This changes the old "diff" algorithm that we needed to have before
Unbound was able to reload its own configuration.
Now, it can do this even without dropping the cache. This should
hopefully perform much better and be more reliable than the old way.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
When the bridge cannot detect a domain name for any of the leases, it
uses localdomain which is not always the best choice. So instead, this
patches changes the behaviour that we read the default domain of the
firewall.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
This saves some resources when we re-read the same configuration file
too often.
Suggested-by: Anthony Heading <ajrh@ajrh.net>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch changes that the script will listen to changes to the
directory instead of the file which got complicated when files got
renamed.
It also processes all changes at the same time and tries finding out
what actions have to be performed in order to avoid unnecessary
iterations.
The script is also limited to process any changes only once every five
seconds to keep resource usage in check on busy systems.
Suggested-by: Anthony Heading <ajrh@ajrh.net>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This improves logging and enables logging to the console.
Suggested-by: Anthony Heading <ajrh@ajrh.net>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
unbound runs as nobody and cannot reload its configuration
when this file is only readable for root.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
When there is a large number of leases, writing the file may
take a long time. When unbound is re-reading its configuration
in that time, the file might syntactically incorrect.
This change writes the file first and then moves it
to the right place in one transaction.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Before the bridge tries reading any existing leases from unbound
but this makes it difficult to destinguish between what is a DHCP lease,
static host entry or anything else.
This patch will change the bridge back to just remember what has been
added to the cache already which makes it easier to keep track.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
If there are any invalid hostnames in the DHCP leases
table, we just skip them and do not create and RRs for
them.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This allows us to restart unbound and all DHCP leases
will be re-imported even if the unbound-dhcp-leases-bridge is
not restarted.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
