Skip to content

O
OpnSense
Commit 112cf5c7 authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

unbound doesn't know what unbound doesn't know.....

parent c86e7e06
Show whitespace changes
Inline Side-by-side
Showing with 39 additions and 4 deletions
src/opnsense/scripts/dns/unbound_dhcpd.py
View file @ 112cf5c7
...@@ -30,13 +30,40 @@ ...@@ -30,13 +30,40 @@
""" """
import os import os
import sys import sys
import signal
sys.path.insert(0, "/usr/local/site-python") sys.path.insert(0, "/usr/local/site-python")
import subprocess
import time import time
import tempfile
from daemonize import Daemonize from daemonize import Daemonize
import watchers.dhcpd import watchers.dhcpd
import params import params
def unbound_control(commands, output_stream=None):
""" execute (chrooted) unbound-control command
:param commands: command list (parameters)
:param output_stream: (optional)output stream
:return: None
"""
output_stream = open(os.devnull, 'w')
subprocess.check_call(['/usr/sbin/chroot', '-u', 'unbound', '-g' ,'unbound','/',
'/usr/local/sbin/unbound-control','-c', '/var/unbound/unbound.conf'] + commands,
stdout=output_stream, stderr=subprocess.STDOUT)
output_stream.seek(0)
def unbound_known_addresses():
""" fetch known addresses
:return: list
"""
result = list()
with tempfile.NamedTemporaryFile() as output_stream:
unbound_control(['list_local_data'], output_stream)
for line in output_stream.read().split('\n'):
parts = line.split()
if len(parts) > 4 and parts[3] == 'A':
result.append(parts[4])
return result
# parse input params # parse input params
app_params={'pid': '/var/run/unbound_dhcpd.pid', app_params={'pid': '/var/run/unbound_dhcpd.pid',
'domain': 'local', 'domain': 'local',
...@@ -51,6 +78,7 @@ def main(): ...@@ -51,6 +78,7 @@ def main():
# initiate lease watcher and setup cache # initiate lease watcher and setup cache
dhcpdleases = watchers.dhcpd.DHCPDLease() dhcpdleases = watchers.dhcpd.DHCPDLease()
cached_leases = dict() cached_leases = dict()
known_addresses = unbound_known_addresses()
# start watching dhcp leases # start watching dhcp leases
last_cleanup = time.time() last_cleanup = time.time()
...@@ -73,12 +101,19 @@ def main(): ...@@ -73,12 +101,19 @@ def main():
# dump dns output to target # dump dns output to target
with open(app_params['target'], 'w') as unbound_conf: with open(app_params['target'], 'w') as unbound_conf:
for address in cached_leases: for address in cached_leases:
unbound_conf.write('local-data-ptr: "%s %s.%s"\n' % (address,
cached_leases[address]['client-hostname'],
app_params['domain']))
unbound_conf.write('local-data: "%s.%s IN A %s"\n' % (cached_leases[address]['client-hostname'], unbound_conf.write('local-data: "%s.%s IN A %s"\n' % (cached_leases[address]['client-hostname'],
app_params['domain'], app_params['domain'],
address)) address))
unbound_conf.write("local-data-ptr: %s IN A %s.%s\n" % (address, # signal unbound
cached_leases[address]['client-hostname'], for address in cached_leases:
app_params['domain'])) if address not in known_addresses:
fqdn = '%s.%s' % (cached_leases[address]['client-hostname'], app_params['domain'])
unbound_control(['local_data', address, 'PTR', fqdn])
unbound_control(['local_data', fqdn, 'IN A', address])
known_addresses.append(address)
# wait for next cycle # wait for next cycle
time.sleep(1) time.sleep(1)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023