fergalmoran/DnsServer
1
0
Fork 0
mirror of https://github.com/fergalmoran/DnsServer.git synced 2026-01-06 16:53:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

webapp: implemented DoT and DoH settings.

Browse Source
This commit is contained in:
Shreyas Zare
2019-03-02 20:08:57 +05:30
parent d4ac5130a4
commit dbf858799e
2 changed files with 127 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
DnsServerCore/www/index.html
View File

@@ -801,50 +801,123 @@
<div class="col-sm-6">
<textarea id="txtdnsServerLocalAddresses" class="form-control" rows="3"></textarea>
</div>
<label class="col-sm-3 control-label">&nbsp;</label>
<div class="col-sm-8" style="padding-top: 5px;">Local addresses are the network interface IP addresses you want the DNS Server to listen for requests.</div>
</div>
<div>To apply web service port and DNS Server local address changes, you need to manually restart the main service.</div>
<div>To apply web service port and DNS Server local address changes, you will need to manually restart the main service.</div>
</div>
<div class="well well-sm">
<div class="form-group" style="margin-bottom: 0px;">
<div class="checkbox">
<label>
<input id="chkPreferIPv6" type="checkbox"> Prefer IPv6
</label>
<div class="well well-sm form-horizontal">
<div class="form-group">
<label class="col-sm-3 control-label">Web Service Feature</label>
<div class="col-sm-8">
<div class="checkbox">
<label>
<input id="chkEnableDoHOnWebService" type="checkbox"> Enable DNS-over-HTTP On This Web Service
</label>
</div>
<div style="padding-top: 5px;">Use <i>http://<span id="lblDoHHost">localhost:5380</span>/dns-query</i> URL with a reverse proxy for both wire and json formats.</div>
</div>
<div>Use this option only if this DNS server has native IPv6 Internet access. DNS Server will use IPv6 for querying whenever possible with this option enabled.</div>
</div>
<div>This feature does not have TLS termination and will work only on private networks. It is intended to be used with an TLS terminating reverse proxy like nginx.</div>
</div>
<div class="well well-sm">
<div class="form-group" style="margin-bottom: 0px;">
<div class="checkbox">
<label>
<input id="chkLogQueries" type="checkbox"> Log All Queries
</label>
</div>
<div class="well well-sm form-horizontal">
<div class="form-group">
<label class="col-sm-3 control-label">Protocols</label>
<div class="col-sm-8">
<div class="checkbox">
<label>
<input id="chkEnableDoT" type="checkbox"> Enable DNS-over-TLS
</label>
</div>
<div style="padding-top: 5px;">Enable this option to accept DNS-over-TLS requests.</div>
<div>Use this option to log every query received by this DNS Server and the corresponding response answers into the log file. Enabling this option will significantly increase the log file size. Error and audit logs are enabled by default.</div>
<div class="checkbox">
<label>
<input id="chkEnableDoH" type="checkbox"> Enable DNS-over-HTTPS
</label>
</div>
<div style="padding-top: 5px;">Enable this option to accept DNS-over-HTTPS requests for both wire and json formats.</div>
</div>
</div>
<div class="form-group">
<label for="txtTlsCertificatePath" class="col-sm-3 control-label">TLS Certificate File Path</label>
<div class="col-sm-6">
<input type="text" class="form-control" id="txtTlsCertificatePath" placeholder="TLS Certificate File Path On Server">
</div>
<label class="col-sm-3 control-label">&nbsp;</label>
<div class="col-sm-8" style="padding-top: 5px;">Specify a PKCS #12 certificate (.pfx) file path on the server. The certificate must contain private key.</div>
</div>
<div class="form-group">
<label for="txtTlsCertificatePassword" class="col-sm-3 control-label">TLS Certificate Password</label>
<div class="col-sm-6">
<input type="password" class="form-control" id="txtTlsCertificatePassword" placeholder="TLS Certificate Password">
</div>
<label class="col-sm-3 control-label">&nbsp;</label>
<div class="col-sm-8" style="padding-top: 5px;">Enter the certificate (.pfx) password, if any.</div>
</div>
<div>To enable or disable these protocols, you will need to manually restart the main service. For DNS-over-TLS, use <i>tls-certificate-domain:853</i> and for DNS-over-HTTPS use <i>https://tls-certificate-domain/dns-query</i> to configure supported DNS clients.</div>
</div>
<div class="well well-sm">
<div class="form-group" style="margin-bottom: 0px;">
<div class="checkbox">
<label>
<input id="chkAllowRecursion" type="checkbox"> Allow Recursion
</label>
<div class="well well-sm form-horizontal">
<div class="form-group">
<label class="col-sm-3 control-label">IPv6 Support</label>
<div class="col-sm-8">
<div class="checkbox">
<label>
<input id="chkPreferIPv6" type="checkbox"> Prefer IPv6
</label>
</div>
<div style="padding-top: 5px;">DNS Server will use IPv6 for querying whenever possible with this option enabled.</div>
</div>
<div class="checkbox">
<label>
<input id="chkAllowRecursionOnlyForPrivateNetworks" type="checkbox"> Allow Recursion Only For Private Networks
</label>
</div>
<div>Enabling recursion will allow this DNS server to resolve any domain and act as a general purpose DNS server. Disable this option if you wish this server to act only as authoritative name server for the configured zones. Enable recursion only for private networks option if you do not what the DNS server to support recursion over Internet but want to support it on private networks.</div>
</div>
<div>Use this option only if this DNS server has native IPv6 Internet access otherwise it will affect performance.</div>
</div>
<div class="well well-sm form-horizontal">
<div class="form-group">
<label class="col-sm-3 control-label">Logging</label>
<div class="col-sm-8">
<div class="checkbox">
<label>
<input id="chkLogQueries" type="checkbox"> Log All Queries
</label>
</div>
<div style="padding-top: 5px;">Enable this option to log every query received by this DNS Server and the corresponding response answers into the log file.</div>
</div>
</div>
<div>Enabling query logging will significantly increase the log file size. Error and audit logs are enabled by default.</div>
</div>
<div class="well well-sm form-horizontal">
<div class="form-group">
<label class="col-sm-3 control-label">Recursive Resolver</label>
<div class="col-sm-8">
<div class="checkbox">
<label>
<input id="chkAllowRecursion" type="checkbox"> Allow Recursion
</label>
</div>
<div style="padding-top: 5px;">Enable recursion to allow this DNS Server to resolve any domain name.</div>
<div class="checkbox">
<label>
<input id="chkAllowRecursionOnlyForPrivateNetworks" type="checkbox"> Allow Recursion Only For Private Networks
</label>
</div>
<div style="padding-top: 5px;">Enable this option if you want to support recursion only on private networks. Any recursive request from public network will be refused.</div>
</div>
</div>
<div>Disable recursion if you wish this server to act only as authoritative name server for the configured zones.</div>
</div>
<div class="well well-sm form-horizontal">

28
DnsServerCore/www/js/main.js
View File

@@ -97,11 +97,11 @@ $(function () {
var itemText = $(this).text();
$(this).closest('.dropdown').find('input').val(itemText);
if (itemText.indexOf("TLS") !== -1)
if ((itemText.indexOf("TLS") !== -1) || (itemText.indexOf(":853") !== -1))
$("#optDnsClientProtocol").val("TLS");
else if (itemText.indexOf("HTTPS-JSON") !== -1)
$("#optDnsClientProtocol").val("HttpsJson");
else if (itemText.indexOf("HTTPS") !== -1)
else if ((itemText.indexOf("HTTPS") !== -1) || (itemText.indexOf("http://") !== -1) || (itemText.indexOf("https://") !== -1))
$("#optDnsClientProtocol").val("Https");
else {
switch ($("#optDnsClientProtocol").val()) {
@@ -349,6 +349,8 @@ $(function () {
refreshDashboard();
});
$("#lblDoHHost").text(window.location.host);
showPageLogin();
login("admin", "admin");
});
@@ -509,7 +511,7 @@ function loadDnsSettings() {
HTTPRequest({
url: "/api/getDnsSettings?token=" + token,
success: function (responseJSON) {
document.title = "Technitium DNS Server " + responseJSON.response.version + " - " + responseJSON.response.serverDomain;
document.title = "Technitium DNS Server v" + responseJSON.response.version + " - " + responseJSON.response.serverDomain;
$("#lblAboutVersion").text(responseJSON.response.version);
$("#txtServerDomain").val(responseJSON.response.serverDomain);
@@ -530,6 +532,16 @@ function loadDnsSettings() {
$("#txtdnsServerLocalAddresses").val(value);
}
$("#chkEnableDoHOnWebService").prop("checked", responseJSON.response.enableDoHOnWebService);
$("#chkEnableDoT").prop("checked", responseJSON.response.enableDoT);
$("#chkEnableDoH").prop("checked", responseJSON.response.enableDoH);
$("#txtTlsCertificatePath").val(responseJSON.response.tlsCertificatePath);
if (responseJSON.response.tlsCertificatePath == null)
$("#txtTlsCertificatePassword").val("");
else
$("#txtTlsCertificatePassword").val(responseJSON.response.tlsCertificatePassword);
$("#chkPreferIPv6").prop("checked", responseJSON.response.preferIPv6);
$("#chkLogQueries").prop("checked", responseJSON.response.logQueries);
$("#chkAllowRecursion").prop("checked", responseJSON.response.allowRecursion);
@@ -671,6 +683,12 @@ function saveDnsSettings() {
else
$("#txtdnsServerLocalAddresses").val(dnsServerLocalAddresses.replace(/,/g, "\n"));
var enableDoHOnWebService = $("#chkEnableDoHOnWebService").prop('checked');
var enableDoT = $("#chkEnableDoT").prop('checked');
var enableDoH = $("#chkEnableDoH").prop('checked');
var tlsCertificatePath = $("#txtTlsCertificatePath").val();
var tlsCertificatePassword = $("#txtTlsCertificatePassword").val();
var preferIPv6 = $("#chkPreferIPv6").prop('checked');
var logQueries = $("#chkLogQueries").prop('checked');
var allowRecursion = $("#chkAllowRecursion").prop('checked');
@@ -704,7 +722,9 @@ function saveDnsSettings() {
var btn = $("#btnSaveDnsSettings").button('loading');
HTTPRequest({
url: "/api/setDnsSettings?token=" + token + "&serverDomain=" + serverDomain + "&webServicePort=" + webServicePort + "&dnsServerLocalAddresses=" + encodeURIComponent(dnsServerLocalAddresses) + "&preferIPv6=" + preferIPv6 + "&logQueries=" + logQueries + "&allowRecursion=" + allowRecursion + "&allowRecursionOnlyForPrivateNetworks=" + allowRecursionOnlyForPrivateNetworks + proxy + "&forwarders=" + encodeURIComponent(forwarders) + "&forwarderProtocol=" + forwarderProtocol + "&blockListUrls=" + encodeURIComponent(blockListUrls),
url: "/api/setDnsSettings?token=" + token + "&serverDomain=" + serverDomain + "&webServicePort=" + webServicePort + "&dnsServerLocalAddresses=" + encodeURIComponent(dnsServerLocalAddresses)
+ "&enableDoHOnWebService=" + enableDoHOnWebService + "&enableDoT=" + enableDoT + "&enableDoH=" + enableDoH + "&tlsCertificatePath=" + encodeURIComponent(tlsCertificatePath) + "&tlsCertificatePassword=" + encodeURIComponent(tlsCertificatePassword)
+ "&preferIPv6=" + preferIPv6 + "&logQueries=" + logQueries + "&allowRecursion=" + allowRecursion + "&allowRecursionOnlyForPrivateNetworks=" + allowRecursionOnlyForPrivateNetworks + proxy + "&forwarders=" + encodeURIComponent(forwarders) + "&forwarderProtocol=" + forwarderProtocol + "&blockListUrls=" + encodeURIComponent(blockListUrls),
success: function (responseJSON) {
document.title = "Technitium DNS Server " + responseJSON.response.version + " - " + responseJSON.response.serverDomain;
$("#lblServerDomain").text(" - " + responseJSON.response.serverDomain);