[git.ipfire.org] IPFire 2.x development tree branch, next, updated. a057a976551e3554d123f5aef1f03583b819feb9 - IPFire-SCM

21 Oct 2015

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
       via  a057a976551e3554d123f5aef1f03583b819feb9 (commit)
       via  2b952557f4c963bdca3a4a9cf0e6c25ff6d19771 (commit)
       via  364452506fcc7170c000d2ac7fe7ae67351a6241 (commit)
       via  5fd7e84c499320c9ba1d81c78a706cd42b5bfc2c (commit)
       via  28fee67640d1c1f5ddc692c1c7f073fa8f115d3c (commit)
       via  b510e12ac1deb8ac93fcfa7dc62a505affe0fdee (commit)
       via  f5fb9a0466e6857ab4c8294a58e1cd7678d72b45 (commit)
      from  4e8949e8177a13dde72946ea9d02d0c12badafe0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a057a976551e3554d123f5aef1f03583b819feb9
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Wed Oct 21 17:34:41 2015 +0100
dhcp rfc2136: dhcpd does not seem to support SHA-1
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 2b952557f4c963bdca3a4a9cf0e6c25ff6d19771
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Wed Oct 21 13:52:22 2015 +0100
core95: Ship DHCP RFC2136 changes
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 364452506fcc7170c000d2ac7fe7ae67351a6241
Merge: 4e8949e 5fd7e84
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Wed Oct 21 13:50:07 2015 +0100
Merge remote-tracking branch 'ms/dhcp-rfc2136-broken-down' into next
commit 5fd7e84c499320c9ba1d81c78a706cd42b5bfc2c
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Tue Mar 31 01:23:35 2015 +0200
dhcp-ddns: Set TTL to 1 minute
commit 28fee67640d1c1f5ddc692c1c7f073fa8f115d3c
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Mon Mar 16 00:54:42 2015 +0100
dnsmasq: Disable parsing leases when DNS Update is enabled
commit b510e12ac1deb8ac93fcfa7dc62a505affe0fdee
Author: Stefan Schantl stefan.schantl@ipfire.org
Date:   Mon Mar 16 00:54:20 2015 +0100
DHCP: Allow DNS Update configuration in the web user interface
commit f5fb9a0466e6857ab4c8294a58e1cd7678d72b45
Author: Michael Tremer michael.tremer@ipfire.org
Date:   Sun Mar 15 13:34:02 2015 +0100
DHCP: Allow using external name servers for leases
These changes allow a user to use RFC2136 in order to
    update their (public) DNS zone with the dynamic or
    static leases.
A TSIG key may optionally be used to authenticate
    the updates.
-----------------------------------------------------------------------
Summary of changes:
 config/rootfiles/core/95/filelists/files |   2 +
 doc/language_issues.de                   |   1 +
 doc/language_issues.en                   |   1 +
 doc/language_issues.es                   |   7 ++
 doc/language_issues.fr                   |   7 ++
 doc/language_issues.it                   |   7 ++
 doc/language_issues.nl                   |   7 ++
 doc/language_issues.pl                   |   7 ++
 doc/language_issues.ru                   |   7 ++
 doc/language_issues.tr                   |   7 ++
 doc/language_missings                    |  24 +++++++
 html/cgi-bin/dhcp.cgi                    | 106 ++++++++++++++++++++++++++++++-
 langs/de/cgi-bin/de.pl                   |   5 ++
 langs/en/cgi-bin/en.pl                   |   5 ++
 src/initscripts/init.d/dnsmasq           |  22 ++++++-
 15 files changed, 210 insertions(+), 5 deletions(-)
Difference in files:

diff --git a/config/rootfiles/core/95/filelists/files b/config/rootfiles/core/95/filelists/files
index 7ee6f0a..dfecbaf 100644
--- a/config/rootfiles/core/95/filelists/files
+++ b/config/rootfiles/core/95/filelists/files
@@ -1,9 +1,11 @@
 etc/system-release
 etc/issue
+etc/rc.d/init.d/dnsmasq
 etc/rc.d/init.d/firewall
 lib/udev/network-hotplug-vlan
 lib/udev/rules.d/60-net.rules
 srv/web/ipfire/cgi-bin/connections.cgi
+srv/web/ipfire/cgi-bin/dhcp.cgi
 srv/web/ipfire/cgi-bin/firewall.cgi
 srv/web/ipfire/cgi-bin/logs.cgi/firewalllogcountry.dat
 srv/web/ipfire/cgi-bin/pppsetup.cgi
diff --git a/doc/language_issues.de b/doc/language_issues.de
index 54d9de9..6c47184 100644
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -82,6 +82,7 @@ WARNING: translation string unused: cache management
 WARNING: translation string unused: cache size
 WARNING: translation string unused: calamaris report interval (in minutes)
 WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cannot enable both nat traversal and compression
 WARNING: translation string unused: cant enable xtaccess
 WARNING: translation string unused: capsinactive
 WARNING: translation string unused: ccd err iroute
diff --git a/doc/language_issues.en b/doc/language_issues.en
index 95477de..68e351c 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -100,6 +100,7 @@ WARNING: translation string unused: cache management
 WARNING: translation string unused: cache size
 WARNING: translation string unused: calamaris report interval (in minutes)
 WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cannot enable both nat traversal and compression
 WARNING: translation string unused: cant enable xtaccess
 WARNING: translation string unused: capsinactive
 WARNING: translation string unused: ccd err iroute
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 91945ff..84298f4 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -95,6 +95,7 @@ WARNING: translation string unused: cache management
 WARNING: translation string unused: cache size
 WARNING: translation string unused: calamaris report interval (in minutes)
 WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cannot enable both nat traversal and compression
 WARNING: translation string unused: cant enable xtaccess
 WARNING: translation string unused: capsinactive
 WARNING: translation string unused: cfg restart
@@ -668,6 +669,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: dnat address
 WARNING: untranslated string: dns servers
 WARNING: untranslated string: dnsforward
@@ -989,6 +995,7 @@ WARNING: untranslated string: proxy reports weekly
 WARNING: untranslated string: qos enter bandwidths
 WARNING: untranslated string: random number generator daemon
 WARNING: untranslated string: red1
+WARNING: untranslated string: required field
 WARNING: untranslated string: route config changed
 WARNING: untranslated string: routing config added
 WARNING: untranslated string: routing config changed
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 344ef07..e9915c8 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -95,6 +95,7 @@ WARNING: translation string unused: cache management
 WARNING: translation string unused: cache size
 WARNING: translation string unused: calamaris report interval (in minutes)
 WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cannot enable both nat traversal and compression
 WARNING: translation string unused: cant enable xtaccess
 WARNING: translation string unused: capsinactive
 WARNING: translation string unused: cfg restart
@@ -675,6 +676,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: dnat address
 WARNING: untranslated string: dns address deleted txt
 WARNING: untranslated string: dns servers
@@ -1000,6 +1006,7 @@ WARNING: untranslated string: proxy reports weekly
 WARNING: untranslated string: qos enter bandwidths
 WARNING: untranslated string: random number generator daemon
 WARNING: untranslated string: red1
+WARNING: untranslated string: required field
 WARNING: untranslated string: route config changed
 WARNING: untranslated string: routing config added
 WARNING: untranslated string: routing config changed
diff --git a/doc/language_issues.it b/doc/language_issues.it
index 38614d6..420a46c 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -99,6 +99,7 @@ WARNING: translation string unused: cache management
 WARNING: translation string unused: cache size
 WARNING: translation string unused: calamaris report interval (in minutes)
 WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cannot enable both nat traversal and compression
 WARNING: translation string unused: cant enable xtaccess
 WARNING: translation string unused: capsinactive
 WARNING: translation string unused: ccd err iroute
@@ -674,6 +675,11 @@ WARNING: untranslated string: advproxy group access control
 WARNING: untranslated string: advproxy group required
 WARNING: untranslated string: bytes
 WARNING: untranslated string: check all
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: email config
 WARNING: untranslated string: email empty field
 WARNING: untranslated string: email invalid
@@ -729,6 +735,7 @@ WARNING: untranslated string: ovpn add conf
 WARNING: untranslated string: pptp netconfig
 WARNING: untranslated string: pptp peer
 WARNING: untranslated string: pptp route
+WARNING: untranslated string: required field
 WARNING: untranslated string: route config changed
 WARNING: untranslated string: routing config added
 WARNING: untranslated string: routing config changed
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 2d3c78b..c876987 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -99,6 +99,7 @@ WARNING: translation string unused: cache management
 WARNING: translation string unused: cache size
 WARNING: translation string unused: calamaris report interval (in minutes)
 WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cannot enable both nat traversal and compression
 WARNING: translation string unused: cant enable xtaccess
 WARNING: translation string unused: capsinactive
 WARNING: translation string unused: ccd err iroute
@@ -679,6 +680,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: dns servers
 WARNING: untranslated string: dnssec aware
 WARNING: untranslated string: dnssec information
@@ -771,6 +777,7 @@ WARNING: untranslated string: pptp netconfig
 WARNING: untranslated string: pptp peer
 WARNING: untranslated string: pptp route
 WARNING: untranslated string: random number generator daemon
+WARNING: untranslated string: required field
 WARNING: untranslated string: route config changed
 WARNING: untranslated string: routing config added
 WARNING: untranslated string: routing config changed
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index 91945ff..84298f4 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -95,6 +95,7 @@ WARNING: translation string unused: cache management
 WARNING: translation string unused: cache size
 WARNING: translation string unused: calamaris report interval (in minutes)
 WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cannot enable both nat traversal and compression
 WARNING: translation string unused: cant enable xtaccess
 WARNING: translation string unused: capsinactive
 WARNING: translation string unused: cfg restart
@@ -668,6 +669,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: dnat address
 WARNING: untranslated string: dns servers
 WARNING: untranslated string: dnsforward
@@ -989,6 +995,7 @@ WARNING: untranslated string: proxy reports weekly
 WARNING: untranslated string: qos enter bandwidths
 WARNING: untranslated string: random number generator daemon
 WARNING: untranslated string: red1
+WARNING: untranslated string: required field
 WARNING: untranslated string: route config changed
 WARNING: untranslated string: routing config added
 WARNING: untranslated string: routing config changed
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 4531670..a03f300 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -95,6 +95,7 @@ WARNING: translation string unused: cache management
 WARNING: translation string unused: cache size
 WARNING: translation string unused: calamaris report interval (in minutes)
 WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cannot enable both nat traversal and compression
 WARNING: translation string unused: cant enable xtaccess
 WARNING: translation string unused: capsinactive
 WARNING: translation string unused: cfg restart
@@ -669,6 +670,11 @@ WARNING: untranslated string: dh key move failed
 WARNING: untranslated string: dh key warn
 WARNING: untranslated string: dh key warn1
 WARNING: untranslated string: dh parameter
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: disk access per
 WARNING: untranslated string: dnat address
 WARNING: untranslated string: dns servers
@@ -983,6 +989,7 @@ WARNING: untranslated string: proxy reports weekly
 WARNING: untranslated string: qos enter bandwidths
 WARNING: untranslated string: random number generator daemon
 WARNING: untranslated string: red1
+WARNING: untranslated string: required field
 WARNING: untranslated string: route config changed
 WARNING: untranslated string: routing config added
 WARNING: untranslated string: routing config changed
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 672a49d..5d1ceb7 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -99,6 +99,7 @@ WARNING: translation string unused: cache management
 WARNING: translation string unused: cache size
 WARNING: translation string unused: calamaris report interval (in minutes)
 WARNING: translation string unused: calc traffic all x minutes
+WARNING: translation string unused: cannot enable both nat traversal and compression
 WARNING: translation string unused: cant enable xtaccess
 WARNING: translation string unused: capsinactive
 WARNING: translation string unused: ccd err iroute
@@ -666,6 +667,11 @@ WARNING: translation string unused: yearly firewallhits
 WARNING: untranslated string: Scan for Songs
 WARNING: untranslated string: bytes
 WARNING: untranslated string: check all
+WARNING: untranslated string: dhcp dns enable update
+WARNING: untranslated string: dhcp dns key name
+WARNING: untranslated string: dhcp dns update
+WARNING: untranslated string: dhcp dns update algo
+WARNING: untranslated string: dhcp dns update secret
 WARNING: untranslated string: email config
 WARNING: untranslated string: email empty field
 WARNING: untranslated string: email invalid
@@ -708,6 +714,7 @@ WARNING: untranslated string: ovpn add conf
 WARNING: untranslated string: pptp netconfig
 WARNING: untranslated string: pptp peer
 WARNING: untranslated string: pptp route
+WARNING: untranslated string: required field
 WARNING: untranslated string: route config changed
 WARNING: untranslated string: routing config added
 WARNING: untranslated string: routing config changed
diff --git a/doc/language_missings b/doc/language_missings
index 97e2d18..9da0122 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -85,6 +85,11 @@
 < deprecated fs warn
 < details
 < dh
+< dhcp dns enable update
+< dhcp dns key name
+< dhcp dns update
+< dhcp dns update algo
+< dhcp dns update secret
 < dh key move failed
 < dh key warn
 < dh key warn1
@@ -468,6 +473,7 @@
 < qos enter bandwidths
 < random number generator daemon
 < red1
+< required field
 < samba join a domain
 < samba join domain
 < search
@@ -689,6 +695,11 @@
 < deprecated fs warn
 < details
 < dh
+< dhcp dns enable update
+< dhcp dns key name
+< dhcp dns update
+< dhcp dns update algo
+< dhcp dns update secret
 < dh key move failed
 < dh key warn
 < dh key warn1
@@ -1077,6 +1088,7 @@
 < qos enter bandwidths
 < random number generator daemon
 < red1
+< required field
 < samba join a domain
 < samba join domain
 < search
@@ -1274,6 +1286,11 @@
 < deprecated fs warn
 < details
 < dh
+< dhcp dns enable update
+< dhcp dns key name
+< dhcp dns update
+< dhcp dns update algo
+< dhcp dns update secret
 < dh key move failed
 < dh key warn
 < dh key warn1
@@ -1650,6 +1667,7 @@
 < qos enter bandwidths
 < random number generator daemon
 < red1
+< required field
 < samba join a domain
 < samba join domain
 < search
@@ -1847,6 +1865,11 @@
 < deprecated fs warn
 < details
 < dh
+< dhcp dns enable update
+< dhcp dns key name
+< dhcp dns update
+< dhcp dns update algo
+< dhcp dns update secret
 < dh key move failed
 < dh key warn
 < dh key warn1
@@ -2226,6 +2249,7 @@
 < qos enter bandwidths
 < random number generator daemon
 < red1
+< required field
 < samba join a domain
 < samba join domain
 < search
diff --git a/html/cgi-bin/dhcp.cgi b/html/cgi-bin/dhcp.cgi
index a22bcd4..3eb5349 100644
--- a/html/cgi-bin/dhcp.cgi
+++ b/html/cgi-bin/dhcp.cgi
@@ -70,11 +70,17 @@ foreach my $itf (@ITFs) {
     $dhcpsettings{"NTP2_${itf}"} = '';
     $dhcpsettings{"NEXT_${itf}"} = '';
     $dhcpsettings{"FILE_${itf}"} = '';
+    $dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"} = '';
+    $dhcpsettings{"DNS_UPDATE_KEY_SECRET_${itf}"} = '';
+    $dhcpsettings{"DNS_UPDATE_KEY_ALGO_${itf}"} = '';
 }
$dhcpsettings{'SORT_FLEASELIST'} = 'FIPADDR';
 $dhcpsettings{'SORT_LEASELIST'} = 'IPADDR';
+# DNS Update settings
+$dhcpsettings{'DNS_UPDATE_ENABLED'} = 'off';
+
 #Settings2 for editing the multi-line list
 #Must not be saved with writehash !
 $dhcpsettings{'FIX_MAC'} = '';
@@ -596,6 +602,78 @@ print <<END
     <td width='40%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
 </tr>
 </table>
+END
+;
+&Header::closebox();
+
+# DHCP DNS update support (RFC2136)
+&Header::openbox('100%', 'left', $Lang::tr{'dhcp dns update'});
+
+my %checked = ();
+$checked{'DNS_UPDATE_ENABLED'}{'on'} = ( $dhcpsettings{'DNS_UPDATE_ENABLED'} ne 'on') ? '' : "checked='checked'";
+
+print <<END
+<table  width='100%'>
+	<tr>
+		<td width='25%' class='boldbase'>$Lang::tr{'dhcp dns enable update'}</td>
+		<td class='base'><input type='checkbox' name='DNS_UPDATE_ENABLED' $checked{'DNS_UPDATE_ENABLED'}{'on'}>
+		</td>
+	<tr>
+</table>
+
+<table width='100%'>
+END
+;
+	my @domains = ();
+
+	# Print options for each interface.
+	foreach my $itf (@ITFs) {
+		# Check if DHCP for this interface is enabled.
+		if ($dhcpsettings{"ENABLE_${itf}"} eq 'on') {
+			# Check for same domain name.
+			next if ($dhcpsettings{"DOMAIN_NAME_${itf}"} ~~ @domains);
+			my $lc_itf = lc($itf);
+
+			# Select previously configured update algorithm.
+			my %selected = ();
+			$selected{'DNS_UPDATE_ALGO_${inf}'}{$dhcpsettings{'DNS_UPDATE_ALGO_${inf}'}} = 'selected';
+
+print <<END
+	<tr>
+		<td colspan='6'>&nbsp;</td>
+	</tr>
+	<tr>
+		<td colspan='6' class='boldbase'><b>$dhcpsettings{"DOMAIN_NAME_${itf}"}</b></td>
+	</tr>
+	<tr>
+		<td width='10%' class='boldbase'>$Lang::tr{'dhcp dns key name'}:</td>
+		<td width='20%'><input type='text' name='DNS_UPDATE_KEY_NAME_${itf}' value='$dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"}'></td>
+		<td width='10%' class='boldbase' align='right'>$Lang::tr{'dhcp dns update secret'}:&nbsp;&nbsp;</td>
+		<td width='20%'><input type='password' name='DNS_UPDATE_KEY_SECRET_${itf}' value='$dhcpsettings{"DNS_UPDATE_KEY_SECRET_${itf}"}'></td>
+		<td width='10%' class='boldbase' align='right'>$Lang::tr{'dhcp dns update algo'}:&nbsp;&nbsp;</td>
+		<td width='20%'>
+			<select name='DNS_UPDATE_KEY_ALGO_${itf}'>
+				<!-- <option value='hmac-sha1' $selected{'DNS_UPDATE_KEY_ALGO_${itf}'}{'hmac-sha1'}>HMAC-SHA1</option> -->
+				<option value='hmac-md5' $selected{'DNS_UPDATE_KEY_ALGO_${itf}'}{'hmac-md5'}>HMAC-MD5</option>
+			</select>
+		</td>
+	</tr>
+END
+;
+	}
+
+	# Store configured domain based on the interface
+	# in the temporary variable.
+	push(@domains, $dhcpsettings{"DOMAIN_NAME_${itf}"});
+}
+print <<END
+</table>
+<hr>
+<table width='100%'>
+	<tr>
+		<td align='right'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
+	</tr>
+</table>
 </form>
 END
 ;
@@ -1131,9 +1209,19 @@ sub buildconf {
     flock(FILE, 2);
# Global settings
-    print FILE "ddns-update-style none;\n";
     print FILE "deny bootp;	#default\n";
     print FILE "authoritative;\n";
+
+    # DNS Update settings
+    if ($dhcpsettings{'DNS_UPDATE_ENABLED'} eq 'on') {
+        print FILE "ddns-updates           on;\n";
+        print FILE "ddns-update-style      interim;\n";
+        print FILE "ddns-ttl               60; # 1 min\n";
+        print FILE "ignore                 client-updates;\n";
+        print FILE "update-static-leases   on;\n";
+    } else {
+        print FILE "ddns-update-style none;\n";
+    }
# Write first new option definition
     foreach my $line (@current1) {
@@ -1162,12 +1250,13 @@ sub buildconf {
        }
    }# on    
     }# foreach line
+    print FILE "\n";
#Subnet range definition
     foreach my $itf (@ITFs) {
    my $lc_itf=lc($itf);
    if ($dhcpsettings{"ENABLE_${itf}"} eq 'on' ){
-	    print FILE "\nsubnet " . $netsettings{"${itf}_NETADDRESS"} . " netmask ". $netsettings{"${itf}_NETMASK"} . " #$itf\n";
+	    print FILE "subnet " . $netsettings{"${itf}_NETADDRESS"} . " netmask ". $netsettings{"${itf}_NETMASK"} . " #$itf\n";
        print FILE "{\n";
        print FILE "\trange " . $dhcpsettings{"START_ADDR_${itf}"} . ' ' . $dhcpsettings{"END_ADDR_${itf}"}.";\n" if ($dhcpsettings{"START_ADDR_${itf}"});
        print FILE "\toption subnet-mask "   . $netsettings{"${itf}_NETMASK"} . ";\n";
@@ -1204,7 +1293,18 @@ sub buildconf {
    	    }
    	}# on    
        }# foreach line
-	    print FILE "} #$itf\n";
+	    print FILE "} #$itf\n\n";
+
+	    if (($dhcpsettings{"DNS_UPDATE_ENABLED"} eq "on") && ($dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"} ne "")) {
+	        print FILE "key " . $dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"} . " {\n";
+	        print FILE "\talgorithm " . $dhcpsettings{"DNS_UPDATE_KEY_ALGO_${itf}"} . ";\n";
+	        print FILE "\tsecret "" . $dhcpsettings{"DNS_UPDATE_KEY_SECRET_${itf}"} . "";\n";
+	        print FILE "};\n\n";
+
+	        print FILE "zone " . $dhcpsettings{"DOMAIN_NAME_${itf}"} . ". {\n";
+	        print FILE "\tkey " . $dhcpsettings{"DNS_UPDATE_KEY_NAME_${itf}"} . ";\n";
+		print FILE "}\n\n";
+	    }
system ('/usr/bin/touch', "${General::swroot}/dhcp/enable_${lc_itf}");
        &General::log("DHCP on ${itf}: " . $Lang::tr{'dhcp server enabled'})
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index e952de2..cf04d3d 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -699,6 +699,11 @@
 'dhcp bootp pxe data' => 'Geben Sie optionale BOOTP PXE-Daten für diese feste Zuordnung ein',
 'dhcp configuration' => 'DHCP-Konfiguration',
 'dhcp create fixed leases' => 'Feste Zuordnungen erzeugen',
+'dhcp dns enable update' => 'DNS-Update (RFC2136) aktivieren:',
+'dhcp dns key name' => 'Schlüsselname:',
+'dhcp dns update' => 'DNS-Update',
+'dhcp dns update algo' => 'Algorithmus:',
+'dhcp dns update secret' => 'Schlüssel:',
 'dhcp fixed lease err1' => 'Für eine feste Zuordnung müssen entweder die Hardware Adresse (MAC-Adresse) oder der Hostname oder beide eingetragen werden.',
 'dhcp fixed lease help1' => 'IP Adressen können als FQDN angegeben werden.',
 'dhcp mode' => 'DHCP',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 55cf228..56238ed 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -722,6 +722,11 @@
 'dhcp bootp pxe data' => 'Enter optional bootp pxe data for this fixed lease',
 'dhcp configuration' => 'DHCP configuration',
 'dhcp create fixed leases' => 'Create fixed leases',
+'dhcp dns enable update' => 'Enable DNS Update (RFC2136):',
+'dhcp dns key name' => 'Key Name:',
+'dhcp dns update' => 'DNS Update',
+'dhcp dns update algo' => 'Algorithm:',
+'dhcp dns update secret' => 'Secret:',
 'dhcp fixed lease err1' => 'For a fix lease you have to enter the MAC address or the hostname, or you enter both.',
 'dhcp fixed lease help1' => 'IP Addresses might be entered as FQDN',
 'dhcp mode' => 'DHCP',
diff --git a/src/initscripts/init.d/dnsmasq b/src/initscripts/init.d/dnsmasq
index ce7689f..059ffac 100644
--- a/src/initscripts/init.d/dnsmasq
+++ b/src/initscripts/init.d/dnsmasq
@@ -55,6 +55,21 @@ function dns_forward_args() {
    echo "${cmdline}"
 }
+function dns_leases_args() {
+	eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
+
+	# If the DHCP server is enabled and DNS Update (RFC2136) is
+	# enabled, too, we won't overlay the internal domain with
+	# the dynamic/static leases.
+
+	if ([ "${ENABLE_GREEN}" = "on" ] || [ "${ENABLE_BLUE}" = "on" ]) \
+			&& [ "${DNS_UPDATE_ENABLED}" = "on" ]; then
+		return
+	fi
+
+	echo "-l /var/state/dhcp/dhcpd.leases"
+}
+
 case "${1}" in
    start)
    	# kill already running copy of dnsmasq...
@@ -65,7 +80,10 @@ case "${1}" in
    	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
    	ARGS="$CUSTOM_ARGS"
    	[ "$DOMAIN_NAME_GREEN" != "" ] && ARGS="$ARGS -s $DOMAIN_NAME_GREEN"
-		
+
+		# DHCP configuration
+		ARGS="${ARGS} $(dns_leases_args)"
+
    	echo > /var/ipfire/red/resolv.conf # Clear it
    	if [ -e "/var/ipfire/red/dns1" ]; then
    	    DNS1=$(cat /var/ipfire/red/dns1 2>/dev/null)
@@ -95,7 +113,7 @@ case "${1}" in
    		ARGS="${ARGS} --cache-size=${CACHE_SIZE}"
    	fi
-		loadproc /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $ARGS
+		loadproc /usr/sbin/dnsmasq ${ARGS}
    	
    	if [ "${SHOW_SRV}" -eq 1 ] && [ "${DNS1}" != "" -o "${DNS2}" != "" ]; then
    	    boot_mesg "Using DNS server(s): ${DNS1} ${DNS2}"
hooks/post-receive
--
IPFire 2.x development tree

    