dns/unbound-plus: add private-domain feature (#1554)

2026-05-22 18:44:07 -07:00 · 2019-11-04 14:04:38 +01:00
parent 5ae77edaa0
commit 756889dcdf
13 changed files with 216 additions and 9 deletions
@@ -1,7 +1,7 @@
 PLUGIN_NAME=		unbound-plus
-PLUGIN_VERSION=		0.2
+PLUGIN_VERSION=		0.3
 PLUGIN_COMMENT=		Unbound additions
 PLUGIN_MAINTAINER=	m.muenz@gmail.com
-PLUGIN_DEVEL=       yes
+PLUGIN_DEVEL=   yes

 .include "../../Mk/plugins.mk"
@@ -0,0 +1,37 @@
+<?php
+
+/*
+ * Copyright (C) 2019 Michael Muenz <m.muenz@gmail.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+namespace OPNsense\Unboundplus\Api;
+
+use OPNsense\Base\ApiMutableModelControllerBase;
+
+class MiscellaneousController extends ApiMutableModelControllerBase
+{
+    protected static $internalModelClass = '\OPNsense\Unboundplus\Miscellaneous';
+    protected static $internalModelName = 'miscellaneous';
+}
@@ -31,6 +31,7 @@ namespace OPNsense\Unboundplus\Api;
 use OPNsense\Base\ApiMutableServiceControllerBase;
 use OPNsense\Core\Backend;
 use OPNsense\Unboundplus\Dnsbl;
+use OPNsense\Unboundplus\Miscellaneous;

 class ServiceController extends ApiMutableServiceControllerBase
 {
@@ -48,4 +49,14 @@ class ServiceController extends ApiMutableServiceControllerBase
        $response = $backend->configdpRun('unboundplus dnsbl', array((string)$mdl->type));
        return array("response" => $response);
    }
+
+    public function reloadunboundAction()
+    {
+        $this->sessionClose();
+        $mdl = new Miscellaneous();
+        $backend = new Backend();
+        $backend->configdRun('template reload OPNsense/Unboundplus');
+        $response = $backend->configdpRun('unbound reload', array((string)$mdl->type));
+        return array("response" => $response);
+    }
 }
@@ -0,0 +1,38 @@
+<?php
+
+/*
+ * Copyright (C) 2019 Michael Muenz <m.muenz@gmail.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+namespace OPNsense\Unboundplus;
+
+class MiscellaneousController extends \OPNsense\Base\IndexController
+{
+    public function indexAction()
+    {
+        $this->view->miscellaneousForm = $this->getForm('miscellaneous');
+        $this->view->pick('OPNsense/Unboundplus/miscellaneous');
+    }
+}
@@ -0,0 +1,10 @@
+<form>
+    <field>
+        <id>miscellaneous.privatedomain</id>
+        <label>Private Domains</label>
+        <type>select_multiple</type>
+        <style>tokenize</style>
+        <allownew>true</allownew>
+        <help>List of domains to mark as private. You only need this for some DNSBL lists which resolve to private addresses.</help>
+    </field>
+</form>
@@ -2,6 +2,7 @@
  <Services>
    <Unbound>
      <DNSBL order="50" url="/ui/unboundplus/dnsbl/index"/>
+      <Miscellaneous order="60" url="/ui/unboundplus/miscellaneous/index"/>
    </Unbound>
  </Services>
 </menu>
@@ -0,0 +1,35 @@
+<?php
+
+/*
+ * Copyright (C) 2019 Michael Muenz <m.muenz@gmail.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+namespace OPNsense\Unboundplus;
+
+use OPNsense\Base\BaseModel;
+
+class Miscellaneous extends BaseModel
+{
+}
@@ -0,0 +1,10 @@
+<model>
+    <mount>//OPNsense/unboundplus/miscellaneous</mount>
+    <description>Unbound Miscellaneous configuration</description>
+    <version>0.0.1</version>
+    <items>
+        <privatedomain type="CSVListField">
+            <Required>N</Required>
+        </privatedomain>
+    </items>
+</model>
@@ -44,10 +44,10 @@
        // link save button to API set action
        $("#saveAct").click(function(){
            saveFormToEndpoint(url="/api/unboundplus/dnsbl/set", formid='frm_dnsbl_settings',callback_ok=function(){
-                    $("#saveAct_progress").addClass("fa fa-spinner fa-pulse");
-                        ajaxCall(url="/api/unboundplus/service/dnsbl", sendData={}, callback=function(data,status) {
-                            $("#saveAct_progress").removeClass("fa fa-spinner fa-pulse");
-                        });
+                $("#saveAct_progress").addClass("fa fa-spinner fa-pulse");
+                ajaxCall(url="/api/unboundplus/service/dnsbl", sendData={}, callback=function(data,status) {
+                    $("#saveAct_progress").removeClass("fa fa-spinner fa-pulse");
+                });
            });
        });
    });
@@ -0,0 +1,54 @@
+{#
+ # Copyright (c) 2019 Deciso B.V.
+ # Copyright (c) 2019 Michael Muenz <m.muenz@gmail.com>
+ # All rights reserved.
+ #
+ # Redistribution and use in source and binary forms, with or without modification,
+ # are permitted provided that the following conditions are met:
+ #
+ # 1. Redistributions of source code must retain the above copyright notice,
+ #    this list of conditions and the following disclaimer.
+ #
+ # 2. Redistributions in binary form must reproduce the above copyright notice,
+ #    this list of conditions and the following disclaimer in the documentation
+ #    and/or other materials provided with the distribution.
+ #
+ # THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ # INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ # AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ # AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ # POSSIBILITY OF SUCH DAMAGE.
+ #}
+
+<div class="content-box" style="padding-bottom: 1.5em;">
+    {{ partial("layout_partials/base_form",['fields':miscellaneousForm,'id':'frm_miscellaneous_settings'])}}
+    <div class="col-md-12">
+        <hr />
+        <button class="btn btn-primary" id="saveAct" type="button"><b>{{ lang._('Save') }}</b> <i id="saveAct_progress"></i></button>
+    </div>
+</div>
+
+<script>
+    $(function() {
+        var data_get_map = {'frm_miscellaneous_settings':"/api/unboundplus/miscellaneous/get"};
+        mapDataToFormUI(data_get_map).done(function(data){
+            formatTokenizersUI();
+            $('.selectpicker').selectpicker('refresh');
+        });
+
+        // link save button to API set action
+        $("#saveAct").click(function(){
+            saveFormToEndpoint(url="/api/unboundplus/miscellaneous/set", formid='frm_miscellaneous_settings',callback_ok=function(){
+                $("#saveAct_progress").addClass("fa fa-spinner fa-pulse");
+                ajaxCall(url="/api/unboundplus/service/reloadunbound", sendData={}, callback=function(data,status) {
+                    $("#saveAct_progress").removeClass("fa fa-spinner fa-pulse");
+                });
+            });
+        });
+    });
+</script>
@@ -2,6 +2,7 @@

 # Copyright (c) 2018-2019 Michael Muenz <m.muenz@gmail.com>
 # Copyright (c) 2018 Franco Fichtner <franco@opnsense.org>
+# Copyright (c) 2019 Martin Wasley
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
@@ -221,11 +222,14 @@ install() {
 		fi
        done
        # Merge resulting files (/dev/null in case there are none)
-        cat $(find ${WORKDIR} -type f -name "*.inc") /dev/null > ${DESTDIR}/dnsbl.conf
-        chown unbound:unbound ${DESTDIR}/dnsbl.conf
+        if [ -s "/var/unbound/etc/dnsbl.inc" ]; then
+                cat $(find ${WORKDIR} -type f -name "*.inc") /dev/null > ${DESTDIR}/dnsbl.conf
+                chown unbound:unbound ${DESTDIR}/dnsbl.conf
+        else
+                rm -rf ${DESTDIR}/dnsbl.conf
+        fi
        rm -rf ${WORKDIR}
        pluginctl -s unbound restart
-
 }

 DNSBL=${1}
@@ -1,2 +1,3 @@
 dnsbl.inc:/var/unbound/etc/dnsbl.inc
 whitelist.inc:/var/unbound/etc/whitelist.inc
+miscellaneous.conf:/var/unbound/etc/miscellaneous.conf
@@ -0,0 +1,6 @@
+{%   if helpers.exists('OPNsense.unboundplus.miscellaneous.privatedomain') and OPNsense.unboundplus.miscellaneous.privatedomain != '' %}
+server:
+{%     for privatedomain in OPNsense.unboundplus.miscellaneous.privatedomain.split(',') %}
+private-domain: {{ privatedomain }}
+{%     endfor %}
+{%   endif %}