From patchwork Wed Jan 20 12:49:36 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Dickinson X-Patchwork-Id: 570700 X-Patchwork-Delegate: nbd@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 09BFB140307 for ; Wed, 20 Jan 2016 23:51:34 +1100 (AEDT) Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id 7C00128C041; Wed, 20 Jan 2016 13:49:23 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on arrakis.dune.hu X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,RDNS_NONE autolearn=no version=3.3.2 Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id 3A5BC28BFAA for ; Wed, 20 Jan 2016 13:49:19 +0100 (CET) X-policyd-weight: using cached result; rate: -8.5 Received: from s2.neomailbox.net (unknown [5.148.176.60]) by arrakis.dune.hu (Postfix) with ESMTPS for ; Wed, 20 Jan 2016 13:49:16 +0100 (CET) From: openwrt@daniel.thecshore.com To: openwrt-devel@lists.openwrt.org Date: Wed, 20 Jan 2016 07:49:36 -0500 Message-Id: <1453294178-75705-1-git-send-email-openwrt@daniel.thecshore.com> Subject: [OpenWrt-Devel] [PATCH 1/3] network/services/dnsmasq: Add support for multiple instances of dnsmasq X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openwrt-devel-bounces@lists.openwrt.org Sender: "openwrt-devel" From: Daniel Dickinson Dnsmasq can easily support running multiple instances and this is useful for providing different services to different vlans (e.g. sending a guest network through the free version of opendns or serving different domains to different vlans or having different some vlans use remote corporate dns while the personal vlans use ISP dns). With the right firewall rules you could also use DNAT to serve specific hosts differently than the rest). Signed-off-by: Daniel Dickinson --- package/network/services/dnsmasq/Makefile | 2 + package/network/services/dnsmasq/files/dhcp.conf | 2 +- .../dnsmasq/files/dnsmasq-migrate-config.default | 21 + .../network/services/dnsmasq/files/dnsmasq.init | 440 +++++++++++++-------- 4 files changed, 301 insertions(+), 164 deletions(-) create mode 100644 package/network/services/dnsmasq/files/dnsmasq-migrate-config.default diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile index de0237b..003530d 100644 --- a/package/network/services/dnsmasq/Makefile +++ b/package/network/services/dnsmasq/Makefile @@ -135,6 +135,8 @@ define Package/dnsmasq/install $(INSTALL_BIN) ./files/dnsmasq.init $(1)/etc/init.d/dnsmasq $(INSTALL_DIR) $(1)/etc/hotplug.d/iface $(INSTALL_DATA) ./files/dnsmasq.hotplug $(1)/etc/hotplug.d/iface/25-dnsmasq + $(INSTALL_DIR) $(1)/etc/uci-defaults + $(INSTALL_DATA) ./files/dnsmasq-migrate-config.default $(1)/etc/uci-defaults/dnsmasq-migrate-config endef Package/dnsmasq-dhcpv6/install = $(Package/dnsmasq/install) diff --git a/package/network/services/dnsmasq/files/dhcp.conf b/package/network/services/dnsmasq/files/dhcp.conf index 362b90a..734beb6 100644 --- a/package/network/services/dnsmasq/files/dhcp.conf +++ b/package/network/services/dnsmasq/files/dhcp.conf @@ -1,4 +1,4 @@ -config dnsmasq +config dnsmasq 'dnsmasq' option domainneeded 1 option boguspriv 1 option filterwin2k 0 # enable for dial on demand diff --git a/package/network/services/dnsmasq/files/dnsmasq-migrate-config.default b/package/network/services/dnsmasq/files/dnsmasq-migrate-config.default new file mode 100644 index 0000000..8e9c886 --- /dev/null +++ b/package/network/services/dnsmasq/files/dnsmasq-migrate-config.default @@ -0,0 +1,21 @@ +#!/bin/sh + +. /lib/functions.sh + +numsections=0 +sname="" + +getsection() { + local cfg="$1" + numsections=$((numsections + 1)) + sname="$cfg" +} + +config_load dhcp +config_foreach getsection dnsmasq + +if [ "$numsections" = "1" ]; then + uci rename dhcp.$sname='dnsmasq' + uci commit dhcp +fi + diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init index efc9627..8aae43a 100644 --- a/package/network/services/dnsmasq/files/dnsmasq.init +++ b/package/network/services/dnsmasq/files/dnsmasq.init @@ -12,10 +12,10 @@ DOMAIN="" ADD_LOCAL_DOMAIN=1 ADD_LOCAL_HOSTNAME=1 -CONFIGFILE="/var/etc/dnsmasq.conf" -HOSTFILE="/tmp/hosts/dhcp" +BASECONFIGFILE="/var/etc/dnsmasq.conf" +BASEHOSTFILE="/tmp/hosts/dhcp" +BASETIMESTAMPFILE="/etc/dnsmasq.time" TRUSTANCHORSFILE="/usr/share/dnsmasq/trust-anchors.conf" -TIMESTAMPFILE="/etc/dnsmasq.time" xappend() { local value="$1" @@ -112,117 +112,14 @@ append_pxe_service() { xappend "--pxe-service=$1" } -dnsmasq() { - local cfg="$1" - append_bool "$cfg" authoritative "--dhcp-authoritative" - append_bool "$cfg" nodaemon "--no-daemon" - append_bool "$cfg" domainneeded "--domain-needed" - append_bool "$cfg" filterwin2k "--filterwin2k" - append_bool "$cfg" nohosts "--no-hosts" - append_bool "$cfg" nonegcache "--no-negcache" - append_bool "$cfg" strictorder "--strict-order" - append_bool "$cfg" logqueries "--log-queries=extra" - append_bool "$cfg" noresolv "--no-resolv" - append_bool "$cfg" localise_queries "--localise-queries" - append_bool "$cfg" readethers "--read-ethers" - append_bool "$cfg" dbus "--enable-dbus" - append_bool "$cfg" boguspriv "--bogus-priv" - append_bool "$cfg" expandhosts "--expand-hosts" - append_bool "$cfg" enable_tftp "--enable-tftp" - append_bool "$cfg" tftp_no_fail "--tftp-no-fail" - append_bool "$cfg" nonwildcard "--bind-dynamic" - append_bool "$cfg" fqdn "--dhcp-fqdn" - append_bool "$cfg" proxydnssec "--proxy-dnssec" - append_bool "$cfg" localservice "--local-service" - append_bool "$cfg" quietdhcp "--quiet-dhcp" - append_bool "$cfg" sequential_ip "--dhcp-sequential-ip" - append_bool "$cfg" allservers "--all-servers" - append_bool "$cfg" noping "--no-ping" - - append_parm "$cfg" dhcpscript "--dhcp-script" - append_parm "$cfg" cachesize "--cache-size" - append_parm "$cfg" dnsforwardmax "--dns-forward-max" - append_parm "$cfg" port "--port" - append_parm "$cfg" ednspacket_max "--edns-packet-max" - append_parm "$cfg" dhcpleasemax "--dhcp-lease-max" - append_parm "$cfg" "queryport" "--query-port" - append_parm "$cfg" "minport" "--min-port" - append_parm "$cfg" "domain" "--domain" - append_parm "$cfg" "local" "--server" - config_list_foreach "$cfg" "server" append_server - config_list_foreach "$cfg" "address" append_address - config_list_foreach "$cfg" "ipset" append_ipset - config_list_foreach "$cfg" "interface" append_interface - config_list_foreach "$cfg" "notinterface" append_notinterface - config_list_foreach "$cfg" "addnhosts" append_addnhosts - config_list_foreach "$cfg" "bogusnxdomain" append_bogusnxdomain - append_parm "$cfg" "leasefile" "--dhcp-leasefile" - append_parm "$cfg" "resolvfile" "--resolv-file" - append_parm "$cfg" "serversfile" "--servers-file" - append_parm "$cfg" "tftp_root" "--tftp-root" - append_parm "$cfg" "dhcp_boot" "--dhcp-boot" - append_parm "$cfg" "local_ttl" "--local-ttl" - append_parm "$cfg" "pxe_prompt" "--pxe-prompt" - config_list_foreach "$cfg" "pxe_service" append_pxe_service - config_get DOMAIN "$cfg" domain - - config_get_bool ADD_LOCAL_DOMAIN "$cfg" add_local_domain 1 - config_get_bool ADD_LOCAL_HOSTNAME "$cfg" add_local_hostname 1 - - config_get_bool readethers "$cfg" readethers - [ "$readethers" = "1" -a \! -e "/etc/ethers" ] && touch /etc/ethers - - config_get leasefile $cfg leasefile - [ -n "$leasefile" -a \! -e "$leasefile" ] && touch "$leasefile" - config_get_bool cachelocal "$cfg" cachelocal 1 - - config_get hostsfile "$cfg" dhcphostsfile - [ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile" - - local rebind - config_get_bool rebind "$cfg" rebind_protection 1 - [ $rebind -gt 0 ] && { - log_once \ - "DNS rebinding protection is active," \ - "will discard upstream RFC1918 responses!" - xappend "--stop-dns-rebind" - - local rebind_localhost - config_get_bool rebind_localhost "$cfg" rebind_localhost 0 - [ $rebind_localhost -gt 0 ] && { - log_once "Allowing 127.0.0.0/8 responses" - xappend "--rebind-localhost-ok" - } - - append_rebind_domain() { - log_once "Allowing RFC1918 responses for domain $1" - xappend "--rebind-domain-ok=$1" - } - - config_list_foreach "$cfg" rebind_domain append_rebind_domain - } - - config_get_bool dnssec "$cfg" dnssec 0 - [ "$dnssec" -gt 0 ] && { - xappend "--conf-file=$TRUSTANCHORSFILE" - xappend "--dnssec" - xappend "--dnssec-timestamp=$TIMESTAMPFILE" - append_bool "$cfg" dnsseccheckunsigned "--dnssec-check-unsigned" - } - - dhcp_option_add "$cfg" "" 0 - - xappend "--dhcp-broadcast=tag:needs-broadcast" - - mkdir -p /tmp/hosts /tmp/dnsmasq.d - xappend "--addn-hosts=/tmp/hosts" - xappend "--conf-dir=/tmp/dnsmasq.d" - - echo >> $CONFIGFILE -} - dhcp_subscrid_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi config_get networkid "$cfg" networkid [ -n "$networkid" ] || return 0 @@ -239,6 +136,12 @@ dhcp_subscrid_add() { dhcp_remoteid_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi config_get networkid "$cfg" networkid [ -n "$networkid" ] || return 0 @@ -255,6 +158,12 @@ dhcp_remoteid_add() { dhcp_circuitid_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi config_get networkid "$cfg" networkid [ -n "$networkid" ] || return 0 @@ -271,6 +180,12 @@ dhcp_circuitid_add() { dhcp_userclass_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi config_get networkid "$cfg" networkid [ -n "$networkid" ] || return 0 @@ -287,6 +202,12 @@ dhcp_userclass_add() { dhcp_vendorclass_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi config_get networkid "$cfg" networkid [ -n "$networkid" ] || return 0 @@ -303,6 +224,12 @@ dhcp_vendorclass_add() { dhcp_host_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi config_get_bool force "$cfg" force 0 @@ -340,6 +267,12 @@ dhcp_host_add() { dhcp_tag_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi tag="$cfg" @@ -356,6 +289,12 @@ dhcp_tag_add() { dhcp_mac_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi config_get networkid "$cfg" networkid [ -n "$networkid" ] || return 0 @@ -370,6 +309,12 @@ dhcp_mac_add() { dhcp_boot_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi config_get networkid "$cfg" networkid @@ -391,6 +336,13 @@ dhcp_boot_add() { dhcp_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi + config_get net "$cfg" interface [ -n "$net" ] || return 0 @@ -448,17 +400,23 @@ dhcp_option_add() { for o in $dhcp_option; do xappend "--dhcp-option${force:+-force}=${networkid:+$networkid,}$o" done - } dhcp_domain_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi + local ip name names record - config_get names "$cfg" name "$2" + config_get names "$cfg" name "$3" [ -n "$names" ] || return 0 - config_get ip "$cfg" ip "$3" + config_get ip "$cfg" ip "$4" [ -n "$ip" ] || return 0 for name in $names; do @@ -470,6 +428,12 @@ dhcp_domain_add() { dhcp_srv_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi config_get srv "$cfg" srv [ -n "$srv" ] || return 0 @@ -490,6 +454,13 @@ dhcp_srv_add() { dhcp_mx_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi + local domain relay pref config_get domain "$cfg" domain @@ -507,6 +478,13 @@ dhcp_mx_add() { dhcp_cname_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi + local cname target config_get cname "$cfg" cname @@ -520,14 +498,21 @@ dhcp_cname_add() { dhcp_hostrecord_add() { local cfg="$1" + local basecfg="$2" + + config_get instance "$cfg" instance + if [ -n "$instance" ] && [ "$instance" != "$basecfg" ]; then + return + fi + local names addresses record val - config_get names "$cfg" name "$2" + config_get names "$cfg" name "$3" if [ -z "$names" ]; then return 0 fi - config_get addresses "$cfg" ip "$3" + config_get addresses "$cfg" ip "$4" if [ -z "$addresses" ]; then return 0 fi @@ -539,65 +524,49 @@ dhcp_hostrecord_add() { xappend "--host-record=$record" } -service_triggers() -{ - procd_add_reload_trigger "dhcp" -} - -boot() { - # Will be launched through hotplug - return 0 -} - -start_service() { - include /lib/functions - - config_load dhcp +dnsmasq_instance() { + local cfg="$1" procd_open_instance - procd_set_param command $PROG -C $CONFIGFILE -k -x /var/run/dnsmasq/dnsmasq.pid + procd_set_param command $PROG -C $CONFIGFILE -k -x /var/run/dnsmasq/dnsmasq."$cfg".pid procd_set_param file $CONFIGFILE procd_set_param respawn + local dnsmasqconffile="/etc/dnsmasq.${cfg}.conf" + if [ ! -r "$dnsmasqconffile" ]; then + dnsmasqconffile=/etc/dnsmasq.conf + fi + procd_add_jail dnsmasq ubus log - procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom /etc/dnsmasq.conf /tmp/dnsmasq.d /tmp/resolv.conf.auto /etc/hosts /etc/ethers - procd_add_jail_mount_rw /var/run/dnsmasq/ /tmp/dhcp.leases $TIMESTAMPFILE + procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom "$dnsmasqconffile" /tmp/dnsmasq."${cfg}".d "$resolvfile" /etc/hosts /etc/ethers + procd_add_jail_mount_rw /var/run/dnsmasq/ $leasefile $TIMESTAMPFILE procd_close_instance - # before we can call xappend - mkdir -p /var/run/dnsmasq/ - mkdir -p $(dirname $CONFIGFILE) - mkdir -p /var/lib/misc - touch /tmp/dhcp.leases + touch "$leasefile" if [ ! -f "$TIMESTAMPFILE" ]; then touch "$TIMESTAMPFILE" chown nobody.nogroup "$TIMESTAMPFILE" fi - echo "# auto-generated config file from /etc/config/dhcp" > $CONFIGFILE - echo "# auto-generated config file from /etc/config/dhcp" > $HOSTFILE - # if we did this last, we could override auto-generated config - [ -f /etc/dnsmasq.conf ] && { - xappend "--conf-file=/etc/dnsmasq.conf" - } + [ -f "$dnsmasqconffile" ] && \ + xappend "--conf-file=$dnsmasqconffile" args="" - config_foreach dnsmasq dnsmasq - config_foreach dhcp_host_add host + config_foreach dhcp_host_add host "$cfg" echo >> $CONFIGFILE - config_foreach dhcp_boot_add boot - config_foreach dhcp_mac_add mac - config_foreach dhcp_tag_add tag - config_foreach dhcp_vendorclass_add vendorclass - config_foreach dhcp_userclass_add userclass - config_foreach dhcp_circuitid_add circuitid - config_foreach dhcp_remoteid_add remoteid - config_foreach dhcp_subscrid_add subscrid - config_foreach dhcp_domain_add domain - config_foreach dhcp_hostrecord_add hostrecord + config_foreach dhcp_boot_add boot "$cfg" + config_foreach dhcp_mac_add mac "$cfg" + config_foreach dhcp_tag_add tag "$cfg" + config_foreach dhcp_vendorclass_add vendorclass "$cfg" + config_foreach dhcp_userclass_add userclass "$cfg" + config_foreach dhcp_circuitid_add circuitid "$cfg" + config_foreach dhcp_remoteid_add remoteid "$cfg" + config_foreach dhcp_subscrid_add subscrid "$cfg" + config_foreach dhcp_domain_add domain "$cfg" + config_foreach dhcp_hostrecord_add hostrecord "$cfg" # add own hostname [ $ADD_LOCAL_HOSTNAME -eq 1 ] && { @@ -606,14 +575,14 @@ start_service() { local hostname="$(uci_get system @system[0] hostname OpenWrt)" network_get_ipaddr lanaddr "lan" && { - dhcp_domain_add "" "$hostname" "$lanaddr" + dhcp_domain_add "" "$cfg" "$hostname" "$lanaddr" } network_get_ipaddrs6 lanaddr6 "lan" && { for lanaddr6 in $lanaddr6; do case "$lanaddr6" in "${ulaprefix%%:/*}"*) - dhcp_domain_add "" "$hostname" "${ulaprefix%%/*}1" + dhcp_domain_add "" "$cfg" "$hostname" "${ulaprefix%%/*}1" ;; esac done @@ -621,17 +590,17 @@ start_service() { } echo >> $CONFIGFILE - config_foreach dhcp_srv_add srvhost - config_foreach dhcp_mx_add mxhost + config_foreach dhcp_srv_add srvhost "$cfg" + config_foreach dhcp_mx_add mxhost "$cfg" echo >> $CONFIGFILE config_get odhcpd_is_active odhcpd maindhcp if [ "$odhcpd_is_active" != "1" ]; then - config_foreach dhcp_add dhcp + config_foreach dhcp_add dhcp "$cfg" fi echo >> $CONFIGFILE - config_foreach dhcp_cname_add cname + config_foreach dhcp_cname_add cname "$cfg" echo >> $CONFIGFILE rm -f /tmp/resolv.conf @@ -644,6 +613,151 @@ start_service() { done } +dnsmasq() { + local cfg="$1" + CONFIGFILE="${BASECONFIGFILE}.${cfg}" + HOSTFILE="${BASEHOSTFILE}.${cfg}" + TIMESTAMPFILE="${BASETIMESTAMPFILE}.${cfg}" + + # before we can call xappend + mkdir -p /var/run/dnsmasq/ + mkdir -p $(dirname $CONFIGFILE) + mkdir -p $(dirname $HOSTFILE) + mkdir -p /var/lib/misc + + echo "# auto-generated config file from /etc/config/dhcp" > $CONFIGFILE + echo "# auto-generated config file from /etc/config/dhcp" > $HOSTFILE + + append_bool "$cfg" authoritative "--dhcp-authoritative" + append_bool "$cfg" nodaemon "--no-daemon" + append_bool "$cfg" domainneeded "--domain-needed" + append_bool "$cfg" filterwin2k "--filterwin2k" + append_bool "$cfg" nohosts "--no-hosts" + append_bool "$cfg" nonegcache "--no-negcache" + append_bool "$cfg" strictorder "--strict-order" + append_bool "$cfg" logqueries "--log-queries=extra" + append_bool "$cfg" noresolv "--no-resolv" + append_bool "$cfg" localise_queries "--localise-queries" + append_bool "$cfg" readethers "--read-ethers" + append_bool "$cfg" dbus "--enable-dbus" + append_bool "$cfg" boguspriv "--bogus-priv" + append_bool "$cfg" expandhosts "--expand-hosts" + append_bool "$cfg" enable_tftp "--enable-tftp" + append_bool "$cfg" tftp_no_fail "--tftp-no-fail" + append_bool "$cfg" nonwildcard "--bind-dynamic" + append_bool "$cfg" fqdn "--dhcp-fqdn" + append_bool "$cfg" proxydnssec "--proxy-dnssec" + append_bool "$cfg" localservice "--local-service" + append_bool "$cfg" quietdhcp "--quiet-dhcp" + append_bool "$cfg" sequential_ip "--dhcp-sequential-ip" + append_bool "$cfg" allservers "--all-servers" + append_bool "$cfg" noping "--no-ping" + + append_parm "$cfg" dhcpscript "--dhcp-script" + append_parm "$cfg" cachesize "--cache-size" + append_parm "$cfg" dnsforwardmax "--dns-forward-max" + append_parm "$cfg" port "--port" + append_parm "$cfg" ednspacket_max "--edns-packet-max" + append_parm "$cfg" dhcpleasemax "--dhcp-lease-max" + append_parm "$cfg" "queryport" "--query-port" + append_parm "$cfg" "minport" "--min-port" + append_parm "$cfg" "domain" "--domain" + append_parm "$cfg" "local" "--server" + config_list_foreach "$cfg" "server" append_server + config_list_foreach "$cfg" "address" append_address + config_list_foreach "$cfg" "ipset" append_ipset + config_list_foreach "$cfg" "interface" append_interface + config_list_foreach "$cfg" "notinterface" append_notinterface + config_list_foreach "$cfg" "addnhosts" append_addnhosts + config_list_foreach "$cfg" "bogusnxdomain" append_bogusnxdomain + append_parm "$cfg" "leasefile" "--dhcp-leasefile" + append_parm "$cfg" "resolvfile" "--resolv-file" + append_parm "$cfg" "serversfile" "--servers-file" + append_parm "$cfg" "tftp_root" "--tftp-root" + append_parm "$cfg" "dhcp_boot" "--dhcp-boot" + append_parm "$cfg" "local_ttl" "--local-ttl" + append_parm "$cfg" "pxe_prompt" "--pxe-prompt" + config_list_foreach "$cfg" "pxe_service" append_pxe_service + config_get DOMAIN "$cfg" domain + + config_get_bool ADD_LOCAL_DOMAIN "$cfg" add_local_domain 1 + config_get_bool ADD_LOCAL_HOSTNAME "$cfg" add_local_hostname 1 + + config_get_bool readethers "$cfg" readethers + [ "$readethers" = "1" -a \! -e "/etc/ethers" ] && touch /etc/ethers + + config_get leasefile $cfg leasefile + [ -n "$leasefile" -a \! -e "$leasefile" ] && touch "$leasefile" + config_get_bool cachelocal "$cfg" cachelocal 1 + + config_get hostsfile "$cfg" dhcphostsfile + [ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile" + + local rebind + config_get_bool rebind "$cfg" rebind_protection 1 + [ $rebind -gt 0 ] && { + log_once \ + "DNS rebinding protection is active," \ + "will discard upstream RFC1918 responses!" + xappend "--stop-dns-rebind" + + local rebind_localhost + config_get_bool rebind_localhost "$cfg" rebind_localhost 0 + [ $rebind_localhost -gt 0 ] && { + log_once "Allowing 127.0.0.0/8 responses" + xappend "--rebind-localhost-ok" + } + + append_rebind_domain() { + log_once "Allowing RFC1918 responses for domain $1" + xappend "--rebind-domain-ok=$1" + } + + config_list_foreach "$cfg" rebind_domain append_rebind_domain + } + + config_get_bool dnssec "$cfg" dnssec 0 + [ "$dnssec" -gt 0 ] && { + xappend "--conf-file=$TRUSTANCHORSFILE" + xappend "--dnssec" + xappend "--dnssec-timestamp=$TIMESTAMPFILE" + append_bool "$cfg" dnsseccheckunsigned "--dnssec-check-unsigned" + } + + dhcp_option_add "$cfg" "" 0 + + xappend "--dhcp-broadcast=tag:needs-broadcast" + + mkdir -p /tmp/hosts."${cfg}" /tmp/dnsmasq."${cfg}".d + ln -sf /tmp/hosts.dnsmasq /tmp/hosts + ln -sf /tmp/dnsmasq.dnsmasq.d /tmp/dnsmasq.d + xappend "--addn-hosts=/tmp/hosts.${cfg}" + xappend "--conf-dir=/tmp/dnsmasq.${cfg}.d" + + echo >> $CONFIGFILE + + dnsmasq_instance "$cfg" +} + +service_triggers() +{ + procd_add_reload_trigger "dhcp" +} + +boot() { + # Will be launched through hotplug + return 0 +} + +start_service() { + include /lib/functions + local persistent_leases + + config_load dhcp + config_foreach dnsmasq dnsmasq + +} + reload_service() { rc_procd start_service "$@" return 0