Security enhancement for the "never forward non-FQDNs" feature. This should prevent all local queries from being forwarded (will show up as blocked by regex) as well as any hostname without a domain (for example one word searches from the address bar in browsers). This fixes #3303

Signed-off-by: DL6ER <dl6er@dl6er.de>
4 years ago · d631cd8b04
parent 0445559610
commit d631cd8b04
1 changed files with 3 additions and 0 deletions
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@ -167,9 +167,11 @@ ProcessDNSSettings() {
    fi

    delete_dnsmasq_setting "domain-needed"
+    delete_dnsmasq_setting "expand-hosts"

    if [[ "${DNS_FQDN_REQUIRED}" == true ]]; then
        add_dnsmasq_setting "domain-needed"
+        add_dnsmasq_setting "expand-hosts"
    fi

    delete_dnsmasq_setting "bogus-priv"
@ -370,6 +372,7 @@ dhcp-leasefile=/etc/pihole/dhcp.leases

    if [[ "${PIHOLE_DOMAIN}" != "none" ]]; then
        echo "domain=${PIHOLE_DOMAIN}" >> "${dhcpconfig}"
+        echo "local=/${PIHOLE_DOMAIN}/" >> "${dhcpconfig}"
    fi

    # Sourced from setupVars