From 6c8abfd469817578692935caeb16220bbde6dfee Mon Sep 17 00:00:00 2001
From: Michael <m.muenz@gmail.com>
Date: Mon, 9 Jul 2018 13:26:47 +0200
Subject: [PATCH] dns/bind: merge first draft (#726)

---
 dns/bind/Makefile                             |   8 ++
 dns/bind/pkg-descr                            |   7 +
 dns/bind/src/etc/inc/plugins.inc.d/bind.inc   |  55 ++++++++
 .../OPNsense/Bind/Api/ACLController.php       |  64 +++++++++
 .../OPNsense/Bind/Api/GeneralController.php   |  39 ++++++
 .../OPNsense/Bind/Api/ServiceController.php   |  47 +++++++
 .../OPNsense/Bind/GeneralController.php       |  39 ++++++
 .../OPNsense/Bind/forms/dialogEditBindACL.xml |  20 +++
 .../OPNsense/Bind/forms/general.xml           |  24 ++++
 .../mvc/app/models/OPNsense/Bind/ACL.php      |  31 +++++
 .../mvc/app/models/OPNsense/Bind/ACL.xml      |  26 ++++
 .../mvc/app/models/OPNsense/Bind/ACL/ACL.xml  |   9 ++
 .../mvc/app/models/OPNsense/Bind/General.php  |  35 +++++
 .../mvc/app/models/OPNsense/Bind/General.xml  |  19 +++
 .../app/models/OPNsense/Bind/Menu/Menu.xml    |   5 +
 .../mvc/app/views/OPNsense/Bind/general.volt  | 125 ++++++++++++++++++
 .../opnsense/scripts/OPNsense/Bind/setup.sh   |  13 ++
 .../service/conf/actions.d/actions_bind.conf  |  23 ++++
 .../service/templates/OPNsense/Bind/+TARGETS  |   2 +
 .../service/templates/OPNsense/Bind/named     |   6 +
 .../templates/OPNsense/Bind/named.conf        |  38 ++++++
 21 files changed, 635 insertions(+)
 create mode 100644 dns/bind/Makefile
 create mode 100644 dns/bind/pkg-descr
 create mode 100644 dns/bind/src/etc/inc/plugins.inc.d/bind.inc
 create mode 100644 dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/ACLController.php
 create mode 100644 dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/GeneralController.php
 create mode 100644 dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/ServiceController.php
 create mode 100644 dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/GeneralController.php
 create mode 100644 dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/forms/dialogEditBindACL.xml
 create mode 100644 dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/forms/general.xml
 create mode 100644 dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL.php
 create mode 100644 dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL.xml
 create mode 100644 dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL/ACL.xml
 create mode 100644 dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/General.php
 create mode 100644 dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/General.xml
 create mode 100644 dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/Menu/Menu.xml
 create mode 100644 dns/bind/src/opnsense/mvc/app/views/OPNsense/Bind/general.volt
 create mode 100644 dns/bind/src/opnsense/scripts/OPNsense/Bind/setup.sh
 create mode 100644 dns/bind/src/opnsense/service/conf/actions.d/actions_bind.conf
 create mode 100644 dns/bind/src/opnsense/service/templates/OPNsense/Bind/+TARGETS
 create mode 100644 dns/bind/src/opnsense/service/templates/OPNsense/Bind/named
 create mode 100644 dns/bind/src/opnsense/service/templates/OPNsense/Bind/named.conf

diff --git a/dns/bind/Makefile b/dns/bind/Makefile
new file mode 100644
index 000000000..54ccdddfb
--- /dev/null
+++ b/dns/bind/Makefile
@@ -0,0 +1,8 @@
+PLUGIN_NAME=		bind
+PLUGIN_VERSION=		0.1
+PLUGIN_COMMENT=		BIND domain name service
+PLUGIN_DEPENDS=		bind913
+PLUGIN_MAINTAINER=	m.muenz@gmail.com
+PLUGIN_DEVEL=       yes
+
+.include "../../Mk/plugins.mk"
diff --git a/dns/bind/pkg-descr b/dns/bind/pkg-descr
new file mode 100644
index 000000000..2d2daa1fb
--- /dev/null
+++ b/dns/bind/pkg-descr
@@ -0,0 +1,7 @@
+BIND implements the DNS protocols. The DNS protocols are part of
+the core Internet standards. They specify the process by which
+one computer can find another computer on the basis of its name.
+The BIND software distribution contains all of the software
+necessary for asking and answering name service questions.
+
+WWW: https://www.isc.org
diff --git a/dns/bind/src/etc/inc/plugins.inc.d/bind.inc b/dns/bind/src/etc/inc/plugins.inc.d/bind.inc
new file mode 100644
index 000000000..7db3d9b58
--- /dev/null
+++ b/dns/bind/src/etc/inc/plugins.inc.d/bind.inc
@@ -0,0 +1,55 @@
+<?php
+
+/*
+    Copyright (C) 2018 Michael Muenz
+    All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+*/
+
+function bind_enabled()
+{
+    $model = new \OPNsense\Bind\General();
+    return (string)$model->enabled == '1';
+}
+
+function bind_services()
+{
+    $services = array();
+
+    if (!bind_enabled()) {
+        return $services;
+    }
+
+    $services[] = array(
+        'description' => gettext('BIND Daemon'),
+        'configd' => array(
+            'restart' => array('bind restart'),
+            'start' => array('bind start'),
+            'stop' => array('bind stop'),
+        ),
+        'name' => 'named',
+        'pidfile' => '/var/run/named/pid'
+    );
+
+    return $services;
+}
diff --git a/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/ACLController.php b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/ACLController.php
new file mode 100644
index 000000000..856b923c4
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/ACLController.php
@@ -0,0 +1,64 @@
+<?php
+/**
+ *    Copyright (C) 2018 Michael Muenz
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Bind\Api;
+
+use \OPNsense\Base\ApiMutableModelControllerBase;
+
+class ACLController extends ApiMutableModelControllerBase
+{
+    static protected $internalModelName = 'acl';
+    static protected $internalModelClass = '\OPNsense\Bind\ACL';
+
+    public function searchACLAction()
+    {
+        return $this->searchBase('acls.acl', array("enabled", "name", "networks"));
+    }
+    public function getACLAction($uuid = null)
+    {
+        $this->sessionClose();
+        return $this->getBase('acl', 'acls.acl', $uuid);
+    }
+    public function addACLAction()
+    {
+        return $this->addBase('acl', 'acls.acl');
+    }
+    public function delACLAction($uuid)
+    {
+        return $this->delBase('acls.acl', $uuid);
+    }
+    public function setACLAction($uuid)
+    {
+        return $this->setBase('acl', 'acls.acl', $uuid);
+    }
+    public function toggleACLAction($uuid)
+    {
+        return $this->toggleBase('acls.acl', $uuid);
+    }
+}
diff --git a/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/GeneralController.php b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/GeneralController.php
new file mode 100644
index 000000000..8c971205f
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/GeneralController.php
@@ -0,0 +1,39 @@
+<?php
+
+/**
+ *    Copyright (C) 2018 Michael Muenz
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Bind\Api;
+
+use OPNsense\Base\ApiMutableModelControllerBase;
+
+class GeneralController extends ApiMutableModelControllerBase
+{
+    static protected $internalModelClass = '\OPNsense\Bind\General';
+    static protected $internalModelName = 'general';
+}
diff --git a/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/ServiceController.php b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/ServiceController.php
new file mode 100644
index 000000000..aaa36837d
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/Api/ServiceController.php
@@ -0,0 +1,47 @@
+<?php
+
+/**
+ *    Copyright (C) 2018 Michael Muenz
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+namespace OPNsense\Bind\Api;
+
+use OPNsense\Base\ApiMutableServiceControllerBase;
+use OPNsense\Core\Backend;
+use OPNsense\Bind\General;
+
+/**
+ * Class ServiceController
+ * @package OPNsense\Bind
+ */
+class ServiceController extends ApiMutableServiceControllerBase
+{
+    static protected $internalServiceClass = '\OPNsense\Bind\General';
+    static protected $internalServiceTemplate = 'OPNsense/Bind';
+    static protected $internalServiceEnabled = 'enabled';
+    static protected $internalServiceName = 'bind';
+}
diff --git a/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/GeneralController.php b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/GeneralController.php
new file mode 100644
index 000000000..62c586b9b
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/GeneralController.php
@@ -0,0 +1,39 @@
+<?php
+
+/*
+    Copyright (C) 2018 Michael Muenz
+    All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+*/
+
+namespace OPNsense\Bind;
+
+class GeneralController extends \OPNsense\Base\IndexController
+{
+    public function indexAction()
+    {
+        $this->view->generalForm = $this->getForm("general");
+        $this->view->formDialogEditBindACL = $this->getForm("dialogEditBindACL");
+        $this->view->pick('OPNsense/Bind/general');
+    }
+}
diff --git a/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/forms/dialogEditBindACL.xml b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/forms/dialogEditBindACL.xml
new file mode 100644
index 000000000..c031a3cf4
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/forms/dialogEditBindACL.xml
@@ -0,0 +1,20 @@
+<form>
+    <field>
+        <id>acl.enabled</id>
+        <label>Enabled</label>
+        <type>checkbox</type>
+        <help>This will enable or disable the ACL.</help>
+    </field>
+    <field>
+        <id>acl.name</id>
+        <label>Name</label>
+        <type>text</type>
+        <help>Set the name for this ACL.</help>
+    </field>
+    <field>
+        <id>acl.networks</id>
+        <label>Network List</label>
+        <type>text</type>
+        <help>List of networks for this ACL.</help>
+    </field>
+</form>
diff --git a/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/forms/general.xml b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/forms/general.xml
new file mode 100644
index 000000000..151df0a46
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/controllers/OPNsense/Bind/forms/general.xml
@@ -0,0 +1,24 @@
+<form>
+    <field>
+        <id>general.enabled</id>
+        <label>Enable BIND Daemon</label>
+        <type>checkbox</type>
+        <help>This will activate the BIND daemon.</help>
+    </field>
+    <field>
+        <id>general.listenv4</id>
+        <label>Listen IPs</label>
+        <style>tokenize</style>
+        <type>select_multiple</type>
+        <allownew>true</allownew>
+        <help>Set the IPv4 addresses the service should listen to.</help>
+    </field>
+    <field>
+        <id>general.listenv6</id>
+        <label>Listen IPv6</label>
+        <style>tokenize</style>
+        <type>select_multiple</type>
+        <allownew>true</allownew>
+        <help>Set the IPv6 addresses the service should listen to.</help>
+    </field>
+</form>
diff --git a/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL.php b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL.php
new file mode 100644
index 000000000..f5f03fd7d
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL.php
@@ -0,0 +1,31 @@
+<?php
+
+/*
+    Copyright (C) 2018 Michael Muenz
+    All rights reserved.
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+*/
+
+namespace OPNsense\Bind;
+
+use OPNsense\Base\BaseModel;
+
+class ACL extends BaseModel
+{
+}
diff --git a/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL.xml b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL.xml
new file mode 100644
index 000000000..fde892196
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL.xml
@@ -0,0 +1,26 @@
+<model>
+    <mount>//OPNsense/bind/acl</mount>
+    <description>BIND ACL configuration</description>
+    <version>1.0.0</version>
+    <items>
+        <acls>
+            <acl type="ArrayField">
+                <enabled type="BooleanField">
+                    <default>1</default>
+                    <Required>Y</Required>
+                </enabled>
+                <name type="TextField">
+                    <default></default>
+                    <Required>Y</Required>
+                    <mask>/^([0-9a-zA-Z]){1,32}$/u</mask>
+                    <ValidationMessage>Should be a string between 1 and 32 characters. Allowed characters are 0-9a-zA-Z</ValidationMessage>
+                </name>
+                <networks type="NetworkField">
+                    <default></default>
+                    <FieldSeparator>;</FieldSeparator>
+                    <Required>Y</Required>
+                </networks>
+            </acl>
+        </acls>
+    </items>
+</model>
diff --git a/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL/ACL.xml b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL/ACL.xml
new file mode 100644
index 000000000..83205c526
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/ACL/ACL.xml
@@ -0,0 +1,9 @@
+<acl>
+   <page-services-bind>
+      <name>Services: BIND</name>
+      <patterns>
+         <pattern>ui/bind/*</pattern>
+         <pattern>api/bind/*</pattern>
+      </patterns>
+   </page-services-bind>
+</acl>
diff --git a/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/General.php b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/General.php
new file mode 100644
index 000000000..6084a14be
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/General.php
@@ -0,0 +1,35 @@
+<?php
+
+/*
+    Copyright (C) 2018 Michael Muenz
+    All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+*/
+
+namespace OPNsense\Bind;
+
+use OPNsense\Base\BaseModel;
+
+class General extends BaseModel
+{
+}
diff --git a/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/General.xml b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/General.xml
new file mode 100644
index 000000000..65312333c
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/General.xml
@@ -0,0 +1,19 @@
+<model>
+    <mount>//OPNsense/bind/general</mount>
+    <description>BIND configuration</description>
+    <version>1.0.0</version>
+    <items>
+        <enabled type="BooleanField">
+            <default>0</default>
+            <Required>Y</Required>
+        </enabled>
+        <listenv4 type="NetworkField">
+            <FieldSeparator>;</FieldSeparator>
+            <Required>N</Required>
+        </listenv4>
+        <listenv6 type="NetworkField">
+            <FieldSeparator>;</FieldSeparator>
+            <Required>N</Required>
+        </listenv6>
+    </items>
+</model>
diff --git a/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/Menu/Menu.xml b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/Menu/Menu.xml
new file mode 100644
index 000000000..821d6bf61
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/models/OPNsense/Bind/Menu/Menu.xml
@@ -0,0 +1,5 @@
+<menu>
+  <Services>
+    <BIND cssClass="fa fa-map-marked" url="/ui/bind/general/index" />
+  </Services>
+</menu>
diff --git a/dns/bind/src/opnsense/mvc/app/views/OPNsense/Bind/general.volt b/dns/bind/src/opnsense/mvc/app/views/OPNsense/Bind/general.volt
new file mode 100644
index 000000000..c3d99d953
--- /dev/null
+++ b/dns/bind/src/opnsense/mvc/app/views/OPNsense/Bind/general.volt
@@ -0,0 +1,125 @@
+{#
+
+OPNsense® is Copyright © 2014 – 2018 by Deciso B.V.
+This file is Copyright © 2018 by Michael Muenz
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+1.  Redistributions of source code must retain the above copyright notice,
+    this list of conditions and the following disclaimer.
+
+2.  Redistributions in binary form must reproduce the above copyright notice,
+    this list of conditions and the following disclaimer in the documentation
+    and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.
+
+#}
+
+<!-- Navigation bar -->
+<ul class="nav nav-tabs" data-tabs="tabs" id="maintabs">
+    <li class="active"><a data-toggle="tab" href="#general">{{ lang._('General') }}</a></li>
+    <li><a data-toggle="tab" href="#acls">{{ lang._('ACLs') }}</a></li>
+</ul>
+
+<div class="tab-content content-box tab-content">
+    <div id="general" class="tab-pane fade in active">
+        <div class="content-box" style="padding-bottom: 1.5em;">
+            {{ partial("layout_partials/base_form",['fields':generalForm,'id':'frm_general_settings'])}}
+            <div class="col-md-12">
+                <hr />
+                <button class="btn btn-primary"  id="saveAct" type="button"><b>{{ lang._('Save') }}</b><i id="saveAct_progress"></i></button>
+            </div>
+        </div>
+    </div>
+    <div id="acls" class="tab-pane fade in">
+        <table id="grid-acls" class="table table-responsive" data-editDialog="dialogEditBindACL">
+            <thead>
+                <tr>
+                    <th data-column-id="enabled" data-type="string" data-formatter="rowtoggle">{{ lang._('Enabled') }}</th>
+                    <th data-column-id="name" data-type="string" data-visible="true">{{ lang._('Name') }}</th>
+                    <th data-column-id="networks" data-type="string" data-visible="true">{{ lang._('Networks') }}</th>
+                    <th data-column-id="uuid" data-type="string" data-identifier="true" data-visible="false">{{ lang._('ID') }}</th>
+                    <th data-column-id="commands" data-formatter="commands" data-sortable="false">{{ lang._('Commands') }}</th>
+                </tr>
+            </thead>
+            <tbody>
+            </tbody>
+            <tfoot>
+                <tr>
+                    <td colspan="5"></td>
+                    <td>
+                        <button data-action="add" type="button" class="btn btn-xs btn-default"><span class="fa fa-plus"></span></button>
+                    </td>
+                </tr>
+            </tfoot>
+        </table>
+        <div class="col-md-12">
+            <hr />
+            <button class="btn btn-primary"  id="saveAct_acl" type="button"><b>{{ lang._('Save') }}</b><i id="saveAct_acl_progress"></i></button>
+            <br /><br />
+        </div>
+    </div>
+</div>
+
+{{ partial("layout_partials/base_dialog",['fields':formDialogEditBindACL,'id':'dialogEditBindACL','label':lang._('Edit ACL')])}}
+
+<script>
+$( document ).ready(function() {
+    var data_get_map = {'frm_general_settings':"/api/bind/general/get"};
+    mapDataToFormUI(data_get_map).done(function(data){
+        formatTokenizersUI();
+        $('.selectpicker').selectpicker('refresh');
+    });
+
+    ajaxCall(url="/api/bind/service/status", sendData={}, callback=function(data,status) {
+        updateServiceStatusUI(data['status']);
+    });
+
+    $("#grid-acls").UIBootgrid(
+        {   'search':'/api/bind/acl/searchACL',
+            'get':'/api/bind/acl/getACL/',
+            'set':'/api/bind/acl/setACL/',
+            'add':'/api/bind/acl/addACL/',
+            'del':'/api/bind/acl/delACL/',
+            'toggle':'/api/bind/acl/toggleACL/'
+        }
+    );
+
+    $("#saveAct").click(function(){
+        saveFormToEndpoint(url="/api/bind/general/set", formid='frm_general_settings',callback_ok=function(){
+        $("#saveAct_progress").addClass("fa fa-spinner fa-pulse");
+            ajaxCall(url="/api/bind/service/reconfigure", sendData={}, callback=function(data,status) {
+                ajaxCall(url="/api/bind/service/status", sendData={}, callback=function(data,status) {
+                    updateServiceStatusUI(data['status']);
+                });
+                $("#saveAct_progress").removeClass("fa fa-spinner fa-pulse");
+            });
+        });
+    });
+
+    $("#saveAct_acl").click(function(){
+        saveFormToEndpoint(url="/api/bind/acl/set", formid='frm_general_settings',callback_ok=function(){
+        $("#saveAct_acl_progress").addClass("fa fa-spinner fa-pulse");
+            ajaxCall(url="/api/bind/service/reconfigure", sendData={}, callback=function(data,status) {
+                ajaxCall(url="/api/bind/service/status", sendData={}, callback=function(data,status) {
+                    updateServiceStatusUI(data['status']);
+                });
+                $("#saveAct_acl_progress").removeClass("fa fa-spinner fa-pulse");
+            });
+        });
+    });
+
+});
+</script>
diff --git a/dns/bind/src/opnsense/scripts/OPNsense/Bind/setup.sh b/dns/bind/src/opnsense/scripts/OPNsense/Bind/setup.sh
new file mode 100644
index 000000000..d5076a841
--- /dev/null
+++ b/dns/bind/src/opnsense/scripts/OPNsense/Bind/setup.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+mkdir -p /var/run/named
+chown -R bind:bind /var/run/named
+chmod 755 /var/run/named
+
+mkdir -p /var/dump
+chown -R bind:bind /var/dump
+chmod 755 /var/dump
+
+mkdir -p /var/stats
+chown -R bind:bind /var/stats
+chmod 755 /var/stats
\ No newline at end of file
diff --git a/dns/bind/src/opnsense/service/conf/actions.d/actions_bind.conf b/dns/bind/src/opnsense/service/conf/actions.d/actions_bind.conf
new file mode 100644
index 000000000..09902392f
--- /dev/null
+++ b/dns/bind/src/opnsense/service/conf/actions.d/actions_bind.conf
@@ -0,0 +1,23 @@
+[start]
+command:/usr/local/opnsense/scripts/OPNsense/Bind/setup.sh;/usr/local/etc/rc.d/named start
+parameters:
+type:script
+message:starting BIND
+
+[stop]
+command:/usr/local/etc/rc.d/named stop
+parameters:
+type:script
+message:stopping BIND
+
+[restart]
+command:/usr/local/opnsense/scripts/OPNsense/Bind/setup.sh;/usr/local/etc/rc.d/named restart
+parameters:
+type:script
+message:restarting BIND
+
+[status]
+command:/usr/local/etc/rc.d/named status;exit 0
+parameters:
+type:script_output
+message:request BIND status
diff --git a/dns/bind/src/opnsense/service/templates/OPNsense/Bind/+TARGETS b/dns/bind/src/opnsense/service/templates/OPNsense/Bind/+TARGETS
new file mode 100644
index 000000000..2bc9df277
--- /dev/null
+++ b/dns/bind/src/opnsense/service/templates/OPNsense/Bind/+TARGETS
@@ -0,0 +1,2 @@
+named:/etc/rc.conf.d/named
+named.conf:/usr/local/etc/namedb/named.conf
diff --git a/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named b/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named
new file mode 100644
index 000000000..6f4d6766e
--- /dev/null
+++ b/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named
@@ -0,0 +1,6 @@
+{% if helpers.exists('OPNsense.bind.general.enabled') and OPNsense.bind.general.enabled == '1' %}
+named_var_script="/usr/local/opnsense/scripts/OPNsense/Bind/setup.sh"
+named_enable="YES"
+{% else %}
+named_enable="NO"
+{% endif %}
diff --git a/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named.conf b/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named.conf
new file mode 100644
index 000000000..2cbf0ae69
--- /dev/null
+++ b/dns/bind/src/opnsense/service/templates/OPNsense/Bind/named.conf
@@ -0,0 +1,38 @@
+{% if helpers.exists('OPNsense.bind.general.enabled') and OPNsense.bind.general.enabled == '1' %}
+
+options {
+
+        directory       "/usr/local/etc/namedb/working";
+        pid-file        "/var/run/named/pid";
+        dump-file       "/var/dump/named_dump.db";
+        statistics-file "/var/stats/named.stats";
+
+{% if helpers.exists('OPNsense.bind.general.listenv4') and OPNsense.bind.general.listenv4 != '' %}
+        listen-on       { {{ OPNsense.bind.general.listenv4.replace(',', '; ') }}; };
+{% endif %}
+{% if helpers.exists('OPNsense.bind.general.listenv6') and OPNsense.bind.general.listenv6 != '' %}
+        listen-on-v6    { {{ OPNsense.bind.general.listenv6.replace(',', '; ') }}; };
+{% endif %}
+
+/*
+        forwarders {
+                127.0.0.1;
+        };
+*/
+
+};
+
+// If the 'forwarders' clause is not empty the default is to 'forward first'
+// which will fall back to sending a query from your local server if the name
+// servers in 'forwarders' do not have the answer.  Alternatively you can
+// force your name server to never initiate queries of its own by enabling the
+// following line:
+//      forward only;
+
+zone "." { type hint; file "/usr/local/etc/namedb/named.root"; };
+
+zone "localhost"        { type master; file "/usr/local/etc/namedb/master/localhost-forward.db"; };
+zone "127.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; };
+zone "0.ip6.arpa"       { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; };
+
+{% endif %}