netbird/plugins
0
0
Fork 0
mirror of https://github.com/netbirdio/plugins.git synced 2026-05-22 18:44:07 -07:00
Code Issues Packages Projects Releases Wiki Activity

dns/dnscrypt-proxy: new plugin (#965)

Browse Source
This commit is contained in:
Michael
2018-11-19 08:25:11 +01:00
committed by Franco Fichtner
parent c7bc65a82f
commit bface5bb83
31 changed files with 1355 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dns/dnscrypt-proxy/Makefile
+8
View File
@@ -0,0 +1,8 @@
PLUGIN_NAME= dnscrypt-proxy
PLUGIN_VERSION= 0.1
PLUGIN_COMMENT= Flexible DNS proxy supportung DNSCrypt and DoH
PLUGIN_DEPENDS= dnscrypt-proxy2
PLUGIN_MAINTAINER= m.muenz@gmail.com
PLUGIN_DEVEL= yes
.include "../../Mk/plugins.mk"
dns/dnscrypt-proxy/pkg-descr
+4
View File
@@ -0,0 +1,4 @@
A flexible DNS proxy, with support for modern encrypted DNS protocols
such as DNSCrypt v2 and DNS-over-HTTPS.
WWW: https://github.com/jedisct1/dnscrypt-proxy
dns/dnscrypt-proxy/src/etc/inc/plugins.inc.d/dnscryptproxy.inc
+55
View File
@@ -0,0 +1,55 @@
<?php
/*
Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
function dnscryptproxy_enabled()
{
$model = new \OPNsense\Dnscryptproxy\General();
return (string)$model->enabled == '1';
}
function dnscryptproxy_services()
{
$services = array();
if (!dnscryptproxy_enabled()) {
return $services;
}
$services[] = array(
'description' => gettext('DNSCrypt-Proxy'),
'configd' => array(
'restart' => array('dnscryptproxy restart'),
'start' => array('dnscryptproxy start'),
'stop' => array('dnscryptproxy stop'),
),
'name' => 'dnscrypt-proxy',
'pid' => '/var/run/dnscrypt-proxy.pid'
);
return $services;
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/Api/CloakController.php
+65
View File
@@ -0,0 +1,65 @@
<?php
/**
* Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
namespace OPNsense\Dnscryptproxy\Api;
use \OPNsense\Base\ApiMutableModelControllerBase;
use \OPNsense\Core\Backend;
class CloakController extends ApiMutableModelControllerBase
{
static protected $internalModelName = 'cloak';
static protected $internalModelClass = '\OPNsense\Dnscryptproxy\Cloak';
public function searchCloakAction()
{
return $this->searchBase('cloaks.cloak', array("enabled", "name", "destination"));
}
public function getCloakAction($uuid = null)
{
$this->sessionClose();
return $this->getBase('cloak', 'cloaks.cloak', $uuid);
}
public function addCloakAction()
{
return $this->addBase('cloak', 'cloaks.cloak');
}
public function delCloakAction($uuid)
{
return $this->delBase('cloaks.cloak', $uuid);
}
public function setCloakAction($uuid)
{
return $this->setBase('cloak', 'cloaks.cloak', $uuid);
}
public function toggleCloakAction($uuid)
{
return $this->toggleBase('cloaks.cloak', $uuid);
}
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/Api/ForwardController.php
+65
View File
@@ -0,0 +1,65 @@
<?php
/**
* Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
namespace OPNsense\Dnscryptproxy\Api;
use \OPNsense\Base\ApiMutableModelControllerBase;
use \OPNsense\Core\Backend;
class ForwardController extends ApiMutableModelControllerBase
{
static protected $internalModelName = 'forward';
static protected $internalModelClass = '\OPNsense\Dnscryptproxy\Forward';
public function searchForwardAction()
{
return $this->searchBase('forwards.forward', array("enabled", "domain", "dnsserver"));
}
public function getForwardAction($uuid = null)
{
$this->sessionClose();
return $this->getBase('forward', 'forwards.forward', $uuid);
}
public function addForwardAction()
{
return $this->addBase('forward', 'forwards.forward');
}
public function delForwardAction($uuid)
{
return $this->delBase('forwards.forward', $uuid);
}
public function setForwardAction($uuid)
{
return $this->setBase('forward', 'forwards.forward', $uuid);
}
public function toggleForwardAction($uuid)
{
return $this->toggleBase('forwards.forward', $uuid);
}
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/Api/GeneralController.php
+39
View File
@@ -0,0 +1,39 @@
<?php
/**
* Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
namespace OPNsense\Dnscryptproxy\Api;
use OPNsense\Base\ApiMutableModelControllerBase;
class GeneralController extends ApiMutableModelControllerBase
{
static protected $internalModelClass = '\OPNsense\Dnscryptproxy\General';
static protected $internalModelName = 'general';
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/Api/ServiceController.php
+47
View File
@@ -0,0 +1,47 @@
<?php
/**
* Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
namespace OPNsense\Dnscryptproxy\Api;
use OPNsense\Base\ApiMutableServiceControllerBase;
use OPNsense\Core\Backend;
use OPNsense\Dnscryptproxy\General;
/**
* Class ServiceController
* @package OPNsense\Dnscrypt-proxy
*/
class ServiceController extends ApiMutableServiceControllerBase
{
static protected $internalServiceClass = '\OPNsense\Dnscryptproxy\General';
static protected $internalServiceTemplate = 'OPNsense/Dnscryptproxy';
static protected $internalServiceEnabled = 'enabled';
static protected $internalServiceName = 'dnscryptproxy';
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/Api/WhitelistController.php
+65
View File
@@ -0,0 +1,65 @@
<?php
/**
* Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
namespace OPNsense\Dnscryptproxy\Api;
use \OPNsense\Base\ApiMutableModelControllerBase;
use \OPNsense\Core\Backend;
class WhitelistController extends ApiMutableModelControllerBase
{
static protected $internalModelName = 'whitelist';
static protected $internalModelClass = '\OPNsense\Dnscryptproxy\Whitelist';
public function searchWhitelistAction()
{
return $this->searchBase('whitelists.whitelist', array("enabled", "name"));
}
public function getWhitelistAction($uuid = null)
{
$this->sessionClose();
return $this->getBase('whitelist', 'whitelists.whitelist', $uuid);
}
public function addWhitelistAction()
{
return $this->addBase('whitelist', 'whitelists.whitelist');
}
public function delWhitelistAction($uuid)
{
return $this->delBase('whitelists.whitelist', $uuid);
}
public function setWhitelistAction($uuid)
{
return $this->setBase('whitelist', 'whitelists.whitelist', $uuid);
}
public function toggleWhitelistAction($uuid)
{
return $this->toggleBase('whitelists.whitelist', $uuid);
}
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/GeneralController.php
+41
View File
@@ -0,0 +1,41 @@
<?php
/*
Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
namespace OPNsense\Dnscryptproxy;
class GeneralController extends \OPNsense\Base\IndexController
{
public function indexAction()
{
$this->view->generalForm = $this->getForm("general");
$this->view->formDialogEditDnscryptproxyForward = $this->getForm("dialogEditDnscryptproxyForward");
$this->view->formDialogEditDnscryptproxyCloak = $this->getForm("dialogEditDnscryptproxyCloak");
$this->view->formDialogEditDnscryptproxyWhitelist = $this->getForm("dialogEditDnscryptproxyWhitelist");
$this->view->pick('OPNsense/Dnscryptproxy/general');
}
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/forms/dialogEditDnscryptproxyCloak.xml
+20
View File
@@ -0,0 +1,20 @@
<form>
<field>
<id>cloak.enabled</id>
<label>Enabled</label>
<type>checkbox</type>
<help>This will enable or disable this override.</help>
</field>
<field>
<id>cloak.name</id>
<label>Name</label>
<type>text</type>
<help>Set the name to override, e.g. www.google.*</help>
</field>
<field>
<id>cloak.destination</id>
<label>Destination</label>
<type>text</type>
<help>Set target name to what to resolve.</help>
</field>
</form>
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/forms/dialogEditDnscryptproxyForward.xml
+20
View File
@@ -0,0 +1,20 @@
<form>
<field>
<id>forward.enabled</id>
<label>Enabled</label>
<type>checkbox</type>
<help>This will enable or disable this forward.</help>
</field>
<field>
<id>forward.domain</id>
<label>Domain</label>
<type>text</type>
<help>Set the domain, e.g. example.com</help>
</field>
<field>
<id>forward.dnsserver</id>
<label>DNS Server</label>
<type>text</type>
<help>Set the IP addresses to forward the domain.</help>
</field>
</form>
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/forms/dialogEditDnscryptproxyWhitelist.xml
+14
View File
@@ -0,0 +1,14 @@
<form>
<field>
<id>whitelist.enabled</id>
<label>Enabled</label>
<type>checkbox</type>
<help>This will enable or disable the whitelist entry.</help>
</field>
<field>
<id>whitelist.name</id>
<label>Name</label>
<type>text</type>
<help>Set the domain, IP or expression to whitelist, e.g. ads.* or *.example.com</help>
</field>
</form>
dns/dnscrypt-proxy/src/opnsense/mvc/app/controllers/OPNsense/Dnscryptproxy/forms/general.xml
+154
View File
@@ -0,0 +1,154 @@
<form>
<field>
<id>general.enabled</id>
<label>Enable DNSCrypt-Proxy</label>
<type>checkbox</type>
<help>This will activate DNSCrypt-Proxy service.</help>
</field>
<field>
<id>general.listen_addresses</id>
<label>Listen Address</label>
<style>tokenize</style>
<type>select_multiple</type>
<allownew>true</allownew>
<help>Set the IP address and port combinations this service should listen on, e.g 127.0.0.1:5353 and/or [::1]:5353</help>
</field>
<field>
<id>general.max_clients</id>
<label>Max Client Connections</label>
<type>text</type>
<help>Set the maximum number of simultaneous client connections to accept.</help>
</field>
<field>
<id>general.ipv4_servers</id>
<label>Use IPv4 Servers</label>
<type>checkbox</type>
<help>Let DNSCrypt-Proxy use IPv4 enabled servers.</help>
</field>
<field>
<id>general.ipv6_servers</id>
<label>Use IPv6 Servers</label>
<type>checkbox</type>
<help>Let DNSCrypt-Proxy use IPv6 enabled servers.</help>
</field>
<field>
<id>general.dnscrypt_servers</id>
<label>Use DNSCrypt Servers</label>
<type>checkbox</type>
<help>Let DNSCrypt-Proxy use servers with DNSCrypt protocol enabled.</help>
</field>
<field>
<id>general.doh_servers</id>
<label>Use DNS-over-HTTPS Servers</label>
<type>checkbox</type>
<help>Let DNSCrypt-Proxy use servers with DNS-over-HTTPS protocol enabled.</help>
</field>
<field>
<id>general.require_dnssec</id>
<label>Require DNSSEC</label>
<type>checkbox</type>
<help>Only use DNS server with DNSSEC enabled.</help>
</field>
<field>
<id>general.require_nolog</id>
<label>Require NoLog</label>
<type>checkbox</type>
<help>Only use DNS server without user request logging.</help>
</field>
<field>
<id>general.require_nofilter</id>
<label>Require NoFilter</label>
<type>checkbox</type>
<help>Only use DNS server without own blacklisting. There are many servers deleting ads or with parental control enabled.</help>
</field>
<field>
<id>general.force_tcp</id>
<label>Force TCP</label>
<type>checkbox</type>
<help>Always use TCP to connect to upstream servers. This can be can be useful if you need to route everything through Tor, otherwise keep it disabled.</help>
</field>
<field>
<id>general.proxy</id>
<label>Proxy</label>
<type>text</type>
<help>Use this to route all TCP connections to a local Tor node, format has to be like 127.0.0.1:9050</help>
</field>
<field>
<id>general.timeout</id>
<label>Timeout</label>
<type>text</type>
<help>How long a DNS query will wait for a response in milliseconds.</help>
</field>
<field>
<id>general.keepalive</id>
<label>Keepalive</label>
<type>text</type>
<help>Keepalive for HTTP (HTTPS, HTTP/2) queries in seconds.</help>
</field>
<field>
<id>general.cert_refresh_delay</id>
<label>Cert Refresh Delay</label>
<type>text</type>
<help>Delay in minutes after which certificates are reloaded.</help>
</field>
<field>
<id>general.dnscrypt_ephemeral_keys</id>
<label>Ephemeral Keys</label>
<type>checkbox</type>
<help>Create a new, unique key for every single DNS query. This may improve privacy but can also have a significant impact on CPU usage.</help>
</field>
<field>
<id>general.tls_disable_session_tickets</id>
<label>TLS Disable Session Tickets</label>
<type>checkbox</type>
<help>Disable TLS session tickets - increases privacy but also latency.</help>
</field>
<field>
<id>general.fallback_resolver</id>
<label>Fallback Resolver</label>
<type>text</type>
<help>This is a normal, non-encrypted DNS resolver, that will be only used for one-shot queries when retrieving the initial resolvers list, and only if the system DNS configuration does not work. Format is e.g. 9.9.9.9:53</help>
</field>
<field>
<id>general.block_ipv6</id>
<label>Block IPv6</label>
<type>checkbox</type>
<help>Immediately respond to IPv6-related queries with an empty response. This makes things faster when there is no IPv6 connectivity.</help>
</field>
<field>
<id>general.cache</id>
<label>Cache</label>
<type>checkbox</type>
<help>Enable a DNS cache to reduce latency and outgoing traffic.</help>
</field>
<field>
<id>general.cache_size</id>
<label>Cache Size</label>
<type>text</type>
<help>Set the cache size.</help>
</field>
<field>
<id>general.cache_min_ttl</id>
<label>Cache Min TTL</label>
<type>text</type>
<help>Minimum TTL for cached entries.</help>
</field>
<field>
<id>general.cache_max_ttl</id>
<label>Cache Max TTL</label>
<type>text</type>
<help>Maximum TTL for cached entries.</help>
</field>
<field>
<id>general.cache_neg_min_ttl</id>
<label>Cache Negative Min TTL</label>
<type>text</type>
<help>Minimum TTL for negatively cached entries.</help>
</field>
<field>
<id>general.cache_neg_max_ttl</id>
<label>Cache Negative Max TTL</label>
<type>text</type>
<help>Maximum TTL for negatively cached entries.</help>
</field>
</form>
dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/ACL/ACL.xml
+9
View File
@@ -0,0 +1,9 @@
<acl>
<page-dnscryptproxy-config>
<name>Services: dnscrypt-proxy</name>
<patterns>
<pattern>ui/dnscryptproxy/*</pattern>
<pattern>api/dnscryptproxy/*</pattern>
</patterns>
</page-dnscryptproxy-config>
</acl>
dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/Cloak.php
+31
View File
@@ -0,0 +1,31 @@
<?php
/*
Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
namespace OPNsense\Dnscryptproxy;
use OPNsense\Base\BaseModel;
class Cloak extends BaseModel
{
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/Cloak.xml
+21
View File
@@ -0,0 +1,21 @@
<model>
<mount>//OPNsense/dnscryptproxy/cloak</mount>
<description>dnscrypt-proxy Override configuration</description>
<version>0.1.0</version>
<items>
<cloaks>
<cloak type="ArrayField">
<enabled type="BooleanField">
<default>1</default>
<Required>Y</Required>
</enabled>
<name type="TextField">
<Required>Y</Required>
</name>
<destination type="HostnameField">
<Required>Y</Required>
</destination>
</cloak>
</cloaks>
</items>
</model>
dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/Forward.php
+31
View File
@@ -0,0 +1,31 @@
<?php
/*
Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
namespace OPNsense\Dnscryptproxy;
use OPNsense\Base\BaseModel;
class Forward extends BaseModel
{
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/Forward.xml
+21
View File
@@ -0,0 +1,21 @@
<model>
<mount>//OPNsense/dnscryptproxy/forward</mount>
<description>dnscrypt-proxy Forwarder configuration</description>
<version>0.1.0</version>
<items>
<forwards>
<forward type="ArrayField">
<enabled type="BooleanField">
<default>1</default>
<Required>Y</Required>
</enabled>
<domain type="HostnameField">
<Required>Y</Required>
</domain>
<dnsserver type="HostnameField">
<Required>Y</Required>
</dnsserver>
</forward>
</forwards>
</items>
</model>
dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/General.php
+35
View File
@@ -0,0 +1,35 @@
<?php
/*
Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
namespace OPNsense\Dnscryptproxy;
use OPNsense\Base\BaseModel;
class General extends BaseModel
{
}
dns/dnscrypt-proxy/src/opnsense/mvc/app/models/OPNsense/Dnscryptproxy/General.xml
+133
View File
@@ -0,0 +1,133 @@
<model>
<mount>//OPNsense/dnscryptproxy/general</mount>
<description>dnscrypt-proxy configuration</description>
<version>0.1.0</version>
<items>
<enabled type="BooleanField">
<default>0</default>
<Required>Y</Required>
</enabled>
<listen_addresses type="CSVListField">
<default>127.0.0.1:5353,[::1]:5353</default>
<Required>N</Required>
</listen_addresses>
<max_clients type="IntegerField">
<default>250</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>10000</MaximumValue>
<ValidationMessage>Choose a number between 1 and 10000.</ValidationMessage>
</max_clients>
<ipv4_servers type="BooleanField">
<default>1</default>
<Required>Y</Required>
</ipv4_servers>
<ipv6_servers type="BooleanField">
<default>0</default>
<Required>Y</Required>
</ipv6_servers>
<dnscrypt_servers type="BooleanField">
<default>1</default>
<Required>Y</Required>
</dnscrypt_servers>
<doh_servers type="BooleanField">
<default>1</default>
<Required>Y</Required>
</doh_servers>
<require_dnssec type="BooleanField">
<default>0</default>
<Required>Y</Required>
</require_dnssec>
<require_nolog type="BooleanField">
<default>1</default>
<Required>Y</Required>
</require_nolog>
<require_nofilter type="BooleanField">
<default>0</default>
<Required>Y</Required>
</require_nofilter>
<force_tcp type="BooleanField">
<default>0</default>
<Required>Y</Required>
</force_tcp>
<proxy type="TextField">
<Required>N</Required>
</proxy>
<timeout type="IntegerField">
<default>2500</default>
<Required>Y</Required>
<MinimumValue>100</MinimumValue>
<MaximumValue>10000</MaximumValue>
<ValidationMessage>Choose a number between 100 and 10000.</ValidationMessage>
</timeout>
<keepalive type="IntegerField">
<default>30</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>600</MaximumValue>
<ValidationMessage>Choose a number between 1 and 600.</ValidationMessage>
</keepalive>
<cert_refresh_delay type="IntegerField">
<default>240</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>3600</MaximumValue>
<ValidationMessage>Choose a number between 1 and 3600.</ValidationMessage>
</cert_refresh_delay>
<dnscrypt_ephemeral_keys type="BooleanField">
<default>0</default>
<Required>Y</Required>
</dnscrypt_ephemeral_keys>
<tls_disable_session_tickets type="BooleanField">
<default>0</default>
<Required>Y</Required>
</tls_disable_session_tickets>
<fallback_resolver type="TextField">
<default>9.9.9.9:53</default>
<Required>Y</Required>
</fallback_resolver>
<block_ipv6 type="BooleanField">
<default>0</default>
<Required>Y</Required>
</block_ipv6>
<cache type="BooleanField">
<default>1</default>
<Required>Y</Required>
</cache>
<cache_size type="IntegerField">
<default>512</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>20480</MaximumValue>
<ValidationMessage>Choose a number between 1 and 20480.</ValidationMessage>
</cache_size>
<cache_min_ttl type="IntegerField">
<default>600</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>3600</MaximumValue>
<ValidationMessage>Choose a number between 1 and 3600.</ValidationMessage>
</cache_min_ttl>
<cache_max_ttl type="IntegerField">
<default>86400</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>86400</MaximumValue>
<ValidationMessage>Choose a number between 1 and 86400.</ValidationMessage>
</cache_max_ttl>
<cache_neg_min_ttl type="IntegerField">
<default>60</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>3600</MaximumValue>
<ValidationMessage>Choose a number between 1 and 3600.</ValidationMessage>
</cache_neg_min_ttl>
<cache_neg_max_ttl type="IntegerField">
<default>600</default>
<Required>Y</Required>
<MinimumValue>1</MinimumValue>
<MaximumValue>86400</MaximumValue>
<ValidationMessage>Choose a number between 1 and 86400.</ValidationMessage>
</cache_neg_max_ttl>
</items>
</model>

Some files were not shown because too many files have changed in this diff Show More