From 3c4423a142e8a46f0eda20e9ff1675db818f7090 Mon Sep 17 00:00:00 2001 From: Warren Baker Date: Sun, 23 Feb 2014 19:37:53 +0200 Subject: Add forwards as a configuration option instead of executing it on the command line --- config/unbound/unbound.inc | 148 ++++++++++++++++++--------------------------- 1 file changed, 58 insertions(+), 90 deletions(-) (limited to 'config/unbound') diff --git a/config/unbound/unbound.inc b/config/unbound/unbound.inc index 6e55d577..e82c6d64 100644 --- a/config/unbound/unbound.inc +++ b/config/unbound/unbound.inc @@ -124,10 +124,8 @@ function unbound_rc_setup() { @@ -164,37 +162,6 @@ function unbound_control($action) { $cache_dumpfile = "/var/tmp/unbound_cache"; switch ($action) { - case "forward": - /* Dont utilize forward cmd if Unbound is doing DNS queries directly - * XXX: We could make this an option to then make pfSense use Unbound - * as the recursive nameserver instead of upstream ones(?) - */ - if ($unbound_config['forwarding_mode'] == "on") { - // Get configured DNS servers and add them as forwarders - if (!isset($config['system']['dnsallowoverride'])) { - $ns = array_unique(get_nameservers()); - foreach($ns as $nameserver) { - if($nameserver) - $dns_servers .= " $nameserver"; - } - } else { - $ns = array_unique(get_dns_servers()); - foreach($ns as $nameserver) { - if($nameserver) - $dns_servers .= " $nameserver"; - } - } - - if(is_service_running("unbound")) { - unbound_ctl_exec("forward $dns_servers"); - } else { - unbound_control("start"); - sleep(1); - unbound_control("forward"); - } - } - break; - case "start": //Start unbound if($unbound_config['enable'] == "on") { @@ -206,7 +173,6 @@ function unbound_control($action) { mwexec("/bin/ln -s /var/run/unbound.pid /var/run/dnsmasq.pid"); } mwexec_bg("/usr/local/bin/unbound_monitor.sh"); - fetch_root_hints(); } break; @@ -456,7 +422,7 @@ function unbound_resync_config() { } // Private-address support for DNS Rebinding - if($unbound_config['private_address'] == "on") { + if ($unbound_config['private_address'] == "on") { $pvt_addr = << 1) { + if ($numprocs > 1) { $optimization['number_threads'] = "num-threads: {$numprocs}"; $optimize_num = pow(2,floor(log($numprocs,2))); } else { @@ -669,32 +665,6 @@ function unbound_optimization() { return $optimization; } -function fetch_root_hints() { - - $destination_file = UNBOUND_BASE . "/etc/unbound/root.hints"; - if (filesize($destination_file) == 0 ) { - conf_mount_rw(); - $fout = fopen($destination_file, "w"); - $url = "ftp://ftp.internic.net/domain/named.cache"; - - $ch = curl_init(); - curl_setopt($ch, CURLOPT_URL, $url); - curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1); - curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '25'); - $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); - $data = curl_exec($ch); - curl_close($ch); - - fwrite($fout, $data); - fclose($fout); - conf_mount_ro(); - - return ($http_code == 200) ? true : $http_code; - } else { - return false; - } -} - function unbound_validate($post, $type=null) { global $config, $input_errors; @@ -746,19 +716,17 @@ function unbound_reconfigure() { $unbound_config = $config['installedpackages']['unbound']['config'][0]; if ($unbound_config['enable'] != "on") { - if(is_service_running("unbound")) + if (is_service_running("unbound")) unbound_control("termstop"); } else { - if(is_service_running("unbound")) { + if (is_service_running("unbound")) { unbound_control("dump_cache"); unbound_control("termstop"); } unbound_resync_config(); unbound_control("start"); - if(is_service_running("unbound")) { - unbound_control("forward"); + if (is_service_running("unbound")) unbound_control("restore_cache"); - } } } -- cgit v1.2.3