Project

General

Profile

« Previous | Next » 

Revision a771a6ae

Added by Warren Baker over 10 years ago

Add support for 0x20 DNS random bit support. Fixes #4205

View differences:

usr/local/www/services_unbound_advanced.php
3 3 
/*
4 4 
	services_unbound_advanced.php
5 5 
	part of the pfSense project (https://www.pfsense.org)
6 
	Copyright (C) 2011	Warren Baker (warren@pfsense.org)
6 
	Copyright (C) 2015	Warren Baker (warren@percol8.co.za)
7 7 
	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
8 8 
	All rights reserved.
9 9 

  		




  ......




  82
  82
  
    
	$pconfig['disable_auto_added_access_control'] = true;


  		




  83
  83
  
    
}


  		




  84
  84
  
    

  		




  
  85
  
    
if (isset($config['unbound']['use_caps'])) {


  		




  
  86
  
    
	$pconfig['use_caps'] = true;


  		




  
  87
  
    
}


  		




  
  88
  
    

  		




  85
  89
  
    
if ($_POST) {


  		




  86
  90
  
    
	unset($input_errors);


  		




  87
  91
  
    
	$pconfig = $_POST;


  		




  ......




  176
  180
  
    
		} else {


  		




  177
  181
  
    
			unset($config['unbound']['disable_auto_added_access_control']);


  		




  178
  182
  
    
		}


  		




  
  183
  
    
		if (isset($_POST['use_caps'])) {


  		




  
  184
  
    
			$config['unbound']['use_caps'] = true;


  		




  
  185
  
    
		} else {


  		




  
  186
  
    
			unset($config['unbound']['use_caps']);


  		




  
  187
  
    
		}


  		




  179
  188
  
    
		write_config("DNS Resolver configured.");


  		




  180
  189
  
    

  		




  181
  190
  
    
		mark_subsystem_dirty('unbound');


  		




  ......




  442
  451
  
    
									<?=gettext("Check this box to disable the automatically-added access control entries. By default, IPv4 and IPv6 networks residing on internal interfaces of this system are permitted. Allowed networks must be manually configured on the Access Lists tab if the auto-added entries are disabled.");?>


  		




  443
  452
  
    
								</td>


  		




  444
  453
  
    
							</tr>


  		




  
  454
  
    
							<tr>


  		




  
  455
  
    
								<td width="22%" valign="top" class="vncell"><?=gettext("Experimental Bit 0x20 Support");?></td>


  		




  
  456
  
    
								<td width="78%" class="vtable">


  		




  
  457
  
    
									<input name="use_caps" type="checkbox" id="use_caps" value="yes" <?php if (isset($pconfig['use_caps'])) echo "checked=\"checked\"";?> /> <br />


  		




  
  458
  
    
									<?=sprintf(gettext("Use 0x-20 encoded random bits in the DNS query to foil spoofing attempts. See the implementation %sdraft dns-0x20%s for more information."), "<a href='https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00'>", "</a>");?>


  		




  
  459
  
    
								</td>


  		




  
  460
  
    
							</tr>


  		




  445
  461
  
    
							<tr>


  		




  446
  462
  
    
								<td width="22%"></td>


  		




  447
  463
  
    
								<td width="78%">


  		












Also available in:  Unified diff