Commit f5839826 authored by Franco Fichtner's avatar Franco Fichtner

services: refactor lease handling, unbound hosts

(cherry picked from commit 835ad1b7)
(cherry picked from commit 49e364be)
(cherry picked from commit 0dca6edd)
(cherry picked from commit 63e1ff58)
parent cccba481
......@@ -2957,6 +2957,7 @@ function interface_configure($interface = 'wan', $reloadall = false, $linkupeven
if ($interface == 'lan') {
/* make new hosts file */
system_hosts_generate();
services_dhcpleases_configure();
}
if ($reloadall == true) {
......
......@@ -386,6 +386,31 @@ function services_dhcpdv6_leasesfile()
return "{$g['dhcpd_chroot_path']}/var/db/dhcpd6.leases";
}
function services_dhcpleases_configure()
{
global $config, $g;
killbypid('/var/run/dhcpleases.pid', 'TERM', true);
if (isset($config['dnsmasq']['enable']) && isset($config['dnsmasq']['regdhcp'])) {
mwexec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/db");
touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
if (isvalidpid('/var/run/dhcpleases.pid')) {
killbypid('/var/run/dhcpleases.pid', 'HUP');
} else {
mwexecf(
'/usr/local/sbin/dhcpleases -l %s -d %s -p %s -h %s',
array(
"{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases",
$config['system']['domain'],
'/var/run/dnsmasq.pid',
'/etc/hosts'
)
);
}
}
}
function services_dhcpd_configure($family = 'all', $blacklist = array())
{
global $g;
......@@ -1081,8 +1106,8 @@ function services_dhcpdv6_configure($blacklist = array())
global $config, $g;
/* kill any running dhcpd */
killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid");
killbypid('/var/run/dhcpleases6.pid');
killbypid("{$g['dhcpd_chroot_path']}/var/run/dhcpdv6.pid", 'TERM', true);
killbypid('/var/run/dhcpleases6.pid', 'TERM', true);
/* DHCP enabled on any interfaces? */
if (!is_dhcpv6_server_enabled()) {
......@@ -1966,7 +1991,7 @@ function services_dnsmasq_configure($dhcp_reload = true)
/* run dnsmasq */
$cmd = "/usr/local/sbin/dnsmasq --all-servers {$dns_rebind} {$args}";
mwexec_bg($cmd);
system_dhcpleases_configure();
services_dhcpleases_configure();
unset($args);
if (file_exists("/var/run/booting")) {
......@@ -1978,7 +2003,7 @@ function services_dnsmasq_configure($dhcp_reload = true)
* XXX this is overly convoluted, potentiall
* restarting all of dhcp up to three times ;)
*/
if (!file_exists("/var/run/booting") && $dhcp_reload) {
if ($dhcp_reload) {
services_dhcpd_configure();
}
}
......@@ -1995,7 +2020,6 @@ function services_unbound_configure($dhcp_reload = true)
}
sync_unbound_service();
system_dhcpleases_configure();
if (file_exists("/var/run/booting")) {
echo gettext("done.") . "\n";
......@@ -2006,7 +2030,7 @@ function services_unbound_configure($dhcp_reload = true)
* XXX this is overly convoluted, potentially
* restarting all of dhcp up to three times ;)
*/
if (!file_exists("/var/run/booting") && $dhcp_reload) {
if ($dhcp_reload) {
services_dhcpd_configure();
}
}
......
......@@ -414,7 +414,7 @@ function system_hosts_generate()
* Do not remove this because dhcpleases monitors with kqueue
* it needs to be * killed before writing to hosts files.
*/
killbypid('/var/run/dhcpleases.pid');
killbypid('/var/run/dhcpleases.pid', 'TERM', true);
$fd = fopen('/etc/hosts', 'w');
if (!$fd) {
......@@ -428,48 +428,9 @@ function system_hosts_generate()
unbound_hosts_generate();
}
system_dhcpleases_configure();
return 0;
}
function system_dhcpleases_configure()
{
global $config, $g;
/* Start the monitoring process for dynamic dhcpclients. */
if (isset($config['dnsmasq']['enable']) && isset($config['dnsmasq']['regdhcp'])) {
/* Make sure we do not error out */
mwexec("/bin/mkdir -p {$g['dhcpd_chroot_path']}/var/db");
if (!file_exists("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases")) {
@touch("{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases");
}
if (isvalidpid('/var/run/dhcpleases.pid')) {
killbypid('/var/run/dhcpleases.pid', 'HUP');
} else {
/* To ensure we do not start multiple instances of dhcpleases, perform some clean-up first. */
killbyname('dhcpleases');
@unlink('/var/run/dhcpleases.pid');
if (isset($config['unbound']['enable'])) {
$dns_pid = 'unbound.pid';
} else {
$dns_pid = 'dnsmasq.pid';
}
mwexecf(
'/usr/local/sbin/dhcpleases -l %s -d %s -p %s -h %s',
array(
"{$g['dhcpd_chroot_path']}/var/db/dhcpd.leases",
$config['system']['domain'],
"/var/run/{$dns_pid}",
'/etc/hosts'
)
);
}
} else {
killbypid('/var/run/dhcpleases.pid');
}
}
function system_hostname_configure()
{
global $config;
......@@ -1811,7 +1772,7 @@ function system_arp_wrong_if()
));
}
function get_possible_listen_ips($include_ipv6_link_local=false) {
function get_possible_listen_ips($include_ipv6_link_local = false, $include_loopback = true) {
$interfaces = get_configured_interface_with_descr();
$carplist = get_configured_carp_interface_list();
$listenips = array();
......@@ -1835,9 +1796,11 @@ function get_possible_listen_ips($include_ipv6_link_local=false) {
}
}
}
if ($include_loopback) {
$tmp["name"] = "Localhost";
$tmp["value"] = "lo0";
$listenips[] = $tmp;
}
return $listenips;
}
......
......@@ -519,31 +519,29 @@ function unbound_add_domain_overrides($pvt=false) {
}
}
function unbound_add_host_entries() {
function unbound_add_host_entries()
{
global $config, $g;
$unbound_entries = "local-zone: \"{$config['system']['domain']}\" transparent\n";
// IPv4 entries
$unbound_entries .= "local-data-ptr: \"127.0.0.1 localhost\"\n";
$unbound_entries .= "local-data: \"localhost A 127.0.0.1\"\n";
$unbound_entries .= "local-data: \"localhost.{$config['system']['domain']} A 127.0.0.1\"\n";
// IPv6 entries
$unbound_entries .= "local-data-ptr: \"::1 localhost\"\n";
$unbound_entries .= "local-data: \"localhost AAAA ::1\"\n";
$unbound_entries .= "local-data: \"localhost.{$config['system']['domain']} AAAA ::1\"\n";
$listen_addresses = "";
if (isset($config['unbound']['interface'])) {
$interfaces = explode(",", $config['unbound']['interface']);
foreach ($interfaces as $interface) {
if (is_ipaddrv4($interface)) {
$unbound_entries .= "local-data-ptr: \"{$interface} {$config['system']['hostname']}.{$config['system']['domain']}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} A {$interface}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']} A {$interface}\"\n";
} else if (is_ipaddrv6($interface)) {
$unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} AAAA {$interface}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$interface}\"\n";
if (!empty($config['unbound']['active_interface'])) {
$interfaces = explode(",", $config['unbound']['active_interface']);
} else {
$interfaces = get_configured_interface_list();
}
foreach ($interfaces as $interface) {
$if = get_real_interface($interface);
if (does_interface_exist($if)) {
$laddr = find_interface_ip($if);
......@@ -553,12 +551,15 @@ function unbound_add_host_entries() {
$unbound_entries .= "local-data: \"{$config['system']['hostname']} A {$laddr}\"\n";
}
$laddr6 = find_interface_ipv6($if);
if (is_ipaddrv6($laddr6) && !isset($config['dnsmasq']['strictbind'])) {
if (is_ipaddrv6($laddr6)) {
$unbound_entries .= "local-data-ptr: \"{$laddr6} {$config['system']['hostname']}.{$config['system']['domain']}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} AAAA {$laddr}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$laddr}\"\n";
}
$unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} AAAA {$laddr6}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$laddr6}\"\n";
}
$lladdr6 = find_interface_ipv6_ll($if);
if (is_ipaddrv6($lladdr6)) {
$unbound_entries .= "local-data: \"{$config['system']['hostname']}.{$config['system']['domain']} AAAA {$lladdr6}\"\n";
$unbound_entries .= "local-data: \"{$config['system']['hostname']} AAAA {$lladdr6}\"\n";
}
}
}
......
......@@ -134,20 +134,14 @@ function filter_configure_xmlrpc()
filter_configure();
system_routing_configure();
setup_gateways_monitor();
relayd_configure();
openvpn_resync_all();
if (isset($config['dnsmasq']['enable'])) {
services_dnsmasq_configure();
} elseif (isset($config['unbound']['enable'])) {
services_unbound_configure();
} else {
# Both calls above run services_dhcpd_configure(), then we just
# need to call it when them are not called to avoid restart dhcpd
# twice, as described on ticket #3797
services_dhcpd_configure();
}
system_hosts_generate();
services_dhcpleases_configure();
local_sync_accounts();
services_dnsmasq_configure(false);
services_unbound_configure(false);
services_dhcpd_configure();
relayd_configure();
openvpn_resync_all();
return true;
}
......
......@@ -125,7 +125,6 @@ require_once("interfaces.inc");
echo ".";
require_once("services.inc");
echo ".";
echo ".";
require_once("system.inc");
echo ".";
require_once("unbound.inc");
......@@ -265,10 +264,10 @@ system_routing_configure();
system_routing_enable();
/* start dnsmasq service */
services_dnsmasq_configure();
services_dnsmasq_configure(false);
/* start unbound service */
services_unbound_configure();
services_unbound_configure(false);
/* Do an initial time sync */
echo "Starting NTP time client...";
......@@ -282,7 +281,7 @@ relayd_configure();
services_dhcpd_configure();
/* start dhcpleases dhpcp hosts leases program */
system_dhcpleases_configure();
services_dhcpleases_configure();
/* start DHCP relay */
services_dhcrelay_configure();
......
......@@ -141,6 +141,7 @@ if (!empty($bridgetmp)) {
/* make new hosts file */
system_hosts_generate();
services_dhcpleases_configure();
/* check tunneled IPv6 interface tracking */
if (isset($config['interfaces'][$interface]['ipaddrv6'])) {
......
......@@ -49,6 +49,7 @@ system_timezone_configure();
system_firmware_configure();
system_hostname_configure();
system_hosts_generate();
services_dhcpleases_configure();
system_resolvconf_generate();
system_routing_enable();
interfaces_configure();
......
......@@ -110,17 +110,16 @@ function reconfigure_dhcpd()
killbyname("dhcpd");
dhcp_clean_leases();
system_hosts_generate();
/* dnsmasq_configure calls dhcpd_configure */
/* no need to restart dhcpd twice */
services_dhcpleases_configure();
if (isset($config['dnsmasq']['enable']) && isset($config['dnsmasq']['regdhcpstatic'])) {
services_dnsmasq_configure();
services_dnsmasq_configure(false);
clear_subsystem_dirty('hosts');
} elseif (isset($config['unbound']['enable']) && isset($config['unbound']['regdhcpstatic'])) {
services_unbound_configure();
}
if (isset($config['unbound']['enable']) && isset($config['unbound']['regdhcpstatic'])) {
services_unbound_configure(false);
clear_subsystem_dirty('unbound');
} else {
services_dhcpd_configure();
}
services_dhcpd_configure();
clear_subsystem_dirty('staticmaps');
}
......
......@@ -118,6 +118,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
/* Update resolv.conf in case the interface bindings exclude localhost. */
system_resolvconf_generate();
system_hosts_generate();
services_dhcpleases_configure();
services_dnsmasq_configure();
clear_subsystem_dirty('hosts');
header("Location: services_dnsmasq.php");
......
......@@ -172,10 +172,8 @@ include_once("head.inc");
<select name="active_interface[]" multiple="multiple" size="3" class="selectpicker" data-live-search="true">
<option value="" <?=empty($pconfig['active_interface'][0]) ? 'selected="selected"' : ""; ?>><?=gettext("All");?></option>
<?php
foreach (get_possible_listen_ips(true) as $laddr):?>
<option value="<?=$laddr['value'];?>" <?=in_array($laddr['value'], $pconfig['active_interface']) ? 'selected="selected"' : "";?>>
<?=htmlspecialchars($laddr['name']);?>
</option>
foreach (get_possible_listen_ips(false, false) as $laddr):?>
<option value="<?=$laddr['value'];?>" <?=in_array($laddr['value'], $pconfig['active_interface']) ? 'selected="selected"' : "";?>><?=htmlspecialchars($laddr['name']);?></option>
<?php
endforeach; ?>
</select>
......@@ -192,10 +190,13 @@ include_once("head.inc");
</td>
</tr>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("DNS Query Forwarding");?></td>
<td><a id="help_for_forwarding" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS Query Forwarding");?></td>
<td>
<input name="forwarding" type="checkbox" value="yes" <?=!empty($pconfig['forwarding']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Enable Forwarding Mode");?></strong>
<div class="hidden" for="help_for_forwarding">
<?= gettext('The configured system nameservers will be used to forward queries to.') ?>
</div>
</td>
</tr>
<tr>
......
......@@ -232,13 +232,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
system_console_configure();
system_hosts_generate();
// Restart DNS in case dns rebinding toggled
if (isset($config['dnsmasq']['enable'])) {
services_dnsmasq_configure();
} elseif (isset($config['unbound']['enable'])) {
services_unbound_configure();
}
services_dhcpleases_configure();
services_dnsmasq_configure(false);
services_unbound_configure(false);
services_dhcpd_configure();
if ($restart_sshd) {
configd_run('sshd restart', true);
......
......@@ -238,9 +238,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
prefer_ipv4_or_ipv6();
system_hostname_configure();
system_hosts_generate();
services_dhcpleases_configure();
system_resolvconf_generate();
services_dnsmasq_configure();
services_unbound_configure();
services_dnsmasq_configure(false);
services_unbound_configure(false);
services_dhcpd_configure();
system_timezone_configure();
if ($olddnsallowoverride != $config['system']['dnsallowoverride']) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment