]> git.ipfire.org Git - ipfire-2.x.git/blame - html/cgi-bin/dns.cgi
projects / ipfire-2.x.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
dns.cgi: Do not perform kdig tests when adding a server
[ipfire-2.x.git] / html / cgi-bin / dns.cgi
CommitLineData
e0639d80
JPT		 1#!/usr/bin/perl
2###############################################################################
3# #
4# IPFire.org - A linux based firewall #
24d7c5ef 5# Copyright (C) 2020 IPFire Development Team #
e0639d80
JPT		 6# #
7# This program is free software: you can redistribute it and/or modify #
8# it under the terms of the GNU General Public License as published by #
9# the Free Software Foundation, either version 3 of the License, or #
10# (at your option) any later version. #
11# #
12# This program is distributed in the hope that it will be useful, #
13# but WITHOUT ANY WARRANTY; without even the implied warranty of #
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15# GNU General Public License for more details. #
16# #
17# You should have received a copy of the GNU General Public License #
18# along with this program. If not, see <http://www.gnu.org/licenses/>. #
19# #
20###############################################################################
21
22use strict;
24d7c5ef 23use IO::Socket;
e0639d80
JPT		 24
25# enable only the following on debugging purpose
26#use warnings;
27#use CGI::Carp 'fatalsToBrowser';
28
29require '/var/ipfire/general-functions.pl';
24d7c5ef 30require "${General::swroot}/geoip-functions.pl";
e0639d80
JPT		 31require "${General::swroot}/lang.pl";
32require "${General::swroot}/header.pl";
33
24d7c5ef
SS		 34#workaround to suppress a warning when a variable is used only once
35my @dummy = ( ${Header::colouryellow} );
36undef (@dummy);
37
38my %cgiparams=();
39my %checked=();
40my %selected=();
e0639d80
JPT		 41my $errormessage = '';
42
24d7c5ef
SS		 43# Config file which stores the DNS settings.
44my $settings_file = "${General::swroot}/dns/settings";
45
46# File which stores the configured DNS-Servers.
47my $servers_file = "${General::swroot}/dns/servers";
48
49# Create files if the does not exist.
50unless (-f $settings_file) { system("touch $settings_file") };
51unless (-f $servers_file) { system("touch $servers_file") };
52
53# File which stores the ISP assigned DNS servers.
1434fa0d 54my @ISP_nameserver_files = ( "/var/run/dns1", "/var/run/dns2" );
24d7c5ef
SS		 55
56# File which contains the ca-certificates.
57my $ca_certs_file = "/etc/ssl/certs/ca-bundle.crt";
58
59my %color = ();
60my %mainsettings = ();
61&General::readhash("${General::swroot}/main/settings", \%mainsettings);
62&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
63
e0639d80 64&Header::showhttpheaders();
24d7c5ef 65&Header::getcgihash(\%cgiparams);
e0639d80 66
24d7c5ef
SS		 67##
68# Save general settings.
69#
70if ($cgiparams{'GENERAL'} eq $Lang::tr{'save'}) {
71 # Prevent form name from been stored in conf file.
72 delete $cgiparams{'GENERAL'};
e0639d80 73
24d7c5ef
SS		 74 # Add value for non-checked checkbox.
75 if ($cgiparams{'USE_ISP_NAMESERVERS'} ne "on") {
76 $cgiparams{'USE_ISP_NAMESERVERS'} = "off";
77 }
e0639d80 78
24d7c5ef
SS		 79 # Add value for non-checked checkbox.
80 if ($cgiparams{'ENABLE_SAFE_SEARCH'} ne "on") {
81 $cgiparams{'ENABLE_SAFE_SEARCH'} = "off";
82 }
e0639d80 83
24d7c5ef
SS		 84 # Store settings into settings file.
85 &General::writehash("$settings_file", \%cgiparams);
86}
87
88###
89# Add / Edit entries.
90#
91if (($cgiparams{'SERVERS'} eq $Lang::tr{'save'}) || ($cgiparams{'SERVERS'} eq $Lang::tr{'update'})) {
92 # Hash to store the generic DNS settings.
93 my %settings = ();
94
95 # Read-in generic settings.
96 &General::readhash("$settings_file", \%settings);
e0639d80 97
038f962e
SS		 98 # Check if an IP-address has been given.
99 if ($cgiparams{"NAMESERVER"} eq "") {
100 $errormessage = "$Lang::tr{'dns no address given'}";
101 }
102
24d7c5ef 103 # Check if the given DNS server is valid.
038f962e 104 elsif(!&General::validip($cgiparams{"NAMESERVER"})) {
24d7c5ef
SS		 105 $errormessage = "$Lang::tr{'invalid ip'}: $cgiparams{'NAMESERVER'}";
106 }
107
108 # Check if a TLS is enabled and no TLS_HOSTNAME has benn specified.
109 elsif($settings{'PROTO'} eq "TLS") {
110 unless($cgiparams{"TLS_HOSTNAME"}) {
111 $errormessage = "$Lang::tr{'dns no tls hostname given'}";
112 } else {
113 # Check if the provided domain is valid.
114 unless(&General::validfqdn($cgiparams{"TLS_HOSTNAME"})) {
115 $errormessage = "$Lang::tr{'invalid ip or hostname'}: $cgiparams{'TLS_HOSTNAME'}";
116 }
e0639d80 117 }
24d7c5ef
SS		 118 }
119
24d7c5ef
SS		 120 # Go further if there was no error.
121 if ( ! $errormessage) {
122 # Check if a remark has been entered.
123 $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
124
125 my %dns_servers = ();
126 my $id;
127 my $status;
128
129 # Read-in configfile.
130 &General::readhasharray($servers_file, \%dns_servers);
131
132 # Check if we should edit an existing entry and got an ID.
133 if (($cgiparams{'SERVERS'} eq $Lang::tr{'update'}) && ($cgiparams{'ID'})) {
134 # Assin the provided id.
135 $id = $cgiparams{'ID'};
136
137 # Undef the given ID.
138 undef($cgiparams{'ID'});
139
140 # Grab the configured status of the corresponding entry.
141 $status = $dns_servers{$id}[2];
142 } else {
143 # Each newly added entry automatically should be enabled.
144 $status = "enabled";
145
146 # Generate the ID for the new entry.
147 #
148 # Sort the keys by their ID and store them in an array.
149 my @keys = sort { $a <=> $b } keys %dns_servers;
150
151 # Reverse the key array.
152 my @reversed = reverse(@keys);
153
154 # Obtain the last used id.
155 my $last_id = @reversed[0];
156
157 # Increase the last id by one and use it as id for the new entry.
158 $id = ++$last_id;
159
160 # The first allowed id is 3 to keep space for
161 # possible ISP assigned DNS servers.
162 if ($id le "2") {
163 $id = "3";
164 }
e0639d80 165 }
24d7c5ef
SS		 166
167 # Add/Modify the entry to/in the dns_servers hash.
168 $dns_servers{$id} = ["$cgiparams{'NAMESERVER'}", "$cgiparams{'TLS_HOSTNAME'}", "$status", "$cgiparams{'REMARK'}"];
169
170 # Write the changed hash to the config file.
171 &General::writehasharray($servers_file, \%dns_servers);
172 } else {
173 # Switch back to previous mode.
174 $cgiparams{'SERVERS'} = $cgiparams{'MODE'};
175 }
176###
177# Toggle enable / disable.
178#
179} elsif ($cgiparams{'SERVERS'} eq $Lang::tr{'toggle enable disable'}) {
180 my %dns_servers = ();
181
182 # Only go further, if an ID has been passed.
183 if ($cgiparams{'ID'}) {
184 # Assign the given ID.
185 my $id = $cgiparams{'ID'};
186
187 # Undef the given ID.
188 undef($cgiparams{'ID'});
189
190 # Read-in configfile.
191 &General::readhasharray($servers_file, \%dns_servers);
192
193 # Grab the configured status of the corresponding entry.
194 my $status = $dns_servers{$id}[2];
195
196 # Switch the status.
197 if ($status eq "disabled") {
198 $status = "enabled";
199 } else {
200 $status = "disabled";
e0639d80 201 }
24d7c5ef
SS		 202
203 # Modify the status of the existing entry.
204 $dns_servers{$id} = ["$dns_servers{$id}[0]", "$dns_servers{$id}[1]", "$status", "$dns_servers{$id}[3]"];
205
206 # Write the changed hash back to the config file.
207 &General::writehasharray($servers_file, \%dns_servers);
e0639d80 208 }
24d7c5ef
SS		 209
210## Remove entry from DNS servers list.
211#
212} elsif ($cgiparams{'SERVERS'} eq $Lang::tr{'remove'}) {
213 my %dns_servers = ();
214
215 # Read-in configfile.
216 &General::readhasharray($servers_file, \%dns_servers);
217
218 # Drop entry from the hash.
219 delete($dns_servers{$cgiparams{'ID'}});
220
221 # Undef the given ID.
222 undef($cgiparams{'ID'});
223
224 # Write the changed hash to the config file.
225 &General::writehasharray($servers_file, \%dns_servers);
e0639d80
JPT		 226}
227
24d7c5ef
SS		 228# Hash to store the generic DNS settings.
229my %settings = ();
230
231# Read-in general DNS settings.
232&General::readhash("$settings_file", \%settings);
233
234# Hash which contains the configured DNS servers.
235my %dns_servers = ();
236
237# Read-in config file.
238&General::readhasharray("$servers_file", \%dns_servers);
239
240&Header::openpage($Lang::tr{'dns'}, 1, '');
241
242&Header::openbigbox('100%', 'left', '', $errormessage);
243
244###
245# Error messages layout.
246#
247if ($errormessage) {
248 &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
249 print "<class name='base'>$errormessage\n";
250 print "&nbsp;</class>\n";
251 &Header::closebox();
e0639d80
JPT		 252}
253
24d7c5ef
SS		 254# Handle if a nameserver should be added or edited.
255if (($cgiparams{'SERVERS'} eq "$Lang::tr{'add'}") || ($cgiparams{'SERVERS'} eq "$Lang::tr{'edit'}")) {
256 # Display the sub page.
257 &show_add_edit_nameserver();
258
259 # Close webpage.
260 &Header::closebigbox();
261 &Header::closepage();
262
263 # Finished here for the moment.
264 exit(0);
2e1432c4
JPT		 265}
266
24d7c5ef
SS		 267$cgiparams{'GENERAL'} = '';
268$cgiparams{'SERVERS'} = '';
269$cgiparams{'NAMESERVER'} = '';
270$cgiparams{'TLS_HOSTNAME'} = '';
271$cgiparams{'REMARK'} ='';
272
273$checked{'USE_ISP_NAMESERVERS'}{'off'} = '';
274$checked{'USE_ISP_NAMESERVERS'}{'on'} = '';
275$checked{'USE_ISP_NAMESERVERS'}{$settings{'USE_ISP_NAMESERVERS'}} = "checked='checked'";
276
277$checked{'ENABLE_SAFE_SEARCH'}{'off'} = '';
278$checked{'ENABLE_SAFE_SEARCH'}{'on'} = '';
279$checked{'ENABLE_SAFE_SEARCH'}{$settings{'ENABLE_SAFE_SEARCH'}} = "checked='checked'";
280
281$selected{'PROTO'}{'UDP'} = '';
282$selected{'PROTO'}{'TLS'} = '';
283$selected{'PROTO'}{'TCP'} = '';
284$selected{'PROTO'}{$settings{'PROTO'}} = "selected='selected'";
285
286$selected{'QNAME_MIN'}{'standard'} = '';
287$selected{'QNAME_MIN'}{'strict'} = '';
288$selected{'QNAME_MIN'}{$settings{'QNAME_MIN'}} = "selected='selected'";
289
290# Display nameserver and configuration sections.
291&show_nameservers();
292&show_general_dns_configuration();
293
294&Header::closebigbox();
295&Header::closepage();
296
297###
298# General DNS-Servers sektion.
299#
300sub show_general_dns_configuration () {
301 &Header::openbox('100%', 'center', "$Lang::tr{'dns configuration'}");
302
303 print <<END;
304 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
305 <table width="100%">
306 <tr>
307 <td width="33%">
308 $Lang::tr{'dns use isp assigned nameservers'}
309 </td>
310
311 <td>
312 <input type="checkbox" name="USE_ISP_NAMESERVERS" $checked{'USE_ISP_NAMESERVERS'}{'on'}>
313 </td>
314 </tr>
315
316 <tr>
317 <td colspan="2">
318 <br>
319 </td>
320 </tr>
321
322 <tr>
323 <td width="33%">
324 $Lang::tr{'dns use protocol for dns queries'}
325 </td>
326
327 <td>
328 <select name="PROTO">
329 <option value="UDP" $selected{'PROTO'}{'UDP'}>UDP</option>
330 <option value="TLS" $selected{'PROTO'}{'TLS'}>TLS</option>
331 <option value="TCP" $selected{'PROTO'}{'TCP'}>TCP</option>
332 </select>
333 </td>
334 </tr>
335
336 <tr>
337 <td colspan="2">
338 <br>
339 </td>
340 </tr>
341
342 <tr>
343 <td width="33%">
344 $Lang::tr{'dns enable safe-search'}
345 </td>
346
347 <td>
348 <input type="checkbox" name="ENABLE_SAFE_SEARCH" $checked{'ENABLE_SAFE_SEARCH'}{'on'}>
349 </td>
350 </tr>
351
352 <tr>
353 <td colspan="2">
354 <br>
355 </td>
356 </tr>
357
358 <tr>
359 <td width="33%">
360 $Lang::tr{'dns mode for qname minimisation'}
361 </td>
362
363 <td>
364 <select name="QNAME_MIN">
365 <option value="standard" $selected{'QNAME_MIN'}{'standard'}>$Lang::tr{'standard'}</option>
366 <option value="strict" $selected{'QNAME_MIN'}{'strict'}>$Lang::tr{'strict'}</option>
367 </select>
368 </td>
369 </tr>
370
371 <tr>
372 <td colspan="2" align="right">
373 <input type="submit" name="GENERAL" value="$Lang::tr{'save'}">
374 </td>
375 </tr>
376 </table>
377 </form>
378END
379
e0639d80
JPT		 380 &Header::closebox();
381}
382
24d7c5ef
SS		 383###
384# Section to display the configured and used DNS servers.
385#
386sub show_nameservers () {
387 &Header::openbox('100%', 'center', "DNS-Servers");
e0639d80 388
24d7c5ef
SS		 389print <<END;
390 <table class="tbl" width='100%'>
391 <tr>
392 <td align="center">
393 <strong>$Lang::tr{'nameserver'}</strong>
394 </td>
395
396 <td align="center">
397 <strong>$Lang::tr{'country'}</strong>
398 </td>
399
400 <td align="center">
401 <strong>$Lang::tr{'rdns'}</strong>
402 </td>
403
404 <td align="center">
405 <strong>$Lang::tr{'remark'}</strong>
406 </td>
407
408 <td align="center">
409 <strong>$Lang::tr{'status'}</strong>
410 </td>
e0639d80 411
24d7c5ef
SS		 412 <td align="center" colspan="3">
413 <strong>$Lang::tr{'action'}</strong>
414 </td>
415 </tr>
830f6177 416END
24d7c5ef
SS		 417
418 # Check the usage of ISP assigned nameservers is enabled.
77c7a94c
MT		 419 my $id = 1;
420
421 # Loop through the array which stores the files.
422 foreach my $file (@ISP_nameserver_files) {
423 # Grab the address of the nameserver.
424 my $address = &grab_address_from_file($file);
425
426 # Check if we got an address.
427 if ($address) {
428 # Add the address to the hash of nameservers.
429 $dns_servers{$id} = [ "$address", "none",
430 ($settings{'USE_ISP_NAMESERVERS'} eq "on") ? "enabled" : "disabled",
431 "$Lang::tr{'dns isp assigned nameserver'}" ];
432
433 # Increase id by one.
434 $id++;
24d7c5ef
SS		 435 }
436 }
437
438 # Check some DNS servers have been configured. In this case
439 # the hash contains at least one key.
440 my $server_amount;
441 if (keys %dns_servers) {
442 # Sort the keys by their ID and store them in an array.
443 my @keys = sort { $a <=> $b } keys %dns_servers;
444
445 # Loop through all entries of the array/hash.
446 foreach my $id (@keys) {
447 # Inrease server_amount.
448 $server_amount++;
449
450 # Assign data array positions to some nice variable names.
451 my $nameserver = $dns_servers{$id}[0];
452 my $tls_hostname = $dns_servers{$id}[1];
453 my $enabled = $dns_servers{$id}[2];
454 my $remark = $dns_servers{$id}[3];
455
456 my $col = '';
457 my $toggle = '';
458 my $gif = '';
459 my $gdesc = '';
460 my $notice = "";
461
462 # Colorize columns.
463 if ($server_amount % 2) {
464 $col="bgcolor='$color{'color22'}'"; }
465 else {
466 $col="bgcolor='$color{'color20'}'";
467 }
468
469 if ($enabled eq 'enabled') {
470 $gif='on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};
471 } else {
472 $gif='off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'};
473 }
474
475 my $status;
476 my $status_short;
477 my $status_message;
478 my $status_colour;
479
480 # Only grab the status if the nameserver is enabled.
481 if ($enabled eq "enabled") {
482 $status = &check_nameserver("$nameserver", "ping.ipfire.org", "$settings{'PROTO'}", "$tls_hostname");
483 }
484
485 if (!$status) {
486 $status_short = "$Lang::tr{'disabled'}";
487
488 # DNSSEC Not supported
489 } elsif ($status eq 0) {
490 $status_short = "$Lang::tr{'broken'}";
491 $status_message = $Lang::tr{'dnssec not supported'};
492 $status_colour = ${Header::colourred};
493
494 # DNSSEC Aware
495 } elsif ($status eq 1) {
496 $status_short = "$Lang::tr{'not validating'}";
497 $status_message = $Lang::tr{'dnssec aware'};
498 $status_colour = ${Header::colourblack};
499
500 # DNSSEC Validating
501 } elsif ($status eq 2) {
502 $status_short = "$Lang::tr{'ok'}";
503 $status_message = $Lang::tr{'dnssec validating'};
504 $status_colour = ${Header::colourgreen};
505
506 # Error
507 } else {
508 $status_short = "$Lang::tr{'error'}";
509 $status_message = $status;
510 $status_colour = ${Header::colourred};
511 }
512
513 # collect more information about name server (rDNS, GeoIP country code)
514 my $ccode = &GeoIP::lookup($nameserver);
515 my $flag_icon = &GeoIP::get_flag_icon($ccode);
516
25dda4a0
SS		 517 my $rdns;
518
519 # Only do the reverse lookup if the system is online.
f36855fe 520 if (&red_is_active()) {
25dda4a0
SS		 521 my $iaddr = inet_aton($nameserver);
522 $rdns = gethostbyaddr($iaddr, AF_INET);
523 }
24d7c5ef
SS		 524
525 if (!$rdns) { $rdns = $Lang::tr{'lookup failed'}; }
526
77c7a94c
MT		 527 # Mark ISP name servers as disabled
528 if ($id <= 2 && $enabled eq "disabled") {
529 $nameserver = "<del>$nameserver</del>";
530 }
531
24d7c5ef
SS		 532print <<END;
533 <tr>
534 <td align="center" $col>
535 $nameserver
536 </td>
537
538 <td align="center" $col>
539 <a href='country.cgi#$ccode'><img src="$flag_icon" border="0" alt="$ccode" title="$ccode" /></a>
540 </td>
541
542 <td align="center" $col>
543 $rdns
544 </td>
545
546 <td align="center" $col>
547 $remark
548 </td>
549
550 <td align="center" $col>
551 <strong><font color="$status_colour"><abbr title="$status_message">$status_short</abbr></font></strong>
552 </td>
830f6177 553END
24d7c5ef
SS		 554;
555 # Check if the id is greater than "2".
556 #
557 # Nameservers with an ID's of one or two are ISP assigned,
558 # and we cannot perform any actions on them, so hide the tools for
559 # them.
560 if ($id gt "2") {
561
562print <<END;
563 <td align='center' width='5%' $col>
564 <form method='post' name='frma$id' action='$ENV{'SCRIPT_NAME'}'>
565 <input type='image' name='$Lang::tr{'toggle enable disable'}' src='/images/$gif' title='$gdesc' alt='$gdesc' />
566 <input type='hidden' name='ID' value='$id' />
567 <input type='hidden' name='ENABLE' value='$toggle' />
568 <input type='hidden' name='SERVERS' value='$Lang::tr{'toggle enable disable'}' />
569 </form>
570 </td>
571
572 <td align='center' width='5%' $col>
573 <form method='post' name='frmb$id' action='$ENV{'SCRIPT_NAME'}'>
574 <input type='image' name='$Lang::tr{'edit'}' src='/images/edit.gif' title='$Lang::tr{'edit'}' alt='$Lang::tr{'edit'}' />
575 <input type='hidden' name='ID' value='$id' />
576 <input type='hidden' name='SERVERS' value='$Lang::tr{'edit'}' />
577 </form>
578 </td>
579
580 <td align='center' width='5%' $col>
581 <form method='post' name='frmc$id' action='$ENV{'SCRIPT_NAME'}'>
582 <input type='image' name='$Lang::tr{'remove'}' src='/images/delete.gif' title='$Lang::tr{'remove'}' alt='$Lang::tr{'remove'}' />
583 <input type='hidden' name='ID' value='$id' />
584 <input type='hidden' name='SERVERS' value='$Lang::tr{'remove'}' />
585 </form>
586 </td>
830f6177 587END
24d7c5ef
SS		 588;
589 } else {
590 print "<td colspan='3' $col>&nbsp;</td>\n";
591 }
592
593
594 print"</tr>\n";
595
596 }
597
598 print"</table>\n";
599
600 print"<table width='100%'>\n";
601
602 # Check if the usage of the ISP nameservers is enabled and there are more than 2 servers.
603 if (($settings{'USE_ISP_NAMESERVERS'} eq "on") && ($server_amount gt "2")) {
604print <<END;
605 <tr>
606 <td class='boldbase'>&nbsp; <b>$Lang::tr{'legend'}:</b></td>
607 <td>&nbsp; <img src='/images/on.gif' alt='$Lang::tr{'click to disable'}' /></td>
608 <td class='base'>$Lang::tr{'click to disable'}</td>
609 <td>&nbsp; &nbsp; <img src='/images/off.gif' alt='$Lang::tr{'click to enable'}' /></td>
610 <td class='base'>$Lang::tr{'click to enable'}</td>
611 <td>&nbsp; &nbsp; <img src='/images/edit.gif' alt='$Lang::tr{'edit'}' /></td>
612 <td class='base'>$Lang::tr{'edit'}</td>
613 <td>&nbsp; &nbsp; <img src='/images/delete.gif' alt='$Lang::tr{'remove'}' /></td>
614 <td class='base'>$Lang::tr{'remove'}</td>
615 </tr>
830f6177 616END
24d7c5ef
SS		 617;
618 }
619print <<END;
620 <tr>
621 <form method="post" action="$ENV{'SCRIPT_NAME'}">
622 <td colspan="9" align="right"><input type="submit" name="SERVERS" value="$Lang::tr{'add'}"></td>
623 </form>
624 </tr>
625 </table>
830f6177 626END
24d7c5ef
SS		 627;
628
629 } else {
630print <<END;
631 <table width="100%">
632 <tr>
633 <td colspan="6" align="center">
634 <br>$Lang::tr{'guardian no entries'}<br>
635 </td>
636 </tr>
637
638 <tr>
639 <form method="post" action="$ENV{'SCRIPT_NAME'}">
640 <td colspan="6" align="right"><input type="submit" name="SERVERS" value="$Lang::tr{'add'}"></td>
641 </form>
642 </tr>
643 </table>
644
830f6177 645END
24d7c5ef
SS		 646;
647 }
648
649 &Header::closebox();
830f6177 650}
24d7c5ef
SS		 651
652###
653# Section to display the add or edit subpage.
654#
655sub show_add_edit_nameserver() {
656 print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
657
658 my $buttontext = $Lang::tr{'save'};
659 my $dnssec_checked;
660 my $dot_checked;
661 if ($cgiparams{'SERVERS'} eq $Lang::tr{'edit'}) {
662 &Header::openbox('100%', 'left', $Lang::tr{'dnsforward edit an entry'});
663
664 # Update button text for upate the existing entry.
665 $buttontext = $Lang::tr{'update'};
666
667 # Add hidden input for sending ID.
668 print"<input type='hidden' name='ID' value='$cgiparams{'ID'}'>\n";
669
670 # Check if an ID has been given.
671 if ($cgiparams{'ID'}) {
672 # Assign cgiparams values.
673 $cgiparams{'NAMESERVER'} = $dns_servers{$cgiparams{'ID'}}[0];
674 $cgiparams{'TLS_HOSTNAME'} = $dns_servers{$cgiparams{'ID'}}[1];
675 $cgiparams{'REMARK'} = $dns_servers{$cgiparams{'ID'}}[3];
676 }
677 } else {
678 &Header::openbox('100%', 'left', $Lang::tr{'dnsforward add a new entry'});
679 }
680
f10fb4bf
SS		 681 my $tls_required_image;
682
683 # If the protocol is TLS, dispaly the required image.
684 if ($settings{'PROTO'} eq "TLS") {
685 $tls_required_image = "<img src='/blob.gif' alt='*'>";
686 }
687
24d7c5ef
SS		 688 # Add hidden input to store the mode.
689 print "<input type='hidden' name='MODE' value='$cgiparams{'SERVERS'}'>\n";
690
691print <<END
692 <table width='100%'>
693 <tr>
694 <td width='20%' class='base'>$Lang::tr{'ip address'}:&nbsp;<img src='/blob.gif' alt='*' /></td>
695 <td><input type='text' name='NAMESERVER' value='$cgiparams{"NAMESERVER"}' size='24' /></td>
696 </tr>
f10fb4bf
SS		 697
698
24d7c5ef 699 <tr>
f10fb4bf 700 <td width='20%' class='base'>$Lang::tr{'dns tls hostname'}:&nbsp;$tls_required_image</td>
24d7c5ef
SS		 701 <td><input type='text' name='TLS_HOSTNAME' value='$cgiparams{'TLS_HOSTNAME'}' size='24'></td>
702 </tr>
24d7c5ef 703
e0639d80 704
24d7c5ef
SS		 705 <tr>
706 <td width ='20%' class='base'>$Lang::tr{'remark'}:</td>
707 <td><input type='text' name='REMARK' value='$cgiparams{'REMARK'}' size='40' maxlength='50' /></td>
708 </tr>
709 </table>
710
711 <br>
712 <hr>
713
714 <table width='100%'>
715 <tr>
716 <td class='base' width='55%'><img src='/blob.gif' alt ='*' align='top' />&nbsp;$Lang::tr{'required field'}</td>
717 <td width='40%' align='right'>
718 <input type="submit" name="SERVERS" value="$buttontext">
719 <input type="submit" name="SERVERS" value="$Lang::tr{'back'}">
720 </td>
721 </tr>
722 </table>
e0639d80
JPT		 723END
724;
725
24d7c5ef
SS		 726 &Header::closebox();
727 print "</form>\n";
e0639d80 728
24d7c5ef
SS		 729 &Header::closebox();
730}
e0639d80 731
f36855fe
SS		 732# Check if the system is online (RED is connected).
733sub red_is_active () {
734 # Check if the "active" file is present.
735 if ( -f "${General::swroot}/red/active") {
736 # Return "1" - True.
737 return 1;
738 } else {
739 # Return nothing - False.
740 return;
741 }
742}
743
24d7c5ef
SS		 744# Tiny function to grab an IP-address of a given file.
745sub grab_address_from_file($) {
746 my ($file) = @_;
e0639d80 747
24d7c5ef
SS		 748 my $address;
749
750 # Check if the given file exists.
751 if(-f $file) {
752 # Open the file for reading.
753 open(FILE, $file) or die "Could not read from $file. $!\n";
754
755 # Read the address from the file.
756 $address = <FILE>;
e0639d80 757
24d7c5ef
SS		 758 # Close filehandle.
759 close(FILE);
760
761 # Remove newlines.
762 chomp($address);
763
764 # Check if the obtained address is valid.
765 if (&General::validip($address)) {
766 # Return the address.
767 return $address;
768 }
769 }
770
771 # Return nothing.
772 return;
773}
774
775# Function to check a given nameserver against propper work.
776sub check_nameserver($$$$) {
777 my ($nameserver, $record, $proto, $tls_hostname) = @_;
778
70187da6
SS		 779 # Check if the system is online.
780 unless (&red_is_active()) {
781 return "$Lang::tr{'system is offline'}";
782 }
783
24d7c5ef 784 # Default values.
dab1258a 785 my @command = ("kdig", "+timeout=2", "+retry=0", "+dnssec",
3bf804e8 786 "+bufsize=1232");
24d7c5ef
SS		 787
788 # Handle different protols.
789 if ($proto eq "TCP") {
790 # Add TCP switch to the command.
791 push(@command, "+tcp");
792
793 } elsif($proto eq "TLS") {
794 # Add TLS switch to the command and provide the
795 # path to our file which contains the ca certs.
796 push(@command, "+tls-ca=$ca_certs_file");
797
798 # Check if a TLS hostname has been provided.
799 if ($tls_hostname) {
800 # Add TLS hostname to the command.
801 push(@command, "+tls-hostname=$tls_hostname");
802 } else {
803 return "$Lang::tr{'dns no tls hostname given'}";
804 }
805 }
806
807 # Add record to the command array.
808 push(@command, "$record");
809
810 # Add nameserver to the command array.
811 push(@command, "\@$nameserver");
812
813 # Connect to STDOUT and STDERR.
814 push(@command, "2>&1");
815
816 my @output = qx(@command);
817 my $output = join("", @output);
818
819 my $status = 0;
24d7c5ef
SS		 820
821 if ($output =~ m/status: (\w+)/) {
822 $status = ($1 eq "NOERROR");
823
824 if (!$status) {
825 return -1;
826 }
984f14bd
MT		 827 } else {
828 my $warning;
829
830 while ($output =~ m/WARNING: (.*)/g) {
831 # Add the current grabbed warning to the warning string.
832 $warning .= "$1\; ";
833 }
834
835 # Return the warning string, if we grabbed at least one.
836 if ($warning) {
837 return $warning;
838 }
24d7c5ef
SS		 839 }
840
841 my @flags = ();
842 if ($output =~ m/Flags: (.*);/) {
843 @flags = split(/ /, $1);
844 }
845
846 my $aware = ($output =~ m/RRSIG/);
71471d9b 847 my $validating = (grep(/ad;/, @flags));
24d7c5ef
SS		 848
849 return $aware + $validating;
850}
IPFire 2.x development tree