pfSense

well here is my first bit of php coding, so hopefully it is ok. It seems to do what I wanted it to do.

diff services_dnsmasq_domainoverride_edit.php.orig services_dnsmasq_domainoverride_edit.php
54c54,61
<        $pconfig['ip'] = $a_domainOverrides[$id]['ip'];
---
>        if (is_ipaddr($a_domainOverrides[$id]['ip']) && ($a_domainOverrides[$id]['ip'] != '#')) {
>               $pconfig['ip'] = $a_domainOverrides[$id]['ip'];
>        }
>        else {
>              $dnsmasqpieces = explode('@', $a_domainOverrides[$id]['ip'], 2);
>              $pconfig['ip'] = $dnsmasqpieces[0];
>              $pconfig['dnssrcip'] = $dnsmasqpieces[1];
>        }
73c80,83
<                $input_errors[] = gettext("A valid IP address must be specified, or # for an exclusion.");
---
>               $input_errors[] = gettext("A valid IP address must be specified, or # for an exclusion.");
>        }
>        if ($_POST['dnssrcip'] && !in_array($_POST['dnssrcip'], get_configured_ip_addresses())) {
>               $input_errors[] = gettext("An interface IP address must be specified for the DNS query source.");
78c88,91
<                       $doment['ip'] = $_POST['ip'];
---
>                       if (empty($_POST['dnssrcip']))
>                                 $doment['ip'] = $_POST['ip'];
>                       else
>                               $doment['ip'] = $_POST['ip'] . "@" . $_POST['dnssrcip'];
118a132,138
>                               <tr>
>                   <td width="22%" valign="top" class="vncellreq"><?=gettext("Source IP");?></td>
>                   <td width="78%" class="vtable">
>                     <?=$mandfldhtml;?><input name="dnssrcip" type="text" class="formfld unknown" id="dnssrcip" size="40" value="<?=htmlspecialchars($pconfig['dnssrcip']);?>">
>                     
 <span class="vexpl"><?=gettext("Source IP address for queries to the DNS server for the override domain."); ?>

>                     <?=gettext("Leave blank unless your DNS server is accessed through a VPN tunnel."); ?></span></td>
>                 </tr>

Looking for a dev response on this - has it been included into the latest nightlies? I need this functionality and rather than hacking about in my system I'll just upgrade from RC1 -> Nightly if it is included.

Chris,

this is only changing the testing of the IP address that takes place in the page. Its really only cosmetic. If you take the test for is_ipaddr out you can put an address in to the existing interface and it works.

I just added an extra box to make it a bit easier on the eyes.

Hugh

a feature freeze is a feature freeze, if we added every little thing that came along at RC stage we wouldn't put out a release in our lifetimes. Unintended consequences are prevalent with the most trivial seeming changes.

Chris Buechler wrote:

we've been feature frozen a while, this won't make it until 2.1. just add a static route as described in the FAQ.

Sorry to rock the boat, I completely forgot that RC normally = no more features. I hate Mondays.

I tried the static route option and it didn't work, at least not for dnsmasq trying to hit a remote server across the tunnel. This was back on 1.2.3 though... but I assume since Hugh made this patch the same bug was present anyway in 2.0.

I just munged my .php file by hand and that will work for me for now. :) Thanks for the patch, Hugh.

static routes work for dnsmasq and all other services in all versions.
http://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN%3F

Hugh, any chance you can provide the patch in the form of a unified diff or context diff please, and attach it instead of including it in a post? Those are normally the best practices when providing a patch.

I need it to be a context/unified diff because I cannot tell where the "Source IP" fields need to be inserted.

And I need it to be attached because I have reason to believe it got munged by the post formatting tool.