luci-mod-admin-full: Add DNSSEC dnsmasq option

[project/luci.git] / modules / luci-mod-admin-full / luasrc / model / cbi / admin_network / dhcp.lua

diff --git a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/dhcp.lua b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/dhcp.lua
index 4dc52ad..7bbc28c 100644 (file)
--- a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/dhcp.lua
+++ b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/dhcp.lua
@@ -2,6 +2,8 @@
 -- Licensed to the public under the Apache License 2.0.
 
 local ipc = require "luci.ip"
+local o
+require "luci.util"
 
 m = Map("dhcp", translate("DHCP and DNS"),
        translate("Dnsmasq is a combined <abbr title=\"Dynamic Host Configuration Protocol" ..
@@ -70,6 +72,19 @@ s:taboption("advanced", Flag, "localise_queries",
        translate("Localise queries"),
        translate("Localise hostname depending on the requesting subnet if multiple IPs are available"))
 
+local have_dnssec_support = luci.util.checklib("/usr/sbin/dnsmasq", "libhogweed.so")
+
+if have_dnssec_support then
+       o = s:taboption("advanced", Flag, "dnssec",
+               translate("DNSSEC"))
+       o.optional = true
+
+       o = s:taboption("advanced", Flag, "dnsseccheckunsigned",
+               translate("DNSSEC check unsigned"),
+               translate("Requires upstream supports DNSSEC; verify unsigned domain responses really come from unsigned domains"))
+       o.optional = true
+end
+
 s:taboption("general", Value, "local",
        translate("Local server"),
        translate("Local domain specification. Names matching this domain are never forwarded and are resolved from DHCP or hosts files only"))
@@ -135,7 +150,7 @@ rd = s:taboption("general", DynamicList, "rebind_domain",
        translate("List of domains to allow RFC1918 responses for"))
 
 rd:depends("rebind_protection", "1")
-rd.datatype = "host"
+rd.datatype = "host(1)"
 rd.placeholder = "ihost.netflix.com"
 
 
@@ -215,7 +230,9 @@ s = m:section(TypedSection, "host", translate("Static Leases"),
                "only hosts with a corresponding lease are served.") .. "<br />" ..
        translate("Use the <em>Add</em> Button to add a new lease entry. The <em>MAC-Address</em> " ..
                "indentifies the host, the <em>IPv4-Address</em> specifies to the fixed address to " ..
-               "use and the <em>Hostname</em> is assigned as symbolic name to the requesting host."))
+               "use and the <em>Hostname</em> is assigned as symbolic name to the requesting host. " ..
+               "The optional <em>Lease time</em> can be used to set non-standard host-specific " ..
+               "lease time, e.g. 12h, 3d or infinite."))
 
 s.addremove = true
 s.anonymous = true
@@ -232,6 +249,9 @@ mac.rmempty  = true
 ip = s:option(Value, "ip", translate("<abbr title=\"Internet Protocol Version 4\">IPv4</abbr>-Address"))
 ip.datatype = "or(ip4addr,'ignore')"
 
+time = s:option(Value, "leasetime", translate("Lease time"))
+time.rmempty  = true
+
 hostid = s:option(Value, "hostid", translate("<abbr title=\"Internet Protocol Version 6\">IPv6</abbr>-Suffix (hex)"))
 
 ipc.neighbors({ family = 4 }, function(n)