2 ##############################################################################
4 # This program is free software; you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License version 2 as
6 # published by the Free Software Foundation.
8 # This program is distributed in the hope that it will be useful,
9 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # GNU General Public License for more details.
13 # Copyright (C) 2016 Eric Luehrsen
15 ##############################################################################
17 # This crosses over to the dnsmasq UCI file "dhcp" and parses it for fields
18 # that will allow Unbound to request local host DNS of dnsmasq. We need to look
19 # at the interfaces in "dhcp" and get their subnets. The Unbound conf syntax
20 # makes this a little difficult. First in "server:" we need to create private
21 # zones for the domain and PTR records. Then we need to create numerous
22 # "forward:" clauses to forward those zones to dnsmasq.
24 ##############################################################################
26 dnsmasq_local_zone() {
28 local fwd_port fwd_domain wan_fqdn
30 # dnsmasq domain and interface assignment settings will control config
31 config_get fwd_domain "$cfg" domain
32 config_get fwd_port "$cfg" port
33 config_get wan_fqdn "$cfg" add_wan_fqdn
36 if [ -n "$wan_fqdn" ] ; then
37 UNBOUND_D_WAN_FQDN=$wan_fqdn
41 if [ -n "$fwd_domain" -a -n "$fwd_port" -a ! "$fwd_port" -eq 53 ] ; then
42 # dnsmasq localhost listening ports (possible multiple instances)
43 UNBOUND_N_FWD_PORTS="$UNBOUND_N_FWD_PORTS $fwd_port"
44 UNBOUND_TXT_FWD_ZONE="$UNBOUND_TXT_FWD_ZONE $fwd_domain"
47 # This creates DOMAIN local privledges
48 echo " private-domain: \"$fwd_domain\""
49 echo " local-zone: \"$fwd_domain.\" transparent"
50 echo " domain-insecure: \"$fwd_domain\""
52 } >> $UNBOUND_CONFFILE
56 ##############################################################################
58 dnsmasq_local_arpa() {
60 local logint dhcpv4 dhcpv6 ignore
61 local subnets subnets4 subnets6
63 local validip4 validip6 privateip
65 config_get logint "$cfg" interface
66 config_get dhcpv4 "$cfg" dhcpv4
67 config_get dhcpv6 "$cfg" dhcpv6
68 config_get_bool ignore "$cfg" ignore 0
70 # Find the list of addresses assigned to a logical interface
71 # Its typical to have a logical gateway split NAME and NAME6
72 network_get_subnets subnets4 "$logint"
73 network_get_subnets6 subnets6 "$logint"
74 subnets="$subnets4 $subnets6"
76 network_get_subnets subnets4 "${logint}6"
77 network_get_subnets6 subnets6 "${logint}6"
78 subnets="$subnets $subnets4 $subnets6"
81 if [ -z "$subnets" ] ; then
84 elif [ -z "$UNBOUND_N_FWD_PORTS" ] ; then
87 elif [ "$ignore" -gt 0 ] ; then
88 if [ "$UNBOUND_D_WAN_FQDN" -gt 0 ] ; then
89 # Only forward the one gateway host.
97 # Forward the entire private subnet.
102 if [ -n "$forward" ] ; then
103 for subnet in $subnets ; do
104 validip4=$( valid_subnet4 $subnet )
105 validip6=$( valid_subnet6 $subnet )
106 privateip=$( private_subnet $subnet )
109 if [ "$validip4" = "ok" -a "$dhcpv4" != "disable" ] ; then
110 if [ "$forward" = "domain" ] ; then
111 arpa=$( domain_ptr_ip4 "$subnet" )
113 arpa=$( host_ptr_ip4 "$subnet" )
116 elif [ "$validip6" = "ok" -a "$dhcpv6" != "disable" ] ; then
117 if [ "$forward" = "domain" ] ; then
118 arpa=$( domain_ptr_ip6 "$subnet" )
120 arpa=$( host_ptr_ip6 "$subnet" )
128 if [ -n "$arpa" ] ; then
129 if [ "$privateip" = "ok" ] ; then
131 # This creates ARPA local zone privledges
132 echo " local-zone: \"$arpa.\" transparent"
133 echo " domain-insecure: \"$arpa\""
135 } >> $UNBOUND_CONFFILE
139 UNBOUND_TXT_FWD_ZONE="$UNBOUND_TXT_FWD_ZONE $arpa"
145 ##############################################################################
147 dnsmasq_forward_zone() {
148 if [ -n "$UNBOUND_N_FWD_PORTS" -a -n "$UNBOUND_TXT_FWD_ZONE" ] ; then
149 for fwd_domain in $UNBOUND_TXT_FWD_ZONE ; do
151 # This is derived of dnsmasq_local_zone/arpa
152 # but forward: clauses need to be seperate
154 echo " name: \"$fwd_domain.\""
156 for port in $UNBOUND_N_FWD_PORTS ; do
157 echo " forward-addr: 127.0.0.1@$port"
161 } >> $UNBOUND_CONFFILE
166 ##############################################################################
169 # Forward to dnsmasq on same host for DHCP lease hosts
170 echo " do-not-query-localhost: no" >> $UNBOUND_CONFFILE
171 # Look at dnsmasq settings
173 # Zone for DHCP / SLAAC-PING DOMAIN
174 config_foreach dnsmasq_local_zone dnsmasq
175 # Zone for DHCP / SLAAC-PING ARPA
176 config_foreach dnsmasq_local_arpa dhcp
177 # Now create ALL seperate forward: clauses
181 ##############################################################################