/src/usr/local/www/services_unbound.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/services_unbound.php @ c6c398c6

1	7ed0e844	Warren Baker	<?php
2			/*
3	c5d81585	Renato Botelho	* services_unbound.php
4	df6cb8fe	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	b8f91b7c	Luiz Souza	* Copyright (c) 2004-2018 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* Copyright (c) 2014 Warren Baker (warren@pfsense.org)
8			* All rights reserved.
9	df6cb8fe	Stephen Beaver	*
10	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
11			* you may not use this file except in compliance with the License.
12			* You may obtain a copy of the License at
13	df6cb8fe	Stephen Beaver	*
14	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
15	df6cb8fe	Stephen Beaver	*
16	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
17			* distributed under the License is distributed on an "AS IS" BASIS,
18			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19			* See the License for the specific language governing permissions and
20			* limitations under the License.
21	df6cb8fe	Stephen Beaver	*/
22	7ed0e844	Warren Baker
23			##\|+PRIV
24	0b8328c5	jim-p	##\|*IDENT=page-services-dnsresolver
25	5230f468	jim-p	##\|*NAME=Services: DNS Resolver
26	7ed0e844	Warren Baker	##\|*DESCR=Allow access to the 'Services: DNS Resolver' page.
27			##\|MATCH=services_unbound.php
28	9c8a7b13	Stephen Beaver	##\|-PRIV
29	7ed0e844	Warren Baker
30			require_once("guiconfig.inc");
31			require_once("unbound.inc");
32	c6d03f09	doktornotor	require_once("pfsense-utils.inc");
33	4dbcf2fb	Renato Botelho	require_once("system.inc");
34	7ed0e844	Warren Baker
35	c6c398c6	jim-p	init_config_arr(array('unbound', 'hosts'));
36			init_config_arr(array('unbound', 'domainoverrides'));
37			$a_unboundcfg = &$config['unbound'];
38			$a_hosts = &$a_unboundcfg['hosts'];
39	932711c7	Matt Smith	$a_domainOverrides = &$a_unboundcfg['domainoverrides'];
40	7ed0e844	Warren Baker
41	932711c7	Matt Smith	if (isset($a_unboundcfg['enable'])) {
42	fe9d4894	Renato Botelho	$pconfig['enable'] = true;
43	be11b6f1	Warren Baker	}
44	1fa69c27	jim-p	if (isset($a_unboundcfg['enablessl'])) {
45			$pconfig['enablessl'] = true;
46			}
47	932711c7	Matt Smith	if (isset($a_unboundcfg['dnssec'])) {
48	fe9d4894	Renato Botelho	$pconfig['dnssec'] = true;
49	be11b6f1	Warren Baker	}
50	932711c7	Matt Smith	if (isset($a_unboundcfg['forwarding'])) {
51	fe9d4894	Renato Botelho	$pconfig['forwarding'] = true;
52	be11b6f1	Warren Baker	}
53	cd738219	jim-p	if (isset($a_unboundcfg['forward_tls_upstream'])) {
54			$pconfig['forward_tls_upstream'] = true;
55			}
56	932711c7	Matt Smith	if (isset($a_unboundcfg['regdhcp'])) {
57	fe9d4894	Renato Botelho	$pconfig['regdhcp'] = true;
58	be11b6f1	Warren Baker	}
59	932711c7	Matt Smith	if (isset($a_unboundcfg['regdhcpstatic'])) {
60	fe9d4894	Renato Botelho	$pconfig['regdhcpstatic'] = true;
61	be11b6f1	Warren Baker	}
62	0cc17a06	Lorenz Schori	if (isset($a_unboundcfg['regovpnclients'])) {
63			$pconfig['regovpnclients'] = true;
64			}
65	615ae81f	Renato Botelho
66	932711c7	Matt Smith	$pconfig['port'] = $a_unboundcfg['port'];
67	1fa69c27	jim-p	$pconfig['sslport'] = $a_unboundcfg['sslport'];
68			$pconfig['sslcertref'] = $a_unboundcfg['sslcertref'];
69	932711c7	Matt Smith	$pconfig['custom_options'] = base64_decode($a_unboundcfg['custom_options']);
70	615ae81f	Renato Botelho
71	932711c7	Matt Smith	if (empty($a_unboundcfg['active_interface'])) {
72	2783e408	Renato Botelho	$pconfig['active_interface'] = array();
73	be11b6f1	Warren Baker	} else {
74	932711c7	Matt Smith	$pconfig['active_interface'] = explode(",", $a_unboundcfg['active_interface']);
75	be11b6f1	Warren Baker	}
76	51c224bc	sbeaver
77	932711c7	Matt Smith	if (empty($a_unboundcfg['outgoing_interface'])) {
78	2783e408	Renato Botelho	$pconfig['outgoing_interface'] = array();
79	be11b6f1	Warren Baker	} else {
80	932711c7	Matt Smith	$pconfig['outgoing_interface'] = explode(",", $a_unboundcfg['outgoing_interface']);
81	be11b6f1	Warren Baker	}
82	615ae81f	Renato Botelho
83	ca47c065	NOYB	if (empty($a_unboundcfg['system_domain_local_zone_type'])) {
84			$pconfig['system_domain_local_zone_type'] = "transparent";
85			} else {
86			$pconfig['system_domain_local_zone_type'] = $a_unboundcfg['system_domain_local_zone_type'];
87			}
88
89	c6c398c6	jim-p	init_config_arr(array('cert'));
90			$a_cert = &$config['cert'];
91	1fa69c27	jim-p	$certs_available = false;
92
93			if (is_array($a_cert) && count($a_cert)) {
94			$certs_available = true;
95			} else {
96			$a_cert = array();
97			}
98	13541a81	Steve Beaver
99			if ($_POST['apply']) {
100			$retval = 0;
101			$retval \|= services_unbound_configure();
102			if ($retval == 0) {
103			clear_subsystem_dirty('unbound');
104			}
105			/* Update resolv.conf in case the interface bindings exclude localhost. */
106			system_resolvconf_generate();
107			/* Start or restart dhcpleases when it's necessary */
108			system_dhcpleases_configure();
109			}
110
111			if ($_POST['save']) {
112			$pconfig = $_POST;
113			unset($input_errors);
114
115			if (isset($pconfig['enable']) && isset($config['dnsmasq']['enable'])) {
116			if ($pconfig['port'] == $config['dnsmasq']['port']) {
117			$input_errors[] = gettext("The DNS Forwarder is enabled using this port. Choose a non-conflicting port, or disable the DNS Forwarder.");
118	fe9d4894	Renato Botelho	}
119	13541a81	Steve Beaver	}
120	615ae81f	Renato Botelho
121	1fa69c27	jim-p	if (isset($pconfig['enablessl']) && (!$certs_available \|\| empty($pconfig['sslcertref']))) {
122			$input_errors[] = gettext("Acting as an SSL/TLS server requires a valid server certificate");
123			}
124
125	13541a81	Steve Beaver	// forwarding mode requires having valid DNS servers
126			if (isset($pconfig['forwarding'])) {
127			$founddns = false;
128			if (isset($config['system']['dnsallowoverride'])) {
129			$dns_servers = get_dns_servers();
130			if (is_array($dns_servers)) {
131			foreach ($dns_servers as $dns_server) {
132			if (!ip_in_subnet($dns_server, "127.0.0.0/8")) {
133	7b03ef63	Chris Buechler	$founddns = true;
134			}
135			}
136			}
137	13541a81	Steve Beaver	}
138			if (is_array($config['system']['dnsserver'])) {
139			foreach ($config['system']['dnsserver'] as $dnsserver) {
140			if (is_ipaddr($dnsserver)) {
141			$founddns = true;
142			}
143	7b03ef63	Chris Buechler	}
144			}
145	13541a81	Steve Beaver	if ($founddns == false) {
146			$input_errors[] = gettext("At least one DNS server must be specified under System > General Setup to enable Forwarding mode.");
147	fe9d4894	Renato Botelho	}
148	13541a81	Steve Beaver	}
149	7ed0e844	Warren Baker
150	13541a81	Steve Beaver	if (empty($pconfig['active_interface'])) {
151			$input_errors[] = gettext("One or more Network Interfaces must be selected for binding.");
152			} else if (!isset($config['system']['dnslocalhost']) && (!in_array("lo0", $pconfig['active_interface']) && !in_array("all", $pconfig['active_interface']))) {
153			$input_errors[] = gettext("This system is configured to use the DNS Resolver as its DNS server, so Localhost or All must be selected in Network Interfaces.");
154			}
155	7ed0e844	Warren Baker
156	13541a81	Steve Beaver	if (empty($pconfig['outgoing_interface'])) {
157			$input_errors[] = gettext("One or more Outgoing Network Interfaces must be selected.");
158			}
159	fff4a9d1	Warren Baker
160	13541a81	Steve Beaver	if ($pconfig['port'] && !is_port($pconfig['port'])) {
161			$input_errors[] = gettext("A valid port number must be specified.");
162			}
163	1fa69c27	jim-p	if ($pconfig['sslport'] && !is_port($pconfig['sslport'])) {
164			$input_errors[] = gettext("A valid SSL/TLS port number must be specified.");
165			}
166	7ed0e844	Warren Baker
167	13541a81	Steve Beaver	if (is_array($pconfig['active_interface']) && !empty($pconfig['active_interface'])) {
168			$display_active_interface = $pconfig['active_interface'];
169			$pconfig['active_interface'] = implode(",", $pconfig['active_interface']);
170			}
171	932711c7	Matt Smith
172	c6d03f09	doktornotor	if ((isset($pconfig['regdhcp']) \|\| isset($pconfig['regdhcpstatic'])) && !is_dhcp_server_enabled()) {
173			$input_errors[] = gettext("DHCP Server must be enabled for DHCP Registration to work in DNS Resolver.");
174			}
175
176	4541f84d	jim-p	if (($pconfig['system_domain_local_zone_type'] == "redirect") && isset($pconfig['regdhcp'])) {
177			$input_errors[] = gettext('A System Domain Local Zone Type of "redirect" is not compatible with dynamic DHCP Registration.');
178			}
179
180	13541a81	Steve Beaver	$display_custom_options = $pconfig['custom_options'];
181			$pconfig['custom_options'] = base64_encode(str_replace("\r\n", "\n", $pconfig['custom_options']));
182	188609c6	Warren Baker
183	13541a81	Steve Beaver	if (is_array($pconfig['outgoing_interface']) && !empty($pconfig['outgoing_interface'])) {
184			$display_outgoing_interface = $pconfig['outgoing_interface'];
185			$pconfig['outgoing_interface'] = implode(",", $pconfig['outgoing_interface']);
186			}
187	7ed0e844	Warren Baker
188	13541a81	Steve Beaver	$test_output = array();
189			if (test_unbound_config($pconfig, $test_output)) {
190			$input_errors[] = gettext("The generated config file cannot be parsed by unbound. Please correct the following errors:");
191			$input_errors = array_merge($input_errors, $test_output);
192			}
193	932711c7	Matt Smith
194	13541a81	Steve Beaver	if (!$input_errors) {
195			$a_unboundcfg['enable'] = isset($pconfig['enable']);
196	1fa69c27	jim-p	$a_unboundcfg['enablessl'] = isset($pconfig['enablessl']);
197	13541a81	Steve Beaver	$a_unboundcfg['port'] = $pconfig['port'];
198	1fa69c27	jim-p	$a_unboundcfg['sslport'] = $pconfig['sslport'];
199			$a_unboundcfg['sslcertref'] = $pconfig['sslcertref'];
200	13541a81	Steve Beaver	$a_unboundcfg['dnssec'] = isset($pconfig['dnssec']);
201			$a_unboundcfg['forwarding'] = isset($pconfig['forwarding']);
202	cd738219	jim-p	$a_unboundcfg['forward_tls_upstream'] = isset($pconfig['forward_tls_upstream']);
203	13541a81	Steve Beaver	$a_unboundcfg['regdhcp'] = isset($pconfig['regdhcp']);
204			$a_unboundcfg['regdhcpstatic'] = isset($pconfig['regdhcpstatic']);
205	0cc17a06	Lorenz Schori	$a_unboundcfg['regovpnclients'] = isset($pconfig['regovpnclients']);
206	13541a81	Steve Beaver	$a_unboundcfg['active_interface'] = $pconfig['active_interface'];
207			$a_unboundcfg['outgoing_interface'] = $pconfig['outgoing_interface'];
208			$a_unboundcfg['system_domain_local_zone_type'] = $pconfig['system_domain_local_zone_type'];
209			$a_unboundcfg['custom_options'] = $pconfig['custom_options'];
210
211			write_config(gettext("DNS Resolver configured."));
212			mark_subsystem_dirty('unbound');
213	2783e408	Renato Botelho	}
214	13541a81	Steve Beaver
215			$pconfig['active_interface'] = $display_active_interface;
216			$pconfig['outgoing_interface'] = $display_outgoing_interface;
217			$pconfig['custom_options'] = $display_custom_options;
218	7ed0e844	Warren Baker	}
219
220	13541a81	Steve Beaver
221	c154cd7d	NOYB	if ($pconfig['custom_options']) {
222			$customoptions = true;
223			} else {
224			$customoptions = false;
225			}
226
227	13541a81	Steve Beaver	if ($_POST['act'] == "del") {
228			if ($_POST['type'] == 'host') {
229			if ($a_hosts[$_POST['id']]) {
230			unset($a_hosts[$_POST['id']]);
231	18278432	doktornotor	write_config(gettext("Host override deleted from DNS Resolver."));
232	2783e408	Renato Botelho	mark_subsystem_dirty('unbound');
233			header("Location: services_unbound.php");
234			exit;
235			}
236	13541a81	Steve Beaver	} elseif ($_POST['type'] == 'doverride') {
237			if ($a_domainOverrides[$_POST['id']]) {
238			unset($a_domainOverrides[$_POST['id']]);
239	18278432	doktornotor	write_config(gettext("Domain override deleted from DNS Resolver."));
240	2783e408	Renato Botelho	mark_subsystem_dirty('unbound');
241			header("Location: services_unbound.php");
242			exit;
243			}
244			}
245	f2bc186f	Warren Baker	}
246
247	7aeae838	Matt Smith	function build_if_list($selectedifs) {
248	51c224bc	sbeaver	$interface_addresses = get_possible_listen_ips(true);
249			$iflist = array('options' => array(), 'selected' => array());
250
251	4bb7c0d1	bruno	$iflist['options']['all'] = gettext("All");
252	7aeae838	Matt Smith	if (empty($selectedifs) \|\| empty($selectedifs[0]) \|\| in_array("all", $selectedifs)) {
253	7275a7a2	Stephen Beaver	array_push($iflist['selected'], "all");
254	7aeae838	Matt Smith	}
255	51c224bc	sbeaver
256			foreach ($interface_addresses as $laddr => $ldescr) {
257			$iflist['options'][$laddr] = htmlspecialchars($ldescr);
258
259	20db3e1a	Phil Davis	if ($selectedifs && in_array($laddr, $selectedifs)) {
260	51c224bc	sbeaver	array_push($iflist['selected'], $laddr);
261	20db3e1a	Phil Davis	}
262	51c224bc	sbeaver	}
263
264			unset($interface_addresses);
265
266			return($iflist);
267			}
268
269	c8f6b745	k-paulius	$pgtitle = array(gettext("Services"), gettext("DNS Resolver"), gettext("General Settings"));
270	edcd7535	Phil Davis	$pglinks = array("", "@self", "@self");
271	db88a3a2	Phil Davis	$shortcut_section = "resolver";
272	7ed0e844	Warren Baker
273	51c224bc	sbeaver	include_once("head.inc");
274	7ed0e844	Warren Baker
275	20db3e1a	Phil Davis	if ($input_errors) {
276	51c224bc	sbeaver	print_input_errors($input_errors);
277	20db3e1a	Phil Davis	}
278	51c224bc	sbeaver
279	44c42356	Phil Davis	if ($_POST['apply']) {
280			print_apply_result_box($retval);
281	20db3e1a	Phil Davis	}
282	51c224bc	sbeaver
283	7aeae838	Matt Smith	if (is_subsystem_dirty('unbound')) {
284	359cc8d9	NOYB	print_apply_box(gettext("The DNS resolver configuration has been changed.") . "<br />" . gettext("The changes must be applied for them to take effect."));
285	7aeae838	Matt Smith	}
286
287	51c224bc	sbeaver	$tab_array = array();
288	c8f6b745	k-paulius	$tab_array[] = array(gettext("General Settings"), true, "services_unbound.php");
289			$tab_array[] = array(gettext("Advanced Settings"), false, "services_unbound_advanced.php");
290	51c224bc	sbeaver	$tab_array[] = array(gettext("Access Lists"), false, "/services_unbound_acls.php");
291			display_top_tabs($tab_array, true);
292
293			$form = new Form();
294
295			$section = new Form_Section('General DNS Resolver Options');
296
297			$section->addInput(new Form_Checkbox(
298			'enable',
299			'Enable',
300			'Enable DNS resolver',
301			$pconfig['enable']
302			));
303
304			$section->addInput(new Form_Input(
305			'port',
306			'Listen Port',
307	d5a9e030	NOYB	'number',
308	3e568739	NOYB	$pconfig['port'],
309			['placeholder' => '53']
310	51c224bc	sbeaver	))->setHelp('The port used for responding to DNS queries. It should normally be left blank unless another service needs to bind to TCP/UDP port 53.');
311
312	1fa69c27	jim-p	$section->addInput(new Form_Checkbox(
313			'enablessl',
314			'Enable SSL/TLS Service',
315			'Respond to incoming SSL/TLS queries from local clients',
316			$pconfig['enablessl']
317			))->setHelp('Configures the DNS Resolver to act as a DNS over SSL/TLS server which can answer queries from clients which also support DNS over TLS. ' .
318			'Activating this option disables automatic interface response routing behavior, thus it works best with specific interface bindings.' );
319
320			if ($certs_available) {
321			$values = array();
322			foreach ($a_cert as $cert) {
323			$values[ $cert['refid'] ] = $cert['descr'];
324			}
325
326			$section->addInput($input = new Form_Select(
327			'sslcertref',
328			'SSL/TLS Certificate',
329			$pconfig['sslcertref'],
330			$values
331			))->setHelp('The server certificate to use for SSL/TLS service. The CA chain will be determined automatically.');
332			} else {
333			$section->addInput(new Form_StaticText(
334			'SSL/TLS Certificate',
335			sprintf('No Certificates have been defined. A certificate is required before SSL/TLS can be enabled. %1$s Create or Import %2$s a Certificate.',
336			'<a href="system_certmanager.php">', '</a>')
337			));
338			}
339
340			$section->addInput(new Form_Input(
341			'sslport',
342			'SSL/TLS Listen Port',
343			'number',
344			$pconfig['sslport'],
345			['placeholder' => '853']
346			))->setHelp('The port used for responding to SSL/TLS DNS queries. It should normally be left blank unless another service needs to bind to TCP/UDP port 853.');
347
348	7aeae838	Matt Smith	$activeiflist = build_if_list($pconfig['active_interface']);
349	51c224bc	sbeaver
350			$section->addInput(new Form_Select(
351			'active_interface',
352	24b82516	Phil Davis	'*Network Interfaces',
353	7aeae838	Matt Smith	$activeiflist['selected'],
354			$activeiflist['options'],
355	51c224bc	sbeaver	true
356	57625777	PiBa-NL	))->addClass('general', 'resizable')->setHelp('Interface IPs used by the DNS Resolver for responding to queries from clients. If an interface has both IPv4 and IPv6 IPs, both are used. Queries to other interface IPs not selected below are discarded. ' .
357	51c224bc	sbeaver	'The default behavior is to respond to queries on every available IPv4 and IPv6 address.');
358
359	7aeae838	Matt Smith	$outiflist = build_if_list($pconfig['outgoing_interface']);
360
361	51c224bc	sbeaver	$section->addInput(new Form_Select(
362			'outgoing_interface',
363	24b82516	Phil Davis	'*Outgoing Network Interfaces',
364	7aeae838	Matt Smith	$outiflist['selected'],
365			$outiflist['options'],
366	51c224bc	sbeaver	true
367	57625777	PiBa-NL	))->addClass('general', 'resizable')->setHelp('Utilize different network interface(s) that the DNS Resolver will use to send queries to authoritative servers and receive their replies. By default all interfaces are used.');
368	51c224bc	sbeaver
369	ca47c065	NOYB	$section->addInput(new Form_Select(
370			'system_domain_local_zone_type',
371	24b82516	Phil Davis	'*System Domain Local Zone Type',
372	ca47c065	NOYB	$pconfig['system_domain_local_zone_type'],
373	9a83872f	NOYB	unbound_local_zone_types()
374	ca47c065	NOYB	))->setHelp('The local-zone type used for the pfSense system domain (System \| General Setup \| Domain). Transparent is the default. Local-Zone type descriptions are available in the unbound.conf(5) manual pages.');
375
376	51c224bc	sbeaver	$section->addInput(new Form_Checkbox(
377			'dnssec',
378			'DNSSEC',
379			'Enable DNSSEC Support',
380			$pconfig['dnssec']
381			));
382
383			$section->addInput(new Form_Checkbox(
384			'forwarding',
385			'DNS Query Forwarding',
386			'Enable Forwarding Mode',
387			$pconfig['forwarding']
388	d2a2f018	Steve Beaver	))->setHelp('If this option is set, DNS queries will be forwarded to the upstream DNS servers defined under'.
389	702fa4d0	Phil Davis	' %1$sSystem > General Setup%2$s or those obtained via DHCP/PPP on WAN'.
390	d2a2f018	Steve Beaver	' (if DNS Server Override is enabled there).','<a href="system.php">','</a>');
391	51c224bc	sbeaver
392	cd738219	jim-p	$section->addInput(new Form_Checkbox(
393			'forward_tls_upstream',
394			null,
395	1fa69c27	jim-p	'Use SSL/TLS for outgoing DNS Queries to Forwarding Servers',
396	cd738219	jim-p	$pconfig['forward_tls_upstream']
397			))->setHelp('When set in conjunction with DNS Query Forwarding, queries to all upstream forwarding DNS servers will be sent using SSL/TLS on the default port of 853. Note that ALL configured forwarding servers MUST support SSL/TLS queries on port 853.');
398
399	51c224bc	sbeaver	$section->addInput(new Form_Checkbox(
400			'regdhcp',
401			'DHCP Registration',
402			'Register DHCP leases in the DNS Resolver',
403			$pconfig['regdhcp']
404	ecf4b407	Isaac McDonald	))->setHelp('If this option is set, then machines that specify their hostname when requesting an IPv4 DHCP lease will be registered'.
405	e7d76457	Isaac McDonald	' in the DNS Resolver so that their name can be resolved.'.
406	d2a2f018	Steve Beaver	' The domain in %1$sSystem > General Setup%2$s should also be set to the proper value.','<a href="system.php">','</a>');
407	51c224bc	sbeaver
408			$section->addInput(new Form_Checkbox(
409			'regdhcpstatic',
410			'Static DHCP',
411			'Register DHCP static mappings in the DNS Resolver',
412			$pconfig['regdhcpstatic']
413	d2a2f018	Steve Beaver	))->setHelp('If this option is set, then DHCP static mappings will be registered in the DNS Resolver, so that their name can be resolved. '.
414			'The domain in %1$sSystem > General Setup%2$s should also be set to the proper value.','<a href="system.php">','</a>');
415	51c224bc	sbeaver
416	0cc17a06	Lorenz Schori	$section->addInput(new Form_Checkbox(
417			'regovpnclients',
418			'OpenVPN Clients',
419			'Register connected OpenVPN clients in the DNS Resolver',
420			$pconfig['regovpnclients']
421	48384795	Lorenz Schori	))->setHelp(sprintf('If this option is set, then the common name (CN) of connected OpenVPN clients will be registered in the DNS Resolver, so that their name can be resolved. This only works for OpenVPN servers (Remote Access SSL/TLS) operating in "tun" mode. '.
422	0cc17a06	Lorenz Schori	'The domain in %sSystem: General Setup%s should also be set to the proper value.','<a href="system.php">','</a>'));
423
424	2c95f1cd	Phil Davis	$btnadv = new Form_Button(
425			'btnadvcustom',
426	faab522f	Renato Botelho	'Custom options',
427	3314e626	jim-p	null,
428			'fa-cog'
429	51c224bc	sbeaver	);
430
431	49d3b157	NOYB	$btnadv->setAttribute('type','button')->addClass('btn-info btn-sm');
432	51c224bc	sbeaver
433			$section->addInput(new Form_StaticText(
434	2c95f1cd	Phil Davis	'Display Custom Options',
435			$btnadv
436	51c224bc	sbeaver	));
437
438	1fcfea39	Stephen Beaver	$section->addInput(new Form_Textarea (
439	51c224bc	sbeaver	'custom_options',
440			'Custom options',
441			$pconfig['custom_options']
442	e78ecb96	NOYB	))->setHelp('Enter any additional configuration parameters to add to the DNS Resolver configuration here, separated by a newline.');
443	51c224bc	sbeaver
444			$form->add($section);
445			print($form);
446			?>
447	932711c7	Matt Smith
448	8fd9052f	Colin Fleming	<script type="text/javascript">
449	51c224bc	sbeaver	//<![CDATA[
450	20db3e1a	Phil Davis	events.push(function() {
451	51c224bc	sbeaver
452	2c95f1cd	Phil Davis	// Show advanced custom options ==============================================
453			var showadvcustom = false;
454
455			function show_advcustom(ispageload) {
456			var text;
457			// On page load decide the initial state based on the data.
458			if (ispageload) {
459	28e3d579	NewEraCracker	showadvcustom = <?=($customoptions ? 'true' : 'false');?>;
460	2c95f1cd	Phil Davis	} else {
461			// It was a click, swap the state.
462			showadvcustom = !showadvcustom;
463			}
464
465			hideInput('custom_options', !showadvcustom);
466
467			if (showadvcustom) {
468			text = "<?=gettext('Hide Custom Options');?>";
469			} else {
470			text = "<?=gettext('Display Custom Options');?>";
471			}
472			$('#btnadvcustom').html('<i class="fa fa-cog"></i> ' + text);
473			}
474
475	d3a3eef0	Francisco Cavalcante	// If the enable checkbox is not checked, hide all inputs
476			function hideGeneral() {
477	51c224bc	sbeaver	var hide = ! $('#enable').prop('checked');
478
479	d3a3eef0	Francisco Cavalcante	hideMultiClass('general', hide);
480			hideInput('port', hide);
481			hideSelect('system_domain_local_zone_type', hide);
482			hideCheckbox('dnssec', hide);
483			hideCheckbox('forwarding', hide);
484			hideCheckbox('regdhcp', hide);
485			hideCheckbox('regdhcpstatic', hide);
486	0cc17a06	Lorenz Schori	hideCheckbox('regovpnclients', hide);
487	2c95f1cd	Phil Davis	hideInput('btnadvcustom', hide);
488			hideInput('custom_options', hide \|\| !showadvcustom);
489	51c224bc	sbeaver	}
490
491	2c95f1cd	Phil Davis	// Un-hide additional controls
492			$('#btnadvcustom').click(function(event) {
493			show_advcustom();
494	51c224bc	sbeaver	});
495
496	d3a3eef0	Francisco Cavalcante	// When 'enable' is clicked, disable/enable the following hide inputs
497	51c224bc	sbeaver	$('#enable').click(function() {
498	d3a3eef0	Francisco Cavalcante	hideGeneral();
499	51c224bc	sbeaver	});
500
501			// On initial load
502	20db3e1a	Phil Davis	if ($('#custom_options').val().length == 0) {
503	df6cb8fe	Stephen Beaver	hideInput('custom_options', true);
504			}
505
506	d3a3eef0	Francisco Cavalcante	hideGeneral();
507	2c95f1cd	Phil Davis	show_advcustom(true);
508	51c224bc	sbeaver
509			});
510			//]]>
511			</script>
512
513			<div class="panel panel-default">
514	f17594c7	Sjon Hortensius	<div class="panel-heading"><h2 class="panel-title"><?=gettext("Host Overrides")?></h2></div>
515	51c224bc	sbeaver	<div class="panel-body table-responsive">
516	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
517	51c224bc	sbeaver	<thead>
518	2783e408	Renato Botelho	<tr>
519	51c224bc	sbeaver	<th><?=gettext("Host")?></th>
520	eb267378	stilez	<th><?=gettext("Parent domain of host")?></th>
521	40e21a7f	stilez	<th><?=gettext("IP to return for host")?></th>
522	51c224bc	sbeaver	<th><?=gettext("Description")?></th>
523	21d973b2	Phil Davis	<th><?=gettext("Actions")?></th>
524	2783e408	Renato Botelho	</tr>
525	51c224bc	sbeaver	</thead>
526			<tbody>
527			<?php
528			$i = 0;
529			foreach ($a_hosts as $hostent):
530			?>
531	2783e408	Renato Botelho	<tr>
532	51c224bc	sbeaver	<td>
533	c8a7d17c	NOYB	<?=$hostent['host']?>
534	51c224bc	sbeaver	</td>
535			<td>
536	c8a7d17c	NOYB	<?=$hostent['domain']?>
537	51c224bc	sbeaver	</td>
538			<td>
539	de038a27	Stephen Beaver	<?=$hostent['ip']?>
540	51c224bc	sbeaver	</td>
541			<td>
542			<?=htmlspecialchars($hostent['descr'])?>
543			</td>
544			<td>
545	33f0b0d5	Stephen Beaver	<a class="fa fa-pencil" title="<?=gettext('Edit host override')?>" href="services_unbound_host_edit.php?id=<?=$i?>"></a>
546	13541a81	Steve Beaver	<a class="fa fa-trash" title="<?=gettext('Delete host override')?>" href="services_unbound.php?type=host&act=del&id=<?=$i?>" usepost></a>
547	51c224bc	sbeaver	</td>
548	2783e408	Renato Botelho	</tr>
549	51c224bc	sbeaver
550			<?php
551			if ($hostent['aliases']['item'] && is_array($hostent['aliases']['item'])):
552			foreach ($hostent['aliases']['item'] as $alias):
553			?>
554	2783e408	Renato Botelho	<tr>
555	51c224bc	sbeaver	<td>
556	c8a7d17c	NOYB	<?=$alias['host']?>
557	51c224bc	sbeaver	</td>
558			<td>
559	c8a7d17c	NOYB	<?=$alias['domain']?>
560	51c224bc	sbeaver	</td>
561			<td>
562	4bb7c0d1	bruno	<?=gettext("Alias for ");?><?=$hostent['host'] ? $hostent['host'] . '.' . $hostent['domain'] : $hostent['domain']?>
563	51c224bc	sbeaver	</td>
564			<td>
565	39bd0b51	Stephen Beaver	<i class="fa fa-angle-double-right text-info"></i>
566	51c224bc	sbeaver	<?=htmlspecialchars($alias['description'])?>
567			</td>
568			<td>
569	1c10ce97	PiBa-NL	<a class="fa fa-pencil" title="<?=gettext('Edit host override')?>" href="services_unbound_host_edit.php?id=<?=$i?>"></a>
570	51c224bc	sbeaver	</td>
571	2783e408	Renato Botelho	</tr>
572	51c224bc	sbeaver	<?php
573			endforeach;
574			endif;
575			$i++;
576			endforeach;
577			?>
578			</tbody>
579			</table>
580			</div>
581			</div>
582
583	de55303c	stilez	<span class="help-block">
584			Enter any individual hosts for which the resolver's standard DNS lookup process should be overridden and a specific
585	179377b0	robjarsen	IPv4 or IPv6 address should automatically be returned by the resolver. Standard and also non-standard names and parent domains
586			can be entered, such as 'test', 'mycompany.localdomain', '1.168.192.in-addr.arpa', or 'somesite.com'. Any lookup attempt for
587			the host will automatically return the given IP address, and the usual lookup server for the domain will not be queried for
588	b9304b9a	stilez	the host's records.
589	de55303c	stilez	</span>
590
591	c10cb196	Stephen Beaver	<nav class="action-buttons">
592	782922c2	Stephen Beaver	<a href="services_unbound_host_edit.php" class="btn btn-sm btn-success">
593	9d5a20cf	heper	<i class="fa fa-plus icon-embed-btn"></i>
594	782922c2	Stephen Beaver	<?=gettext('Add')?>
595			</a>
596	51c224bc	sbeaver	</nav>
597
598			<div class="panel panel-default">
599	f17594c7	Sjon Hortensius	<div class="panel-heading"><h2 class="panel-title"><?=gettext("Domain Overrides")?></h2></div>
600	51c224bc	sbeaver	<div class="panel-body table-responsive">
601	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
602	51c224bc	sbeaver	<thead>
603	2783e408	Renato Botelho	<tr>
604	51c224bc	sbeaver	<th><?=gettext("Domain")?></th>
605	b9304b9a	stilez	<th><?=gettext("Lookup Server IP Address")?></th>
606	51c224bc	sbeaver	<th><?=gettext("Description")?></th>
607	21d973b2	Phil Davis	<th><?=gettext("Actions")?></th>
608	2783e408	Renato Botelho	</tr>
609	51c224bc	sbeaver	</thead>
610
611			<tbody>
612			<?php
613			$i = 0;
614			foreach ($a_domainOverrides as $doment):
615			?>
616	2783e408	Renato Botelho	<tr>
617	51c224bc	sbeaver	<td>
618	c8a7d17c	NOYB	<?=$doment['domain']?>
619	51c224bc	sbeaver	</td>
620			<td>
621			<?=$doment['ip']?>
622			</td>
623			<td>
624			<?=htmlspecialchars($doment['descr'])?>
625			</td>
626			<td>
627	33f0b0d5	Stephen Beaver	<a class="fa fa-pencil" title="<?=gettext('Edit domain override')?>" href="services_unbound_domainoverride_edit.php?id=<?=$i?>"></a>
628	13541a81	Steve Beaver	<a class="fa fa-trash" title="<?=gettext('Delete domain override')?>" href="services_unbound.php?act=del&type=doverride&id=<?=$i?>" usepost></a>
629	51c224bc	sbeaver	</td>
630	2783e408	Renato Botelho	</tr>
631	51c224bc	sbeaver	<?php
632			$i++;
633			endforeach;
634			?>
635			</tbody>
636			</table>
637			</div>
638			</div>
639
640	1eb759ab	stilez	<span class="help-block">
641	179377b0	robjarsen	Enter any domains for which the resolver's standard DNS lookup process should be overridden and a different (non-standard)
642			lookup server should be queried instead. Non-standard, 'invalid' and local domains, and subdomains, can also be entered,
643			such as 'test', 'mycompany.localdomain', '1.168.192.in-addr.arpa', or 'somesite.com'. The IP address is treated as the
644	1eb759ab	stilez	authoritative lookup server for the domain (including all of its subdomains), and other lookup servers will not be queried.
645			</span>
646
647	c10cb196	Stephen Beaver	<nav class="action-buttons">
648	782922c2	Stephen Beaver	<a href="services_unbound_domainoverride_edit.php" class="btn btn-sm btn-success">
649	9d5a20cf	heper	<i class="fa fa-plus icon-embed-btn"></i>
650	782922c2	Stephen Beaver	<?=gettext('Add')?>
651			</a>
652	51c224bc	sbeaver	</nav>
653	782922c2	Stephen Beaver
654	35681930	Stephen Beaver	<div class="infoblock">
655	702fa4d0	Phil Davis	<?php print_info_box(sprintf(gettext('If the DNS Resolver is enabled, the DHCP'.
656			' service (if enabled) will automatically serve the LAN IP'.
657			' address as a DNS server to DHCP clients so they will use'.
658			' the DNS Resolver. If Forwarding is enabled, the DNS Resolver will use the DNS servers'.
659			' entered in %1$sSystem > General Setup%2$s'.
660			' or those obtained via DHCP or PPP on WAN if "Allow'.
661			' DNS server list to be overridden by DHCP/PPP on WAN"'.
662			' is checked.'), '<a href="system.php">', '</a>'), 'info', false); ?>
663	782922c2	Stephen Beaver	</div>
664	82afb104	Stephen Beaver
665	6f65dc19	Chris Buechler	<?php include("foot.inc");

Project

General

Profile

pfSense