aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/bind/bind.inc66
1 files changed, 39 insertions, 27 deletions
diff --git a/config/bind/bind.inc b/config/bind/bind.inc
index 94634b44..50025947 100644
--- a/config/bind/bind.inc
+++ b/config/bind/bind.inc
@@ -56,16 +56,6 @@ function bind_zone_validate($post, &$input_errors)
}
switch ($_POST['type']) {
- case 'slave':
- if ($_POST['slaveip'] == "") {
- $input_errors[] = 'The field \'Master Zone IP\' is required for slave zones.';
- }
- break;
- case 'forward':
- if ($_POST['forwarders'] == "") {
- $input_errors[] = 'The field \'Forwarders\' is required for forward zones.';
- }
- break;
case 'redirect':
$_POST['tll'] = 300;
$_POST['refresh'] = 0;
@@ -76,7 +66,8 @@ function bind_zone_validate($post, &$input_errors)
if ($_POST['mail'] == '') {
$input_errors[] = "The field 'Mail Admin Zone' is required for {$_POST['type']} zones.";
}
- default:
+ // Intentionally fall through to 'master' zone case
+ case 'master':
if ($_POST['nameserver'] == '') {
$input_errors[] = "The field 'Name server' is required for {$_POST['type']} zones.";
}
@@ -106,6 +97,18 @@ function bind_zone_validate($post, &$input_errors)
}
}
break;
+ case 'slave':
+ if ($_POST['slaveip'] == "") {
+ $input_errors[] = 'The field \'Master Zone IP\' is required for slave zones.';
+ }
+ break;
+ case 'forward':
+ if ($_POST['forwarders'] == "") {
+ $input_errors[] = 'The field \'Forwarders\' is required for forward zones.';
+ }
+ break;
+ default:
+ break;
}
}
@@ -408,6 +411,24 @@ EOD;
// Add zone statements
switch ($zonetype) {
+ case 'master':
+ $bind_conf .= "\t\tallow-query { $zoneallowquery; };\n";
+ $bind_conf .= "\t\tallow-transfer { $zoneallowtransfer; };\n";
+ if ($zone['enable_updatepolicy'] == "on") {
+ $bind_conf .= "\t\tupdate-policy { $zoneupdatepolicy; };\n";
+ } else {
+ $bind_conf .= "\t\tallow-update { $zoneallowupdate; };\n";
+ }
+ if ($zone['dnssec'] == "on") {
+ //https://kb.isc.org/article/AA-00626/
+ $bind_conf .= "\n\t\t# look for dnssec keys here:\n";
+ $bind_conf .= "\t\tkey-directory \"/etc/namedb/keys\";\n\n";
+ $bind_conf .= "\t\t# publish and activate dnssec keys:\n";
+ $bind_conf .= "\t\tauto-dnssec maintain;\n\n";
+ $bind_conf .= "\t\t# use inline signing:\n";
+ $bind_conf .= "\t\tinline-signing yes;\n\n";
+ }
+ break;
case 'slave':
$bind_conf .= "\t\tmasters { $zoneipslave; };\n";
$bind_conf .= "\t\tallow-query { $zoneallowquery; };\n";
@@ -425,22 +446,6 @@ EOD;
$bind_conf .= "\t\tallow-query { $zoneallowquery; };\n";
break;
default:
- $bind_conf .= "\t\tallow-query { $zoneallowquery; };\n";
- $bind_conf .= "\t\tallow-transfer { $zoneallowtransfer; };\n";
- if ($zone['enable_updatepolicy'] == "on") {
- $bind_conf .= "\t\tupdate-policy { $zoneupdatepolicy; };\n";
- } else {
- $bind_conf .= "\t\tallow-update { $zoneallowupdate; };\n";
- }
- if ($zone['dnssec'] == "on") {
- //https://kb.isc.org/article/AA-00626/
- $bind_conf .= "\n\t\t# look for dnssec keys here:\n";
- $bind_conf .= "\t\tkey-directory \"/etc/namedb/keys\";\n\n";
- $bind_conf .= "\t\t# publish and activate dnssec keys:\n";
- $bind_conf .= "\t\tauto-dnssec maintain;\n\n";
- $bind_conf .= "\t\t# use inline signing:\n";
- $bind_conf .= "\t\tinline-signing yes;\n\n";
- }
break;
}
@@ -659,6 +664,13 @@ EOD;
$config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = base64_encode($rsconfig);
$write_config++;
break;
+ case 'forward':
+ // forwarder zone does not have a DB file
+ $config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = '';
+ $write_config++;
+ break;
+ default:
+ break;
}
}
}