echo "local-data: \"${address} ${LOCAL_TTL} IN PTR ${HOSTNAME}\""
done
- # Add all hosts
local enabled address hostname domainname generateptr
+
+ # Find all unique domain names
+ while IFS="," read -r enabled address hostname domainname generateptr; do
+ [ "${enabled}" = "on" ] || continue
+
+ # Skip empty domainnames
+ [ "${domainname}" = "" ] && continue
+
+ echo "local-zone: ${domainname} typetransparent"
+ done < /var/ipfire/main/hosts | sort -u
+
+ # Add all hosts
while IFS="," read -r enabled address hostname domainname generateptr; do
[ "${enabled}" = "on" ] || continue
write_tuning_conf() {
# https://www.unbound.net/documentation/howto_optimise.html
- # Determine number of online processors
- local processors=$(getconf _NPROCESSORS_ONLN)
-
- # Determine number of slabs
- local slabs=1
- while [ ${slabs} -lt ${processors} ]; do
- slabs=$(( ${slabs} * 2 ))
- done
-
# Determine amount of system memory
local mem=$(get_memory_amount)
(
config_header
- # We run one thread per processor
- echo "num-threads: ${processors}"
- echo "so-reuseport: yes"
-
- # Adjust number of slabs
- echo "infra-cache-slabs: ${slabs}"
- echo "key-cache-slabs: ${slabs}"
- echo "msg-cache-slabs: ${slabs}"
- echo "rrset-cache-slabs: ${slabs}"
-
# Slice up the cache
echo "rrset-cache-size: $(( ${mem} / 2 ))m"
echo "msg-cache-size: $(( ${mem} / 4 ))m"
resolve() {
local hostname="${1}"
+ local found=1
local answer
for answer in $(dig +short A "${hostname}"); do
# Filter out non-IP addresses
if [[ ! "${answer}" =~ \.$ ]]; then
+ found=0
echo "${answer}"
fi
done
+
+ return ${found}
}
# Sets up Safe Search for various search engines
for domain in ${google_tlds[@]}; do
unbound-control local_zone "${domain}" transparent >/dev/null
for address in ${addresses}; do
- unbound-control local_data: "www.${domain} ${LOCAL_TTL} IN A ${address}"
+ unbound-control local_data "www.${domain} ${LOCAL_TTL} IN A ${address}"
done >/dev/null
done
sleep 1
$0 start
;;
- reload|remove-forwarders)
+ reload|update-forwarders)
# Update configuration files
write_forward_conf
write_hosts_conf
+ # Call unbound-control and perform the reload
+ /usr/sbin/unbound-control -q reload
+
+ # Dummy Resolve to wait for unbound
+ resolve "ping.ipfire.org" &>/dev/null
+
+ if [ "$1" = "update-forwarders" ]; then
+ # Make sure DNS works at this point
+ fix_time_if_dns_fails
+ fi
+
# Update Safe Search rules if the system is online.
if [ -e "/var/ipfire/red/active" ]; then
update_safe_search
fi
-
- # Call unbound-control and perform the reload
- /usr/sbin/unbound-control -q reload
;;
status)
statusproc /usr/sbin/unbound
;;
- update-forwarders)
- $0 reload
-
- # Make sure DNS works at this point
- fix_time_if_dns_fails
- ;;
-
resolve)
- resolve "${2}"
+ resolve "${2}" || exit $?
;;
*)
- echo "Usage: $0 {start|stop|restart|reload|status|resolve|update-forwarders|remove-forwarders}"
+ echo "Usage: $0 {start|stop|restart|reload|status|resolve|update-forwarders}"
exit 1
;;
esac