lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 08:34:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

dns: rework log files, split ACLs #1491

Browse Source
This commit is contained in:
Franco Fichtner 2017-06-07 16:49:21 +02:00
parent a7825a608e
commit 62bb0ae8cc
9 changed files with 104 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plist
View File

@ -454,6 +454,7 @@
/usr/local/opnsense/mvc/app/models/OPNsense/Diagnostics/Migrations/M1_0_0.php
/usr/local/opnsense/mvc/app/models/OPNsense/Diagnostics/Netflow.php
/usr/local/opnsense/mvc/app/models/OPNsense/Diagnostics/Netflow.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Dnsmasq/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Dnsmasq/Menu/Menu.xml
/usr/local/opnsense/mvc/app/models/OPNsense/DynamicDNS/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/DynamicDNS/Menu/Menu.xml
@ -476,6 +477,7 @@
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/Migrations/M1_0_0.php
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/TrafficShaper.php
/usr/local/opnsense/mvc/app/models/OPNsense/TrafficShaper/TrafficShaper.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Unbound/ACL/ACL.xml
/usr/local/opnsense/mvc/app/models/OPNsense/Unbound/Menu/Menu.xml
/usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/clients.volt
/usr/local/opnsense/mvc/app/views/OPNsense/CaptivePortal/index.volt
@ -974,6 +976,7 @@
/usr/local/www/diag_logs_auth.php
/usr/local/www/diag_logs_common.inc
/usr/local/www/diag_logs_dhcp.php
/usr/local/www/diag_logs_dnsmasq.php
/usr/local/www/diag_logs_filter.php
/usr/local/www/diag_logs_filter_dynamic.php
/usr/local/www/diag_logs_filter_plain.php

9
src/etc/inc/plugins.inc.d/dnsmasq.inc
View File

@ -63,6 +63,15 @@ function dnsmasq_services()
return $services;
}
function dnsmasq_syslog()
{
$logfacilities = array();
$logfacilities['dnsmasq'] = array('facility' => array('dnsmasq'), 'remote' => 'dns');
return $logfacilities;
}
function dnsmasq_xmlrpc_sync()
{
$result = array();

2
src/etc/inc/system.inc
View File

@ -798,7 +798,7 @@ function system_syslogd_start($verbose = false)
$syslogconfs['gateways'] = array('facility' => array('apinger'), 'remote' => 'apinger');
$syslogconfs['portalauth'] = array('facility' => array('captiveportal'), 'remote' => 'portalauth');
$syslogconfs['ppps'] = array('facility' => array('ppp'));
$syslogconfs['resolver'] = array('facility' => array('dnsmasq', 'filterdns', 'unbound'));
$syslogconfs['resolver'] = array('facility' => array('filterdns', 'unbound'), 'remote' => 'dns');
$syslogconfs['routing'] = array('facility' => array('radvd', 'routed', 'rtsold', 'olsrd', 'zebra', 'ospfd', 'bgpd', 'miniupnpd'));
$syslogconfs['wireless'] = array('facility' => array('hostapd'), 'remote' => 'hostapd');

60
src/opnsense/mvc/app/models/OPNsense/Core/ACL/ACL.xml
View File

@ -106,12 +106,6 @@
<pattern>diag_logs_gateways.php*</pattern>
</patterns>
</page-diagnostics-logs-gateways>
<page-diagnostics-logs-resolver>
<name>Diagnostics: Logs: Resolver</name>
<patterns>
<pattern>diag_logs_resolver.php*</pattern>
</patterns>
</page-diagnostics-logs-resolver>
<page-diagnostics-logs-settings>
<name>Diagnostics: Logs: Settings</name>
<patterns>
@ -497,60 +491,6 @@
<pattern>services_opendns.php*</pattern>
</patterns>
</page-services-opendns>
<page-services-dnsforwarder>
<name>Services: DNS Forwarder</name>
<patterns>
<pattern>services_dnsmasq.php*</pattern>
</patterns>
</page-services-dnsforwarder>
<page-services-dnsforwarder-editdomainoverride>
<name>Services: DNS Forwarder: Edit Domain Override</name>
<patterns>
<pattern>services_dnsmasq_domainoverride_edit.php*</pattern>
</patterns>
</page-services-dnsforwarder-editdomainoverride>
<page-services-dnsforwarder-edithost>
<name>Services: DNS Forwarder: Edit host</name>
<patterns>
<pattern>services_dnsmasq_edit.php*</pattern>
</patterns>
</page-services-dnsforwarder-edithost>
<page-services-dnsresolver>
<name>Services: DNS Resolver</name>
<patterns>
<pattern>services_unbound.php*</pattern>
</patterns>
</page-services-dnsresolver>
<page-services-dnsresolver-acls>
<name>Services: DNS Resolver: Access Lists</name>
<patterns>
<pattern>services_unbound_acls.php*</pattern>
</patterns>
</page-services-dnsresolver-acls>
<page-services-dnsresolver-editacls>
<name>Services: DNS Resolver: Access Lists: Edit</name>
<patterns>
<pattern>services_unbound_acls_edit.php*</pattern>
</patterns>
</page-services-dnsresolver-editacls>
<page-services-dnsresolver-advanced>
<name>Services: DNS Resolver: Advanced</name>
<patterns>
<pattern>services_unbound_advanced.php*</pattern>
</patterns>
</page-services-dnsresolver-advanced>
<page-services-dnsresolver-editdomainoverride>
<name>Services: DNS Resolver: Edit Domain Override</name>
<patterns>
<pattern>services_unbound_domainoverride_edit.php*</pattern>
</patterns>
</page-services-dnsresolver-editdomainoverride>
<page-services-dnsresolver-edithost>
<name>Services: DNS Resolver: Edit host</name>
<patterns>
<pattern>services_unbound_host_edit.php*</pattern>
</patterns>
</page-services-dnsresolver-edithost>
<page-services-router-advertisements>
<name>Services: Router advertisements</name>
<patterns>

26
src/opnsense/mvc/app/models/OPNsense/Dnsmasq/ACL/ACL.xml Normal file
View File

@ -0,0 +1,26 @@
<acl>
<page-services-dnsforwarder>
<name>Services: Dnsmasq DNS: Settings</name>
<patterns>
<pattern>services_dnsmasq.php*</pattern>
</patterns>
</page-services-dnsforwarder>
<page-services-dnsforwarder-editdomainoverride>
<name>Services: Dnsmasq DNS: Edit Domain Override</name>
<patterns>
<pattern>services_dnsmasq_domainoverride_edit.php*</pattern>
</patterns>
</page-services-dnsforwarder-editdomainoverride>
<page-services-dnsforwarder-edithost>
<name>Services: Dnsmasq DNS: Edit Host</name>
<patterns>
<pattern>services_dnsmasq_edit.php*</pattern>
</patterns>
</page-services-dnsforwarder-edithost>
<page-diagnostics-logs-dnsmasq>
<name>Services: Dnsmasq DNS: Log File</name>
<patterns>
<pattern>diag_logs_dnsmasq.php*</pattern>
</patterns>
</page-diagnostics-logs-dnsmasq>
</acl>

5
src/opnsense/mvc/app/models/OPNsense/Dnsmasq/Menu/Menu.xml
View File

@ -1,8 +1,11 @@
<menu>
<Services>
<Dnsmasq VisibleName="Dnsmasq DNS" url="/services_dnsmasq.php" cssClass="fa fa-tags fa-fw">
<Dnsmasq VisibleName="Dnsmasq DNS" cssClass="fa fa-tags fa-fw">
<Settings order="10" url="/services_dnsmasq.php">
<Hosts url="/services_dnsmasq_edit.php*" visibility="hidden"/>
<Domains url="/services_dnsmasq_domainoverride_edit.php*" visibility="hidden"/>
</Settings>
<LogFile VisibleName="Log File" order="50" url="/diag_logs_resolver.php"/>
</Dnsmasq>
</Services>
</menu>

44
src/opnsense/mvc/app/models/OPNsense/Unbound/ACL/ACL.xml Normal file
View File

@ -0,0 +1,44 @@
<acl>
<page-services-dnsresolver>
<name>Services: Unbound DNS: General</name>
<patterns>
<pattern>services_unbound.php*</pattern>
</patterns>
</page-services-dnsresolver>
<page-services-dnsresolver-acls>
<name>Services: Unbound DNS: Access Lists</name>
<patterns>
<pattern>services_unbound_acls.php*</pattern>
</patterns>
</page-services-dnsresolver-acls>
<page-services-dnsresolver-editacls>
<name>Services: Unbound DNS: Access Lists Edit</name>
<patterns>
<pattern>services_unbound_acls_edit.php*</pattern>
</patterns>
</page-services-dnsresolver-editacls>
<page-services-dnsresolver-advanced>
<name>Services: Unbound DNS: Advanced</name>
<patterns>
<pattern>services_unbound_advanced.php*</pattern>
</patterns>
</page-services-dnsresolver-advanced>
<page-services-dnsresolver-editdomainoverride>
<name>Services: Unbound DNS: Edit Domain Override</name>
<patterns>
<pattern>services_unbound_domainoverride_edit.php*</pattern>
</patterns>
</page-services-dnsresolver-editdomainoverride>
<page-services-dnsresolver-edithost>
<name>Services: Unbound DNS: Edit Host</name>
<patterns>
<pattern>services_unbound_host_edit.php*</pattern>
</patterns>
</page-services-dnsresolver-edithost>
<page-diagnostics-logs-resolver>
<name>Services: Unbound DNS: Log File</name>
<patterns>
<pattern>diag_logs_resolver.php*</pattern>
</patterns>
</page-diagnostics-logs-resolver>
</acl>

8
src/www/diag_logs_dnsmasq.php Normal file
View File

@ -0,0 +1,8 @@
<?php
$logfile = '/var/log/dnsmasq.log';
$logclog = true;
$service_hook = 'dnsmasq';
require_once 'diag_logs_template.inc';

10
src/www/diag_logs_settings.php
View File

@ -70,7 +70,6 @@ function clear_all_log_files()
system_clear_clog("/var/log/{$lfile}.log", false);
}
foreach ($log_files as $lfile) {
system_clear_log("/var/log/{$lfile}.log", false);
}
@ -100,6 +99,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig['dhcp'] = isset($config['syslog']['dhcp']);
$pconfig['portalauth'] = isset($config['syslog']['portalauth']);
$pconfig['vpn'] = isset($config['syslog']['vpn']);
$pconfig['dns'] = isset($config['syslog']['dns']);
$pconfig['apinger'] = isset($config['syslog']['apinger']);
$pconfig['relayd'] = isset($config['syslog']['relayd']);
$pconfig['hostapd'] = isset($config['syslog']['hostapd']);
@ -159,6 +159,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$config['syslog']['dhcp'] = !empty($pconfig['dhcp']);
$config['syslog']['portalauth'] = !empty($pconfig['portalauth']);
$config['syslog']['vpn'] = !empty($pconfig['vpn']);
$config['syslog']['dns'] = !empty($pconfig['dns']);
$config['syslog']['apinger'] = !empty($pconfig['apinger']);
$config['syslog']['relayd'] = !empty($pconfig['relayd']);
$config['syslog']['hostapd'] = !empty($pconfig['hostapd']);
@ -224,6 +225,7 @@ function enable_change(enable_over) {
document.iform.dhcp.disabled = 0;
document.iform.portalauth.disabled = 0;
document.iform.vpn.disabled = 0;
document.iform.dns.disabled = 0;
document.iform.apinger.disabled = 0;
document.iform.relayd.disabled = 0;
document.iform.hostapd.disabled = 0;
@ -238,6 +240,7 @@ function enable_change(enable_over) {
document.iform.dhcp.disabled = 1;
document.iform.portalauth.disabled = 1;
document.iform.vpn.disabled = 1;
document.iform.dns.disabled = 1;
document.iform.apinger.disabled = 1;
document.iform.relayd.disabled = 1;
document.iform.hostapd.disabled = 1;
@ -255,6 +258,8 @@ function check_everything() {
document.iform.portalauth.checked = false;
document.iform.vpn.disabled = 1;
document.iform.vpn.checked = false;
document.iform.dns.disabled = 1;
document.iform.dns.checked = false;
document.iform.apinger.disabled = 1;
document.iform.apinger.checked = false;
document.iform.relayd.disabled = 1;
@ -268,6 +273,7 @@ function check_everything() {
document.iform.dhcp.disabled = 0;
document.iform.portalauth.disabled = 0;
document.iform.vpn.disabled = 0;
document.iform.dns.disabled = 0;
document.iform.apinger.disabled = 0;
document.iform.relayd.disabled = 0;
document.iform.hostapd.disabled = 0;
@ -503,6 +509,8 @@ $(document).ready(function() {
<?=gettext("Firewall events");?><br />
<input name="dhcp" id="dhcp" type="checkbox" value="yes" <?=!empty($pconfig['dhcp']) ? "checked=\"checked\"" : ""; ?> />
<?=gettext("DHCP service events");?><br />
<input name="dns" id="dns" type="checkbox" value="yes" <?=!empty($pconfig['dns']) ? "checked=\"checked\"" : ""; ?> />
<?=gettext("DNS (Unbound, Dnsmasq, Bind) events");?><br />
<input name="portalauth" id="portalauth" type="checkbox" value="yes" <?=!empty($pconfig['portalauth']) ? "checked=\"checked\"" : ""; ?> />
<?=gettext("Portal Auth events");?><br />
<input name="vpn" id="vpn" type="checkbox" value="yes" <?=!empty($pconfig['vpn']) ? "checked=\"checked\"" : ""; ?> />