modules/luci-mod-network/luasrc/model/cbi/admin_network/dhcp.lua

   1 -- Copyright 2008 Steven Barth <steven@midlink.org>
   2 -- Licensed to the public under the Apache License 2.0.
   3
   4 local ipc = require "luci.ip"
   5 local sys = require "luci.sys"
   6 local o
   7 require "luci.util"
   8
   9 m = Map("dhcp", translate("DHCP and DNS"),
  10         translate("Dnsmasq is a combined <abbr title=\"Dynamic Host Configuration Protocol" ..
  11                 "\">DHCP</abbr>-Server and <abbr title=\"Domain Name System\">DNS</abbr>-" ..
  12                 "Forwarder for <abbr title=\"Network Address Translation\">NAT</abbr> " ..
  13                 "firewalls"))
  14
  15 s = m:section(TypedSection, "dnsmasq", translate("Server Settings"))
  16 s.anonymous = true
  17 s.addremove = false
  18
  19 s:tab("general", translate("General Settings"))
  20 s:tab("files", translate("Resolv and Hosts Files"))
  21 s:tab("tftp", translate("TFTP Settings"))
  22 s:tab("advanced", translate("Advanced Settings"))
  23
  24 s:taboption("general", Flag, "domainneeded",
  25         translate("Domain required"),
  26         translate("Don't forward <abbr title=\"Domain Name System\">DNS</abbr>-Requests without " ..
  27                 "<abbr title=\"Domain Name System\">DNS</abbr>-Name"))
  28
  29 s:taboption("general", Flag, "authoritative",
  30         translate("Authoritative"),
  31         translate("This is the only <abbr title=\"Dynamic Host Configuration Protocol\">DHCP</" ..
  32                 "abbr> in the local network"))
  33
  34
  35 s:taboption("files", Flag, "readethers",
  36         translate("Use <code>/etc/ethers</code>"),
  37         translate("Read <code>/etc/ethers</code> to configure the <abbr title=\"Dynamic Host " ..
  38                 "Configuration Protocol\">DHCP</abbr>-Server"))
  39
  40 s:taboption("files", Value, "leasefile",
  41         translate("Leasefile"),
  42         translate("file where given <abbr title=\"Dynamic Host Configuration Protocol\">DHCP</" ..
  43                 "abbr>-leases will be stored"))
  44
  45 s:taboption("files", Flag, "noresolv",
  46         translate("Ignore resolve file")).optional = true
  47
  48 rf = s:taboption("files", Value, "resolvfile",
  49         translate("Resolve file"),
  50         translate("local <abbr title=\"Domain Name System\">DNS</abbr> file"))
  51
  52 rf:depends("noresolv", "")
  53 rf.optional = true
  54
  55
  56 s:taboption("files", Flag, "nohosts",
  57         translate("Ignore <code>/etc/hosts</code>")).optional = true
  58
  59 s:taboption("files", DynamicList, "addnhosts",
  60         translate("Additional Hosts files")).optional = true
  61
  62 qu = s:taboption("advanced", Flag, "quietdhcp",
  63         translate("Suppress logging"),
  64         translate("Suppress logging of the routine operation of these protocols"))
  65 qu.optional = true
  66
  67 se = s:taboption("advanced", Flag, "sequential_ip",
  68         translate("Allocate IP sequentially"),
  69         translate("Allocate IP addresses sequentially, starting from the lowest available address"))
  70 se.optional = true
  71
  72 bp = s:taboption("advanced", Flag, "boguspriv",
  73         translate("Filter private"),
  74         translate("Do not forward reverse lookups for local networks"))
  75 bp.default = bp.enabled
  76
  77 s:taboption("advanced", Flag, "filterwin2k",
  78         translate("Filter useless"),
  79         translate("Do not forward requests that cannot be answered by public name servers"))
  80
  81
  82 s:taboption("advanced", Flag, "localise_queries",
  83         translate("Localise queries"),
  84         translate("Localise hostname depending on the requesting subnet if multiple IPs are available"))
  85
  86 local have_dnssec_support = luci.util.checklib("/usr/sbin/dnsmasq", "libhogweed.so")
  87
  88 if have_dnssec_support then
  89         o = s:taboption("advanced", Flag, "dnssec",
  90                 translate("DNSSEC"))
  91         o.optional = true
  92
  93         o = s:taboption("advanced", Flag, "dnsseccheckunsigned",
  94                 translate("DNSSEC check unsigned"),
  95                 translate("Requires upstream supports DNSSEC; verify unsigned domain responses really come from unsigned domains"))
  96         o.optional = true
  97 end
  98
  99 s:taboption("general", Value, "local",
 100         translate("Local server"),
 101         translate("Local domain specification. Names matching this domain are never forwarded and are resolved from DHCP or hosts files only"))
 102
 103 s:taboption("general", Value, "domain",
 104         translate("Local domain"),
 105         translate("Local domain suffix appended to DHCP names and hosts file entries"))
 106
 107 s:taboption("advanced", Flag, "expandhosts",
 108         translate("Expand hosts"),
 109         translate("Add local domain suffix to names served from hosts files"))
 110
 111 s:taboption("advanced", Flag, "nonegcache",
 112         translate("No negative cache"),
 113         translate("Do not cache negative replies, e.g. for not existing domains"))
 114
 115 s:taboption("advanced", Value, "serversfile",
 116         translate("Additional servers file"),
 117         translate("This file may contain lines like 'server=/domain/1.2.3.4' or 'server=1.2.3.4' for"..
 118                 "domain-specific or full upstream <abbr title=\"Domain Name System\">DNS</abbr> servers."))
 119
 120 s:taboption("advanced", Flag, "strictorder",
 121         translate("Strict order"),
 122         translate("<abbr title=\"Domain Name System\">DNS</abbr> servers will be queried in the " ..
 123                 "order of the resolvfile")).optional = true
 124
 125 s:taboption("advanced", Flag, "allservers",
 126         translate("All Servers"),
 127         translate("Query all available upstream <abbr title=\"Domain Name System\">DNS</abbr> servers")).optional = true
 128
 129 bn = s:taboption("advanced", DynamicList, "bogusnxdomain", translate("Bogus NX Domain Override"),
 130         translate("List of hosts that supply bogus NX domain results"))
 131
 132 bn.optional = true
 133 bn.placeholder = "67.215.65.132"
 134
 135
 136 s:taboption("general", Flag, "logqueries",
 137         translate("Log queries"),
 138         translate("Write received DNS requests to syslog")).optional = true
 139
 140 df = s:taboption("general", DynamicList, "server", translate("DNS forwardings"),
 141         translate("List of <abbr title=\"Domain Name System\">DNS</abbr> " ..
 142                         "servers to forward requests to"))
 143
 144 df.optional = true
 145 df.placeholder = "/example.org/10.1.2.3"
 146
 147
 148 rp = s:taboption("general", Flag, "rebind_protection",
 149         translate("Rebind protection"),
 150         translate("Discard upstream RFC1918 responses"))
 151
 152 rp.rmempty = false
 153
 154
 155 rl = s:taboption("general", Flag, "rebind_localhost",
 156         translate("Allow localhost"),
 157         translate("Allow upstream responses in the 127.0.0.0/8 range, e.g. for RBL services"))
 158
 159 rl:depends("rebind_protection", "1")
 160
 161
 162 rd = s:taboption("general", DynamicList, "rebind_domain",
 163         translate("Domain whitelist"),
 164         translate("List of domains to allow RFC1918 responses for"))
 165 rd.optional = true
 166
 167 rd:depends("rebind_protection", "1")
 168 rd.datatype = "host(1)"
 169 rd.placeholder = "ihost.netflix.com"
 170
 171
 172 pt = s:taboption("advanced", Value, "port",
 173         translate("<abbr title=\"Domain Name System\">DNS</abbr> server port"),
 174         translate("Listening port for inbound DNS queries"))
 175
 176 pt.optional = true
 177 pt.datatype = "port"
 178 pt.placeholder = 53
 179
 180
 181 qp = s:taboption("advanced", Value, "queryport",
 182         translate("<abbr title=\"Domain Name System\">DNS</abbr> query port"),
 183         translate("Fixed source port for outbound DNS queries"))
 184
 185 qp.optional = true
 186 qp.datatype = "port"
 187 qp.placeholder = translate("any")
 188
 189
 190 lm = s:taboption("advanced", Value, "dhcpleasemax",
 191         translate("<abbr title=\"maximal\">Max.</abbr> <abbr title=\"Dynamic Host Configuration " ..
 192                 "Protocol\">DHCP</abbr> leases"),
 193         translate("Maximum allowed number of active DHCP leases"))
 194
 195 lm.optional = true
 196 lm.datatype = "uinteger"
 197 lm.placeholder = translate("unlimited")
 198
 199
 200 em = s:taboption("advanced", Value, "ednspacket_max",
 201         translate("<abbr title=\"maximal\">Max.</abbr> <abbr title=\"Extension Mechanisms for " ..
 202                 "Domain Name System\">EDNS0</abbr> packet size"),
 203         translate("Maximum allowed size of EDNS.0 UDP packets"))
 204
 205 em.optional = true
 206 em.datatype = "uinteger"
 207 em.placeholder = 1280
 208
 209
 210 cq = s:taboption("advanced", Value, "dnsforwardmax",
 211         translate("<abbr title=\"maximal\">Max.</abbr> concurrent queries"),
 212         translate("Maximum allowed number of concurrent DNS queries"))
 213
 214 cq.optional = true
 215 cq.datatype = "uinteger"
 216 cq.placeholder = 150
 217
 218 cs = s:taboption("advanced", Value, "cachesize",
 219         translate("Size of DNS query cache"),
 220         translate("Number of cached DNS entries (max is 10000, 0 is no caching)"))
 221 cs.optional = true
 222 cs.datatype = "range(0,10000)"
 223 cs.placeholder = 150
 224
 225 s:taboption("tftp", Flag, "enable_tftp",
 226         translate("Enable TFTP server")).optional = true
 227
 228 tr = s:taboption("tftp", Value, "tftp_root",
 229         translate("TFTP server root"),
 230         translate("Root directory for files served via TFTP"))
 231
 232 tr.optional = true
 233 tr:depends("enable_tftp", "1")
 234 tr.placeholder = "/"
 235
 236
 237 db = s:taboption("tftp", Value, "dhcp_boot",
 238         translate("Network boot image"),
 239         translate("Filename of the boot image advertised to clients"))
 240
 241 db.optional = true
 242 db:depends("enable_tftp", "1")
 243 db.placeholder = "pxelinux.0"
 244
 245 o = s:taboption("general", Flag, "localservice",
 246         translate("Local Service Only"),
 247         translate("Limit DNS service to subnets interfaces on which we are serving DNS."))
 248 o.optional = false
 249 o.rmempty = false
 250
 251 o = s:taboption("general", Flag, "nonwildcard",
 252         translate("Non-wildcard"),
 253         translate("Bind dynamically to interfaces rather than wildcard address (recommended as linux default)"))
 254 o.optional = false
 255 o.rmempty = true
 256
 257 o = s:taboption("general", DynamicList, "interface",
 258         translate("Listen Interfaces"),
 259         translate("Limit listening to these interfaces, and loopback."))
 260 o.optional = true
 261
 262 o = s:taboption("general", DynamicList, "notinterface",
 263         translate("Exclude interfaces"),
 264         translate("Prevent listening on these interfaces."))
 265 o.optional = true
 266
 267 m:section(SimpleSection).template = "lease_status"
 268
 269 s = m:section(TypedSection, "host", translate("Static Leases"),
 270         translate("Static leases are used to assign fixed IP addresses and symbolic hostnames to " ..
 271                 "DHCP clients. They are also required for non-dynamic interface configurations where " ..
 272                 "only hosts with a corresponding lease are served.") .. "<br />" ..
 273         translate("Use the <em>Add</em> Button to add a new lease entry. The <em>MAC-Address</em> " ..
 274                 "identifies the host, the <em>IPv4-Address</em> specifies the fixed address to " ..
 275                 "use, and the <em>Hostname</em> is assigned as a symbolic name to the requesting host. " ..
 276                 "The optional <em>Lease time</em> can be used to set non-standard host-specific " ..
 277                 "lease time, e.g. 12h, 3d or infinite."))
 278
 279 s.addremove = true
 280 s.anonymous = true
 281 s.template = "cbi/tblsection"
 282
 283 name = s:option(Value, "name", translate("Hostname"))
 284 name.datatype = "hostname('strict')"
 285 name.rmempty  = true
 286
 287 function name.write(self, section, value)
 288         Value.write(self, section, value)
 289         m:set(section, "dns", "1")
 290 end
 291
 292 function name.remove(self, section)
 293         Value.remove(self, section)
 294         m:del(section, "dns")
 295 end
 296
 297 mac = s:option(Value, "mac", translate("<abbr title=\"Media Access Control\">MAC</abbr>-Address"))
 298 mac.datatype = "list(macaddr)"
 299 mac.rmempty  = true
 300
 301 function mac.cfgvalue(self, section)
 302         local val = Value.cfgvalue(self, section)
 303         return ipc.checkmac(val) or val
 304 end
 305
 306 ip = s:option(Value, "ip", translate("<abbr title=\"Internet Protocol Version 4\">IPv4</abbr>-Address"))
 307 ip.datatype = "or(ip4addr,'ignore')"
 308
 309 time = s:option(Value, "leasetime", translate("Lease time"))
 310 time.rmempty = true
 311
 312 duid = s:option(Value, "duid", translate("<abbr title=\"The DHCP Unique Identifier\">DUID</abbr>"))
 313 duid.datatype = "and(rangelength(20,36),hexstring)"
 314 fp = io.open("/var/hosts/odhcpd")
 315 if fp then
 316         for line in fp:lines() do
 317                 local net_val, duid_val = string.match(line, "# (%S+)%s+(%S+)")
 318                 if duid_val then
 319                         duid:value(duid_val, duid_val)
 320                 end
 321         end
 322         fp:close()
 323 end
 324
 325 hostid = s:option(Value, "hostid", translate("<abbr title=\"Internet Protocol Version 6\">IPv6</abbr>-Suffix (hex)"))
 326
 327 sys.net.host_hints(function(m, v4, v6, name)
 328         if m and v4 then
 329                 ip:value(v4)
 330                 mac:value(m, "%s (%s)" %{ m, name or v4 })
 331         end
 332 end)
 333
 334 function ip.validate(self, value, section)
 335         local m = mac:formvalue(section) or ""
 336         local n = name:formvalue(section) or ""
 337         if value and #n == 0 and #m == 0 then
 338                 return nil, translate("One of hostname or mac address must be specified!")
 339         end
 340         return Value.validate(self, value, section)
 341 end
 342
 343
 344 return m