From a5936a19914fc8a7c1d86736c4b25217dbb5bd70 Mon Sep 17 00:00:00 2001 From: doktornotor Date: Sat, 22 Aug 2015 04:24:51 +0200 Subject: bind - code style fixes - Fix copyright header - Fix file permissions - Nuke loads of unused tags - Improve descriptions, typo fixes --- config/bind/bind.xml | 262 +++++++++++++++++++++++++++++++-------------------- 1 file changed, 158 insertions(+), 104 deletions(-) diff --git a/config/bind/bind.xml b/config/bind/bind.xml index c24bf351..0f6861fc 100644 --- a/config/bind/bind.xml +++ b/config/bind/bind.xml @@ -3,56 +3,50 @@ - . - All rights reserved. - */ -/* ========================================================================== */ + bind.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2013 Juliano Oliveira + Copyright (C) 2013 Adriano Brancher + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + ]]> - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. bind - 1.0 - Bind: Domain Named Settings + 0.4.0 + BIND: DNS Settings /usr/local/pkg/bind.inc - BIND Server + BIND DNS Server Modify BIND settings
Services
/pkg_edit.php?xml=bind.xml @@ -87,45 +81,36 @@ - /usr/local/pkg/ - 0755 https://packages.pfsense.org/packages/config/bind/bind.xml /usr/local/pkg/ - 0755 https://packages.pfsense.org/packages/config/bind/bind_views.xml /usr/local/pkg/ - 0755 https://packages.pfsense.org/packages/config/bind/bind_zones.xml /usr/local/pkg/ - 0755 https://packages.pfsense.org/packages/config/bind/bind_acls.xml /usr/local/pkg/ - 0755 https://packages.pfsense.org/packages/config/bind/bind.inc /usr/local/pkg/ - 0755 https://packages.pfsense.org/packages/config/bind/bind_sync.xml /usr/local/www/shortcuts/ - 0755 https://packages.pfsense.org/packages/config/bind/pkg_bind.inc /usr/local/www/widgets/widgets/ - 0755 https://packages.pfsense.org/packages/config/bind/bind.widget.php @@ -137,16 +122,24 @@ Enable BIND enable_bind - - Disable DNS Forwarder and Resolver services on selected interfaces before enabling BIND.]]> + + + Disable DNS Forwarder and Resolver services on selected interfaces before enabling BIND. + ]]> + checkbox IP Version bind_ip_version - - This controls which transports are used when resolving queries.]]> + + + This controls which transports are used when resolving queries. + ]]> + select @@ -157,7 +150,7 @@ Listen on listenon - + Choose the interfaces on which to enable BIND. interfaces_selection @@ -178,34 +171,42 @@ Limit Memory Use bind_ram_limit - Limits RAM use for DNS server, recommend 256M + Limits RAM use for DNS server (Recommended: 256M) input 10 256M listtopic - Logging options + Logging Options temp01 Enable Logging bind_logging - System logs, Resolver tab.]]> + + System logs, Resolver tab. + ]]> + checkbox - Logging Serverity + Logging Severity log_severity - - The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace.]]> + + + The value 'dynamic' means assume the global level defined by either the command line parameter -d or by running rndc trace. + ]]> + select - + - + @@ -215,27 +216,82 @@ Logging Options log_options - - use CTRL+click to select/unselect.]]> + + + (Use CTRL + click to select/unselect. + ]]> + select - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + 18 @@ -248,8 +304,12 @@ Rate Limit rate_enabled - - Limit/rate response queries to prevent DOS attack.]]> + + A Quick Introduction to Response Rate Limiting  + to prevent DOS attack. + ]]> + checkbox rate_limit,log_only @@ -266,29 +326,30 @@ Limit rate_limit - Set rate limit. Default to 15. + Set rate limit. (Default: 15) input 10 listtopic - Forwarder Config + Forwarder Configuration temp01 Enable Forwarding bind_forwarder - Enable forwarding queries to other DNS servers listed below rather than this server - performing its own recursion. - + Enable forwarding queries to other DNS servers listed below rather than this server performing its own recursion. checkbox bind_forwarder_ips Forwarder IPs bind_forwarder_ips - Enter IPs of DNS servers to use for recursion. Separate by semi-colons (;). Applies - only if Enable Forwarding is chosen. + + + Applies only if Enable Forwarding is chosen. + ]]> input 80 @@ -302,8 +363,10 @@ Custom Options bind_custom_options - - They'll be added to the configuration. They need to be named.conf native options.]]> + + They need to be native settings. + ]]> textarea 65 @@ -319,8 +382,10 @@ Global Settings bind_global_settings - - They'll be added to the configuration. They need to be named.conf native settings.]]> + + They need to be native settings. + ]]> textarea 65 @@ -328,21 +393,10 @@ base64 - - - - - - - - bind_sync(); bind_write_rcfile(); - - - -- cgit v1.2.3 From c3e019af2db53f649e1027694bc12dd2a661d0d0 Mon Sep 17 00:00:00 2001 From: doktornotor Date: Sat, 22 Aug 2015 04:33:57 +0200 Subject: bind - code style fixes - Fix copyright header - Nuke loads of unused tags - Improve descriptions, typo fixes --- config/bind/bind_acls.xml | 91 +++++++++++++++++++---------------------------- 1 file changed, 37 insertions(+), 54 deletions(-) diff --git a/config/bind/bind_acls.xml b/config/bind/bind_acls.xml index 49794a69..49ca1631 100644 --- a/config/bind/bind_acls.xml +++ b/config/bind/bind_acls.xml @@ -1,61 +1,50 @@ - - + + - . - All rights reserved. - */ -/* ========================================================================== */ + bind_acls.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2013 Juliano Oliveira + Copyright (C) 2013 Adriano Brancher + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + ]]> - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. bindacls - 0.1.0 + 0.4.0 BIND: ACLs Settings /usr/local/pkg/bind.inc - - BIND Server - -
Services
- bind.xml - Settings @@ -91,13 +80,11 @@ on - ACL Name name - Enter name ACL. + Enter name of the ACL. input @@ -108,8 +95,8 @@ input - Enter IP or range block network. - Leave blank to allow All + Enter IP or network range block. + Leave blank to allow All. none rowhelper @@ -128,10 +115,6 @@ - - - - bind_sync(); -- cgit v1.2.3 From 8d0881d331f68c5813adb54304558c52a763e870 Mon Sep 17 00:00:00 2001 From: doktornotor Date: Sat, 22 Aug 2015 04:44:36 +0200 Subject: bind - code style fixes - Fix copyright header - Nuke unused tags - Improve descriptions, typo fixes --- config/bind/bind_sync.xml | 100 ++++++++++++++++++++++++---------------------- 1 file changed, 52 insertions(+), 48 deletions(-) diff --git a/config/bind/bind_sync.xml b/config/bind/bind_sync.xml index 97fdad81..91d713e3 100644 --- a/config/bind/bind_sync.xml +++ b/config/bind/bind_sync.xml @@ -1,49 +1,50 @@ - - + + - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. bindsync - 1.0 - Bind: XMLRPC Sync + 0.4.0 + BIND: XMLRPC Sync /usr/local/pkg/bind.inc @@ -74,9 +75,9 @@ listtopic - Automatically sync bind configuration changes + Automatically Sync BIND Configuration Changes synconchanges - Select a sync method for bind. + Select a sync method for BIND. select auto @@ -87,7 +88,7 @@ - Sync timeout + Sync Timeout synctimeout Select sync max wait time select @@ -104,8 +105,12 @@ Zone Master IP masterip - - All master zones will be configured as backup on slave servers.]]> + + + Note: All master zones will be configured as backup on slave servers. + ]]> + input 20 @@ -114,15 +119,18 @@ Remote Server none rowhelper - Do not forget to:
-      Create firewall rules to allow zone transfer between master and slave servers.
-      Create a acls with these slave servers.
-      Include created acl on allow-transfer option on zone config.]]> + Do not forget to:
+      Create firewall rules to allow zone transfer between master and slave servers.
+      Create ACLs with these slave servers.
+      Include created ACLs on allow-transfer option on zone config. + ]]> + IP Address ipaddress - IP Address of remote server + IP Address of remote server. input 20 @@ -136,8 +144,4 @@ - - - - -- cgit v1.2.3 From 1e0f9d1706df09123e315f7d6dc0a2670273b0c9 Mon Sep 17 00:00:00 2001 From: doktornotor Date: Sat, 22 Aug 2015 04:59:22 +0200 Subject: bind - code style fixes - Fix copyright header - Nuke loads of unused tags - Improve descriptions, typo fixes --- config/bind/bind_views.xml | 117 +++++++++++++++++++++------------------------ 1 file changed, 54 insertions(+), 63 deletions(-) diff --git a/config/bind/bind_views.xml b/config/bind/bind_views.xml index 7d38f481..29bf9bb3 100644 --- a/config/bind/bind_views.xml +++ b/config/bind/bind_views.xml @@ -1,61 +1,50 @@ - - + + - . - All rights reserved. - */ -/* ========================================================================== */ + bind_views.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2013 Juliano Oliveira + Copyright (C) 2013 Adriano Brancher + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + ]]> - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. bindviews - 0.1.0 - Bind: Views Settings + 0.4.0 + BIND: Views Settings /usr/local/pkg/bind.inc - - BIND Server - -
Services
- bind.xml - Settings @@ -108,10 +97,12 @@ Recursion recursion - A recursive query occurs when your DNS server is queried for a domain that it - currently knows nothing about, in which case it will try to resolve the given host by - performing further queries (eg by starting at the root servers and working out, or by - simply passing the request to yet another DNS server). + + select @@ -120,11 +111,13 @@ - Match-clients + match-clients match-clients - If either or both of match-clients are missing they default to any (all hosts - match). The match-clients statement defines the address_match_list for the source IP - address of the incoming messages. + + + The match-clients statement defines the address_match_list for the source IP address of the incoming messages. + ]]> select_source @@ -134,10 +127,13 @@ 03 - Allow-recursion + allow-recursion allow-recursion - For example, if you have one DNS server serving your local network, you may want - all of your local computers to use your DNS server. + + select_source @@ -154,18 +150,13 @@ Custom Options bind_custom_options - You can put your own custom options here, separated by semi-colons (;). - + You can put your own custom options here, separated by semi-colons (;). textarea 65 8 base64 - - - - bind_sync(); -- cgit v1.2.3 From 9599adf898c3d4bc4b0d5732b2d14bdbf78c8b4c Mon Sep 17 00:00:00 2001 From: doktornotor Date: Sat, 22 Aug 2015 05:44:54 +0200 Subject: bind - code style fixes - Fix copyright header - Fix custom_php_validation_command syntax - Nuke unused tags - Improve descriptions, typo fixes --- config/bind/bind_zones.xml | 250 +++++++++++++++++++++++++-------------------- 1 file changed, 142 insertions(+), 108 deletions(-) diff --git a/config/bind/bind_zones.xml b/config/bind/bind_zones.xml index c289ddd3..50f852c3 100644 --- a/config/bind/bind_zones.xml +++ b/config/bind/bind_zones.xml @@ -1,61 +1,50 @@ - - + + - . - All rights reserved. - */ -/* ========================================================================== */ + bind_zones.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2013 Juliano Oliveira + Copyright (C) 2013 Adriano Brancher + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + ]]> - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. bindzone none BIND: Zones Settings /usr/local/pkg/bind.inc - - BIND Server - -
Services
- bind.xml - Settings @@ -116,17 +105,21 @@ temp01 - Disable this zone + Disable This Zone disabled - + Do not include this zone in BIND config files. checkbox Zone Name name - - For reverse zones, include zone IP in reverse order. (e.g. 1.168.192)
- IN-ADDR.ARPA will be automaticaly included in config files when reverse zone option is checked.]]> + + + For reverse zones, include zone IP in reverse order. (e.g. 1.168.192)
+ Note: IN-ADDR.ARPA will be automaticaly included in config files when reverse zone option is checked. + ]]> + input @@ -140,7 +133,7 @@ Zone Type type - + Select zone type. select @@ -154,7 +147,7 @@ View view - + Select (CTRL+click) the views that this zone will belong to. select_source name @@ -165,14 +158,14 @@ Reverse Zone reverso - Enable if this is a reverse zone. + Check if this is a reverse zone. checkbox reversv6o IPv6 Reverse Zone reversv6o - Enable if this is a IPv6 reverse zone. Reverse Zone must also be enabled. + Check if this is an IPv6 reverse zone. Reverse Zone must also be enabled. checkbox @@ -193,20 +186,28 @@ Inline Signing dnssec backupkeys - Enable inline DNSSEC signing for this zone.]]> + + Enable inline DNSSEC signing for this zone. + ]]> + checkbox - backup keys + Backup Keys backupkeys - + Enable this option to include all DNSSEC key files in XML. checkbox DSSET dsset - - Upload this DSSET to your domain root server.]]> + + + Upload this DSSET to your domain root server. + ]]> + textarea 75 3 @@ -220,8 +221,7 @@ Master Zone IP slaveip - If this is a slave zone, enter the IP address of the master DNS server. - + If this is a slave zone, enter the IP address of the master DNS server. input @@ -236,7 +236,6 @@ input 70 - listtopic Master Zone Configuration @@ -245,20 +244,23 @@ TLL tll - Default expiration time of all resource records without their own TTL value - + Default expiration time of all resource records without their own TTL value. input Name Server nameserver - Enter nameserver for this zone + Enter nameserver for this zone. input Base Domain IP ipns - Enter IP address for base domain lookup. Ex: nslookup mydomain.com + + nslookup mydomain.com return.) + ]]> + input @@ -270,42 +272,47 @@ Serial serial - Parsed value for the slave to update the DNS zone + Parsed value for the slave to update the DNS zone. input Refresh refresh - Slave refresh (1 day) + Slave refresh (Default: 1 day) input 1d Retry retry - Slave retry time in case of a problem (2 hours) + Slave retry time in case of a problem (Default: 2 hours) input 2h Expire expire - Slave expiration time (4 weeks) + Slave expiration time (Default: 4 weeks) input 4w Minimum minimum - Maximum caching time in case of failed lookups (1 hour) + Maximum caching time in case of failed lookups (Default: 1 hour) input 1h - Allow-update + allow-update allowupdate - - Allow-update defines a match list eg IP address(es) that are allowed to submit dynamic updates for 'master' zones, ie it enables Dynamic DNS (DDNS).]]> + + + The allow-update statement defines a match list of IP address(es) that are allowed  + to submit dynamic updates for 'master' zones - i.e., it enables Dynamic DNS (DDNS). + ]]> + select_source name @@ -314,26 +321,38 @@ 03 - Enable Update-policy + Enable update-policy enable_updatepolicy - - The update-policy statement replaces the allow-update statement.]]> + + + The update-policy statement replaces the allow-update statement. + ]]> + checkbox updatepolicy - Update-policy + update-policy updatepolicy - - Do not include the surrounding { } when using multiple statements]]> + + + Note: Do NOT include the surrounding { } when using multiple statements! + ]]> + input 75 - Allow-query + allow-query allowquery - - Allow-query defines an match list of IP address(es) which are allowed to issue queries to the server.]]> + + + The allow-query statement defines a match list of IP address(es) which are allowed to issue queries to the server. + ]]> + select_source name @@ -342,10 +361,20 @@ 03 - Allow-transfer + allow-transfer allowtransfer - - Allow-transfer defines a match list eg IP address(es) that are allowed to transfer (copy) the zone information from the server (master or slave for the zone). While on its face this may seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys can get all of it anyway. However if the thought of anyone being able to transfer your precious zone file is repugnant, or (and this is far more significant) you are concerned about possible DoS attack initiated by XFER requests, then use the following policy.]]> + + + The allow-transfer statement defines a match list of IP address(es) that are allowed to transfer  + (copy) the zone information from the server (master or slave for the zone). While on its face this may  + seem an excessively friendly default, DNS data is essentially public (that's why its there) and the bad guys  + can get all of it anyway.

+ However, if the thought of anyone being able to transfer your precious zone file is repugnant, or  + (and this is far more significant) you are concerned about possible DoS attack initiated by XFER requests,  + then you should use the following policy. + ]]> + select_source name @@ -359,26 +388,30 @@ temp02 - Enter Domain records. - "Record" is the name or last octet of IP. Example: www or pop
- "Type" is the type of the record Sample: A CNAME MX NS
- "Priority" in used only in mx records to define its priority
- "Alias or IP address" is the destination host or ip address.

- You can order elements on this list with drag and drop between columns.]]> + Enter Domain Records + + "Record" is the name or last octet of an IP. (Example: www, pop, smtp)
+ "Type" is the type of the record. (Example: A, CNAME, MX, NS)
+ "Priority" is used only in MX records to define their priority.
+ "Alias or IP address" is the destination host or IP address.

+ Note: You can order the elements on this list with drag and drop. + ]]> + none rowhelper Record hostname - Enter the Host Name (ex: www) + Enter the Host Name (Example: www) input 10 Type hosttype - Select Type Host + Select record type for this host. select @@ -397,15 +430,14 @@ Priority hostvalue - MX 10 or 20 + Priority for MX record. (Example: 10 or 20) input 3 Alias or IP address hostdst - Enter the IP address or FQDN destination for domain MX (ex: 10.31.11.1 or mail.example.com) - + Enter the IP address or FQDN destination for domain's MX (Example: 10.31.11.1 or mail.example.com) input 35 @@ -414,22 +446,24 @@ regdhcpstatic - Register DHCP static mappings - If this option is set, then DHCP static mappings will be registered in DNS, so that - their name can be resolved. - + Register DHCP Static Mappings + If this option is set, then DHCP static mappings will be registered in DNS, so that their name can be resolved. checkbox listtopic - Custom Zone Domain records + Custom Zone Domain Records temp02 customzonerecords - - This can be used for a fast migration setup.]]> + + + This can be used for a fast migration setup. + ]]> + textarea 84 10 @@ -439,7 +473,7 @@ listtopic - Resulting zone config file + Resulting Zone Config File @@ -459,13 +493,13 @@ bind_print_javascript_type_zone(); - - - if ($_POST['type']=="master" and $_POST['serial']=="") { - $_POST['serial']=(date("U")+ 1000000000); + bind_sync(); -- cgit v1.2.3 From 0fae8c137386a7c73b41e3c538ab0e4790cbcbda Mon Sep 17 00:00:00 2001 From: doktornotor Date: Sat, 22 Aug 2015 05:54:27 +0200 Subject: bind - code style fixes - Fix copyright header - Some XHTML fixes - Wrap javascript in CDATA --- config/bind/bind.widget.php | 62 ++++++++++++++++++++++----------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/config/bind/bind.widget.php b/config/bind/bind.widget.php index 1e8c0cc8..deae7ba6 100644 --- a/config/bind/bind.widget.php +++ b/config/bind/bind.widget.php @@ -1,28 +1,31 @@ "; - echo " "; + echo ""; } -function close_table() -{ - echo " "; +function close_table() { + echo ""; echo ""; - } $pfb_table = array(); -$img['Sick'] = ""; -$img['Healthy'] = ""; - +$img['Sick'] = "sick"; +$img['Healthy'] = "healthy"; -#var_dump($pfb_table); -#exit; ?> +
-- cgit v1.2.3 From 6a850c2d7d68fbe561b3ad2627d9ea39ae260a4e Mon Sep 17 00:00:00 2001 From: doktornotor Date: Sat, 22 Aug 2015 06:51:51 +0200 Subject: bind - code style fixes - Fix copyright header - Code style fixes - Use safe_mkdir and {stop,restart}_service() --- config/bind/bind.inc | 222 +++++++++++++++++++++++++-------------------------- 1 file changed, 107 insertions(+), 115 deletions(-) diff --git a/config/bind/bind.inc b/config/bind/bind.inc index 7b5b773e..39c12e13 100644 --- a/config/bind/bind.inc +++ b/config/bind/bind.inc @@ -1,10 +1,11 @@ -$bind_listenonv6 $bind_listenon"; + $bind_listenonv6 = $bind_listenonv6 == "" ? "none;" : $bind_listenonv6; + $bind_listenon = $bind_listenon == "" ? "none;" : $bind_listenon; + // Print "
$bind_listenonv6 $bind_listenon";
 	if (array_key_exists("ipv6allow", $config['system'])) {
 		$bind_conf .= "\tlisten-on-v6 { $bind_listenonv6 };\n";
 	}
 	$bind_conf .= "\tlisten-on { $bind_listenon };\n";
 
-	// forwarder config
+	// Forwarder config
 	if ($bind_forwarder == 'on') {
 		$bind_conf .= "\tforwarders { $forwarder_ips };\n";
 	}
@@ -249,9 +249,9 @@ EOD;
 			system("/usr/bin/killall -HUP syslogd");
 		}
 		$log_categories = explode(",", $bind['log_options']);
-		$log_severity = ($bind['log_severity'] ? $bind['log_severity'] : 'default');
+		$log_severity = $bind['log_severity'] ? $bind['log_severity'] : 'default';
 		if (sizeof($log_categories) > 0 && $log_categories[0] != "") {
-			// curly braces in the following << "localhost", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
 		$config['installedpackages']['bindacls']['config'][] =
 			array("name" => "localnets", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
-		write_config("Create BIND Built-in ACLs");
+		write_config("Created BIND Built-in ACLs");
 	}
 	$bindacls = $config['installedpackages']['bindacls']['config'];
 	for ($i = 0; $i < sizeof($bindacls); $i++) {
@@ -366,9 +366,7 @@ EOD;
 			// Ensure zone view folder exists
 			if ($zonetype != "forward") {
 				foreach ($zoneviewlist as $zoneview) {
-					if (!(is_dir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview"))) {
-						mkdir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", 0755, true);
-					}
+					safe_mkdir(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview", 0755);
 				}
 			}
 
@@ -422,7 +420,7 @@ EOD;
 							$bind_conf .= "\t\tallow-update { $zoneallowupdate; };\n";
 						}
 						if ($zone['dnssec'] == "on") {
-							//https://kb.isc.org/article/AA-00626/
+							// https://kb.isc.org/article/AA-00626/
 							$bind_conf .= "\n\t\t# look for dnssec keys here:\n";
 							$bind_conf .= "\t\tkey-directory \"/etc/namedb/keys\";\n\n";
 							$bind_conf .= "\t\t# publish and activate dnssec keys:\n";
@@ -442,7 +440,7 @@ EOD;
 						$bind_conf .= "\t\tforwarders { $zoneforwarders; };\n";
 						break;
 					case 'redirect':
-						$bind_conf .= "\t\t# While using redirect zones,NXDOMAIN Redirection will not override DNSSEC\n";
+						$bind_conf .= "\t\t# While using redirect zones, NXDOMAIN Redirection will not override DNSSEC\n";
 						$bind_conf .= "\t\t# If the client has requested DNSSEC records (DO=1) and the NXDOMAIN response is signed then no substitution will occur\n";
 						$bind_conf .= "\t\t# https://kb.isc.org/article/AA-00376/192/BIND-9.9-redirect-zones-for-NXDOMAIN-redirection.html\n";
 						$bind_conf .= "\t\tallow-query { $zoneallowquery; };\n";
@@ -462,17 +460,17 @@ EOD;
 				switch ($zonetype) {
 					case 'master':
 					case 'redirect':
-						// check/update slave dir permission
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype", "bind");
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", "bind");
-						$zonetll = ($zone['tll'] ? $zone['tll'] : "43200");
-						$zonemail = ($zone['mail'] ? $zone['mail'] : "zonemaster.{$zonename}");
+						// Check/update slave dir permission
+						chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype", "bind");
+						chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview", "bind");
+						$zonetll = $zone['tll'] ? $zone['tll'] : "43200";
+						$zonemail = $zone['mail'] ? $zone['mail'] : "zonemaster.{$zonename}";
 						$zonemail = preg_replace("/@/", ".", $zonemail);
 						$zoneserial = $zone['serial'];
-						$zonerefresh = ($zone['refresh'] ? $zone['refresh'] : "3600");
-						$zoneretry = ($zone['retry'] ? $zone['retry'] : "600");
-						$zoneexpire = ($zone['expire'] ? $zone['expire'] : "86400");
-						$zoneminimum = ($zone['minimum'] ? $zone['minimum'] : "3600");
+						$zonerefresh = $zone['refresh'] ? $zone['refresh'] : "3600";
+						$zoneretry = $zone['retry'] ? $zone['retry'] : "600";
+						$zoneexpire = $zone['expire'] ? $zone['expire'] : "86400";
+						$zoneminimum = $zone['minimum'] ? $zone['minimum'] : "3600";
 						$zonenameserver = $zone['nameserver'];
 						$zoneipns = $zone['ipns'];
 						$zonereverso = $zone['reverso'];
@@ -573,10 +571,10 @@ EOD;
 
 						$config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = base64_encode($zone_conf);
 						$write_config++;
-						//check dnssec keys creation for master zones
+						// Check DNSSEC keys creation for master zones
 						if ($zone['dnssec'] == "on") {
 							$zone_found = 0;
-							foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
+							foreach (glob(CHROOT_LOCALBASE . "/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
 								$zone_found++;
 							}
 							if ($zone_found == 0) {
@@ -596,16 +594,16 @@ EOD;
 								}
 								$dnssec_bin = "/usr/local/sbin/dnssec-keygen";
 								if (file_exists($dnssec_bin) && $key_restored == 0) {
-									exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys {$zonename}", $kout);
-									exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys -fk {$zonename}", $kout);
+									exec("{$dnssec_bin} -K " . CHROOT_LOCALBASE . "/etc/namedb/keys {$zonename}", $kout);
+									exec("{$dnssec_bin} -K " . CHROOT_LOCALBASE . "/etc/namedb/keys -fk {$zonename}", $kout);
 									foreach ($kout as $filename) {
-										chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.key", "bind");
-										chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.private", "bind");
+										chown(CHROOT_LOCALBASE . "/etc/namedb/keys/{$filename}.key", "bind");
+										chown(CHROOT_LOCALBASE . "/etc/namedb/keys/{$filename}.private", "bind");
 									}
 									log_error("[bind] DNSSEC keys for {$zonename} created.");
 								}
 							}
-							// get ds keys
+							// Get DS keys
 							$dsfromkey = "/usr/local/sbin/dnssec-dsfromkey";
 							foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
 								$zone_key = file_get_contents($filename);
@@ -616,10 +614,10 @@ EOD;
 								}
 							}
 
-							// save dnssec keys to xml
+							// Save DNSSEC keys to xml
 							if ($zone['backupkeys'] == "on") {
 								$dnssec_keys = 0;
-								foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*", GLOB_NOSORT) as $filename) {
+								foreach (glob(CHROOT_LOCALBASE . "/etc/namedb/keys/*{$zonename}*", GLOB_NOSORT) as $filename) {
 									$file_found = 0;
 									if (is_array($config['installedpackages']['dnsseckeys']) && is_array($config['installedpackages']['dnsseckeys']['config'])) {
 										foreach ($config['installedpackages']['dnsseckeys']['config'] as $filer) {
@@ -643,21 +641,21 @@ EOD;
 						}
 						break;
 					case 'slave':
-						// check/update slave dir permission
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype", "bind");
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", "bind");
+						// Check/update slave dir permission
+						chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype", "bind");
+						chown(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview", "bind");
 						// check if exists slave zone file
 						$rsconfig = "";
 						if ($zone['dnssec'] == "on") {
-							if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed")) {
-								exec("/usr/local/sbin/named-checkzone -D -f raw -o - {$zonename} ".CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed", $slave_file);
+							if (file_exists(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed")) {
+								exec("/usr/local/sbin/named-checkzone -D -f raw -o - {$zonename} " . CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed", $slave_file);
 							}
 						} else {
-							if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB")) {
-								$slave_file = file(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB");
+							if (file_exists(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB")) {
+								$slave_file = file(CHROOT_LOCALBASE . "/etc/namedb/$zonetype/$zoneview/$zonename.DB");
 							}
 						}
-						// TODO is is_array() the best test to use?  is it only checking for existence?
+						// TODO: is is_array() the best test to use? Is it only checking for existence?
 						if (is_array($slave_file)) {
 							foreach ($slave_file as $zfile) {
 								$rsconfig .= $zfile;
@@ -667,7 +665,7 @@ EOD;
 						$write_config++;
 						break;
 					case 'forward':
-						// forwarder zone does not have a DB file
+						// Forwarder zone does not have a DB file
 						$config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = '';
 						$write_config++;
 						break;
@@ -683,18 +681,16 @@ EOD;
 			$bind_conf .= "\t};\n\n";
 		}
 		if ($write_config > 0) {
-			write_config("save result config file for zone on xml");
+			write_config("BIND: Saved resulting config file for zone in xml");
 		}
 		$bind_conf .= "};\n";
 	}
 	$dirs = array("/etc/namedb/keys", "/var/run/named", "/var/dump", "/var/log", "/var/stats", "/dev");
 	foreach ($dirs as $dir) {
-		if (!is_dir(CHROOT_LOCALBASE.$dir)) {
-			mkdir(CHROOT_LOCALBASE.$dir, 0755, true);
-		}
+		safe_mkdir(CHROOT_LOCALBASE . $dir, 0755);
 	}
-	// dev dirs for chroot
-	$bind_dev_dir = CHROOT_LOCALBASE."/dev";
+	// Handle /dev dirs for chroot
+	$bind_dev_dir = CHROOT_LOCALBASE . "/dev";
 	if (!file_exists("$bind_dev_dir/random")) {
 		$dev_dirs = array("null", "zero", "random", "urandom");
 		exec("/sbin/mount -t devfs devfs {$bind_dev_dir}", $dout);
@@ -706,41 +702,40 @@ EOD;
 		exec("/sbin/devfs -m {$bind_dev_dir} rule applyset", $dout);
 	}
 	// http://www.unixwiz.net/techtips/bind9-chroot.html
-	file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/named.conf', $bind_conf);
-	file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/rndc.conf', $rndc_file);
+	file_put_contents(CHROOT_LOCALBASE . '/etc/namedb/named.conf', $bind_conf);
+	file_put_contents(CHROOT_LOCALBASE . '/etc/namedb/rndc.conf', $rndc_file);
 
-	if (!file_exists(CHROOT_LOCALBASE."/etc/namedb/named.root")) {
+	if (!file_exists(CHROOT_LOCALBASE . "/etc/namedb/named.root")) {
 		// dig +tcp @a.root-servers.net > CHROOT_LOCALBASE."/etc/namedb/named.root"
 		$named_root = file_get_contents("http://www.internic.net/domain/named.root");
-		file_put_contents(CHROOT_LOCALBASE."/etc/namedb/named.root", $named_root, LOCK_EX);
+		file_put_contents(CHROOT_LOCALBASE . "/etc/namedb/named.root", $named_root, LOCK_EX);
 	}
 	if (!file_exists(CHROOT_LOCALBASE."/etc/localtime")) {
-		copy("/etc/localtime", CHROOT_LOCALBASE."/etc/localtime");
+		copy("/etc/localtime", CHROOT_LOCALBASE . "/etc/localtime");
 	}
 
 	bind_write_rcfile();
-	chown(CHROOT_LOCALBASE."/etc/namedb/keys", "bind");
-	chown(CHROOT_LOCALBASE."/etc/namedb", "bind");
-	chown(CHROOT_LOCALBASE."/var/log", "bind");
-	chown(CHROOT_LOCALBASE."/var/run/named", "bind");
-	chgrp(CHROOT_LOCALBASE."/var/log", "bind");
+	chown(CHROOT_LOCALBASE . "/etc/namedb/keys", "bind");
+	chown(CHROOT_LOCALBASE . "/etc/namedb", "bind");
+	chown(CHROOT_LOCALBASE . "/var/log", "bind");
+	chown(CHROOT_LOCALBASE . "/var/run/named", "bind");
+	chgrp(CHROOT_LOCALBASE . "/var/log", "bind");
 	$bind_sh = "/usr/local/etc/rc.d/named.sh";
 	if ($bind_enable == "on") {
 		chmod($bind_sh, 0755);
-		mwexec("{$bind_sh} restart");
+		restart_service("named");
 	} elseif (is_service_running('named')) {
-		mwexec("{$bind_sh} stop");
+		stop_service("named");
 		chmod($bind_sh, 0644);
 	}
-	// sync to backup servers
+	// Sync to backup servers
 	bind_sync_on_changes();
 	conf_mount_ro();
 }
 
-function bind_print_javascript_type_zone()
-{
+function bind_print_javascript_type_zone() {
 	?>
-