DHCP: Add support for DNS Update (RFC2136)

diff --git a/doc/language_issues.es b/doc/language_issues.es
index c93d40cb4ff5c49c62fa71d3924b186fab0a3d8f..481289a055b359d208021a818fd6540b77a7e1ae 100644 (file)
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -662,6 +662,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: dnat address
 WARNING: untranslated string: dns servers
 WARNING: untranslated string: dnsforward

diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index c1dedc59c3cdb1d4ba97ea6d5c130af0b7b23f7d..ae94c2f597d268ffa410e52eb3887ba18dfcee96 100644 (file)
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -672,6 +672,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: dnat address
 WARNING: untranslated string: dns address deleted txt
 WARNING: untranslated string: dns servers

diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 859cc1fd166ce8cb26e8dbbb2f591d351ca320b1..efee6ad458cb4260a343a6983ad8247db3a889f3 100644 (file)
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -676,6 +676,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: dns servers
 WARNING: untranslated string: dnssec aware
 WARNING: untranslated string: dnssec information

diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index c93d40cb4ff5c49c62fa71d3924b186fab0a3d8f..481289a055b359d208021a818fd6540b77a7e1ae 100644 (file)
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -662,6 +662,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: dnat address
 WARNING: untranslated string: dns servers
 WARNING: untranslated string: dnsforward

diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 17e3199b11d391e498f399b20e0750233563de3d..630bf1ae77dff1d41ed954d1e705505f625077aa 100644 (file)
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -666,6 +666,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: disk access per
 WARNING: untranslated string: dnat address
 WARNING: untranslated string: dns servers

diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 0ebd3988f913e3e078d93d7fed0de1557162aa8d..4d048fe69baad99a072ff8b561434189acf6982b 100644 (file)
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -663,6 +663,11 @@ WARNING: translation string unused: year-graph
 WARNING: translation string unused: yearly firewallhits
 WARNING: untranslated string: Scan for Songs
 WARNING: untranslated string: bytes
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: fwhost err hostip
 WARNING: untranslated string: incoming compression in bytes per second
 WARNING: untranslated string: incoming overhead in bytes per second

diff --git a/doc/language_missings b/doc/language_missings
index 05798b91145465f748a1d3aea7123c4814ec687b..cb6afdb810144fb71dc0620f78346c976fe1a0bc 100644 (file)
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -83,6 +83,11 @@
 < deprecated fs warn
 < details
 < dh
+< dhcp dns enable update
+< dhcp dns key name
+< dhcp dns update
+< dhcp dns update algo
+< dhcp dns update secret
 < dh key move failed
 < dh key warn
 < dh key warn1
@@ -641,6 +646,11 @@
 < deprecated fs warn
 < details
 < dh
+< dhcp dns enable update
+< dhcp dns key name
+< dhcp dns update
+< dhcp dns update algo
+< dhcp dns update secret
 < dh key move failed
 < dh key warn
 < dh key warn1
@@ -1190,6 +1200,11 @@
 < deprecated fs warn
 < details
 < dh
+< dhcp dns enable update
+< dhcp dns key name
+< dhcp dns update
+< dhcp dns update algo
+< dhcp dns update secret
 < dh key move failed
 < dh key warn
 < dh key warn1
@@ -1717,6 +1732,11 @@
 < deprecated fs warn
 < details
 < dh
+< dhcp dns enable update
+< dhcp dns key name
+< dhcp dns update
+< dhcp dns update algo
+< dhcp dns update secret
 < dh key move failed
 < dh key warn
 < dh key warn1

diff --git a/html/cgi-bin/dhcp.cgi b/html/cgi-bin/dhcp.cgi
index 9a7d983eefd0233693a9e647a4c692ef2ef05442..9326aabda00b27dbed718540d85e532eaa260566 100644 (file)
--- a/html/cgi-bin/dhcp.cgi
+++ b/html/cgi-bin/dhcp.cgi
@@ -70,11 +70,17 @@ foreach my $itf (@ITFs) {
     $dhcpsettings{"NTP2_${itf}"} = '';
     $dhcpsettings{"NEXT_${itf}"} = '';
     $dhcpsettings{"FILE_${itf}"} = '';
+    $dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"} = '';
+    $dhcpsettings{"DNS_UPDATE_KEY_SECRET_${itf}"} = '';
+    $dhcpsettings{"DNS_UPDATE_KEY_ALGO_${itf}"} = '';
 }
 
 $dhcpsettings{'SORT_FLEASELIST'} = 'FIPADDR';
 $dhcpsettings{'SORT_LEASELIST'} = 'IPADDR';
 
+# DNS Update settings
+$dhcpsettings{'DNS_UPDATE_ENABLED'} = 'off';
+
 #Settings2 for editing the multi-line list
 #Must not be saved with writehash !
 $dhcpsettings{'FIX_MAC'} = '';
@@ -593,6 +599,78 @@ print <<END
     <td width='40%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
 </tr>
 </table>
+END
+;
+&Header::closebox();
+
+# DHCP DNS update support (RFC2136)
+&Header::openbox('100%', 'left', $Lang::tr{'dhcp dns update'});
+
+my %checked = ();
+$checked{'DNS_UPDATE_ENABLED'}{'on'} = ( $dhcpsettings{'DNS_UPDATE_ENABLED'} ne 'on') ? '' : "checked='checked'";
+
+print <<END
+<table  width='100%'>
+       <tr>
+               <td width='25%' class='boldbase'>$Lang::tr{'dhcp dns enable update'}</td>
+               <td class='base'><input type='checkbox' name='DNS_UPDATE_ENABLED' $checked{'DNS_UPDATE_ENABLED'}{'on'}>
+               </td>
+       <tr>
+</table>
+
+<table width='100%'>
+END
+;
+       my @domains = ();
+
+       # Print options for each interface.
+       foreach my $itf (@ITFs) {
+               # Check if DHCP for this interface is enabled.
+               if ($dhcpsettings{"ENABLE_${itf}"} eq 'on') {
+                       # Check for same domain name.
+                       next if ($dhcpsettings{"DOMAIN_NAME_${itf}"} ~~ @domains);
+                       my $lc_itf = lc($itf);
+
+                       # Select previously configured update algorithm.
+                       my %selected = ();
+                       $selected{'DNS_UPDATE_ALGO_${inf}'}{$dhcpsettings{'DNS_UPDATE_ALGO_${inf}'}} = 'selected';
+
+print <<END
+       <tr>
+               <td colspan='6'>&nbsp;</td>
+       </tr>
+       <tr>
+               <td colspan='6' class='boldbase'><b>$dhcpsettings{"DOMAIN_NAME_${itf}"}</b></td>
+       </tr>
+       <tr>
+               <td width='10%' class='boldbase'>$Lang::tr{'dhcp dns key name'}:</td>
+               <td width='20%'><input type='text' name='DNS_UPDATE_KEY_NAME_${itf}' value='$dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"}'></td>
+               <td width='10%' class='boldbase' align='right'>$Lang::tr{'dhcp dns update secret'}:&nbsp;&nbsp;</td>
+               <td width='20%'><input type='password' name='DNS_UPDATE_KEY_SECRET_${itf}' value='$dhcpsettings{"DNS_UPDATE_KEY_SECRET_${itf}"}'></td>
+               <td width='10%' class='boldbase' align='right'>$Lang::tr{'dhcp dns update algo'}:&nbsp;&nbsp;</td>
+               <td width='20%'>
+                       <select name='DNS_UPDATE_KEY_ALGO_${itf}'>
+                               <option value='hmac-sha1' $selected{'DNS_UPDATE_KEY_ALGO_${itf}'}{'hmac-sha1'}>HMAC-SHA1</option>
+                               <option value='hmac-md5' $selected{'DNS_UPDATE_KEY_ALGO_${itf}'}{'hmac-md5'}>HMAC-MD5</option>
+                       </select>
+               </td>
+       </tr>
+END
+;
+       }
+
+       # Store configured domain based on the interface
+       # in the temporary variable.
+       push(@domains, $dhcpsettings{"DOMAIN_NAME_${itf}"});
+}
+print <<END
+</table>
+<hr>
+<table width='100%'>
+       <tr>
+               <td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
+       </tr>
+</table>
 </form>
 END
 ;
@@ -1102,9 +1180,19 @@ sub buildconf {
     flock(FILE, 2);
 
     # Global settings
-    print FILE "ddns-update-style none;\n";
     print FILE "deny bootp;    #default\n";
     print FILE "authoritative;\n";
+
+    # DNS Update settings
+    if ($dhcpsettings{'DNS_UPDATE_ENABLED'} eq 'on') {
+        print FILE "ddns-updates           on;\n";
+        print FILE "ddns-update-style      interim;\n";
+        print FILE "ddns-ttl               60; # 1 min\n";
+        print FILE "ignore                 client-updates;\n";
+        print FILE "update-static-leases   on;\n";
+    } else {
+        print FILE "ddns-update-style none;\n";
+    }
     
     # Write first new option definition
     foreach my $line (@current1) {
@@ -1133,12 +1221,13 @@ sub buildconf {
            }
        }# on    
     }# foreach line
+    print FILE "\n";
 
     #Subnet range definition
     foreach my $itf (@ITFs) {
        my $lc_itf=lc($itf);
        if ($dhcpsettings{"ENABLE_${itf}"} eq 'on' ){
-           print FILE "\nsubnet " . $netsettings{"${itf}_NETADDRESS"} . " netmask ". $netsettings{"${itf}_NETMASK"} . " #$itf\n";
+           print FILE "subnet " . $netsettings{"${itf}_NETADDRESS"} . " netmask ". $netsettings{"${itf}_NETMASK"} . " #$itf\n";
            print FILE "{\n";
            print FILE "\trange " . $dhcpsettings{"START_ADDR_${itf}"} . ' ' . $dhcpsettings{"END_ADDR_${itf}"}.";\n" if ($dhcpsettings{"START_ADDR_${itf}"});
            print FILE "\toption subnet-mask "   . $netsettings{"${itf}_NETMASK"} . ";\n";
@@ -1175,7 +1264,18 @@ sub buildconf {
                    }
                }# on    
            }# foreach line
-           print FILE "} #$itf\n";
+           print FILE "} #$itf\n\n";
+
+           if (($dhcpsettings{"DNS_UPDATE_ENABLED"} eq "on") && ($dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"} ne "")) {
+               print FILE "key " . $dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"} . " {\n";
+               print FILE "\talgorithm " . $dhcpsettings{"DNS_UPDATE_KEY_ALGO_${itf}"} . ";\n";
+               print FILE "\tsecret \"" . $dhcpsettings{"DNS_UPDATE_KEY_SECRET_${itf}"} . "\";\n";
+               print FILE "};\n\n";
+
+               print FILE "zone " . $dhcpsettings{"DOMAIN_NAME_${itf}"} . ". {\n";
+               print FILE "\tkey " . $dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"} . ";\n";
+               print FILE "}\n\n";
+           }
 
            system ('/usr/bin/touch', "${General::swroot}/dhcp/enable_${lc_itf}");
            &General::log("DHCP on ${itf}: " . $Lang::tr{'dhcp server enabled'})

diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index eb29b5fbf257a054dc46a0be89f9145b1f77e446..ea92d806cb2784c0fbb1d9a9b9cb7942be8e2697 100644 (file)
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -697,6 +697,11 @@
 'dhcp bootp pxe data' => 'Geben Sie optionale BOOTP PXE-Daten für diese feste Zuordnung ein',
 'dhcp configuration' => 'DHCP-Konfiguration',
 'dhcp create fixed leases' => 'Feste Zuordnungen erzeugen',
+'dhcp dns enable update' => 'DNS-Update (RFC2136) aktivieren:',
+'dhcp dns key name' => 'Schlüsselname:',
+'dhcp dns update' => 'DNS-Update',
+'dhcp dns update algo' => 'Algorithmus:',
+'dhcp dns update secret' => 'Schlüssel:',
 'dhcp fixed lease err1' => 'Für eine feste Zuordnung müssen entweder die Hardware Adresse (MAC-Adresse) oder der Hostname oder beide eingetragen werden.',
 'dhcp fixed lease help1' => 'IP Adressen können als FQDN angegeben werden.',
 'dhcp mode' => 'DHCP',

diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 8c049fffa987fa0af6dcceefe0498caf418cc7a8..c788866450da57ef4a37bbd2d065daa456e11ef2 100644 (file)
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -720,6 +720,11 @@
 'dhcp bootp pxe data' => 'Enter optional bootp pxe data for this fixed lease',
 'dhcp configuration' => 'DHCP configuration',
 'dhcp create fixed leases' => 'Create fixed leases',
+'dhcp dns enable update' => 'Enable DNS Update (RFC2136):',
+'dhcp dns key name' => 'Key Name:',
+'dhcp dns update' => 'DNS Update',
+'dhcp dns update algo' => 'Algorithm:',
+'dhcp dns update secret' => 'Secret:',
 'dhcp fixed lease err1' => 'For a fix lease you have to enter the MAC address or the hostname, or you enter both.',
 'dhcp fixed lease help1' => 'IP Addresses might be entered as FQDN',
 'dhcp mode' => 'DHCP',

diff --git a/src/initscripts/init.d/dnsmasq b/src/initscripts/init.d/dnsmasq
index 4e37925171a4687d056f4f93ef3ec7b317ed8e3d..b033e2b4c88645623f667537be18e27a5fde3a86 100644 (file)
--- a/src/initscripts/init.d/dnsmasq
+++ b/src/initscripts/init.d/dnsmasq
@@ -54,6 +54,21 @@ function dns_forward_args() {
        echo "${cmdline}"
 }
 
+function dns_leases_args() {
+       eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
+
+       # If the DHCP server is enabled and DNS Update (RFC2136) is
+       # enabled, too, we won't overlay the internal domain with
+       # the dynamic/static leases.
+
+       if ([ "${ENABLE_GREEN}" = "on" ] || [ "${ENABLE_BLUE}" = "on" ]) \
+                       && [ "${DNS_UPDATE_ENABLED}" = "on" ]; then
+               return
+       fi
+
+       echo "-l /var/state/dhcp/dhcpd.leases"
+}
+
 case "${1}" in
        start)
                # kill already running copy of dnsmasq...
@@ -64,7 +79,10 @@ case "${1}" in
                eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
                ARGS="$CUSTOM_ARGS"
                [ "$DOMAIN_NAME_GREEN" != "" ] && ARGS="$ARGS -s $DOMAIN_NAME_GREEN"
-               
+
+               # DHCP configuration
+               ARGS="${ARGS} $(dns_leases_args)"
+
                echo > /var/ipfire/red/resolv.conf # Clear it
                if [ -e "/var/ipfire/red/dns1" ]; then
                    DNS1=$(cat /var/ipfire/red/dns1 2>/dev/null)
@@ -94,7 +112,7 @@ case "${1}" in
                        ARGS="${ARGS} --cache-size=${CACHE_SIZE}"
                fi
 
-               loadproc /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $ARGS
+               loadproc /usr/sbin/dnsmasq ${ARGS}
                
                if [ "${SHOW_SRV}" -eq 1 ] && [ "${DNS1}" != "" -o "${DNS2}" != "" ]; then
                    boot_mesg "Using DNS server(s): ${DNS1} ${DNS2}"