upstream/opnsense-plugins
1
0
Fork 0
mirror of https://github.com/opnsense/plugins.git synced 2026-05-28 04:34:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

dns/dnscrypt-proxy: change this like bind

Browse source 
All DNS ports that listen on localhost for both IPv4 and IPv6
are reported to the service framework to be picked up by the
core in search of a DNS service to use.
This commit is contained in:
Franco Fichtner 2023-03-29 09:07:36 +02:00
parent a69fa0d77d
commit 3b94eef990
3 changed files with 19 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
dns/dnscrypt-proxy/Makefile
View file

@ -1,6 +1,5 @@
PLUGIN_NAME= dnscrypt-proxy
PLUGIN_VERSION= 1.12
PLUGIN_REVISION= 2
PLUGIN_VERSION= 1.13
PLUGIN_COMMENT= Flexible DNS proxy supporting DNSCrypt and DoH
PLUGIN_DEPENDS= dnscrypt-proxy2
PLUGIN_MAINTAINER= m.muenz@gmail.com

4
dns/dnscrypt-proxy/pkg-descr
View file

@ -5,6 +5,10 @@ such as DNSCrypt v2 and DNS-over-HTTPS.
Plugin Changelog
================
1.13
* Add necessary hooks to allow the plugin to be used as a standalone core DNS server
1.12
* Support specifying relays for anonymous DNS

17
dns/dnscrypt-proxy/src/etc/inc/plugins.inc.d/dnscryptproxy.inc
View file

@ -50,13 +50,25 @@ function dnscryptproxy_services()
$model = new \OPNsense\Dnscryptproxy\General();
$ports = [];
/*
* DNS service is eligable for core use when both 127.0.0.1 and ::1 are set.
* In order to provide dual stack ports we need to intersect the resulting
* ports for each address family.
*/
$localhost4 = [];
$localhost6 = [];
foreach (explode(',', (string)$model->listen_addresses) as $addrport) {
if (preg_match('/^(\[.+\]|[\d\.]+):([\d]+)$/', $addrport, $matches)) {
$ports[$matches[2]] = 1;
if (preg_match('/^127\.0\.0\.1:([\d]+)$/', $addrport, $matches)) {
$localhost4[$matches[1]] = 1;
} elseif (preg_match('/^\[::1\]:([\d]+)$/', $addrport, $matches)) {
$localhost6[$matches[1]] = 1;
}
}
$services[] = [
/* the port may still be something other than 53, but it's safe to register a conflict for it */
'ports' => array_keys(array_intersect_key($localhost4, $localhost6)),
'description' => gettext('DNSCrypt-Proxy'),
'configd' => [
'restart' => ['dnscryptproxy restart'],
@ -64,7 +76,6 @@ function dnscryptproxy_services()
'stop' => ['dnscryptproxy stop'],
],
'pid' => '/var/run/dnscrypt-proxy.pid',
'ports' => array_keys($ports),
'name' => 'dnscrypt-proxy',
];