fergalmoran/DnsServer
1
0
Fork 0
mirror of https://github.com/fergalmoran/DnsServer.git synced 2026-01-06 08:45:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

webapp: updated index page with ip addresses of DoH url in the DNS client tab server dropdown. Added TSIG Keys html in settings. Updated settings html for query rate limiting changes. Other minor changes done.

Browse Source
This commit is contained in:
Shreyas Zare
2021-08-07 12:52:11 +05:30
parent 89def6f294
commit c5bc1d743b
1 changed files with 67 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
DnsServerCore/www/index.html
View File

@@ -582,8 +582,8 @@
<li><a href="#">Cloudflare TLS {cloudflare-dns.com (1.0.0.1:853)}</a></li>
<li><a href="#">Cloudflare TLS {cloudflare-dns.com ([2606:4700:4700::1111]:853)}</a></li>
<li><a href="#">Cloudflare TLS {cloudflare-dns.com ([2606:4700:4700::1001]:853)}</a></li>
<li><a href="#">Cloudflare HTTPS {https://cloudflare-dns.com/dns-query}</a></li>
<li><a href="#">Cloudflare HTTPS-JSON {https://cloudflare-dns.com/dns-query}</a></li>
<li><a href="#">Cloudflare HTTPS {https://cloudflare-dns.com/dns-query (1.1.1.1)}</a></li>
<li><a href="#">Cloudflare HTTPS-JSON {https://cloudflare-dns.com/dns-query (1.1.1.1)}</a></li>
<li><a href="#">Google {8.8.8.8}</a></li>
<li><a href="#">Google {8.8.4.4}</a></li>
<li><a href="#">Google {[2001:4860:4860::8888]}</a></li>
@@ -592,18 +592,18 @@
<li><a href="#">Google TLS {dns.google (8.8.4.4:853)}</a></li>
<li><a href="#">Google TLS {dns.google ([2001:4860:4860::8888]:853)}</a></li>
<li><a href="#">Google TLS {dns.google ([2001:4860:4860::8844]:853)}</a></li>
<li><a href="#">Google HTTPS {https://dns.google/dns-query}</a></li>
<li><a href="#">Google HTTPS-JSON {https://dns.google/resolve}</a></li>
<li><a href="#">Google HTTPS {https://dns.google/dns-query (8.8.8.8)}</a></li>
<li><a href="#">Google HTTPS-JSON {https://dns.google/resolve (8.8.8.8)}</a></li>
<li><a href="#">Quad9 Secure {9.9.9.9}</a></li>
<li><a href="#">Quad9 Secure {[2620:fe::fe]}</a></li>
<li><a href="#">Quad9 Secure TLS {dns.quad9.net (9.9.9.9:853)}</a></li>
<li><a href="#">Quad9 Secure TLS {dns.quad9.net ([2620:fe::fe]:853)}</a></li>
<li><a href="#">Quad9 Secure HTTPS {https://dns.quad9.net/dns-query}</a></li>
<li><a href="#">Quad9 Secure HTTPS {https://dns.quad9.net/dns-query (9.9.9.9)}</a></li>
<li><a href="#">Quad9 Unsecure {9.9.9.10}</a></li>
<li><a href="#">Quad9 Unsecure {[2620:fe::10]}</a></li>
<li><a href="#">Quad9 Unsecure TLS {dns10.quad9.net (9.9.9.10:853)}</a></li>
<li><a href="#">Quad9 Unsecure TLS {dns10.quad9.net ([2620:fe::10]:853)}</a></li>
<li><a href="#">Quad9 Unsecure HTTPS {https://dns10.quad9.net/dns-query}</a></li>
<li><a href="#">Quad9 Unsecure HTTPS {https://dns10.quad9.net/dns-query (9.9.9.10)}</a></li>
<li><a href="#">OpenDNS {208.67.222.222}</a></li>
<li><a href="#">OpenDNS {208.67.220.220}</a></li>
<li><a href="#">OpenDNS {[2620:0:ccc::2]}</a></li>
@@ -828,6 +828,27 @@
<div style="margin-top: 10px;"><a href="https://blog.technitium.com/2020/07/how-to-host-your-own-dns-over-https-and.html" target="_blank">Help: How To Host Your Own DNS-over-HTTPS And DNS-over-TLS Services</a></div>
</div>
<div class="well well-sm form-horizontal">
<div class="form-group">
<label for="tableTsigKeys" class="col-sm-3 control-label">TSIG Keys</label>
<div class="col-sm-9">
<table class="table table-hover" style="margin-bottom: 0px;">
<thead>
<tr>
<th>Key Name</th>
<th>Shared Secret</th>
<th><button type="button" class="btn btn-default" style="padding: 0px 20px;" onclick="addTsigKeyRow('', '');">Add</button></th>
</tr>
</thead>
<tbody id="tableTsigKeys"></tbody>
</table>
</div>
<div class="col-sm-offset-3 col-sm-8" style="padding-top: 5px;">The shared secret can be a base64 string or a literal string. Keep the shared secret empty if you want to auto generate a strong key.</div>
</div>
<div>Note! You will need to select these TSIG keys for zone transfer in the zone options separately. This DNS server supports hmac-md5, hmac-sha1, hmac-sha256 (recommended), hmac-sha256-128, hmac-sha384, hmac-sha384-192, hmac-sha512, and hmac-sha512-256 algorithms.</div>
</div>
<div class="well well-sm form-horizontal">
<div class="form-group">
<label class="col-sm-3 control-label">IPv6 Support</label>
@@ -969,12 +990,21 @@
<div class="well well-sm form-horizontal">
<div class="form-group">
<label for="txtQpmLimit" class="col-sm-3 control-label">Queries Per Minute (QPM) Limit</label>
<label for="txtQpmLimitRequests" class="col-sm-3 control-label">Queries Per Minute (QPM) Limit (Requests)</label>
<div class="col-sm-6">
<input type="number" class="form-control" id="txtQpmLimit" placeholder="limit" style="width: 100px; display: inline;">
<input type="number" class="form-control" id="txtQpmLimitRequests" placeholder="limit" style="width: 100px; display: inline;">
<span>(set 0 to disable)</span>
</div>
<div class="col-sm-offset-3 col-sm-8" style="padding-top: 5px;">The maximum queries a client can make per minute on average based on the sample size.</div>
<div class="col-sm-offset-3 col-sm-8" style="padding-top: 5px;">The maximum queries a client subnet can make per minute on average based on the sample size.</div>
</div>
<div class="form-group">
<label for="txtQpmLimitErrors" class="col-sm-3 control-label">Queries Per Minute (QPM) Limit (Errors)</label>
<div class="col-sm-6">
<input type="number" class="form-control" id="txtQpmLimitErrors" placeholder="limit" style="width: 100px; display: inline;">
<span>(set 0 to disable)</span>
</div>
<div class="col-sm-offset-3 col-sm-8" style="padding-top: 5px;">The maximum queries that generate an error response a client subnet can make per minute on average based on the sample size. Responses with RCODE as FormatError, ServerFailure, or Refused are considered as error responses.</div>
</div>
<div class="form-group">
@@ -987,15 +1017,24 @@
</div>
<div class="form-group">
<label for="txtQpmLimitSamplingIntervalInMinutes" class="col-sm-3 control-label">QPM Sampling Interval</label>
<label for="txtQpmLimitIPv4PrefixLength" class="col-sm-3 control-label">QPM Limit IPv4 Prefix Length</label>
<div class="col-sm-6">
<input type="number" class="form-control" id="txtQpmLimitSamplingIntervalInMinutes" placeholder="interval" style="width: 100px; display: inline;">
<span>minutes (valid range 1-60; default 1)</span>
<input type="number" class="form-control" id="txtQpmLimitIPv4PrefixLength" placeholder="prefix" style="width: 100px; display: inline;">
<span>(valid range 0-32; default 24)</span>
</div>
<div class="col-sm-offset-3 col-sm-8" style="padding-top: 5px;">The interval to sample client query stats.</div>
<div class="col-sm-offset-3 col-sm-8" style="padding-top: 5px;">The IPv4 prefix length to define the client subnet.</div>
</div>
<div>Note! Queries Per Minute (QPM) feature will limit requests from a client based on its IP address. The QPM limit configured will be compared with the average count from the sample size which means a client may exceed the QPM limit for a given minute but won't exceed for the given sample size in minutes. Additionally, any client hitting QPM limit for Refused responses will be automatically blocked for 12 hours.</div>
<div class="form-group">
<label for="txtQpmLimitIPv6PrefixLength" class="col-sm-3 control-label">QPM Limit IPv6 Prefix Length</label>
<div class="col-sm-6">
<input type="number" class="form-control" id="txtQpmLimitIPv6PrefixLength" placeholder="prefix" style="width: 100px; display: inline;">
<span>(valid range 0-64; default 56)</span>
</div>
<div class="col-sm-offset-3 col-sm-8" style="padding-top: 5px;">The IPv6 prefix length to define the client subnet.</div>
</div>
<div>Note! Queries Per Minute (QPM) feature will limit requests from a client subnet based on its IP address and the specified subnet prefix lengths. The QPM limit configured will be compared with the average count from the sample size which means a client may exceed the QPM limit for a given minute but won't exceed for the given sample size in minutes.</div>
</div>
<div class="well well-sm form-horizontal">
@@ -1922,8 +1961,8 @@
<div class="col-sm-7">
<textarea id="txtAddZonePrimaryNameServerAddresses" class="form-control" rows="3" placeholder="192.168.1.1
2001:db8::
ns1.example.com (192.168.1.1:853)
ns1.example.com ([2001:db8::]:853)
ns1.example.com (192.168.1.1)
ns1.example.com ([2001:db8::])
"></textarea>
</div>
</div>
@@ -2178,8 +2217,8 @@ ns1.example.com ([2001:db8::]:853)
<div class="col-sm-7">
<textarea id="txtEditRecordDataSoaPrimaryAddresses" class="form-control" rows="3" placeholder="192.168.1.1
2001:db8::
ns1.example.com (192.168.1.1:853)
ns1.example.com ([2001:db8::]:853)
ns1.example.com (192.168.1.1)
ns1.example.com ([2001:db8::])
"></textarea>
</div>
</div>
@@ -2372,7 +2411,7 @@ ns1.example.com ([2001:db8::]:853)
<div class="form-group">
<label for="txtAddEditRecordDataData" class="col-sm-4 control-label">Record Data (if any)</label>
<div class="col-sm-7">
<textarea id="txtAddEditRecordDataData" class="form-control" rows="6"></textarea>
<textarea id="txtAddEditRecordDataData" class="form-control" rows="6" spellcheck="false"></textarea>
</div>
</div>
</div>
@@ -2497,23 +2536,17 @@ ns1.example.com ([2001:db8::]:853)
<div class="well well-sm form-horizontal">
<div class="form-group">
<label for="tableZoneOptionsTsigKeys" class="col-sm-3 control-label">TSIG Keys</label>
<div class="col-sm-9">
<table class="table table-hover" style="margin-bottom: 0px;">
<thead>
<tr>
<th>Key Name</th>
<th>Shared Secret</th>
<th><button type="button" class="btn btn-default" style="padding: 0px 20px;" onclick="addZoneOptionsTsigKeyRow('', '');">Add</button></th>
</tr>
</thead>
<tbody id="tableZoneOptionsTsigKeys"></tbody>
</table>
<label for="txtZoneOptionsZoneTransferTsigKeyNames" class="col-sm-3 control-label">Zone Transfer TSIG Key Names</label>
<div class="col-sm-6">
<textarea id="txtZoneOptionsZoneTransferTsigKeyNames" class="form-control" rows="3"></textarea>
<label for="optZoneOptionsQuickTsigKeyNames" class="control-label">Quick Add</label>
<select id="optZoneOptionsQuickTsigKeyNames" class="form-control" style="width: 100%;">
</select>
</div>
<div class="col-sm-offset-3 col-sm-8" style="padding-top: 5px;">The shared secret can be a base64 string or a literal string. Keep the shared secret empty if you want to auto generate a strong key.</div>
</div>
<div>Note! TSIG allows authenticating requests when at least one key is configured. A secondary zone must be configured with one of the above keys to be able to perform zone transfer. This server supports hmac-md5, hmac-sha1, hmac-sha256 (recommended), hmac-sha256-128, hmac-sha384, hmac-sha384-192, hmac-sha512, and hmac-sha512-256 algorithms.</div>
<div>Note! Entering one or more TSIG key names above will cause the DNS server to authenticate all zone transfer requests. A secondary zone must be configured with one of the above keys to be able to perform a zone transfer.</div>
</div>
</div>
@@ -2703,7 +2736,7 @@ ns1.example.com ([2001:db8::]:853)
<div class="form-group">
<label for="txtAppConfig" class="control-label">Config File</label>
<textarea id="txtAppConfig" class="form-control" rows="15"></textarea>
<textarea id="txtAppConfig" class="form-control" rows="15" spellcheck="false"></textarea>
</div>
<p>Note: The app will reload the config automatically after you save it.</p>