diff --git a/config/rootfiles/core/106/exclude b/config/rootfiles/core/106/exclude index 1d8d74e21..7ddeae0ba 100644 --- a/config/rootfiles/core/106/exclude +++ b/config/rootfiles/core/106/exclude @@ -23,7 +23,6 @@ var/ipfire/dma var/ipfire/time var/ipfire/ovpn var/lib/alternatives -var/lib/unbound/root.key var/log/cache var/state/dhcp/dhcpd.leases var/updatecache diff --git a/src/initscripts/init.d/networking/red.up/05-update-dns-forwarders b/src/initscripts/init.d/networking/red.up/05-update-dns-forwarders index be8879ca9..4ff2e58ef 100644 --- a/src/initscripts/init.d/networking/red.up/05-update-dns-forwarders +++ b/src/initscripts/init.d/networking/red.up/05-update-dns-forwarders @@ -3,10 +3,11 @@ # If network has not fully been brought up here, we start unbound # so that all following scripts can rely on DNS resolution -# Update DNS forwarders if unbound is running -if pgrep -q unbound; then - exec /etc/init.d/unbound update-forwarders +pidof unbound > /dev/null +if [ "${?}" = "0" ]; then + # unbound is run so update the forwarders + /etc/init.d/unbound update-forwarders +else + # Start unbound if it is not running, yet + /etc/init.d/unbound start fi - -# Start unbound if it is not running, yet -exec /etc/init.d/unbound start diff --git a/src/initscripts/init.d/unbound b/src/initscripts/init.d/unbound index dd5c85c7b..d324457d1 100644 --- a/src/initscripts/init.d/unbound +++ b/src/initscripts/init.d/unbound @@ -44,6 +44,15 @@ function cidr() { echo "${cidr}/${nbits}" } +ip_address_revptr() { + local addr=${1} + + local a1 a2 a3 a4 + IFS=. read -r a1 a2 a3 a4 <<< ${addr} + + echo "${a4}.${a3}.${a2}.${a1}.in-addr.arpa" +} + read_name_servers() { local i for i in 1 2; do @@ -101,6 +110,23 @@ update_forwarders() { unbound-control -q forward off } +own_hostname() { + local hostname=$(hostname -f) + # 1.1.1.1 is reserved for green only, skip this + if [ -n "${GREEN_ADDRESS}" -a "${GREEN_ADDRESS}" != "1.1.1.1" ]; then + unbound-control -q local_data "${hostname} ${LOCAL_TTL} IN A ${GREEN_ADDRESS}" + fi + + local address + for address in ${GREEN_ADDRESS} ${BLUE_ADDRESS} ${ORANGE_ADDRESS}; do + [ -n "${address}" ] || continue + [ "${address}" = "1.1.1.1" ] && continue + + address=$(ip_address_revptr ${address}) + unbound-control -q local_data "${address} ${LOCAL_TTL} IN PTR ${hostname}" + done +} + update_hosts() { local enabled address hostname domainname @@ -111,6 +137,10 @@ update_hosts() { local fqdn="${hostname}.${domainname}" unbound-control -q local_data "${fqdn} ${LOCAL_TTL} IN A ${address}" + + # Add RDNS + address=$(ip_address_revptr ${address}) + unbound-control -q local_data "${address} ${LOCAL_TTL} IN PTR ${fqdn}" done < /var/ipfire/main/hosts } @@ -307,6 +337,9 @@ case "$1" in boot_mesg "Starting Unbound DNS Proxy..." loadproc /usr/sbin/unbound || exit $? + # Make own hostname resolveable + own_hostname + # Update any known forwarding name servers update_forwarders