[ipfire-2.x.git] / config / unbound / unbound-dhcp-leases-bridge

#!/usr/bin/python
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2016  Michael Tremer                                          #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

import argparse
import datetime
import daemon
import ipaddress
import logging
import logging.handlers
import re
import signal
import subprocess

import inotify.adapters

LOCAL_TTL = 60

def setup_logging(loglevel=logging.INFO):
	log = logging.getLogger("dhcp")
	log.setLevel(loglevel)

	handler = logging.handlers.SysLogHandler(address="/dev/log", facility="daemon")
	handler.setLevel(loglevel)

	formatter = logging.Formatter("%(name)s[%(process)d]: %(message)s")
	handler.setFormatter(formatter)

	log.addHandler(handler)

	return log

log = logging.getLogger("dhcp")

def ip_address_to_reverse_pointer(address):
	parts = address.split(".")
	parts.reverse()

	return "%s.in-addr.arpa" % ".".join(parts)

def reverse_pointer_to_ip_address(rr):
	parts = rr.split(".")

	# Only take IP address part
	parts = reversed(parts[0:4])

	return ".".join(parts)

class UnboundDHCPLeasesBridge(object):
	def __init__(self, dhcp_leases_file, fix_leases_file, unbound_leases_file):
		self.leases_file = dhcp_leases_file
		self.fix_leases_file = fix_leases_file

		self.unbound = UnboundConfigWriter(unbound_leases_file)
		self.running = False

	def run(self):
		log.info("Unbound DHCP Leases Bridge started on %s" % self.leases_file)
		self.running = True

		# Initially read leases file
		self.update_dhcp_leases()

		i = inotify.adapters.Inotify([self.leases_file, self.fix_leases_file])

		for event in i.event_gen():
			# End if we are requested to terminate
			if not self.running:
				break

			if event is None:
				continue

			header, type_names, watch_path, filename = event

			# Update leases after leases file has been modified
			if "IN_MODIFY" in type_names:
				self.update_dhcp_leases()

			# If the file is deleted, we re-add the watcher
			if "IN_IGNORED" in type_names:
				i.add_watch(watch_path)

		log.info("Unbound DHCP Leases Bridge terminated")

	def update_dhcp_leases(self):
		leases = []

		for lease in DHCPLeases(self.leases_file):
			leases.append(lease)

		for lease in FixLeases(self.fix_leases_file):
			leases.append(lease)

		self.unbound.update_dhcp_leases(leases)

	def terminate(self):
		self.running = False


class DHCPLeases(object):
	regex_leaseblock = re.compile(r"lease (?P<ipaddr>\d+\.\d+\.\d+\.\d+) {(?P<config>[\s\S]+?)\n}")

	def __init__(self, path):
		self.path = path

		self._leases = self._parse()

	def __iter__(self):
		return iter(self._leases)

	def _parse(self):
		log.info("Reading DHCP leases from %s" % self.path)

		leases = []

		with open(self.path) as f:
			# Read entire leases file
			data = f.read()

			for match in self.regex_leaseblock.finditer(data):
				block = match.groupdict()

				ipaddr = block.get("ipaddr")
				config = block.get("config")

				properties = self._parse_block(config)

				# Skip any abandoned leases
				if not "hardware" in properties:
					continue

				lease = Lease(ipaddr, properties)

				# Check if a lease for this Ethernet address already
				# exists in the list of known leases. If so replace
				# if with the most recent lease
				for i, l in enumerate(leases):
					if l.hwaddr == lease.hwaddr:
						leases[i] = max(lease, l)
						break

				else:
					leases.append(lease)

		return leases

	def _parse_block(self, block):
		properties = {}

		for line in block.splitlines():
			if not line:
				continue

			# Remove trailing ; from line
			if line.endswith(";"):
				line = line[:-1]

			# Invalid line if it doesn't end with ;
			else:
				continue

			# Remove any leading whitespace
			line = line.lstrip()

			# We skip all options and sets
			if line.startswith("option") or line.startswith("set"):
				continue

			# Split by first space
			key, val = line.split(" ", 1)
			properties[key] = val

		return properties


class FixLeases(object):
	cache = {}

	def __init__(self, path):
		self.path = path

		self._leases = self.cache[self.path] = self._parse()

	def __iter__(self):
		return iter(self._leases)

	def _parse(self):
		log.info("Reading fix leases from %s" % self.path)

		leases = []
		now = datetime.datetime.utcnow()

		with open(self.path) as f:
			for line in f.readlines():
				line = line.rstrip()

				try:
					hwaddr, ipaddr, enabled, a, b, c, hostname = line.split(",")
				except ValueError:
					log.warning("Could not parse line: %s" % line)
					continue

				# Skip any disabled leases
				if not enabled == "on":
					continue

				l = Lease(ipaddr, {
					"binding"         : "state active",
					"client-hostname" : hostname,
					"hardware"        : "ethernet %s" % hwaddr,
					"starts"          : now.strftime("%w %Y/%m/%d %H:%M:%S"),
					"ends"            : "never",
				})
				leases.append(l)

		# Try finding any deleted leases
		for lease in self.cache.get(self.path, []):
			if lease in leases:
				continue

			# Free the deleted lease
			lease.free()
			leases.append(lease)

		return leases


class Lease(object):
	def __init__(self, ipaddr, properties):
		self.ipaddr = ipaddr
		self._properties = properties

	def __repr__(self):
		return "<%s %s for %s (%s)>" % (self.__class__.__name__,
			self.ipaddr, self.hwaddr, self.hostname)

	def __eq__(self, other):
		return self.ipaddr == other.ipaddr and self.hwaddr == other.hwaddr

	def __gt__(self, other):
		if not self.ipaddr == other.ipaddr:
			return

		if not self.hwaddr == other.hwaddr:
			return

		return self.time_starts > other.time_starts

	@property
	def binding_state(self):
		state = self._properties.get("binding")

		if state:
			state = state.split(" ", 1)
			return state[1]

	def free(self):
		self._properties.update({
			"binding" : "state free",
		})

	@property
	def active(self):
		return self.binding_state == "active"

	@property
	def hwaddr(self):
		hardware = self._properties.get("hardware")

		if not hardware:
			return

		ethernet, address = hardware.split(" ", 1)

		return address

	@property
	def hostname(self):
		hostname = self._properties.get("client-hostname")

		if hostname is None:
			return

		# Remove any ""
		hostname = hostname.replace("\"", "")

		# Only return valid hostnames
		m = re.match(r"^[A-Z0-9\-]{1,63}$", hostname, re.I)
		if m:
			return hostname

	@property
	def domain(self):
		# Load ethernet settings
		ethernet_settings = self.read_settings("/var/ipfire/ethernet/settings")

		# Load DHCP settings
		dhcp_settings = self.read_settings("/var/ipfire/dhcp/settings")

		subnets = {}
		for zone in ("GREEN", "BLUE"):
			if not dhcp_settings.get("ENABLE_%s" % zone) == "on":
				continue

			netaddr = ethernet_settings.get("%s_NETADDRESS" % zone)
			submask = ethernet_settings.get("%s_NETMASK" % zone)

			subnet = ipaddress.ip_network("%s/%s" % (netaddr, submask))
			domain = dhcp_settings.get("DOMAIN_NAME_%s" % zone)

			subnets[subnet] = domain

		address = ipaddress.ip_address(self.ipaddr)

		for subnet, domain in subnets.items():
			if address in subnet:
				return domain

		# Fall back to localdomain if no match could be found
		return "localdomain"

	@staticmethod
	def read_settings(filename):
		settings = {}

		with open(filename) as f:
			for line in f.readlines():
				# Remove line-breaks
				line = line.rstrip()

				k, v = line.split("=", 1)
				settings[k] = v

		return settings

	@property
	def fqdn(self):
		if self.hostname:
			return "%s.%s" % (self.hostname, self.domain)

	@staticmethod
	def _parse_time(s):
		return datetime.datetime.strptime(s, "%w %Y/%m/%d %H:%M:%S")

	@property
	def time_starts(self):
		starts = self._properties.get("starts")

		if starts:
			return self._parse_time(starts)

	@property
	def time_ends(self):
		ends = self._properties.get("ends")

		if not ends or ends == "never":
			return

		return self._parse_time(ends)

	@property
	def expired(self):
		if not self.time_ends:
			return self.time_starts > datetime.datetime.utcnow()

		return self.time_starts > datetime.datetime.utcnow() > self.time_ends

	@property
	def rrset(self):
		# If the lease does not have a valid FQDN, we cannot create any RRs
		if self.fqdn is None:
			return []

		return [
			# Forward record
			(self.fqdn, "%s" % LOCAL_TTL, "IN A", self.ipaddr),

			# Reverse record
			(ip_address_to_reverse_pointer(self.ipaddr), "%s" % LOCAL_TTL,
				"IN PTR", self.fqdn),
		]


class UnboundConfigWriter(object):
	def __init__(self, path):
		self.path = path

	@property
	def existing_leases(self):
		local_data = self._control("list_local_data")
		ret = {}

		for line in local_data.splitlines():
			try:
				hostname, ttl, x, record_type, content = line.split("\t")
			except ValueError:
				continue

			# Ignore everything that is not A or PTR
			if not record_type in ("A", "PTR"):
				continue

			if hostname.endswith("."):
				hostname = hostname[:-1]

			if content.endswith("."):
				content = content[:-1]

			if record_type == "A":
				ret[hostname] = content
			elif record_type == "PTR":
				ret[content] = reverse_pointer_to_ip_address(hostname)

		return ret

	def update_dhcp_leases(self, leases):
		# Cache all expired or inactive leases
		expired_leases = [l for l in leases if l.expired or not l.active]

		# Find any leases that have expired or do not exist any more
		# but are still in the unbound local data
		removed_leases = []
		for fqdn, address in self.existing_leases.items():
			if fqdn in (l.fqdn for l in expired_leases):
				removed_leases += [fqdn, address]

		# Strip all non-active or expired leases
		leases = [l for l in leases if l.active and not l.expired]

		# Find any leases that have been added
		new_leases = [l for l in leases
			if l.fqdn not in self.existing_leases]

		# End here if nothing has changed
		if not new_leases and not removed_leases:
			return

		# Write out all leases
		self.write_dhcp_leases(leases)

		# Update unbound about changes
		for hostname in removed_leases:
			log.debug("Removing all records for %s" % hostname)
			self._control("local_data_remove", hostname)

		for l in new_leases:
			for rr in l.rrset:
				log.debug("Adding new record %s" % " ".join(rr))
				self._control("local_data", *rr)


	def write_dhcp_leases(self, leases):
		with open(self.path, "w") as f:
			for l in leases:
				for rr in l.rrset:
					f.write("local-data: \"%s\"\n" % " ".join(rr))

	def _control(self, *args):
		command = ["unbound-control"]
		command.extend(args)

		try:
			return subprocess.check_output(command)

		# Log any errors
		except subprocess.CalledProcessError as e:
			log.critical("Could not run %s, error code: %s: %s" % (
				" ".join(command), e.returncode, e.output))


if __name__ == "__main__":
	parser = argparse.ArgumentParser(description="Bridge for DHCP Leases and Unbound DNS")

	# Daemon Stuff
	parser.add_argument("--daemon", "-d", action="store_true",
		help="Launch as daemon in background")
	parser.add_argument("--verbose", "-v", action="count", help="Be more verbose")

	# Paths
	parser.add_argument("--dhcp-leases", default="/var/state/dhcp/dhcpd.leases",
		metavar="PATH", help="Path to the DHCPd leases file")
	parser.add_argument("--unbound-leases", default="/etc/unbound/dhcp-leases.conf",
		metavar="PATH", help="Path to the unbound configuration file")
	parser.add_argument("--fix-leases", default="/var/ipfire/dhcp/fixleases",
		metavar="PATH", help="Path to the fix leases file")

	# Parse command line arguments
	args = parser.parse_args()

	# Setup logging
	if args.verbose == 1:
		loglevel = logging.INFO
	elif args.verbose >= 2:
		loglevel = logging.DEBUG
	else:
		loglevel = logging.WARN

	setup_logging(loglevel)

	bridge = UnboundDHCPLeasesBridge(args.dhcp_leases, args.fix_leases, args.unbound_leases)

	ctx = daemon.DaemonContext(detach_process=args.daemon)
	ctx.signal_map = {
		signal.SIGHUP  : bridge.update_dhcp_leases,
		signal.SIGTERM : bridge.terminate,
	}

	with ctx:
		bridge.run()
Commit	Line	Data
0fbd7c3c MT	1	#!/usr/bin/python
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2016 Michael Tremer #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	import argparse
	23	import datetime
	24	import daemon
74a5ab67	25	import ipaddress
0fbd7c3c MT	26	import logging
	27	import logging.handlers
	28	import re
	29	import signal
	30	import subprocess
	31
	32	import inotify.adapters
	33
077ea717 MT	34	LOCAL_TTL = 60
077ea717 MT	35
0fbd7c3c MT	36	def setup_logging(loglevel=logging.INFO):
	37	log = logging.getLogger("dhcp")
	38	log.setLevel(loglevel)
	39
	40	handler = logging.handlers.SysLogHandler(address="/dev/log", facility="daemon")
	41	handler.setLevel(loglevel)
	42
	43	formatter = logging.Formatter("%(name)s[%(process)d]: %(message)s")
	44	handler.setFormatter(formatter)
	45
	46	log.addHandler(handler)
	47
	48	return log
	49
	50	log = logging.getLogger("dhcp")
	51
e22bcd38 MT	52	def ip_address_to_reverse_pointer(address):
	53	parts = address.split(".")
	54	parts.reverse()
	55
	56	return "%s.in-addr.arpa" % ".".join(parts)
	57
	58	def reverse_pointer_to_ip_address(rr):
	59	parts = rr.split(".")
	60
	61	# Only take IP address part
	62	parts = reversed(parts[0:4])
	63
	64	return ".".join(parts)
	65
0fbd7c3c	66	class UnboundDHCPLeasesBridge(object):
86c9deb2	67	def __init__(self, dhcp_leases_file, fix_leases_file, unbound_leases_file):
0fbd7c3c	68	self.leases_file = dhcp_leases_file
86c9deb2	69	self.fix_leases_file = fix_leases_file
0fbd7c3c MT	70
	71	self.unbound = UnboundConfigWriter(unbound_leases_file)
	72	self.running = False
	73
	74	def run(self):
	75	log.info("Unbound DHCP Leases Bridge started on %s" % self.leases_file)
	76	self.running = True
	77
	78	# Initially read leases file
	79	self.update_dhcp_leases()
	80
86c9deb2	81	i = inotify.adapters.Inotify([self.leases_file, self.fix_leases_file])
0fbd7c3c MT	82
	83	for event in i.event_gen():
	84	# End if we are requested to terminate
	85	if not self.running:
	86	break
	87
	88	if event is None:
	89	continue
	90
	91	header, type_names, watch_path, filename = event
	92
	93	# Update leases after leases file has been modified
	94	if "IN_MODIFY" in type_names:
	95	self.update_dhcp_leases()
	96
86c9deb2 MT	97	# If the file is deleted, we re-add the watcher
	98	if "IN_IGNORED" in type_names:
	99	i.add_watch(watch_path)
	100
0fbd7c3c MT	101	log.info("Unbound DHCP Leases Bridge terminated")
	102
	103	def update_dhcp_leases(self):
86c9deb2 MT	104	leases = []
	105
	106	for lease in DHCPLeases(self.leases_file):
	107	leases.append(lease)
	108
	109	for lease in FixLeases(self.fix_leases_file):
	110	leases.append(lease)
0fbd7c3c	111
0fbd7c3c MT	112	self.unbound.update_dhcp_leases(leases)
	113
	114	def terminate(self):
	115	self.running = False
	116
	117
	118	class DHCPLeases(object):
	119	regex_leaseblock = re.compile(r"lease (?P<ipaddr>\d+\.\d+\.\d+\.\d+) {(?P<config>[\s\S]+?)\n}")
	120
	121	def __init__(self, path):
	122	self.path = path
	123
	124	self._leases = self._parse()
	125
	126	def __iter__(self):
	127	return iter(self._leases)
	128
	129	def _parse(self):
86c9deb2 MT	130	log.info("Reading DHCP leases from %s" % self.path)
86c9deb2 MT	131
0fbd7c3c MT	132	leases = []
	133
	134	with open(self.path) as f:
	135	# Read entire leases file
	136	data = f.read()
	137
	138	for match in self.regex_leaseblock.finditer(data):
	139	block = match.groupdict()
	140
	141	ipaddr = block.get("ipaddr")
	142	config = block.get("config")
	143
	144	properties = self._parse_block(config)
	145
	146	# Skip any abandoned leases
	147	if not "hardware" in properties:
	148	continue
	149
	150	lease = Lease(ipaddr, properties)
	151
	152	# Check if a lease for this Ethernet address already
	153	# exists in the list of known leases. If so replace
	154	# if with the most recent lease
	155	for i, l in enumerate(leases):
	156	if l.hwaddr == lease.hwaddr:
	157	leases[i] = max(lease, l)
	158	break
	159
	160	else:
	161	leases.append(lease)
	162
	163	return leases
	164
	165	def _parse_block(self, block):
	166	properties = {}
	167
	168	for line in block.splitlines():
	169	if not line:
	170	continue
	171
	172	# Remove trailing ; from line
	173	if line.endswith(";"):
	174	line = line[:-1]
	175
	176	# Invalid line if it doesn't end with ;
	177	else:
	178	continue
	179
	180	# Remove any leading whitespace
	181	line = line.lstrip()
	182
	183	# We skip all options and sets
	184	if line.startswith("option") or line.startswith("set"):
	185	continue
	186
	187	# Split by first space
	188	key, val = line.split(" ", 1)
	189	properties[key] = val
	190
	191	return properties
	192
	193
86c9deb2 MT	194	class FixLeases(object):
	195	cache = {}
	196
	197	def __init__(self, path):
	198	self.path = path
	199
	200	self._leases = self.cache[self.path] = self._parse()
	201
	202	def __iter__(self):
	203	return iter(self._leases)
	204
	205	def _parse(self):
	206	log.info("Reading fix leases from %s" % self.path)
	207
	208	leases = []
	209	now = datetime.datetime.utcnow()
	210
	211	with open(self.path) as f:
	212	for line in f.readlines():
	213	line = line.rstrip()
	214
	215	try:
	216	hwaddr, ipaddr, enabled, a, b, c, hostname = line.split(",")
	217	except ValueError:
	218	log.warning("Could not parse line: %s" % line)
	219	continue
	220
	221	# Skip any disabled leases
	222	if not enabled == "on":
	223	continue
	224
	225	l = Lease(ipaddr, {
	226	"binding" : "state active",
	227	"client-hostname" : hostname,
	228	"hardware" : "ethernet %s" % hwaddr,
	229	"starts" : now.strftime("%w %Y/%m/%d %H:%M:%S"),
	230	"ends" : "never",
	231	})
	232	leases.append(l)
	233
	234	# Try finding any deleted leases
	235	for lease in self.cache.get(self.path, []):
	236	if lease in leases:
	237	continue
	238
	239	# Free the deleted lease
	240	lease.free()
	241	leases.append(lease)
	242
	243	return leases
	244
	245
0fbd7c3c MT	246	class Lease(object):
	247	def __init__(self, ipaddr, properties):
	248	self.ipaddr = ipaddr
	249	self._properties = properties
	250
	251	def __repr__(self):
	252	return "<%s %s for %s (%s)>" % (self.__class__.__name__,
	253	self.ipaddr, self.hwaddr, self.hostname)
	254
	255	def __eq__(self, other):
	256	return self.ipaddr == other.ipaddr and self.hwaddr == other.hwaddr
	257
	258	def __gt__(self, other):
	259	if not self.ipaddr == other.ipaddr:
	260	return
	261
	262	if not self.hwaddr == other.hwaddr:
	263	return
	264
	265	return self.time_starts > other.time_starts
	266
	267	@property
	268	def binding_state(self):
	269	state = self._properties.get("binding")
	270
	271	if state:
	272	state = state.split(" ", 1)
	273	return state[1]
	274
86c9deb2 MT	275	def free(self):
	276	self._properties.update({
	277	"binding" : "state free",
	278	})
	279
0fbd7c3c MT	280	@property
	281	def active(self):
	282	return self.binding_state == "active"
	283
	284	@property
	285	def hwaddr(self):
	286	hardware = self._properties.get("hardware")
	287
	288	if not hardware:
	289	return
	290
	291	ethernet, address = hardware.split(" ", 1)
	292
	293	return address
	294
	295	@property
	296	def hostname(self):
	297	hostname = self._properties.get("client-hostname")
	298
998e880b MT	299	if hostname is None:
	300	return
	301
0fbd7c3c	302	# Remove any ""
998e880b	303	hostname = hostname.replace("\"", "")
0fbd7c3c	304
998e880b MT	305	# Only return valid hostnames
	306	m = re.match(r"^[A-Z0-9\-]{1,63}$", hostname, re.I)
	307	if m:
	308	return hostname
0fbd7c3c MT	309
	310	@property
	311	def domain(self):
74a5ab67 MT	312	# Load ethernet settings
	313	ethernet_settings = self.read_settings("/var/ipfire/ethernet/settings")
	314
	315	# Load DHCP settings
	316	dhcp_settings = self.read_settings("/var/ipfire/dhcp/settings")
	317
	318	subnets = {}
	319	for zone in ("GREEN", "BLUE"):
	320	if not dhcp_settings.get("ENABLE_%s" % zone) == "on":
	321	continue
	322
	323	netaddr = ethernet_settings.get("%s_NETADDRESS" % zone)
	324	submask = ethernet_settings.get("%s_NETMASK" % zone)
	325
	326	subnet = ipaddress.ip_network("%s/%s" % (netaddr, submask))
	327	domain = dhcp_settings.get("DOMAIN_NAME_%s" % zone)
	328
	329	subnets[subnet] = domain
	330
	331	address = ipaddress.ip_address(self.ipaddr)
	332
	333	for subnet, domain in subnets.items():
	334	if address in subnet:
	335	return domain
	336
	337	# Fall back to localdomain if no match could be found
	338	return "localdomain"
	339
	340	@staticmethod
	341	def read_settings(filename):
	342	settings = {}
	343
	344	with open(filename) as f:
	345	for line in f.readlines():
	346	# Remove line-breaks
	347	line = line.rstrip()
	348
	349	k, v = line.split("=", 1)
	350	settings[k] = v
	351
	352	return settings
0fbd7c3c MT	353
	354	@property
	355	def fqdn(self):
998e880b MT	356	if self.hostname:
998e880b MT	357	return "%s.%s" % (self.hostname, self.domain)
0fbd7c3c MT	358
	359	@staticmethod
	360	def _parse_time(s):
	361	return datetime.datetime.strptime(s, "%w %Y/%m/%d %H:%M:%S")
	362
	363	@property
	364	def time_starts(self):
	365	starts = self._properties.get("starts")
	366
	367	if starts:
	368	return self._parse_time(starts)
	369
	370	@property
	371	def time_ends(self):
	372	ends = self._properties.get("ends")
	373
	374	if not ends or ends == "never":
	375	return
	376
	377	return self._parse_time(ends)
	378
	379	@property
	380	def expired(self):
	381	if not self.time_ends:
	382	return self.time_starts > datetime.datetime.utcnow()
	383
	384	return self.time_starts > datetime.datetime.utcnow() > self.time_ends
	385
	386	@property
	387	def rrset(self):
998e880b MT	388	# If the lease does not have a valid FQDN, we cannot create any RRs
	389	if self.fqdn is None:
	390	return []
	391
0fbd7c3c MT	392	return [
0fbd7c3c MT	393	# Forward record
b8dd42b9	394	(self.fqdn, "%s" % LOCAL_TTL, "IN A", self.ipaddr),
0fbd7c3c MT	395
0fbd7c3c MT	396	# Reverse record
e22bcd38 MT	397	(ip_address_to_reverse_pointer(self.ipaddr), "%s" % LOCAL_TTL,
e22bcd38 MT	398	"IN PTR", self.fqdn),
0fbd7c3c MT	399	]
	400
	401
	402	class UnboundConfigWriter(object):
	403	def __init__(self, path):
	404	self.path = path
	405
b8dd42b9 MT	406	@property
	407	def existing_leases(self):
	408	local_data = self._control("list_local_data")
	409	ret = {}
	410
	411	for line in local_data.splitlines():
	412	try:
	413	hostname, ttl, x, record_type, content = line.split("\t")
	414	except ValueError:
	415	continue
	416
	417	# Ignore everything that is not A or PTR
	418	if not record_type in ("A", "PTR"):
	419	continue
	420
	421	if hostname.endswith("."):
	422	hostname = hostname[:-1]
	423
	424	if content.endswith("."):
	425	content = content[:-1]
	426
	427	if record_type == "A":
	428	ret[hostname] = content
	429	elif record_type == "PTR":
e22bcd38	430	ret[content] = reverse_pointer_to_ip_address(hostname)
b8dd42b9 MT	431
b8dd42b9 MT	432	return ret
0fbd7c3c MT	433
0fbd7c3c MT	434	def update_dhcp_leases(self, leases):
d20ef9d7 MT	435	# Cache all expired or inactive leases
d20ef9d7 MT	436	expired_leases = [l for l in leases if l.expired or not l.active]
0fbd7c3c	437
d20ef9d7 MT	438	# Find any leases that have expired or do not exist any more
d20ef9d7 MT	439	# but are still in the unbound local data
b8dd42b9 MT	440	removed_leases = []
b8dd42b9 MT	441	for fqdn, address in self.existing_leases.items():
d20ef9d7	442	if fqdn in (l.fqdn for l in expired_leases):
b8dd42b9	443	removed_leases += [fqdn, address]
0fbd7c3c	444
d20ef9d7 MT	445	# Strip all non-active or expired leases
	446	leases = [l for l in leases if l.active and not l.expired]
	447
0fbd7c3c	448	# Find any leases that have been added
b8dd42b9 MT	449	new_leases = [l for l in leases
b8dd42b9 MT	450	if l.fqdn not in self.existing_leases]
0fbd7c3c MT	451
	452	# End here if nothing has changed
	453	if not new_leases and not removed_leases:
	454	return
	455
0fbd7c3c MT	456	# Write out all leases
	457	self.write_dhcp_leases(leases)
	458
	459	# Update unbound about changes
b8dd42b9 MT	460	for hostname in removed_leases:
	461	log.debug("Removing all records for %s" % hostname)
	462	self._control("local_data_remove", hostname)
0fbd7c3c MT	463
	464	for l in new_leases:
	465	for rr in l.rrset:
b8dd42b9	466	log.debug("Adding new record %s" % " ".join(rr))
0fbd7c3c MT	467	self._control("local_data", *rr)
	468
	469
	470	def write_dhcp_leases(self, leases):
	471	with open(self.path, "w") as f:
	472	for l in leases:
	473	for rr in l.rrset:
	474	f.write("local-data: \"%s\"\n" % " ".join(rr))
	475
	476	def _control(self, *args):
b8dd42b9	477	command = ["unbound-control"]
0fbd7c3c MT	478	command.extend(args)
	479
	480	try:
b8dd42b9	481	return subprocess.check_output(command)
0fbd7c3c MT	482
	483	# Log any errors
	484	except subprocess.CalledProcessError as e:
	485	log.critical("Could not run %s, error code: %s: %s" % (
	486	" ".join(command), e.returncode, e.output))
	487
	488
	489	if __name__ == "__main__":
	490	parser = argparse.ArgumentParser(description="Bridge for DHCP Leases and Unbound DNS")
	491
	492	# Daemon Stuff
	493	parser.add_argument("--daemon", "-d", action="store_true",
	494	help="Launch as daemon in background")
	495	parser.add_argument("--verbose", "-v", action="count", help="Be more verbose")
	496
	497	# Paths
	498	parser.add_argument("--dhcp-leases", default="/var/state/dhcp/dhcpd.leases",
	499	metavar="PATH", help="Path to the DHCPd leases file")
	500	parser.add_argument("--unbound-leases", default="/etc/unbound/dhcp-leases.conf",
	501	metavar="PATH", help="Path to the unbound configuration file")
86c9deb2 MT	502	parser.add_argument("--fix-leases", default="/var/ipfire/dhcp/fixleases",
86c9deb2 MT	503	metavar="PATH", help="Path to the fix leases file")
0fbd7c3c MT	504
	505	# Parse command line arguments
	506	args = parser.parse_args()
	507
	508	# Setup logging
	509	if args.verbose == 1:
	510	loglevel = logging.INFO
	511	elif args.verbose >= 2:
	512	loglevel = logging.DEBUG
	513	else:
	514	loglevel = logging.WARN
	515
	516	setup_logging(loglevel)
	517
86c9deb2	518	bridge = UnboundDHCPLeasesBridge(args.dhcp_leases, args.fix_leases, args.unbound_leases)
0fbd7c3c MT	519
	520	ctx = daemon.DaemonContext(detach_process=args.daemon)
	521	ctx.signal_map = {
	522	signal.SIGHUP : bridge.update_dhcp_leases,
	523	signal.SIGTERM : bridge.terminate,
	524	}
	525
	526	with ctx:
	527	bridge.run()