diff options
| author | Hard7Rock <igor_melnyk@ukr.net> | 2021-05-04 07:17:44 +0300 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-10-13 09:36:12 +0200 |
| commit | e84623a1cd284d742d5c8849a75c56c3b178e0ef (patch) | |
| tree | 71c57e1f4f9bee3c07b0c2079778184eccb2eee9 | |
| parent | f4d736112b64933c1849d16072575f665ca9f4c1 (diff) | |
| download | vyos-1x-e84623a1cd284d742d5c8849a75c56c3b178e0ef.tar.gz vyos-1x-e84623a1cd284d742d5c8849a75c56c3b178e0ef.zip | |
dns: T3277: DNS Forwarding - reverse zones for RFC1918 addresses
(cherry picked from commit 0191c089f94455f53f3f234c094891353583f64c)
(cherry picked from commit 8fcff3112b235307b78eb23833c1d646f0e7f9f4)
| -rw-r--r-- | data/templates/dns-forwarding/recursor.conf.tmpl | 9 | ||||
| -rw-r--r-- | interface-definitions/dns-forwarding.xml.in | 6 |
2 files changed, 15 insertions, 0 deletions
diff --git a/data/templates/dns-forwarding/recursor.conf.tmpl b/data/templates/dns-forwarding/recursor.conf.tmpl index d460775c0..be0778993 100644 --- a/data/templates/dns-forwarding/recursor.conf.tmpl +++ b/data/templates/dns-forwarding/recursor.conf.tmpl @@ -28,5 +28,14 @@ local-address={{ listen_address | join(',') }} # dnssec dnssec={{ dnssec }} +{# dns: T3277: #} +{% if no_serve_rfc1918 is defined %} +# serve-rfc1918 +serve-rfc1918=no +{% else %} +# serve-rfc1918 +serve-rfc1918=yes +{% endif %} + forward-zones-file=recursor.forward-zones.conf diff --git a/interface-definitions/dns-forwarding.xml.in b/interface-definitions/dns-forwarding.xml.in index 5d6e25a27..5b0c87597 100644 --- a/interface-definitions/dns-forwarding.xml.in +++ b/interface-definitions/dns-forwarding.xml.in @@ -111,6 +111,12 @@ <valueless/> </properties> </leafNode> + <leafNode name="no-serve-rfc1918"> + <properties> + <help>Makes the server authoritatively not aware of RFC1918 addresses</help> + <valueless/> + </properties> + </leafNode> <leafNode name="allow-from"> <properties> <help>Networks allowed to query this server</help> |