mirror of
https://github.com/pi-hole/web.git
synced 2026-02-15 07:25:39 +00:00
Improve interface settings (#2011)
* Change wording in the "Interface Listening Behavior" box (renamed to simply "Interface settings") to address issue #2009 Signed-off-by: DL6ER <dl6er@dl6er.de> * Clarify interface listening behavior. Add fourth (new) option it actually bind to an interface. Signed-off-by: DL6ER <dl6er@dl6er.de> * Improve .no-danger-area and .danger-area CSS Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER
GitHub
@@ -332,6 +332,10 @@ function addStaticDHCPLease($mac, $ip, $hostname) {
|
||||
{
|
||||
$DNSinterface = "single";
|
||||
}
|
||||
elseif($_POST["DNSinterface"] === "bind")
|
||||
{
|
||||
$DNSinterface = "bind";
|
||||
}
|
||||
elseif($_POST["DNSinterface"] === "all")
|
||||
{
|
||||
$DNSinterface = "all";
|
||||
|
||||
53
settings.php
53
settings.php
@@ -132,6 +132,8 @@ if (isset($setupVars["DNSSEC"])) {
|
||||
if (isset($setupVars["DNSMASQ_LISTENING"])) {
|
||||
if ($setupVars["DNSMASQ_LISTENING"] === "single") {
|
||||
$DNSinterface = "single";
|
||||
} elseif ($setupVars["DNSMASQ_LISTENING"] === "bind") {
|
||||
$DNSinterface = "bind";
|
||||
} elseif ($setupVars["DNSMASQ_LISTENING"] === "all") {
|
||||
$DNSinterface = "all";
|
||||
} else {
|
||||
@@ -830,34 +832,45 @@ if (isset($_GET['tab']) && in_array($_GET['tab'], array("sysadmin", "dns", "piho
|
||||
<div class="col-lg-6">
|
||||
<div class="box box-warning">
|
||||
<div class="box-header with-border">
|
||||
<h1 class="box-title">Interface listening behavior</h1>
|
||||
<h1 class="box-title">Interface settings</h1>
|
||||
</div>
|
||||
<div class="box-body">
|
||||
<div class="row">
|
||||
<div class="col-lg-12">
|
||||
<div class="form-group">
|
||||
<div>
|
||||
<input type="radio" name="DNSinterface" id="DNSinterface1" value="local"
|
||||
<?php if ($DNSinterface == "local"){ ?>checked<?php } ?>>
|
||||
<label for="DNSinterface1"><strong>Listen on all interfaces</strong><br>Allows only queries from devices that are at most one hop away (local devices)</label>
|
||||
<div class="no-danger-area">
|
||||
<h4>Recommended setting</h4>
|
||||
<div>
|
||||
<input type="radio" name="DNSinterface" id="DNSinterface1" value="local"
|
||||
<?php if ($DNSinterface == "local"){ ?>checked<?php } ?>>
|
||||
<label for="DNSinterface1"><strong>Allow only local requests</strong><br>Allows only queries from devices that are at most one hop away (local devices)</label>
|
||||
</div>
|
||||
</div>
|
||||
<div>
|
||||
<input type="radio" name="DNSinterface" id="DNSinterface2" value="single"
|
||||
<?php if ($DNSinterface == "single"){ ?>checked<?php } ?>>
|
||||
<label for="DNSinterface2"><strong>Listen only on interface <?php echo htmlentities($piHoleInterface); ?></strong></label>
|
||||
</div>
|
||||
<div>
|
||||
<input type="radio" name="DNSinterface" id="DNSinterface3" value="all"
|
||||
<?php if ($DNSinterface == "all"){ ?>checked<?php } ?>>
|
||||
<label for="DNSinterface3"><strong>Listen on all interfaces, permit all origins</strong></label>
|
||||
<div class="danger-area">
|
||||
<h4>Potentially dangerous options</h4>Make sure your Pi-hole is properly firewalled!
|
||||
<div>
|
||||
<input type="radio" name="DNSinterface" id="DNSinterface2" value="single"
|
||||
<?php if ($DNSinterface == "single"){ ?>checked<?php } ?>>
|
||||
<label for="DNSinterface2"><strong>Respond only on interface <?php echo htmlentities($piHoleInterface); ?></strong></label>
|
||||
</div>
|
||||
<div>
|
||||
<input type="radio" name="DNSinterface" id="DNSinterface3" value="bind"
|
||||
<?php if ($DNSinterface == "bind"){ ?>checked<?php } ?>>
|
||||
<label for="DNSinterface3"><strong>Bind only to interface <?php echo htmlentities($piHoleInterface); ?></strong></label>
|
||||
</div>
|
||||
<div>
|
||||
<input type="radio" name="DNSinterface" id="DNSinterface4" value="all"
|
||||
<?php if ($DNSinterface == "all"){ ?>checked<?php } ?>>
|
||||
<label for="DNSinterface4"><strong>Permit all origins</strong></label>
|
||||
</div>
|
||||
<p>These options are dangerous on devices
|
||||
directly connected to the Internet such as cloud instances and are only safe if your
|
||||
Pi-hole is properly firewalled. In a typical at-home setup where your Pi-hole is
|
||||
located within your local network (and you have <strong>not</strong> forwarded port 53
|
||||
in your router!) they are safe to use.</p>
|
||||
</div>
|
||||
</div>
|
||||
<p>Note that the last option should not be used on devices which are
|
||||
directly connected to the Internet. This option is safe if your
|
||||
Pi-hole is located within your local network, i.e. protected behind
|
||||
your router, and you have not forwarded port 53 to this device. In
|
||||
virtually all other cases you have to make sure that your Pi-hole is
|
||||
properly firewalled.</p>
|
||||
<p>See <a href="https://docs.pi-hole.net/ftldns/interfaces/" target="_blank">our documentation</a> for further technical details.</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -441,3 +441,21 @@ td.details-control {
|
||||
.navbar-nav {
|
||||
height: 50px;
|
||||
}
|
||||
|
||||
.no-danger-area {
|
||||
margin: 0.5em 0 1em;
|
||||
border-left: 2px solid green;
|
||||
border-right: 2px solid green;
|
||||
padding: 1px 1em 0.5em;
|
||||
box-shadow: 0 0 2px -1px #bbb;
|
||||
border-radius: 6px;
|
||||
}
|
||||
|
||||
.danger-area {
|
||||
margin: 0.5em 0 1em;
|
||||
border-left: 2px solid red;
|
||||
border-right: 2px solid red;
|
||||
padding: 1px 1em 0.5em;
|
||||
box-shadow: 0 0 2px -1px #bbb;
|
||||
border-radius: 6px;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user