require '/var/ipfire/general-functions.pl';
require "${General::swroot}/geoip-functions.pl";
+require "${General::swroot}/ids-functions.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
# File which contains the ca-certificates.
my $ca_certs_file = "/etc/ssl/certs/ca-bundle.crt";
+# Server which is used, to determine if the whole DNS system works properly.
+my $dns_test_server = "ping.ipfire.org";
+
my $check_servers;
my %color = ();
# Store settings into settings file.
&General::writehash("$settings_file", \%cgiparams);
+
+ # Call function to handle unbound restart, etc.
+ &_handle_unbound_and_more()
}
###
# Write the changed hash to the config file.
&General::writehasharray($servers_file, \%dns_servers);
+
+ # Call function to handle unbound restart, etc.
+ &_handle_unbound_and_more();
} else {
# Switch back to previous mode.
$cgiparams{'SERVERS'} = $cgiparams{'MODE'};
# Write the changed hash back to the config file.
&General::writehasharray($servers_file, \%dns_servers);
+
+ # Call function to handle unbound restart, etc.
+ &_handle_unbound_and_more();
}
## Remove entry from DNS servers list.
# Write the changed hash to the config file.
&General::writehasharray($servers_file, \%dns_servers);
+ # Call function to handle unbound restart, etc.
+ &_handle_unbound_and_more();
+
## Handle request to check the servers.
#
} elsif ($cgiparams{'SERVERS'} eq $Lang::tr{'dns check servers'}) {
sub show_nameservers () {
&Header::openbox('100%', 'center', "$Lang::tr{'dns title'}");
+ my $dns_status_string;
+ my $dns_status_col;
+
+ # Test if the DNS system is working.
+ #
+ # Simple send a request to unbound and check if it can resolve the
+ # DNS test server.
+ my $dns_status_ret = &check_nameserver("127.0.0.1", "$dns_test_server", "UDP");
+
+ if ($dns_status_ret eq "2") {
+ $dns_status_string = "$Lang::tr{'working'}";
+ $dns_status_col = "${Header::colourgreen}";
+ } else {
+ $dns_status_string = "$Lang::tr{'broken'}";
+ $dns_status_col = "${Header::colourred}";
+ }
+
print <<END;
+ <table width='100%'>
+ <tr>
+ <td>
+ <strong>$Lang::tr{'status'}: </strong>
+ <strong><font color='$dns_status_col'>$dns_status_string</font></strong>
+ </td>
+ </tr>
+ </table>
+
+ <br>
+
<table class="tbl" width='100%'>
<tr>
<td align="center">
# Loop through the array which stores the files.
foreach my $file (@ISP_nameserver_files) {
# Grab the address of the nameserver.
- my $address = &grab_address_from_file($file);
+ my $address = &General::grab_address_from_file($file);
# Check if we got an address.
if ($address) {
&Header::closebox();
}
+# Private function to handle the restart of unbound and more.
+sub _handle_unbound_and_more () {
+ # Restart unbound
+ system('/usr/local/bin/unboundctrl restart >/dev/null');
+
+ # Check if the IDS is running.
+ if(&IDS::ids_is_running()) {
+ # Re-generate the file which contains the DNS Server
+ # details.
+ &IDS::generate_dns_servers_file();
+
+ # Call suricatactrl to perform a reload.
+ &IDS::call_suricatactrl("restart");
+ }
+}
+
# Check if the system is online (RED is connected).
sub red_is_active () {
# Check if the "active" file is present.
}
}
-# Tiny function to grab an IP-address of a given file.
-sub grab_address_from_file($) {
- my ($file) = @_;
-
- my $address;
-
- # Check if the given file exists.
- if(-f $file) {
- # Open the file for reading.
- open(FILE, $file) or die "Could not read from $file. $!\n";
-
- # Read the address from the file.
- $address = <FILE>;
-
- # Close filehandle.
- close(FILE);
-
- # Remove newlines.
- chomp($address);
-
- # Check if the obtained address is valid.
- if (&General::validip($address)) {
- # Return the address.
- return $address;
- }
- }
-
- # Return nothing.
- return;
-}
-
# Function to check a given nameserver against propper work.
sub check_nameserver($$$$) {
my ($nameserver, $record, $proto, $tls_hostname) = @_;