From patchwork Tue Apr 9 04:04:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 2190 Return-Path: Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 3B40688E621 for ; Mon, 8 Apr 2019 19:04:29 +0100 (BST) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 44dJGN4jHMz5DtqX; Mon, 8 Apr 2019 19:04:28 +0100 (BST) Received: from [127.0.0.1] (unknown [IPv6:2a00:1298:8011:212::165]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 44dJGJ6Trnz5DtqT for ; Mon, 8 Apr 2019 19:04:24 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904rsa; t=1554746665; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references; bh=KDB78X6OtRRDRv2Ldx3hy2Xr60IpcvL0ZbRCff9Sy7Q=; b=sTMWXsOJ0df/sSGVC/ZfHXcafkWdmpiwb0x8Odc3teTtrTS2JwMwAEJodKwRNRMvcnfVYl SAapMqP9nh4dk2I8SPE93S0fTZd0Iu6n5EamsJvYIbutAjhX3sKfgue4oVfOqjB6RoOWOd TABr+Bk0R2Si5bIy+4dezBm84KBjyxOK4Z1hvV/e8rzj6sLInO6J5EmOAfrY7o7FSrNYkJ NWSLFlQpsXkxCS8+n58xS3S/lVtxZa/FpZ++jF8xpSlrNCp4QAvGUJXJArecC6bZ+kARk5 tc86RUgI1r5W8TJESloE4b19EatiQYRtiDBSJ+Qp+nVHmL9OkIIwTCoRfxYpTA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904ed25519; t=1554746665; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references; bh=KDB78X6OtRRDRv2Ldx3hy2Xr60IpcvL0ZbRCff9Sy7Q=; b=uh7zTe2xVVf78Kjt7ecBeq40gt8C6PqXWWhl6UEC/FPKeKwnmUtCYmTCby1EomQWH11R8b Ghs0MB7Zgqt5qbBw== To: "IPFire: Development-List" From: =?utf-8?q?Peter_M=C3=BCller?= Organization: IPFire.org Subject: [PATCH 1/3] add option for selective PTR generation on hosts.cgi Message-ID: <775dba65-a075-8a3b-4c5b-6eafa8693afe@ipfire.org> Date: Mon, 08 Apr 2019 18:04:00 +0000 MIME-Version: 1.0 Content-Language: en-US Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=pmueller smtp.mailfrom=peter.mueller@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" In some cases, it might be useful to create an additional host (i.e. for round robin loadbalancing) without assigning another PTR to the IP address specified. This patch introduces the ability to check or uncheck PTR generation for each host individually. Partially fixes #12030 Signed-off-by: Peter Müller --- html/cgi-bin/hosts.cgi | 52 +++++++++++++++++++++++++++++++++++++------------- langs/de/cgi-bin/de.pl | 2 ++ langs/en/cgi-bin/en.pl | 2 ++ 3 files changed, 43 insertions(+), 13 deletions(-) diff --git a/html/cgi-bin/hosts.cgi b/html/cgi-bin/hosts.cgi index 41fe8a5b6..973c480b3 100644 --- a/html/cgi-bin/hosts.cgi +++ b/html/cgi-bin/hosts.cgi @@ -2,9 +2,9 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2019 IPFire Team # # # -# This program is free software you can redistribute it and/or modify # +# This program is free software you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # @@ -50,9 +50,10 @@ our %settings = (); #Must not be saved ! $settings{'EN'} = ''; # reuse for dummy field in position zero $settings{'IP'} = ''; -$settings{'HOST'} = ''; -$settings{'DOM'} = ''; -my @nosaved=('EN','IP','HOST','DOM'); # List here ALL setting2 fields. Mandatory +$settings{'HOST'} = ''; +$settings{'DOM'} = ''; +$settings{'PTR'} = ''; +my @nosaved=('EN','IP','HOST','DOM','PTR'); # List here ALL setting2 fields. Mandatory $settings{'ACTION'} = ''; # add/edit/remove $settings{'KEY1'} = ''; # point record for ACTION @@ -78,6 +79,10 @@ if (open(FILE, "$datafile")) { ## Settings1 Box not used... &General::readhash("${General::swroot}/main/settings", \%settings); +# Set PTR to off if filed was not received +if ($settings{'PTR'} eq '') { + $settings{'PTR'} = 'off'; +} ## Now manipulate the multi-line list with Settings2 # Basic actions are: @@ -122,13 +127,12 @@ if ($settings{'ACTION'} eq $Lang::tr{'add'}) { $errormessage = $Lang::tr{'invalid domain name'}; } - unless ($errormessage) { if ($settings{'KEY1'} eq '') { #add or edit ? - unshift (@current, "$settings{'EN'},$settings{'IP'},$settings{'HOST'},$settings{'DOM'}\n"); + unshift (@current, "$settings{'EN'},$settings{'IP'},$settings{'HOST'},$settings{'DOM'},$settings{'PTR'}\n"); &General::log($Lang::tr{'hosts config added'}); } else { - @current[$settings{'KEY1'}] = "$settings{'EN'},$settings{'IP'},$settings{'HOST'},$settings{'DOM'}\n"; + @current[$settings{'KEY1'}] = "$settings{'EN'},$settings{'IP'},$settings{'HOST'},$settings{'DOM'},$settings{'PTR'}\n"; $settings{'KEY1'} = ''; # End edit mode &General::log($Lang::tr{'hosts config changed'}); } @@ -150,6 +154,11 @@ if ($settings{'ACTION'} eq $Lang::tr{'edit'}) { $settings{'IP'}=$temp[1]; $settings{'HOST'}=$temp[2]; $settings{'DOM'}=$temp[3]; + if ($temp[4] eq '') { + $settings{'PTR'} = 'on'; + } else { + $settings{'PTR'}=$temp[4]; + } } if ($settings{'ACTION'} eq $Lang::tr{'remove'}) { @@ -190,6 +199,7 @@ if ($settings{'ACTION'} eq '' ) { # First launch from GUI # Place here default value when nothing is initialized $settings{'EN'} = 'on'; $settings{'DOM'} = $settings{'DOMAINNAME'}; + $settings{'PTR'} = 'on'; } &Header::openpage($Lang::tr{'hostname'}, 1, ''); @@ -238,6 +248,7 @@ if ($errormessage) { # Second check box is for editing the list # $checked{'EN'}{'on'} = ($settings{'EN'} eq '' ) ? '' : "checked='checked'"; +$checked{'PTR'}{'on'} = ($settings{'PTR'} eq 'off' ) ? '' : "checked='checked'"; my $buttontext = $Lang::tr{'add'}; if ($settings{'KEY1'} ne '') { @@ -257,9 +268,16 @@ print < $Lang::tr{'hostname'}: * - + + $Lang::tr{'domain name'}: + $Lang::tr{'generate ptr'}: + + + +   +   $Lang::tr{'enabled'} @@ -288,7 +306,8 @@ print < $Lang::tr{'host ip'} $Lang::tr{'hostname'} - $Lang::tr{'domain name'} + $Lang::tr{'domain name'} + $Lang::tr{'ptr'} $Lang::tr{'action'} END @@ -315,6 +334,12 @@ foreach my $line (@current) { $gdesc = $Lang::tr{'click to enable'}; } + if ($temp[4] eq '' || $temp[4] eq 'on') { + $temp[4] = $Lang::tr{'yes'}; + } else { + $temp[4] = $Lang::tr{'no'}; + } + #Colorize each line if ($settings{'KEY1'} eq $key) { print ""; @@ -329,6 +354,7 @@ foreach my $line (@current) { $temp[1] $temp[2] $temp[3] +$temp[4]
@@ -430,14 +456,14 @@ sub SortDataFile my $key = 0; foreach my $line (@current) { chomp( $line); #remove newline because can be on field 5 or 6 (addition of REMARK) - my @temp = ( '','','', ''); + my @temp = ( '','','','',''); @temp = split (',',$line); # Build a pair 'Field Name',value for each of the data dataline. # Each SORTABLE field must have is pair. # Other data fields (non sortable) can be grouped in one - my @record = ('KEY',$key++,'EN',$temp[0],'IP',$temp[1],'HOST',$temp[2],'DOM',$temp[3]); + my @record = ('KEY',$key++,'EN',$temp[0],'IP',$temp[1],'HOST',$temp[2],'DOM',$temp[3],'PTR',$temp[4]); my $record = {}; # create a reference to empty hash %{$record} = @record; # populate that hash with @record $entries{$record->{KEY}} = $record; # add this to a hash of hashes @@ -447,7 +473,7 @@ sub SortDataFile # Each field value is printed , with the newline ! Don't forget separator and order of them. foreach my $entry (sort fixedleasesort keys %entries) { - print FILE "$entries{$entry}->{EN},$entries{$entry}->{IP},$entries{$entry}->{HOST},$entries{$entry}->{DOM}\n"; + print FILE "$entries{$entry}->{EN},$entries{$entry}->{IP},$entries{$entry}->{HOST},$entries{$entry}->{DOM},$entries{$entry}->{PTR}\n"; } close(FILE); diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 88b34d23b..b2e95b63a 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -1262,6 +1262,7 @@ 'generate dh key' => 'Diffie-Hellman Key generieren', 'generate iso' => 'ISO erstellen', 'generate root/host certificates' => 'Erzeuge Root/Host-Zertifikate', +'generate ptr' => 'PTR erzeugen', 'generate tripwire keys and init' => 'Tripwire Initalisierung', 'generatekeys' => 'Neue Schlüssel erzeugen', 'generatepolicy' => 'Neue Policy erstellen', @@ -1998,6 +1999,7 @@ 'proxy reports today' => 'Heute', 'proxy reports weekly' => 'Wöchentliche Berichte', 'psk' => 'PSK', +'ptr' => 'PTR', 'pulse' => 'Puls', 'pulse dial' => 'Pulswahl:', 'qos add subclass' => 'Unterklasse hinzufügen', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index af0d514af..cbe1ed75e 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1294,6 +1294,7 @@ 'generate dh key' => 'Generate Diffie-Hellman parameters', 'generate iso' => 'Generate ISO', 'generate root/host certificates' => 'Generate root/host certificates', +'generate ptr' => 'Generate PTR', 'generate tripwire keys and init' => 'generate tripwire keys and init', 'generatekeys' => 'Generate Keys', 'generatepolicy' => 'Generate new policy', @@ -2036,6 +2037,7 @@ 'proxy reports today' => 'Today', 'proxy reports weekly' => 'Weekly reports', 'psk' => 'PSK', +'ptr' => 'PTR', 'pulse' => 'Pulse', 'pulse dial' => 'Pulse dial:', 'qos add subclass' => 'Add subclass', From patchwork Tue Apr 9 04:04:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 2191 Return-Path: Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id B3C9188E621 for ; Mon, 8 Apr 2019 19:04:59 +0100 (BST) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 44dJGz1Yl6z5DtqT; Mon, 8 Apr 2019 19:04:59 +0100 (BST) Received: from [127.0.0.1] (unknown [IPv6:2a00:1298:8011:212::165]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 44dJGv0MF5z5DtqT for ; Mon, 8 Apr 2019 19:04:54 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904rsa; t=1554746695; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references; bh=9whC3TYEJjcEQ0di9D5fFMQHIMjYh8GmZm6v4/wlJLs=; b=tVtohDoy7OB0QU7wLeYaZPTeGOpSSrJOh511pBEUdR+pMXqSKonu+Dn+dtdVmSa4s9BIbk Yqpu62lenx/ucWEaef4a9ckSDSsGr5lotUC/B+vc46TgWmw76EBJjdu5uvmFJrkgkS48aK b+GlLPNdAzZwyREofJ/ywYvDo24xH09uE29NIQI8CjP3Qy8TG2aF+itGYN7hIl0syvcrys c/onXwsm+KI3mSBY1ha2S++Lcz7hlL6x2gvkAsIFmZgoSFrVcIrf5hZMGrxDeTJwy01Rr+ ZGr5dxKZQPgk9EpQ1MXmu3U1n1pfdiKzocH+1t8Ow7zT1Oj/tvAMVFNfXog9pg== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904ed25519; t=1554746695; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references; bh=9whC3TYEJjcEQ0di9D5fFMQHIMjYh8GmZm6v4/wlJLs=; b=48bhYzyCtQCvrx7UKV3scIbqVz42pXA2FwIaw/is7g+XA5ZpImpm5YRFklei7DGwNEuRy5 B1MSsTZ2Of+TjXCA== To: "IPFire: Development-List" From: =?utf-8?q?Peter_M=C3=BCller?= Subject: [PATCH 2/3] Unbound: do not generate PTR if the user requested not to, do so Organization: IPFire.org Message-ID: <9d755e0c-eb20-9ad9-9cb5-9ee38f5cc1ec@ipfire.org> Date: Mon, 08 Apr 2019 18:04:00 +0000 MIME-Version: 1.0 Content-Language: en-US Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=pmueller smtp.mailfrom=peter.mueller@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Partially fixes #12030 Signed-off-by: Peter Müller --- src/initscripts/system/unbound | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound index af9bcef73..107f80477 100644 --- a/src/initscripts/system/unbound +++ b/src/initscripts/system/unbound @@ -172,9 +172,9 @@ own_hostname() { } update_hosts() { - local enabled address hostname domainname + local enabled address hostname domainname generateptr - while IFS="," read -r enabled address hostname domainname; do + while IFS="," read -r enabled address hostname domainname generateptr; do [ "${enabled}" = "on" ] || continue # Build FQDN @@ -185,6 +185,9 @@ update_hosts() { # Skip reverse resolution if the address equals the GREEN address [ "${address}" = "${GREEN_ADDRESS}" ] && continue + # Skip reverse resolution if user requested not to do so + [ "${generateptr}" = "off" ] && continue + # Add RDNS address=$(ip_address_revptr ${address}) unbound-control -q local_data "${address} ${LOCAL_TTL} IN PTR ${fqdn}" From patchwork Tue Apr 9 04:05:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 2192 Return-Path: Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 9A53788E621 for ; Mon, 8 Apr 2019 19:05:30 +0100 (BST) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 44dJHZ0ZnVz5DtqY; Mon, 8 Apr 2019 19:05:30 +0100 (BST) Received: from [127.0.0.1] (unknown [IPv6:2a00:1298:8011:212::165]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 44dJHV0TH9z5DtqT for ; Mon, 8 Apr 2019 19:05:25 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904rsa; t=1554746726; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references; bh=fh9WCrADqaB7rYW+dfTxKfbPTL3ya2lh9nEVi1LRkvs=; b=DbH/ReFAE4d0OmOi0VciGjodafBVyx2ysw5aDMWEsnV9Y3UFMToUcNOc4Q/3okIUz8r88e YmfDQva69KW/kZxxTyBhOnaz+hULPAemHCgA87zmcXBqONSAteAXnDW2lVTl5nzlSPy7zH ZDivbyhuSLVka1ijnlyNnfo0nKZne5CNgfvNKRfiqAmvxXs16be49+ug2i9aFYySXiZayg NQuWyyuBGK6rmji88UnQB5Al291S9a3DyVOkSVlCvtvdH1VCmOT1DPfdo7GaD896BriS+G pnJzdyLH7j+jDB0tdJ5rMHpoGA3IDvDOnZraH1UnmgKipZ6LF2G7EKBNAEiR6Q== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904ed25519; t=1554746726; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references; bh=fh9WCrADqaB7rYW+dfTxKfbPTL3ya2lh9nEVi1LRkvs=; b=nzEuDTgMaOIQYgCoyHn2+qBipwgI1lw2o1k/5TvXYdVtSjKf2TK4oIUWuHRVJT5LC1YA+k ay5YOZpfj+B+8UCQ== To: "IPFire: Development-List" From: =?utf-8?q?Peter_M=C3=BCller?= Organization: IPFire.org Subject: [PATCH 3/3] bug #12030: ship changed files for Core Update 130 Message-ID: <2bdd2d14-91eb-86e7-3738-fc2d44243252@ipfire.org> Date: Mon, 08 Apr 2019 18:05:00 +0000 MIME-Version: 1.0 Content-Language: en-US Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=pmueller smtp.mailfrom=peter.mueller@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Signed-off-by: Peter Müller --- config/rootfiles/core/130/filelists/files | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/rootfiles/core/130/filelists/files b/config/rootfiles/core/130/filelists/files index 4924308dc..35cb68418 100644 --- a/config/rootfiles/core/130/filelists/files +++ b/config/rootfiles/core/130/filelists/files @@ -1,12 +1,14 @@ etc/system-release etc/issue srv/web/ipfire/cgi-bin/credits.cgi +srv/web/ipfire/cgi-bin/hosts.cgi etc/collectd.conf etc/logrotate.conf etc/rc.d/init.d/collectd etc/rc.d/init.d/firewall etc/rc.d/init.d/networking/red.up/23-suricata etc/rc.d/init.d/suricata +etc/rc.d/init.d/unbound etc/syslog.conf opt/pakfire/etc/pakfire.conf srv/web/ipfire/cgi-bin/aliases.cgi