From 33239199bea51353a217254dd081ed04b1cf3e7a Mon Sep 17 00:00:00 2001 From: rtsp Date: Sun, 10 Apr 2016 01:11:26 +0700 Subject: Fix resolv-file config bug When using `service dns forwarding system` to make dnsmasq use system nameservers to resolve dns instead of specifying nameservers in /etc/dnsmasq.conf. `resolv-file` directive in /etc/dnsmasq.conf should point to /etc/resolv.conf, not /etc/dnsmasq.conf --- scripts/dns-forwarding/vyatta-dns-forwarding.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts/dns-forwarding') diff --git a/scripts/dns-forwarding/vyatta-dns-forwarding.pl b/scripts/dns-forwarding/vyatta-dns-forwarding.pl index 46e038b5..b1d912e5 100755 --- a/scripts/dns-forwarding/vyatta-dns-forwarding.pl +++ b/scripts/dns-forwarding/vyatta-dns-forwarding.pl @@ -155,7 +155,7 @@ sub dnsforwarding_get_values { } if ($use_dnsmasq_conf == 1) { - $output .= "resolv-file=/etc/dnsmasq.conf\n"; + $output .= "resolv-file=/etc/resolv.conf\n"; } return $output; -- cgit v1.2.3 From 4a03838ea877a3a867b283ba85956795e769d563 Mon Sep 17 00:00:00 2001 From: brennen Date: Mon, 21 Nov 2016 10:59:44 -0800 Subject: Add flag for DNSmasq to query all dns servers. This feature, when used properly, can massively increase DNS performance. See: http://ma.ttwagner.com/make-dns-fly-with-dnsmasq-all-servers/ --- scripts/dns-forwarding/vyatta-dns-forwarding.pl | 4 ++++ templates/service/dns/forwarding/query-all-servers/node.def | 1 + 2 files changed, 5 insertions(+) create mode 100644 templates/service/dns/forwarding/query-all-servers/node.def (limited to 'scripts/dns-forwarding') diff --git a/scripts/dns-forwarding/vyatta-dns-forwarding.pl b/scripts/dns-forwarding/vyatta-dns-forwarding.pl index 46e038b5..807afa28 100755 --- a/scripts/dns-forwarding/vyatta-dns-forwarding.pl +++ b/scripts/dns-forwarding/vyatta-dns-forwarding.pl @@ -95,6 +95,10 @@ sub dnsforwarding_get_values { $output .= "cache-size=$cache_size\n"; } + if (defined $query_all_servers) { + $output .= "all-servers\n"; + } + if (defined $ignore_hosts_file) { $output .= "no-hosts\n"; } diff --git a/templates/service/dns/forwarding/query-all-servers/node.def b/templates/service/dns/forwarding/query-all-servers/node.def new file mode 100644 index 00000000..90e8e7ec --- /dev/null +++ b/templates/service/dns/forwarding/query-all-servers/node.def @@ -0,0 +1 @@ +help: Query all DNS servers, respond and cache fastest result -- cgit v1.2.3 From abf4c8e221c5b6e9c1c849a151be275b1ee92d57 Mon Sep 17 00:00:00 2001 From: Lauris BH Date: Fri, 17 Mar 2017 23:56:20 +0200 Subject: Fix vyatta-dns-forwarding.pl after merged pull request #53 --- scripts/dns-forwarding/vyatta-dns-forwarding.pl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'scripts/dns-forwarding') diff --git a/scripts/dns-forwarding/vyatta-dns-forwarding.pl b/scripts/dns-forwarding/vyatta-dns-forwarding.pl index b6b829b3..fa9fae68 100755 --- a/scripts/dns-forwarding/vyatta-dns-forwarding.pl +++ b/scripts/dns-forwarding/vyatta-dns-forwarding.pl @@ -62,7 +62,7 @@ sub dnsforwarding_get_values { my $output = ''; my $config = new Vyatta::Config; my $use_dnsmasq_conf = 0; - my (@listen_interfaces, $cache_size, @use_nameservers, $use_system_nameservers, @use_dhcp_nameservers, @domains, $server, $ignore_hosts_file); + my (@listen_interfaces, $cache_size, @use_nameservers, $use_system_nameservers, @use_dhcp_nameservers, @domains, $server, $ignore_hosts_file, $query_all_servers); $config->setLevel("service dns forwarding"); @@ -74,6 +74,7 @@ sub dnsforwarding_get_values { @use_dhcp_nameservers = $config->returnOrigValues("dhcp"); @domains = $config->listOrigNodes("domain"); $ignore_hosts_file = $config->returnOrigValue("ignore-hosts-file"); + $query_all_servers = $config->returnOrigValue("query-all-servers"); } else { @listen_interfaces = $config->returnValues("listen-on"); @@ -83,6 +84,7 @@ sub dnsforwarding_get_values { @use_dhcp_nameservers = $config->returnValues("dhcp"); @domains = $config->listNodes("domain"); $ignore_hosts_file = $config->exists("ignore-hosts-file"); + $query_all_servers = $config->exists("query-all-servers"); } if (@listen_interfaces != 0) { -- cgit v1.2.3 From 2abbf9fb822b7c16cbf6f60d9c0ba4c181e024e9 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 21 Jan 2018 17:14:38 +0100 Subject: T523: Use new location for dnsmasq config files --- scripts/dns-forwarding/vyatta-dns-forwarding.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts/dns-forwarding') diff --git a/scripts/dns-forwarding/vyatta-dns-forwarding.pl b/scripts/dns-forwarding/vyatta-dns-forwarding.pl index fa9fae68..e2ee913c 100755 --- a/scripts/dns-forwarding/vyatta-dns-forwarding.pl +++ b/scripts/dns-forwarding/vyatta-dns-forwarding.pl @@ -32,7 +32,7 @@ use strict; use warnings; my $dnsforwarding_init = '/etc/init.d/dnsmasq'; -my $dnsforwarding_conf = '/etc/dnsmasq.conf'; +my $dnsforwarding_conf = '/etc/dnsmasq.d/vyos.conf'; sub dnsforwarding_restart { system("$dnsforwarding_init restart >&/dev/null"); -- cgit v1.2.3 From d663e63a2d60fa6c79328cd08a6fce76f3861372 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 21 Jan 2018 17:15:16 +0100 Subject: T523: Use systemctl to stop/restart dnsmasq --- scripts/dns-forwarding/vyatta-dns-forwarding.pl | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'scripts/dns-forwarding') diff --git a/scripts/dns-forwarding/vyatta-dns-forwarding.pl b/scripts/dns-forwarding/vyatta-dns-forwarding.pl index e2ee913c..bb091e9d 100755 --- a/scripts/dns-forwarding/vyatta-dns-forwarding.pl +++ b/scripts/dns-forwarding/vyatta-dns-forwarding.pl @@ -31,15 +31,14 @@ use Getopt::Long; use strict; use warnings; -my $dnsforwarding_init = '/etc/init.d/dnsmasq'; my $dnsforwarding_conf = '/etc/dnsmasq.d/vyos.conf'; sub dnsforwarding_restart { - system("$dnsforwarding_init restart >&/dev/null"); + system("systemctl restart dnsmasq"); } sub dnsforwarding_stop { - system("$dnsforwarding_init stop >&/dev/null"); + system("systemctl stop dnsmasq"); } sub dnsforwarding_get_constants { -- cgit v1.2.3 From a974b61d94af35df0cc7e9a3dca3cb758d85d91e Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 21 Jan 2018 17:15:51 +0100 Subject: T523: Only bind dnsmasq to configured interfaces --- debian/changelog | 8 ++++++++ scripts/dns-forwarding/vyatta-dns-forwarding.pl | 1 + 2 files changed, 9 insertions(+) (limited to 'scripts/dns-forwarding') diff --git a/debian/changelog b/debian/changelog index 0675e402..89c7b4ca 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +vyatta-cfg-system (0.20.44+vyos2+current8) unstable; urgency=medium + + * T523: Only bind dnsmasq to configured interfaces + * T523: Use systemctl to stop/restart dnsmasq + * T523: Use new location for dnsmasq config files + + -- Christian Poessinger Sun, 21 Jan 2018 17:16:04 +0100 + vyatta-cfg-system (0.20.44+vyos2+current7) unstable; urgency=medium * T297: Fix DNS Forwarding server does not allow IPv6 address in name-server diff --git a/scripts/dns-forwarding/vyatta-dns-forwarding.pl b/scripts/dns-forwarding/vyatta-dns-forwarding.pl index bb091e9d..00a64b3e 100755 --- a/scripts/dns-forwarding/vyatta-dns-forwarding.pl +++ b/scripts/dns-forwarding/vyatta-dns-forwarding.pl @@ -50,6 +50,7 @@ sub dnsforwarding_get_constants { $output .= "log-facility=/var/log/dnsmasq.log\n"; $output .= "no-poll\n"; $output .= "edns-packet-max=4096\n"; + $output .= "bind-interfaces\n"; system("rm -f /var/log/dnsmasq.log; touch /var/log/dnsmasq.log"); return $output; } -- cgit v1.2.3 From 38e2a80870cd2407377458dee2b4e08aef24b088 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 15 Apr 2018 18:18:43 +0200 Subject: T588: Remove DNS forwarder restart command in favour if XML interface definition --- Makefile.am | 1 - debian/changelog | 6 + debian/control | 1 - scripts/dns-forwarding/vyatta-dns-forwarding.pl | 274 ------------------------ 4 files changed, 6 insertions(+), 276 deletions(-) delete mode 100755 scripts/dns-forwarding/vyatta-dns-forwarding.pl (limited to 'scripts/dns-forwarding') diff --git a/Makefile.am b/Makefile.am index 23a716b5..77088eaa 100644 --- a/Makefile.am +++ b/Makefile.am @@ -60,7 +60,6 @@ sbin_SCRIPTS += scripts/snmp/vyatta-snmp.pl sbin_SCRIPTS += scripts/snmp/vyatta-snmp-v3.pl sbin_SCRIPTS += scripts/snmp/if-mib-alias sbin_SCRIPTS += scripts/telnetd.init -sbin_SCRIPTS += scripts/dns-forwarding/vyatta-dns-forwarding.pl sbin_SCRIPTS += scripts/dynamic-dns/vyatta-dynamic-dns.pl sbin_SCRIPTS += scripts/vyatta-system-nameservers sbin_SCRIPTS += scripts/vyatta-interfaces.pl diff --git a/debian/changelog b/debian/changelog index 215f2a1e..a1ec904a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-system (0.20.44+vyos2+current11) unstable; urgency=medium + + * T588: Remove DNS forwarder restart command in favour if XML interface definition + + -- Christian Poessinger Wed, 11 Apr 2018 20:35:32 +0200 + vyatta-cfg-system (0.20.44+vyos2+current10) unstable; urgency=medium * T157: Remove "install system" command diff --git a/debian/control b/debian/control index 5edd8be0..1b6d08a6 100644 --- a/debian/control +++ b/debian/control @@ -42,7 +42,6 @@ Depends: adduser, tasksel, snmp, tcpdump, - dnsmasq, mdadm, ddclient (>= 3.8.2+vyos2+current1), dnsutils, diff --git a/scripts/dns-forwarding/vyatta-dns-forwarding.pl b/scripts/dns-forwarding/vyatta-dns-forwarding.pl deleted file mode 100755 index 00a64b3e..00000000 --- a/scripts/dns-forwarding/vyatta-dns-forwarding.pl +++ /dev/null @@ -1,274 +0,0 @@ -#!/usr/bin/perl -# -# Module: vyatta-dns-forwarding.pl -# -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2008 Vyatta, Inc. -# All Rights Reserved. -# -# Author: Mohit Mehta -# Date: August 2008 -# Description: Script to glue Vyatta CLI to dnsmasq daemon -# -# **** End License **** -# - -use lib "/opt/vyatta/share/perl5/"; -use Vyatta::Config; -use Vyatta::Misc; -use Getopt::Long; - -use strict; -use warnings; - -my $dnsforwarding_conf = '/etc/dnsmasq.d/vyos.conf'; - -sub dnsforwarding_restart { - system("systemctl restart dnsmasq"); -} - -sub dnsforwarding_stop { - system("systemctl stop dnsmasq"); -} - -sub dnsforwarding_get_constants { - my $output; - - my $date = `date`; - chomp $date; - $output = "#\n# autogenerated by vyatta-dns-forwarding.pl on $date\n#\n"; - $output .= "log-facility=/var/log/dnsmasq.log\n"; - $output .= "no-poll\n"; - $output .= "edns-packet-max=4096\n"; - $output .= "bind-interfaces\n"; - system("rm -f /var/log/dnsmasq.log; touch /var/log/dnsmasq.log"); - return $output; -} - -sub dnsforwarding_get_values { - - my $outside_cli = shift; - - my $output = ''; - my $config = new Vyatta::Config; - my $use_dnsmasq_conf = 0; - my (@listen_interfaces, $cache_size, @use_nameservers, $use_system_nameservers, @use_dhcp_nameservers, @domains, $server, $ignore_hosts_file, $query_all_servers); - - $config->setLevel("service dns forwarding"); - - if ($outside_cli == 1) { - @listen_interfaces = $config->returnOrigValues("listen-on"); - $cache_size = $config->returnOrigValue("cache-size"); - @use_nameservers = $config->returnOrigValues("name-server"); - $use_system_nameservers = $config->existsOrig("system"); - @use_dhcp_nameservers = $config->returnOrigValues("dhcp"); - @domains = $config->listOrigNodes("domain"); - $ignore_hosts_file = $config->returnOrigValue("ignore-hosts-file"); - $query_all_servers = $config->returnOrigValue("query-all-servers"); - - } else { - @listen_interfaces = $config->returnValues("listen-on"); - $cache_size = $config->returnValue("cache-size"); - @use_nameservers = $config->returnValues("name-server"); - $use_system_nameservers = $config->exists("system"); - @use_dhcp_nameservers = $config->returnValues("dhcp"); - @domains = $config->listNodes("domain"); - $ignore_hosts_file = $config->exists("ignore-hosts-file"); - $query_all_servers = $config->exists("query-all-servers"); - } - - if (@listen_interfaces != 0) { - foreach my $interface (@listen_interfaces) { - $output .= "interface=$interface\n"; - } - } - - if (defined $cache_size) { - $output .= "cache-size=$cache_size\n"; - } - - if (defined $query_all_servers) { - $output .= "all-servers\n"; - } - - if (defined $ignore_hosts_file) { - $output .= "no-hosts\n"; - } - - if (@use_nameservers != 0) { - $use_dnsmasq_conf = 1; - foreach my $cli_nameserver (@use_nameservers) { - $output .= "server=$cli_nameserver\t# statically configured\n"; - } - } - - if (defined($use_system_nameservers)) { - $use_dnsmasq_conf = 1; - my $sys_config = new Vyatta::Config; - $sys_config->setLevel("system"); - my @system_nameservers; - if ($outside_cli == 1) { - @system_nameservers = $sys_config->returnOrigValues("name-server"); - } else { - @system_nameservers = $sys_config->returnValues("name-server"); - } - if (@system_nameservers > 0) { - foreach my $system_nameserver (@system_nameservers) { - $output .= "server=$system_nameserver\t# system\n"; - } - } - } - if (@domains != 0) { - foreach my $domain (@domains) { - my @domain_servers; - if ($outside_cli == 1) { - @domain_servers = $config->returnValues("domain $domain server"); - } else { - @domain_servers = $config->returnValues("domain $domain server"); - } - if (@domain_servers > 0) { - foreach my $domain_server (@domain_servers) { - $output .= "server=/$domain/$domain_server\t# domain-override\n"; - } - } - } - } - - if (@use_dhcp_nameservers != 0) { - $use_dnsmasq_conf = 1; - foreach my $interface (@use_dhcp_nameservers) { - my $dhcp_nameserver_count=`grep nameserver /etc/resolv.conf.dhclient-new-$interface 2>/dev/null | wc -l`; - if ($dhcp_nameserver_count > 0) { - my @dhcp_nameservers = `grep nameserver /etc/resolv.conf.dhclient-new-$interface`; - for my $each_nameserver (@dhcp_nameservers) { - my @nameserver = split(/ /, $each_nameserver, 2); - my $ns = $nameserver[1]; - chomp $ns; - $output .= "server=$ns\t# dhcp $interface\n"; - } - } - } - } - - if ($use_dnsmasq_conf == 1) { - $output .= "resolv-file=/etc/resolv.conf\n"; - } - - return $output; -} - -sub dnsforwarding_write_file { - my ($config) = @_; - - open(my $fh, '>', $dnsforwarding_conf) || die "Couldn't open $dnsforwarding_conf - $!"; - print $fh $config; - close $fh; -} - -sub check_nameserver { - - my $cmd = `cat /etc/resolv.conf 2>/dev/null | awk {'print \$1'} | grep \^nameserver\$ | wc -l`; - return $cmd; -} - -sub check_system_nameserver { - - my $config = new Vyatta::Config; - $config->setLevel("system"); - my @system_nameservers = $config->returnValues("name-server"); - return(@system_nameservers); - -} - -sub check_dhcp_interface { - - my $interface = shift; - - die "DNS forwarding error: $interface is not using DHCP to get an IP address\n" - unless Vyatta::Misc::is_dhcp_enabled($interface); - - if (-e "/var/run/vyatta/dhclient/dhclient_release_$interface") { - - # dhcp released for the interface - print "DNS forwarding warning: DHCP lease for $interface has been released by user\n"; - } - - return 1; -} - -# -# main -# - -my ($update_dnsforwarding, $stop_dnsforwarding, $restart_dnsforwarding, $system_nameserver, $dhcp_interface, $outside_cli); - -GetOptions( - "update-dnsforwarding!" => \$update_dnsforwarding, - "stop-dnsforwarding!" => \$stop_dnsforwarding, - "restart-dnsforwarding!" => \$restart_dnsforwarding, - "system-nameserver!" => \$system_nameserver, - "outside-cli!" => \$outside_cli, - "dhcp-interface=s" => \$dhcp_interface -); - -if (defined $system_nameserver) { - my $system_nameserver_exists = check_system_nameserver(); - if ($system_nameserver_exists < 1){ - print "DNS forwarding warning: No name-servers set under 'system name-server'\n"; - } -} - -if (defined $dhcp_interface) { - if (!check_dhcp_interface($dhcp_interface)){ - exit 1; - } -} - -if (defined $update_dnsforwarding) { - my $config; - my $vyatta_config = new Vyatta::Config; - - $vyatta_config->setLevel("service dns forwarding"); - my $use_system_nameservers = $vyatta_config->exists("system"); - my @use_dhcp_nameservers = $vyatta_config->returnValues("dhcp"); - my @use_nameservers = $vyatta_config->returnValues("name-server"); - - if (!(defined $use_system_nameservers) && (@use_dhcp_nameservers == 0) && (@use_nameservers == 0)) { - my $nameserver_exists = check_nameserver(); - if ($nameserver_exists < 1){ - print "DNS forwarding warning: Currently, no name-servers to forward DNS queries\n"; - } - } - - my $called_from_outside_cli = 0; - if (defined $outside_cli){ - $called_from_outside_cli = 1; - } - $config = dnsforwarding_get_constants(); - $config .= dnsforwarding_get_values($called_from_outside_cli); - dnsforwarding_write_file($config); - dnsforwarding_restart(); -} - -if (defined $stop_dnsforwarding) { - dnsforwarding_stop(); -} - -if (defined $restart_dnsforwarding) { - dnsforwarding_restart(); -} - -exit 0; - -# end of file - -- cgit v1.2.3