1 -- Copyright 2008 Steven Barth <steven@midlink.org>
2 -- Licensed to the public under the Apache License 2.0.
4 local ipc = require "luci.ip"
5 local sys = require "luci.sys"
9 m = Map("dhcp", translate("DHCP and DNS"),
10 translate("Dnsmasq is a combined <abbr title=\"Dynamic Host Configuration Protocol" ..
11 "\">DHCP</abbr>-Server and <abbr title=\"Domain Name System\">DNS</abbr>-" ..
12 "Forwarder for <abbr title=\"Network Address Translation\">NAT</abbr> " ..
15 s = m:section(TypedSection, "dnsmasq", translate("Server Settings"))
19 s:tab("general", translate("General Settings"))
20 s:tab("files", translate("Resolv and Hosts Files"))
21 s:tab("tftp", translate("TFTP Settings"))
22 s:tab("advanced", translate("Advanced Settings"))
24 s:taboption("general", Flag, "domainneeded",
25 translate("Domain required"),
26 translate("Don't forward <abbr title=\"Domain Name System\">DNS</abbr>-Requests without " ..
27 "<abbr title=\"Domain Name System\">DNS</abbr>-Name"))
29 s:taboption("general", Flag, "authoritative",
30 translate("Authoritative"),
31 translate("This is the only <abbr title=\"Dynamic Host Configuration Protocol\">DHCP</" ..
32 "abbr> in the local network"))
35 s:taboption("files", Flag, "readethers",
36 translate("Use <code>/etc/ethers</code>"),
37 translate("Read <code>/etc/ethers</code> to configure the <abbr title=\"Dynamic Host " ..
38 "Configuration Protocol\">DHCP</abbr>-Server"))
40 s:taboption("files", Value, "leasefile",
41 translate("Leasefile"),
42 translate("file where given <abbr title=\"Dynamic Host Configuration Protocol\">DHCP</" ..
43 "abbr>-leases will be stored"))
45 s:taboption("files", Flag, "noresolv",
46 translate("Ignore resolve file")).optional = true
48 rf = s:taboption("files", Value, "resolvfile",
49 translate("Resolve file"),
50 translate("local <abbr title=\"Domain Name System\">DNS</abbr> file"))
52 rf:depends("noresolv", "")
56 s:taboption("files", Flag, "nohosts",
57 translate("Ignore <code>/etc/hosts</code>")).optional = true
59 s:taboption("files", DynamicList, "addnhosts",
60 translate("Additional Hosts files")).optional = true
62 qu = s:taboption("advanced", Flag, "quietdhcp",
63 translate("Suppress logging"),
64 translate("Suppress logging of the routine operation of these protocols"))
67 se = s:taboption("advanced", Flag, "sequential_ip",
68 translate("Allocate IP sequentially"),
69 translate("Allocate IP addresses sequentially, starting from the lowest available address"))
72 bp = s:taboption("advanced", Flag, "boguspriv",
73 translate("Filter private"),
74 translate("Do not forward reverse lookups for local networks"))
75 bp.default = bp.enabled
77 s:taboption("advanced", Flag, "filterwin2k",
78 translate("Filter useless"),
79 translate("Do not forward requests that cannot be answered by public name servers"))
82 s:taboption("advanced", Flag, "localise_queries",
83 translate("Localise queries"),
84 translate("Localise hostname depending on the requesting subnet if multiple IPs are available"))
86 local have_dnssec_support = luci.util.checklib("/usr/sbin/dnsmasq", "libhogweed.so")
88 if have_dnssec_support then
89 o = s:taboption("advanced", Flag, "dnssec",
93 o = s:taboption("advanced", Flag, "dnsseccheckunsigned",
94 translate("DNSSEC check unsigned"),
95 translate("Requires upstream supports DNSSEC; verify unsigned domain responses really come from unsigned domains"))
99 s:taboption("general", Value, "local",
100 translate("Local server"),
101 translate("Local domain specification. Names matching this domain are never forwarded and are resolved from DHCP or hosts files only"))
103 s:taboption("general", Value, "domain",
104 translate("Local domain"),
105 translate("Local domain suffix appended to DHCP names and hosts file entries"))
107 s:taboption("advanced", Flag, "expandhosts",
108 translate("Expand hosts"),
109 translate("Add local domain suffix to names served from hosts files"))
111 s:taboption("advanced", Flag, "nonegcache",
112 translate("No negative cache"),
113 translate("Do not cache negative replies, e.g. for not existing domains"))
115 s:taboption("advanced", Value, "serversfile",
116 translate("Additional servers file"),
117 translate("This file may contain lines like 'server=/domain/1.2.3.4' or 'server=1.2.3.4' for"..
118 "domain-specific or full upstream <abbr title=\"Domain Name System\">DNS</abbr> servers."))
120 s:taboption("advanced", Flag, "strictorder",
121 translate("Strict order"),
122 translate("<abbr title=\"Domain Name System\">DNS</abbr> servers will be queried in the " ..
123 "order of the resolvfile")).optional = true
125 s:taboption("advanced", Flag, "allservers",
126 translate("All Servers"),
127 translate("Query all available upstream <abbr title=\"Domain Name System\">DNS</abbr> servers")).optional = true
129 bn = s:taboption("advanced", DynamicList, "bogusnxdomain", translate("Bogus NX Domain Override"),
130 translate("List of hosts that supply bogus NX domain results"))
133 bn.placeholder = "67.215.65.132"
136 s:taboption("general", Flag, "logqueries",
137 translate("Log queries"),
138 translate("Write received DNS requests to syslog")).optional = true
140 df = s:taboption("general", DynamicList, "server", translate("DNS forwardings"),
141 translate("List of <abbr title=\"Domain Name System\">DNS</abbr> " ..
142 "servers to forward requests to"))
145 df.placeholder = "/example.org/10.1.2.3"
148 rp = s:taboption("general", Flag, "rebind_protection",
149 translate("Rebind protection"),
150 translate("Discard upstream RFC1918 responses"))
155 rl = s:taboption("general", Flag, "rebind_localhost",
156 translate("Allow localhost"),
157 translate("Allow upstream responses in the 127.0.0.0/8 range, e.g. for RBL services"))
159 rl:depends("rebind_protection", "1")
162 rd = s:taboption("general", DynamicList, "rebind_domain",
163 translate("Domain whitelist"),
164 translate("List of domains to allow RFC1918 responses for"))
167 rd:depends("rebind_protection", "1")
168 rd.datatype = "host(1)"
169 rd.placeholder = "ihost.netflix.com"
172 pt = s:taboption("advanced", Value, "port",
173 translate("<abbr title=\"Domain Name System\">DNS</abbr> server port"),
174 translate("Listening port for inbound DNS queries"))
181 qp = s:taboption("advanced", Value, "queryport",
182 translate("<abbr title=\"Domain Name System\">DNS</abbr> query port"),
183 translate("Fixed source port for outbound DNS queries"))
187 qp.placeholder = translate("any")
190 lm = s:taboption("advanced", Value, "dhcpleasemax",
191 translate("<abbr title=\"maximal\">Max.</abbr> <abbr title=\"Dynamic Host Configuration " ..
192 "Protocol\">DHCP</abbr> leases"),
193 translate("Maximum allowed number of active DHCP leases"))
196 lm.datatype = "uinteger"
197 lm.placeholder = translate("unlimited")
200 em = s:taboption("advanced", Value, "ednspacket_max",
201 translate("<abbr title=\"maximal\">Max.</abbr> <abbr title=\"Extension Mechanisms for " ..
202 "Domain Name System\">EDNS0</abbr> packet size"),
203 translate("Maximum allowed size of EDNS.0 UDP packets"))
206 em.datatype = "uinteger"
207 em.placeholder = 1280
210 cq = s:taboption("advanced", Value, "dnsforwardmax",
211 translate("<abbr title=\"maximal\">Max.</abbr> concurrent queries"),
212 translate("Maximum allowed number of concurrent DNS queries"))
215 cq.datatype = "uinteger"
218 cs = s:taboption("advanced", Value, "cachesize",
219 translate("Size of DNS query cache"),
220 translate("Number of cached DNS entries (max is 10000, 0 is no caching)"))
222 cs.datatype = "range(0,10000)"
225 s:taboption("tftp", Flag, "enable_tftp",
226 translate("Enable TFTP server")).optional = true
228 tr = s:taboption("tftp", Value, "tftp_root",
229 translate("TFTP server root"),
230 translate("Root directory for files served via TFTP"))
233 tr:depends("enable_tftp", "1")
237 db = s:taboption("tftp", Value, "dhcp_boot",
238 translate("Network boot image"),
239 translate("Filename of the boot image advertised to clients"))
242 db:depends("enable_tftp", "1")
243 db.placeholder = "pxelinux.0"
245 o = s:taboption("general", Flag, "localservice",
246 translate("Local Service Only"),
247 translate("Limit DNS service to subnets interfaces on which we are serving DNS."))
251 o = s:taboption("general", Flag, "nonwildcard",
252 translate("Non-wildcard"),
253 translate("Bind dynamically to interfaces rather than wildcard address (recommended as linux default)"))
257 o = s:taboption("general", DynamicList, "interface",
258 translate("Listen Interfaces"),
259 translate("Limit listening to these interfaces, and loopback."))
262 o = s:taboption("general", DynamicList, "notinterface",
263 translate("Exclude interfaces"),
264 translate("Prevent listening on these interfaces."))
267 m:section(SimpleSection).template = "lease_status"
269 s = m:section(TypedSection, "host", translate("Static Leases"),
270 translate("Static leases are used to assign fixed IP addresses and symbolic hostnames to " ..
271 "DHCP clients. They are also required for non-dynamic interface configurations where " ..
272 "only hosts with a corresponding lease are served.") .. "<br />" ..
273 translate("Use the <em>Add</em> Button to add a new lease entry. The <em>MAC-Address</em> " ..
274 "identifies the host, the <em>IPv4-Address</em> specifies the fixed address to " ..
275 "use, and the <em>Hostname</em> is assigned as a symbolic name to the requesting host. " ..
276 "The optional <em>Lease time</em> can be used to set non-standard host-specific " ..
277 "lease time, e.g. 12h, 3d or infinite."))
281 s.template = "cbi/tblsection"
283 name = s:option(Value, "name", translate("Hostname"))
284 name.datatype = "hostname('strict')"
287 function name.write(self, section, value)
288 Value.write(self, section, value)
289 m:set(section, "dns", "1")
292 function name.remove(self, section)
293 Value.remove(self, section)
294 m:del(section, "dns")
297 mac = s:option(Value, "mac", translate("<abbr title=\"Media Access Control\">MAC</abbr>-Address"))
298 mac.datatype = "list(macaddr)"
301 function mac.cfgvalue(self, section)
302 local val = Value.cfgvalue(self, section)
303 return ipc.checkmac(val) or val
306 ip = s:option(Value, "ip", translate("<abbr title=\"Internet Protocol Version 4\">IPv4</abbr>-Address"))
307 ip.datatype = "or(ip4addr,'ignore')"
309 time = s:option(Value, "leasetime", translate("Lease time"))
312 duid = s:option(Value, "duid", translate("<abbr title=\"The DHCP Unique Identifier\">DUID</abbr>"))
313 duid.datatype = "and(rangelength(20,36),hexstring)"
314 fp = io.open("/var/hosts/odhcpd")
316 for line in fp:lines() do
317 local net_val, duid_val = string.match(line, "# (%S+)%s+(%S+)")
319 duid:value(duid_val, duid_val)
325 hostid = s:option(Value, "hostid", translate("<abbr title=\"Internet Protocol Version 6\">IPv6</abbr>-Suffix (hex)"))
327 sys.net.host_hints(function(m, v4, v6, name)
330 mac:value(m, "%s (%s)" %{ m, name or v4 })
334 function ip.validate(self, value, section)
335 local m = mac:formvalue(section) or ""
336 local n = name:formvalue(section) or ""
337 if value and #n == 0 and #m == 0 then
338 return nil, translate("One of hostname or mac address must be specified!")
340 return Value.validate(self, value, section)