mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-09 18:45:54 +02:00
DNS Forwarding: Add UI to Allow to disable DNSSEC for a zone
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
@@ -606,6 +606,8 @@ WARNING: untranslated string: dns desc = If the red0 interface gets the IP addre
|
||||
WARNING: untranslated string: dns error 0 = The IP address of the <strong>primary</strong> DNS server is not valid, please check your entries!<br />The entered <strong>secondary</strong> DNS server address is valid.
|
||||
WARNING: untranslated string: dns error 01 = The entered IP address of the <strong>primary</strong> and <strong>secondary</strong> DNS server are not valid, please check your entries!
|
||||
WARNING: untranslated string: dns error 1 = The IP address of the <strong>secondary</strong> DNS server is not valid, please check your entries!<br />The entered <strong>primary</strong> DNS server address is valid.
|
||||
WARNING: untranslated string: dns forward disable dnssec = Disable DNSSEC (dangerous)
|
||||
WARNING: untranslated string: dns forwarding dnssec disabled notice = (DNSSEC disabled)
|
||||
WARNING: untranslated string: dns header = Assign DNS server addresses only for DHCP on red0
|
||||
WARNING: untranslated string: dns list = List of free public DNS servers
|
||||
WARNING: untranslated string: dns menu = Assign DNS-Server
|
||||
|
||||
@@ -778,6 +778,8 @@ WARNING: untranslated string: dhcp dns update algo = Algorithm:
|
||||
WARNING: untranslated string: dhcp dns update secret = Secret:
|
||||
WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip)
|
||||
WARNING: untranslated string: dnat address = Firewall Interface
|
||||
WARNING: untranslated string: dns forward disable dnssec = Disable DNSSEC (dangerous)
|
||||
WARNING: untranslated string: dns forwarding dnssec disabled notice = (DNSSEC disabled)
|
||||
WARNING: untranslated string: dns servers = DNS Servers
|
||||
WARNING: untranslated string: dnsforward = DNS Forwarding
|
||||
WARNING: untranslated string: dnsforward add a new entry = Add a new entry
|
||||
|
||||
@@ -772,6 +772,8 @@ WARNING: untranslated string: Captive clients = unknown string
|
||||
WARNING: untranslated string: Scan for Songs = unknown string
|
||||
WARNING: untranslated string: bytes = unknown string
|
||||
WARNING: untranslated string: default IP address = Default IP Address
|
||||
WARNING: untranslated string: dns forward disable dnssec = Disable DNSSEC (dangerous)
|
||||
WARNING: untranslated string: dns forwarding dnssec disabled notice = (DNSSEC disabled)
|
||||
WARNING: untranslated string: fwhost cust geoipgrp = unknown string
|
||||
WARNING: untranslated string: fwhost err hostip = unknown string
|
||||
WARNING: untranslated string: guardian block a host = unknown string
|
||||
|
||||
@@ -798,6 +798,8 @@ WARNING: untranslated string: dhcp dns update = DNS Update
|
||||
WARNING: untranslated string: dhcp dns update algo = Algorithm:
|
||||
WARNING: untranslated string: dhcp dns update secret = Secret:
|
||||
WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip)
|
||||
WARNING: untranslated string: dns forward disable dnssec = Disable DNSSEC (dangerous)
|
||||
WARNING: untranslated string: dns forwarding dnssec disabled notice = (DNSSEC disabled)
|
||||
WARNING: untranslated string: dnsforward forward_servers = Nameservers
|
||||
WARNING: untranslated string: dnssec disabled warning = WARNING: DNSSEC has been disabled
|
||||
WARNING: untranslated string: eight hours = 8 Hours
|
||||
|
||||
@@ -801,6 +801,8 @@ WARNING: untranslated string: dhcp dns update = DNS Update
|
||||
WARNING: untranslated string: dhcp dns update algo = Algorithm:
|
||||
WARNING: untranslated string: dhcp dns update secret = Secret:
|
||||
WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip)
|
||||
WARNING: untranslated string: dns forward disable dnssec = Disable DNSSEC (dangerous)
|
||||
WARNING: untranslated string: dns forwarding dnssec disabled notice = (DNSSEC disabled)
|
||||
WARNING: untranslated string: dns servers = DNS Servers
|
||||
WARNING: untranslated string: dnsforward forward_servers = Nameservers
|
||||
WARNING: untranslated string: dnssec aware = DNSSEC Aware
|
||||
|
||||
@@ -778,6 +778,8 @@ WARNING: untranslated string: dhcp dns update algo = Algorithm:
|
||||
WARNING: untranslated string: dhcp dns update secret = Secret:
|
||||
WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip)
|
||||
WARNING: untranslated string: dnat address = Firewall Interface
|
||||
WARNING: untranslated string: dns forward disable dnssec = Disable DNSSEC (dangerous)
|
||||
WARNING: untranslated string: dns forwarding dnssec disabled notice = (DNSSEC disabled)
|
||||
WARNING: untranslated string: dns servers = DNS Servers
|
||||
WARNING: untranslated string: dnsforward = DNS Forwarding
|
||||
WARNING: untranslated string: dnsforward add a new entry = Add a new entry
|
||||
|
||||
@@ -782,6 +782,8 @@ WARNING: untranslated string: dhcp dns update secret = Secret:
|
||||
WARNING: untranslated string: disk access per = Disk Access per
|
||||
WARNING: untranslated string: dl client arch insecure = Download insecure Client Package (zip)
|
||||
WARNING: untranslated string: dnat address = Firewall Interface
|
||||
WARNING: untranslated string: dns forward disable dnssec = Disable DNSSEC (dangerous)
|
||||
WARNING: untranslated string: dns forwarding dnssec disabled notice = (DNSSEC disabled)
|
||||
WARNING: untranslated string: dns servers = DNS Servers
|
||||
WARNING: untranslated string: dnsforward = DNS Forwarding
|
||||
WARNING: untranslated string: dnsforward add a new entry = Add a new entry
|
||||
|
||||
@@ -775,6 +775,8 @@ WARNING: untranslated string: bytes = unknown string
|
||||
WARNING: untranslated string: crypto error = Cryptographic error
|
||||
WARNING: untranslated string: crypto warning = Cryptographic warning
|
||||
WARNING: untranslated string: default IP address = Default IP Address
|
||||
WARNING: untranslated string: dns forward disable dnssec = Disable DNSSEC (dangerous)
|
||||
WARNING: untranslated string: dns forwarding dnssec disabled notice = (DNSSEC disabled)
|
||||
WARNING: untranslated string: dnsforward forward_servers = Nameservers
|
||||
WARNING: untranslated string: fwdfw all subnets = All subnets
|
||||
WARNING: untranslated string: fwhost cust geoipgrp = unknown string
|
||||
|
||||
@@ -210,9 +210,11 @@
|
||||
< dnsforward
|
||||
< dnsforward add a new entry
|
||||
< dnsforward configuration
|
||||
< dns forward disable dnssec
|
||||
< dnsforward edit an entry
|
||||
< dnsforward entries
|
||||
< dnsforward forward_servers
|
||||
< dns forwarding dnssec disabled notice
|
||||
< dnsforward zone
|
||||
< dnssec aware
|
||||
< dnssec disabled warning
|
||||
@@ -803,6 +805,8 @@
|
||||
############################################################################
|
||||
< cryptographic settings
|
||||
< default IP address
|
||||
< dns forward disable dnssec
|
||||
< dns forwarding dnssec disabled notice
|
||||
< interface mode
|
||||
< invalid input for interface address
|
||||
< invalid input for interface mode
|
||||
@@ -898,7 +902,9 @@
|
||||
< dhcp dns update algo
|
||||
< dhcp dns update secret
|
||||
< dl client arch insecure
|
||||
< dns forward disable dnssec
|
||||
< dnsforward forward_servers
|
||||
< dns forwarding dnssec disabled notice
|
||||
< dnssec disabled warning
|
||||
< eight hours
|
||||
< email config
|
||||
@@ -1141,7 +1147,9 @@
|
||||
< dh name is invalid
|
||||
< dh parameter
|
||||
< dl client arch insecure
|
||||
< dns forward disable dnssec
|
||||
< dnsforward forward_servers
|
||||
< dns forwarding dnssec disabled notice
|
||||
< dnssec aware
|
||||
< dnssec disabled warning
|
||||
< dnssec information
|
||||
@@ -1501,9 +1509,11 @@
|
||||
< dnsforward
|
||||
< dnsforward add a new entry
|
||||
< dnsforward configuration
|
||||
< dns forward disable dnssec
|
||||
< dnsforward edit an entry
|
||||
< dnsforward entries
|
||||
< dnsforward forward_servers
|
||||
< dns forwarding dnssec disabled notice
|
||||
< dnsforward zone
|
||||
< dnssec aware
|
||||
< dnssec disabled warning
|
||||
@@ -2235,9 +2245,11 @@
|
||||
< dnsforward
|
||||
< dnsforward add a new entry
|
||||
< dnsforward configuration
|
||||
< dns forward disable dnssec
|
||||
< dnsforward edit an entry
|
||||
< dnsforward entries
|
||||
< dnsforward forward_servers
|
||||
< dns forwarding dnssec disabled notice
|
||||
< dnsforward zone
|
||||
< dnssec aware
|
||||
< dnssec disabled warning
|
||||
@@ -2820,7 +2832,9 @@
|
||||
< cryptographic settings
|
||||
< crypto warning
|
||||
< default IP address
|
||||
< dns forward disable dnssec
|
||||
< dnsforward forward_servers
|
||||
< dns forwarding dnssec disabled notice
|
||||
< fwdfw all subnets
|
||||
< interface mode
|
||||
< invalid input for interface address
|
||||
|
||||
@@ -52,6 +52,7 @@ $cgiparams{'ACTION'} = '';
|
||||
$cgiparams{'ZONE'} = '';
|
||||
$cgiparams{'FORWARD_SERVERS'} = '';
|
||||
$cgiparams{'REMARK'} ='';
|
||||
$cgiparams{'DISABLE_DNSSEC'} = 'off';
|
||||
&Header::getcgihash(\%cgiparams);
|
||||
open(FILE, $filename) or die 'Unable to open config file.';
|
||||
my @current = <FILE>;
|
||||
@@ -76,6 +77,10 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
|
||||
}
|
||||
}
|
||||
|
||||
if ($cgiparams{'DISABLE_DNSSEC'} !~ /^(on|off)?$/) {
|
||||
$errormessage = $Lang::tr{'invalid input'};
|
||||
}
|
||||
|
||||
# Go further if there was no error.
|
||||
if ( ! $errormessage)
|
||||
{
|
||||
@@ -85,11 +90,16 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
|
||||
# Check if a remark has been entered.
|
||||
$cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
|
||||
|
||||
# Set to off if not enabled
|
||||
if (!$cgiparams{'DISABLE_DNSSEC'}) {
|
||||
$cgiparams{'DISABLE_DNSSEC'} = "off";
|
||||
}
|
||||
|
||||
# Check if we want to edit an existing or add a new entry.
|
||||
if($cgiparams{'EDITING'} eq 'no') {
|
||||
open(FILE,">>$filename") or die 'Unable to open config file.';
|
||||
flock FILE, 2;
|
||||
print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_SERVERS'},$cgiparams{'REMARK'}\n";
|
||||
print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_SERVERS'},$cgiparams{'REMARK'},$cgiparams{'DISABLE_DNSSEC'}\n";
|
||||
} else {
|
||||
open(FILE, ">$filename") or die 'Unable to open config file.';
|
||||
flock FILE, 2;
|
||||
@@ -98,7 +108,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
|
||||
{
|
||||
$id++;
|
||||
if ($cgiparams{'EDITING'} eq $id) {
|
||||
print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_SERVERS'},$cgiparams{'REMARK'}\n";
|
||||
print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_SERVERS'},$cgiparams{'REMARK'},$cgiparams{'DISABLE_DNSSEC'}\n";
|
||||
} else { print FILE "$line"; }
|
||||
}
|
||||
}
|
||||
@@ -151,7 +161,10 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'toggle enable disable'})
|
||||
{
|
||||
chomp($line);
|
||||
my @temp = split(/\,/,$line);
|
||||
print FILE "$cgiparams{'ENABLE'},$temp[1],$temp[2],$temp[3]\n";
|
||||
|
||||
$temp[0] = $cgiparams{'ENABLE'};
|
||||
|
||||
print FILE join(",", @temp) . "\n";
|
||||
}
|
||||
}
|
||||
close(FILE);
|
||||
@@ -176,6 +189,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'})
|
||||
$cgiparams{'ZONE'} = $temp[1];
|
||||
$cgiparams{'FORWARD_SERVERS'} = join(",", split(/\|/, $temp[2]));
|
||||
$cgiparams{'REMARK'} = $temp[3];
|
||||
$cgiparams{'DISABLE_DNSSEC'} = $temp[4];
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -184,6 +198,10 @@ $checked{'ENABLED'}{'off'} = '';
|
||||
$checked{'ENABLED'}{'on'} = '';
|
||||
$checked{'ENABLED'}{$cgiparams{'ENABLED'}} = "checked='checked'";
|
||||
|
||||
$checked{'DISABLE_DNSSEC'}{'off'} = '';
|
||||
$checked{'DISABLE_DNSSEC'}{'on'} = '';
|
||||
$checked{'DISABLE_DNSSEC'}{$cgiparams{'DISABLE_DNSSEC'}} = "checked='checked'";
|
||||
|
||||
&Header::openpage($Lang::tr{'dnsforward configuration'}, 1, '');
|
||||
|
||||
&Header::openbigbox('100%', 'left', '', $errormessage);
|
||||
@@ -230,6 +248,10 @@ print <<END
|
||||
<td width ='20%' class='base'>$Lang::tr{'remark'}:</td>
|
||||
<td><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='40' maxlength='50' /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width ='20%' class='base'>$Lang::tr{'dns forward disable dnssec'}:</td>
|
||||
<td><input type='checkbox' name='DISABLE_DNSSEC' $checked{'DISABLE_DNSSEC'}' /></td>
|
||||
</tr>
|
||||
</table>
|
||||
<br>
|
||||
<hr>
|
||||
@@ -291,13 +313,19 @@ foreach my $line (@current)
|
||||
my $gif = '';
|
||||
my $gdesc = '';
|
||||
my $toggle = '';
|
||||
my $notice = "";
|
||||
|
||||
# Format lists of servers
|
||||
my $servers = join(", ", split(/\|/, $temp[2]));
|
||||
|
||||
my $disable_dnssec = $temp[4];
|
||||
|
||||
if($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'ID'} eq $id) {
|
||||
print "<tr>";
|
||||
$col="bgcolor='${Header::colouryellow}'"; }
|
||||
elsif ($disable_dnssec eq 'on') {
|
||||
print "<tr>";
|
||||
$col="bgcolor='${Header::colourred}' style='color: white'"; }
|
||||
elsif ($id % 2) {
|
||||
print "<tr>";
|
||||
$col="bgcolor='$color{'color22'}'"; }
|
||||
@@ -308,11 +336,15 @@ foreach my $line (@current)
|
||||
if ($temp[0] eq 'on') { $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
|
||||
else { $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'}; }
|
||||
|
||||
if ($disable_dnssec eq "on") {
|
||||
$notice = $Lang::tr{'dns forwarding dnssec disabled notice'};
|
||||
}
|
||||
|
||||
###
|
||||
# Display edit page.
|
||||
#
|
||||
print <<END
|
||||
<td align='center' $col>$temp[1]</td>
|
||||
<td align='center' $col>$temp[1] $notice</td>
|
||||
<td align='center' $col>$servers</td>
|
||||
<td align='center' $col>$temp[3]</td>
|
||||
<td align='center' $col>
|
||||
|
||||
@@ -805,6 +805,8 @@
|
||||
'dns error 0' => 'Die IP Adresse vom <strong>primären</strong> DNS Server ist nicht gültig, bitte überprüfen Sie Ihre Eingabe!<br />Die eingegebene <strong>sekundären</strong> DNS Server Adresse ist jedoch gültig.<br />',
|
||||
'dns error 01' => 'Die eingegebene IP Adresse des <strong>primären</strong> wie auch des <strong>sekundären</strong> DNS-Servers sind nicht gültig, bitte überprüfen Sie Ihre Eingaben!',
|
||||
'dns error 1' => 'Die IP Adresse vom <strong>sekundären</strong> DNS Server ist nicht gültig, bitte überprüfen Sie Ihre Eingabe!<br />Die eingegebene <strong>primäre</strong> DNS Server Adresse ist jedoch gültig.',
|
||||
'dns forward disable dnssec' => 'DNSSEC deaktivieren (nicht empfohlen)',
|
||||
'dns forwarding dnssec disabled notice' => '(DNSSEC deaktiviert)',
|
||||
'dns header' => 'DNS Server Adressen zuweisen nur mit DHCP an red0',
|
||||
'dns list' => 'Liste von freien öffentlichen DNS Servern',
|
||||
'dns menu' => 'DNS-Server zuweisen',
|
||||
|
||||
@@ -832,6 +832,8 @@
|
||||
'dns error 0' => 'The IP address of the <strong>primary</strong> DNS server is not valid, please check your entries!<br />The entered <strong>secondary</strong> DNS server address is valid.',
|
||||
'dns error 01' => 'The entered IP address of the <strong>primary</strong> and <strong>secondary</strong> DNS server are not valid, please check your entries!',
|
||||
'dns error 1' => 'The IP address of the <strong>secondary</strong> DNS server is not valid, please check your entries!<br />The entered <strong>primary</strong> DNS server address is valid.',
|
||||
'dns forward disable dnssec' => 'Disable DNSSEC (dangerous)',
|
||||
'dns forwarding dnssec disabled notice' => '(DNSSEC disabled)',
|
||||
'dns header' => 'Assign DNS server addresses only for DHCP on red0',
|
||||
'dns list' => 'List of free public DNS servers',
|
||||
'dns menu' => 'Assign DNS-Server',
|
||||
|
||||
Reference in New Issue
Block a user