dnsmasq: migrate to MVC/API, backend work for #8329

plist

@@ -319,9 +319,16 @@
 /usr/local/opnsense/mvc/app/controllers/OPNsense/Diagnostics/forms/ping.xml
 /usr/local/opnsense/mvc/app/controllers/OPNsense/Diagnostics/forms/portprobe.xml
 /usr/local/opnsense/mvc/app/controllers/OPNsense/Diagnostics/forms/traceroute.xml
+/usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/Api/LeasesController.php
 /usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/Api/ServiceController.php
 /usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/Api/SettingsController.php
-/usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/IndexController.php
+/usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/LeasesController.php
+/usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/SettingsController.php
+/usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/dialogDHCPboot.xml
+/usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/dialogDHCPmatch.xml
+/usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/dialogDHCPoption.xml
+/usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/dialogDHCPrange.xml
+/usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/dialogDHCPtag.xml
 /usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/dialogDomainOverride.xml
 /usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/dialogHostOverride.xml
 /usr/local/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/forms/general.xml
@@ -920,7 +927,8 @@
 /usr/local/opnsense/mvc/app/views/OPNsense/Diagnostics/traffic.volt
 /usr/local/opnsense/mvc/app/views/OPNsense/Diagnostics/treeview.volt
 /usr/local/opnsense/mvc/app/views/OPNsense/Diagnostics/vip.volt
-/usr/local/opnsense/mvc/app/views/OPNsense/Dnsmasq/index.volt
+/usr/local/opnsense/mvc/app/views/OPNsense/Dnsmasq/leases.volt
+/usr/local/opnsense/mvc/app/views/OPNsense/Dnsmasq/settings.volt
 /usr/local/opnsense/mvc/app/views/OPNsense/Firewall/alias.volt
 /usr/local/opnsense/mvc/app/views/OPNsense/Firewall/alias_util.volt
 /usr/local/opnsense/mvc/app/views/OPNsense/Firewall/category.volt
@@ -1071,12 +1079,14 @@
 /usr/local/opnsense/scripts/dhcp/cleanup_leases4.php
 /usr/local/opnsense/scripts/dhcp/cleanup_leases6.php
 /usr/local/opnsense/scripts/dhcp/dnsmasq_watcher.py
+/usr/local/opnsense/scripts/dhcp/get_dnsmasq_leases.py
 /usr/local/opnsense/scripts/dhcp/get_kea_leases.py
 /usr/local/opnsense/scripts/dhcp/get_leases.py
 /usr/local/opnsense/scripts/dhcp/get_leases6.py
 /usr/local/opnsense/scripts/dhcp/prefixes.php
 /usr/local/opnsense/scripts/dhcp/prefixes.sh
 /usr/local/opnsense/scripts/dhcp/unbound_watcher.py
+/usr/local/opnsense/scripts/dns/dnsmasq_dhcp_options.py
 /usr/local/opnsense/scripts/dns/query_dns.py
 /usr/local/opnsense/scripts/filter/delete_table.py
 /usr/local/opnsense/scripts/filter/download_geoip.py
@@ -1379,6 +1389,9 @@
 /usr/local/opnsense/service/templates/OPNsense/Captiveportal/rc.conf.d
 /usr/local/opnsense/service/templates/OPNsense/Cron/+TARGETS
 /usr/local/opnsense/service/templates/OPNsense/Cron/user.cron
+/usr/local/opnsense/service/templates/OPNsense/Dnsmasq/+TARGETS
+/usr/local/opnsense/service/templates/OPNsense/Dnsmasq/dnsmasq.conf
+/usr/local/opnsense/service/templates/OPNsense/Dnsmasq/trust-anchors.conf
 /usr/local/opnsense/service/templates/OPNsense/Filter/+TARGETS
 /usr/local/opnsense/service/templates/OPNsense/Filter/filter_geoip.conf
 /usr/local/opnsense/service/templates/OPNsense/Filter/filter_tables.conf

src/etc/inc/plugins.inc.d/dnsmasq.inc

@@ -1,6 +1,7 @@
 <?php
 
 /*
+ * Copyright (C) Deciso B.V.
  * Copyright (C) 2014-2023 Franco Fichtner <[email protected]>
  * Copyright (C) 2010 Ermal Luçi
  * Copyright (C) 2005-2006 Colin Smith <[email protected]>
@@ -40,8 +41,7 @@ function dnsmasq_configure()
 {
     return [
         'dns' => ['dnsmasq_configure_do'],
-        'local' => ['dnsmasq_configure_do'],
-        'newwanip' => ['dnsmasq_configure_do'],
+        'local' => ['dnsmasq_configure_do']
     ];
 }
 
@@ -103,100 +103,9 @@ function dnsmasq_configure_do($verbose = false)
 
     service_log('Starting Dnsmasq DNS...', $verbose);
 
-    $args = '';
-    if (!isset($config['system']['webgui']['nodnsrebindcheck'])) {
-        $args .= '--rebind-localhost-ok --stop-dns-rebind';
-    }
-
-    $args .= ' -H /var/etc/dnsmasq-hosts ';
-    $args .= ' -H /var/etc/dnsmasq-leases ';
-
-    /* Setup listen port, if non-default */
-    if (isset($config['dnsmasq']['port']) && is_port($config['dnsmasq']['port'])) {
-        $args .= " --port={$config['dnsmasq']['port']} ";
-    }
-
-    if (!empty($config['dnsmasq']['interface'])) {
-        $ifs = [];
-        foreach (explode(',', $config['dnsmasq']['interface']) as $ifname) {
-            if (!empty($config['interfaces'][$ifname]) && !empty($config['interfaces'][$ifname]['if'])) {
-                $ifs[] = $config['interfaces'][$ifname]['if'];
-            }
-        }
-        $args .= " --interface=" . implode(',', $ifs) . " ";
-
-        if (!empty($addresses) && !empty($config['dnsmasq']['strictbind'])) {
-            $args .= ' --bind-interfaces ';
-        }
-    }
-
-    if (!empty($config['dnsmasq']['no_private_reverse'])) {
-        $args .= ' --bogus-priv ';
-    }
-
-    foreach (config_read_array('dnsmasq', 'domainoverrides') as $override) {
-        $ip = $override['ip'];
-        if (!empty($ip) && !empty($override['port'])) {
-            $ip .= '#' . $override['port'];
-        }
-        if (!empty($ip) && !empty($override['srcip'])) {
-            $ip .= '@' . $override['srcip'];
-        }
-
-        $args .= ' --server=' . escapeshellarg('/' . $override['domain'] . '/' . $ip);
-
-        if (!isset($config['system']['webgui']['nodnsrebindcheck'])) {
-            $args .= ' --rebind-domain-ok=' . escapeshellarg('/' . $override['domain'] . '/') . ' ';
-        }
-    }
-
-    if (!empty($config['dnsmasq']['strict_order'])) {
-        $args .= ' --strict-order ';
-    } else {
-        $args .= ' --all-servers ';
-    }
-
-    if (!empty($config['dnsmasq']['domain_needed'])) {
-        $args .= ' --domain-needed ';
-    }
-
-    if (!empty($config['dnsmasq']['dnssec'])) {
-        $args .= ' --dnssec ';
-        $args .= ' --trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D ';
-        $args .= ' --trust-anchor=.,38696,8,2,683D2D0ACB8C9B712A1948B27F741219298D0A450D612C483AF444A4C0FB2B16 ';
-    }
-
-    if (!empty($config['dnsmasq']['log_queries'])) {
-        $args .= ' --log-queries=extra ';
-    }
-
-    if (!empty($config['dnsmasq']['no_hosts'])) {
-        $args .= ' --no-hosts ';
-    }
-
-    if (!empty($config['dnsmasq']['dns_forward_max'])) {
-        $args .= " --dns-forward-max={$config['dnsmasq']['dns_forward_max']} ";
-    } else {
-        $args .= ' --dns-forward-max=5000 ';
-    }
-
-    if (!empty($config['dnsmasq']['cache_size'])) {
-        $args .= " --cache-size={$config['dnsmasq']['cache_size']} ";
-    } else {
-        $args .= ' --cache-size=10000 ';
-    }
-
-    if (!empty($config['dnsmasq']['local_ttl'])) {
-        $args .= " --local-ttl={$config['dnsmasq']['local_ttl']} ";
-    } else {
-        $args .= ' --local-ttl=1 ';
-    }
-
-    $args .= ' --conf-dir=/usr/local/etc/dnsmasq.conf.d,\*.conf ';
-
     _dnsmasq_add_host_entries();
 
-    mwexec("/usr/local/sbin/dnsmasq {$args}");
+    mwexec("/usr/local/sbin/dnsmasq");
 
     if (!empty($config['dnsmasq']['regdhcp'])) {
         $domain = $config['system']['domain'];
@@ -222,10 +131,13 @@ function _dnsmasq_add_host_entries()
     }
 
     foreach ($dnsmasqcfg['hosts'] as $host) {
-        if (!empty($host['host'])) {
+        if (!empty($host['host']) && empty($host['domain'])) {
+            $lhosts .= "{$host['ip']}\t{$host['host']}\n";
+        } elseif (!empty($host['host'])) {
             /* XXX: The question is if we do want "host" as a global alias */
             $lhosts .= "{$host['ip']}\t{$host['host']}.{$host['domain']} {$host['host']}\n";
         } else {
+            /* XXX: shouldn't happen? */
             $lhosts .= "{$host['ip']}\t{$host['domain']}\n";
         }
         if (!empty($host['aliases'])) {

src/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/Api/LeasesController.php

@@ -0,0 +1,79 @@
+<?php
+
+/*
+ * Copyright (C) 2025 Deciso B.V.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+ namespace OPNsense\Dnsmasq\Api;
+
+use OPNsense\Base\ApiControllerBase;
+use OPNsense\Core\Backend;
+use OPNsense\Core\Config;
+
+class LeasesController extends ApiControllerBase
+{
+    public function searchAction()
+    {
+        $selected_interfaces = $this->request->get('selected_interfaces');
+        $backend = new Backend();
+        $interfaces = [];
+
+        $leases = json_decode($backend->configdpRun('dnsmasq list leases'), true) ?? [];
+        $ifconfig = json_decode($backend->configdRun('interface list ifconfig'), true);
+        $mac_db = json_decode($backend->configdRun('interface list macdb'), true) ?? [];
+
+        $ifmap = [];
+        foreach (Config::getInstance()->object()->interfaces->children() as $if => $if_props) {
+            $ifmap[(string)$if_props->if] = [
+                'descr' => (string)$if_props->descr ?: strtoupper($if),
+                'key' => $if
+            ];
+        }
+
+        if (!empty($leases) && isset($leases['records'])) {
+            $records = $leases['records'];
+            foreach ($records as &$record) {
+                $record['if_descr'] = '';
+                $record['if_name'] = '';
+                if (!empty($record['if']) && isset($ifmap[$record['if']])) {
+                    $record['if_descr'] = $ifmap[$record['if']]['descr'];
+                    $record['if_name'] = $ifmap[$record['if']]['key'];
+                    $interfaces[$ifmap[$record['if']]['key']] = $ifmap[$record['if']]['descr'];
+                }
+                $mac = strtoupper(substr(str_replace(':', '', $record['hwaddr']), 0, 6));
+                $record['mac_info'] = isset($mac_db[$mac]) ? $mac_db[$mac] : '';
+            }
+        } else {
+            $records = [];
+        }
+
+        $response = $this->searchRecordsetBase($records, null, 'address', function ($key) use ($selected_interfaces) {
+            return empty($selected_interfaces) || in_array($key['if_name'], $selected_interfaces);
+        });
+
+        $response['interfaces'] = $interfaces;
+        return $response;
+    }
+}

src/opnsense/mvc/app/controllers/OPNsense/Dnsmasq/Api/ServiceController.php

@@ -37,7 +37,7 @@
 class ServiceController extends ApiMutableServiceControllerBase
 {
     protected static $internalServiceClass = '\OPNsense\Dnsmasq\Dnsmasq';
-    //protected static $internalServiceTemplate = 'OPNsense/Dnsmasq';
+    protected static $internalServiceTemplate = 'OPNsense/Dnsmasq';
     protected static $internalServiceEnabled = 'enable';
     protected static $internalServiceName = 'dnsmasq';
 }