Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2025-12-22 19:58:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1208 from pi-hole/new/rev-server

Browse Source 
Improve conditional forwarding settings
This commit is contained in:
Adam Warner
2020-07-02 10:51:41 +01:00
committed by GitHub
parent 40a3974faa 156b7b4efa
commit c42c06be2d
3 changed files with 130 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
scripts/pi-hole/js/settings.js
View File

@@ -229,17 +229,6 @@ $(function () {
$('[data-toggle="tooltip"]').tooltip({ html: true, container: "body" }); $('[data-toggle="tooltip"]').tooltip({ html: true, container: "body" });
}); });
// Change "?tab=" parameter in URL for save and reload
$(".nav-tabs a").on("shown.bs.tab", function (e) {
var tab = e.target.hash.substring(1);
window.history.pushState("", "", "?tab=" + tab);
if (tab === "piholedhcp") {
window.location.reload();
}
window.scrollTo(0, 0);
});
// Auto dismissal for info notifications // Auto dismissal for info notifications
$(function () { $(function () {
var alInfo = $("#alInfo"); var alInfo = $("#alInfo");
@@ -255,6 +244,25 @@ $(function () {
input.setAttribute("autocorrect", "off"); input.setAttribute("autocorrect", "off");
input.setAttribute("autocapitalize", "off"); input.setAttribute("autocapitalize", "off");
input.setAttribute("spellcheck", false); input.setAttribute("spellcheck", false);
// En-/disable conditional forwarding input fields based
// on the checkbox state
$('input[name="rev_server"]').click(function () {
$('input[name="rev_server_cidr"]').prop("disabled", !this.checked);
$('input[name="rev_server_target"]').prop("disabled", !this.checked);
$('input[name="rev_server_domain"]').prop("disabled", !this.checked);
});
});
// Change "?tab=" parameter in URL for save and reload
$(".nav-tabs a").on("shown.bs.tab", function (e) {
var tab = e.target.hash.substring(1);
window.history.pushState("", "", "?tab=" + tab);
if (tab === "piholedhcp") {
window.location.reload();
}
window.scrollTo(0, 0);
}); });
// Bar/Smooth chart toggle // Bar/Smooth chart toggle

59
scripts/pi-hole/php/savesettings.php
View File

@@ -19,6 +19,30 @@ function validIP($address){
return !filter_var($address, FILTER_VALIDATE_IP) === false; return !filter_var($address, FILTER_VALIDATE_IP) === false;
} }
function validCIDRIP($address){
// This validation strategy has been taken from ../js/groups-common.js
$isIPv6 = strpos($address, ":") !== false;
if($isIPv6) {
// One IPv6 element is 16bit: 0000 - FFFF
$v6elem = "[0-9A-Fa-f]{1,4}";
// CIDR for IPv6 is any multiple of 4 from 4 up to 128 bit
$v6cidr = "(4";
for ($i=8; $i <= 128; $i+=4) {
$v6cidr .= "|$i";
}
$v6cidr .= ")";
$validator = "/^(((?:$v6elem))((?::$v6elem))*::((?:$v6elem))((?::$v6elem))*|((?:$v6elem))((?::$v6elem)){7})\/$v6cidr$/";
return preg_match($validator, $address);
} else {
// One IPv4 element is 8bit: 0 - 256
$v4elem = "(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)";
// Note that rev-server accepts only /8, /16, /24, and /32
$allowedv4cidr = "(8|16|24|32)";
$validator = "/^$v4elem\.$v4elem\.$v4elem\.$v4elem\/$allowedv4cidr$/";
return preg_match($validator, $address);
}
}
// Check for existance of variable // Check for existance of variable
// and test it only if it exists // and test it only if it exists
function istrue(&$argument) { function istrue(&$argument) {
@@ -325,28 +349,35 @@ function addStaticDHCPLease($mac, $ip, $hostname) {
$extra .= "no-dnssec"; $extra .= "no-dnssec";
} }
// Check if Conditional Forwarding is requested // Check if rev-server is requested
if(isset($_POST["conditionalForwarding"])) if(isset($_POST["rev_server"]))
{ {
$conditionalForwardingIP = trim($_POST["conditionalForwardingIP"]); // Validate CIDR IP
$conditionalForwardingDomain = trim($_POST["conditionalForwardingDomain"]); $cidr = trim($_POST["rev_server_cidr"]);
if (!validCIDRIP($cidr))
// Validate conditional forwarding IP
if (!validIP($conditionalForwardingIP))
{ {
$error .= "Conditional forwarding IP (".htmlspecialchars($conditionalForwardingIP).") is invalid!<br>"; $error .= "Conditional forwarding subnet (\"".htmlspecialchars($cidr)."\") is invalid!<br>".
"This field requires CIDR notation for local subnets (e.g., 192.168.0.0/16).<br>".
"Please use only subnets /8, /16, /24, and /32.<br>";
} }
// Validate conditional forwarding domain name // Validate target IP
if(!validDomain($conditionalForwardingDomain)) $target = trim($_POST["rev_server_target"]);
if (!validIP($target))
{ {
$error .= "Conditional forwarding domain name (".htmlspecialchars($conditionalForwardingDomain).") is invalid!<br>"; $error .= "Conditional forwarding target IP (\"".htmlspecialchars($target)."\") is invalid!<br>";
} }
// Validate conditional forwarding domain name (empty is okay)
$domain = trim($_POST["rev_server_domain"]);
if(strlen($domain) > 0 && !validDomain($domain))
{
$error .= "Conditional forwarding domain name (\"".htmlspecialchars($domain)."\") is invalid!<br>";
}
if(!$error) if(!$error)
{ {
$addressArray = explode(".", $conditionalForwardingIP); $extra .= " rev-server ".$cidr." ".$target." ".$domain;
$reverseAddress = $addressArray[2].".".$addressArray[1].".".$addressArray[0].".in-addr.arpa";
$extra .= " conditional_forwarding ".$conditionalForwardingIP." ".$conditionalForwardingDomain." $reverseAddress";
} }
} }

72
settings.php
View File

@@ -164,12 +164,13 @@ if (isset($setupVars["DNSMASQ_LISTENING"])) {
} else { } else {
$DNSinterface = "single"; $DNSinterface = "single";
} }
if (isset($setupVars["CONDITIONAL_FORWARDING"]) && ($setupVars["CONDITIONAL_FORWARDING"] == 1)) { if (isset($setupVars["REV_SERVER"]) && ($setupVars["REV_SERVER"] == 1)) {
$conditionalForwarding = true; $rev_server = true;
$conditionalForwardingDomain = $setupVars["CONDITIONAL_FORWARDING_DOMAIN"]; $rev_server_cidr = $setupVars["REV_SERVER_CIDR"];
$conditionalForwardingIP = $setupVars["CONDITIONAL_FORWARDING_IP"]; $rev_server_target = $setupVars["REV_SERVER_TARGET"];
$rev_server_domain = $setupVars["REV_SERVER_DOMAIN"];
} else { } else {
$conditionalForwarding = false; $rev_server = false;
} }
?> ?>
@@ -975,36 +976,66 @@ if (isset($_GET['tab']) && in_array($_GET['tab'], array("sysadmin", "adlists", "
when enabling DNSSEC. A DNSSEC resolver test can be found when enabling DNSSEC. A DNSSEC resolver test can be found
<a href="https://dnssec.vs.uni-due.de/" rel="noopener" target="_blank">here</a>.</p> <a href="https://dnssec.vs.uni-due.de/" rel="noopener" target="_blank">here</a>.</p>
</div> </div>
<strong>Conditional Forwarding</strong> <p>Validate DNS replies and cache DNSSEC data. When forwarding DNS
<p>If not configured as your DHCP server, Pi-hole won't be able to queries, Pi-hole requests the DNSSEC records needed to validate
the replies. If a domain fails validation or the upstream does not
support DNSSEC, this setting can cause issues resolving domains.
Use Google, Cloudflare, DNS.WATCH, Quad9, or another DNS
server which supports DNSSEC when activating DNSSEC. Note that
the size of your log might increase significantly
when enabling DNSSEC. A DNSSEC resolver test can be found
<a href="https://dnssec.vs.uni-due.de/" rel="noopener" target="_blank">here</a>.</p>
<br>
<h4>Conditional forwarding</h4>
<p>If not configured as your DHCP server, Pi-hole typically won't be able to
determine the names of devices on your local network. As a determine the names of devices on your local network. As a
result, tables such as Top Clients will only show IP addresses.</p> result, tables such as Top Clients will only show IP addresses.</p>
<p>One solution for this is to configure Pi-hole to forward these <p>One solution for this is to configure Pi-hole to forward these
requests to your DHCP server (most likely your router), but only for devices on your requests to your DHCP server (most likely your router), but only for devices on your
home network. To configure this we will need to know the IP home network. To configure this we will need to know the IP
address of your DHCP server and the name of your local network.</p> address of your DHCP server and which addresses belong to your local network.
<p>Note: The local domain name must match the domain name specified Exemplary inout is given below as placeholder in the text boxes (if empty).</p>
in your DHCP server, likely found within the DHCP settings.</p> <p>If your local network spans 192.168.0.1 - 192.168.0.255, then you will have to input
<code>192.168.0.0/24</code>. If your local network is 192.168.47.1 - 192.168.47.255, it will
be <code>192.168.47.0/24</code> and similar. If your network is larger, the CIDR has to be
different, for instance a range of 10.8.0.1 - 10.8.255.255 results in <code>10.8.0.0/16</code>,
whereas an even wider network of 10.0.0.1 - 10.255.255.255 results in <code>10.0.0.0/8</code>.
Setting up IPv6 ranges is exactly similar to setting up IPv4 here and fully supported.
Feel free to reach out to us on our
<a href="https://discourse.pi-hole.net" target="_blank">Discourse forum</a>
in case you need any assistance setting up local host name resolution for your particular system.</p>
<p>You can also specify a local domain name (like <code>fritz.box</code>) to ensure queries to
devices ending in your local domain name will not leave your network, however, this is optional.
The local domain name must match the domain name specified
in your DHCP server for this to work. You can likely find it within the DHCP settings.</p>
<div class="form-group">
<div> <div>
<input type="checkbox" name="conditionalForwarding" id="conditionalForwarding" value="conditionalForwarding" <?php if(isset($conditionalForwarding) && ($conditionalForwarding == true)){ ?>checked<?php } ?>> <input type="checkbox" name="rev_server" id="rev_server" value="rev_server" <?php if(isset($rev_server) && ($rev_server == true)){ ?>checked<?php } ?>>
<label for="conditionalForwarding"><strong>Use Conditional Forwarding</strong></label> <label for="rev_server"><strong>Use Conditional Forwarding</strong></label>
</div> </div>
<div class="input-group"> <div class="input-group">
<table class="table table-bordered"> <table class="table table-bordered">
<tr> <tr>
<th>IP of your router</th> <th>Local network in <a href="https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing" target="_blank">CIDR notation</a></th>
<th>Local domain name</th> <th>IP address of your DHCP server (router)</th>
<th>Local domain name (optional)</th>
</tr> </tr>
<tr> <tr>
<div class="input-group">
<td> <td>
<input type="text" name="conditionalForwardingIP" class="form-control" autocomplete="off" spellcheck="false" autocapitalize="none" autocorrect="off" <input type="text" name="rev_server_cidr" placeholder="192.168.0.0/16" class="form-control" autocomplete="off" spellcheck="false" autocapitalize="none" autocorrect="off"
<?php if(isset($conditionalForwardingIP)){ ?>value="<?php echo $conditionalForwardingIP; ?>"<?php } ?>> <?php if(isset($rev_server_cidr)){ ?>value="<?php echo $rev_server_cidr; ?>"<?php } ?>
<?php if(!isset($rev_server) || !$rev_server){ ?>disabled<?php } ?>>
</td> </td>
<td><input type="text" name="conditionalForwardingDomain" class="form-control" data-mask autocomplete="off" spellcheck="false" autocapitalize="none" autocorrect="off" <td>
<?php if(isset($conditionalForwardingDomain)){ ?>value="<?php echo $conditionalForwardingDomain; ?>"<?php } ?>> <input type="text" name="rev_server_target" placeholder="192.168.0.1" class="form-control" autocomplete="off" spellcheck="false" autocapitalize="none" autocorrect="off"
<?php if(isset($rev_server_target)){ ?>value="<?php echo $rev_server_target; ?>"<?php } ?>
<?php if(!isset($rev_server) || !$rev_server){ ?>disabled<?php } ?>>
</td>
<td>
<input type="text" name="rev_server_domain" placeholder="local" class="form-control" data-mask autocomplete="off" spellcheck="false" autocapitalize="none" autocorrect="off"
<?php if(isset($rev_server_domain)){ ?>value="<?php echo $rev_server_domain; ?>"<?php } ?>
<?php if(!isset($rev_server) || !$rev_server){ ?>disabled<?php } ?>>
</td> </td>
</div>
</tr> </tr>
</table> </table>
</div> </div>
@@ -1012,6 +1043,7 @@ if (isset($_GET['tab']) && in_array($_GET['tab'], array("sysadmin", "adlists", "
</div> </div>
</div> </div>
</div> </div>
</div>
<input type="hidden" name="field" value="DNS"> <input type="hidden" name="field" value="DNS">
<input type="hidden" name="token" value="<?php echo $token ?>"> <input type="hidden" name="token" value="<?php echo $token ?>">
<button type="submit" class="btn btn-primary pull-right">Save</button> <button type="submit" class="btn btn-primary pull-right">Save</button>