From 6137797cb39b32e49d97eee572478a92099ded23 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 13 Jan 2020 21:10:18 +0100 Subject: [PATCH] unbound: Write hosts to unbound configuration file This will allow us to read more hosts in a shorter time. Fixes: #11743 Signed-off-by: Michael Tremer --- config/unbound/unbound.conf | 3 ++ src/initscripts/system/unbound | 72 ++++++++++++++++------------------ 2 files changed, 36 insertions(+), 39 deletions(-) diff --git a/config/unbound/unbound.conf b/config/unbound/unbound.conf index ce51f63a00..10d5660e81 100644 --- a/config/unbound/unbound.conf +++ b/config/unbound/unbound.conf @@ -85,6 +85,9 @@ server: # Include DHCP leases include: "/etc/unbound/dhcp-leases.conf" + # Include hosts + include: "/etc/unbound/hosts.conf" + # Include any forward zones include: "/etc/unbound/forward.conf" diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound index 37da15dbd9..5fb1d68d79 100644 --- a/src/initscripts/system/unbound +++ b/src/initscripts/system/unbound @@ -58,47 +58,45 @@ config_header() { echo } -own_hostname() { - local hostname=$(hostname -f) - # 1.1.1.1 is reserved for unused green, skip this - if [ -n "${GREEN_ADDRESS}" -a "${GREEN_ADDRESS}" != "1.1.1.1" ]; then - unbound-control -q local_data "${hostname} ${LOCAL_TTL} IN A ${GREEN_ADDRESS}" - fi - - local address - for address in ${GREEN_ADDRESS} ${BLUE_ADDRESS} ${ORANGE_ADDRESS}; do - [ -n "${address}" ] || continue - [ "${address}" = "1.1.1.1" ] && continue - - address=$(ip_address_revptr ${address}) - unbound-control -q local_data "${address} ${LOCAL_TTL} IN PTR ${hostname}" - done -} +write_hosts_conf() { + ( + config_header -update_hosts() { - # Make own hostname resolveable - own_hostname + # Make own hostname resolveable + # 1.1.1.1 is reserved for unused green, skip this + if [ -n "${GREEN_ADDRESS}" -a "${GREEN_ADDRESS}" != "1.1.1.1" ]; then + echo "local-data: \"${HOSTNAME} ${LOCAL_TTL} IN A ${GREEN_ADDRESS}\"" + fi - local enabled address hostname domainname generateptr + local address + for address in ${GREEN_ADDRESS} ${BLUE_ADDRESS} ${ORANGE_ADDRESS}; do + [ -n "${address}" ] || continue + [ "${address}" = "1.1.1.1" ] && continue - while IFS="," read -r enabled address hostname domainname generateptr; do - [ "${enabled}" = "on" ] || continue + address=$(ip_address_revptr ${address}) + echo "local-data: \"${address} ${LOCAL_TTL} IN PTR ${HOSTNAME}\"" + done - # Build FQDN - local fqdn="${hostname}.${domainname}" + # Add all hosts + local enabled address hostname domainname generateptr + while IFS="," read -r enabled address hostname domainname generateptr; do + [ "${enabled}" = "on" ] || continue - unbound-control -q local_data "${fqdn} ${LOCAL_TTL} IN A ${address}" + # Build FQDN + local fqdn="${hostname}.${domainname}" + echo "local-data: \"${fqdn} ${LOCAL_TTL} IN A ${address}\"" - # Skip reverse resolution if the address equals the GREEN address - [ "${address}" = "${GREEN_ADDRESS}" ] && continue + # Skip reverse resolution if the address equals the GREEN address + [ "${address}" = "${GREEN_ADDRESS}" ] && continue - # Skip reverse resolution if user requested not to do so - [ "${generateptr}" = "off" ] && continue + # Skip reverse resolution if user requested not to do so + [ "${generateptr}" = "off" ] && continue - # Add RDNS - address=$(ip_address_revptr ${address}) - unbound-control -q local_data "${address} ${LOCAL_TTL} IN PTR ${fqdn}" - done < /var/ipfire/main/hosts + # Add RDNS + address=$(ip_address_revptr ${address}) + echo "local-data: \"${address} ${LOCAL_TTL} IN PTR ${fqdn}\"" + done < /var/ipfire/main/hosts + ) > /etc/unbound/hosts.conf } write_forward_conf() { @@ -573,6 +571,7 @@ case "$1" in # Update configuration files write_tuning_conf + write_hosts_conf write_forward_conf boot_mesg "Starting Unbound DNS Proxy..." @@ -582,9 +581,6 @@ case "$1" in if [ -e "/var/ipfire/red/active" ]; then update_safe_search fi - - # Update hosts - update_hosts ;; stop) @@ -600,15 +596,13 @@ case "$1" in reload) # Update configuration files write_forward_conf + write_hosts_conf # Update Safe Search rules if the system is online. if [ -e "/var/ipfire/red/active" ]; then update_safe_search fi - # Update hosts. - update_hosts - # Call unbound-control and perform the reload /usr/sbin/unbound-control -q reload ;; -- 2.39.2