From d7e750bda055a22ac60aa2e4a07394f1a93c7ea7 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 20 Dec 2021 21:38:00 +0100 Subject: [PATCH] Improve interface settings (#2011) * Change wording in the "Interface Listening Behavior" box (renamed to simply "Interface settings") to address issue #2009 Signed-off-by: DL6ER * Clarify interface listening behavior. Add fourth (new) option it actually bind to an interface. Signed-off-by: DL6ER * Improve .no-danger-area and .danger-area CSS Signed-off-by: DL6ER --- scripts/pi-hole/php/savesettings.php | 4 +++ settings.php | 53 +++++++++++++++++----------- style/pi-hole.css | 18 ++++++++++ 3 files changed, 55 insertions(+), 20 deletions(-) diff --git a/scripts/pi-hole/php/savesettings.php b/scripts/pi-hole/php/savesettings.php index 4e423d7a..edfd72b8 100644 --- a/scripts/pi-hole/php/savesettings.php +++ b/scripts/pi-hole/php/savesettings.php @@ -332,6 +332,10 @@ function addStaticDHCPLease($mac, $ip, $hostname) { { $DNSinterface = "single"; } + elseif($_POST["DNSinterface"] === "bind") + { + $DNSinterface = "bind"; + } elseif($_POST["DNSinterface"] === "all") { $DNSinterface = "all"; diff --git a/settings.php b/settings.php index 54d8843a..db06e11c 100644 --- a/settings.php +++ b/settings.php @@ -132,6 +132,8 @@ if (isset($setupVars["DNSSEC"])) { if (isset($setupVars["DNSMASQ_LISTENING"])) { if ($setupVars["DNSMASQ_LISTENING"] === "single") { $DNSinterface = "single"; + } elseif ($setupVars["DNSMASQ_LISTENING"] === "bind") { + $DNSinterface = "bind"; } elseif ($setupVars["DNSMASQ_LISTENING"] === "all") { $DNSinterface = "all"; } else { @@ -830,34 +832,45 @@ if (isset($_GET['tab']) && in_array($_GET['tab'], array("sysadmin", "dns", "piho
-

Interface listening behavior

+

Interface settings

-
- checked> - +
+

Recommended setting

+
+ checked> + +
-
- checked> - -
-
- checked> - +
+

Potentially dangerous options

Make sure your Pi-hole is properly firewalled! +
+ checked> + +
+
+ checked> + +
+
+ checked> + +
+

These options are dangerous on devices + directly connected to the Internet such as cloud instances and are only safe if your + Pi-hole is properly firewalled. In a typical at-home setup where your Pi-hole is + located within your local network (and you have not forwarded port 53 + in your router!) they are safe to use.

-

Note that the last option should not be used on devices which are - directly connected to the Internet. This option is safe if your - Pi-hole is located within your local network, i.e. protected behind - your router, and you have not forwarded port 53 to this device. In - virtually all other cases you have to make sure that your Pi-hole is - properly firewalled.

+

See our documentation for further technical details.

diff --git a/style/pi-hole.css b/style/pi-hole.css index b797c723..b2ab0ef8 100644 --- a/style/pi-hole.css +++ b/style/pi-hole.css @@ -441,3 +441,21 @@ td.details-control { .navbar-nav { height: 50px; } + +.no-danger-area { + margin: 0.5em 0 1em; + border-left: 2px solid green; + border-right: 2px solid green; + padding: 1px 1em 0.5em; + box-shadow: 0 0 2px -1px #bbb; + border-radius: 6px; +} + +.danger-area { + margin: 0.5em 0 1em; + border-left: 2px solid red; + border-right: 2px solid red; + padding: 1px 1em 0.5em; + box-shadow: 0 0 2px -1px #bbb; + border-radius: 6px; +}