Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

unbound: fix odhcpd link and axfr zone scripts

Browse source 
- fix AXFR zones to delay a potentially large download with ntp-hotplug
- fix odhcpd link script to properly delete expired lease data from DNS

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
This commit is contained in:
Eric Luehrsen 2018-10-23 21:52:49 -04:00
parent 0b548cb73d
commit 04f4ab9b92
4 changed files with 80 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/unbound/Makefile
View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=unbound
PKG_VERSION:=1.8.1
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_LICENSE:=BSD-3-Clause
PKG_LICENSE_FILES:=LICENSE

63
net/unbound/files/odhcpd.awk
View file

@ -18,11 +18,12 @@
# function from dnsmasq and use DHCPv4 MAC to find IPV6 SLAAC hosts.
#
# External Parameters
# "hostfile" = where this script will cache host DNS data
# "conffile" = Unbound configuration left for a restart
# "pipefile" = DNS entries for unbound-control standard input
# "domain" = text domain suffix
# "bslaac" = boolean, use DHCPv4 MAC to find GA and ULA IPV6 SLAAC
# "bisolt" = boolean, format <host>.<network>.<domain>. so you can isolate
# "bconf" = boolean, write conf file format rather than pipe records
# "bconf" = boolean, write conf file with pipe records
#
##############################################################################
@ -66,15 +67,15 @@
if ( bconf == 1 ) {
x = ( "local-data: \"" fqdn ". 300 IN A " adr "\"" ) ;
y = ( "local-data-ptr: \"" adr " 300 " fqdn "\"" ) ;
print ( x "\n" y "\n" ) > hostfile ;
print ( x "\n" y "\n" ) > conffile ;
}
else {
for( i=1; i<=4; i++ ) { qpr = ( ptr[i] "." qpr) ; }
x = ( fqdn ". 300 IN A " adr ) ;
y = ( qpr "in-addr.arpa. 300 IN PTR " fqdn ) ;
print ( x "\n" y ) > hostfile ;
}
# always create the pipe file
for( i=1; i<=4; i++ ) { qpr = ( ptr[i] "." qpr) ; }
x = ( fqdn ". 300 IN A " adr ) ;
y = ( qpr "in-addr.arpa. 300 IN PTR " fqdn ) ;
print ( x "\n" y ) > pipefile ;
if (( bslaac == 1 ) && ( slaac != 0 )) {
@ -100,15 +101,15 @@
if ( bconf == 1 ) {
x = ( "local-data: \"" fqdn ". 300 IN AAAA " adr "\"" ) ;
y = ( "local-data-ptr: \"" adr " 300 " fqdn "\"" ) ;
print ( x "\n" y "\n" ) > hostfile ;
print ( x "\n" y "\n" ) > conffile ;
}
else {
qpr = ipv6_ptr( adr ) ;
x = ( fqdn ". 300 IN AAAA " adr ) ;
y = ( qpr ". 300 IN PTR " fqdn ) ;
print ( x "\n" y ) > hostfile ;
}
# always create the pipe file
qpr = ipv6_ptr( adr ) ;
x = ( fqdn ". 300 IN AAAA " adr ) ;
y = ( qpr ". 300 IN PTR " fqdn ) ;
print ( x "\n" y ) > pipefile ;
}
}
@ -122,32 +123,30 @@
if ( bconf == 1 ) {
x = ( "local-data: \"" fqdn ". 300 IN AAAA " adr "\"" ) ;
y = ( "local-data-ptr: \"" adr " 300 " fqdn "\"" ) ;
print ( x "\n" y "\n" ) > hostfile ;
print ( x "\n" y "\n" ) > conffile ;
}
else {
# only for provided hostnames and full /128 assignments
qpr = ipv6_ptr( adr ) ;
x = ( fqdn ". 300 IN AAAA " adr ) ;
y = ( qpr ". 300 IN PTR " fqdn ) ;
print ( x "\n" y ) > hostfile ;
}
# only for provided hostnames and full /128 assignments
qpr = ipv6_ptr( adr ) ;
x = ( fqdn ". 300 IN AAAA " adr ) ;
y = ( qpr ". 300 IN PTR " fqdn ) ;
print ( x "\n" y ) > pipefile ;
}
if (cdr2 == 128) {
if ( bconf == 1 ) {
x = ( "local-data: \"" fqdn ". 300 IN AAAA " adr2 "\"" ) ;
y = ( "local-data-ptr: \"" adr2 " 300 " fqdn "\"" ) ;
print ( x "\n" y "\n" ) > hostfile ;
print ( x "\n" y "\n" ) > conffile ;
}
else {
# odhcp puts GA and ULA on the same line (position 9 and 10)
qpr2 = ipv6_ptr( adr2 ) ;
x = ( fqdn ". 300 IN AAAA " adr2 ) ;
y = ( qpr2 ". 300 IN PTR " fqdn ) ;
print ( x "\n" y ) > hostfile ;
}
# odhcp puts GA and ULA on the same line (position 9 and 10)
qpr2 = ipv6_ptr( adr2 ) ;
x = ( fqdn ". 300 IN AAAA " adr2 ) ;
y = ( qpr2 ". 300 IN PTR " fqdn ) ;
print ( x "\n" y ) > pipefile ;
}
}

83
net/unbound/files/odhcpd.sh
View file

@ -29,14 +29,6 @@
##############################################################################
odhcpd_zonedata() {
local longconf dateconf
local dns_ls_add=$UB_VARDIR/dhcp_dns.add
local dns_ls_del=$UB_VARDIR/dhcp_dns.del
local dhcp_ls_new=$UB_VARDIR/dhcp_lease.new
local dhcp_ls_old=$UB_VARDIR/dhcp_lease.old
local dhcp_ls_add=$UB_VARDIR/dhcp_lease.add
local dhcp_ls_del=$UB_VARDIR/dhcp_lease.del
local dhcp_link=$( uci_get unbound.@unbound[0].dhcp_link )
local dhcp4_slaac6=$( uci_get unbound.@unbound[0].dhcp4_slaac6 )
local dhcp_domain=$( uci_get unbound.@unbound[0].domain )
@ -45,52 +37,68 @@ odhcpd_zonedata() {
if [ -f "$UB_TOTAL_CONF" -a -f "$dhcp_origin" \
-a "$dhcp_link" = "odhcpd" -a -n "$dhcp_domain" ] ; then
local longconf dateconf
local dns_ls_add=$UB_VARDIR/dhcp_dns.add
local dns_ls_del=$UB_VARDIR/dhcp_dns.del
local dns_ls_new=$UB_VARDIR/dhcp_dns.new
local dns_ls_old=$UB_VARDIR/dhcp_dns.old
local dhcp_ls_new=$UB_VARDIR/dhcp_lease.new
# Capture the lease file which could be changing often
sort $dhcp_origin > $dhcp_ls_new
if [ ! -f $UB_DHCP_CONF -o ! -f $dhcp_ls_old ] ; then
longconf=2
if [ ! -f $UB_DHCP_CONF -o ! -f $dns_ls_old ] ; then
# no old files laying around
longconf=freshstart
else
# incremental at high load or full refresh about each 5 minutes
dateconf=$(( $( date +%s ) - $( date -r $UB_DHCP_CONF +%s ) ))
if [ $dateconf > 150 ] ; then
longconf=1
if [ $dateconf -gt 300 ] ; then
longconf=longtime
else
longconf=0
longconf=increment
fi
fi
if [ $longconf -gt 0 ] ; then
# Go through the messy business of coding up A, AAAA, and PTR records
# This static conf will be available if Unbound restarts asynchronously
awk -v hostfile=$UB_DHCP_CONF -v domain=$dhcp_domain \
-v bslaac=$dhcp4_slaac6 -v bisolt=0 -v bconf=1 \
case $longconf in
freshstart)
awk -v conffile=$UB_DHCP_CONF -v pipefile=$dns_ls_new \
-v domain=$dhcp_domain -v bslaac=$dhcp4_slaac6 \
-v bisolt=0 -v bconf=1 \
-f /usr/lib/unbound/odhcpd.awk $dhcp_ls_new
fi
cp $dns_ls_new $dns_ls_add
cp $dns_ls_new $dns_ls_old
;;
if [ $longconf -lt 2 ] ; then
# Deleting and adding all records into Unbound can be a burden in a
# high density environment. Use unbound-control incrementally.
sort $dhcp_ls_old $dhcp_ls_new $dhcp_ls_new | uniq -u > $dhcp_ls_del
awk -v hostfile=$dns_ls_del -v domain=$dhcp_domain \
-v bslaac=$dhcp4_slaac6 -v bisolt=0 -v bconf=0 \
-f /usr/lib/unbound/odhcpd.awk $dhcp_ls_del
sort $dhcp_ls_new $dhcp_ls_old $dhcp_ls_old | uniq -u > $dhcp_ls_add
awk -v hostfile=$dns_ls_add -v domain=$dhcp_domain \
-v bslaac=$dhcp4_slaac6 -v bisolt=0 -v bconf=0 \
-f /usr/lib/unbound/odhcpd.awk $dhcp_ls_add
else
awk -v hostfile=$dns_ls_add -v domain=$dhcp_domain \
-v bslaac=$dhcp4_slaac6 -v bisolt=0 -v bconf=0 \
longtime)
awk -v conffile=$UB_DHCP_CONF -v pipefile=$dns_ls_new \
-v domain=$dhcp_domain -v bslaac=$dhcp4_slaac6 \
-v bisolt=0 -v bconf=1 \
-f /usr/lib/unbound/odhcpd.awk $dhcp_ls_new
fi
awk '{ print $1 }' $dns_ls_old | sort | uniq > $dns_ls_del
cp $dns_ls_new $dns_ls_add
cp $dns_ls_new $dns_ls_old
;;
*)
# incremental add and prepare the old list for delete later
# unbound-control can be slow so high DHCP rates cannot run a full list
awk -v conffile=$UB_DHCP_CONF -v pipefile=$dns_ls_new \
-v domain=$dhcp_domain -v bslaac=$dhcp4_slaac6 \
-v bisolt=0 -v bconf=0 \
-f /usr/lib/unbound/odhcpd.awk $dhcp_ls_new
sort $dns_ls_new $dns_ls_old $dns_ls_old | uniq -u > $dns_ls_add
sort $dns_ls_new $dns_ls_old | uniq > $dns_ls_old
;;
esac
if [ -f "$dns_ls_del" ] ; then
@ -104,8 +112,7 @@ odhcpd_zonedata() {
# prepare next round
mv $dhcp_ls_new $dhcp_ls_old
rm -f $dns_ls_del $dns_ls_add $dhcp_ls_del $dhcp_ls_add
rm -f $dns_ls_new $dns_ls_del $dns_ls_add $dhcp_ls_new
fi
}

4
net/unbound/files/unbound.sh
View file

@ -422,8 +422,10 @@ unbound_zone() {
case $zone_type in
auth_zone)
if [ -n "$UB_LIST_ZONE_NAMES" \
if [ "$UB_B_NTP_BOOT" -eq 0 -a -n "$UB_LIST_ZONE_NAMES" \
-a \( -n "$url_dir" -o -n "$UB_LIST_ZONE_SERVERS" \) ] ; then
# Note AXFR may have large downloads. If NTP restart is configured,
# then this can cause procd to force a process kill.
for zone_name in $UB_LIST_ZONE_NAMES ; do
if [ "$zone_name" = "." ] ; then
zone_sym=.