From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH] new package: unbound 1.5.9 Date: Sat, 06 Aug 2016 19:57:13 +0100 Message-ID: <1470509833.2710.454.camel@ipfire.org> In-Reply-To: <1470163697-30802-2-git-send-email-marcel.lorenz@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============9216472915170166980==" List-Id: --===============9216472915170166980== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, so I have been working on this for a bit over the weekend and started a branch with those changes. =C2=A0=C2=A0http://cgit.ipfire.org/people/ms/ipfire-2.x.git/log/?h=3Dunbound I rewrote the Python code which I didn't find clean enough and good enough for our standards. My solution is lacking some minor things (the domain is always .local) but those should be easily fixable. I am just running out of time her= e. However I wanted to share my changes for you to review and test because despi= te these small things and some other issues for which I created bug reports on Bugzilla, I think this is rather close to be finished. =C2=A0=C2=A0https://bugzilla.ipfire.org/showdependencytree.cgi?id=3D11163&hid= e_resolved=3D1 So, please have a look and test. I won't be able to work much on this over the next few weeks, hence I would be happy if some people take over a small part = and get that fixed. I will be responding to emails though. Best, -Michael On Tue, 2016-08-02 at 20:48 +0200, Marcel Lorenz wrote: > Unbound is a validating, recursive, and caching DNS resolver. > https://www.unbound.net >=20 > Signed-off-by: Marcel Lorenz >=20 > --- > =C2=A0config/rootfiles/packages/unbound=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2=A070 ++++++++ > =C2=A0config/unbound/blocklists/ms-telemetry.conf=C2=A0=C2=A0|=C2=A0=C2=A04= 9 ++++++ > =C2=A0config/unbound/forward.conf=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2= =A0=C2=A06 + > =C2=A0config/unbound/root.hints=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0|=C2=A0=C2=A090 ++++++++++ > =C2=A0config/unbound/root.key=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0|=C2=A0=C2=A0=C2=A09 + > =C2=A0config/unbound/site-packages/daemonize.py=C2=A0=C2=A0=C2=A0=C2=A0| 247 > +++++++++++++++++++++++++++ > =C2=A0config/unbound/site-packages/dhcpd.py=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0| 108 ++++++++++++ > =C2=A0config/unbound/site-packages/params.py=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0|=C2=A0=C2=A046 +++++ > =C2=A0config/unbound/site-packages/watcherdhcpd.py | 107 ++++++++++++ > =C2=A0config/unbound/unbound-dhcpd.py=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0| 145 ++++++++++++++++ > =C2=A0config/unbound/unbound-switch=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2=A080 ++++= +++++ > =C2=A0config/unbound/unbound-zone=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2= =A078 +++++++++ > =C2=A0config/unbound/unbound.conf=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0| 123 +++++= ++++++++ > =C2=A0lfs/unbound=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0| 103= +++++++++++ > =C2=A0make.sh=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0|=C2=A0=C2=A0=C2=A01 + > =C2=A0src/initscripts/init.d/network-unbound=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0| 114 +++++++++++++ > =C2=A0src/initscripts/init.d/unbound=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0| 178 +++++++++++++++++++ > =C2=A0src/initscripts/init.d/unbound-dhcpd=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2=A061 +++++++ > =C2=A0src/paks/unbound/install.sh=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2= =A070 ++++++++ > =C2=A0src/paks/unbound/uninstall.sh=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2=A027 +++ > =C2=A0src/paks/unbound/update.sh=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2= =A0=C2=A026 +++ > =C2=A021 files changed, 1738 insertions(+) > =C2=A0create mode 100644 config/rootfiles/packages/unbound > =C2=A0create mode 100644 config/unbound/blocklists/ms-telemetry.conf > =C2=A0create mode 100644 config/unbound/forward.conf > =C2=A0create mode 100644 config/unbound/root.hints > =C2=A0create mode 100644 config/unbound/root.key > =C2=A0create mode 100644 config/unbound/site-packages/daemonize.py > =C2=A0create mode 100644 config/unbound/site-packages/dhcpd.py > =C2=A0create mode 100644 config/unbound/site-packages/params.py > =C2=A0create mode 100644 config/unbound/site-packages/watcherdhcpd.py > =C2=A0create mode 100644 config/unbound/unbound-dhcpd.py > =C2=A0create mode 100755 config/unbound/unbound-switch > =C2=A0create mode 100644 config/unbound/unbound-zone > =C2=A0create mode 100644 config/unbound/unbound.conf > =C2=A0create mode 100644 lfs/unbound > =C2=A0create mode 100644 src/initscripts/init.d/network-unbound > =C2=A0create mode 100644 src/initscripts/init.d/unbound > =C2=A0create mode 100644 src/initscripts/init.d/unbound-dhcpd > =C2=A0create mode 100644 src/paks/unbound/install.sh > =C2=A0create mode 100644 src/paks/unbound/uninstall.sh > =C2=A0create mode 100644 src/paks/unbound/update.sh >=20 > diff --git a/config/rootfiles/packages/unbound > b/config/rootfiles/packages/unbound > new file mode 100644 > index 0000000..c468167 > --- /dev/null > +++ b/config/rootfiles/packages/unbound > @@ -0,0 +1,70 @@ > +etc/rc.d/init.d/network-unbound > +etc/rc.d/init.d/unbound > +etc/rc.d/init.d/unbound-dhcpd > +#etc/unbound > +#etc/unbound/blocklists > +etc/unbound/blocklists/ms-telemetry.conf > +etc/unbound/forward.conf > +etc/unbound/root.hints > +etc/unbound/root.key > +etc/unbound/unbound.conf > +etc/unbound/unbound_org.conf > +usr/bin/unbound-host > +#usr/include/unbound.h > +#usr/lib/libunbound.la > +usr/lib/libunbound.so > +usr/lib/libunbound.so.2 > +usr/lib/libunbound.so.2.4.1 > +#usr/lib/python2.7/site-packages/_unbound.la > +usr/lib/python2.7/site-packages/_unbound.so > +usr/lib/python2.7/site-packages/daemonize.py > +usr/lib/python2.7/site-packages/dhcpd.py > +usr/lib/python2.7/site-packages/params.py > +usr/lib/python2.7/site-packages/unbound.py > +usr/lib/python2.7/site-packages/watcherdhcpd.py > +usr/sbin/unbound > +usr/sbin/unbound-anchor > +usr/sbin/unbound-checkconf > +usr/sbin/unbound-dhcpd.py > +usr/sbin/unbound-control > +usr/sbin/unbound-control-setup > +usr/sbin/unbound-switch > +usr/sbin/unbound-zone > +#usr/share/man/man1/unbound-host.1 > +#usr/share/man/man3/libunbound.3 > +#usr/share/man/man3/ub_cancel.3 > +#usr/share/man/man3/ub_ctx.3 > +#usr/share/man/man3/ub_ctx_add_ta.3 > +#usr/share/man/man3/ub_ctx_add_ta_file.3 > +#usr/share/man/man3/ub_ctx_async.3 > +#usr/share/man/man3/ub_ctx_config.3 > +#usr/share/man/man3/ub_ctx_create.3 > +#usr/share/man/man3/ub_ctx_data_add.3 > +#usr/share/man/man3/ub_ctx_data_remove.3 > +#usr/share/man/man3/ub_ctx_debuglevel.3 > +#usr/share/man/man3/ub_ctx_debugout.3 > +#usr/share/man/man3/ub_ctx_delete.3 > +#usr/share/man/man3/ub_ctx_get_option.3 > +#usr/share/man/man3/ub_ctx_hosts.3 > +#usr/share/man/man3/ub_ctx_print_local_zones.3 > +#usr/share/man/man3/ub_ctx_resolvconf.3 > +#usr/share/man/man3/ub_ctx_set_fwd.3 > +#usr/share/man/man3/ub_ctx_set_option.3 > +#usr/share/man/man3/ub_ctx_trustedkeys.3 > +#usr/share/man/man3/ub_ctx_zone_add.3 > +#usr/share/man/man3/ub_ctx_zone_remove.3 > +#usr/share/man/man3/ub_fd.3 > +#usr/share/man/man3/ub_poll.3 > +#usr/share/man/man3/ub_process.3 > +#usr/share/man/man3/ub_resolve.3 > +#usr/share/man/man3/ub_resolve_async.3 > +#usr/share/man/man3/ub_resolve_free.3 > +#usr/share/man/man3/ub_result.3 > +#usr/share/man/man3/ub_strerror.3 > +#usr/share/man/man3/ub_wait.3 > +#usr/share/man/man5/unbound.conf.5 > +#usr/share/man/man8/unbound-anchor.8 > +#usr/share/man/man8/unbound-checkconf.8 > +#usr/share/man/man8/unbound-control-setup.8 > +#usr/share/man/man8/unbound-control.8 > +#usr/share/man/man8/unbound.8 > diff --git a/config/unbound/blocklists/ms-telemetry.conf > b/config/unbound/blocklists/ms-telemetry.conf > new file mode 100644 > index 0000000..7801e76 > --- /dev/null > +++ b/config/unbound/blocklists/ms-telemetry.conf > @@ -0,0 +1,49 @@ > +# Windows telemetry > +local-data: "a-0001.a-msedge.net A 127.0.0.1" > +local-data: "asimov-win.settings.data.microsoft.com.akadns.net. A 127.0.0.= 1" > +local-data: "asimov-win.vortex.data.microsoft.com.akadns.net. A 127.0.0.1" > +local-data: "choice.microsoft.com A 127.0.0.1" > +local-data: "choice.microsoft.com.nsatc.net A 127.0.0.1" > +local-data: "compatexchange.cloudapp.net A 127.0.0.1" > +local-data: "corpext.msitadfs.glbdns2.microsoft.com A 127.0.0.1" > +local-data: "corp.sts.microsoft.com A 127.0.0.1" > +local-data: "cs1.wpc.v0cdn.net A 127.0.0.1" > +local-data: "df.telemetry.microsoft.com A 127.0.0.1" > +local-data: "diagnostics.support.microsoft.com A 127.0.0.1" > +local-data: "fe2.update.microsoft.com.akadns.net A 127.0.0.1" > +local-data: "feedback.microsoft-hohm.com A 127.0.0.1" > +local-data: "feedback.search.microsoft.com A 127.0.0.1" > +local-data: "feedback.windows.com A 127.0.0.1" > +local-data: "i1.services.social.microsoft.com A 127.0.0.1" > +local-data: "i1.services.social.microsoft.com.nsatc.net A 127.0.0.1" > +local-data: "nexus.officeapps.live.com A 127.0.0.1" > +local-data: "oca.telemetry.microsoft.com A 127.0.0.1" > +local-data: "oca.telemetry.microsoft.com.nsatc.net A 127.0.0.1" > +local-data: "pre.footprintpredict.com A 127.0.0.1" > +local-data: "redir.metaservices.microsoft.com A 127.0.0.1" > +local-data: "reports.wes.df.telemetry.microsoft.com A 127.0.0.1" > +local-data: "services.wes.df.telemetry.microsoft.com A 127.0.0.1" > +local-data: "settings-sandbox.data.microsoft.com A 127.0.0.1" > +local-data: "settings-win.data.microsoft.com A 127.0.0.1" > +local-data: "sls.update.microsoft.com.akadns.net A 127.0.0.1" > +local-data: "sqm.df.telemetry.microsoft.com A 127.0.0.1" > +local-data: "sqm.telemetry.microsoft.com A 127.0.0.1" > +local-data: "sqm.telemetry.microsoft.com.nsatc.net A 127.0.0.1" > +local-data: "statsfe1.ws.microsoft.com A 127.0.0.1" > +local-data: "statsfe2.update.microsoft.com.akadns.net A 127.0.0.1" > +local-data: "statsfe2.ws.microsoft.com A 127.0.0.1" > +local-data: "survey.watson.microsoft.com A 127.0.0.1" > +local-data: "telecommand.telemetry.microsoft.com A 127.0.0.1" > +local-data: "telecommand.telemetry.microsoft.com.nsatc.net A 127.0.0.1" > +local-data: "telemetry.appex.bing.net A 127.0.0.1" > +local-data: "telemetry.microsoft.com A 127.0.0.1" > +local-data: "telemetry.urs.microsoft.com A 127.0.0.1" > +local-data: "vortex.data.microsoft.com A 127.0.0.1" > +local-data: "vortex-sandbox.data.microsoft.com A 127.0.0.1" > +local-data: "vortex-win.data.microsoft.com=C2=A0=C2=A0A 127.0.0.1" > +local-data: "watson.live.com A 127.0.0.1" > +local-data: "watson.microsoft.com A 127.0.0.1" > +local-data: "watson.ppe.telemetry.microsoft.com A 127.0.0.1" > +local-data: "watson.telemetry.microsoft.com A 127.0.0.1" > +local-data: "watson.telemetry.microsoft.com.nsatc.net A 127.0.0.1" > +local-data: "wes.df.telemetry.microsoft.com A 127.0.0.1" > diff --git a/config/unbound/forward.conf b/config/unbound/forward.conf > new file mode 100644 > index 0000000..5784f9f > --- /dev/null > +++ b/config/unbound/forward.conf > @@ -0,0 +1,6 @@ > +forward-zone: > +=C2=A0=C2=A0name: "." > +=C2=A0=C2=A0forward-addr: 85.214.20.141 > +=C2=A0=C2=A0forward-addr: 194.150.168.168 > +=C2=A0=C2=A0forward-addr: 208.67.222.222 > +=C2=A0=C2=A0forward-addr: 208.67.220.220 > diff --git a/config/unbound/root.hints b/config/unbound/root.hints > new file mode 100644 > index 0000000..3c82146 > --- /dev/null > +++ b/config/unbound/root.hints > @@ -0,0 +1,90 @@ > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0This file holds the information= on root name servers needed to > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0initialize cache of Internet do= main name servers > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0(e.g. reference this file in th= e "cache=C2=A0=C2=A0.=C2=A0=C2=A0" > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0configuration file of BIND doma= in name servers). > +; > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0This file is made available by = InterNIC=C2=A0 > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0under anonymous FTP as > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0file=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0/domain/named.cache > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0on serv= er=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0FTP.INTER= NIC.NET > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0-OR-=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0RS.INTERNIC.NET > +; > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0last update:=C2=A0=C2=A0=C2=A0= =C2=A0March 23, 2016 > +;=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0related version of root zone:= =C2=A0=C2=A0=C2=A02016032301 > +; > +; formerly NS.INTERNIC.NET > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0A.ROOT-SERVER= S.NET. > +A.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0198.41.0.4 > +A.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:503:ba3e::2:30 > +; > +; FORMERLY NS1.ISI.EDU > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0B.ROOT-SERVER= S.NET. > +B.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0192.228.79.201 > +B.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:500:84::b > +; > +; FORMERLY C.PSI.NET > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0C.ROOT-SERVER= S.NET. > +C.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0192.33.4.12 > +C.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:500:2::c > +; > +; FORMERLY TERP.UMD.EDU > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0D.ROOT-SERVER= S.NET. > +D.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0199.7.91.13 > +D.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:500:2d::d > +; > +; FORMERLY NS.NASA.GOV > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0E.ROOT-SERVER= S.NET. > +E.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0192.203.230.10 > +; > +; FORMERLY NS.ISC.ORG > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0F.ROOT-SERVER= S.NET. > +F.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0192.5.5.241 > +F.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:500:2f::f > +; > +; FORMERLY NS.NIC.DDN.MIL > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0G.ROOT-SERVER= S.NET. > +G.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0192.112.36.4 > +; > +; FORMERLY AOS.ARL.ARMY.MIL > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0H.ROOT-SERVER= S.NET. > +H.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0198.97.190.53 > +H.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:500:1::53 > +; > +; FORMERLY NIC.NORDU.NET > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0I.ROOT-SERVER= S.NET. > +I.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0192.36.148.17 > +I.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:7fe::53 > +; > +; OPERATED BY VERISIGN, INC. > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0J.ROOT-SERVER= S.NET. > +J.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0192.58.128.30 > +J.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:503:c27::2:30 > +; > +; OPERATED BY RIPE NCC > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0K.ROOT-SERVER= S.NET. > +K.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0193.0.14.129 > +K.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:7fd::1 > +; > +; OPERATED BY ICANN > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0L.ROOT-SERVER= S.NET. > +L.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0199.7.83.42 > +L.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:500:9f::42 > +; > +; OPERATED BY WIDE > +; > +.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A036000= 00=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0NS=C2=A0=C2=A0=C2=A0=C2=A0M.ROOT-SERVER= S.NET. > +M.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0A=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0202.12.27.33 > +M.ROOT-SERVERS.NET.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A03600000=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0AAAA=C2=A0=C2=A02001:dc3::35 > +; End of file > diff --git a/config/unbound/root.key b/config/unbound/root.key > new file mode 100644 > index 0000000..fb540e3 > --- /dev/null > +++ b/config/unbound/root.key > @@ -0,0 +1,9 @@ > +; autotrust trust anchor file > +;;id: . 1 > +;;last_queried: 1467576595 ;;Sun Jul=C2=A0=C2=A03 22:09:55 2016 > +;;last_success: 1467576595 ;;Sun Jul=C2=A0=C2=A03 22:09:55 2016 > +;;next_probe_time: 1467616562 ;;Mon Jul=C2=A0=C2=A04 09:16:02 2016 > +;;query_failed: 0 > +;;query_interval: 43200 > +;;retry_time: 8640 > +. 172800 IN DNSKEY 257 3 8 > AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI= 0Ez > rAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZ= xkj > f5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hOA2h= zCT > MjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGcL= mqr > AmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0=3D ;{id =3D 19036 (ksk), size =3D 2048b} > ;;state=3D2 [=C2=A0=C2=A0VALID=C2=A0=C2=A0] ;;count=3D0 ;;lastchange=3D1467= 575383 ;;Sun Jul=C2=A0=C2=A03 21:49:43 > 2016 > diff --git a/config/unbound/site-packages/daemonize.py b/config/unbound/sit= e- > packages/daemonize.py > new file mode 100644 > index 0000000..e083feb > --- /dev/null > +++ b/config/unbound/site-packages/daemonize.py > @@ -0,0 +1,247 @@ > +# #!/usr/bin/python > + > +import fcntl > +import os > +import pwd > +import grp > +import sys > +import signal > +import resource > +import logging > +import atexit > +from logging import handlers > +import traceback > + > + > +__version__ =3D "2.4.6" > + > + > +class Daemonize(object): > +=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0Daemonize object. > + > +=C2=A0=C2=A0=C2=A0=C2=A0Object constructor expects three arguments. > + > +=C2=A0=C2=A0=C2=A0=C2=A0:param app: contains the application name which wi= ll be sent to syslog. > +=C2=A0=C2=A0=C2=A0=C2=A0:param pid: path to the pidfile. > +=C2=A0=C2=A0=C2=A0=C2=A0:param action: your custom function which will be = executed after > daemonization. > +=C2=A0=C2=A0=C2=A0=C2=A0:param keep_fds: optional list of fds which should= not be closed. > +=C2=A0=C2=A0=C2=A0=C2=A0:param auto_close_fds: optional parameter to not c= lose opened fds. > +=C2=A0=C2=A0=C2=A0=C2=A0:param privileged_action: action that will be exec= uted before drop > privileges if user or > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0group parameter is provided. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0If you want to transfer anything from > privileged_action to action, such as > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0opened privileged file descriptor, you should > return it from > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0privileged_action function and catch it insi= de > action function. > +=C2=A0=C2=A0=C2=A0=C2=A0:param user: drop privileges to this user if provi= ded. > +=C2=A0=C2=A0=C2=A0=C2=A0:param group: drop privileges to this group if pro= vided. > +=C2=A0=C2=A0=C2=A0=C2=A0:param verbose: send debug messages to logger if p= rovided. > +=C2=A0=C2=A0=C2=A0=C2=A0:param logger: use this logger object instead of c= reating new one, if > provided. > +=C2=A0=C2=A0=C2=A0=C2=A0:param foreground: stay in foreground; do not fork= (for debugging) > +=C2=A0=C2=A0=C2=A0=C2=A0:param chdir: change working directory if provided= or / > +=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0def __init__(self, app, pid, action, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0keep_fds=3DNone, auto_close_fds=3DTrue, privile= ged_action=3DNone, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0user=3DNone, group=3DNone, verbose=3DFalse, log= ger=3DNone, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0foreground=3DFalse, chdir=3D"/"): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.app =3D app > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.pid =3D os.path.abspa= th(pid) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.action =3D action > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.keep_fds =3D keep_fds= or [] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.privileged_action =3D= privileged_action or (lambda: ()) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.user =3D user > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.group =3D group > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.logger =3D logger > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.verbose =3D verbose > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.auto_close_fds =3D au= to_close_fds > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.foreground =3D foregr= ound > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.chdir =3D chdir > + > +=C2=A0=C2=A0=C2=A0=C2=A0def sigterm(self, signum, frame): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0These actions will be done= after SIGTERM. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.logger.warn("Caught s= ignal %s. Stopping daemon." % signum) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0sys.exit(0) > + > +=C2=A0=C2=A0=C2=A0=C2=A0def exit(self): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0Cleanup pid file at exit. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.logger.warn("Stopping= daemon.") > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0os.remove(self.pid) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0sys.exit(0) > + > +=C2=A0=C2=A0=C2=A0=C2=A0def start(self): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0Start daemonization proces= s. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# If pidfile already exist= s, we should read pid from there; to > overwrite it, if locking > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# will fail, because locki= ng attempt somehow purges the file > contents. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if os.path.isfile(self.pid= ): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0wi= th open(self.pid, "r") as old_pidfile: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0old_pid =3D old_pidfile.read() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Create a lockfile so tha= t only one instance of this daemon is > running at any time. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0try: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0lo= ckfile =3D open(self.pid, "w") > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0except IOError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0pr= int("Unable to create the pidfile.") > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0sy= s.exit(1) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0try: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = Try to get an exclusive lock on the file. This will fail if > another process has the file > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = locked. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fc= ntl.flock(lockfile, fcntl.LOCK_EX | fcntl.LOCK_NB) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0except IOError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0pr= int("Unable to lock on the pidfile.") > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = We need to overwrite the pidfile if we got here. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0wi= th open(self.pid, "w") as pidfile: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0pidfile.write(old_pid) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0sy= s.exit(1) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# skip fork if foreground = is specified > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if not self.foreground: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = Fork, creating a new process for the child. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0tr= y: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0process_id =3D os.fork() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ex= cept OSError as e: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0self.logger.error("Unable to fork, errno: > {0}".format(e.errno)) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0sys.exit(1) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= process_id !=3D 0: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0# This is the parent process. Exit without cleanup, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0# see https://github.com/thesharp/daemonize/issues/46 > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0os._exit(0) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = This is the child process. Continue. > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = Stop listening for signals that the parent process receives. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = This is done by getting a new process id. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = setpgrp() is an alternative to setsid(). > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = setsid puts the process in a new parent group and detaches its > controlling terminal. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0pr= ocess_id =3D os.setsid() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= process_id =3D=3D -1: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0# Uh oh, there was a problem. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0sys.exit(1) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = Add lockfile to self.keep_fds. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf.keep_fds.append(lockfile.fileno()) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = Close all file descriptors, except the ones mentioned in > self.keep_fds. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0de= vnull =3D "/dev/null" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= hasattr(os, "devnull"): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0# Python has set os.devnull on this system, use it in= stead as > it might be different > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0# than /dev/null. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0devnull =3D os.devnull > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= self.auto_close_fds: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0for fd in range(3, > resource.getrlimit(resource.RLIMIT_NOFILE)[0]): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if fd not in self.keep_fds: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0try: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0os.close(fd) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0excep= t OSError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0pass > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0de= vnull_fd =3D os.open(devnull, os.O_RDWR) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0os= .dup2(devnull_fd, 0) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0os= .dup2(devnull_fd, 1) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0os= .dup2(devnull_fd, 2) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if self.logger is None: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = Initialize logging. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf.logger =3D logging.getLogger(self.app) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf.logger.setLevel(logging.DEBUG) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = Display log messages only on defined handlers. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf.logger.propagate =3D False > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = Initialize syslog. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = It will correctly work on OS X, Linux and FreeBSD. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= sys.platform =3D=3D "darwin": > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0syslog_address =3D "/var/run/syslog" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0el= se: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0syslog_address =3D "/dev/log" > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = We will continue with syslog initialization only if actually > have such capabilities > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = on the machine we are running this. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= os.path.exists(syslog_address): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0syslog =3D handlers.SysLogHandler(syslog_address) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0if self.verbose: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0syslog.setLevel(logging.DEBUG) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0else: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0syslog.setLevel(logging.INFO) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0# Try to mimic to normal syslog messages. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0formatter =3D logging.Formatter("%(asctime)s %(name)s: > %(message)s", > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0"%b %e %H:%M:%S") > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0syslog.setFormatter(formatter) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0self.logger.addHandler(syslog) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Set umask to default to = safe file permissions when running as a > root daemon. 027 is an > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# octal number which we ar= e typing as 0o27 for Python3 compatibility. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0os.umask(0o27) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Change to a known direct= ory. If this isn't done, starting a daemon > in a subdirectory that > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# needs to be deleted resu= lts in "directory busy" errors. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0os.chdir(self.chdir) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Execute privileged action > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0privileged_action_result = =3D self.privileged_action() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if not privileged_action_r= esult: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0pr= ivileged_action_result =3D [] > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Change owner of pid file= , it's required because pid file will be > removed at exit. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0uid, gid =3D -1, -1 > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if self.group: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0tr= y: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0gid =3D grp.getgrnam(self.group).gr_gid > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ex= cept KeyError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0self.logger.error("Group {0} not found".format(self.g= roup)) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0sys.exit(1) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if self.user: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0tr= y: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0uid =3D pwd.getpwnam(self.user).pw_uid > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ex= cept KeyError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0self.logger.error("User {0} not found.".format(self.u= ser)) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0sys.exit(1) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if uid !=3D -1 or gid !=3D= -1: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0os= .chown(self.pid, uid, gid) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Change gid > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if self.group: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0tr= y: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0os.setgid(gid) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ex= cept OSError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0self.logger.error("Unable to change gid.") > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0sys.exit(1) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Change uid > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if self.user: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0tr= y: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0uid =3D pwd.getpwnam(self.user).pw_uid > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ex= cept KeyError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0self.logger.error("User {0} not found.".format(self.u= ser)) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0sys.exit(1) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0tr= y: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0os.setuid(uid) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ex= cept OSError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0self.logger.error("Unable to change uid.") > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0sys.exit(1) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0try: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0lo= ckfile.write("%s" % (os.getpid())) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0lo= ckfile.flush() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0except IOError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf.logger.error("Unable to write pid to the pidfile.") > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0pr= int("Unable to write pid to the pidfile.") > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0sy= s.exit(1) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Set custom action on SIG= TERM. > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0signal.signal(signal.SIGTE= RM, self.sigterm) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0atexit.register(self.exit) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self.logger.warn("Starting= daemon.") > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0try: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf.action(*privileged_action_result) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0except Exception as e: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fo= r line in traceback.format_exc(e).split("\n"): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0self.logger.error(line) > diff --git a/config/unbound/site-packages/dhcpd.py b/config/unbound/site- > packages/dhcpd.py > new file mode 100644 > index 0000000..6d586c7 > --- /dev/null > +++ b/config/unbound/site-packages/dhcpd.py > @@ -0,0 +1,108 @@ > +""" > +=C2=A0=C2=A0=C2=A0=C2=A0Copyright (c) 2016 Ad Schellevis > +=C2=A0=C2=A0=C2=A0=C2=A0All rights reserved. > + > +=C2=A0=C2=A0=C2=A0=C2=A0Redistribution and use in source and binary forms,= with or without > +=C2=A0=C2=A0=C2=A0=C2=A0modification, are permitted provided that the foll= owing conditions are > met: > + > +=C2=A0=C2=A0=C2=A0=C2=A01. Redistributions of source code must retain the = above copyright notice, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0this list of conditions and the following di= sclaimer. > + > +=C2=A0=C2=A0=C2=A0=C2=A02. Redistributions in binary form must reproduce t= he above copyright > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0notice, this list of conditions and the foll= owing disclaimer in the > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0documentation and/or other materials provide= d with the distribution. > + > +=C2=A0=C2=A0=C2=A0=C2=A0THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRES= S OR IMPLIED > WARRANTIES, > +=C2=A0=C2=A0=C2=A0=C2=A0INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANT= IES OF MERCHANTABILITY > +=C2=A0=C2=A0=C2=A0=C2=A0AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIME= D. IN NO EVENT SHALL > THE > +=C2=A0=C2=A0=C2=A0=C2=A0AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDEN= TAL, SPECIAL, > EXEMPLARY, > +=C2=A0=C2=A0=C2=A0=C2=A0OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMIT= ED TO, PROCUREMENT OF > +=C2=A0=C2=A0=C2=A0=C2=A0SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, O= R PROFITS; OR BUSINESS > +=C2=A0=C2=A0=C2=A0=C2=A0INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF = LIABILITY, WHETHER IN > +=C2=A0=C2=A0=C2=A0=C2=A0CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE OR OTHERWISE) > +=C2=A0=C2=A0=C2=A0=C2=A0ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE= , EVEN IF ADVISED OF > THE > +=C2=A0=C2=A0=C2=A0=C2=A0POSSIBILITY OF SUCH DAMAGE. > +""" > +import os > +import time > +import datetime > + > +class DHCPDLease(object): > +=C2=A0=C2=A0=C2=A0=C2=A0watch_file =3D '/var/dhcpd/var/db/dhcpd.leases' > + > +=C2=A0=C2=A0=C2=A0=C2=A0def __init__(self): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" init watcher > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: watcher object > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data =3D [] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._fhandle =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._last_pos =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._open() > + > +=C2=A0=C2=A0=C2=A0=C2=A0def _open(self): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" (re)open watched file > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: watcher object > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0try: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._fhandle =3D open(self.watch_file, 'r') > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._last_pos =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._section_data =3D [] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0re= turn True > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0except IOError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._fhandle =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0re= turn False > + > +=C2=A0=C2=A0=C2=A0=C2=A0@staticmethod > +=C2=A0=C2=A0=C2=A0=C2=A0def parse_lease(lines): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" parse dhcp lease > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:param lines: lease sectio= n as list item > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: dictionary > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0lease =3D dict() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0lease['address'] =3D lines= [0].split()[1] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0for line in lines: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0pa= rts =3D=C2=A0=C2=A0line.split() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi= eld_name =3D parts[0] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi= eld_value =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= field_name in ('starts', 'ends', 'tstp', 'tsfp', 'atsfp', > 'cltt') and len(parts) >=3D 3: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0dt =3D '%s %s'%(parts[2], parts[3]) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0try: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0field_value =3D time.mktime(d= atetime.datetime.strptime(dt, > "%Y/%m/%d %H:%M:%S;").timetuple()) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0except ValueError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0field_value =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0el= if field_name =3D=3D 'hardware' and len(parts) >=3D 3: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0field_value =3D {'hardware-type': parts[1], 'mac-addr= ess': > parts[2]} > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0el= if field_name in('uid', 'client-hostname') and len(parts) >=3D 2 > and parts[1].find('"') > -1: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0field_value =3D parts[1].split('"')[1] > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= field_value is not None: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0lease[field_name] =3D field_value > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0return lease > + > +=C2=A0=C2=A0=C2=A0=C2=A0def watch(self): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" watch file, return lea= se dictionaries > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: iterator for leas= es > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if self._fhandle is None o= r os.fstat(self._fhandle.fileno()).st_nlink > =3D=3D 0: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = nothing to watch, try to (re)open return when failed > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= not self._open(): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0return > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0elif self._last_pos is not= None: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._fhandle.seek(self._last_pos) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0while True: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0li= ne =3D self._fhandle.readline() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= line: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0if len(line) > 5 and line[0:5] =3D=3D 'lease': > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data.append(lin= e) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0elif len(line) > 1 and line[0] =3D=3D '}': > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data.append(lin= e) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0yield self.parse_lease(self._= section_data) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data =3D [] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0elif len(self._section_data) > 0: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data.append(lin= e) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0el= se: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0break > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._last_pos =3D self._f= handle.tell() > diff --git a/config/unbound/site-packages/params.py b/config/unbound/site- > packages/params.py > new file mode 100644 > index 0000000..6be3244 > --- /dev/null > +++ b/config/unbound/site-packages/params.py > @@ -0,0 +1,46 @@ > +""" > +=C2=A0=C2=A0=C2=A0=C2=A0Copyright (c) 2015-2016 Ad Schellevis > +=C2=A0=C2=A0=C2=A0=C2=A0All rights reserved. > + > +=C2=A0=C2=A0=C2=A0=C2=A0Redistribution and use in source and binary forms,= with or without > +=C2=A0=C2=A0=C2=A0=C2=A0modification, are permitted provided that the foll= owing conditions are > met: > + > +=C2=A0=C2=A0=C2=A0=C2=A01. Redistributions of source code must retain the = above copyright notice, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0this list of conditions and the following di= sclaimer. > + > +=C2=A0=C2=A0=C2=A0=C2=A02. Redistributions in binary form must reproduce t= he above copyright > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0notice, this list of conditions and the foll= owing disclaimer in the > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0documentation and/or other materials provide= d with the distribution. > + > +=C2=A0=C2=A0=C2=A0=C2=A0THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRES= S OR IMPLIED > WARRANTIES, > +=C2=A0=C2=A0=C2=A0=C2=A0INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANT= IES OF MERCHANTABILITY > +=C2=A0=C2=A0=C2=A0=C2=A0AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIME= D. IN NO EVENT SHALL > THE > +=C2=A0=C2=A0=C2=A0=C2=A0AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDEN= TAL, SPECIAL, > EXEMPLARY, > +=C2=A0=C2=A0=C2=A0=C2=A0OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMIT= ED TO, PROCUREMENT OF > +=C2=A0=C2=A0=C2=A0=C2=A0SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, O= R PROFITS; OR BUSINESS > +=C2=A0=C2=A0=C2=A0=C2=A0INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF = LIABILITY, WHETHER IN > +=C2=A0=C2=A0=C2=A0=C2=A0CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE OR OTHERWISE) > +=C2=A0=C2=A0=C2=A0=C2=A0ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE= , EVEN IF ADVISED OF > THE > +=C2=A0=C2=A0=C2=A0=C2=A0POSSIBILITY OF SUCH DAMAGE. > +""" > + > +import sys > + > + > +def update_params(parameters): > +=C2=A0=C2=A0=C2=A0=C2=A0""" update predefined parameters with given list f= rom shell (as switches) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0for example /a valA /b valB > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0converts to > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0{'= a':'valA','b':'valB'} > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0(assuming parameters conta= ins both a and b) > +=C2=A0=C2=A0=C2=A0=C2=A0:param parameters: parameter dictionary > +=C2=A0=C2=A0=C2=A0=C2=A0:return: > +=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0cmd =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0for arg in sys.argv[1:]: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if cmd is None: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0cm= d =3D arg[1:] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0else: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= cmd in parameters and arg.strip() !=3D '': > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0parameters[cmd] =3D arg.strip() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0cm= d =3D None > diff --git a/config/unbound/site-packages/watcherdhcpd.py > b/config/unbound/site-packages/watcherdhcpd.py > new file mode 100644 > index 0000000..c726d5c > --- /dev/null > +++ b/config/unbound/site-packages/watcherdhcpd.py > @@ -0,0 +1,107 @@ > +""" > +=C2=A0=C2=A0=C2=A0=C2=A0Copyright (c) 2016 Ad Schellevis > +=C2=A0=C2=A0=C2=A0=C2=A0All rights reserved. > + > +=C2=A0=C2=A0=C2=A0=C2=A0Redistribution and use in source and binary forms,= with or without > +=C2=A0=C2=A0=C2=A0=C2=A0modification, are permitted provided that the foll= owing conditions are > met: > + > +=C2=A0=C2=A0=C2=A0=C2=A01. Redistributions of source code must retain the = above copyright notice, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0this list of conditions and the following di= sclaimer. > + > +=C2=A0=C2=A0=C2=A0=C2=A02. Redistributions in binary form must reproduce t= he above copyright > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0notice, this list of conditions and the foll= owing disclaimer in the > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0documentation and/or other materials provide= d with the distribution. > + > +=C2=A0=C2=A0=C2=A0=C2=A0THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRES= S OR IMPLIED > WARRANTIES, > +=C2=A0=C2=A0=C2=A0=C2=A0INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANT= IES OF MERCHANTABILITY > +=C2=A0=C2=A0=C2=A0=C2=A0AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIME= D. IN NO EVENT SHALL > THE > +=C2=A0=C2=A0=C2=A0=C2=A0AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDEN= TAL, SPECIAL, > EXEMPLARY, > +=C2=A0=C2=A0=C2=A0=C2=A0OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMIT= ED TO, PROCUREMENT OF > +=C2=A0=C2=A0=C2=A0=C2=A0SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, O= R PROFITS; OR BUSINESS > +=C2=A0=C2=A0=C2=A0=C2=A0INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF = LIABILITY, WHETHER IN > +=C2=A0=C2=A0=C2=A0=C2=A0CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE OR OTHERWISE) > +=C2=A0=C2=A0=C2=A0=C2=A0ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE= , EVEN IF ADVISED OF > THE > +=C2=A0=C2=A0=C2=A0=C2=A0POSSIBILITY OF SUCH DAMAGE. > +""" > +import os > +import time > +import datetime > + > +class DHCPDLease(object): > +=C2=A0=C2=A0=C2=A0=C2=A0watch_file =3D '/var/state/dhcp/dhcpd.leases' > + > +=C2=A0=C2=A0=C2=A0=C2=A0def __init__(self): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" init watcher > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: watcher object > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data =3D [] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._fhandle =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._last_pos =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._open() > + > +=C2=A0=C2=A0=C2=A0=C2=A0def _open(self): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" (re)open watched file > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: watcher object > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0try: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._fhandle =3D open(self.watch_file, 'r') > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._last_pos =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._section_data =3D [] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0re= turn True > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0except IOError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._fhandle =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0re= turn False > + > +=C2=A0=C2=A0=C2=A0=C2=A0@staticmethod > +=C2=A0=C2=A0=C2=A0=C2=A0def parse_lease(lines): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" parse dhcp lease > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:param lines: lease sectio= n as list item > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: dictionary > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0lease =3D dict() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0lease['address'] =3D lines= [0].split()[1] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0for line in lines: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0pa= rts =3D=C2=A0=C2=A0line.split() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi= eld_name =3D parts[0] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi= eld_value =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= field_name in ('starts', 'ends', 'tstp', 'tsfp', 'atsfp', > 'cltt') and len(parts) >=3D 3: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0dt =3D '%s %s'%(parts[2], parts[3]) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0try: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0field_value =3D time.mktime(d= atetime.datetime.strptime(dt, > "%Y/%m/%d %H:%M:%S;").timetuple()) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0except ValueError: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0field_value =3D None > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0el= if field_name =3D=3D 'hardware' and len(parts) >=3D 3: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0field_value =3D {'hardware-type': parts[1], 'mac-addr= ess': > parts[2]} > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0el= if field_name in('uid', 'client-hostname') and len(parts) >=3D 2 > and parts[1].find('"') > -1: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0field_value =3D parts[1].split('"')[1] > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= field_value is not None: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0lease[field_name] =3D field_value > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0return lease > + > +=C2=A0=C2=A0=C2=A0=C2=A0def watch(self): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" watch file, return lea= se dictionaries > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: iterator for leas= es > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if self._fhandle is None o= r os.fstat(self._fhandle.fileno()).st_nlink > =3D=3D 0: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = nothing to watch, try to (re)open return when failed > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= not self._open(): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0return > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0elif self._last_pos is not= None: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0se= lf._fhandle.seek(self._last_pos) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0while True: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0li= ne =3D self._fhandle.readline() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= line: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0if len(line) > 5 and line[0:5] =3D=3D 'lease': > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data.append(lin= e) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0elif len(line) > 1 and line[0] =3D=3D '}': > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data.append(lin= e) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0yield self.parse_lease(self._= section_data) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data =3D [] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0elif len(self._section_data) > 0: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._section_data.append(lin= e) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0el= se: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0break > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0self._last_pos =3D self._f= handle.tell() > diff --git a/config/unbound/unbound-dhcpd.py b/config/unbound/unbound-dhcpd= .py > new file mode 100644 > index 0000000..0afedc9 > --- /dev/null > +++ b/config/unbound/unbound-dhcpd.py > @@ -0,0 +1,145 @@ > +#!/usr/bin/python2.7 > + > +""" > +=C2=A0=C2=A0=C2=A0=C2=A0Copyright (c) 2016 Ad Schellevis > +=C2=A0=C2=A0=C2=A0=C2=A0All rights reserved. > + > +=C2=A0=C2=A0=C2=A0=C2=A0Redistribution and use in source and binary forms,= with or without > +=C2=A0=C2=A0=C2=A0=C2=A0modification, are permitted provided that the foll= owing conditions are > met: > + > +=C2=A0=C2=A0=C2=A0=C2=A01. Redistributions of source code must retain the = above copyright notice, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0this list of conditions and the following di= sclaimer. > + > +=C2=A0=C2=A0=C2=A0=C2=A02. Redistributions in binary form must reproduce t= he above copyright > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0notice, this list of conditions and the foll= owing disclaimer in the > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0documentation and/or other materials provide= d with the distribution. > + > +=C2=A0=C2=A0=C2=A0=C2=A0THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRES= S OR IMPLIED > WARRANTIES, > +=C2=A0=C2=A0=C2=A0=C2=A0INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANT= IES OF MERCHANTABILITY > +=C2=A0=C2=A0=C2=A0=C2=A0AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIME= D. IN NO EVENT SHALL > THE > +=C2=A0=C2=A0=C2=A0=C2=A0AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDEN= TAL, SPECIAL, > EXEMPLARY, > +=C2=A0=C2=A0=C2=A0=C2=A0OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMIT= ED TO, PROCUREMENT OF > +=C2=A0=C2=A0=C2=A0=C2=A0SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, O= R PROFITS; OR BUSINESS > +=C2=A0=C2=A0=C2=A0=C2=A0INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF = LIABILITY, WHETHER IN > +=C2=A0=C2=A0=C2=A0=C2=A0CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEG= LIGENCE OR OTHERWISE) > +=C2=A0=C2=A0=C2=A0=C2=A0ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE= , EVEN IF ADVISED OF > THE > +=C2=A0=C2=A0=C2=A0=C2=A0POSSIBILITY OF SUCH DAMAGE. > + > +=C2=A0=C2=A0=C2=A0=C2=A0--------------------------------------------------= ----------------------- > ------------- > +=C2=A0=C2=A0=C2=A0=C2=A0watch dhcp lease file and build include file for u= nbound > +""" > +import os > +import sys > + > +sys.path.insert(0, "/usr/lib/python2.7/site-packages") > +import subprocess > +import time > +import tempfile > +from daemonize import Daemonize > +import watcherdhcpd > +import params > + > + > +def unbound_control(commands, output_stream=3DNone): > +=C2=A0=C2=A0=C2=A0=C2=A0""" execute (chrooted) unbound-control command > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:param commands: command l= ist (parameters) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:param output_stream: (opt= ional)output stream > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: None > +=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0output_stream =3D open(os.devnull, 'w') > +=C2=A0=C2=A0=C2=A0=C2=A0subprocess.check_call(['/usr/sbin/chroot', '--user= spec=3Dunbound:unbound', > '/', > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0'/usr/sbin/unbound-control', '-c', > '/etc/unbound/unbound.conf'] + commands, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0stdout=3Doutput_stream, stderr=3Dsubprocess.STDOUT) > +=C2=A0=C2=A0=C2=A0=C2=A0output_stream.seek(0) > + > + > +def unbound_known_addresses(): > +=C2=A0=C2=A0=C2=A0=C2=A0""" fetch known addresses > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0:return: list > +=C2=A0=C2=A0=C2=A0=C2=A0""" > +=C2=A0=C2=A0=C2=A0=C2=A0result =3D list() > +=C2=A0=C2=A0=C2=A0=C2=A0with tempfile.NamedTemporaryFile() as output_strea= m: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0unbound_control(['list_loc= al_data'], output_stream) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0for line in output_stream.= read().split('\n'): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0pa= rts =3D line.split() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= len(parts) > 4 and parts[3] =3D=3D 'A': > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0result.append(parts[4]) > +=C2=A0=C2=A0=C2=A0=C2=A0print result > +=C2=A0=C2=A0=C2=A0=C2=A0return result > + > + > +# parse input params > +app_params =3D {'pid': '/var/run/unbound_dhcpd.pid', > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0'domain': 'local', > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0'target': '/etc/unbound/dhcpleases.conf', > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0'background': '1'} > +params.update_params(app_params) > + > + > +def main(): > +=C2=A0=C2=A0=C2=A0=C2=A0# cleanup interval (seconds) > +=C2=A0=C2=A0=C2=A0=C2=A0cleanup_interval =3D 60 > + > +=C2=A0=C2=A0=C2=A0=C2=A0# All times in the lease database are in Coordinat= ed Universal Time > (UTC), not local time! > +=C2=A0=C2=A0=C2=A0=C2=A0tzone =3D 0 > +=C2=A0=C2=A0=C2=A0=C2=A0if app_params['background'] <> 1: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0print "Add leases for domian:",a= pp_params['domain'] > + > +=C2=A0=C2=A0=C2=A0=C2=A0# initiate lease watcher and setup cache > +=C2=A0=C2=A0=C2=A0=C2=A0dhcpdleases =3D watcherdhcpd.DHCPDLease() > +=C2=A0=C2=A0=C2=A0=C2=A0cached_leases =3D dict() > +=C2=A0=C2=A0=C2=A0=C2=A0known_addresses =3D unbound_known_addresses() > + > +=C2=A0=C2=A0=C2=A0=C2=A0# start watching dhcp leases > +=C2=A0=C2=A0=C2=A0=C2=A0last_cleanup =3D time.time() > +=C2=A0=C2=A0=C2=A0=C2=A0while True: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0dhcpd_changed =3D False > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if time.daylight <> 0: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ut= ctime =3D time.time() + time.altzone > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0else: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ut= ctime =3D time.time() + time.timezone > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0for lease in dhcpdleases.w= atch(): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if= 'ends' in lease and lease['ends'] > utctime and 'client- > hostname' in lease and 'address' in lease: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0cached_leases[lease['address']] =3D lease > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0dhcpd_changed =3D True > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0if app_params['background'] <> 1: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0print "IP:",lease['address'],"Hostn= ame:",lease['client- > hostname'],"Start:",lease['starts'],"End:",lease['ends'] > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if time.time() - last_clea= nup > cleanup_interval: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = cleanup every x seconds > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0la= st_cleanup =3D time.time() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ad= dresses =3D cached_leases.keys() > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fo= r address in addresses: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0if cached_leases[address]['ends'] < time.time(): > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0del cached_leases[address] > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0dhcpd_changed =3D True > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if dhcpd_changed: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = dump dns output to target > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0wi= th open(app_params['target'], 'w') as unbound_conf: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0for address in cached_leases: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0unbound_conf.write('local-dat= a-ptr: "%s %s.%s"\n' % > (address, > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0cach > ed_leases[address]['client-hostname'], > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0app_ > params['domain'])) > + > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0unbound_conf.write('local-dat= a: "%s.%s IN A %s"\n' % > (cached_leases[address]['client-hostname'], > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0app > _params['domain'], > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0add > ress)) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# = signal unbound > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fo= r address in cached_leases: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0if address not in known_addresses: > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fqdn =3D '%s.%s' % (cached_le= ases[address]['client- > hostname'], app_params['domain']) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0unbound_control(['local_data'= , address, 'PTR', fqdn]) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0unbound_control(['local_data'= , fqdn, 'IN A', address]) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0known_addresses.append(addres= s) > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# wait for next cycle > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0time.sleep(5) > + > + > +# startup > +if app_params['background'] =3D=3D '1': > +=C2=A0=C2=A0=C2=A0=C2=A0daemon =3D Daemonize(app=3D"unbound_dhcpd", pid=3D= app_params['pid'], > action=3Dmain) > +=C2=A0=C2=A0=C2=A0=C2=A0daemon.start() > +else: > +=C2=A0=C2=A0=C2=A0=C2=A0main() > diff --git a/config/unbound/unbound-switch b/config/unbound/unbound-switch > new file mode 100755 > index 0000000..60eeb89 > --- /dev/null > +++ b/config/unbound/unbound-switch > @@ -0,0 +1,80 @@ > +#!/bin/bash > +##########################################################################= ### > ## > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# IPFire.org - A linux based > firewall=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# This program is free software: you can redistribute it and/or > modify=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# it under the terms of the GNU General Public License as published > by=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# the Free Software Foundation, either version 3 of the License, > or=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# (at your option) any later > version.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# This program is distributed in the hope that it will be > useful,=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +# but WITHOUT ANY WARRANTY; without even the implied warranty > of=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.=C2=A0=C2=A0See > the=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0# > +# GNU General Public License for more > details.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# You should have received a copy of the GNU General Public > License=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# along with this program.=C2=A0=C2=A0If not, see .=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 > =C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# Description : script to switch the DNS server/proxy in > IPfire=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0rerun to easy go back to > dnsmasq=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# Author=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0: Marcel Lorenz =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 > =C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +##########################################################################= ### > ## > + > +CGIFILE=3D"/srv/web/ipfire/cgi-bin/services.cgi" > + > +install_cron_jobs() { > +cat > /etc/fcron.weekly/update_unbound_anchor << "EOF" > +#!/bin/bash > +# allow max all 30 minutes to update files > +if [[ $(( (`date +%s` - `stat -L --format %Y /etc/unbound/root.key`) > > (30*60) )) !=3D 0 ]]; then > +=C2=A0=C2=A0wget -q ftp://ftp.internic.net/domain/named.cache -O > /etc/unbound/root.hints > +=C2=A0=C2=A0curl -sS -L --compressed "http://pgl.yoyo.org/adservers/server= list.php?host > format=3Dunbound&showintro=3D0&mimetype=3Dplaintext" > /etc/unbound/blockli= sts/ad- > servers.conf > +=C2=A0=C2=A0unbound-anchor > +fi > +exit 0 > +EOF > +chmod +x /etc/fcron.weekly/update_unbound_anchor > +cat > /etc/fcron.hourly/update_unbound_zone << "EOF" > +#!/bin/bash > +unbound-zone > +EOF > +chmod +x /etc/fcron.hourly/update_unbound_zone > +} > + > +# main switch > +if [[ -e /etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq ]]; then > +=C2=A0=C2=A0echo -e "\033[32mActivate Unbound DNS-proxy at start...\033[0m= "; > +=C2=A0=C2=A0# autostart symlinks > +=C2=A0=C2=A0rm -f /etc/rc.d/init.d/networking/red.up/05-RS-dnsmasq > /etc/rc.d/init.d/networking/red.down/05-RS-dnsmasq > +=C2=A0=C2=A0mv -f /etc/init.d/network /etc/init.d/network-dnsmasq > +=C2=A0=C2=A0mv -f /etc/init.d/network-unbound /etc/init.d/network > +=C2=A0=C2=A0# WebIF services.cgi=C2=A0 > +=C2=A0=C2=A0sed -i "s|\$Lang::tr{'dns proxy server'} =3D> 'dnsmasq',.*|\$L= ang::tr{'dns > proxy server'} =3D> 'unbound',|" ${CGIFILE} > +=C2=A0=C2=A0install_cron_jobs > +=C2=A0=C2=A0/etc/fcron.weekly/update_unbound_anchor > +=C2=A0=C2=A0# Stop and start services=C2=A0 > +=C2=A0=C2=A0/etc/rc.d/init.d/dnsmasq stop > +=C2=A0=C2=A0sleep 1 > +=C2=A0=C2=A0/etc/rc.d/init.d/unbound start > + > +else > +=C2=A0=C2=A0echo -e "\033[32mActivate dnsmasq DNS-proxy at start...\033[0m= "; > +=C2=A0=C2=A0# autostart symlinks > +=C2=A0=C2=A0ln -sf /etc/rc.d/init.d/dnsmasq /etc/rc.d/init.d/networking/re= d.up/05-RS- > dnsmasq > +=C2=A0=C2=A0ln -sf /etc/rc.d/init.d/dnsmasq /etc/rc.d/init.d/networking/re= d.down/05-RS- > dnsmasq > +=C2=A0=C2=A0mv -f /etc/init.d/network /etc/init.d/network-unbound > +=C2=A0=C2=A0mv -f /etc/init.d/network-dnsmasq /etc/init.d/network > +=C2=A0=C2=A0# WebIF services.cgi=C2=A0 > +=C2=A0=C2=A0sed -i "s|\$Lang::tr{'dns proxy server'} =3D> 'unbound',.*|\$L= ang::tr{'dns > proxy server'} =3D> 'dnsmasq',|" ${CGIFILE} > +=C2=A0=C2=A0# Stop and start services=C2=A0 > +=C2=A0=C2=A0/etc/rc.d/init.d/unbound stop > +=C2=A0=C2=A0sleep 1 > +=C2=A0=C2=A0/etc/rc.d/init.d/dnsmasq start > +=C2=A0=C2=A0rm -f /etc/fcron.weekly/update_unbound_anchor > /etc/fcron.hourly/update_unbound_zone; > +fi > +unset CGIFILE > +echo -e "\033[32mdone...\033[0m"; > +exit 0 > +# end of unbound-proxy > diff --git a/config/unbound/unbound-zone b/config/unbound/unbound-zone > new file mode 100644 > index 0000000..9a0de1f > --- /dev/null > +++ b/config/unbound/unbound-zone > @@ -0,0 +1,78 @@ > +#!/bin/bash > +##########################################################################= ### > ## > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# IPFire.org - A linux based > firewall=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# This program is free software: you can redistribute it and/or > modify=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# it under the terms of the GNU General Public License as published > by=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# the Free Software Foundation, either version 3 of the License, > or=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# (at your option) any later > version.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# This program is distributed in the hope that it will be > useful,=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +# but WITHOUT ANY WARRANTY; without even the implied warranty > of=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.=C2=A0=C2=A0See > the=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0# > +# GNU General Public License for more > details.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# You should have received a copy of the GNU General Public > License=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# along with this program.=C2=A0=C2=A0If not, see .=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 > =C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# Description : small script to create the zone file for > ipfire's=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0internal domain (for example > ipfire.local)=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# Author=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0: Marcel Lorenz =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 > =C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +##########################################################################= ### > ## > + > +ZONEFILE=3D"/etc/unbound/zones/local.conf" > +HOSTSFILE=3D"/var/ipfire/main/hosts" > + > +eval $(/usr/local/bin/readhash /var/ipfire/main/settings) > +eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) > +REV_GREEN=3D$(echo ${GREEN_ADDRESS} |awk -F. '{print $4"."$3"."$2"."$1}') > + > +# overwrite existing file > +cat > ${ZONEFILE} << "EOF" > +# This is the automatically created zone file for unbound > +# please do not edit this file, use the webinterface to add or remove hosts > +# if need more zones, create a new zone file and restart unbound=C2=A0 > +# > +EOF > + > +# create zone header=C2=A0 > +echo "# Zone file created at $(date)" >> ${ZONEFILE} > +echo "">> ${ZONEFILE}=C2=A0 > +echo "# zone definition " >> ${ZONEFILE} > +echo "private-domain: \"${DOMAINNAME}\"" >> ${ZONEFILE} > +echo "local-zone: \"${DOMAINNAME}.\" static" >> ${ZONEFILE} > +echo "local-data: \"${HOSTNAME}.${DOMAINNAME}. IN A ${GREEN_ADDRESS}\"" >> > ${ZONEFILE} > +echo "local-data: \"wpad.${DOMAINNAME}. IN A ${GREEN_ADDRESS}\"" >> > ${ZONEFILE} > +echo "local-data: \"${REV_GREEN}.in-addr.arpa. 10800 IN PTR > ${HOSTNAME}.${DOMAINNAME}.\"" >> ${ZONEFILE} > + > +# write forward entrys to zone file > +echo "" >> ${ZONEFILE}=C2=A0 > +echo "# Hosts from /var/ipfire/main/hosts" >> ${ZONEFILE} > + > +while read line=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > +do=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 > +=C2=A0=C2=A0if [[ $(echo ${line}|awk -F, '{print $1}') =3D on ]]; then > +=C2=A0=C2=A0=C2=A0=C2=A0IP=3D$(echo ${line}|awk -F, '{print $2}') > +=C2=A0=C2=A0=C2=A0=C2=A0HOST=3D$(echo ${line}|awk -F, '{print $3}') > +=C2=A0=C2=A0=C2=A0=C2=A0DOMAIN=3D$(echo ${line}|awk -F, '{print $4}') > +=C2=A0=C2=A0=C2=A0=C2=A0echo "local-data: \"${HOST}.${DOMAIN}. IN A ${IP}\= "" >> ${ZONEFILE} > +=C2=A0=C2=A0fi > +done < ${HOSTSFILE} > + > +# write reverse entrys to zone file > +echo "" >> ${ZONEFILE}=C2=A0 > +echo "# reverse entrys" >> ${ZONEFILE} > +while read line=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > +do=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 > +=C2=A0=C2=A0if [[ $(echo ${line}|awk -F, '{print $1}') =3D on ]]; then > +=C2=A0=C2=A0=C2=A0=C2=A0IP=3D$(echo ${line}|awk -F, '{print $2}'|awk -F. '= {print > $4"."$3"."$2"."$1}') > +=C2=A0=C2=A0=C2=A0=C2=A0HOST=3D$(echo ${line}|awk -F, '{print $3}') > +=C2=A0=C2=A0=C2=A0=C2=A0DOMAIN=3D$(echo ${line}|awk -F, '{print $4}') > +=C2=A0=C2=A0=C2=A0=C2=A0echo "local-data: \"${IP}.in-addr.arpa. 10800 IN P= TR ${HOST}.${DOMAIN}\"" > >> ${ZONEFILE} > +=C2=A0=C2=A0fi > +done < ${HOSTSFILE} > +unset IP HOST DOMAIN REV_GREEN; > +exit 0 > +# end of unbound-zone > diff --git a/config/unbound/unbound.conf b/config/unbound/unbound.conf > new file mode 100644 > index 0000000..8dc72e6 > --- /dev/null > +++ b/config/unbound/unbound.conf > @@ -0,0 +1,123 @@ > +# > +# Unbound configuration file for IPFire > +# > +# The full documentation is available at: > +# https://www.unbound.net/documentation/unbound.conf.html > +# > + > +server: > + # common server options > + chroot: "/etc/unbound" > + username: "unbound" > + pidfile: "/var/run/unbound.pid" > + num-threads: 2 > + port: 53 > + do-ip4: yes > + do-ip6: no > + do-udp: yes > + do-tcp: yes > + prefetch: yes > + so-reuseport: yes > + cache-min-ttl: 3600 > + cache-max-ttl: 86400 > + unwanted-reply-threshold: 10000 > + do-not-query-localhost: yes > + > + # logging options > + logfile: "log/unbound.log" > + use-syslog: no > + verbosity: 1 > + log-queries: no > + log-time-ascii: yes > + > + # Unbound Statistics > + statistics-interval: 3600 > + statistics-cumulative: yes > + extended-statistics: yes > + > + # privacy options > + hide-identity: yes > + hide-version: yes > + qname-minimisation: yes > + minimal-responses: yes > + > + # hardening options (some experimental) > + harden-glue: yes > + harden-large-queries: yes > + harden-dnssec-stripped: yes > + harden-short-bufsize: no > + harden-below-nxdomain: no > + harden-referral-path: no > + harden-algo-downgrade: no > + use-caps-for-id: yes > + > + # listen on localhost interface > + interface: 127.0.0.1 > + > + # file with ipfire interfaces > + include:=C2=A0=C2=A0"/etc/unbound/interfaces.conf" > + > + # control which clients are allowed to make (recursive) queries > + access-control: 0.0.0.0/0 refuse > + access-control: 127.0.0.0/8 allow > + access-control: ::0/0 refuse > + access-control: ::1 allow > + access-control: ::ffff:127.0.0.1 allow > + > + # file with ipfire networks > + include: "/etc/unbound/access.conf" > + > + # dnssec main options > + val-clean-additional: yes > + val-log-level: 1 > + # file with ipfire dnssec configuration > + include:=C2=A0=C2=A0"/etc/unbound/dnssec.conf" > + > + # DNS Rebinding > + # For DNS Rebinding prevention > + # > + # All these addresses are either private or should not be routable in > the global IPv4 or IPv6 internet. > + # IPv4 Addresses > + private-address: 0.0.0.0/8=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Bro= adcast address > + private-address: 10.0.0.0/8 > + private-address: 127.0.0.0/8=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Loopback Loca= lhost > + private-address: 172.16.0.0/12 > + private-address: 192.168.0.0/16 > + private-address: 169.254.0.0/16 > + private-address: 198.18.0.0/15=C2=A0=C2=A0=C2=A0# Used for testing inter-= network > communications > + private-address: 198.51.100.0/24 # Documentation network TEST-NET-2 > + private-address: 203.0.113.0/24=C2=A0=C2=A0# Documentation network TEST-N= ET-3 > + private-address: 233.252.0.0/24=C2=A0=C2=A0# Documentation network MCAST-= TEST- > NET > + # IPv6 Addresses > + private-address: ::1/128=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0# Loopback Localhost > + private-address: 2001:db8::/32=C2=A0=C2=A0=C2=A0# Documentation network I= Pv6 > + private-address: fc00::/8=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= # Unique local address (ULA) part of > "fc00::/7", not defined yet > + private-address: fd00::/8=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= # Unique local address (ULA) part of > "fc00::/7", "/48" prefix group > + private-address: fe80::/10=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# Lin= k-local address (LLA) > + > + # file with root servers=C2=A0 > + root-hints: "/etc/unbound/root.hints" > + > + # custom DNS zone files > + include: "/etc/unbound/zones/*.conf" > + > + # DHCP leases (if configured) > + include: /etc/unbound/dhcpleases.conf > + > + # Blocklists > + include: "/etc/unbound/blocklists/*.conf" > +# end server config > + > +# enable remote control only on localhost > +remote-control: > + control-enable: yes > + control-use-cert: yes > + control-interface: 127.0.0.1 > + server-key-file: "/etc/unbound/unbound_server.key" > + server-cert-file: "/etc/unbound/unbound_server.pem" > + control-key-file: "/etc/unbound/unbound_control.key" > + control-cert-file: "/etc/unbound/unbound_control.pem" > +# end remote control config > + > +# custom DNS forward config > +include: "/etc/unbound/forward.conf" > diff --git a/lfs/unbound b/lfs/unbound > new file mode 100644 > index 0000000..d91c0f9 > --- /dev/null > +++ b/lfs/unbound > @@ -0,0 +1,103 @@ > +##########################################################################= ### > ## > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# IPFire.org - A linux based > firewall=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# Copyright (C) 2007=C2=A0=C2=A0Michael Tremer & Christian > Schmidt=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# This program is free software: you can redistribute it and/or > modify=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# it under the terms of the GNU General Public License as published > by=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# the Free Software Foundation, either version 3 of the License, > or=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# (at your option) any later > version.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# This program is distributed in the hope that it will be > useful,=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +# but WITHOUT ANY WARRANTY; without even the implied warranty > of=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.=C2=A0=C2=A0See > the=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0# > +# GNU General Public License for more > details.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +# You should have received a copy of the GNU General Public > License=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# along with this program.=C2=A0=C2=A0If not, see .=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 > =C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 > =C2=A0# > +##########################################################################= ### > ## > + > +##########################################################################= ### > ## > +# Definitions > +##########################################################################= ### > ## > + > +include Config > + > +VER=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D 1.5.9 > +THISAPP=C2=A0=C2=A0=C2=A0=C2=A0=3D unbound-$(VER) > +DL_FILE=C2=A0=C2=A0=C2=A0=C2=A0=3D $(THISAPP).tar.gz > +DL_FROM=C2=A0=C2=A0=C2=A0=C2=A0=3D $(URL_IPFIRE) > +DIR_APP=C2=A0=C2=A0=C2=A0=C2=A0=3D $(DIR_SRC)/$(THISAPP) > +TARGET=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D $(DIR_INFO)/$(THISAPP) > +PROG=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D unbound > +PAK_VER=C2=A0=C2=A0=C2=A0=C2=A0=3D 1 > +DEPS=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D "" > + > +##########################################################################= ### > ## > +# Top-level Rules > +##########################################################################= ### > ## > + > +objects =3D $(DL_FILE) > + > +$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) > + > +$(DL_FILE)_MD5 =3D 0cefa62c1690b4db18583db84bff00e3 > + > +install : $(TARGET) > + > +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) > + > +download :$(patsubst %,$(DIR_DL)/%,$(objects)) > + > +md5 : $(subst %,%_MD5,$(objects)) > + > +dist:=C2=A0 > + $(PAK) > + > +##########################################################################= ### > ## > +# Downloading, checking, md5sum > +##########################################################################= ### > ## > + > +$(patsubst %,$(DIR_CHK)/%,$(objects)) : > + @$(CHECK) > + > +$(patsubst %,$(DIR_DL)/%,$(objects)) : > + @$(LOAD) > + > +$(subst %,%_MD5,$(objects)) : > + @$(MD5) > + > +##########################################################################= ### > ## > +# Installation Details > +##########################################################################= ### > ## > + > +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > + @$(PREBUILD) > + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) > + cd $(DIR_APP) && ./configure \ > + --prefix=3D/usr \ > + --sysconfdir=3D/etc \ > + --disable-static \ > + --with-libevent \ > + --with-pyunbound \ > + --with-pidfile=3D/var/run/unbound.pid > + cd $(DIR_APP) && make $(MAKETUNING) > + cd $(DIR_APP) && make install > + mv -v /usr/sbin/unbound-host /usr/bin/ > + # add ipfire config > + mkdir -pv /etc/unbound/blocklists > + mv -v /etc/unbound/unbound.conf /etc/unbound/unbound_org.conf > + install -v -m 644 $(DIR_SRC)/config/unbound/*.conf /etc/unbound/ > + install -v -m 644 $(DIR_SRC)/config/unbound/root.hints /etc/unbound/ > + install -v -m 644 $(DIR_SRC)/config/unbound/root.key /etc/unbound/ > + install -v -m 644 $(DIR_SRC)/config/unbound/blocklists/*.conf > /etc/unbound/blocklists/ > + install -v -m 644 $(DIR_SRC)/config/unbound/site-packages/* > /usr/lib/python2.7/site-packages/ > + install -v -m 754 $(DIR_SRC)/config/unbound/unbound-switch /usr/sbin/ > + install -v -m 754 $(DIR_SRC)/config/unbound/unbound-zone /usr/sbin/ > + install -v -m 754 $(DIR_SRC)/config/unbound/unbound-dhcpd.py > /usr/sbin/ > + install -v -m 754 $(DIR_SRC)/src/initscripts/init.d/unbound > /etc/rc.d/init.d/ > + install -v -m 754 $(DIR_SRC)/src/initscripts/init.d/unbound-dhcpd > /etc/rc.d/init.d/ > + install -v -m 754 $(DIR_SRC)/src/initscripts/init.d/network-unbound > /etc/rc.d/init.d/ > + @rm -rf $(DIR_APP) > + @$(POSTBUILD) > diff --git a/make.sh b/make.sh > index a9fac52..74bc06a 100755 > --- a/make.sh > +++ b/make.sh > @@ -870,6 +870,7 @@ buildipfire() { > =C2=A0=C2=A0=C2=A0ipfiremake libpciaccess > =C2=A0=C2=A0=C2=A0ipfiremake libyajl > =C2=A0=C2=A0=C2=A0ipfiremake libvirt > +=C2=A0=C2=A0ipfiremake unbound > =C2=A0} > =C2=A0 > =C2=A0buildinstaller() { > diff --git a/src/initscripts/init.d/network-unbound > b/src/initscripts/init.d/network-unbound > new file mode 100644 > index 0000000..31fe173 > --- /dev/null > +++ b/src/initscripts/init.d/network-unbound > @@ -0,0 +1,114 @@ > +#!/bin/sh > +######################################################################## > +# Begin $rc_base/init.d/network > +# > +# Description : Network Control Script > +# > +# Authors=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0: Michael Tremer - mitch(a)ipfire.o= rg > +# > +# Version=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0: 01.00 > +# > +# Notes=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0: Written for IPFire by i= ts team > +# > +######################################################################## > + > +. /etc/sysconfig/rc > +. ${rc_functions} > +eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) > + > + > +DO=3D"${1}" > +shift > + > +if [ -n "${1}" ]; then > + ALL=3D0 > + for i in green red blue orange; do > + eval "${i}=3D0" > + done > +else > + ALL=3D1 > + for i in green red blue orange; do > + eval "${i}=3D1" > + done > +fi > + > +while [ ! $# =3D 0 ]; do > + for i in green red blue orange; do > + if [ "${i}" =3D=3D "${1}" ]; then > + eval "${i}=3D1" > + shift > + fi > + done > +done > + > +case "${DO}" in > + start) > + > + # Starting interfaces... > + # GREEN > + [ "$green" =3D=3D "1" ] && /etc/rc.d/init.d/networking/green > start > + > + # BLUE > + [ "$blue" =3D=3D "1" ] && [ "$CONFIG_TYPE" =3D "3" -o > "$CONFIG_TYPE" =3D "4" ] && \ > + /etc/rc.d/init.d/networking/blue start > + > + # ORANGE > + [ "$orange" =3D=3D "1" ] && [ "$CONFIG_TYPE" =3D "2" -o > "$CONFIG_TYPE" =3D "4" ] && \ > + /etc/rc.d/init.d/networking/orange start > + > + # RED > + if [ "$red" =3D=3D "1" ]; then > + if [ "$CONFIG_TYPE" =3D "1" -o "$CONFIG_TYPE" =3D "2" -o > "$CONFIG_TYPE" =3D "3" -o "$CONFIG_TYPE" =3D "4" ]; then > + # Remove possible leftover files > + rm -f /var/ipfire/red/{active,device,dial-on- > demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf} > + [ "$AUTOCONNECT" =3D=3D "off" ] || > /etc/rc.d/init.d/networking/red start > + fi > + fi > + > + /etc/rc.d/init.d/static-routes start > + [ "${ALL}" =3D=3D "1" ] && /etc/rc.d/init.d/unbound start > + ;; > + > + stop) > + > + [ "${ALL}" =3D=3D "1" ] && /etc/rc.d/init.d/unbound stop > + # Stopping interfaces... > + # GREEN > + [ "$green" =3D=3D "1" ] && /etc/rc.d/init.d/networking/green stop > +=09 > + # BLUE > + [ "$blue" =3D=3D "1" ] && [ "$CONFIG_TYPE" =3D "3" -o > "$CONFIG_TYPE" =3D "4" ] && \ > + /etc/rc.d/init.d/networking/blue stop > + > + # ORANGE > + [ "$orange" =3D=3D "1" ] && [ "$CONFIG_TYPE" =3D "2" -o > "$CONFIG_TYPE" =3D "4" ] && \ > + /etc/rc.d/init.d/networking/orange stop > + > + # RED > + if [ "$red" =3D=3D "1" ]; then > + if [ "$CONFIG_TYPE" =3D "1" -o "$CONFIG_TYPE" =3D "2" -o > "$CONFIG_TYPE" =3D "3" -o "$CONFIG_TYPE" =3D "4" ]; then > + /etc/rc.d/init.d/networking/red stop > + fi > + fi > + > + exit 0 > + ;; > + > + restart) > + for i in green red blue orange; do > + if [ "${!i}" =3D=3D "1" ]; then > + ARGS+=3D" ${i}" > + fi > + done > + ${0} stop ${ARGS} > + sleep 1 > + ${0} start ${ARGS} > + ;; > + > + *) > + echo "Usage: ${0} {start|stop|restart} [device(s)]" > + exit 1 > + ;; > +esac > + > +# End /etc/rc.d/init.d/network > diff --git a/src/initscripts/init.d/unbound b/src/initscripts/init.d/unbound > new file mode 100644 > index 0000000..8e6881e > --- /dev/null > +++ b/src/initscripts/init.d/unbound > @@ -0,0 +1,178 @@ > +#!/bin/sh > +# Begin $rc_base/init.d/unbound > + > +# Description : Unbound DNS resolver boot script for IPfire > +# Author=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0: Marcel Lorenz > +# > +# Comment=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0: This init script additional start= s the dhcpd watcher daemon > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0if DNS-Update (RFC2136) in web interface enabled > + > +. /etc/sysconfig/rc > +. ${rc_functions} > + > +if [[ ! -d /run/var ]]; then mkdir /run/var; fi; > + > +CONTROL_INTERFACE_FILE=3D1 > +CONTROL_ACCESS_FILE=3D1 > +USE_CUSTOM_FORWARDS=3D0 > +ENABLE_DNSSEC=3D1 > + > +# Unbound daemon pid file > +PIDFILE=3D/var/run/unbound.pid > + > +# Watcher deamon pid file must be the same in unbound main init script > +WAPIDFILE=3D/var/run/unbound_dhcpd.pid > + > +function cidr() { > +=C2=A0=C2=A0=C2=A0=C2=A0local cidr nbits IFS; > +=C2=A0=C2=A0=C2=A0=C2=A0IFS=3D. read -r i1 i2 i3 i4 <<< ${1} > +=C2=A0=C2=A0=C2=A0=C2=A0IFS=3D. read -r m1 m2 m3 m4 <<< ${2} > +=C2=A0=C2=A0=C2=A0=C2=A0cidr=3D$(printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$(= (i2 & m2))" "$((i3 & > m3))" "$((i4 & m4))") > +=C2=A0=C2=A0=C2=A0=C2=A0nbits=3D0 > +=C2=A0=C2=A0=C2=A0=C2=A0IFS=3D. > +=C2=A0=C2=A0=C2=A0=C2=A0for dec in $2 ; do > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0case $dec in > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A025= 5) let nbits+=3D8;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A025= 4) let nbits+=3D7;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A025= 2) let nbits+=3D6;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A024= 8) let nbits+=3D5;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A024= 0) let nbits+=3D4;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A022= 4) let nbits+=3D3;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A019= 2) let nbits+=3D2;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A012= 8) let nbits+=3D1;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A00)= ;; > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0*)= echo "Error: $dec is not recognised"; exit 1 > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0esac > +=C2=A0=C2=A0=C2=A0=C2=A0done > +=C2=A0=C2=A0=C2=A0=C2=A0echo "${cidr}/${nbits}" > +} > + > +case "$1" in > + start) > + > + =C2=A0=C2=A0if [[ -f ${PIDFILE} ]]; then > + =C2=A0=C2=A0=C2=A0=C2=A0log_warning_msg "Unbound daemon is running with P= rocess ID $(cat > ${PIDFILE})" > + =C2=A0=C2=A0else > + =C2=A0=C2=A0=C2=A0=C2=A0eval $(/usr/local/bin/readhash /var/ipfire/ethern= et/settings) > + =C2=A0=C2=A0=C2=A0=C2=A0#ARGS=3D"$CUSTOM_ARGS" > + =C2=A0=C2=A0=C2=A0=C2=A0#[ "$DOMAIN_NAME_GREEN" !=3D "" ] && ARGS=3D"$ARG= S -s > $DOMAIN_NAME_GREEN" > + > + =C2=A0=C2=A0=C2=A0=C2=A0echo > /var/ipfire/red/resolv.conf # Clear it > + =C2=A0=C2=A0=C2=A0=C2=A0if [ -e "/var/ipfire/red/dns1" ]; then > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0DNS1=3D$(cat /var/ipfire/red/dn= s1 2>/dev/null) > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if [ ! -z ${DNS1} ]; then > + echo "nameserver ${DNS1}" >> /var/ipfire/red/resolv.conf > + NAMESERVERS=3D"${DNS1} " > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0if [ -e "/var/ipfire/red/dns2" ]; then > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0DNS2=3D$(cat /var/ipfire/red/dns2 2>/= dev/null) > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if [ ! -z ${DNS2} ]; then > + echo "nameserver ${DNS2}" >> /var/ipfire/red/resolv.conf > + NAMESERVERS+=3D"${DNS2} " > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0fi > + > + =C2=A0=C2=A0=C2=A0=C2=A0# create unbound interfaces.conf > + =C2=A0=C2=A0=C2=A0=C2=A0if [ ${CONTROL_INTERFACE_FILE} =3D 1 ]; then > + =C2=A0=C2=A0echo -n > /etc/unbound/interfaces.conf # Clear it > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if [ ! -z ${GREEN_ADDRESS} ]; then > + echo "interface: ${GREEN_ADDRESS}" >> > /etc/unbound/interfaces.conf > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if [ ! -z ${BLUE_ADDRESS} ]; then > + echo "interface: ${BLUE_ADDRESS}" >> > /etc/unbound/interfaces.conf > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi > + if [ ! -z ${ORANGE_ADDRESS} ]; then > + echo "interface: ${ORANGE_ADDRESS}" >> > /etc/unbound/interfaces.conf > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0fi > + > + =C2=A0=C2=A0=C2=A0=C2=A0# create unbound access.conf > + =C2=A0=C2=A0=C2=A0=C2=A0if [ ${CONTROL_ACCESS_FILE} =3D 1 ]; then > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0echo -n > /etc/unbound/access.conf # = Clear it > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if [ ! -z ${GREEN_ADDRESS} ]; then > + echo "access-control: $(cidr ${GREEN_ADDRESS} > ${GREEN_NETMASK}) allow" >> /etc/unbound/access.conf > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if [ ! -z ${BLUE_ADDRESS} ]; then > + echo "access-control: $(cidr ${BLUE_ADDRESS} ${BLUE_NETMASK}) > allow" >> /etc/unbound/access.conf > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if [ ! -z ${ORANGE_ADDRESS} ]; then > + echo "access-control: $(cidr ${ORANGE_ADDRESS} > ${ORANGE_NETMASK}) allow" >> /etc/unbound/access.conf > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0fi > + > + =C2=A0=C2=A0=C2=A0=C2=A0# create unbound dnssec.conf > + =C2=A0=C2=A0=C2=A0=C2=A0echo -n > /etc/unbound/dnssec.conf # Clear it > + =C2=A0=C2=A0=C2=A0=C2=A0if [ ${ENABLE_DNSSEC} =3D 1 ]; then > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0echo " # dessec enabled per default" = >> > /etc/unbound/dnssec.conf > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0echo " # no necessary config options = in this file" >> > /etc/unbound/dnssec.conf > + =C2=A0=C2=A0=C2=A0=C2=A0else > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0echo " # dnssec now disabled" >> > /etc/unbound/dnssec.conf > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0echo " module-config: iterator" >> > /etc/unbound/dnssec.conf > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0echo " val-permissive-mode: yes" >> > /etc/unbound/dnssec.conf > + =C2=A0=C2=A0=C2=A0=C2=A0fi > + > + =C2=A0=C2=A0=C2=A0=C2=A0# create zone file for internal ipfire domain=C2= =A0 > + =C2=A0=C2=A0=C2=A0=C2=A0unbound-zone > + > + =C2=A0=C2=A0=C2=A0=C2=A0boot_mesg "Starting Unbound DNS proxy..." > + =C2=A0=C2=A0=C2=A0=C2=A0unbound-anchor > + =C2=A0=C2=A0=C2=A0=C2=A0loadproc /usr/sbin/unbound > + > + =C2=A0=C2=A0=C2=A0=C2=A0# start dhcpd watcher daemon if DNS-Update (RFC21= 36) activated > + =C2=A0=C2=A0=C2=A0=C2=A0eval $(/usr/local/bin/readhash /var/ipfire/dhcp/s= ettings) > + =C2=A0=C2=A0=C2=A0=C2=A0if [[ ${DNS_UPDATE_ENABLED} =3D on && ! -f ${WAPI= DFILE} ]]; then > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/etc/rc.d/init.d/unbound-dhcpd start > + =C2=A0=C2=A0=C2=A0=C2=A0fi > + > + =C2=A0=C2=A0=C2=A0=C2=A0# use setup configured DNS servers=C2=A0 > + =C2=A0=C2=A0=C2=A0=C2=A0if [ "${USE_CUSTOM_FORWARDS}" -eq 0 ]; then > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0unbound-control forward_add +i = . ${NAMESERVERS} &> /dev/null > + =C2=A0=C2=A0=C2=A0=C2=A0fi; > + > + =C2=A0=C2=A0=C2=A0=C2=A0FORWADRS=3D$(unbound-control list_forwards |sed '= s|. IN forward > ||g'|sed 's|+i ||g') > + =C2=A0=C2=A0=C2=A0=C2=A0if [ "${USE_CUSTOM_FORWARDS}" -eq 0 ]; then > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0boot_mesg "Using DNS server(s): ${FOR= WADRS}" > + =C2=A0=C2=A0=C2=A0=C2=A0else > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0boot_mesg "Using custom DNS server(s)= : ${FORWADRS}" > + =C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0if [ ${ENABLE_DNSSEC} =3D 1 ]; then > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0boot_mesg "DNSSEC is enabled!" > + =C2=A0=C2=A0=C2=A0=C2=A0else > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0boot_mesg "DNSSEC is disabled!" > + =C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0fi=C2=A0 > + =C2=A0=C2=A0;; > + > + stop) > + > + =C2=A0=C2=A0if [[ -f ${PIDFILE} ]]; then > + =C2=A0=C2=A0=C2=A0=C2=A0# stop dhcpd watcher daemon if activted > + =C2=A0=C2=A0=C2=A0=C2=A0if [[ -f ${WAPIDFILE} ]]; then > + =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/etc/rc.d/init.d/unbound-dhcpd stop > + =C2=A0=C2=A0=C2=A0=C2=A0fi > + =C2=A0=C2=A0=C2=A0=C2=A0# stop Unbound daemon > + =C2=A0=C2=A0=C2=A0=C2=A0boot_mesg "Stopping Unbound DNS proxy..." > + =C2=A0=C2=A0=C2=A0=C2=A0killproc -p "/var/run/unbound.pid" /usr/sbin/unbo= und > + =C2=A0=C2=A0else > + =C2=A0=C2=A0=C2=A0=C2=A0log_warning_msg "Unbound daemon is not running..." > + =C2=A0=C2=A0fi > + =C2=A0=C2=A0;; > + > + restart) > + =C2=A0=C2=A0$0 stop > + =C2=A0=C2=A0sleep 1 > + =C2=A0=C2=A0$0 start > + =C2=A0=C2=A0;; > + > + status) > + =C2=A0=C2=A0statusproc /usr/sbin/unbound > + =C2=A0=C2=A0;; > + > + *) > + =C2=A0=C2=A0echo "Usage: $0 {start|stop|restart|status}" > + =C2=A0=C2=A0exit 1 > + =C2=A0=C2=A0;; > +esac > + > +# End $rc_base/init.d/unbound > diff --git a/src/initscripts/init.d/unbound-dhcpd > b/src/initscripts/init.d/unbound-dhcpd > new file mode 100644 > index 0000000..4c24a3c > --- /dev/null > +++ b/src/initscripts/init.d/unbound-dhcpd > @@ -0,0 +1,61 @@ > +#!/bin/sh > +# Begin $rc_base/init.d/unbound-dhcpd > + > +# Description : Unbound dhcpd lease file wachter daemon boot script for > IPFire > +# Author=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0: Marcel Lorenz > + > +. /etc/sysconfig/rc > +. $rc_functions > + > +PIDFILE=3D/var/run/unbound_dhcpd.pid > +SETFILE=3D/var/ipfire/main/settings > + > +case "$1" in > + start) > + if [[ -f ${PIDFILE} ]]; then > + =C2=A0=C2=A0log_warning_msg "Unbound dhcpd watcher daemon is running > with Process ID $(cat ${PIDFILE})" > + else > + =C2=A0=C2=A0eval $(/usr/local/bin/readhash ${SETFILE}) > + =C2=A0=C2=A0boot_mesg "Starting Unbound dhcpd watcher deamon..." > + =C2=A0=C2=A0loadproc /usr/bin/python /usr/sbin/unbound-dhcpd.py /domain > ${DOMAINNAME} /pid ${PIDFILE} > + fi > + ;; > + > + stop) > + if [[ -f ${PIDFILE} ]]; then > + =C2=A0=C2=A0boot_mesg "Stopping Unbound dhcpd watcher deamon..." > + =C2=A0=C2=A0kill $(/bin/cat ${PIDFILE}) > + =C2=A0=C2=A0sleep 1 > + =C2=A0=C2=A0if [[ -f ${PIDFILE} ]]; then > + =C2=A0=C2=A0=C2=A0=C2=A0echo_failure > + =C2=A0=C2=A0else > + =C2=A0=C2=A0=C2=A0=C2=A0echo_ok > + =C2=A0=C2=A0fi > + else > + =C2=A0=C2=A0log_warning_msg "Unbound dhcpd watcher daemon is not > running..." > + fi > + ;; > + > + restart) > + $0 stop > + sleep 1 > + $0 start > + ;; > + > + status) > + if [[ -f "$PIDFILE" ]]; then=C2=A0 > + =C2=A0=C2=A0echo -e "\\033[1;36mUnbound dhcpd watcher daemon is running > with Process ID $(cat ${PIDFILE})\\033[0;39m" > + =C2=A0=C2=A0exit 0 > + else > + =C2=A0=C2=A0echo -e "\\033[1;36mUnbound dhcpd watcher daemon is not > running...\\033[0;39m" > + =C2=A0=C2=A0exit 0 > + fi > + ;; > + > + *) > + echo "Usage: $0 {start|stop|restart|status}" > + exit 1 > + ;; > +esac > + > +# End $rc_base/init.d/unbound-dhcpd > \ No newline at end of file > diff --git a/src/paks/unbound/install.sh b/src/paks/unbound/install.sh > new file mode 100644 > index 0000000..84c93f3 > --- /dev/null > +++ b/src/paks/unbound/install.sh > @@ -0,0 +1,70 @@ > +#!/bin/bash > +##########################################################################= ## > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# This file is part of the IPFire Firewall.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# IPFire is free software; you can redistribute it and/or modify=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# it under the terms of the GNU General Public License as published by=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# the Free Software Foundation; either version 2 of the License, or=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# (at your option) any later version.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# IPFire is distributed in the hope that it will be useful,=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0# > +# but WITHOUT ANY WARRANTY; without even the implied warranty of=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.=C2=A0=C2=A0See the= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# GNU General Public License for more details.=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# You should have received a copy of the GNU General Public License=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# along with IPFire; if not, write to the Free Software=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA=C2=A0=C2=A00211= 1-1307 USA # > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# Copyright (C) 2016 IPFire-Team .=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +##########################################################################= ## > +# > +. /opt/pakfire/lib/functions.sh > +extract_files > +restore_backup ${NAME} > + > +# add unbound user and group > +groupadd -g 85 unbound=C2=A0 > +useradd -c "Unbound DNS resolver" -d /var/lib/unbound -u 85 -g unbound -s > /bin/false unbound > + > +# create config subdir's > +mkdir -pv /etc/unbound/log /etc/unbound/zones=C2=A0=C2=A0/var/log/unbound > +chown unbound:unbound -R /var/log/unbound/ /etc/unbound/log/; > + > +echo "Add logrotate config for unbound now..." > +LOGROTATE=3D$(grep -A 1 '/var/log/unbound/unbound.log' /etc/logrotate.conf) > +if [[ ! "${LOGROTATE}" ]]; then > +cat >> /etc/logrotate.conf << "EOF" > +# Unbound > +/var/log/unbound/unbound.log { > +=C2=A0=C2=A0=C2=A0=C2=A0daily > +=C2=A0=C2=A0=C2=A0=C2=A0rotate 30 > +=C2=A0=C2=A0=C2=A0=C2=A0copytruncate > +=C2=A0=C2=A0=C2=A0=C2=A0compress > +=C2=A0=C2=A0=C2=A0=C2=A0missingok > +=C2=A0=C2=A0=C2=A0=C2=A0prerotate > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/bin/mv -f /etc/unbound/log/unbound.lo= g /var/log/unbound/unbound.log > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/usr/sbin/unbound-control log_reopen &= > /dev/null > +=C2=A0=C2=A0=C2=A0=C2=A0endscript > +} > + > +EOF > +touch /etc/unbound/dhcpleases.conf > +touch /var/log/unbound/unbound.log > +chown unbound:unbound /var/log/unbound/unbound.log > +fi > + > +# create link to current logfile > +ln -svf /etc/unbound/log/unbound.log /var/log/unbound/current.log > + > +# create remote control key files and set rights=C2=A0 > +/usr/sbin/unbound-control-setup &> /dev/null > +chown unbound:unbound > /etc/unbound/{unbound_control.*,unbound_server.*,root.key,root.hints} > + > +# at last switch the DNS-Resolver to unbound > +/usr/sbin/unbound-switch > + > +unset LOGROTATE > +exit 0 > diff --git a/src/paks/unbound/uninstall.sh b/src/paks/unbound/uninstall.sh > new file mode 100644 > index 0000000..fc39f9f > --- /dev/null > +++ b/src/paks/unbound/uninstall.sh > @@ -0,0 +1,27 @@ > +#!/bin/bash > +##########################################################################= ## > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# This file is part of the IPFire Firewall.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# IPFire is free software; you can redistribute it and/or modify=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# it under the terms of the GNU General Public License as published by=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# the Free Software Foundation; either version 2 of the License, or=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# (at your option) any later version.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# IPFire is distributed in the hope that it will be useful,=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0# > +# but WITHOUT ANY WARRANTY; without even the implied warranty of=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.=C2=A0=C2=A0See the= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# GNU General Public License for more details.=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# You should have received a copy of the GNU General Public License=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# along with IPFire; if not, write to the Free Software=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA=C2=A0=C2=A00211= 1-1307 USA # > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# Copyright (C) 2007 IPFire-Team .=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +##########################################################################= ## > +# > +. /opt/pakfire/lib/functions.sh > +/usr/sbin/resolver.sh > +make_backup ${NAME} > +remove_files > diff --git a/src/paks/unbound/update.sh b/src/paks/unbound/update.sh > new file mode 100644 > index 0000000..89c40d0 > --- /dev/null > +++ b/src/paks/unbound/update.sh > @@ -0,0 +1,26 @@ > +#!/bin/bash > +##########################################################################= ## > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# This file is part of the IPFire Firewall.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# IPFire is free software; you can redistribute it and/or modify=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# it under the terms of the GNU General Public License as published by=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# the Free Software Foundation; either version 2 of the License, or=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# (at your option) any later version.=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# IPFire is distributed in the hope that it will be useful,=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0# > +# but WITHOUT ANY WARRANTY; without even the implied warranty of=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.=C2=A0=C2=A0See the= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# GNU General Public License for more details.=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# You should have received a copy of the GNU General Public License=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# along with IPFire; if not, write to the Free Software=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA=C2=A0=C2=A00211= 1-1307 USA # > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +# Copyright (C) 2007 IPFire-Team .=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +#=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0# > +##########################################################################= ## > +# > +. /opt/pakfire/lib/functions.sh > +./uninstall.sh > +./install.sh --===============9216472915170166980== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjIKCmlRSWNCQUFC Q2dBR0JRSlhwak1LQUFvSkVJQjU4UDl2a0FrSHhxSVAvaXNEbVRmZko2TUNiN1A4VHlmZWhOOEIK d0piVC9Oc3VKeGdQVUEwRlJWT2tXTXR5RjRnZUwwL1NDZnZYN2pWZVRkZnR1UHpxUFFRNE1nYU50 M2hWRGQxbgpIeHhhNDh3Yzd3amZTTmlwdlZqanhhUU1YZitLTkJXcDk1c2VoWDVBMGtQcXNmZUxD bjFJVHBBdzY0bkxIRDBnCmhWZWZGTVZYeURMdXJQZ2UzejJ6Y0FvUXFvM05BSFhFM0pTTFNBdG5P N2lSL0xRTDZUQ2tHNWZOR0pEalhxUDkKcnpXMDV3NVBWQitsSFBXVncxWStDR3lnajlSbjFXL3B6 Q01Na2t3d3VzQi9JMDBaVzlmcUoxaTJLL3g3NE9VVAphbTExd0N2M3hzeVQvU3ZRU1NIWFFCNVFv TDJmdVNUUzFRSFc0VWdXYTQ1OU9NVk94SDNYcE42eTc4Z1hFdGRuCjJqalp6b25QdzFZSmR3TnBV SUE3TnRyUVpDZWxnQnJNMTEzTnNxQk9tUkE5T1k5VlR3dGxOZE54V0VtcDJ0M28KNjhvTVZqZ3ho cHpvejcvejJrYWJRN2FWNUZGVmM1T3J2Q29MWTNoUlZEN0NTR1dvUm1oUXZXMlpWaEwyZnU3UApJ T2Era1FzeTZMWXRsZmpMMXhTT3FONWJ2K1p5Rkt5ektKSVBPWlB2c3ZSeG9SY05NSkpoazg2bCsv ZDJPVjdsCjJZenZzWm9veDhxZnI3NUZDREhSMWxsU3crU1B0ejlPVTBGNTY2c2FUclF5cS81bFNk cVRGMmYzVXRYZllpLzcKdHhoWUoxSjR6bUlUZDNZWHlHZWRGYWxVVnp2RDh1OUZ1V29GRVdnM2RL K0JzN2JZTXljczRzbEM1VnhDTWlTeQo3WHF6cXJUVmJwdVRDQUtzTlR5ego9a1VicQotLS0tLUVO RCBQR1AgU0lHTkFUVVJFLS0tLS0K --===============9216472915170166980==--