diff options
Diffstat (limited to 'advanced/Scripts/webpage.sh')
-rwxr-xr-x | advanced/Scripts/webpage.sh | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index c8dfb129..600a45a5 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -16,6 +16,7 @@ readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf" readonly FTLconf="/etc/pihole/pihole-FTL.conf" # 03 -> wildcards readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf" +readonly PI_HOLE_BIN_DIR="/usr/local/bin" coltable="/opt/pihole/COL_TABLE" if [[ -f ${coltable} ]]; then @@ -274,7 +275,7 @@ Reboot() { } RestartDNS() { - /usr/local/bin/pihole restartdns + "${PI_HOLE_BIN_DIR}"/pihole restartdns } SetQueryLogOptions() { @@ -363,6 +364,14 @@ EnableDHCP() { delete_dnsmasq_setting "dhcp-" delete_dnsmasq_setting "quiet-dhcp" + # If a DHCP client claims that its name is "wpad", ignore that. + # This fixes a security hole. see CERT Vulnerability VU#598349 + # We also ignore "localhost" as Windows behaves strangely if a + # device claims this host name + add_dnsmasq_setting "dhcp-name-match=set:hostname-ignore,wpad +dhcp-name-match=set:hostname-ignore,localhost +dhcp-ignore-names=tag:hostname-ignore" + ProcessDHCPSettings RestartDNS |