require '/var/ipfire/general-functions.pl';
require "${General::swroot}/geoip-functions.pl";
+require "${General::swroot}/ids-functions.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
$cgiparams{'ENABLE_SAFE_SEARCH'} = "off";
}
- # Store settings into settings file.
- &General::writehash("$settings_file", \%cgiparams);
+ # Check if using ISP nameservers and TLS is enabled at the same time.
+ if (($cgiparams{'USE_ISP_NAMESERVERS'} eq "on") && ($cgiparams{'PROTO'} eq "TLS")) {
+ $errormessage = $Lang::tr{'dns isp nameservers and tls not allowed'}
+ }
- # Call function to handle unbound restart, etc.
- &_handle_unbound_and_more()
+ # Check if there was an error.
+ if ( ! $errormessage) {
+
+ # Store settings into settings file.
+ &General::writehash("$settings_file", \%cgiparams);
+
+ # Call function to handle unbound restart, etc.
+ &_handle_unbound_and_more()
+ }
}
###
# The first allowed id is 3 to keep space for
# possible ISP assigned DNS servers.
- if ($id le "2") {
+ if ($id <= "2") {
$id = "3";
}
}
my $dns_status_string;
my $dns_status_col;
+ my $dns_working;
# Test if the DNS system is working.
#
if ($dns_status_ret eq "2") {
$dns_status_string = "$Lang::tr{'working'}";
$dns_status_col = "${Header::colourgreen}";
+ $dns_working = 1;
} else {
$dns_status_string = "$Lang::tr{'broken'}";
$dns_status_col = "${Header::colourred}";
# Loop through the array which stores the files.
foreach my $file (@ISP_nameserver_files) {
# Grab the address of the nameserver.
- my $address = &grab_address_from_file($file);
+ my $address = &General::grab_address_from_file($file);
# Check if we got an address.
if ($address) {
my $rdns;
# Only do the reverse lookup if the system is online.
- if (&red_is_active()) {
+ if ($dns_working) {
my $iaddr = inet_aton($nameserver);
$rdns = gethostbyaddr($iaddr, AF_INET);
}
# Private function to handle the restart of unbound and more.
sub _handle_unbound_and_more () {
# Restart unbound
- system('/usr/local/bin/unboundctrl restart >/dev/null');
+ system('/usr/local/bin/unboundctrl reload >/dev/null');
+
+ # Check if the IDS is running.
+ if(&IDS::ids_is_running()) {
+ # Re-generate the file which contains the DNS Server
+ # details.
+ &IDS::generate_dns_servers_file();
+
+ # Call suricatactrl to perform a reload.
+ &IDS::call_suricatactrl("restart");
+ }
}
# Check if the system is online (RED is connected).
}
}
-# Tiny function to grab an IP-address of a given file.
-sub grab_address_from_file($) {
- my ($file) = @_;
-
- my $address;
-
- # Check if the given file exists.
- if(-f $file) {
- # Open the file for reading.
- open(FILE, $file) or die "Could not read from $file. $!\n";
-
- # Read the address from the file.
- $address = <FILE>;
-
- # Close filehandle.
- close(FILE);
-
- # Remove newlines.
- chomp($address);
-
- # Check if the obtained address is valid.
- if (&General::validip($address)) {
- # Return the address.
- return $address;
- }
- }
-
- # Return nothing.
- return;
-}
-
# Function to check a given nameserver against propper work.
sub check_nameserver($$$$) {
my ($nameserver, $record, $proto, $tls_hostname) = @_;