]>
Commit | Line | Data |
---|---|---|
d1e90efc MT |
1 | #!/bin/sh |
2 | ######################################################################## | |
3 | # Begin $rc_base/init.d/dnsmasq | |
4 | # | |
5 | # Description : dnsmasq init script | |
6 | # | |
7 | # Authors : Michael Tremer - mitch@ipfire.org | |
8 | # | |
9 | # Version : 01.00 | |
10 | # | |
11 | # Notes : | |
12 | # | |
13 | ######################################################################## | |
14 | ||
15 | . /etc/sysconfig/rc | |
16 | . ${rc_functions} | |
17 | ||
45e65f1d MT |
18 | CACHE_SIZE=2500 |
19 | ENABLE_DNSSEC=1 | |
f480386f | 20 | SHOW_SRV=1 |
45e65f1d | 21 | TRUST_ANCHOR=".,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5" |
0d573e22 AF |
22 | TIMESTAMP_FILE="/var/ipfire/dns/dnssec-timestamp" |
23 | ||
24 | # Pull custom configuration file | |
25 | if [ -e "/etc/sysconfig/dnsmasq" ]; then | |
26 | . /etc/sysconfig/dnsmasq | |
27 | fi | |
45e65f1d MT |
28 | |
29 | function dnssec_args() { | |
0d573e22 | 30 | local cmdline="--dnssec --dnssec-timestamp ${TIMESTAMP_FILE}" |
45e65f1d MT |
31 | |
32 | if [ -n "${TRUST_ANCHOR}" ]; then | |
33 | cmdline="${cmdline} --trust-anchor=${TRUST_ANCHOR}" | |
34 | fi | |
35 | ||
36 | echo "${cmdline}" | |
37 | } | |
f480386f | 38 | |
e4ba53ed SS |
39 | function dns_forward_args() { |
40 | local file="${1}" | |
41 | ||
42 | # Do nothing if file is empty. | |
43 | [ -s "${file}" ] || return | |
44 | ||
45 | local cmdline | |
46 | ||
47 | local enabled zone server remark | |
48 | while IFS="," read -r enabled zone server remark; do | |
49 | # Line must be enabled. | |
50 | [ "${enabled}" = "on" ] || continue | |
51 | ||
52 | cmdline="${cmdline} --server=/${zone}/${server}" | |
53 | done < ${file} | |
54 | ||
55 | echo "${cmdline}" | |
56 | } | |
57 | ||
28fee676 MT |
58 | function dns_leases_args() { |
59 | eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings) | |
60 | ||
61 | # If the DHCP server is enabled and DNS Update (RFC2136) is | |
62 | # enabled, too, we won't overlay the internal domain with | |
63 | # the dynamic/static leases. | |
64 | ||
65 | if ([ "${ENABLE_GREEN}" = "on" ] || [ "${ENABLE_BLUE}" = "on" ]) \ | |
66 | && [ "${DNS_UPDATE_ENABLED}" = "on" ]; then | |
67 | return | |
68 | fi | |
69 | ||
70 | echo "-l /var/state/dhcp/dhcpd.leases" | |
71 | } | |
72 | ||
d1e90efc MT |
73 | case "${1}" in |
74 | start) | |
fcfd54ba AF |
75 | # kill already running copy of dnsmasq... |
76 | killproc /usr/sbin/dnsmasq 2>&1 > /dev/null | |
77 | ||
d1e90efc MT |
78 | boot_mesg "Starting Domain Name Service Proxy..." |
79 | ||
80 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) | |
2340d265 | 81 | ARGS="$CUSTOM_ARGS" |
2b1ff411 | 82 | [ "$DOMAIN_NAME_GREEN" != "" ] && ARGS="$ARGS -s $DOMAIN_NAME_GREEN" |
28fee676 MT |
83 | |
84 | # DHCP configuration | |
85 | ARGS="${ARGS} $(dns_leases_args)" | |
86 | ||
f480386f MT |
87 | echo > /var/ipfire/red/resolv.conf # Clear it |
88 | if [ -e "/var/ipfire/red/dns1" ]; then | |
89 | DNS1=$(cat /var/ipfire/red/dns1 2>/dev/null) | |
2789f357 AF |
90 | if [ ! -z ${DNS1} ]; then |
91 | echo "nameserver ${DNS1}" >> /var/ipfire/red/resolv.conf | |
92 | fi | |
f480386f MT |
93 | fi |
94 | if [ -e "/var/ipfire/red/dns2" ]; then | |
95 | DNS2=$(cat /var/ipfire/red/dns2 2>/dev/null) | |
2789f357 AF |
96 | if [ ! -z ${DNS2} ]; then |
97 | echo "nameserver ${DNS2}" >> /var/ipfire/red/resolv.conf | |
98 | fi | |
f480386f MT |
99 | fi |
100 | [ -e "/var/ipfire/red/active" ] && ARGS="$ARGS -r /var/ipfire/red/resolv.conf" | |
e4ba53ed | 101 | |
63aceb22 | 102 | ARGS="$ARGS --domain=`cat /var/ipfire/main/settings |grep DOMAIN |cut -d = -f 2`" |
e4ba53ed SS |
103 | |
104 | # Add custom forward dns zones. | |
105 | ARGS="${ARGS} $(dns_forward_args /var/ipfire/dnsforward/config)" | |
106 | ||
45e65f1d MT |
107 | # Enabled DNSSEC validation |
108 | if [ "${ENABLE_DNSSEC}" -eq 1 ]; then | |
109 | ARGS="${ARGS} $(dnssec_args)" | |
110 | fi | |
111 | ||
112 | if [ -n "${CACHE_SIZE}" ]; then | |
113 | ARGS="${ARGS} --cache-size=${CACHE_SIZE}" | |
114 | fi | |
115 | ||
28fee676 | 116 | loadproc /usr/sbin/dnsmasq ${ARGS} |
f480386f MT |
117 | |
118 | if [ "${SHOW_SRV}" -eq 1 ] && [ "${DNS1}" != "" -o "${DNS2}" != "" ]; then | |
119 | boot_mesg "Using DNS server(s): ${DNS1} ${DNS2}" | |
120 | boot_mesg_flush | |
121 | fi | |
d1e90efc MT |
122 | ;; |
123 | ||
124 | stop) | |
125 | boot_mesg "Stopping Domain Name Service Proxy..." | |
126 | killproc /usr/sbin/dnsmasq | |
127 | ;; | |
128 | ||
129 | restart) | |
130 | ${0} stop | |
131 | sleep 1 | |
132 | ${0} start | |
133 | ;; | |
134 | ||
135 | status) | |
136 | statusproc /usr/sbin/dnsmasq | |
137 | ;; | |
138 | ||
139 | *) | |
140 | echo "Usage: ${0} {start|stop|restart|status}" | |
141 | exit 1 | |
142 | ;; | |
143 | esac | |
144 | ||
145 | # End $rc_base/init.d/dnsmasq |