From 12353e8f74058d196b4fa3bb7810951280edc721 Mon Sep 17 00:00:00 2001
From: Manuel Faux <mfaux@conf.at>
Date: Thu, 10 Dec 2015 18:38:10 +0100
Subject: [PATCH 1/6] unbound: Separated DNS overrides from General settings

Put Host and Domain Overrides to separate configuration section of unbound DNS
resolver.
---
 .../app/models/OPNsense/Base/Menu/Menu.xml    |   5 +-
 src/www/services_unbound.php                  | 153 -----------
 .../services_unbound_domainoverride_edit.php  |   4 +-
 src/www/services_unbound_host_edit.php        |   4 +-
 src/www/services_unbound_overrides.php        | 241 ++++++++++++++++++
 5 files changed, 248 insertions(+), 159 deletions(-)
 create mode 100644 src/www/services_unbound_overrides.php

diff --git a/src/opnsense/mvc/app/models/OPNsense/Base/Menu/Menu.xml b/src/opnsense/mvc/app/models/OPNsense/Base/Menu/Menu.xml
index 34eef0c74..e90ad6241 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Base/Menu/Menu.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Base/Menu/Menu.xml
@@ -235,10 +235,11 @@
             <Domains url="/services_dnsmasq_domainoverride_edit.php*"/>
         </DNSForwarder>
         <DNSResolver VisibleName="DNS Resolver" cssClass="fa fa-tags">
-            <General order="10" url="/services_unbound.php">
+            <General order="10" url="/services_unbound.php"/>
+            <Overrides order="15" url="/services_unbound_overrides.php">
                 <Hosts url="/services_unbound_host_edit.php*"/>
                 <Domains url="/services_unbound_domainoverride_edit.php*"/>
-            </General>
+            </Overrides>
             <Advanced order="20" url="/services_unbound_advanced.php"/>
             <ACL VisibleName="Access Lists" order="30" url="/services_unbound_acls.php">
                 <All url="/services_unbound_acls.php*"/>
diff --git a/src/www/services_unbound.php b/src/www/services_unbound.php
index 22c18b25f..a28c415e1 100644
--- a/src/www/services_unbound.php
+++ b/src/www/services_unbound.php
@@ -38,14 +38,6 @@ if (!is_array($config['unbound']))
 	$config['unbound'] = array();
 $a_unboundcfg =& $config['unbound'];
 
-if (!is_array($config['unbound']['hosts']))
-	$config['unbound']['hosts'] = array();
-$a_hosts =& $config['unbound']['hosts'];
-
-if (!is_array($config['unbound']['domainoverrides']))
-	$config['unbound']['domainoverrides'] = array();
-$a_domainOverrides = &$config['unbound']['domainoverrides'];
-
 if (isset($config['unbound']['enable']))
 	$pconfig['enable'] = true;
 if (isset($config['unbound']['dnssec']))
@@ -141,26 +133,6 @@ if ($_POST) {
 	}
 }
 
-if ($_GET['act'] == "del") {
-	if ($_GET['type'] == 'host') {
-		if ($a_hosts[$_GET['id']]) {
-			unset($a_hosts[$_GET['id']]);
-			write_config();
-			mark_subsystem_dirty('unbound');
-			header("Location: services_unbound.php");
-			exit;
-		}
-	} elseif ($_GET['type'] == 'doverride') {
-		if ($a_domainOverrides[$_GET['id']]) {
-			unset($a_domainOverrides[$_GET['id']]);
-			write_config();
-			mark_subsystem_dirty('unbound');
-			header("Location: services_unbound.php");
-			exit;
-		}
-	}
-}
-
 $closehead = false;
 $pgtitle = array(gettext('Services'), gettext('DNS Resolver'), gettext('General'));
 include_once("head.inc");
@@ -361,131 +333,6 @@ function show_advanced_dns() {
 					</div>
 			    </section>
 
-			    <section class="col-xs-12">
-
-				    <div class="content-box">
-
-					    <header class="content-box-head container-fluid">
-						<h3><?=gettext("Host Overrides");?></h3>
-					</header>
-
-					<div class="content-box-main col-xs-12">
-						<?=gettext("Entries in this section override individual results from the forwarders.");?>
-	<?=gettext("Use these for changing DNS results or for adding custom DNS records.");?>
-					</div>
-					    <div class="content-box-main col-xs-12">
-					    <div class="table-responsive">
-						    <table class="table table-striped table-sort">
-								<thead>
-								<tr>
-									<td width="20%" class="listhdrr"><?=gettext("Host");?></td>
-									<td width="25%" class="listhdrr"><?=gettext("Domain");?></td>
-									<td width="20%" class="listhdrr"><?=gettext("IP");?></td>
-									<td width="30%" class="listhdr"><?=gettext("Description");?></td>
-									<td width="5%" class="list">
-										<table border="0" cellspacing="0" cellpadding="1" summary="add">
-											<tr>
-												<td width="17"></td>
-												<td valign="middle"><a href="services_unbound_host_edit.php" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-plus"></span></a></td>
-											</tr>
-										</table>
-									</td>
-								</tr>
-								</thead>
-								<tbody>
-								<?php $i = 0; foreach ($a_hosts as $hostent): ?>
-								<tr>
-									<td class="listlr" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
-										<?=strtolower($hostent['host']);?>&nbsp;
-									</td>
-									<td class="listr" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
-										<?=strtolower($hostent['domain']);?>&nbsp;
-									</td>
-									<td class="listr" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
-										<?=$hostent['ip'];?>&nbsp;
-									</td>
-									<td class="listbg" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
-										<?=htmlspecialchars($hostent['descr']);?>&nbsp;
-									</td>
-									<td valign="middle" class="list nowrap">
-										<table border="0" cellspacing="0" cellpadding="1" summary="icons">
-											<tr>
-												<td valign="middle"><a href="services_unbound_host_edit.php?id=<?=$i;?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-pencil"></span></a></td>
-												<td><a href="services_unbound.php?type=host&amp;act=del&amp;id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this host?");?>')" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-remove"></span></a></td>
-											</tr>
-										</table>
-								</tr>
-								<?php $i++; endforeach; ?>
-								<tr style="display:none"><td></td></tr>
-								</tbody>
-							</table>
-
-					    </div>
-					    </div>
-				    </div>
-
-			    </section>
-
-			   <section class="col-xs-12">
-
-				    <div class="content-box">
-
-					    <header class="content-box-head container-fluid">
-						<h3><?=gettext("Domain Overrides");?></h3>
-					</header>
-
-					<div class="content-box-main col-xs-12">
-						<p><?=gettext("Entries in this area override an entire domain by specifying an".
-	" authoritative DNS server to be queried for that domain.");?></p>
-					</div>
-
-					    <div class="content-box-main col-xs-12">
-					    <div class="table-responsive">
-						    <table class="table table-striped table-sort"><thead>
-								<tr>
-									<td width="35%" class="listhdrr"><?=gettext("Domain");?></td>
-									<td width="20%" class="listhdrr"><?=gettext("IP");?></td>
-									<td width="40%" class="listhdr"><?=gettext("Description");?></td>
-									<td width="5%" class="list">
-										<table border="0" cellspacing="0" cellpadding="1" summary="add">
-											<tr>
-												<td width="17" height="17"></td>
-												<td><a href="services_unbound_domainoverride_edit.php" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-plus"></span></a></td>
-											</tr>
-										</table>
-									</td>
-								</tr>
-								</thead>
-
-								<tbody>
-								<?php $i = 0; foreach ($a_domainOverrides as $doment): ?>
-								<tr>
-									<td class="listlr">
-										<?=strtolower($doment['domain']);?>&nbsp;
-									</td>
-									<td class="listr">
-										<?=$doment['ip'];?>&nbsp;
-									</td>
-									<td class="listbg">
-										<?=htmlspecialchars($doment['descr']);?>&nbsp;
-									</td>
-									<td valign="middle" class="list nowrap">
-										<table border="0" cellspacing="0" cellpadding="1" summary="icons">
-											<tr>
-												<td valign="middle"><a href="services_unbound_domainoverride_edit.php?id=<?=$i;?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-pencil"></span></a></td>
-												<td valign="middle"><a href="services_unbound.php?act=del&amp;type=doverride&amp;id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this domain override?");?>')" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-remove"></span></a></td>
-											</tr>
-										</table>
-									</td>
-								</tr>
-								<?php $i++; endforeach; ?>
-								<tr style="display:none"><td></td></tr>
-								</tbody>
-							</table>
-					    </div>
-					    </div>
-				    </div>
-			   </section>
 			   </form>
 
 			</div>
diff --git a/src/www/services_unbound_domainoverride_edit.php b/src/www/services_unbound_domainoverride_edit.php
index 4c40a6fc7..dfa13b323 100644
--- a/src/www/services_unbound_domainoverride_edit.php
+++ b/src/www/services_unbound_domainoverride_edit.php
@@ -31,7 +31,7 @@ require_once("guiconfig.inc");
 require_once("services.inc");
 require_once("interfaces.inc");
 
-$referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/services_unbound.php');
+$referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/services_unbound_overrides.php');
 
 if (!is_array($config['unbound']['domainoverrides']))
        $config['unbound']['domainoverrides'] = array();
@@ -95,7 +95,7 @@ if ($_POST) {
 
         write_config();
 
-        header("Location: services_unbound.php");
+        header("Location: services_unbound_overrides.php");
         exit;
     }
 }
diff --git a/src/www/services_unbound_host_edit.php b/src/www/services_unbound_host_edit.php
index d2396fb99..17e5d9488 100644
--- a/src/www/services_unbound_host_edit.php
+++ b/src/www/services_unbound_host_edit.php
@@ -32,7 +32,7 @@ require_once("guiconfig.inc");
 require_once("services.inc");
 require_once("interfaces.inc");
 
-$referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/services_unbound.php');
+$referer = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '/services_unbound_overrides.php');
 
 function hostcmp($a, $b) {
 	return strcasecmp($a['host'], $b['host']);
@@ -150,7 +150,7 @@ if ($_POST) {
 
 		write_config();
 
-		header("Location: services_unbound.php");
+		header("Location: services_unbound_overrides.php");
 		exit;
 	}
 }
diff --git a/src/www/services_unbound_overrides.php b/src/www/services_unbound_overrides.php
new file mode 100644
index 000000000..dffc2a6f5
--- /dev/null
+++ b/src/www/services_unbound_overrides.php
@@ -0,0 +1,241 @@
+<?php
+
+/*
+	Copyright (C) 2014-2015 Deciso B.V.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("guiconfig.inc");
+require_once("unbound.inc");
+require_once("services.inc");
+require_once("system.inc");
+require_once("pfsense-utils.inc");
+require_once("interfaces.inc");
+
+if (!is_array($config['unbound']))
+	$config['unbound'] = array();
+$a_unboundcfg =& $config['unbound'];
+
+if (!is_array($config['unbound']['hosts']))
+	$config['unbound']['hosts'] = array();
+$a_hosts =& $config['unbound']['hosts'];
+
+if (!is_array($config['unbound']['domainoverrides']))
+	$config['unbound']['domainoverrides'] = array();
+$a_domainOverrides = &$config['unbound']['domainoverrides'];
+
+if ($_POST) {
+	unset($input_errors);
+
+	if ($_POST['apply']) {
+		$retval = services_unbound_configure();
+		$savemsg = get_std_save_message();
+		if ($retval == 0) {
+			clear_subsystem_dirty('unbound');
+		}
+		/* Update resolv.conf in case the interface bindings exclude localhost. */
+		system_resolvconf_generate();
+	}
+}
+
+if ($_GET['act'] == "del") {
+	if ($_GET['type'] == 'host') {
+		if ($a_hosts[$_GET['id']]) {
+			unset($a_hosts[$_GET['id']]);
+			write_config();
+			mark_subsystem_dirty('unbound');
+			header("Location: services_unbound_overrides.php");
+			exit;
+		}
+	} elseif ($_GET['type'] == 'doverride') {
+		if ($a_domainOverrides[$_GET['id']]) {
+			unset($a_domainOverrides[$_GET['id']]);
+			write_config();
+			mark_subsystem_dirty('unbound');
+			header("Location: services_unbound_overrides.php");
+			exit;
+		}
+	}
+}
+
+$closehead = false;
+$pgtitle = array(gettext('Services'), gettext('DNS Resolver'), gettext('Overrides'));
+include_once("head.inc");
+
+?>
+
+<body>
+
+<?php include("fbegin.inc"); ?>
+
+	<section class="page-content-main">
+		<div class="container-fluid">
+			<div class="row">
+
+				<?php if (isset($input_errors) && count($input_errors) > 0) print_input_errors($input_errors); ?>
+				<?php if (isset($savemsg)) print_info_box($savemsg); ?>
+				<?php if (is_subsystem_dirty('unbound')): ?><br/>
+				<?php print_info_box_apply(gettext("The configuration for the DNS Resolver, has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect."));?><br />
+				<?php endif; ?>
+
+				<form action="services_unbound_overrides.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
+
+			    <section class="col-xs-12">
+
+				    <div class="content-box">
+
+					    <header class="content-box-head container-fluid">
+						<h3><?=gettext("Host Overrides");?></h3>
+					</header>
+
+					<div class="content-box-main col-xs-12">
+						<?=gettext("Entries in this section override individual results from the forwarders.");?>
+	<?=gettext("Use these for changing DNS results or for adding custom DNS records.");?>
+					</div>
+					    <div class="content-box-main col-xs-12">
+					    <div class="table-responsive">
+						    <table class="table table-striped table-sort">
+								<thead>
+								<tr>
+									<td width="20%" class="listhdrr"><?=gettext("Host");?></td>
+									<td width="25%" class="listhdrr"><?=gettext("Domain");?></td>
+									<td width="20%" class="listhdrr"><?=gettext("IP");?></td>
+									<td width="30%" class="listhdr"><?=gettext("Description");?></td>
+									<td width="5%" class="list">
+										<table border="0" cellspacing="0" cellpadding="1" summary="add">
+											<tr>
+												<td width="17"></td>
+												<td valign="middle"><a href="services_unbound_host_edit.php" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-plus"></span></a></td>
+											</tr>
+										</table>
+									</td>
+								</tr>
+								</thead>
+								<tbody>
+								<?php $i = 0; foreach ($a_hosts as $hostent): ?>
+								<tr>
+									<td class="listlr" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
+										<?=strtolower($hostent['host']);?>&nbsp;
+									</td>
+									<td class="listr" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
+										<?=strtolower($hostent['domain']);?>&nbsp;
+									</td>
+									<td class="listr" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
+										<?=$hostent['ip'];?>&nbsp;
+									</td>
+									<td class="listbg" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
+										<?=htmlspecialchars($hostent['descr']);?>&nbsp;
+									</td>
+									<td valign="middle" class="list nowrap">
+										<table border="0" cellspacing="0" cellpadding="1" summary="icons">
+											<tr>
+												<td valign="middle"><a href="services_unbound_host_edit.php?id=<?=$i;?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-pencil"></span></a></td>
+												<td><a href="services_unbound_overrides.php?type=host&amp;act=del&amp;id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this host?");?>')" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-remove"></span></a></td>
+											</tr>
+										</table>
+								</tr>
+								<?php $i++; endforeach; ?>
+								<tr style="display:none"><td></td></tr>
+								</tbody>
+							</table>
+
+					    </div>
+					    </div>
+				    </div>
+
+			    </section>
+
+			   <section class="col-xs-12">
+
+				    <div class="content-box">
+
+					    <header class="content-box-head container-fluid">
+						<h3><?=gettext("Domain Overrides");?></h3>
+					</header>
+
+					<div class="content-box-main col-xs-12">
+						<p><?=gettext("Entries in this area override an entire domain by specifying an".
+	" authoritative DNS server to be queried for that domain.");?></p>
+					</div>
+
+					    <div class="content-box-main col-xs-12">
+					    <div class="table-responsive">
+						    <table class="table table-striped table-sort"><thead>
+								<tr>
+									<td width="35%" class="listhdrr"><?=gettext("Domain");?></td>
+									<td width="20%" class="listhdrr"><?=gettext("IP");?></td>
+									<td width="40%" class="listhdr"><?=gettext("Description");?></td>
+									<td width="5%" class="list">
+										<table border="0" cellspacing="0" cellpadding="1" summary="add">
+											<tr>
+												<td width="17" height="17"></td>
+												<td><a href="services_unbound_domainoverride_edit.php" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-plus"></span></a></td>
+											</tr>
+										</table>
+									</td>
+								</tr>
+								</thead>
+
+								<tbody>
+								<?php $i = 0; foreach ($a_domainOverrides as $doment): ?>
+								<tr>
+									<td class="listlr">
+										<?=strtolower($doment['domain']);?>&nbsp;
+									</td>
+									<td class="listr">
+										<?=$doment['ip'];?>&nbsp;
+									</td>
+									<td class="listbg">
+										<?=htmlspecialchars($doment['descr']);?>&nbsp;
+									</td>
+									<td valign="middle" class="list nowrap">
+										<table border="0" cellspacing="0" cellpadding="1" summary="icons">
+											<tr>
+												<td valign="middle"><a href="services_unbound_domainoverride_edit.php?id=<?=$i;?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-pencil"></span></a></td>
+												<td valign="middle"><a href="services_unbound_overrides.php?act=del&amp;type=doverride&amp;id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this domain override?");?>')" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-remove"></span></a></td>
+											</tr>
+										</table>
+									</td>
+								</tr>
+								<?php $i++; endforeach; ?>
+								<tr style="display:none"><td></td></tr>
+								</tbody>
+							</table>
+					    </div>
+					    </div>
+				    </div>
+			   </section>
+			   </form>
+
+			</div>
+		</div>
+	</section>
+
+
+<script type="text/javascript">
+//<![CDATA[
+enable_change(false);
+//]]>
+</script>
+<?php include("foot.inc"); ?>

From 75ce22549fa6d819e4d24ad1af771a7bac9b1cdc Mon Sep 17 00:00:00 2001
From: Manuel Faux <mfaux@conf.at>
Date: Thu, 10 Dec 2015 18:47:29 +0100
Subject: [PATCH 2/6] unbound: fixed UX on domain overrides

Added double click to edit domain override entry.
---
 src/www/services_unbound_overrides.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/www/services_unbound_overrides.php b/src/www/services_unbound_overrides.php
index dffc2a6f5..6b2e06395 100644
--- a/src/www/services_unbound_overrides.php
+++ b/src/www/services_unbound_overrides.php
@@ -200,13 +200,13 @@ include_once("head.inc");
 								<tbody>
 								<?php $i = 0; foreach ($a_domainOverrides as $doment): ?>
 								<tr>
-									<td class="listlr">
+									<td class="listlr" ondblclick="document.location='services_unbound_domainoverride_edit.php?id=<?=$i;?>';">
 										<?=strtolower($doment['domain']);?>&nbsp;
 									</td>
-									<td class="listr">
+									<td class="listr" ondblclick="document.location='services_unbound_domainoverride_edit.php?id=<?=$i;?>';">
 										<?=$doment['ip'];?>&nbsp;
 									</td>
-									<td class="listbg">
+									<td class="listbg" ondblclick="document.location='services_unbound_domainoverride_edit.php?id=<?=$i;?>';">
 										<?=htmlspecialchars($doment['descr']);?>&nbsp;
 									</td>
 									<td valign="middle" class="list nowrap">

From c632424ec759996f77bea2592352ea243950ec02 Mon Sep 17 00:00:00 2001
From: Manuel Faux <mfaux@conf.at>
Date: Thu, 10 Dec 2015 23:25:45 +0100
Subject: [PATCH 3/6] unbound: Added different DNS RRs to be overwritten

Added the possibility to overwrite MX records by unbound DNS resolver.
---
 src/etc/inc/unbound.inc                |  24 +++--
 src/www/services_unbound_host_edit.php | 118 +++++++++++++++++++++++--
 src/www/services_unbound_overrides.php |  32 ++++++-
 3 files changed, 158 insertions(+), 16 deletions(-)

diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc
index 7ab7ed4a3..56a133897 100644
--- a/src/etc/inc/unbound.inc
+++ b/src/etc/inc/unbound.inc
@@ -518,13 +518,25 @@ function unbound_add_host_entries() {
             if ($host['host'] != "")
                 $host['host'] = $host['host'].".";
             if (!$added_item[$current_host]) {
-                $host_entries .= "local-data-ptr: \"{$host['ip']} {$host['host']}{$host['domain']}\"\n";
-                if (is_ipaddrv6($host['ip']))
-                    $host_entries .= "local-data: \"{$host['host']}{$host['domain']} IN AAAA {$host['ip']}\"\n";
-                else
-                    $host_entries .= "local-data: \"{$host['host']}{$host['domain']} IN A {$host['ip']}\"\n";
-                if (!empty($host['descr']) && isset($config['unbound']['txtsupport']))
+                /* Backwards compatibility for records created before introducing RR types. */
+                if (!isset($host['rr'])) {
+                    $host['rr'] = (is_ipaddrv6($host['ip'])) ? 'AAAA' : 'A';
+                }
+
+                switch ($host['rr']) {
+                    case 'A':
+                    case 'AAAA':
+                        $host_entries .= "local-data-ptr: \"{$host['ip']} {$host['host']}{$host['domain']}\"\n";
+                        $host_entries .= "local-data: \"{$host['host']}{$host['domain']} IN {$host['rr']} {$host['ip']}\"\n";
+                        break;
+                    case 'MX':
+                        $host_entries .= "local-data: \"{$host['host']}{$host['domain']} IN MX {$host['mxprio']} {$host['mx']}\"\n";
+                        break;
+                }
+
+                if (!empty($host['descr']) && isset($config['unbound']['txtsupport'])) {
                     $host_entries .= "local-data: '{$host['host']}{$host['domain']} TXT \"".addslashes($host['descr'])."\"'\n";
+                }
 
                 // Do not add duplicate entries
                 $added_item[$current_host] = true;
diff --git a/src/www/services_unbound_host_edit.php b/src/www/services_unbound_host_edit.php
index 17e5d9488..b62c3575a 100644
--- a/src/www/services_unbound_host_edit.php
+++ b/src/www/services_unbound_host_edit.php
@@ -58,9 +58,17 @@ if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
 
 if (isset($id) && $a_hosts[$id]) {
+/* Backwards compatibility for records created before introducing different RR types. */
+	if (!isset($a_hosts[$id]['rr'])) {
+		$a_hosts[$id]['rr'] = 'A';
+	}
+
 	$pconfig['host'] = $a_hosts[$id]['host'];
 	$pconfig['domain'] = $a_hosts[$id]['domain'];
+	$pconfig['rr'] = $a_hosts[$id]['rr'];
 	$pconfig['ip'] = $a_hosts[$id]['ip'];
+	$pconfig['mxprio'] = $a_hosts[$id]['mxprio'];
+	$pconfig['mx'] = $a_hosts[$id]['mx'];
 	$pconfig['descr'] = $a_hosts[$id]['descr'];
 	$pconfig['aliases'] = $a_hosts[$id]['aliases'];
 }
@@ -71,19 +79,48 @@ if ($_POST) {
 	$pconfig = $_POST;
 
 	/* input validation */
-	$reqdfields = explode(" ", "domain ip");
-	$reqdfieldsn = array(gettext("Domain"),gettext("IP address"));
+	$reqdfields = explode(" ", "domain rr");
+	$reqdfieldsn = array(gettext("Domain"),gettext("Type"));
 
 	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
 
-	if (($_POST['host'] && !is_hostname($_POST['host'])))
+	if (($_POST['host'] && !is_hostname($_POST['host']))) {
 		$input_errors[] = gettext("The hostname can only contain the characters A-Z, 0-9 and '-'.");
+	}
 
-	if (($_POST['domain'] && !is_domain($_POST['domain'])))
+	if (($_POST['domain'] && !is_domain($_POST['domain']))) {
 		$input_errors[] = gettext("A valid domain must be specified.");
+	}
 
-	if (($_POST['ip'] && !is_ipaddr($_POST['ip'])))
-		$input_errors[] = gettext("A valid IP address must be specified.");
+	switch ($_POST['rr']) {
+		case 'A': /* also: AAAA */
+			$reqdfields = explode(" ", "ip");
+			$reqdfieldsn = array(gettext("IP address"));
+
+			do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
+
+			if (($_POST['ip'] && !is_ipaddr($_POST['ip']))) {
+				$input_errors[] = gettext("A valid IP address must be specified.");
+			}
+			break;
+        case 'MX':
+			$reqdfields = explode(" ", "mxprio mx");
+			$reqdfieldsn = array(gettext("MX Priority"), gettext("MX Host"));
+
+			do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
+
+			if (($_POST['mxprio'] && !is_numericint($_POST['mxprio']))) {
+				$input_errors[] = gettext("A valid MX priority must be specified.");
+			}
+
+			if (($_POST['mx'] && !is_domain($_POST['mx']))) {
+				$input_errors[] = gettext("A valid MX host must be specified.");
+			}
+			break;
+		default:
+			$input_errors[] = gettext("A valid resource record type must be specified.");
+			break;
+	}
 
 	/* collect aliases */
 	$aliases = array();
@@ -136,10 +173,20 @@ if ($_POST) {
 		$hostent = array();
 		$hostent['host'] = $_POST['host'];
 		$hostent['domain'] = $_POST['domain'];
+		$hostent['rr'] = $_POST['rr'];
 		$hostent['ip'] = $_POST['ip'];
+		$hostent['mxprio'] = $_POST['mxprio'];
+		$hostent['mx'] = $_POST['mx'];
 		$hostent['descr'] = $_POST['descr'];
 		$hostent['aliases']['item'] = $aliases;
 
+		/* Destinguish between A and AAAA by parsing the passed IP address */
+		if ($_POST['rr'] == 'A') {
+			if (is_ipaddrv6($_POST['ip'])) {
+				$hostent['rr'] = 'AAAA';
+			}
+		}
+
 		if (isset($id) && $a_hosts[$id])
 			$a_hosts[$id] = $hostent;
 		else
@@ -175,6 +222,25 @@ include("head.inc");
 		rowname[2] = "aliasdescription";
 		rowtype[2] = "textbox";
 		rowsize[2] = "20";
+
+		function type_change() {
+			switch (jQuery('#rr').val()) {
+				case 'A':
+					jQuery('#ip').prop('disabled', false);
+					jQuery('#mxprio').prop('disabled', true);
+					jQuery('#mx').prop('disabled', true);
+					break;
+				case 'MX':
+					jQuery('#ip').prop('disabled', true);
+					jQuery('#mxprio').prop('disabled', false);
+					jQuery('#mx').prop('disabled', false);
+					break;
+				default:
+					jQuery('#ip').prop('disabled', false);
+					jQuery('#mxprio').prop('disabled', false);
+					jQuery('#mx').prop('disabled', false);
+			}
+		}
 	//]]>
 	</script>
 
@@ -216,13 +282,46 @@ include("head.inc");
 										</td>
 									</tr>
 									<tr>
-										<td width="22%" valign="top" class="vncellreq"><?=gettext("IP address");?></td>
+										<td width="22%" valign="top" class="vncellreq"><?=gettext("Type");?></td>
+										<td width="78%" class="vtable">
+											<select name="rr" id="rr" class="formselect" onchange="type_change()">
+											<?php
+												 $rrs = array("A" => gettext("A or AAAA (IPv4 or IPv6 address)"), "MX" => gettext("MX (Mail server)"));
+												 foreach ($rrs as $rr => $name) :
+											?>
+											<option value="<?=$rr;?>" <?=($rr == $pconfig['rr'] || ($rr == 'A' && $pconfig['rr'] == 'AAAA')) ? "selected=\"selected\"" : "";?> >
+												<?=$name;?>
+											</option>
+											<?php endforeach; ?>
+											</select>
+											<span class="vexpl"><?=gettext("Type of resource record"); ?><br />
+												<?=gettext("e.g."); ?> <em>A</em> <?=gettext("or"); ?> <em>AAAA</em> <?=gettext("for IPv4 or IPv6 addresses"); ?></span>
+										</td>
+									</tr>
+									<tr>
+										<td width="22%" valign="top" class="vncellreq"><?=gettext("IP");?></td>
 										<td width="78%" class="vtable">
 											<input name="ip" type="text" class="formfld" id="ip" size="40" value="<?=htmlspecialchars($pconfig['ip']);?>" /><br />
 											<span class="vexpl"><?=gettext("IP address of the host"); ?><br />
 												<?=gettext("e.g."); ?> <em>192.168.100.100</em> <?=gettext("or"); ?> <em>fd00:abcd::1</em></span>
 										</td>
 									</tr>
+									<tr>
+										<td width="22%" valign="top" class="vncellreq"><?=gettext("MX Priority");?></td>
+										<td width="78%" class="vtable">
+											<input name="mxprio" type="text" class="formfld" id="mxprio" size="6" value="<?=htmlspecialchars($pconfig['mxprio']);?>" /><br />
+											<span class="vexpl"><?=gettext("Priority of MX record"); ?><br />
+												<?=gettext("e.g."); ?> <em>10</em></span>
+										</td>
+									</tr>
+									<tr>
+										<td width="22%" valign="top" class="vncellreq"><?=gettext("MX Host");?></td>
+										<td width="78%" class="vtable">
+											<input name="mx" type="text" class="formfld" id="mx" size="6" value="<?=htmlspecialchars($pconfig['mx']);?>" /><br />
+											<span class="vexpl"><?=gettext("Host name of MX host"); ?><br />
+                                                <?=gettext("e.g."); ?> <em>mail.example.com</em></span>
+										</td>
+									</tr>
 									<tr>
 										<td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td>
 										<td width="78%" class="vtable">
@@ -306,4 +405,9 @@ include("head.inc");
 		</div>
 	</section>
 
+<script type="text/javascript">
+//<![CDATA[
+type_change();
+//]]>
+</script>
 <?php include("foot.inc"); ?>
diff --git a/src/www/services_unbound_overrides.php b/src/www/services_unbound_overrides.php
index 6b2e06395..2c4227771 100644
--- a/src/www/services_unbound_overrides.php
+++ b/src/www/services_unbound_overrides.php
@@ -41,6 +41,13 @@ if (!is_array($config['unbound']['hosts']))
 	$config['unbound']['hosts'] = array();
 $a_hosts =& $config['unbound']['hosts'];
 
+/* Backwards compatibility for records created before introducing RR types. */
+foreach ($a_hosts as $i => $hostent) {
+    if (!isset($hostent['rr'])) {
+        $a_hosts[$i]['rr'] = (is_ipaddrv6($hostent['ip'])) ? 'AAAA' : 'A';
+    }
+}
+
 if (!is_array($config['unbound']['domainoverrides']))
 	$config['unbound']['domainoverrides'] = array();
 $a_domainOverrides = &$config['unbound']['domainoverrides'];
@@ -112,6 +119,7 @@ include_once("head.inc");
 					<div class="content-box-main col-xs-12">
 						<?=gettext("Entries in this section override individual results from the forwarders.");?>
 	<?=gettext("Use these for changing DNS results or for adding custom DNS records.");?>
+	<?=gettext("Keep in mind that all resource record types (i.e. A, AAAA, MX, etc. records) of a specified host below are being overwritten.");?>
 					</div>
 					    <div class="content-box-main col-xs-12">
 					    <div class="table-responsive">
@@ -119,8 +127,9 @@ include_once("head.inc");
 								<thead>
 								<tr>
 									<td width="20%" class="listhdrr"><?=gettext("Host");?></td>
-									<td width="25%" class="listhdrr"><?=gettext("Domain");?></td>
-									<td width="20%" class="listhdrr"><?=gettext("IP");?></td>
+									<td width="20%" class="listhdrr"><?=gettext("Domain");?></td>
+									<td width="5%" class="listhdrr"><?=gettext("Type");?></td>
+									<td width="20%" class="listhdrr"><?=gettext("Value");?></td>
 									<td width="30%" class="listhdr"><?=gettext("Description");?></td>
 									<td width="5%" class="list">
 										<table border="0" cellspacing="0" cellpadding="1" summary="add">
@@ -142,7 +151,24 @@ include_once("head.inc");
 										<?=strtolower($hostent['domain']);?>&nbsp;
 									</td>
 									<td class="listr" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
-										<?=$hostent['ip'];?>&nbsp;
+										<?=strtoupper($hostent['rr']);?>&nbsp;
+									</td>
+									<td class="listr" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
+                                        <?php
+                                            /* Presentation of DNS value differs between chosen RR type. */
+                                            switch ($hostent['rr']) {
+                                                case 'A':
+                                                case 'AAAA':
+                                                    print $hostent['ip'];
+                                                    break;
+                                                case 'MX':
+                                                    print $hostent['mxprio'] . " " . $hostent['mx'];
+                                                    break;
+                                                default:
+                                                    print '&nbsp;';
+                                                    break;
+                                            }
+                                        ?>
 									</td>
 									<td class="listbg" ondblclick="document.location='services_unbound_host_edit.php?id=<?=$i;?>';">
 										<?=htmlspecialchars($hostent['descr']);?>&nbsp;

From 920217e1044fb03066e3f8cf5abde0f285d3d669 Mon Sep 17 00:00:00 2001
From: Manuel Faux <mfaux@conf.at>
Date: Fri, 11 Dec 2015 14:35:57 +0100
Subject: [PATCH 4/6] unbound: Corrected copyright notes

---
 src/etc/inc/unbound.inc                | 1 +
 src/www/services_unbound_host_edit.php | 1 +
 src/www/services_unbound_overrides.php | 2 ++
 3 files changed, 4 insertions(+)

diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc
index 56a133897..79cce8a9d 100644
--- a/src/etc/inc/unbound.inc
+++ b/src/etc/inc/unbound.inc
@@ -1,6 +1,7 @@
 <?php
 
 /*
+    Copyright (C) 2015 Manuel Faux <mfaux@conf.at>
     Copyright (C) 2014 Warren Baker <warren@decoy.co.za>
     All rights reserved.
 
diff --git a/src/www/services_unbound_host_edit.php b/src/www/services_unbound_host_edit.php
index 6830b0a1b..15df83633 100644
--- a/src/www/services_unbound_host_edit.php
+++ b/src/www/services_unbound_host_edit.php
@@ -1,6 +1,7 @@
 <?php
 
 /*
+	Copyright (C) 2015 Manuel Faux <mfaux@conf.at>
 	Copyright (C) 2014-2015 Deciso B.V.
 	Copyright (C) 2014 Warren Baker <warren@decoy.co.za>
 	Copyright (C) 2003-2004 Bob Zoller <bob@kludgebox.com> and Manuel Kasper <mk@neon1.net>.
diff --git a/src/www/services_unbound_overrides.php b/src/www/services_unbound_overrides.php
index 2c4227771..8233560c8 100644
--- a/src/www/services_unbound_overrides.php
+++ b/src/www/services_unbound_overrides.php
@@ -1,7 +1,9 @@
 <?php
 
 /*
+	Copyright (C) 2015 Manuel Faux <mfaux@conf.at>
 	Copyright (C) 2014-2015 Deciso B.V.
+	Copyright (C) 2014 Warren Baker <warren@pfsense.org>
 	All rights reserved.
 
 	Redistribution and use in source and binary forms, with or without

From 23c805dc544dbcdff3fa4055facd58d95f84996d Mon Sep 17 00:00:00 2001
From: Manuel Faux <mfaux@conf.at>
Date: Fri, 11 Dec 2015 14:37:53 +0100
Subject: [PATCH 5/6] unbound: Fixed inconsistent code formatting

---
 src/www/services_unbound_host_edit.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/www/services_unbound_host_edit.php b/src/www/services_unbound_host_edit.php
index 15df83633..c27c34a1c 100644
--- a/src/www/services_unbound_host_edit.php
+++ b/src/www/services_unbound_host_edit.php
@@ -104,7 +104,7 @@ if ($_POST) {
 				$input_errors[] = gettext("A valid IP address must be specified.");
 			}
 			break;
-        case 'MX':
+		case 'MX':
 			$reqdfields = explode(" ", "mxprio mx");
 			$reqdfieldsn = array(gettext("MX Priority"), gettext("MX Host"));
 

From 57b8d60d59f6034da9247ad3c47b05423374b0a5 Mon Sep 17 00:00:00 2001
From: Manuel Faux <mfaux@conf.at>
Date: Fri, 8 Jan 2016 08:55:54 +0100
Subject: [PATCH 6/6] unbound: removed no-duplicate host restriction

Previously it was not possible to add two host override entries for the same
host-domain combination. Technically this restriction does not exist neither
within unbound nor DNS.
---
 src/etc/inc/unbound.inc                | 41 +++++++++++---------------
 src/www/services_unbound_host_edit.php | 12 --------
 2 files changed, 18 insertions(+), 35 deletions(-)

diff --git a/src/etc/inc/unbound.inc b/src/etc/inc/unbound.inc
index 79cce8a9d..d114d821f 100644
--- a/src/etc/inc/unbound.inc
+++ b/src/etc/inc/unbound.inc
@@ -515,32 +515,27 @@ function unbound_add_host_entries() {
         $host_entries = "";
         $added_item = array();
         foreach($config['unbound']['hosts'] as $host) {
-            $current_host = $host['host'];
-            if ($host['host'] != "")
+            if ($host['host'] != "") {
                 $host['host'] = $host['host'].".";
-            if (!$added_item[$current_host]) {
-                /* Backwards compatibility for records created before introducing RR types. */
-                if (!isset($host['rr'])) {
-                    $host['rr'] = (is_ipaddrv6($host['ip'])) ? 'AAAA' : 'A';
-                }
+            }
+            /* Backwards compatibility for records created before introducing RR types. */
+            if (!isset($host['rr'])) {
+                $host['rr'] = (is_ipaddrv6($host['ip'])) ? 'AAAA' : 'A';
+            }
 
-                switch ($host['rr']) {
-                    case 'A':
-                    case 'AAAA':
-                        $host_entries .= "local-data-ptr: \"{$host['ip']} {$host['host']}{$host['domain']}\"\n";
-                        $host_entries .= "local-data: \"{$host['host']}{$host['domain']} IN {$host['rr']} {$host['ip']}\"\n";
-                        break;
-                    case 'MX':
-                        $host_entries .= "local-data: \"{$host['host']}{$host['domain']} IN MX {$host['mxprio']} {$host['mx']}\"\n";
-                        break;
-                }
+            switch ($host['rr']) {
+                case 'A':
+                case 'AAAA':
+                    $host_entries .= "local-data-ptr: \"{$host['ip']} {$host['host']}{$host['domain']}\"\n";
+                    $host_entries .= "local-data: \"{$host['host']}{$host['domain']} IN {$host['rr']} {$host['ip']}\"\n";
+                    break;
+                case 'MX':
+                    $host_entries .= "local-data: \"{$host['host']}{$host['domain']} IN MX {$host['mxprio']} {$host['mx']}\"\n";
+                    break;
+            }
 
-                if (!empty($host['descr']) && isset($config['unbound']['txtsupport'])) {
-                    $host_entries .= "local-data: '{$host['host']}{$host['domain']} TXT \"".addslashes($host['descr'])."\"'\n";
-                }
-
-                // Do not add duplicate entries
-                $added_item[$current_host] = true;
+            if (!empty($host['descr']) && isset($config['unbound']['txtsupport'])) {
+                $host_entries .= "local-data: '{$host['host']}{$host['domain']} TXT \"".addslashes($host['descr'])."\"'\n";
             }
         }
         $unbound_entries .= $host_entries;
diff --git a/src/www/services_unbound_host_edit.php b/src/www/services_unbound_host_edit.php
index c27c34a1c..bbdfad1e9 100644
--- a/src/www/services_unbound_host_edit.php
+++ b/src/www/services_unbound_host_edit.php
@@ -158,18 +158,6 @@ if ($_POST) {
 			$input_errors[] = gettext("A valid domain must be specified in alias list.");
 	}
 
-	/* check for overlaps */
-	foreach ($a_hosts as $hostent) {
-		if (isset($id) && ($a_hosts[$id]) && ($a_hosts[$id] === $hostent))
-			continue;
-
-		if (($hostent['host'] == $_POST['host']) && ($hostent['domain'] == $_POST['domain'])
-			&& ((is_ipaddrv4($hostent['ip']) && is_ipaddrv4($_POST['ip'])) || (is_ipaddrv6($hostent['ip']) && is_ipaddrv6($_POST['ip'])))) {
-			$input_errors[] = gettext("This host/domain already exists.");
-			break;
-		}
-	}
-
 	if (!$input_errors) {
 		$hostent = array();
 		$hostent['host'] = $_POST['host'];