#!/bin/bash ############################################################################### # # # IPFire.org - A linux based firewall # # Copyright (C) 2007-2022 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with this program. If not, see . # # # ############################################################################### FILES=( /var/ipfire/ethernet/settings /var/ipfire/dns/settings /var/ipfire/ppp/settings /var/ipfire/ppp/settings-* ) main() { # Do not convert anything if we already have some servers set if [ ! -s "/var/ipfire/dns/servers" ]; then # Array to store all found DNS servers. local SERVERS=() # Loop through all PPP profiles local file for file in "${FILES[@]}"; do if [ -s "${file}" ]; then local DNS0 DNS1 DNS2 eval $(/usr/local/bin/readhash "${file}") # Add the DNS servers to the array of SERVERS local var for var in DNS0 DNS1 DNS2; do SERVERS+=( "${!var}" ) done fi done local server local i=3 for server in $(printf "%s\n" "${SERVERS[@]}" | sort -u); do if [ -n "${server}" ]; then echo "${i},${server},,enabled," (( i++ )) fi done > /var/ipfire/dns/servers # Empty the old settings file : > /var/ipfire/dns/settings # Enable using ISP name servers when no servers are configured if [ ${i} -eq 3 ]; then echo "USE_ISP_NAMESERVERS=on" \ >> /var/ipfire/dns/settings fi fi # Remove all old settings from files local file for file in "${FILES[@]}"; do # Remove DNS, DNS0, DNS1 and DNS2 sed -Ei "/^DNS[012]?=/d" "${file}" done # Set correct ownership. chown nobody:nobody /var/ipfire/dns/settings # Convert old unbound settings file if [ -e "/etc/sysconfig/unbound" ]; then local USE_FORWARDERS local ENABLE_SAFE_SEARCH local FORCE_TCP # Read settings eval $(/usr/local/bin/readhash /etc/sysconfig/unbound) # Safe Search if [ "${ENABLE_SAFE_SEARCH}" = "on" ]; then echo "ENABLE_SAFE_SEARCH=${ENABLE_SAFE_SEARCH}" \ >> /var/ipfire/dns/settings fi # Force TCP if [ "${FORCE_TCP}" = "on" ]; then echo "PROTO=TCP" >> /var/ipfire/dns/settings fi # Run in recursor mode if [ "${USE_FORWARDERS}" = "0" ]; then # Remove all servers : > /var/ipfire/dns/servers fi rm -f "/etc/sysconfig/unbound" fi # Set correct ownership. chown nobody:nobody /var/ipfire/dns/servers # Make DHCP leases readable for nobody chmod 644 /etc/unbound/dhcp-leases.conf } main "$@" || exit $?