diff --git a/config/rootfiles/common/aarch64/initscripts b/config/rootfiles/common/aarch64/initscripts index b731a70c1..260a961fe 100644 --- a/config/rootfiles/common/aarch64/initscripts +++ b/config/rootfiles/common/aarch64/initscripts @@ -41,7 +41,7 @@ etc/rc.d/init.d/networking/green etc/rc.d/init.d/networking/orange etc/rc.d/init.d/networking/red #etc/rc.d/init.d/networking/red.down -etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders +etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders etc/rc.d/init.d/networking/red.down/10-ipsec etc/rc.d/init.d/networking/red.down/10-miniupnpd etc/rc.d/init.d/networking/red.down/10-ovpn diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts index b731a70c1..260a961fe 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -41,7 +41,7 @@ etc/rc.d/init.d/networking/green etc/rc.d/init.d/networking/orange etc/rc.d/init.d/networking/red #etc/rc.d/init.d/networking/red.down -etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders +etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders etc/rc.d/init.d/networking/red.down/10-ipsec etc/rc.d/init.d/networking/red.down/10-miniupnpd etc/rc.d/init.d/networking/red.down/10-ovpn diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index df4f859f1..88ec789bc 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -49,7 +49,7 @@ etc/rc.d/init.d/networking/red.down/10-static-routes etc/rc.d/init.d/networking/red.down/20-firewall #etc/rc.d/init.d/networking/red.up etc/rc.d/init.d/networking/red.up/01-conntrack-cleanup -etc/rc.d/init.d/networking/red.up/05-update-dns-forwarders +etc/rc.d/init.d/networking/red.up/05-remove-dns-forwarders etc/rc.d/init.d/networking/red.up/10-miniupnpd etc/rc.d/init.d/networking/red.up/10-multicast etc/rc.d/init.d/networking/red.up/10-static-routes diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts index df4f859f1..d74fb743b 100644 --- a/config/rootfiles/common/x86_64/initscripts +++ b/config/rootfiles/common/x86_64/initscripts @@ -41,7 +41,7 @@ etc/rc.d/init.d/networking/green etc/rc.d/init.d/networking/orange etc/rc.d/init.d/networking/red #etc/rc.d/init.d/networking/red.down -etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders +etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders etc/rc.d/init.d/networking/red.down/10-ipsec etc/rc.d/init.d/networking/red.down/10-miniupnpd etc/rc.d/init.d/networking/red.down/10-ovpn diff --git a/config/rootfiles/core/135/filelists/files b/config/rootfiles/core/135/filelists/files index 3d868d324..d8df9f65b 100644 --- a/config/rootfiles/core/135/filelists/files +++ b/config/rootfiles/core/135/filelists/files @@ -6,6 +6,7 @@ etc/unbound/root.hints etc/rc.d/helper/azure-setup etc/rc.d/init.d/cloud-init etc/rc.d/init.d/functions +etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders etc/rc.d/init.d/partresize etc/rc.d/init.d/unbound etc/sysctl.conf diff --git a/config/rootfiles/core/135/update.sh b/config/rootfiles/core/135/update.sh index 56854d2c9..55f72fc4e 100644 --- a/config/rootfiles/core/135/update.sh +++ b/config/rootfiles/core/135/update.sh @@ -35,6 +35,7 @@ done rm -vf \ /etc/rc.d/init.d/aws \ /etc/rc.d/rcsysinit.d/S74aws + /etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders # Stop services /etc/init.d/squid stop diff --git a/src/initscripts/networking/red.down/05-remove-dns-forwarders b/src/initscripts/networking/red.down/05-remove-dns-forwarders new file mode 100644 index 000000000..671cca9df --- /dev/null +++ b/src/initscripts/networking/red.down/05-remove-dns-forwarders @@ -0,0 +1,4 @@ +#!/bin/bash + +# Remove DNS forwarders for unbound +exec /etc/init.d/unbound remove-forwarders diff --git a/src/initscripts/networking/red.down/05-update-dns-forwarders b/src/initscripts/networking/red.down/05-update-dns-forwarders deleted file mode 100644 index 7f35696f5..000000000 --- a/src/initscripts/networking/red.down/05-update-dns-forwarders +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -# Update DNS forwarders for unbound -exec /etc/init.d/unbound update-forwarders diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound index 5d3c5062f..dbcfc951f 100644 --- a/src/initscripts/system/unbound +++ b/src/initscripts/system/unbound @@ -41,6 +41,22 @@ read_name_servers() { done 2>/dev/null | xargs echo } +check_red_has_carrier_and_ip() { + # Interface configured ? + [ ! -e "/var/ipfire/red/iface" ] && return 0; + + # Interface present ? + [ ! -e "/sys/class/net/$( /var/ipfire/red/dns + unbound-control -q forward off + +} + own_hostname() { local hostname=$(hostname -f) # 1.1.1.1 is reserved for unused green, skip this @@ -473,7 +497,8 @@ disable_dnssec() { fix_time_if_dns_fail() { # If DNS still not work try to init ntp with # hardcoded ntp.ipfire.org (81.3.27.46) - if [ -e "/var/ipfire/red/iface" -a "$( /dev/null 2>&1 if [ "${?}" != "0" ]; then boot_mesg "DNS still not functioning... Trying to sync time with ntp.ipfire.org (81.3.27.46)..." @@ -807,6 +832,19 @@ case "$1" in fix_time_if_dns_fail ;; + remove-forwarders) + # Do not try updating forwarders when unbound is not running + if ! pgrep unbound &>/dev/null; then + exit 0 + fi + + remove_forwarders + + unbound-control flush_negative > /dev/null + unbound-control flush_bogus > /dev/null + ;; + + test-name-server) ns=${2} @@ -848,7 +886,7 @@ case "$1" in ;; *) - echo "Usage: $0 {start|stop|restart|status|update-forwarders|test-name-server|resolve}" + echo "Usage: $0 {start|stop|restart|status|update-forwarders|remove-forwarders|test-name-server|resolve}" exit 1 ;; esac