From 84f48985bf74cddb50b081ec0b2ca39ad83a364c Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Sat, 22 Mar 2025 10:30:37 +0100
Subject: [PATCH] Services: Unbound DNS: Overrides - add optional TTL field,
 closes https://github.com/opnsense/core/pull/7616

---
 src/etc/inc/plugins.inc.d/unbound.inc                       | 6 +++---
 .../OPNsense/Unbound/forms/dialogHostOverride.xml           | 6 ++++++
 src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml    | 6 ++++++
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/etc/inc/plugins.inc.d/unbound.inc b/src/etc/inc/plugins.inc.d/unbound.inc
index 38e74e1f0..521379967 100644
--- a/src/etc/inc/plugins.inc.d/unbound.inc
+++ b/src/etc/inc/plugins.inc.d/unbound.inc
@@ -570,7 +570,7 @@ function unbound_add_host_entries($ifconfig_details)
                             /* Handle wildcard entries which have "*" as a hostname. Since we added a . above, we match on "*.". */
                             if ($alias['hostname'] == '*.') {
                                 $unbound_entries .= "local-zone: \"{$alias['domain']}\" redirect\n";
-                                $unbound_entries .= "local-data: \"{$alias['domain']} IN {$host->rr} {$host->server}\"\n";
+                                $unbound_entries .= "local-data: \"{$alias['domain']} {$host->ttl} IN {$host->rr} {$host->server}\"\n";
                             } else {
                                 if (($override_is_main || $tmp_aliases[0]['hostname'] === '*') && !in_array($host->server, $ptr_records, true)) {
                                     /* Only generate a PTR record for the non-alias override and only if the IP is not already associated with a PTR.
@@ -581,11 +581,11 @@ function unbound_add_host_entries($ifconfig_details)
                                 } else {
                                     syslog(LOG_WARNING, 'PTR record already exists for ' . $alias['hostname'] . $alias['domain'] . '(' . $host->server . ')');
                                 }
-                                $unbound_entries .= "local-data: \"{$alias['hostname']}{$alias['domain']} IN {$host->rr} {$host->server}\"\n";
+                                $unbound_entries .= "local-data: \"{$alias['hostname']}{$alias['domain']} {$host->ttl} IN {$host->rr} {$host->server}\"\n";
                             }
                             break;
                         case 'MX':
-                            $unbound_entries .= "local-data: \"{$alias['hostname']}{$alias['domain']} IN MX {$host->mxprio} {$host->mx}\"\n";
+                            $unbound_entries .= "local-data: \"{$alias['hostname']}{$alias['domain']} {$host->ttl} IN MX {$host->mxprio} {$host->mx}\"\n";
                             break;
                     }
 
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/dialogHostOverride.xml b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/dialogHostOverride.xml
index 4f0e7d6f3..eefaa4a07 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/dialogHostOverride.xml
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/dialogHostOverride.xml
@@ -46,6 +46,12 @@
             <visible>false</visible>
         </grid_view>
     </field>
+    <field>
+        <id>host.ttl</id>
+        <label>TTL (seconds)</label>
+        <type>text</type>
+        <help>TTL of the host, e.g. 3600</help>
+    </field>
     <field>
         <id>host.server</id>
         <label>IP address</label>
diff --git a/src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml b/src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
index 5df0b1bea..87bb873ef 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
@@ -343,6 +343,12 @@
                         </check001>
                     </Constraints>
                 </mx>
+                <ttl type="IntegerField">
+                    <Required>N</Required>
+                    <!-- https://datatracker.ietf.org/doc/html/rfc2181 -->
+                    <MaximumValue>2147483647</MaximumValue>
+                    <MinimumValue>0</MinimumValue>
+                </ttl>
                 <server type="NetworkField">
                     <Constraints>
                         <check001>