lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-17 01:54:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

DHCPv6 static mappings and dns, simplify https://github.com/opnsense/core/pull/3946 a bit

Browse Source
This commit is contained in:
Ad Schellevis 2020-02-21 12:17:15 +01:00
parent 309a297920
commit ea15651f4b
4 changed files with 314 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/etc/filter_geoip.conf Normal file
View File

@ -0,0 +1,2 @@
[settings]
url=https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=LOsihUK2tzDT6JOg&suffix=zip

294
src/etc/filter_tables.conf Normal file
View File

@ -0,0 +1,294 @@
<tabledef>
<general>
<ssl_no_verify>1</ssl_no_verify>
</general>
<table>
<name>CH</name>
<descr>CH</descr>
<type>geoip</type>
<address>CH</address>
<proto>IPv4</proto>
<ttl>86400</ttl>
</table>
<table>
<name>EasyRuleBlockHostsOPT1</name>
<descr>Hosts blocked from Firewall Log view</descr>
<type>network</type>
<address>10.37.129.2/32
2001:db8::2:1/24</address>
</table>
<table>
<name>ext_test</name>
<descr>ext_test</descr>
<type>external</type>
</table>
<table>
<name>ExternalIPs</name>
<descr>ExternalIPs_desc</descr>
<type>host</type>
<address>10.0.0.1
10.0.0.2</address>
<ttl>300</ttl>
</table>
<table>
<name>meuk987</name>
<descr>meuk987</descr>
<type>host</type>
<address>www.nu.nl
10.11.2.1
10.11.2.2
test.meuk</address>
<ttl>300</ttl>
</table>
<table>
<name>meuk99999</name>
<descr>meuk99999</descr>
<type>host</type>
<address>meuk987
spamhaus</address>
<ttl>300</ttl>
</table>
<table>
<name>meuk999991</name>
<descr>meuk999991</descr>
<type>host</type>
<address>meuk99999</address>
<ttl>300</ttl>
</table>
<table>
<name>range_test</name>
<descr>test</descr>
<type>network</type>
<address>192.168.1.10-192.168.1.20
192.168.1.11</address>
</table>
<table>
<name>recursionA</name>
<descr>recursionA</descr>
<type>host</type>
<address>10.0.0.1
recursionC</address>
<ttl>300</ttl>
</table>
<table>
<name>recursionB</name>
<descr>recursionB</descr>
<type>host</type>
<address>10.0.0.2
recursionA</address>
<ttl>300</ttl>
</table>
<table>
<name>recursionC</name>
<descr>test</descr>
<type>host</type>
<address>recursionA
recursionB</address>
<ttl>300</ttl>
</table>
<table>
<name>spamhaus</name>
<descr>spamhaus</descr>
<type>urltable</type>
<address></address>
<ttl>3600.0</ttl>
</table>
<table>
<name>telegram</name>
<descr>telegram</descr>
<type>host</type>
<address>149.154.167.91</address>
<ttl>300</ttl>
</table>
<table>
<name>test</name>
<descr>test</descr>
<type>host</type>
<address>10.211.55.22
10.211.55.101
10.211.55.102</address>
<ttl>300</ttl>
</table>
<table>
<name>test05465</name>
<descr>jhg</descr>
<type>host</type>
<address>www.ad.nl
1.1.1.1
www.nu.nl
192.168.1.200</address>
<ttl>300</ttl>
</table>
<table>
<name>test999</name>
<descr>gafdshgasfdhgx</descr>
<type>url</type>
<address></address>
</table>
<table>
<name>test_external</name>
<descr>test ext</descr>
<type>external</type>
</table>
<table>
<name>test_geoip</name>
<descr>geoip</descr>
<type>geoip</type>
<address>AO
BJ
AL
DE
LU
AX</address>
<proto>IPv4,IPv6</proto>
<ttl>86400</ttl>
</table>
<table>
<name>TEST_LAN_1</name>
<descr>TEST_LAN_1</descr>
<type>network</type>
<address>192.168.1.0/24</address>
</table>
<table>
<name>TEST_LAN_2</name>
<descr>TEST_LAN_2</descr>
<type>network</type>
<address>192.168.2.0/24</address>
</table>
<table>
<name>TEST_LAN_3</name>
<descr>TEST_LAN_3</descr>
<type>network</type>
<address>192.168.3.0/24</address>
</table>
<table>
<name>TEST_LAN_4</name>
<descr>TEST_LAN_4</descr>
<type>network</type>
<address>192.168.4.0/24</address>
</table>
<table>
<name>TEST_LAN_5x</name>
<descr>TEST_LAN_5</descr>
<type>network</type>
<address>192.168.0.5/24</address>
</table>
<table>
<name>TEST_LAN_x</name>
<descr>TEST_LAN_x</descr>
<type>network</type>
<address>TEST_LAN_2
TEST_LAN_3
TEST_LAN_4
8.8.8.8
192.168.1.200/32</address>
</table>
<table>
<name>test_range000</name>
<descr>test_range000</descr>
<type>network</type>
<address>192.168.0.1-192.168.0.100
EasyRuleBlockHostsOPT1
10.0.0.0/24
10.0.0.1</address>
</table>
<table>
<name>test_url</name>
<descr>test_url</descr>
<type>urltable</type>
<address></address>
<ttl>129600.0</ttl>
</table>
<table>
<name>testimport</name>
<descr>testimport_desc</descr>
<type>network</type>
<address>10.0.0.0/24
10.1.0.0/24
10.2.0.0/24</address>
</table>
<table>
<name>testURLtable</name>
<descr>testURLtable</descr>
<type>urltable</type>
<address></address>
<ttl>86400.0</ttl>
</table>
<table>
<name>xxxgeo_ipv4_ipv6</name>
<descr>xxxgeo_ipv4_ipv6</descr>
<type>geoip</type>
<address>DZ
BW</address>
<proto>IPv4,IPv6</proto>
<ttl>86400</ttl>
</table>
<table>
<name>xxx</name>
<descr>xxx</descr>
<type>host</type>
<address>192.168.1.1</address>
<ttl>300</ttl>
</table>
<table>
<name>test_urlX</name>
<descr>test_url</descr>
<type>urltable</type>
<address></address>
<ttl>360.0</ttl>
</table>
<table>
<name>test_hostnam</name>
<descr>test</descr>
<type>host</type>
<address>test-domain</address>
<ttl>300</ttl>
</table>
<table>
<name>test_large_url_alias</name>
<descr>test_large_url_alias</descr>
<type>urltable</type>
<url>https://10.37.132.100/attacks.netset</url>
<ttl>86400.0</ttl>
</table>
<table>
<name>lux</name>
<descr>lux</descr>
<type>geoip</type>
<address>LU</address>
<proto>IPv4,IPv6</proto>
<ttl>86400</ttl>
</table>
<table>
<name>my_very_large_alias</name>
<descr>my_very_large_alias</descr>
<type>geoip</type>
<address></address>
<ttl>86400</ttl>
</table>
<table>
<name>myalias</name>
<descr>myalias</descr>
<type>host</type>
<address>200.200.200.207
200.200.200.201
200.200.200.203
200.200.200.210
200.200.200.199
200.200.200.189</address>
<ttl>300</ttl>
</table>
<table>
<name>hostonly_net</name>
<descr>hostonly_net</descr>
<type>network</type>
<address>10.37.132.0/24</address>
</table>
<table>
<name>YT4services</name>
<descr></descr>
<type>host</type>
<address>1.1.1.1</address>
<ttl>300</ttl>
</table>
</tabledef>

25
src/etc/inc/plugins.inc.d/dnsmasq.inc
View File

@ -263,26 +263,19 @@ function _dnsmasq_add_host_entries()
if (!$host['ipaddrv6'] || !$host['hostname']) {
continue;
}
$domain = $config['system']['domain'];
// set domain to first entry of host's domain search list
if ($host['domainsearchlist']) {
$domain_array=preg_split("/[ ;]+/",$host['domainsearchlist']);
$domain = $domain_array[0];
// backward compatibilty: 'domain' was replaced by 'domainsearchlist'
// in dhcpv6 static mappings, but may still exist in older configs
} elseif ($host['domain']) {
// XXX: dhcpdv6 domain entries have been superseded by domainsearchlist,
// for backward compatibilty support both here.
if (!empty($host['domainsearchlist'])) {
$domain = $host['domainsearchlist'];
} elseif (!empty($host['domain'])) {
$domain = $host['domain'];
// set domain to first entry of interface's domain search list
} elseif ($dhcpifconf['domainsearchlist']) {
$domain_array=preg_split("/[ ;]+/",$dhcpifconf['domainsearchlist']);
$domain = $domain_array[0];
// backward compatibilty: 'domain' was removed from dhcpv6
// interface settings, but may still exist in older configs
} elseif ($dhcpifconf['domain']) {
} elseif (!empty($dhcpifconf['domainsearchlist'])) {
$domain = $dhcpifconf['domainsearchlist'];
} elseif (!empty($dhcpifconf['domain'])) {
$domain = $dhcpifconf['domain'];
}
$domain = explode(";", $domain)[0]; // XXX: first entry of domainsearchlist
$dhosts .= "{$host['ipaddrv6']}\t{$host['hostname']}.{$domain} {$host['hostname']}\n";
}
}

24
src/etc/inc/plugins.inc.d/unbound.inc
View File

@ -680,24 +680,18 @@ function unbound_add_host_entries()
}
$domain = $config['system']['domain'];
// set domain to first entry of host's domain search list
if ($host['domainsearchlist']) {
$domain_array=preg_split("/[ ;]+/",$host['domainsearchlist']);
$domain = $domain_array[0];
// backward compatibilty: 'domain' was replaced by 'domainsearchlist'
// in dhcpv6 static mappings, but may still exist in older configs
} elseif ($host['domain']) {
// XXX: dhcpdv6 domain entries have been superseded by domainsearchlist,
// for backward compatibilty support both here.
if (!empty($host['domainsearchlist'])) {
$domain = $host['domainsearchlist'];
} elseif (!empty($host['domain'])) {
$domain = $host['domain'];
// set domain to first entry of interface's domain search list
} elseif ($dhcpifconf['domainsearchlist']) {
$domain_array=preg_split("/[ ;]+/",$dhcpifconf['domainsearchlist']);
$domain = $domain_array[0];
// backward compatibilty: 'domain' was removed from dhcpv6
// interface settings, but may still exist in older configs
} elseif ($dhcpifconf['domain']) {
} elseif (!empty($dhcpifconf['domainsearchlist'])) {
$domain = $dhcpifconf['domainsearchlist'];
} elseif (!empty($dhcpifconf['domain'])) {
$domain = $dhcpifconf['domain'];
}
$domain = explode(";", $domain)[0]; // XXX: first entry of domainsearchlist
$unbound_entries .= "local-data-ptr: \"{$host['ipaddrv6']} {$host['hostname']}.{$domain}\"\n";
$unbound_entries .= "local-data: \"{$host['hostname']}.{$domain} IN AAAA {$host['ipaddrv6']}\"\n";
if (!empty($host['descr']) && $unboundcfg['txtsupport'] == 'on') {