s.anonymous = true;
s.addremove = false;
- s.tab('general', _('General Settings'));
- s.tab('relay', _('Relay'));
- s.tab('files', _('Resolv and Hosts Files'));
- s.tab('pxe_tftp', _('PXE/TFTP Settings'));
- s.tab('advanced', _('Advanced Settings'));
+
+
+ s.tab('general', _('General'));
+ s.tab('devices', _('Devices & Ports'));
+ s.tab('dnssecopt', _('DNSSEC'));
+ s.tab('filteropts', _('Filter'));
+ s.tab('forward', _('Forwards'));
+ s.tab('limits', _('Limits'));
+ s.tab('logging', _('Log'));
+ s.tab('files', _('Resolv & Hosts Files'));
s.tab('leases', _('Static Leases'));
s.tab('hosts', _('Hostnames'));
+ s.tab('ipsets', _('IP Sets'));
+ s.tab('relay', _('Relay'));
s.tab('srvhosts', _('SRV'));
s.tab('mxhosts', _('MX'));
- s.tab('ipsets', _('IP Sets'));
+ s.tab('pxe_tftp', _('PXE/TFTP'));
- s.taboption('general', form.Flag, 'domainneeded',
+ s.taboption('filteropts', form.Flag, 'domainneeded',
_('Domain required'),
_('Do not forward DNS queries without dots or domain parts.'));
_('Local domain'),
_('Local domain suffix appended to DHCP names and hosts file entries.'));
- o = s.taboption('general', form.Flag, 'logqueries',
+ s.taboption('general', form.Flag, 'expandhosts',
+ _('Expand hosts'),
+ _('Add local domain suffix to names served from hosts files.'));
+
+ o = s.taboption('logging', form.Flag, 'logqueries',
_('Log queries'),
_('Write received DNS queries to syslog.'));
o.optional = true;
- o = s.taboption('general', form.DynamicList, 'server',
+ o = s.taboption('forward', form.DynamicList, 'server',
_('DNS forwardings'),
_('List of upstream resolvers to forward queries to.'));
o.optional = true;
o.optional = true;
o.placeholder = '/example.org/ipset,ipset6';
- o = s.taboption('general', form.Flag, 'rebind_protection',
+ o = s.taboption('filteropts', form.Flag, 'rebind_protection',
_('Rebind protection'),
_('Discard upstream responses containing <a href="%s">RFC1918</a> addresses.').format('https://www.rfc-editor.org/rfc/rfc1918') + '<br />' +
_('Discard also upstream responses containing <a href="%s">RFC4193</a>, Link-Local and private IPv4-Mapped <a href="%s">RFC4291</a> IPv6 Addresses.').format('https://www.rfc-editor.org/rfc/rfc4193', 'https://www.rfc-editor.org/rfc/rfc4291'));
o.rmempty = false;
- o = s.taboption('general', form.Flag, 'rebind_localhost',
+ o = s.taboption('filteropts', form.Flag, 'rebind_localhost',
_('Allow localhost'),
_('Exempt <code>127.0.0.0/8</code> and <code>::1</code> from rebinding checks, e.g. for RBL services.'));
o.depends('rebind_protection', '1');
- o = s.taboption('general', form.DynamicList, 'rebind_domain',
+ o = s.taboption('filteropts', form.DynamicList, 'rebind_domain',
_('Domain whitelist'),
_('List of domains to allow RFC1918 responses for.'));
o.depends('rebind_protection', '1');
o.placeholder = 'ihost.netflix.com';
o.validate = validateAddressList;
- o = s.taboption('general', form.Flag, 'localservice',
+ o = s.taboption('filteropts', form.Flag, 'localservice',
_('Local service only'),
_('Accept DNS queries only from hosts whose address is on a local subnet.'));
o.optional = false;
o.rmempty = false;
- o = s.taboption('general', form.Flag, 'nonwildcard',
+ o = s.taboption('devices', form.Flag, 'nonwildcard',
_('Non-wildcard'),
_('Bind dynamically to interfaces rather than wildcard address.'));
o.default = o.enabled;
o.optional = false;
o.rmempty = true;
- o = s.taboption('general', widgets.NetworkSelect, 'interface',
+ o = s.taboption('devices', widgets.NetworkSelect, 'interface',
_('Listen interfaces'),
_('Listen only on the specified interfaces, and loopback if not excluded explicitly.'));
o.multiple = true;
o.nocreate = true;
- o = s.taboption('general', widgets.NetworkSelect, 'notinterface',
+ o = s.taboption('devices', widgets.NetworkSelect, 'notinterface',
_('Exclude interfaces'),
_('Do not listen on the specified interfaces.'));
o.loopback = true;
o.placeholder = '/tmp/resolv.conf.d/resolv.conf.auto';
o.optional = true;
+ o = s.taboption('files', form.Flag, 'strictorder',
+ _('Strict order'),
+ _('Query upstream resolvers in the order they appear in the resolv file.'));
+ o.optional = true;
+
o = s.taboption('files', form.Flag, 'nohosts',
_('Ignore <code>/etc/hosts</code>'));
o.optional = true;
o.optional = true;
o.placeholder = '/etc/dnsmasq.hosts';
- o = s.taboption('advanced', form.Flag, 'quietdhcp',
+ o = s.taboption('logging', form.Flag, 'quietdhcp',
_('Suppress logging'),
_('Suppress logging of the routine operation for the DHCP protocol.'));
o.optional = true;
+ o.depends('logdhcp', '0');
- o = s.taboption('advanced', form.Flag, 'sequential_ip',
+ o = s.taboption('general', form.Flag, 'sequential_ip',
_('Allocate IPs sequentially'),
_('Allocate IP addresses sequentially, starting from the lowest available address.'));
o.optional = true;
- o = s.taboption('advanced', form.Flag, 'boguspriv',
+ o = s.taboption('filteropts', form.Flag, 'boguspriv',
_('Filter private'),
_('Do not forward reverse lookups for local networks.'));
o.default = o.enabled;
- s.taboption('advanced', form.Flag, 'filterwin2k',
+ s.taboption('filteropts', form.Flag, 'filterwin2k',
_('Filter SRV/SOA service discovery'),
_('Filters SRV/SOA service discovery, to avoid triggering dial-on-demand links.') + '<br />' +
_('May prevent VoIP or other services from working.'));
- o = s.taboption('advanced', form.Flag, 'filter_aaaa',
+ o = s.taboption('filteropts', form.Flag, 'filter_aaaa',
_('Filter IPv6 AAAA records'),
_('Remove IPv6 addresses from the results and only return IPv4 addresses.') + '<br />' +
_('Can be useful if ISP has IPv6 nameservers but does not provide IPv6 routing.'));
o.optional = true;
- o = s.taboption('advanced', form.Flag, 'filter_a',
+ o = s.taboption('filteropts', form.Flag, 'filter_a',
_('Filter IPv4 A records'),
_('Remove IPv4 addresses from the results and only return IPv6 addresses.'));
o.optional = true;
- s.taboption('advanced', form.Flag, 'localise_queries',
+ s.taboption('filteropts', form.Flag, 'localise_queries',
_('Localise queries'),
_('Return answers to DNS queries matching the subnet from which the query was received if multiple IPs are available.'));
if (L.hasSystemFeature('dnsmasq', 'dnssec')) {
- o = s.taboption('advanced', form.Flag, 'dnssec',
+ o = s.taboption('dnssecopt', form.Flag, 'dnssec',
_('DNSSEC'),
_('Validate DNS replies and cache DNSSEC data, requires upstream to support DNSSEC.'));
o.optional = true;
- o = s.taboption('advanced', form.Flag, 'dnsseccheckunsigned',
+ o = s.taboption('dnssecopt', form.Flag, 'dnsseccheckunsigned',
_('DNSSEC check unsigned'),
_('Verify unsigned domain responses really come from unsigned domains.'));
o.default = o.enabled;
o.optional = true;
}
- s.taboption('advanced', form.Flag, 'expandhosts',
- _('Expand hosts'),
- _('Add local domain suffix to names served from hosts files.'));
-
- s.taboption('advanced', form.Flag, 'nonegcache',
+ s.taboption('filteropts', form.Flag, 'nonegcache',
_('No negative cache'),
_('Do not cache negative replies, e.g. for non-existent domains.'));
- o = s.taboption('advanced', form.Value, 'serversfile',
+ o = s.taboption('forward', form.Value, 'serversfile',
_('Additional servers file'),
_('File listing upstream resolvers, optionally domain-specific, e.g. <code>server=1.2.3.4</code>, <code>server=/domain/1.2.3.4</code>.'));
o.placeholder = '/etc/dnsmasq.servers';
- o = s.taboption('advanced', form.Flag, 'strictorder',
- _('Strict order'),
- _('Upstream resolvers will be queried in the order of the resolv file.'));
- o.optional = true;
-
- o = s.taboption('advanced', form.Flag, 'allservers',
+ o = s.taboption('general', form.Flag, 'allservers',
_('All servers'),
- _('Query all available upstream resolvers.'));
+ _('Query all available upstream resolvers.') + ' ' + _('First answer wins.'));
o.optional = true;
- o = s.taboption('advanced', form.DynamicList, 'bogusnxdomain',
+ o = s.taboption('filteropts', form.DynamicList, 'bogusnxdomain',
_('IPs to override with NXDOMAIN'),
_('List of IP addresses to convert into NXDOMAIN responses.'));
o.optional = true;
o.placeholder = '64.94.110.11';
- o = s.taboption('advanced', form.Value, 'port',
+ o = s.taboption('devices', form.Value, 'port',
_('DNS server port'),
_('Listening port for inbound DNS queries.'));
o.optional = true;
o.datatype = 'port';
o.placeholder = 53;
- o = s.taboption('advanced', form.Value, 'queryport',
+ o = s.taboption('devices', form.Value, 'queryport',
_('DNS query port'),
_('Fixed source port for outbound DNS queries.'));
o.optional = true;
o.datatype = 'port';
o.placeholder = _('any');
- o = s.taboption('advanced', form.Value, 'dhcpleasemax',
+ o = s.taboption('limits', form.Value, 'dhcpleasemax',
_('Max. DHCP leases'),
_('Maximum allowed number of active DHCP leases.'));
o.optional = true;
o.datatype = 'uinteger';
- o.placeholder = _('unlimited');
+ o.placeholder = 150;
- o = s.taboption('advanced', form.Value, 'ednspacket_max',
+ o = s.taboption('limits', form.Value, 'ednspacket_max',
_('Max. EDNS0 packet size'),
_('Maximum allowed size of EDNS0 UDP packets.'));
o.optional = true;
o.datatype = 'uinteger';
o.placeholder = 1280;
- o = s.taboption('advanced', form.Value, 'dnsforwardmax',
+ o = s.taboption('limits', form.Value, 'dnsforwardmax',
_('Max. concurrent queries'),
_('Maximum allowed number of concurrent DNS queries.'));
o.optional = true;
o.datatype = 'uinteger';
o.placeholder = 150;
- o = s.taboption('advanced', form.Value, 'cachesize',
+ o = s.taboption('limits', form.Value, 'cachesize',
_('Size of DNS query cache'),
_('Number of cached DNS entries, 10000 is maximum, 0 is no caching.'));
o.optional = true;
projects / project / luci.git / commitdiff