode(",", $unbound_config['active_interface']);
$unbound_interfaces = array();
+ $i = 0;
foreach ($unboundint as $unboundidx => $unboundif) {
- /* Configure IPv4 addresses */
+ /* Configure IPv4 addresses */
if (is_ipaddr($interfaces[$unboundif]['ipaddr'])) {
- $unbound_interfaces['ipv4']['ipaddr'] = $interfaces[$unboundif]['ipaddr'];
- $unbound_interfaces['ipv4']['subnet'] = $interfaces[$unboundif]['subnet'];
- $unbound_interfaces['ipv4']['network'] = gen_subnet($unbound_interfaces['ipv4']['ipaddr'],$unbound_interfaces['ipv4']['subnet']);
+ $unbound_interfaces[$i]['ipv4']['ipaddr'] = $interfaces[$unboundif]['ipaddr'];
+ $unbound_interfaces[$i]['ipv4']['subnet'] = $interfaces[$unboundif]['subnet'];
+ $unbound_interfaces[$i]['ipv4']['network'] = gen_subnet($unbound_interfaces[$i]['ipv4']['ipaddr'],$unbound_interfaces[$i]['ipv4']['subnet']);
+
// Check for CARP addresses and also return those - only IPv4 for now
if (isset($config['virtualip'])) {
if(is_array($config['virtualip']['vip'])) {
@@ -256,20 +258,29 @@ function unbound_get_network_interface_addresses() {
if ($virtual_ip == '') {
log_error("Unbound DNS: There was a problem setting up the Virtual IP for the interface ".link_ip_to_carp_interface($vip['subnet']));
} else {
- $unbound_interfaces['virtual']['ipaddr'] = $virtual_ip;
+ $unbound_interfaces[$i]['virtual']['ipaddr'] = $virtual_ip;
}
}
}
}
}
+ } else if(isset($interfaces[$unboundif]['ipaddr'])) {
+ /* Find the interface IP address for
+ * XXX - this only works for IPv4 currently - the pfSense module needs IPv6 love
+ */
+ $unboundrealif = convert_friendly_interface_to_real_interface_name($unboundif);
+ $unbound_interfaces[$i]['ipv4']['ipaddr'] = find_interface_ip($unboundrealif);
+ $unbound_interfaces[$i]['ipv4']['subnet'] = find_interface_subnet($unboundrealif);
+ $unbound_interfaces[$i]['ipv4']['network'] = gen_subnet($unbound_interfaces[$i]['ipv4']['ipaddr'],$unbound_interfaces[$i]['ipv4']['subnet']);
}
/* Configure IPv6 addresses */
if(is_ipaddr($interfaces[$unboundif]['ipaddrv6'])) {
- $unbound_interfaces['ipv6']['ipaddr'] = $interfaces[$unboundif]['ipaddrv6'];
- $unbound_interfaces['ipv6']['subnet'] = $interfaces[$unboundif]['subnetv6'];
- $unbound_interfaces['ipv6']['network'] = gen_subnetv6($unbound_interfaces['ipv6']['ipaddr'], $unbound_interfaces['ipv6']['subnet']);
+ $unbound_interfaces[$i]['ipv6']['ipaddr'] = $interfaces[$unboundif]['ipaddrv6'];
+ $unbound_interfaces[$i]['ipv6']['subnet'] = $interfaces[$unboundif]['subnetv6'];
+ $unbound_interfaces[$i]['ipv6']['network'] = gen_subnetv6($unbound_interfaces[$i]['ipv6']['ipaddr'], $unbound_interfaces[$i]['ipv6']['subnet']);
}
+ $i++;
}
return $unbound_interfaces;
}
@@ -305,9 +316,11 @@ function unbound_resync_config() {
$unbound_bind_interfaces = "";
$unbound_allowed_networks = "";
$unboundnetcfg = unbound_get_network_interface_addresses();
- foreach($unboundnetcfg as $netcfgidx => $netent) {
- $unbound_bind_interfaces .="interface: {$netent['ipaddr']}\n";
- $unbound_allowed_networks .= "access-control: {$netent['network']}/{$netent['subnet']} allow\n";
+ foreach($unboundnetcfg as $netent) {
+ foreach($netent as $entry) {
+ $unbound_bind_interfaces .="interface: {$entry['ipaddr']}\n";
+ $unbound_allowed_networks .= "access-control: {$entry['network']}/{$entry['subnet']} allow\n";
+ }
}
/* Configure user configured ACLs */
$unbound_allowed_networks .= unbound_acls_config();
@@ -596,7 +609,6 @@ function unbound_validate($post, $type=null) {
}
}
} else if($type == "advanced") {
-
if(!is_numeric($post['cache_max_ttl']))
$input_errors[] = "You must enter a valid number in 'Maximum TTL for RRsets and messages'.";
if(!is_numeric($post['cache_min_ttl']))
@@ -684,7 +696,6 @@ function unbound_add_host_entries() {
global $config;
/* XXX: break this out into a separate config file and make use of include */
-
$unboundcfg = $config['installedpackages']['unbound']['config'][0];
$syscfg = $config['system'];
$dnsmasqcfg = $config['dnsmasq'];
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index 997a0b82..b45b4db2 100755
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -1007,7 +1007,7 @@
<descr>Unbound is a validating, recursive, and caching DNS resolver. This package is a drop in replacement for Services: DNS Forwarder and also supports DNSSEC extensions. Once installed please configure the Unbound service by visiting Services: Unbound DNS.</descr>
<website>http://www.unbound.net/</website>
<category>Services</category>
- <version>1.4.10_02</version>
+ <version>1.4.10_03</version>
<status>Alpha</status>
<required_version>2.0</required_version>
<pkginfolink>http://doc.pfsense.org/index.php/Unbound_package</pkginfolink>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index ff2fa31c..1889b733 100755
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -1023,7 +1023,7 @@
<descr>Unbound is a validating, recursive, and caching DNS resolver. This package is a drop in replacement for Services: DNS Forwarder and also supports DNSSEC extensions. Once installed please configure the Unbound service by visiting Services: Unbound DNS.</descr>
<website>http://www.unbound.net/</website>
<category>Services</category>
- <version>1.4.10_02</version>
+ <version>1.4.10_03</version>
<status>Alpha</status>
<required_version>2.0</required_version>
<pkginfolink>http://doc.pfsense.org/index.php/Unbound_package</pkginfolink>