#!/bin/sh #---------------------------------------------------------------------------- # /etc/ppp/ip-up200.dns __FLI4LVER__ # # called whenever an IPv4 PPP connection over default circuit has come up # and dnsmasq is installed # # Creation: 2007-11-293 lanspezi # Last Update: $Id$ #---------------------------------------------------------------------------- # back up etc/resolv.dnsmasq to etc/resolv.dnsmasq.bak # if provider supports sending ip(s) of dns server(s) #---------------------------------------------------------------------------- . /etc/rc.d/helper-dns_dnsmasq.sh # $1 = IPv4 network address # output = 0 if it is a private address according to RFC 1918, 1 otherwise is_private() { case $1 in 10.*.*.*) return 0 ;; 192.168.*.*) return 0 ;; 172.*.*.*) set -- ${1//./ } [ $2 -ge 16 -a $2 -lt 32 ] && return 0 ;; esac return 1 } # $1 = IPv4 address of DNS upstream server # result = 0 if the router is part of the same subnet, 1 otherwise # output = network the DNS upstream server is part of (if function returns 0) is_part_of_lan() { local net for net in $(get_local_ipv4_subnets) do local mask=${net#*/} local dnsnet=$(netcalc network "$1/$mask") if [ "$dnsnet/$mask" = "$net" ] then echo "$net" return 0 fi done return 1 } # $1 = DNS server to add # expects $resolv_file to contain the file where the DNS server is to be added # expects $bogus_priv_file to contain the address ranges to be exempted from # being forwarded to upstream DNS servers # creates $bogus_priv_file~ as a backup file if an address range has to be deleted add_dns_server() { echo "nameserver $1" >> $resolv_file echo "using nameserver $1" if is_private "$1" then local lan=$(is_part_of_lan "$1") if [ -n "$lan" ] then # use ~ suffix such that dnsmasq skips this file if [ ! -f $bogus_priv_file~ ] then cp $bogus_priv_file $bogus_priv_file~ fi dns_remove_private_subnet $lan echo " forwarding $(netcalc dnsrev ${lan%/*}) to $1" fi fi } # is a default-route-interface going up? if [ "$is_default_route" = "yes" ] then # $interface.usepeerdns existing? if [ -f /var/run/$interface.usepeerdns ] then read usepeerdns < /var/run/$interface.usepeerdns else usepeerdns='no' fi if [ "$usepeerdns" = "yes" ] then # pppd sets DNS1 and DNS2 if [ "$DNS1" -o "$DNS2" ] then resolv_file=/etc/resolv.dnsmasq delegation_file=/etc/dnsmasq.d/dns_delegate.conf bogus_priv_file=$dns_private_subnets if lock_resource $(basename $resolv_file) ip-up200.dns then if [ ! -f $resolv_file.bak ] then mv $resolv_file $resolv_file.bak echo "# x_USEPEERDNS is set" > $resolv_file chown dns:dns $resolv_file fi for dns in $DNS1 $DNS2 do add_dns_server $dns done if [ -f $bogus_priv_file~ ] then dns_update_private_subnets fi if [ -n "$DNSDOMAIN" ] then cp $delegation_file $delegation_file~ echo "rebind-domain-ok=/$DNSDOMAIN/" >> $delegation_file fi if [ -f $delegation_file~ -o -f $bogus_priv_file~ ] then killall dnsmasq sleep 1 dnsmasq else killall -HUP dnsmasq fi unlock_resource $(basename $resolv_file) ip-up200.dns fi else echo "The DHCPv4 server didn't send any nameserver addresses, DNS forwarders not changed" fi else echo "Using peer DNS servers disabled for $interface" fi fi