Services: Dnsmasq DNS & DHCP - reorganize general dhcp settings, add nosync to it and ranges so we can test the new nosync approach. for https://github.com/opnsense/core/issues/8329

2026-03-13 08:09:41 +00:00 · 2025-03-04 11:31:38 +01:00 · 2025-03-04 11:31:38 +01:00 · a0fca2cc2f
commit a0fca2cc2f
parent f569ead1a5
5 changed files with 51 additions and 31 deletions
--- a/src/etc/inc/plugins.inc.d/dnsmasq.inc
+++ b/src/etc/inc/plugins.inc.d/dnsmasq.inc
@ -101,7 +101,7 @@ function dnsmasq_firewall(\OPNsense\Firewall\Plugin $fw)
    global $config;

    $mdl = new \OPNsense\Dnsmasq\Dnsmasq();
-    if (!$mdl->enable->isEmpty() && !$mdl->dhcp_default_fw_rules->isEmpty()) {
+    if (!$mdl->enable->isEmpty() && !$mdl->dhcp->default_fw_rules->isEmpty()) {
        $dhcp_ifs = $mdl->getDhcpInterfaces();
        if (empty($dhcp_ifs)) {
            return;
--- a/src/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/dialogDHCPrange.xml
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/dialogDHCPrange.xml
@ -44,6 +44,12 @@
        <type>text</type>
        <help>Offer the specified domain to machines in this range.</help>
    </field>
+    <field>
+        <id>range.nosync</id>
+        <label>Disable HA sync</label>
+        <type>checkbox</type>
+        <help>Ignore this range from being transfered or updated by ha sync.</help>
+    </field>
    <field>
        <id>range.description</id>
        <label>Description</label>
--- a/src/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/general.xml
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/general.xml
@ -111,7 +111,7 @@
        <label>DHCP</label>
    </field>
    <field>
-        <id>dnsmasq.no_dhcp_interface</id>
+        <id>dnsmasq.dhcp.no_interface</id>
        <label>Interface [no dhcp]</label>
        <type>select_multiple</type>
        <advanced>true</advanced>
@ -120,13 +120,13 @@
        </help>
    </field>
    <field>
-        <id>dnsmasq.dhcp_fqdn</id>
+        <id>dnsmasq.dhcp.fqdn</id>
        <label>DHCP fqdn</label>
        <type>checkbox</type>
        <help>In the default mode, we insert the unqualified names of DHCP clients into the DNS, in which case they have to be unique. Using this option the unqualified name is no longer put in the DNS, only the qualified name.</help>
    </field>
    <field>
-        <id>dnsmasq.dhcp_lease_max</id>
+        <id>dnsmasq.dhcp.lease_max</id>
        <label>DHCP max leases</label>
        <type>text</type>
        <hint>1000</hint>
@ -134,23 +134,29 @@
        <help>Limits dnsmasq to the specified maximum number of DHCP leases. This limit is to prevent DoS attacks from hosts which create thousands of leases and use lots of memory in the dnsmasq process.</help>
    </field>
    <field>
-        <id>dnsmasq.dhcp_authoritative</id>
+        <id>dnsmasq.dhcp.authoritative</id>
        <label>DHCP authoritative</label>
        <type>checkbox</type>
        <help>Should be set when dnsmasq is definitely the only DHCP server on a network. For DHCPv4, it changes the behaviour from strict RFC compliance so that DHCP requests on unknown leases from unknown hosts are not ignored.</help>
    </field>
    <field>
-        <id>dnsmasq.dhcp_reply_delay</id>
+        <id>dnsmasq.dhcp.reply_delay</id>
        <label>DHCP Reply delay</label>
        <type>text</type>
        <help>Delays sending DHCPOFFER and PROXYDHCP replies for at least the specified number of seconds. This can be practical for split dhcp solutions, to make sure the secondary server answers slower than the primary.</help>
    </field>
    <field>
-        <id>dnsmasq.dhcp_default_fw_rules</id>
+        <id>dnsmasq.dhcp.default_fw_rules</id>
        <label>DHCP register firewall rules</label>
        <type>checkbox</type>
        <help>Automatically register firewall rules to allow dhcp traffic for all explicitly selected interfaces, can be disabled for more fine grained control if needed. Changes are only effective after a firewall service restart (see system diagnostics).</help>
    </field>
+    <field>
+        <id>dnsmasq.dhcp.nosync</id>
+        <label>Disable HA sync</label>
+        <type>checkbox</type>
+        <help>Ignore the dhcp general settings from being updated using ha sync.</help>
+    </field>
    <field>
        <type>header</type>
        <label>ISC / KEA DHCP (legacy)</label>
--- a/src/opnsense/mvc/app/models/OPNsense/Dnsmasq/Dnsmasq.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Dnsmasq/Dnsmasq.xml
@ -1,6 +1,6 @@
 <model>
    <mount>/dnsmasq</mount>
-    <version>1.0.1</version>
+    <version>1.0.2</version>
    <items>
        <enable type="BooleanField"/>
        <regdhcp type="BooleanField"/>
@ -33,22 +33,25 @@
        <local_ttl type="IntegerField">
            <MinimumValue>0</MinimumValue>
        </local_ttl>
-        <no_dhcp_interface type="InterfaceField">
-            <Multiple>Y</Multiple>
-        </no_dhcp_interface>
-        <dhcp_fqdn type="BooleanField"/>
-        <dhcp_lease_max type="IntegerField">
-            <MinimumValue>0</MinimumValue>
-        </dhcp_lease_max>
-        <dhcp_authoritative type="BooleanField"/>
-        <dhcp_default_fw_rules type="BooleanField">
-            <Required>Y</Required>
-            <Default>1</Default>
-        </dhcp_default_fw_rules>
-        <dhcp_reply_delay type="IntegerField">
-            <MinimumValue>0</MinimumValue>
-            <MaximumValue>60</MaximumValue>
-        </dhcp_reply_delay>
+        <dhcp>
+            <no_interface type="InterfaceField">
+                <Multiple>Y</Multiple>
+            </no_interface>
+            <fqdn type="BooleanField"/>
+            <lease_max type="IntegerField">
+                <MinimumValue>0</MinimumValue>
+            </lease_max>
+            <authoritative type="BooleanField"/>
+            <default_fw_rules type="BooleanField">
+                <Required>Y</Required>
+                <Default>1</Default>
+            </default_fw_rules>
+            <reply_delay type="IntegerField">
+                <MinimumValue>0</MinimumValue>
+                <MaximumValue>60</MaximumValue>
+            </reply_delay>
+            <nosync type="BooleanField"/>
+        </dhcp>
        <no_ident type="BooleanField">
            <Required>Y</Required>
            <Default>1</Default>
@ -153,6 +156,7 @@
                <IsDNSName>Y</IsDNSName>
                <IpAllowed>N</IpAllowed>
            </domain>
+            <nosync type="BooleanField"/>
            <description type="DescriptionField"/>
        </dhcp_ranges>
        <dhcp_options type="ArrayField">
--- a/src/opnsense/service/templates/OPNsense/Dnsmasq/dnsmasq.conf
+++ b/src/opnsense/service/templates/OPNsense/Dnsmasq/dnsmasq.conf
@ -18,23 +18,27 @@ port={{ dnsmasq.port }}
 interface={{helpers.physical_interfaces(dnsmasq.interface.split(','))|join(',')}}
 {% endif %}

-{% if dnsmasq.no_dhcp_interface %}
+{% if dnsmasq.dhcp.no_interface %}
 # If you want dnsmasq to provide only DNS service on an interface,
 # configure it as shown above, and then use the following line to
 # disable DHCP and TFTP on it.
-no-dhcp-interface={{helpers.physical_interfaces(dnsmasq.no_dhcp_interface.split(','))|join(',')}}
+no-dhcp-interface={{helpers.physical_interfaces(dnsmasq.dhcp.no_interface.split(','))|join(',')}}
 {% endif %}

-{% if dnsmasq.dhcp_lease_max %}
-dhcp-lease-max={{dnsmasq.dhcp_lease_max}}
+{% if dnsmasq.dhcp.lease_max %}
+dhcp-lease-max={{dnsmasq.dhcp.lease_max}}
 {% endif %}

-{% if dnsmasq.dhcp_fqdn == '1' %}
+{% if dnsmasq.dhcp.fqdn == '1' %}
 dhcp-fqdn
 {% endif %}

-{% if dnsmasq.dhcp_reply_delay %}
-dhcp-reply-delay={{dnsmasq.dhcp_reply_delay}}
+{% if dnsmasq.dhcp.authoritative == '1' %}
+dhcp-authoritative
+{% endif %}
+
+{% if dnsmasq.dhcp.reply_delay %}
+dhcp-reply-delay={{dnsmasq.dhcp.reply_delay}}
 {% endif %}