From e84623a1cd284d742d5c8849a75c56c3b178e0ef Mon Sep 17 00:00:00 2001
From: Hard7Rock <igor_melnyk@ukr.net>
Date: Tue, 4 May 2021 07:17:44 +0300
Subject: dns: T3277: DNS Forwarding - reverse zones for RFC1918 addresses

(cherry picked from commit 0191c089f94455f53f3f234c094891353583f64c)
(cherry picked from commit 8fcff3112b235307b78eb23833c1d646f0e7f9f4)
---
 data/templates/dns-forwarding/recursor.conf.tmpl | 9 +++++++++
 interface-definitions/dns-forwarding.xml.in      | 6 ++++++
 2 files changed, 15 insertions(+)

diff --git a/data/templates/dns-forwarding/recursor.conf.tmpl b/data/templates/dns-forwarding/recursor.conf.tmpl
index d460775c0..be0778993 100644
--- a/data/templates/dns-forwarding/recursor.conf.tmpl
+++ b/data/templates/dns-forwarding/recursor.conf.tmpl
@@ -28,5 +28,14 @@ local-address={{ listen_address | join(',') }}
 # dnssec
 dnssec={{ dnssec }}
 
+{# dns: T3277: #}
+{% if no_serve_rfc1918 is defined %}
+# serve-rfc1918
+serve-rfc1918=no
+{% else %}
+# serve-rfc1918
+serve-rfc1918=yes
+{% endif %}
+
 forward-zones-file=recursor.forward-zones.conf
 
diff --git a/interface-definitions/dns-forwarding.xml.in b/interface-definitions/dns-forwarding.xml.in
index 5d6e25a27..5b0c87597 100644
--- a/interface-definitions/dns-forwarding.xml.in
+++ b/interface-definitions/dns-forwarding.xml.in
@@ -111,6 +111,12 @@
                   <valueless/>
                 </properties>
               </leafNode>
+              <leafNode name="no-serve-rfc1918">
+                <properties>
+                  <help>Makes the server authoritatively not aware of RFC1918 addresses</help>
+		  <valueless/>
+                </properties>
+              </leafNode>
               <leafNode name="allow-from">
                 <properties>
                   <help>Networks allowed to query this server</help>
-- 
cgit v1.2.3