[PATCH 4/4] add a contrib script for setting up pdns-recursor
Corey Hickey
bugfood-ml at fatooh.org
Wed Aug 31 22:17:50 PDT 2016
There is currently no corresponding restoration script; that could be
added if desired, but the current intented behavior is to cause failure
of requests that would otherwise go over the VPN if the VPN were
connected.
---
contrib/hooks/modify-resolvconf.d/pdns-forward-zones | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
create mode 100644 contrib/hooks/modify-resolvconf.d/pdns-forward-zones
diff --git a/contrib/hooks/modify-resolvconf.d/pdns-forward-zones b/contrib/hooks/modify-resolvconf.d/pdns-forward-zones
new file mode 100644
index 0000000..84e4d24
--- /dev/null
+++ b/contrib/hooks/modify-resolvconf.d/pdns-forward-zones
@@ -0,0 +1,20 @@
+# This hook sets up pdns-recursor to forward specific zones to the VPNs name
+# server(s). The script uses $CISCO_DEF_DOMAIN; other zones can be added
+# manually to /etc/powerdns/forward-zones.in.
+#
+# The pdns-recursor configuration needs the following line:
+# forward-zones-file=/etc/powerdns/forward-zones
+
+(
+ # put all of this within a subshell to avoid altering the calling
+ # environment
+ file=/etc/powerdns/forward-zones
+ forward="$(echo "$INTERNAL_IP4_DNS" | sed 's/ +/, /g')"
+ (
+ [ -f "$file.in" ] && cat "$file.in"
+ for domain in $CISCO_DEF_DOMAIN ; do
+ echo "$domain=$forward"
+ done
+ ) > "$file.tmp" || exit 1
+ mv "$file.tmp" "$file" || exit 2
+)
--
2.9.3
More information about the openconnect-devel
mailing list