What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Search results

  1. C

    Unbound - Authoritative Recursive Caching DNS Server

    Fair enough, but it's still not needed :) Anyway thought it was worth mentioning just in case auth-zone makes it into the default unbound.conf Though if you do, then you also need an option with path to your ca-bundle option for this to work, so you have to also add... tls-cert-bundle...
  2. C

    Unbound - Authoritative Recursive Caching DNS Server

    I don't think you need this in your script as unbound downloads it for you if file doesn't exist.
  3. C

    Unbound - Authoritative Recursive Caching DNS Server

    Has this had any effect? I may be wrong, but I thought stub zones were for unbound to forward sub-domains (in your case *.rgnldo.lan) to an upstream dns server,. And as pixelserv isnt a DNS server, doesn't it just timeout and fall back to unbound to resolve - hence taking longer (until cached)...
  4. C

    Unbound - Authoritative Recursive Caching DNS Server

    I don't think it's really needed on a home device. From the unbound github page...
  5. C

    Unbound - Authoritative Recursive Caching DNS Server

    Woah, easy there Perhaps you misread my message. If, and only if, you disable dnsmasq with port=0 as I wrote, then, and only then, is diversion broken - as diversion obviously relies on dnsmasq using dns, which is actually disabled here (as opposed to redirected in your setup). I was just...
  6. C

    Unbound - Authoritative Recursive Caching DNS Server

    Well actually you're not technically disabling, just forwarding. it is possible if you want though... Set port=0 in dnsmasq.conf (via postconf) and you disable dns resolution via dnsmasq and leave dnsmasq to do dhcp only, and have unbound listen on port 53. Then to @dave14305's point, you could...
  7. C

    [$ Searching for developer$ ] Strongswan IPSec VPN (ikev2) client on asuswrt merlin

    Do you need a developer?? Have you tested the current entware version? opkg install strongswan-ipsec Sent from my Nokia 7 plus using Tapatalk
  8. C

    DDNS and DNS-O-Matic

    Or, you can use the "Custom" option and setup a script as per the wiki. See Here and Here.
  9. C

    Stubby-Installer-Asuswrt-Merlin

    He meant deprecated, not depreciated. In any case it means the stubby script you have used to install the entware verions of stubby is being superseded by @RMerlin's latest firmware (currently in beta) which has Stubby built in, and available to configure via webui. A more stable and integrated...
  10. C

    Scribe scribe - syslog-ng and logrotate installer

    Just thought I'd drop in again to mention my setup with klogd still running (I also wrote my own similar service-start script loop to kill syslogd - actually it calls scribe's own rc.func-syslog-ng, albeit an older versoin without the killall klogd) and it hasn't missed a beat. Was thinking that...
  11. C

    [Beta] Asuswrt-Merlin 384.11 Beta is now available

    If you have used the DNSFilter to send to Quad, or anything other than 'router', you likely wouldn't have seen any issues as the dns resolving is done outside your network - and not with dnsmasq where the rebind issue is.
  12. C

    [Beta] Asuswrt-Merlin 384.11 Beta is now available

    You can add an extra setting in dnsmasq.add to assist with Plex. rebind-domain-ok=/plex.direct/
  13. C

    [384.11_Alpha - builds] Testing all variants.

    It's one of many bits of network info the dhcp server (dnsmaq) can send to the client when they ask for an IP address. In this case option 42 specifes an ntp server the client should (but may choose not to) use. dnsmasq --help dhcp (or dnsmasq --help dhcp6)
  14. C

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    This is very nice and will help many people I think who may test/trial DoT in the future. Would be useful to have a similar warning/note on the LAN>DHCP page if a DNS Server is added and/or not blank.
  15. C

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    I always read that test as a "Final" Resolver Test, meaning that if you have say cloudflare selected as your end DNS resolver (in DoT or otherwise) it will come back positive, as Cloudflare support DNSSEC.
  16. C

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    I don't think ipv6 is properly integrated, yet, as the ipv6 dns servers selected in the GUI are not added to the stubby.yml file. So even if "server=::1" was added to dnsmasq, it still wouldn't resolv thru ipv6 with stubby. EDIT, though I guess stubby might just use ipv4 to resolv the request...
  17. C

    Scribe scribe - syslog-ng and logrotate installer

    Look forward to updating when I'm free. One quick thing I noticed while looking at github was a small typo on the new logrotate file "file("/opt/var/log/logroate.log");" Missing a "t".
  18. C

    [Preview] Asuswrt-Merlin 384.11 with DNS over TLS

    If you click on the Enable DNSSEC Support, is says "Make sure your WAN/ISP DNS are DNSSEC-compatible, otherwise DNS lookups will always fail.". Initially I had WAN connection troubles, but tracked it down to my having "Connect to DNS Server automatically" as YES, which created lookup issues. May...
  19. C

    Scribe scribe - syslog-ng and logrotate installer

    So no luck with the system() option as source. Still drops/mangles some logs in skynet-0.log and some cutoff logs in messages, such as.. /opt/var/log/messages Apr 14 13:34:05 RT-AC68U kernel[137]: RES=0x00 SYN URGP=0 OPT (0204054801010402) MARK=0x83c40070 Only difference to having the kernel...
  20. C

    Scribe scribe - syslog-ng and logrotate installer

    I had already tried that and it didn't help unfortunately. :( But will give another go as I was changing lots of things 1 by 1 and could have had something else conflicting... PS. A quick look at the source code (line 3852) for klog start, and it seems it is called as /sbin/klogd, so a null...
Back
Top