Browse Source

unbound: fix boot time and default run directory

Unbound struggles with boot ifup, so procd triggers changed to push
outside of this noise. Unbound has run in /var/lib/unbound/, so chroot
(jail) protects /etc/, and it can save flash wear. Compiled defaults
reflect this now, so Unbound tools are easier run on the command line.

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
lilik-openwrt-22.03
Eric Luehrsen 6 years ago
parent
commit
8830d72bbd
6 changed files with 205 additions and 179 deletions
  1. +7
    -5
      net/unbound/Makefile
  2. +2
    -1
      net/unbound/files/defaults.sh
  3. +1
    -0
      net/unbound/files/dnsmasq.sh
  4. +2
    -2
      net/unbound/files/odhcpd.sh
  5. +16
    -7
      net/unbound/files/unbound.init
  6. +177
    -164
      net/unbound/files/unbound.sh

+ 7
- 5
net/unbound/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=unbound PKG_NAME:=unbound
PKG_VERSION:=1.7.3 PKG_VERSION:=1.7.3
PKG_RELEASE:=3
PKG_RELEASE:=4
PKG_LICENSE:=BSD-3-Clause PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE PKG_LICENSE_FILES:=LICENSE
@ -36,7 +36,7 @@ define Package/unbound
SECTION:=net SECTION:=net
CATEGORY:=Network CATEGORY:=Network
SUBMENU:=IP Addresses and Names SUBMENU:=IP Addresses and Names
USERID:=unbound=553:unbound=553
USERID:=unbound:unbound
TITLE+= (daemon) TITLE+= (daemon)
DEPENDS+= +libunbound DEPENDS+= +libunbound
endef endef
@ -117,8 +117,10 @@ CONFIGURE_ARGS += \
--enable-tfo-server \ --enable-tfo-server \
--with-libexpat="$(STAGING_DIR)/usr" \ --with-libexpat="$(STAGING_DIR)/usr" \
--with-ssl="$(STAGING_DIR)/usr" \ --with-ssl="$(STAGING_DIR)/usr" \
--with-pidfile=/var/run/unbound.pid \
--with-user=unbound
--with-user=unbound \
--with-run-dir=/var/lib/unbound \
--with-conf-file=/var/lib/unbound/unbound.conf \
--with-pidfile=/var/run/unbound.pid
define Package/unbound/conffiles define Package/unbound/conffiles
/etc/config/unbound /etc/config/unbound
@ -142,7 +144,7 @@ define Package/unbound/install
$(1)/usr/sbin/ $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/unbound $(INSTALL_DIR) $(1)/etc/unbound
$(INSTALL_DATA) \ $(INSTALL_DATA) \
$(PKG_INSTALL_DIR)/etc/unbound/unbound.conf \
$(PKG_INSTALL_DIR)/var/lib/unbound/unbound.conf \
$(1)/etc/unbound/unbound.conf $(1)/etc/unbound/unbound.conf
$(INSTALL_DATA) ./files/root.key $(1)/etc/unbound/root.key $(INSTALL_DATA) ./files/root.key $(1)/etc/unbound/root.key
$(INSTALL_DATA) ./files/unbound_ext.conf $(1)/etc/unbound/unbound_ext.conf $(INSTALL_DATA) ./files/unbound_ext.conf $(1)/etc/unbound/unbound_ext.conf


+ 2
- 1
net/unbound/files/defaults.sh View File

@ -41,6 +41,7 @@ UB_TLS_ETC_FILE=/etc/ssl/certs/ca-certificates.crt
UB_RKEY_FILE=$UB_VARDIR/root.key UB_RKEY_FILE=$UB_VARDIR/root.key
UB_RHINT_FILE=$UB_VARDIR/root.hints UB_RHINT_FILE=$UB_VARDIR/root.hints
UB_TIME_FILE=$UB_VARDIR/hotplug.time UB_TIME_FILE=$UB_VARDIR/hotplug.time
UB_SKIP_FILE=$UB_VARDIR/skip.time
# control app keys # control app keys
UB_CTLKEY_FILE=$UB_VARDIR/unbound_control.key UB_CTLKEY_FILE=$UB_VARDIR/unbound_control.key
@ -50,7 +51,7 @@ UB_SRVPEM_FILE=$UB_VARDIR/unbound_server.pem
# similar default SOA / NS RR as Unbound uses for private ARPA zones # similar default SOA / NS RR as Unbound uses for private ARPA zones
UB_XSER=$(( $( date +%s ) / 60 )) UB_XSER=$(( $( date +%s ) / 60 ))
UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 600"
UB_XSOA="7200 IN SOA localhost. nobody.invalid. $UB_XSER 3600 1200 9600 300"
UB_XNS="7200 IN NS localhost." UB_XNS="7200 IN NS localhost."
UB_XTXT="7200 IN TXT \"comment=local intranet dns zone\"" UB_XTXT="7200 IN TXT \"comment=local intranet dns zone\""
UB_MTXT="7200 IN TXT \"comment=masked internet dns zone\"" UB_MTXT="7200 IN TXT \"comment=masked internet dns zone\""


+ 1
- 0
net/unbound/files/dnsmasq.sh View File

@ -206,6 +206,7 @@ dnsmasq_local_arpa() {
dnsmasq_inactive() { dnsmasq_inactive() {
local record local record
if [ "$UB_D_EXTRA_DNS" -gt 0 ] ; then if [ "$UB_D_EXTRA_DNS" -gt 0 ] ; then
# Parasite from the uci.dhcp.domain clauses # Parasite from the uci.dhcp.domain clauses
DM_LIST_KNOWN_ZONES="$DM_LIST_KNOWN_ZONES $UB_TXT_DOMAIN" DM_LIST_KNOWN_ZONES="$DM_LIST_KNOWN_ZONES $UB_TXT_DOMAIN"


+ 2
- 2
net/unbound/files/odhcpd.sh View File

@ -43,8 +43,8 @@ odhcpd_zonedata() {
local dhcp_origin=$( uci_get dhcp.@odhcpd[0].leasefile ) local dhcp_origin=$( uci_get dhcp.@odhcpd[0].leasefile )
if [ -f "$UB_TIME_FILE" -a "$dhcp_link" = "odhcpd" \
-a -f "$dhcp_origin" -a -n "$dhcp_domain" ] ; then
if [ -f "$UB_TOTAL_CONF" -a -f "$dhcp_origin" \
-a "$dhcp_link" = "odhcpd" -a -n "$dhcp_domain" ] ; then
# Capture the lease file which could be changing often # Capture the lease file which could be changing often
sort $dhcp_origin > $dhcp_ls_new sort $dhcp_origin > $dhcp_ls_new


+ 16
- 7
net/unbound/files/unbound.init View File

@ -54,22 +54,31 @@ stop_service() {
############################################################################## ##############################################################################
service_triggers() { service_triggers() {
local trigger
local legacy=$( uci_get unbound.@unbound[0].trigger ) local legacy=$( uci_get unbound.@unbound[0].trigger )
local triggers=$( uci_get unbound.@unbound[0].trigger_interface ) local triggers=$( uci_get unbound.@unbound[0].trigger_interface )
local trigger="$triggers $legacy"
triggers="$triggers $legacy"
PROCD_RELOAD_DELAY=2000
procd_add_reload_trigger "unbound"
. /usr/lib/unbound/defaults.sh
if [ ! -f "$UB_TOTAL_CONF" -o -n "$UB_BOOT" ] ; then
# Unbound is can be a bit heavy, so wait some on first start but any
# interface coming up affects the trigger and delay so guarantee start
procd_add_raw_trigger "interface.*.up" 5000 /etc/init.d/unbound restart
elif [ -n "$triggers" ] ; then
PROCD_RELOAD_DELAY=2000
procd_add_reload_trigger "unbound" "dhcp"
if [ -n "$triggers" ] ; then
for trigger in $triggers ; do for trigger in $triggers ; do
# due to some netifd/procd interactions with IP6, limit interfaces
# User selected triggers to restart at any other time
procd_add_reload_interface_trigger "$trigger" procd_add_reload_interface_trigger "$trigger"
done done
else else
procd_add_raw_trigger "interface.*.up" 2000 /etc/init.d/unbound reload
PROCD_RELOAD_DELAY=2000
procd_add_reload_trigger "unbound" "dhcp"
fi fi
} }


+ 177
- 164
net/unbound/files/unbound.sh View File

@ -61,6 +61,9 @@ UB_TXT_HOSTNAME=thisrouter
############################################################################## ##############################################################################
# reset as a combo with UB_B_NTP_BOOT and some time stamp files
UB_B_READY=1
# keep track of assignments during inserted resource records # keep track of assignments during inserted resource records
UB_LIST_NETW_ALL="" UB_LIST_NETW_ALL=""
UB_LIST_NETW_LAN="" UB_LIST_NETW_LAN=""
@ -219,7 +222,7 @@ unbound_mkdir() {
# Debian-like package dns-root-data # Debian-like package dns-root-data
cp -p /usr/share/dns/root.hints $UB_RHINT_FILE cp -p /usr/share/dns/root.hints $UB_RHINT_FILE
elif [ ! -f "$UB_TIME_FILE" ] ; then
elif [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default root hints (built in root-servers.net)" logger -t unbound -s "default root hints (built in root-servers.net)"
fi fi
fi fi
@ -233,7 +236,7 @@ unbound_mkdir() {
elif [ -x $UB_ANCHOR ] ; then elif [ -x $UB_ANCHOR ] ; then
$UB_ANCHOR -a $UB_RKEY_FILE $UB_ANCHOR -a $UB_RKEY_FILE
elif [ ! -f "$UB_TIME_FILE" ] ; then
elif [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default trust anchor (built in root DS record)" logger -t unbound -s "default trust anchor (built in root DS record)"
fi fi
fi fi
@ -285,9 +288,21 @@ unbound_mkdir() {
fi fi
if [ "$UB_B_NTP_BOOT" -eq 0 ] ; then
# time is considered okay on this device (skip /etc/hotplug/ntpd/unbound)
if [ -f "$UB_TIME_FILE" ] ; then
# NTP is done so its like you actually had an RTC
UB_B_READY=1
UB_B_NTP_BOOT=0
elif [ "$UB_B_NTP_BOOT" -eq 0 ] ; then
# time is considered okay on this device (ignore /etc/hotplug/ntpd/unbound)
date -Is > $UB_TIME_FILE date -Is > $UB_TIME_FILE
UB_B_READY=0
UB_B_NTP_BOOT=0
else
# DNSSEC-TIME will not reconcile
UB_B_READY=0
UB_B_NTP_BOOT=1
fi fi
} }
@ -407,8 +422,8 @@ unbound_zone() {
case $zone_type in case $zone_type in
auth_zone) auth_zone)
if [ -n "$UB_LIST_ZONE_NAMES" ] \
&& [ -n "$url_dir" -o -n "$UB_LIST_ZONE_SERVERS" ] ; then
if [ -n "$UB_LIST_ZONE_NAMES" \
-a \( -n "$url_dir" -o -n "$UB_LIST_ZONE_SERVERS" \) ] ; then
for zone_name in $UB_LIST_ZONE_NAMES ; do for zone_name in $UB_LIST_ZONE_NAMES ; do
if [ "$zone_name" = "." ] ; then if [ "$zone_name" = "." ] ; then
zone_sym=. zone_sym=.
@ -626,7 +641,7 @@ unbound_conf() {
;; ;;
*) *)
if [ ! -f "$UB_TIME_FILE" ] ; then
if [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default protocol configuration" logger -t unbound -s "default protocol configuration"
fi fi
@ -686,7 +701,7 @@ unbound_conf() {
echo echo
} >> $UB_CORE_CONF } >> $UB_CORE_CONF
elif [ ! -f "$UB_TIME_FILE" ] ; then
elif [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default memory configuration" logger -t unbound -s "default memory configuration"
fi fi
@ -696,7 +711,7 @@ unbound_conf() {
if [ "$UB_B_DNSSEC" -gt 0 ] ; then if [ "$UB_B_DNSSEC" -gt 0 ] ; then
if [ ! -f "$UB_TIME_FILE" -a "$UB_B_NTP_BOOT" -gt 0 ] ; then
if [ "$UB_B_NTP_BOOT" -gt 0 ] ; then
# DNSSEC chicken and egg with getting NTP time # DNSSEC chicken and egg with getting NTP time
echo " val-override-date: -1" >> $UB_CORE_CONF echo " val-override-date: -1" >> $UB_CORE_CONF
fi fi
@ -777,7 +792,7 @@ unbound_conf() {
;; ;;
*) *)
if [ ! -f "$UB_TIME_FILE" ] ; then
if [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "default recursion configuration" logger -t unbound -s "default recursion configuration"
fi fi
;; ;;
@ -898,8 +913,8 @@ unbound_hostname() {
echo echo
} >> $UB_HOST_CONF } >> $UB_HOST_CONF
elif [ -n "$UB_TXT_DOMAIN" ] \
&& [ "$UB_D_WAN_FQDN" -gt 0 -o "$UB_D_LAN_FQDN" -gt 0 ] ; then
elif [ -n "$UB_TXT_DOMAIN" \
-a \( "$UB_D_WAN_FQDN" -gt 0 -o "$UB_D_LAN_FQDN" -gt 0 \) ] ; then
case "$UB_D_DOMAIN_TYPE" in case "$UB_D_DOMAIN_TYPE" in
deny|inform_deny|refuse|static) deny|inform_deny|refuse|static)
{ {
@ -947,180 +962,178 @@ unbound_hostname() {
} >> $UB_HOST_CONF } >> $UB_HOST_CONF
if [ -f "$UB_TIME_FILE" ] ; then
if [ -n "$UB_LIST_NETW_WAN" ] ; then
for ifsubnet in $UB_LIST_NETW_WAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifarpa=$( host_ptr_any "$ifaddr" )
if [ -n "$ifarpa" ] ; then
if [ "$UB_D_WAN_FQDN" -gt 0 ] ; then
{
# Create a static zone for WAN host record only (singular)
echo " domain-insecure: $ifarpa"
echo " private-address: $ifaddr"
echo " local-zone: $ifarpa static"
echo " local-data: \"$ifarpa. $UB_XSOA\""
echo " local-data: \"$ifarpa. $UB_XNS\""
echo " local-data: '$ifarpa. $UB_MTXT'"
echo
} >> $UB_HOST_CONF
elif [ "$zonetype" -gt 0 ] ; then
{
echo " local-zone: $ifarpa transparent"
echo
} >> $UB_HOST_CONF
fi
if [ -n "$UB_LIST_NETW_WAN" ] ; then
for ifsubnet in $UB_LIST_NETW_WAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifarpa=$( host_ptr_any "$ifaddr" )
if [ -n "$ifarpa" ] ; then
if [ "$UB_D_WAN_FQDN" -gt 0 ] ; then
{
# Create a static zone for WAN host record only (singular)
echo " domain-insecure: $ifarpa"
echo " private-address: $ifaddr"
echo " local-zone: $ifarpa static"
echo " local-data: \"$ifarpa. $UB_XSOA\""
echo " local-data: \"$ifarpa. $UB_XNS\""
echo " local-data: '$ifarpa. $UB_MTXT'"
echo
} >> $UB_HOST_CONF
elif [ "$zonetype" -gt 0 ] ; then
{
echo " local-zone: $ifarpa transparent"
echo
} >> $UB_HOST_CONF
fi fi
done
fi
fi
done
fi
if [ -n "$UB_LIST_NETW_LAN" ] ; then
for ifsubnet in $UB_LIST_NETW_LAN ; do
ifarpa=$( domain_ptr_any "${ifsubnet#*@}" )
if [ -n "$ifarpa" ] ; then
if [ "$zonetype" -eq 2 ] ; then
{
# Do NOT forward queries with your ip6.arpa or in-addr.arpa
echo " domain-insecure: $ifarpa"
echo " local-zone: $ifarpa static"
echo " local-data: \"$ifarpa. $UB_XSOA\""
echo " local-data: \"$ifarpa. $UB_XNS\""
echo " local-data: '$ifarpa. $UB_XTXT'"
echo
} >> $UB_HOST_CONF
elif [ "$zonetype" -eq 1 -a "$UB_D_PRIV_BLCK" -eq 0 ] ; then
{
echo " local-zone: $ifarpa transparent"
echo
} >> $UB_HOST_CONF
fi
if [ -n "$UB_LIST_NETW_LAN" ] ; then
for ifsubnet in $UB_LIST_NETW_LAN ; do
ifarpa=$( domain_ptr_any "${ifsubnet#*@}" )
if [ -n "$ifarpa" ] ; then
if [ "$zonetype" -eq 2 ] ; then
{
# Do NOT forward queries with your ip6.arpa or in-addr.arpa
echo " domain-insecure: $ifarpa"
echo " local-zone: $ifarpa static"
echo " local-data: \"$ifarpa. $UB_XSOA\""
echo " local-data: \"$ifarpa. $UB_XNS\""
echo " local-data: '$ifarpa. $UB_XTXT'"
echo
} >> $UB_HOST_CONF
elif [ "$zonetype" -eq 1 -a "$UB_D_PRIV_BLCK" -eq 0 ] ; then
{
echo " local-zone: $ifarpa transparent"
echo
} >> $UB_HOST_CONF
fi fi
done
fi
fi
done
fi
ulaprefix=$( uci_get network.@globals[0].ula_prefix )
ulaprefix=${ulaprefix%%:/*}
hostfqdn="$UB_TXT_HOSTNAME.$UB_TXT_DOMAIN"
ulaprefix=$( uci_get network.@globals[0].ula_prefix )
ulaprefix=${ulaprefix%%:/*}
hostfqdn="$UB_TXT_HOSTNAME.$UB_TXT_DOMAIN"
if [ -z "$ulaprefix" ] ; then
# Nonsense so this option isn't globbed below
ulaprefix="fdno:such:addr::"
fi
if [ -z "$ulaprefix" ] ; then
# Nonsense so this option isn't globbed below
ulaprefix="fdno:such:addr::"
fi
if [ "$UB_LIST_NETW_LAN" -a "$UB_D_LAN_FQDN" -gt 0 ] ; then
for ifsubnet in $UB_LIST_NETW_LAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifname=${ifsubnet%@*}
iffqdn="$ifname.$hostfqdn"
if [ "$UB_LIST_NETW_LAN" -a "$UB_D_LAN_FQDN" -gt 0 ] ; then
for ifsubnet in $UB_LIST_NETW_LAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifname=${ifsubnet%@*}
iffqdn="$ifname.$hostfqdn"
if [ "$UB_D_LAN_FQDN" -eq 4 ] ; then
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
if [ "$UB_D_LAN_FQDN" -eq 4 ] ; then
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
elif [ "$UB_D_LAN_FQDN" -eq 3 ] ; then
names="$hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
elif [ "$UB_D_LAN_FQDN" -eq 3 ] ; then
names="$hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
else
names="$UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
echo "$ptrrec" >> $UB_HOST_CONF
fi
else
names="$UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
echo "$ptrrec" >> $UB_HOST_CONF
fi
for name in $names ; do
case $ifaddr in
"${ulaprefix}"*)
# IP6 ULA only is assigned for OPTION 1
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
for name in $names ; do
case $ifaddr in
"${ulaprefix}"*)
# IP6 ULA only is assigned for OPTION 1
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
[1-9]*.*[0-9])
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
[1-9]*.*[0-9])
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
*)
if [ "$UB_D_LAN_FQDN" -gt 1 ] ; then
# IP6 GLA is assigned for higher options
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF echo "$namerec" >> $UB_HOST_CONF
;;
*)
if [ "$UB_D_LAN_FQDN" -gt 1 ] ; then
# IP6 GLA is assigned for higher options
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
fi
;;
esac
done
echo >> $UB_HOST_CONF
fi
;;
esac
done done
fi
echo >> $UB_HOST_CONF
done
fi
if [ -n "$UB_LIST_NETW_WAN" -a "$UB_D_WAN_FQDN" -gt 0 ] ; then
for ifsubnet in $UB_LIST_NETW_WAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifname=${ifsubnet%@*}
iffqdn="$ifname.$hostfqdn"
if [ -n "$UB_LIST_NETW_WAN" -a "$UB_D_WAN_FQDN" -gt 0 ] ; then
for ifsubnet in $UB_LIST_NETW_WAN ; do
ifaddr=${ifsubnet#*@}
ifaddr=${ifaddr%/*}
ifname=${ifsubnet%@*}
iffqdn="$ifname.$hostfqdn"
if [ "$UB_D_WAN_FQDN" -eq 4 ] ; then
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
if [ "$UB_D_WAN_FQDN" -eq 4 ] ; then
names="$iffqdn $hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $iffqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
elif [ "$UB_D_WAN_FQDN" -eq 3 ] ; then
names="$hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
elif [ "$UB_D_WAN_FQDN" -eq 3 ] ; then
names="$hostfqdn $UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $hostfqdn\""
echo "$ptrrec" >> $UB_HOST_CONF
else
names="$UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
echo "$ptrrec" >> $UB_HOST_CONF
fi
else
names="$UB_TXT_HOSTNAME"
ptrrec=" local-data-ptr: \"$ifaddr 300 $UB_TXT_HOSTNAME\""
echo "$ptrrec" >> $UB_HOST_CONF
fi
for name in $names ; do
case $ifaddr in
"${ulaprefix}"*)
# IP6 ULA only is assigned for OPTION 1
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
for name in $names ; do
case $ifaddr in
"${ulaprefix}"*)
# IP6 ULA only is assigned for OPTION 1
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
[1-9]*.*[0-9])
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;;
*)
if [ "$UB_D_WAN_FQDN" -gt 1 ] ; then
# IP6 GLA is assigned for higher options
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
fi
[1-9]*.*[0-9])
namerec=" local-data: \"$name. 300 IN A $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
;; ;;
esac
done
echo >> $UB_HOST_CONF
*)
if [ "$UB_D_WAN_FQDN" -gt 1 ] ; then
# IP6 GLA is assigned for higher options
namerec=" local-data: \"$name. 300 IN AAAA $ifaddr\""
echo "$namerec" >> $UB_HOST_CONF
fi
;;
esac
done done
fi
fi # end if time file
echo >> $UB_HOST_CONF
done
fi
fi # end if uci valid fi # end if uci valid
} }
@ -1178,7 +1191,7 @@ unbound_uci() {
UB_D_DHCP_LINK=dnsmasq UB_D_DHCP_LINK=dnsmasq
if [ ! -f "$UB_TIME_FILE" ] ; then
if [ "$UB_B_READY" -eq 0 ] ; then
logger -t unbound -s "Please use 'dhcp_link' selector instead" logger -t unbound -s "Please use 'dhcp_link' selector instead"
fi fi
fi fi
@ -1193,7 +1206,7 @@ unbound_uci() {
fi fi
if [ ! -f "$UB_TIME_FILE" -a "$UB_D_DHCP_LINK" = "none" ] ; then
if [ "$UB_B_READY" -eq 0 -a "$UB_D_DHCP_LINK" = "none" ] ; then
logger -t unbound -s "cannot forward to dnsmasq" logger -t unbound -s "cannot forward to dnsmasq"
fi fi
fi fi
@ -1207,7 +1220,7 @@ unbound_uci() {
fi fi
if [ ! -f "$UB_TIME_FILE" -a "$UB_D_DHCP_LINK" = "none" ] ; then
if [ "$UB_B_READY" -eq 0 -a "$UB_D_DHCP_LINK" = "none" ] ; then
logger -t unbound -s "cannot receive records from odhcpd" logger -t unbound -s "cannot receive records from odhcpd"
fi fi
fi fi
@ -1220,8 +1233,8 @@ unbound_uci() {
fi fi
if [ "$UB_N_RX_PORT" -ne 53 ] \
&& [ "$UB_N_RX_PORT" -lt 1024 -o 10240 -lt "$UB_N_RX_PORT" ] ; then
if [ "$UB_N_RX_PORT" -ne 53 \
-a \( "$UB_N_RX_PORT" -lt 1024 -o 10240 -lt "$UB_N_RX_PORT" \) ] ; then
logger -t unbound -s "privileged port or in 5 digits, using default" logger -t unbound -s "privileged port or in 5 digits, using default"
UB_N_RX_PORT=53 UB_N_RX_PORT=53
fi fi
@ -1264,7 +1277,7 @@ unbound_include() {
fi fi
if [ -f "$UB_TIME_FILE" -a -f "$UB_DHCP_CONF" ] ; then
if [ -f "$UB_DHCP_CONF" ] ; then
{ {
# Seed DHCP records because dhcp scripts trigger externally # Seed DHCP records because dhcp scripts trigger externally
# Incremental Unbound restarts may drop unbound-control records # Incremental Unbound restarts may drop unbound-control records
@ -1274,8 +1287,8 @@ unbound_include() {
fi fi
if [ ! -f "$UB_TIME_FILE" -o -z "$adb_files" \
-o ! -x /usr/bin/adblock.sh -o ! -x /etc/init.d/adblock ] ; then
if [ -z "$adb_files" \
-o ! -x /usr/bin/adblock.sh -o ! -x /etc/init.d/adblock ] ; then
adb_enabled=0 adb_enabled=0
elif /etc/init.d/adblock enabled ; then elif /etc/init.d/adblock enabled ; then


Loading…
Cancel
Save