|
1
|
<?php
|
|
2
|
/*
|
|
3
|
* services_dnsmasq.php
|
|
4
|
*
|
|
5
|
* part of pfSense (https://www.pfsense.org)
|
|
6
|
* Copyright (c) 2004-2013 BSD Perimeter
|
|
7
|
* Copyright (c) 2013-2016 Electric Sheep Fencing
|
|
8
|
* Copyright (c) 2014-2024 Rubicon Communications, LLC (Netgate)
|
|
9
|
* Copyright (c) 2003-2004 Bob Zoller <bob@kludgebox.com>
|
|
10
|
* All rights reserved.
|
|
11
|
*
|
|
12
|
* originally based on m0n0wall (http://m0n0.ch/wall)
|
|
13
|
* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
|
|
14
|
* All rights reserved.
|
|
15
|
*
|
|
16
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
17
|
* you may not use this file except in compliance with the License.
|
|
18
|
* You may obtain a copy of the License at
|
|
19
|
*
|
|
20
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
21
|
*
|
|
22
|
* Unless required by applicable law or agreed to in writing, software
|
|
23
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
24
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
25
|
* See the License for the specific language governing permissions and
|
|
26
|
* limitations under the License.
|
|
27
|
*/
|
|
28
|
|
|
29
|
##|+PRIV
|
|
30
|
##|*IDENT=page-services-dnsforwarder
|
|
31
|
##|*NAME=Services: DNS Forwarder
|
|
32
|
##|*DESCR=Allow access to the 'Services: DNS Forwarder' page.
|
|
33
|
##|*MATCH=services_dnsmasq.php*
|
|
34
|
##|-PRIV
|
|
35
|
|
|
36
|
require_once("guiconfig.inc");
|
|
37
|
require_once("services_dnsmasq.inc");
|
|
38
|
|
|
39
|
$retval = 0;
|
|
40
|
|
|
41
|
$rv = getDNSMasqConfig();
|
|
42
|
$pconfig = $rv['config'];
|
|
43
|
$a_hosts = $rv['hosts'];
|
|
44
|
$a_domainOverrides = $rv['domainoverrides'];
|
|
45
|
$iflist = $rv['iflist'];
|
|
46
|
|
|
47
|
if ($_POST['apply']) {
|
|
48
|
$retval = applyDNSMasqConfig();
|
|
49
|
} else if ($_POST['save']) {
|
|
50
|
$rv = saveDNSMasqConfig($_POST);
|
|
51
|
$pconfig = $rv['pconfig'];
|
|
52
|
$input_errors = $rv['input_errors'];
|
|
53
|
$iflist = $rv['iflist'];
|
|
54
|
} else if ($_POST['act'] == "del") {
|
|
55
|
deleteDNSMasqEntry($_POST);
|
|
56
|
}
|
|
57
|
|
|
58
|
$pgtitle = array(gettext("Services"), gettext("DNS Forwarder"));
|
|
59
|
$shortcut_section = "forwarder";
|
|
60
|
include("head.inc");
|
|
61
|
|
|
62
|
if ($input_errors) {
|
|
63
|
print_input_errors($input_errors);
|
|
64
|
}
|
|
65
|
|
|
66
|
if ($_POST['apply']) {
|
|
67
|
print_apply_result_box($retval);
|
|
68
|
}
|
|
69
|
|
|
70
|
if (is_subsystem_dirty('hosts')) {
|
|
71
|
print_apply_box(gettext("The DNS forwarder configuration has been changed.") . "<br />" . gettext("The changes must be applied for them to take effect."));
|
|
72
|
}
|
|
73
|
|
|
74
|
display_isc_warning();
|
|
75
|
|
|
76
|
$form = new Form();
|
|
77
|
|
|
78
|
$section = new Form_Section('General DNS Forwarder Options');
|
|
79
|
|
|
80
|
$section->addInput(new Form_Checkbox(
|
|
81
|
'enable',
|
|
82
|
'Enable',
|
|
83
|
'Enable DNS forwarder',
|
|
84
|
$pconfig['enable']
|
|
85
|
))->toggles('.toggle-dhcp', 'disable');
|
|
86
|
|
|
87
|
if (dhcp_is_backend('isc')):
|
|
88
|
$section->addInput(new Form_Checkbox(
|
|
89
|
'regdhcp',
|
|
90
|
'DHCP Registration',
|
|
91
|
'Register DHCP leases in DNS forwarder',
|
|
92
|
$pconfig['regdhcp']
|
|
93
|
))->setHelp('If this option is set machines that specify'.
|
|
94
|
' their hostname when requesting a DHCP lease will be registered'.
|
|
95
|
' in the DNS forwarder, so that their name can be resolved.'.
|
|
96
|
' The domain in %1$sSystem: General Setup%2$s should also'.
|
|
97
|
' be set to the proper value.', '<a href="system.php">', '</a>')
|
|
98
|
->addClass('toggle-dhcp');
|
|
99
|
|
|
100
|
$section->addInput(new Form_Checkbox(
|
|
101
|
'regdhcpstatic',
|
|
102
|
'Static DHCP',
|
|
103
|
'Register DHCP static mappings in DNS forwarder',
|
|
104
|
$pconfig['regdhcpstatic']
|
|
105
|
))->setHelp('If this option is set, IPv4 DHCP static mappings will '.
|
|
106
|
'be registered in the DNS forwarder so that their name can be '.
|
|
107
|
'resolved. The domain in %1$sSystem: General Setup%2$s should also '.
|
|
108
|
'be set to the proper value.', '<a href="system.php">', '</a>')
|
|
109
|
->addClass('toggle-dhcp');
|
|
110
|
|
|
111
|
$section->addInput(new Form_Checkbox(
|
|
112
|
'dhcpfirst',
|
|
113
|
'Prefer DHCP',
|
|
114
|
'Resolve DHCP mappings first',
|
|
115
|
$pconfig['dhcpfirst']
|
|
116
|
))->setHelp("If this option is set DHCP mappings will ".
|
|
117
|
"be resolved before the manual list of names below. This only ".
|
|
118
|
"affects the name given for a reverse lookup (PTR).")
|
|
119
|
->addClass('toggle-dhcp');
|
|
120
|
endif;
|
|
121
|
|
|
122
|
$section->addInput(new Form_Checkbox(
|
|
123
|
'no_system_dns',
|
|
124
|
'Ignore System DNS',
|
|
125
|
'Do not use system DNS servers',
|
|
126
|
$pconfig['no_system_dns']
|
|
127
|
))->setHelp('If this option is set the configured system DNS servers will be ignored '.
|
|
128
|
'and custom "server=" options must be used.')
|
|
129
|
->addClass('toggle-dhcp');
|
|
130
|
|
|
131
|
$group = new Form_Group('DNS Query Forwarding');
|
|
132
|
|
|
133
|
$group->add(new Form_Checkbox(
|
|
134
|
'strict_order',
|
|
135
|
'DNS Query Forwarding',
|
|
136
|
'Query DNS servers sequentially',
|
|
137
|
$pconfig['strict_order']
|
|
138
|
))->setHelp('If this option is set %1$s DNS Forwarder (dnsmasq) will '.
|
|
139
|
'query the DNS servers sequentially in the order specified (%2$sSystem - General Setup - DNS Servers%3$s), '.
|
|
140
|
'rather than all at once in parallel. ', g_get('product_label'), '<i>', '</i>');
|
|
141
|
|
|
142
|
$group->add(new Form_Checkbox(
|
|
143
|
'domain_needed',
|
|
144
|
null,
|
|
145
|
'Require domain',
|
|
146
|
$pconfig['domain_needed']
|
|
147
|
))->setHelp("If this option is set %s DNS Forwarder (dnsmasq) will ".
|
|
148
|
"not forward A or AAAA queries for plain names, without dots or domain parts, to upstream name servers. ".
|
|
149
|
"If the name is not known from /etc/hosts or DHCP then a \"not found\" answer is returned. ", g_get('product_label'));
|
|
150
|
|
|
151
|
$group->add(new Form_Checkbox(
|
|
152
|
'no_private_reverse',
|
|
153
|
null,
|
|
154
|
'Do not forward private reverse lookups',
|
|
155
|
$pconfig['no_private_reverse']
|
|
156
|
))->setHelp("If this option is set %s DNS Forwarder (dnsmasq) will ".
|
|
157
|
"not forward reverse DNS lookups (PTR) for private addresses (RFC 1918) to upstream name servers. ".
|
|
158
|
"Any entries in the Domain Overrides section forwarding private \"n.n.n.in-addr.arpa\" names to a specific server are still forwarded. ".
|
|
159
|
"If the IP to name is not known from /etc/hosts, DHCP or a specific domain override then a \"not found\" answer is immediately returned. ", g_get('product_label'));
|
|
160
|
|
|
161
|
$section->add($group);
|
|
162
|
|
|
163
|
$section->addInput(new Form_Input(
|
|
164
|
'port',
|
|
165
|
'Listen Port',
|
|
166
|
'number',
|
|
167
|
$pconfig['port'],
|
|
168
|
['placeholder' => '53']
|
|
169
|
))->setHelp('The port used for responding to DNS queries. It should normally be left blank unless another service needs to bind to TCP/UDP port 53.');
|
|
170
|
|
|
171
|
$section->addInput(new Form_Select(
|
|
172
|
'interface',
|
|
173
|
'*Interfaces',
|
|
174
|
$iflist['selected'],
|
|
175
|
$iflist['options'],
|
|
176
|
true
|
|
177
|
))->setHelp('Interface IPs used by the DNS Forwarder for responding to queries from clients. If an interface has both IPv4 and IPv6 IPs, ' .
|
|
178
|
'both are used. Queries to other interface IPs not selected above are discarded. ' .
|
|
179
|
'The default behavior is to respond to queries on every available IPv4 and IPv6 address.');
|
|
180
|
|
|
181
|
$section->addInput(new Form_Checkbox(
|
|
182
|
'strictbind',
|
|
183
|
'Strict binding',
|
|
184
|
'Strict interface binding',
|
|
185
|
$pconfig['strictbind']
|
|
186
|
))->setHelp('If this option is set, the DNS forwarder will only bind to the interfaces containing the IP addresses selected above, ' .
|
|
187
|
'rather than binding to all interfaces and discarding queries to other addresses.%1$s' .
|
|
188
|
'This option does NOT work with IPv6. If set, dnsmasq will not bind to IPv6 addresses.', '<br /><br />');
|
|
189
|
|
|
190
|
$section->addInput(new Form_Textarea(
|
|
191
|
'custom_options',
|
|
192
|
'Custom options',
|
|
193
|
$pconfig['custom_options']
|
|
194
|
))->setHelp('Enter any additional options to add to the dnsmasq configuration here, separated by a space or newline.')
|
|
195
|
->addClass('advanced');
|
|
196
|
|
|
197
|
$form->add($section);
|
|
198
|
print($form);
|
|
199
|
|
|
200
|
?>
|
|
201
|
<div class="panel panel-default">
|
|
202
|
<div class="panel-heading"><h2 class="panel-title"><?=gettext("Host Overrides")?></h2></div>
|
|
203
|
<div class="panel-body table-responsive">
|
|
204
|
<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
|
|
205
|
<thead>
|
|
206
|
<tr>
|
|
207
|
<th><?=gettext("Host")?></th>
|
|
208
|
<th><?=gettext("Domain")?></th>
|
|
209
|
<th><?=gettext("IP")?></th>
|
|
210
|
<th><?=gettext("Description")?></th>
|
|
211
|
<th><?=gettext("Actions")?></th>
|
|
212
|
</tr>
|
|
213
|
</thead>
|
|
214
|
<tbody>
|
|
215
|
<?php
|
|
216
|
foreach ($a_hosts as $i => $hostent):
|
|
217
|
?>
|
|
218
|
<tr>
|
|
219
|
<td>
|
|
220
|
<?=$hostent['host']?>
|
|
221
|
</td>
|
|
222
|
<td>
|
|
223
|
<?=$hostent['domain']?>
|
|
224
|
</td>
|
|
225
|
<td>
|
|
226
|
<?=$hostent['ip']?>
|
|
227
|
</td>
|
|
228
|
<td>
|
|
229
|
<?=htmlspecialchars($hostent['descr'])?>
|
|
230
|
</td>
|
|
231
|
<td>
|
|
232
|
<a class="fa-solid fa-pencil" title="<?=gettext('Edit host override')?>" href="services_dnsmasq_edit.php?id=<?=$hostent['idx']?>"></a>
|
|
233
|
<a class="fa-solid fa-trash-can" title="<?=gettext('Delete host override')?>" href="services_dnsmasq.php?type=host&act=del&id=<?=$hostent['idx']?>" usepost></a>
|
|
234
|
</td>
|
|
235
|
</tr>
|
|
236
|
|
|
237
|
<?php
|
|
238
|
foreach (array_get_path($hostent, 'aliases/item', []) as $alias):
|
|
239
|
?>
|
|
240
|
<tr>
|
|
241
|
<td>
|
|
242
|
<?=$alias['host']?>
|
|
243
|
</td>
|
|
244
|
<td>
|
|
245
|
<?=$alias['domain']?>
|
|
246
|
</td>
|
|
247
|
<td>
|
|
248
|
<?=gettext("Alias for ");?><?=$hostent['host'] ? $hostent['host'] . '.' . $hostent['domain'] : $hostent['domain']?>
|
|
249
|
</td>
|
|
250
|
<td>
|
|
251
|
<i class="fa-solid fa-angle-double-right text-info"></i>
|
|
252
|
<?=htmlspecialchars($alias['description'])?>
|
|
253
|
</td>
|
|
254
|
<td>
|
|
255
|
<a class="fa-solid fa-pencil" title="<?=gettext('Edit host override')?>" href="services_dnsmasq_edit.php?id=<?=$i?>"></a>
|
|
256
|
</td>
|
|
257
|
</tr>
|
|
258
|
<?php
|
|
259
|
endforeach;
|
|
260
|
endforeach;
|
|
261
|
?>
|
|
262
|
</tbody>
|
|
263
|
</table>
|
|
264
|
</div>
|
|
265
|
</div>
|
|
266
|
|
|
267
|
<nav class="action-buttons">
|
|
268
|
<a href="services_dnsmasq_edit.php" class="btn btn-sm btn-success btn-sm">
|
|
269
|
<i class="fa-solid fa-plus icon-embed-btn"></i>
|
|
270
|
<?=gettext('Add')?>
|
|
271
|
</a>
|
|
272
|
</nav>
|
|
273
|
|
|
274
|
<div class="panel panel-default">
|
|
275
|
<div class="panel-heading"><h2 class="panel-title"><?=gettext("Domain Overrides")?></h2></div>
|
|
276
|
<div class="panel-body table-responsive">
|
|
277
|
<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
|
|
278
|
<thead>
|
|
279
|
<tr>
|
|
280
|
<th><?=gettext("Domain")?></th>
|
|
281
|
<th><?=gettext("IP")?></th>
|
|
282
|
<th><?=gettext("Description")?></th>
|
|
283
|
<th><?=gettext("Actions")?></th>
|
|
284
|
</tr>
|
|
285
|
</thead>
|
|
286
|
|
|
287
|
<tbody>
|
|
288
|
<?php
|
|
289
|
foreach ($a_domainOverrides as $doment):
|
|
290
|
?>
|
|
291
|
<tr>
|
|
292
|
<td>
|
|
293
|
<?=$doment['domain']?>
|
|
294
|
</td>
|
|
295
|
<td>
|
|
296
|
<?=$doment['ip']?>
|
|
297
|
</td>
|
|
298
|
<td>
|
|
299
|
<?=htmlspecialchars($doment['descr'])?>
|
|
300
|
</td>
|
|
301
|
<td>
|
|
302
|
<a class="fa-solid fa-pencil" title="<?=gettext('Edit domain override')?>" href="services_dnsmasq_domainoverride_edit.php?id=<?=$doment['idx']?>"></a>
|
|
303
|
<a class="fa-solid fa-trash-can" title="<?=gettext('Delete domain override')?>" href="services_dnsmasq.php?act=del&type=doverride&id=<?=$doment['idx']?>" usepost></a>
|
|
304
|
</td>
|
|
305
|
</tr>
|
|
306
|
<?php
|
|
307
|
endforeach;
|
|
308
|
?>
|
|
309
|
</tbody>
|
|
310
|
</table>
|
|
311
|
</div>
|
|
312
|
</div>
|
|
313
|
|
|
314
|
<nav class="action-buttons">
|
|
315
|
<a href="services_dnsmasq_domainoverride_edit.php" class="btn btn-sm btn-success btn-sm">
|
|
316
|
<i class="fa-solid fa-plus icon-embed-btn"></i>
|
|
317
|
<?=gettext('Add')?>
|
|
318
|
</a>
|
|
319
|
</nav>
|
|
320
|
<div class="infoblock">
|
|
321
|
<?php
|
|
322
|
print_info_box(
|
|
323
|
'<p>' .
|
|
324
|
gettext('If the DNS forwarder is enabled, the DHCP service (if enabled) will automatically' .
|
|
325
|
' serve the LAN IP address as a DNS server to DHCP clients so they will use the forwarder.') . '</p><p>' .
|
|
326
|
sprintf(gettext('The DNS forwarder will use the DNS servers entered in %1$sSystem > General Setup%2$s or' .
|
|
327
|
' those obtained via DHCP or PPP on WAN if "Allow DNS server list to be overridden by DHCP/PPP on WAN" is checked.' .
|
|
328
|
' If that option is not used (or if a static IP address is used on WAN),' .
|
|
329
|
' at least one DNS server must be manually specified on the %1$sSystem > General Setup%2$s page.'),
|
|
330
|
'<a href="system.php">',
|
|
331
|
'</a>') .
|
|
332
|
'</p>',
|
|
333
|
'info',
|
|
334
|
false
|
|
335
|
);
|
|
336
|
?>
|
|
337
|
</div>
|
|
338
|
|
|
339
|
<?php
|
|
340
|
include("foot.inc");
|