From 778daa753a558283a200e4f817d0e4a3e48ede10 Mon Sep 17 00:00:00 2001
From: Alex Harpin <development@landsofshadow.co.uk>
Date: Wed, 10 Sep 2014 22:21:52 +0100
Subject: vyatta-cfg-system: expand 'set system allow-dhcp-nameservers' logic

Expand the logic in 'set system allow-dhcp-nameservers', so that in
addition to either allowing / denying DHCP related updates to
resolv.conf when the interface changes state, it will also either
add or remove the currently supplied DHCP name-servers depending on
it's state.  This change in name-servers will take place immediately
on commit.

Bug #309 http://bugzilla.vyos.net/show_bug.cgi?id=309
---
 scripts/system/vyatta_update_resolv.pl | 38 +++++++++++++++++++++++-----------
 1 file changed, 26 insertions(+), 12 deletions(-)

(limited to 'scripts/system')

diff --git a/scripts/system/vyatta_update_resolv.pl b/scripts/system/vyatta_update_resolv.pl
index ee14034b..f193fd96 100755
--- a/scripts/system/vyatta_update_resolv.pl
+++ b/scripts/system/vyatta_update_resolv.pl
@@ -25,17 +25,27 @@
 
 use strict;
 use lib "/opt/vyatta/share/perl5/";
-
 use Getopt::Long;
+use Vyatta::Config;
+
 my $dhclient_script = 0;
-GetOptions("dhclient-script=i" => \$dhclient_script);
+my $config_mode = 0;
+GetOptions("dhclient-script=i" => \$dhclient_script,
+           "config-mode=i"     => \$config_mode,
+);
 
-use Vyatta::Config;
 my $vc = new Vyatta::Config();
-
 $vc->setLevel('system');
+
 my @domains;
 my $domain_name = undef;
+my $allow_dhcp_nameservers = '';
+
+if ($config_mode == 1) {
+    $allow_dhcp_nameservers = $vc->returnValue('allow-dhcp-nameservers');
+} else {
+    $allow_dhcp_nameservers = $vc->returnOrigValue('allow-dhcp-nameservers');
+}
 
 if ($dhclient_script == 1) {
     @domains = $vc->returnOrigValues('domain-search domain');
@@ -66,6 +76,7 @@ foreach my $domain (@domains) {
 }
 
 # add domain names received from dhcp client to domain search in /etc/resolv.conf if domain-name not set in CLI
+
 if (!defined($domain_name)) {
     my @dhcp_interfaces_resolv_files = `ls /etc/ | grep resolv.conf.dhclient-new`;
     if ($#dhcp_interfaces_resolv_files >= 0) {
@@ -93,14 +104,16 @@ if ($domain_name && length($domain_name) > 0) {
     $domain = "domain\t\t$domain_name\t\t#line generated by $0\n";
 }
 
-# update /etc/resolv.conf for name-servers received from dhcp client, only done when dhclient-script calls this script
-# and allow-dhcp-nameservers is set to true (default)
-if (($dhclient_script == 1) && ($vc->returnOrigValue('allow-dhcp-nameservers') eq "true")) {
+# update /etc/resolv.conf with name-servers received from dhcp client, done when this script is called
+# with either the dhclient-script (on DHCP changes) or config-mode (allow-dhcp-nameservers) options.
+
+if (($dhclient_script == 1) || ($config_mode == 1)) {
     my @current_dhcp_nameservers;
     my $restart_ntp = 0;
 
-    # code below to add new name-servers received from dhcp client
-
+    # code below to add new name-servers received from dhcp client, but only if allow-dhcp-nameservers 
+    # is set to true (default)
+    
     my @dhcp_interfaces_resolv_files = `ls /etc/ | grep resolv.conf.dhclient-new`;
     if ($#dhcp_interfaces_resolv_files >= 0) {
         my $ns_count = 0;
@@ -127,7 +140,7 @@ if (($dhclient_script == 1) && ($vc->returnOrigValue('allow-dhcp-nameservers') e
                             }
                         }
                     }
-                    if ($ns_in_resolvconf == 0) {
+                    if (($ns_in_resolvconf == 0) && ($allow_dhcp_nameservers eq "true")) {
                         open (my $rf, '>>', '/etc/resolv.conf')
                             or die "$! error trying to overwrite";
                         print $rf "nameserver\t$ns\t\t#nameserver written by $0\n";
@@ -139,7 +152,8 @@ if (($dhclient_script == 1) && ($vc->returnOrigValue('allow-dhcp-nameservers') e
         }
     }
 
-    # code below to remove old name-servers from /etc/resolv.conf that were not received in this response from dhcp-server
+    # code below to remove old name-servers from /etc/resolv.conf that were not received in this response
+    # from dhcp-server, or to remove previous dhcp supplied name-servers if allow-dhcp-nameservers is false
 
     my @nameservers_dhcp_in_resolvconf = `grep 'nameserver written' /etc/resolv.conf`;
     my @dhcp_nameservers_in_resolvconf;
@@ -149,7 +163,7 @@ if (($dhclient_script == 1) && ($vc->returnOrigValue('allow-dhcp-nameservers') e
         $dhcp_nameservers_in_resolvconf[$count_nameservers_in_resolvconf] = $dhcp_nameserver[1];
         $count_nameservers_in_resolvconf++;
     }
-    if ($#current_dhcp_nameservers < 0) {
+    if (($#current_dhcp_nameservers < 0) || ($allow_dhcp_nameservers eq "false")) {
         for my $dhcpnameserver (@dhcp_nameservers_in_resolvconf) {
             my $cmd = "sed -i '/$dhcpnameserver\t/d' /etc/resolv.conf";
             system($cmd);
-- 
cgit v1.2.3