]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - src/initscripts/init.d/unbound
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
unbound: Omit reverse PTRs if address equals GREEN
[ipfire-2.x.git] / src / initscripts / init.d / unbound
diff --git a/src/initscripts/init.d/unbound b/src/initscripts/init.d/unbound
index d324457d163e7294c362eff7f052ea11a783b3a7..4e424775edf1f221b354f790c5139de9f2a071e1 100644 (file)
--- a/src/initscripts/init.d/unbound
+++ b/src/initscripts/init.d/unbound
@@ -112,7 +112,7 @@ update_forwarders() {
 
 own_hostname() {
        local hostname=$(hostname -f)
-       # 1.1.1.1 is reserved for green only, skip this
+       # 1.1.1.1 is reserved for unused green, skip this
        if [ -n "${GREEN_ADDRESS}" -a "${GREEN_ADDRESS}" != "1.1.1.1" ]; then
                unbound-control -q local_data "${hostname} ${LOCAL_TTL} IN A ${GREEN_ADDRESS}"
        fi
@@ -138,6 +138,9 @@ update_hosts() {
 
                unbound-control -q local_data "${fqdn} ${LOCAL_TTL} IN A ${address}"
 
+               # Skip reverse resolution if the address equals the GREEN address
+               [ "${address}" = "${GREEN_ADDRESS}" ] && continue
+
                # Add RDNS
                address=$(ip_address_revptr ${address})
                unbound-control -q local_data "${address} ${LOCAL_TTL} IN PTR ${fqdn}"
@@ -148,15 +151,14 @@ write_interfaces_conf() {
        (
                config_header
 
-               if [ -n "${GREEN_ADDRESS}" ]; then
-                       echo "# GREEN"
-                       echo "interface: ${GREEN_ADDRESS}"
+               # 1.1.1.1 is reserved for unused green
+               if [ -n "${GREEN_ADDRESS}" -a "${GREEN_ADDRESS}" != "1.1.1.1" ]; then
+                       echo "# allow access from GREEN"
                        echo "access-control: $(cidr ${GREEN_NETADDRESS} ${GREEN_NETMASK}) allow"
                fi
 
                if [ -n "${BLUE_ADDRESS}" ]; then
-                       echo "# BLUE"
-                       echo "interface: ${BLUE_ADDRESS}"
+                       echo "# allow access from  BLUE"
                        echo "access-control: $(cidr ${BLUE_NETADDRESS} ${BLUE_NETMASK}) allow"
                fi
        ) > /etc/unbound/interfaces.conf
IPFire 2.x development tree