unbound: improve startup and dhcp script robustness

- prevent rapid overlap in DHCP script updates - check and allow localhost forwards with specific applications - add option for rate limiting inbound queries - change UCI list to table format with Unbound conf references Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
2026-04-30 15:38:40 +01:00 · 2020-07-04 13:55:40 -04:00
parent f73ed87a12
commit d00237135d
9 changed files with 320 additions and 457 deletions
@@ -173,7 +173,7 @@ dnsmasq_local_zone() {


  if [ -n "$fwd_domain" ] && [ -n "$fwd_port" ] \
-  && [ ! "${fwd_port:-53}" -eq 53 ] ; then
+  && [ ! ${fwd_port:-53} -eq 53 ] ; then
    # dnsmasq localhost listening ports (possible multiple instances)
    DM_LIST_FWD_PORTS="$DM_LIST_FWD_PORTS $fwd_port"
    DM_LIST_FWD_ZONES="$DM_LIST_FWD_ZONES $fwd_domain"
@@ -194,7 +194,7 @@ dnsmasq_local_arpa() {
  fi


-  if [ -n "$UB_LIST_NETW_WAN" ] && [ "$DM_D_WAN_FQDN" -gt 0 ] ; then
+  if [ -n "$UB_LIST_NETW_WAN" ] && [ $DM_D_WAN_FQDN -gt 0 ] ; then
    for ifsubnet in $UB_LIST_NETW_WAN ; do
      ifarpa=$( domain_ptr_any "${ifsubnet#*@}" )
      DM_LIST_FWD_ZONES="$DM_LIST_FWD_ZONES $ifarpa"
@@ -208,20 +208,20 @@ dnsmasq_inactive() {
  local record


-  if [ "$UB_D_EXTRA_DNS" -gt 0 ] ; then
+  if [ $UB_D_EXTRA_DNS -gt 0 ] ; then
    # Parasite from the uci.dhcp.domain clauses
    DM_LIST_KNOWN_ZONES="$DM_LIST_KNOWN_ZONES $UB_TXT_DOMAIN"
    config_load dhcp
    config_foreach create_host_record domain


-    if [ "$UB_D_EXTRA_DNS" -gt 1 ] ; then
+    if [ $UB_D_EXTRA_DNS -gt 1 ] ; then
      config_foreach create_srv_record srvhost
      config_foreach create_mx_record mxhost
    fi


-    if [ "$UB_D_EXTRA_DNS" -gt 2 ] ; then
+    if [ $UB_D_EXTRA_DNS -gt 2 ] ; then
      config_foreach create_cname_record cname
    fi

@@ -262,12 +262,17 @@ dnsmasq_active() {


  if [ -n "$DM_LIST_FWD_PORTS" ] && [ -n "$DM_LIST_FWD_ZONES" ] ; then
-    {
-      # Forward to dnsmasq on same host for DHCP lease hosts
-      echo "# $UB_SRVMASQ_CONF generated by UCI $( date -Is )"
-      echo "  do-not-query-localhost: no"
-      echo
-    } > $UB_SRVMASQ_CONF
+    if [ $UB_B_DNS_ASSIST -lt 1 ] ; then
+      {
+        # Forward to dnsmasq on same host for DHCP lease hosts
+        echo "# $UB_SRVMASQ_CONF generated by UCI $( date -Is )"
+        echo "  do-not-query-localhost: no"
+        echo
+      } > $UB_SRVMASQ_CONF
+
+    else
+      echo > $UB_SRVMASQ_CONF
+    fi

    echo "# $UB_EXTMASQ_CONF generated by UCI $( date -Is )" > $UB_EXTMASQ_CONF