From de6c43a8d395cb2af7c79d0fcc3e85d149725a2a Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 1 Mar 2017 10:46:20 +0100 Subject: [PATCH 1/9] Setup interface listening behavior of dnsmasq --- advanced/Scripts/webpage.sh | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 04644f2d..8f813d4b 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -27,6 +27,11 @@ helpFunc() { ::: -f, fahrenheit Set Fahrenheit temperature unit ::: -k, kelvin Set Kelvin temperature unit ::: -h, --help Show this help dialog +::: listening Setup interface listening behavior of dnsmasq +::: pihole -a listening allinterfaces : Listen on all interfaces, permit all origins +::: pihole -a listening gravityinterface : Listen only on one interface (see PIHOLE_INTERFACE) +::: pihole -a listening localsubnets : Listen only on all interfaces, but allow only +::: devices that at most one hop away (local devices) EOM exit 0 } @@ -133,6 +138,22 @@ trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE3 add_dnsmasq_setting "host-record" "${HOSTRECORD}" fi + # Setup interface listening behavior of dnsmasq + delete_dnsmasq_setting "interface" + delete_dnsmasq_setting "local-service" + + if [[ "${DNSMASQ_LISTENING}" == "allinterfaces" ]]; then + # Listen on all interfaces, permit all origins + # Leave a comment in 01-pihole.conf + add_dnsmasq_setting "# Listening on all interfaces" + elif [[ "${DNSMASQ_LISTENING}" == "gravityinterface" ]]; then + # Listen only on one interface + add_dnsmasq_setting "interface" "${PIHOLE_INTERFACE}" + else + # Listen only on all interfaces, but only local subnets + add_dnsmasq_setting "local-service" + fi + } SetDNSServers(){ @@ -365,6 +386,18 @@ SetHostRecord(){ } +SetListeningMode(){ + + if [[ "${args[2]}" == "allinterfaces" ]] ; then + change_setting "DNSMASQ_LISTENING" "allinterfaces" + elif [[ "${args[2]}" == "gravityinterface" ]] ; then + change_setting "DNSMASQ_LISTENING" "gravityinterface" + else + change_setting "DNSMASQ_LISTENING" "localsubnets" + fi + +} + main() { args=("$@") @@ -389,6 +422,7 @@ main() { "addstaticdhcp" ) AddDHCPStaticAddress;; "removestaticdhcp" ) RemoveDHCPStaticAddress;; "hostrecord" ) SetHostRecord;; + "listening" ) SetListeningMode;; * ) helpFunc;; esac From bd9dc91396cc98f2d5fb00217b1fbae31c029c1f Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 1 Mar 2017 10:50:13 +0100 Subject: [PATCH 2/9] Add response for users manually setting this up via CLI --- advanced/Scripts/webpage.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 8f813d4b..4dc22711 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -30,7 +30,7 @@ helpFunc() { ::: listening Setup interface listening behavior of dnsmasq ::: pihole -a listening allinterfaces : Listen on all interfaces, permit all origins ::: pihole -a listening gravityinterface : Listen only on one interface (see PIHOLE_INTERFACE) -::: pihole -a listening localsubnets : Listen only on all interfaces, but allow only +::: pihole -a listening localsubnets : Listen on all interfaces, but allow only queries from ::: devices that at most one hop away (local devices) EOM exit 0 @@ -388,11 +388,16 @@ SetHostRecord(){ SetListeningMode(){ + source "${setupVars}" + if [[ "${args[2]}" == "allinterfaces" ]] ; then + echo "Listening on all interfaces, permiting all origins" change_setting "DNSMASQ_LISTENING" "allinterfaces" elif [[ "${args[2]}" == "gravityinterface" ]] ; then + echo "Listening only on interface ${PIHOLE_INTERFACE}" change_setting "DNSMASQ_LISTENING" "gravityinterface" else + echo "Listening on all interfaces, permitting only origins that at most one hop away (local devices)" change_setting "DNSMASQ_LISTENING" "localsubnets" fi From 721ada7e16fd30af279c62fdb96879af4fe138db Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 1 Mar 2017 10:52:21 +0100 Subject: [PATCH 3/9] Fix typo --- advanced/Scripts/webpage.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 4dc22711..1a05497b 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -31,7 +31,7 @@ helpFunc() { ::: pihole -a listening allinterfaces : Listen on all interfaces, permit all origins ::: pihole -a listening gravityinterface : Listen only on one interface (see PIHOLE_INTERFACE) ::: pihole -a listening localsubnets : Listen on all interfaces, but allow only queries from -::: devices that at most one hop away (local devices) +::: devices that are at most one hop away (local devices) EOM exit 0 } @@ -397,7 +397,7 @@ SetListeningMode(){ echo "Listening only on interface ${PIHOLE_INTERFACE}" change_setting "DNSMASQ_LISTENING" "gravityinterface" else - echo "Listening on all interfaces, permitting only origins that at most one hop away (local devices)" + echo "Listening on all interfaces, permitting only origins that are at most one hop away (local devices)" change_setting "DNSMASQ_LISTENING" "localsubnets" fi From 01273124ea033506764f410da5934cdf220c6b7b Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 1 Mar 2017 10:59:55 +0100 Subject: [PATCH 4/9] Change to -i, interface --- advanced/Scripts/webpage.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 1a05497b..df1bd3b2 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -27,11 +27,11 @@ helpFunc() { ::: -f, fahrenheit Set Fahrenheit temperature unit ::: -k, kelvin Set Kelvin temperature unit ::: -h, --help Show this help dialog -::: listening Setup interface listening behavior of dnsmasq -::: pihole -a listening allinterfaces : Listen on all interfaces, permit all origins -::: pihole -a listening gravityinterface : Listen only on one interface (see PIHOLE_INTERFACE) -::: pihole -a listening localsubnets : Listen on all interfaces, but allow only queries from -::: devices that are at most one hop away (local devices) +::: -i, interface Setup interface listening behavior of dnsmasq +::: pihole -a -i all : Listen on all interfaces, permit all origins +::: pihole -a -i single : Listen only on one interface (see PIHOLE_INTERFACE) +::: pihole -a -i local : Listen on all interfaces, but allow only queries from +::: devices that are at most one hop away (local devices) EOM exit 0 } @@ -142,11 +142,11 @@ trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE3 delete_dnsmasq_setting "interface" delete_dnsmasq_setting "local-service" - if [[ "${DNSMASQ_LISTENING}" == "allinterfaces" ]]; then + if [[ "${DNSMASQ_LISTENING}" == "all" ]]; then # Listen on all interfaces, permit all origins # Leave a comment in 01-pihole.conf add_dnsmasq_setting "# Listening on all interfaces" - elif [[ "${DNSMASQ_LISTENING}" == "gravityinterface" ]]; then + elif [[ "${DNSMASQ_LISTENING}" == "single" ]]; then # Listen only on one interface add_dnsmasq_setting "interface" "${PIHOLE_INTERFACE}" else @@ -390,10 +390,10 @@ SetListeningMode(){ source "${setupVars}" - if [[ "${args[2]}" == "allinterfaces" ]] ; then - echo "Listening on all interfaces, permiting all origins" + if [[ "${args[2]}" == "all" ]] ; then + echo "Listening on all interfaces, permiting all origins, hope you have a firewall!" change_setting "DNSMASQ_LISTENING" "allinterfaces" - elif [[ "${args[2]}" == "gravityinterface" ]] ; then + elif [[ "${args[2]}" == "single" ]] ; then echo "Listening only on interface ${PIHOLE_INTERFACE}" change_setting "DNSMASQ_LISTENING" "gravityinterface" else @@ -427,7 +427,7 @@ main() { "addstaticdhcp" ) AddDHCPStaticAddress;; "removestaticdhcp" ) RemoveDHCPStaticAddress;; "hostrecord" ) SetHostRecord;; - "listening" ) SetListeningMode;; + "-i" | "interface" ) SetListeningMode;; * ) helpFunc;; esac From b74862bfc57ea90b4ae807c5aae59247f091219c Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 1 Mar 2017 11:02:08 +0100 Subject: [PATCH 5/9] Actually apply new setting by restarting dnsmasq --- advanced/Scripts/webpage.sh | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index df1bd3b2..f10e9dca 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -392,15 +392,20 @@ SetListeningMode(){ if [[ "${args[2]}" == "all" ]] ; then echo "Listening on all interfaces, permiting all origins, hope you have a firewall!" - change_setting "DNSMASQ_LISTENING" "allinterfaces" + change_setting "DNSMASQ_LISTENING" "all" elif [[ "${args[2]}" == "single" ]] ; then echo "Listening only on interface ${PIHOLE_INTERFACE}" - change_setting "DNSMASQ_LISTENING" "gravityinterface" + change_setting "DNSMASQ_LISTENING" "single" else echo "Listening on all interfaces, permitting only origins that are at most one hop away (local devices)" - change_setting "DNSMASQ_LISTENING" "localsubnets" + change_setting "DNSMASQ_LISTENING" "local" fi + ProcessDNSSettings + + # Restart dnsmasq to load new configuration + RestartDNS + } main() { From 3adf8785d8c11dc091c27b00d2b13c6aa1c8d905 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 1 Mar 2017 11:07:05 +0100 Subject: [PATCH 6/9] Move "all" down in help text to not suggest that it is the default --- advanced/Scripts/webpage.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index f10e9dca..e971e87e 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -28,10 +28,10 @@ helpFunc() { ::: -k, kelvin Set Kelvin temperature unit ::: -h, --help Show this help dialog ::: -i, interface Setup interface listening behavior of dnsmasq -::: pihole -a -i all : Listen on all interfaces, permit all origins -::: pihole -a -i single : Listen only on one interface (see PIHOLE_INTERFACE) ::: pihole -a -i local : Listen on all interfaces, but allow only queries from -::: devices that are at most one hop away (local devices) +::: devices that are at most one hop away (local devices) +::: pihole -a -i single : Listen only on one interface (see PIHOLE_INTERFACE) +::: pihole -a -i all : Listen on all interfaces, permit all origins EOM exit 0 } From 189a4e0078901e22b1a77b8d00240fdb0e3abb99 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 1 Mar 2017 11:26:06 +0100 Subject: [PATCH 7/9] Add option to skip restarting of dnsmasq --- advanced/Scripts/webpage.sh | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index e971e87e..72e529fc 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -401,10 +401,13 @@ SetListeningMode(){ change_setting "DNSMASQ_LISTENING" "local" fi - ProcessDNSSettings - - # Restart dnsmasq to load new configuration - RestartDNS + # Don't restart DNS server yet because other settings + # will be applied afterwards if "-web" is set + if [[ "${args[3]}" != "-web" ]]; then + ProcessDNSSettings + # Restart dnsmasq to load new configuration + RestartDNS + fi } From 0be1717ff407ef7449e78bcc863a8feb4798013a Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 1 Mar 2017 11:46:48 +0100 Subject: [PATCH 8/9] Fix config error --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 72e529fc..d06f5066 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -134,7 +134,7 @@ trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE3 delete_dnsmasq_setting "host-record" - if [ -n "${#HOSTRECORD}" ]; then + if [ ! -z "${HOSTRECORD+x}" ]; then add_dnsmasq_setting "host-record" "${HOSTRECORD}" fi From 7ba47f504cb82993a3726f1c907889bb7c17fd5a Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 1 Mar 2017 12:15:04 +0100 Subject: [PATCH 9/9] Add special "except-interface" line in case of listening on all interfaces --- advanced/Scripts/webpage.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index d06f5066..70410d85 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -146,6 +146,7 @@ trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE3 # Listen on all interfaces, permit all origins # Leave a comment in 01-pihole.conf add_dnsmasq_setting "# Listening on all interfaces" + add_dnsmasq_setting "except-interface" "nonexisting" elif [[ "${DNSMASQ_LISTENING}" == "single" ]]; then # Listen only on one interface add_dnsmasq_setting "interface" "${PIHOLE_INTERFACE}"