cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-30 15:38:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

unbound: improve local zone evaluation in UCI

Browse Source 
When UCI local zone is private and static, Unbound covered private
addresses with defaults. Optional delegated global IP6 prefix
protection lacked a static zone, but it was prevented from appearing
in global DNS responses. Domain names router-as-TLD, "lan." and
"local." were static, but they lacked default SOA or NS such as
Unbound had assinged to private addresses. Clean up these local
zones UCI evaluation and block global DNS inclusion.

Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
This commit is contained in:
Eric Luehrsen
2018-06-10 15:20:24 -04:00
parent d6e7f64a3d
commit a7fd69233d
5 changed files with 190 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/unbound/files/odhcpd.sh
+3 -1
View File
@@ -43,7 +43,9 @@ odhcpd_zonedata() {
local dhcp_origin=$( uci_get dhcp.@odhcpd[0].leasefile )
if [ "$dhcp_link" = "odhcpd" -a -f "$dhcp_origin" ] ; then
if [ "$dhcp_link" = "odhcpd" \
-a -f "$dhcp_origin" \
-a -n "$dhcp_domain" ] ; then
# Capture the lease file which could be changing often
sort $dhcp_origin > $dhcp_ls_new