From patchwork Mon Oct 21 16:38:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tremer X-Patchwork-Id: 8199 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4XXLc44CDwz3wmx for ; Mon, 21 Oct 2024 16:39:00 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4XXLc04fVmz3lB; Mon, 21 Oct 2024 16:38:56 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4XXLc04653z343j; Mon, 21 Oct 2024 16:38:56 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4XXLbw2n12z303Q for ; Mon, 21 Oct 2024 16:38:52 +0000 (UTC) Received: from michael.haj.ipfire.org (michael.haj.ipfire.org [172.28.1.242]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "michael.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4XXLbv5rTvzmh; Mon, 21 Oct 2024 16:38:51 +0000 (UTC) Received: by michael.haj.ipfire.org (Postfix, from userid 0) id 4XXLbv4Nn1zTgKx; Mon, 21 Oct 2024 16:38:51 +0000 (UTC) From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH 1/4] unbound-dhcp-leases-bridge: Don't export expired leases to Unbound Date: Mon, 21 Oct 2024 16:38:46 +0000 Message-Id: <20241021163849.1265183-1-michael.tremer@ipfire.org> X-Mailer: git-send-email 2.39.5 MIME-Version: 1.0 Message-ID-Hash: NPMKYJEEQEMZ3BSM3ZJSZXYZC7GW7C2M X-Message-ID-Hash: NPMKYJEEQEMZ3BSM3ZJSZXYZC7GW7C2M X-MailFrom: root@michael.haj.ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Michael Tremer X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Signed-off-by: Michael Tremer Reviewed-by: Bernhard Bitsch --- config/unbound/unbound-dhcp-leases-bridge | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/unbound/unbound-dhcp-leases-bridge b/config/unbound/unbound-dhcp-leases-bridge index 986fae2d2..bc944a073 100644 --- a/config/unbound/unbound-dhcp-leases-bridge +++ b/config/unbound/unbound-dhcp-leases-bridge @@ -276,7 +276,7 @@ class UnboundDHCPLeasesBridge(object): if lease.has_expired(): log.debug(" Expired") - self.unbound.update_dhcp_leases(self.leases) + self.unbound.update_dhcp_leases([l for l in self.leases if not l.has_expired()]) def _add_lease(self, lease): # Skip leases without an FQDN From patchwork Mon Oct 21 16:38:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tremer X-Patchwork-Id: 8197 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4XXLc25WHRz3wmx for ; Mon, 21 Oct 2024 16:38:58 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4XXLbz2V6cz1Yq; Mon, 21 Oct 2024 16:38:55 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4XXLbz0V1fz34Hb; Mon, 21 Oct 2024 16:38:55 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4XXLbw2LtXz303Q for ; Mon, 21 Oct 2024 16:38:52 +0000 (UTC) Received: from michael.haj.ipfire.org (michael.haj.ipfire.org [172.28.1.242]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "michael.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4XXLbv6Y4bz1Yq; Mon, 21 Oct 2024 16:38:51 +0000 (UTC) Received: by michael.haj.ipfire.org (Postfix, from userid 0) id 4XXLbv4TWQzTgJd; Mon, 21 Oct 2024 16:38:51 +0000 (UTC) From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH 2/4] unbound-dhcp-leases-bridge: Fix typo Date: Mon, 21 Oct 2024 16:38:47 +0000 Message-Id: <20241021163849.1265183-2-michael.tremer@ipfire.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241021163849.1265183-1-michael.tremer@ipfire.org> References: <20241021163849.1265183-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: 7TVUTQBQLHKRSEJNOYZERMQLFPBDA4PO X-Message-ID-Hash: 7TVUTQBQLHKRSEJNOYZERMQLFPBDA4PO X-MailFrom: root@michael.haj.ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Michael Tremer X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Signed-off-by: Michael Tremer Reviewed-by: Bernhard Bitsch --- config/unbound/unbound-dhcp-leases-bridge | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/unbound/unbound-dhcp-leases-bridge b/config/unbound/unbound-dhcp-leases-bridge index bc944a073..2cbdaa004 100644 --- a/config/unbound/unbound-dhcp-leases-bridge +++ b/config/unbound/unbound-dhcp-leases-bridge @@ -279,9 +279,9 @@ class UnboundDHCPLeasesBridge(object): self.unbound.update_dhcp_leases([l for l in self.leases if not l.has_expired()]) def _add_lease(self, lease): - # Skip leases without an FQDN + # Skip leases without a FQDN if not lease.fqdn: - log.debug("Skipping lease without an FQDN: %s" % lease) + log.debug("Skipping lease without a FQDN: %s" % lease) return # Skip any leases that also are a static host From patchwork Mon Oct 21 16:38:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tremer X-Patchwork-Id: 8198 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4XXLc32RCqz3x2Q for ; Mon, 21 Oct 2024 16:38:59 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4XXLbz4bg0z3l8; Mon, 21 Oct 2024 16:38:55 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4XXLbz2dzMz34Hg; Mon, 21 Oct 2024 16:38:55 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4XXLbw2bDZz33r6 for ; Mon, 21 Oct 2024 16:38:52 +0000 (UTC) Received: from michael.haj.ipfire.org (michael.haj.ipfire.org [172.28.1.242]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "michael.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4XXLbw0B8Jz1rv; Mon, 21 Oct 2024 16:38:52 +0000 (UTC) Received: by michael.haj.ipfire.org (Postfix, from userid 0) id 4XXLbv4ZQnzTgWZ; Mon, 21 Oct 2024 16:38:51 +0000 (UTC) From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH 3/4] unbound-dhcp-leases-bridge: Don't overwrite static leases Date: Mon, 21 Oct 2024 16:38:48 +0000 Message-Id: <20241021163849.1265183-3-michael.tremer@ipfire.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241021163849.1265183-1-michael.tremer@ipfire.org> References: <20241021163849.1265183-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: POKYAOJJN2VUVRTGFYW7Y3Y4A3A6IKWZ X-Message-ID-Hash: POKYAOJJN2VUVRTGFYW7Y3Y4A3A6IKWZ X-MailFrom: root@michael.haj.ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Michael Tremer X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: When we import all static leases, their remark will be used as hostname (because WTF?) and might be overwritten if the device is not sending any or even the same hostname. This patch avoids that static leases will be modified. Signed-off-by: Michael Tremer Reviewed-by: Bernhard Bitsch --- config/unbound/unbound-dhcp-leases-bridge | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/config/unbound/unbound-dhcp-leases-bridge b/config/unbound/unbound-dhcp-leases-bridge index 2cbdaa004..66ea28054 100644 --- a/config/unbound/unbound-dhcp-leases-bridge +++ b/config/unbound/unbound-dhcp-leases-bridge @@ -216,6 +216,11 @@ class UnboundDHCPLeasesBridge(object): # Find the old lease old_lease = self._find_lease(address) + # Don't update fixed leases as they might clear the hostname + if old_lease and old_lease.fixed: + log.debug("Won't update fixed lease %s" % old_lease) + return + # Create a new lease lease = Lease(address, { "client-hostname" : name, @@ -581,19 +586,20 @@ class FixLeases(object): "client-hostname" : hostname, "starts" : now.strftime("%w %Y/%m/%d %H:%M:%S"), "ends" : "never", - }) + }, fixed=True) leases.append(l) return leases class Lease(object): - def __init__(self, ipaddr, properties): + def __init__(self, ipaddr, properties, fixed=False): if not isinstance(ipaddr, ipaddress.IPv4Address): ipaddr = ipaddress.IPv4Address(ipaddr) self.ipaddr = ipaddr self._properties = properties + self.fixed = fixed def __repr__(self): return "<%s for %s (%s)>" % (self.__class__.__name__, self.ipaddr, self.hostname) From patchwork Mon Oct 21 16:38:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tremer X-Patchwork-Id: 8200 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4XXLc51NKkz3x2Q for ; Mon, 21 Oct 2024 16:39:01 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4XXLc05vpqz4XY; Mon, 21 Oct 2024 16:38:56 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4XXLc05MRQz34Gx; Mon, 21 Oct 2024 16:38:56 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4XXLbw32Pgz303Q for ; Mon, 21 Oct 2024 16:38:52 +0000 (UTC) Received: from michael.haj.ipfire.org (michael.haj.ipfire.org [172.28.1.242]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "michael.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4XXLbw0m97z2G5; Mon, 21 Oct 2024 16:38:52 +0000 (UTC) Received: by michael.haj.ipfire.org (Postfix, from userid 0) id 4XXLbv4hzfzTgbf; Mon, 21 Oct 2024 16:38:51 +0000 (UTC) From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH 4/4] unbound-dhcp-leases-bridge: Fix expiry check on leases Date: Mon, 21 Oct 2024 16:38:49 +0000 Message-Id: <20241021163849.1265183-4-michael.tremer@ipfire.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20241021163849.1265183-1-michael.tremer@ipfire.org> References: <20241021163849.1265183-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: PKJ6YGXZP7QCKYVVQK47CZGDRGC6HNAD X-Message-ID-Hash: PKJ6YGXZP7QCKYVVQK47CZGDRGC6HNAD X-MailFrom: root@michael.haj.ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Michael Tremer X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Signed-off-by: Michael Tremer --- config/unbound/unbound-dhcp-leases-bridge | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/unbound/unbound-dhcp-leases-bridge b/config/unbound/unbound-dhcp-leases-bridge index 66ea28054..4a6f9587f 100644 --- a/config/unbound/unbound-dhcp-leases-bridge +++ b/config/unbound/unbound-dhcp-leases-bridge @@ -717,7 +717,7 @@ class Lease(object): if not self.time_ends: return self.time_starts > datetime.datetime.utcnow() - return self.time_starts > datetime.datetime.utcnow() > self.time_ends + return not self.time_starts < datetime.datetime.utcnow() < self.time_ends @property def rrset(self):